Maybe it's time to get rid of tcpwrappers/tcpd?
Lennart Poettering
mzerqung at 0pointer.de
Fri Mar 21 17:08:59 UTC 2014
On Fri, 21.03.14 13:05, Paul Wouters (paul at nohats.ca) wrote:
> On Fri, 21 Mar 2014, Lennart Poettering wrote:
>
> >As long as -lresolve (i.e. glibc and getaddrinfo()) can't do DNSSEC it's
> >just not there...
>
> You are proposing changing the api of getaddrinfo()? Could luck with
> that?
Dunno, it doesn't sound too difficult to add a new flag .ai_flags that
indicates whether the dns data has been verified locally or so...
Lennart
--
Lennart Poettering, Red Hat
More information about the devel
mailing list