Re: [PATCH] dnsmasq: allow proxying dnssec data

From: Mathieu Trudel-Lapierre <mathieu-tl ubuntu com>
To: NetworkManager mailing list <networkmanager-list gnome org>
Subject: Re: [PATCH] dnsmasq: allow proxying dnssec data
Date: Thu, 8 Mar 2012 17:22:01 -0500

On Thu, Mar 8, 2012 at 5:18 PM, Mathieu Trudel-Lapierre
<mathieu-tl ubuntu com> wrote:
> ---
>  src/dns-manager/nm-dns-dnsmasq.c |    3 ++-
>  1 files changed, 2 insertions(+), 1 deletions(-)
>
> diff --git a/src/dns-manager/nm-dns-dnsmasq.c b/src/dns-manager/nm-dns-dnsmasq.c
> index 6314438..8e216f4 100644
> --- a/src/dns-manager/nm-dns-dnsmasq.c
> +++ b/src/dns-manager/nm-dns-dnsmasq.c
> @@ -308,7 +308,8 @@ update (NMDnsPlugin *plugin,
>        argv[6] = "--listen-address=127.0.0.1"; /* Should work for both 4 and 6 */
>        argv[7] = "--conf-file=" CONFFILE;
>        argv[8] = "--cache-size=400";
> -       argv[9] = NULL;
> +       argv[9] = "--proxy-dnssec"; /* Allow DNSSEC to pass through */
> +       argv[10] = NULL;

Of course, I should have added the rationale for this>

Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/946093

This will allow DNSSEC data to be visible in browsers, which would otherwise
not be the case by default because of dnsmasq acting as a middle-man for
resolution.

Otherwise, we have a regression from the libc resolver behavior.

Mathieu Trudel-Lapierre <mathieu-tl ubuntu com>
Freenode: cyphermox, Jabber: mathieu tl gmail com
4096R/EE018C93 1967 8F7D 03A1 8F38 732E  FF82 C126 33E1 EE01 8C93

Follow-Ups:
- Re: [PATCH] dnsmasq: allow proxying dnssec data
  - From: Dan Williams

References:
- [PATCH] dnsmasq: allow proxying dnssec data
  - From: Mathieu Trudel-Lapierre

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]