From 26dc94c31dec9cf32360456ea6e7ab4903ad30f6 Mon Sep 17 00:00:00 2001
From: Jon Siwek <jsiwek@corelight.com>
Date: Mon, 20 Nov 2017 11:28:59 -0600
Subject: [PATCH] BIT-1827: fix error on initializing DNS w/ IPv6 nameserver.

This just skips over IPv6 nameserver addresses for now and uses the
first IPv4 one in the resolver config.  Should be possible to support
IPv6, but that may need more testing (e.g. need to make sure the code
will be portable to various platforms).
---
 CHANGES      |  6 ++++++
 VERSION      |  2 +-
 src/nb_dns.c | 49 +++++++++++++++++++++++++++++++------------------
 3 files changed, 38 insertions(+), 19 deletions(-)

diff --git a/CHANGES b/CHANGES
index 910321247f..98465b94d7 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,4 +1,10 @@
 
+2.5-345 | 2017-11-20 11:28:59 -0600
+
+  * BIT-1827: fix error on initializing DNS w/ IPv6 nameserver. (Corelight)
+
+  * Add --build-type flag to configure wrapper. (Corelight)
+
 2.5-343 | 2017-11-17 15:27:04 -0800
 
   * Fix ASCII logging of very large values of type "double".
diff --git a/VERSION b/VERSION
index 26514725b5..13eaeb1e39 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-2.5-343
+2.5-345
diff --git a/src/nb_dns.c b/src/nb_dns.c
index 35059ab4f0..f239b4d401 100644
--- a/src/nb_dns.c
+++ b/src/nb_dns.c
@@ -131,27 +131,40 @@ nb_dns_init(char *errstr)
 		free(nd);
 		return (NULL);
 	}
-	nd->s = socket(PF_INET, SOCK_DGRAM, 0);
-	if (nd->s < 0) {
-		snprintf(errstr, NB_DNS_ERRSIZE, "socket(): %s",
-		    my_strerror(errno));
-		free(nd);
-		return (NULL);
-	}
 
-	/* XXX should use resolver config */
-	nd->server = _res.nsaddr_list[0];
+	for ( int i = 0; i < _res.nscount; ++i )
+		{
+		nd->server = _res.nsaddr_list[i];
 
-	if (connect(nd->s, (struct sockaddr *)&nd->server,
-	    sizeof(struct sockaddr)) < 0) {
-		snprintf(errstr, NB_DNS_ERRSIZE, "connect(%s): %s",
-		    inet_ntoa(nd->server.sin_addr), my_strerror(errno));
-		close(nd->s);
-		free(nd);
-		return (NULL);
-	}
+		/* XXX support IPv6 */
+		if ( nd->server.sin_family != AF_INET )
+			continue;
 
-	return (nd);
+		nd->s = socket(nd->server.sin_family, SOCK_DGRAM, 0);
+
+		if ( nd->s < 0 )
+			{
+			snprintf(errstr, NB_DNS_ERRSIZE, "socket(): %s",
+			         my_strerror(errno));
+			free(nd);
+			return (NULL);
+			}
+
+		if ( connect(nd->s, (struct sockaddr *)&nd->server,
+		             sizeof(struct sockaddr)) < 0 )
+			{
+			snprintf(errstr, NB_DNS_ERRSIZE, "connect(%s): %s",
+			         inet_ntoa(nd->server.sin_addr), my_strerror(errno));
+			close(nd->s);
+			free(nd);
+			return (NULL);
+			}
+
+		return (nd);
+		}
+
+	snprintf(errstr, NB_DNS_ERRSIZE, "no valid nameservers in resolver config");
+	return (NULL);
 }
 
 void