From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-3.3 required=5.0 tests=MAILING_LIST_MULTI, RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: (qmail 17327 invoked from network); 14 Apr 2020 09:57:33 -0000 Received-SPF: pass (mother.openwall.net: domain of lists.openwall.com designates 195.42.179.200 as permitted sender) receiver=inbox.vuxu.org; client-ip=195.42.179.200 envelope-from= Received: from mother.openwall.net (195.42.179.200) by inbox.vuxu.org with UTF8ESMTPZ; 14 Apr 2020 09:57:33 -0000 Received: (qmail 13996 invoked by uid 550); 14 Apr 2020 09:57:30 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Reply-To: musl@lists.openwall.com Received: (qmail 13976 invoked from network); 14 Apr 2020 09:57:30 -0000 From: Florian Weimer To: Rich Felker Cc: Christian , musl@lists.openwall.com References: <9832107bf742db3145a3960c28cde867f924fe1f.camel@web.de> <4524b127ea99b2d1edcd8c91555a9af21e46a9b3.camel@web.de> <87imi32xj1.fsf@mid.deneb.enyo.de> <20200413163800.GV11469@brightrain.aerifal.cx> Date: Tue, 14 Apr 2020 11:57:17 +0200 In-Reply-To: <20200413163800.GV11469@brightrain.aerifal.cx> (Rich Felker's message of "Mon, 13 Apr 2020 12:38:00 -0400") Message-ID: <87blnuo0ea.fsf@mid.deneb.enyo.de> MIME-Version: 1.0 Content-Type: text/plain Subject: Re: [musl] Resolver routines, Postfix DNSSEC troubles - how to check for incompatibilities? * Rich Felker: > On Mon, Apr 13, 2020 at 05:52:34PM +0200, Florian Weimer wrote: >> * Christian: >> >> > So Viktor did some digging: >> > >> > "The comment on line 25: >> > >> > https://github.com/runtimejs/musl-libc/blob/master/include/resolv.h#L25 >> > >> > is not encouraging. It suggests that _res is unused. If so, Postfix >> > DNS does not work correctly with this C library. And not just for DANE, since Postfix is also unable to to control RES_DEFNAMES and RES_DNSRCH. >> >> Are these changes to the RES_DEFNAMES and RES_DNSRCH flags really >> necessary? Why doesn't Postfix use res_query (or perhaps res_send) as >> appropriate? > > But to actually answer these questions, modifying the flags is > presumably because traditional req_query builds an rfc1035 query or > edns query based on these flags derived from from resolv.conf, and > Postfix either assumes or wants to support the case where resolv.conf > is not already configured for edns, perhaps because it was generated > by a dhcp client. In my comment above, I specifically meant RES_DEFNAMES and RES_DNSRCH. RES_USE_EDNS0 seems different; I would expect applications to use their own DNS libraries if they need to access DNSSEC data and non-address record types (where there is no benefit gained form integrating with /etc/hosts or other data sources).