[Swan-dev] get rid of getnetbyname() /etc/networks?
D. Hugh Redelmeier
hugh at mimosa.com
Sun May 2 22:16:20 UTC 2021
| From: Paul Wouters <paul at nohats.ca>
| > Subject: [Swan-dev] get rid of getnetbyname() /etc/networks?
| kill it :)
| Related, there are still a few places that end up calling
| gethostbyname2() which is also obsolete and does not work for IPv6:
In what way does it not work for IPv6?
I admit that it is clumsy having to call it twice if IPv4 and IPv6 are
both acceptable. I don't know when that happens, but the code
| lib/libswan/ttoaddress.c: struct hostent *h = gethostbyname2(p, af);
| programs/showhostkey/showhostkey.c: gethostname(qname, sizeof(qname));
| The case in ttoaddress.c is the main one. Since it is used by
| ttoaddress_dns() which is used in many places, we cannot replace it
| with an async libunbound call. And to do a sync unbound call, last I
| looked at this years ago, we would have to start another libunbound
| context which gets its own cachce. Also, it would mean people can no
| longer compile without libunbound. I guess the best fix would be to
| rewrite it to use getaddrinfo() or res_ functions?
The best thing would be to actually have every resolution come with a
timeout for the answer. The resolution would need to be repeated after it
expired. Unfortunately, that would require a serious restructuring.
Maybe, if there are multiple resolutions, we need to create multiple
tunnels. But that way lies madness.
More information about the Swan-dev