From 21d17080e064b25c1a4a2ce786782f6638c0b0b7 Mon Sep 17 00:00:00 2001 From: deraadt Date: Sun, 18 Oct 2015 15:15:00 +0000 Subject: [PATCH] libc DNS functions will now use the new dnssocket() / dnsconnect() system calls. These signal to the pledge kernel code that a DNS transaction is happening. These special sockets only work well with port 53 (there are some cute plans...). Programs calling pledge "inet" will not work! You need pledge "dns", and of course, you need a fairly fresh kernel. ok guenther kettenis tedu --- lib/libc/asr/res_send_async.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/libc/asr/res_send_async.c b/lib/libc/asr/res_send_async.c index e32638ed75e..e6c57f42899 100644 --- a/lib/libc/asr/res_send_async.c +++ b/lib/libc/asr/res_send_async.c @@ -1,4 +1,4 @@ -/* $OpenBSD: res_send_async.c,v 1.27 2015/09/20 14:19:21 eric Exp $ */ +/* $OpenBSD: res_send_async.c,v 1.28 2015/10/18 15:15:00 deraadt Exp $ */ /* * Copyright (c) 2012 Eric Faurot * @@ -304,10 +304,10 @@ sockaddr_connect(const struct sockaddr *sa, int socktype) { int errno_save, sock; - if ((sock = socket(sa->sa_family, socktype | SOCK_NONBLOCK, 0)) == -1) + if ((sock = dnssocket(sa->sa_family, socktype | SOCK_NONBLOCK, 0)) == -1) goto fail; - if (connect(sock, sa, sa->sa_len) == -1) { + if (dnsconnect(sock, sa, sa->sa_len) == -1) { /* * In the TCP case, the caller will be asked to poll for * POLLOUT so that we start writing the packet in tcp_write() -- 2.20.1