stop-gap: doc glibc 2.31 RES_TRUSTAD/trust-ad

[exim.git] / src / src / dns.c

diff --git a/src/src/dns.c b/src/src/dns.c
index 6333d3cff7018e0512ea9cf27d81b6d5ee1677ed..e13aa74e24b17d880885bfd5e5cdad393df628d4 100644 (file)
--- a/src/src/dns.c
+++ b/src/src/dns.c
@@ -60,7 +60,8 @@ if (stat(CS utilname, &statbuf) >= 0)
   int infd, outfd, rc;
   uschar *argv[5];
 
-  DEBUG(D_dns) debug_printf("DNS lookup of %s (%s) using fakens\n", name, dns_text_type(type));
+  DEBUG(D_dns) debug_printf("DNS lookup of %s (%s) using fakens\n",
+               name, dns_text_type(type));
 
   argv[0] = utilname;
   argv[1] = config_main_directory;
@@ -68,7 +69,7 @@ if (stat(CS utilname, &statbuf) >= 0)
   argv[3] = dns_text_type(type);
   argv[4] = NULL;
 
-  pid = child_open(argv, NULL, 0000, &infd, &outfd, FALSE);
+  pid = child_open(argv, NULL, 0000, &infd, &outfd, FALSE, US"fakens-search");
   if (pid < 0)
     log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to run fakens: %s",
       strerror(errno));
@@ -500,6 +501,8 @@ const uschar * auth_name;
 const uschar * trusted;
 
 if (dnsa->answerlen < 0) return FALSE;
+/* Beware that newer versions of glibc on Linux will filter out the ad bit
+unless their shiny new RES_TRUSTAD bit is set for the resolver.  */
 if (h->ad) return TRUE;
 
 /* If the resolver we ask is authoritative for the domain in question, it may