This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug network/18419] add an option to resolv.conf to set all-zeros edns-client-subnet option
- From: "gvisweswaran at verisign dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Fri, 13 Nov 2015 04:13:23 +0000
- Subject: [Bug network/18419] add an option to resolv.conf to set all-zeros edns-client-subnet option
- Auto-submitted: auto-generated
- References: <bug-18419-131 at http dot sourceware dot org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=18419
--- Comment #4 from Gowri <gvisweswaran at verisign dot com> ---
Hi DKG,
That is what I did too except that I called it np-edns-client-subnet
since other options were prefixed with a Âno' but I like
client-subnet-privacy better!
The dig code I was interested in is to see if I can reuse code to
construct and add an opt record correctly.
Quick diff so farÅ
diff --git a/resolv/res_init.c b/resolv/res_init.c
index 66561ff..5c424a4 100644
--- a/resolv/res_init.c
+++ b/resolv/res_init.c
@@ -525,6 +525,7 @@ res_setoptions(res_state statp, const char *options,
const char *source) {
{ STRnLEN ("rotate"), 0, RES_ROTATE },
{ STRnLEN ("no-check-names"), 0, RES_NOCHECKNAME },
{ STRnLEN ("edns0"), 0, RES_USE_EDNS0 },
+ { STRnLEN ("no-edns-client-subnet"), 0,
RES_NOEDNSCLIENTSUBNET },
{ STRnLEN ("single-request-reopen"), 0,
RES_SNGLKUPREOP },
{ STRnLEN ("single-request"), 0, RES_SNGLKUP },
{ STRnLEN ("no_tld_query"), 0, RES_NOTLDQUERY },
diff --git a/resolv/resolv.h b/resolv/resolv.h
index 53c3bba..708b62a 100644
--- a/resolv/resolv.h
+++ b/resolv/resolv.h
@@ -215,6 +215,7 @@ struct res_sym {
#define RES_NOIP6DOTINT 0x00080000 /* Do not use .ip6.int in
IPv6
reverse lookup */
#define RES_USE_EDNS0 0x00100000 /* Use EDNS0. */
+#define RES_NOEDNSCLIENTSUBNET 0x00100001 /* Hide edns-client-subnet
from resolver */
#define RES_SNGLKUP 0x00200000 /* one outstanding request at a
time */
#define RES_SNGLKUPREOP 0x00400000 /* -"-, but open new
socket for each
request */
On 11/12/15, 11:00 PM, "dkg at fifthhorseman dot net"
<sourceware-bugzilla@sourceware.org> wrote:
>https://sourceware.org/bugzilla/show_bug.cgi?id=18419
>
>--- Comment #3 from Daniel Kahn Gillmor <dkg at fifthhorseman dot net> ---
>(In reply to Gowri from comment #2)
>> FYI, here is the patch to dig to possibly reuse the idea/code:
>> http://wilmer.gaa.st/edns-client-subnet/
>
>fwiw, these patches add a client=<addr> option to dig, which is possibly
>more
>complexity than we need to add in order to allow a simple opt-out.
>
>for a simple opt-out, we could add a boolean option to resolv.conf named
>"client-subnet-privacy". Then if there is a specific use case for a
>fancier
>implementation, it could be added separately, with the
>"client-subnet-privacy"
>becoming a shorthand for something like "client=0/0",
>
>--
>You are receiving this mail because:
>You are on the CC list for the bug.
--
You are receiving this mail because:
You are on the CC list for the bug.