3 files changed, 35 insertions, 17 deletions

diff --git a/src/grp-resolve/systemd-resolve/resolve-tool.c b/src/grp-resolve/systemd-resolve/resolve-tool.c
index facad18086..3e19b8563c 100644
--- a/src/grp-resolve/systemd-resolve/resolve-tool.c
+++ b/src/grp-resolve/systemd-resolve/resolve-tool.c
@@ -395,7 +395,7 @@ static int output_rr_packet(const void *d, size_t l, int ifindex) {
         return 0;
 }
 
-static int resolve_record(sd_bus *bus, const char *name, uint16_t class, uint16_t type) {
+static int resolve_record(sd_bus *bus, const char *name, uint16_t class, uint16_t type, bool warn_missing) {
         _cleanup_(sd_bus_message_unrefp) sd_bus_message *req = NULL, *reply = NULL;
         _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
         char ifname[IF_NAMESIZE] = "";
@@ -430,7 +430,8 @@ static int resolve_record(sd_bus *bus, const char *name, uint16_t class, uint16_
 
         r = sd_bus_call(bus, req, DNS_CALL_TIMEOUT_USEC, &error, &reply);
         if (r < 0) {
-                log_error("%s: resolve call failed: %s", name, bus_error_message(&error, r));
+                if (warn_missing || r != -ENXIO)
+                        log_error("%s: resolve call failed: %s", name, bus_error_message(&error, r));
                 return r;
         }
 
@@ -488,7 +489,8 @@ static int resolve_record(sd_bus *bus, const char *name, uint16_t class, uint16_
                 return bus_log_parse_error(r);
 
         if (n == 0) {
-                log_error("%s: no records found", name);
+                if (warn_missing)
+                        log_error("%s: no records found", name);
                 return -ESRCH;
         }
 
@@ -618,7 +620,7 @@ static int resolve_rfc4501(sd_bus *bus, const char *name) {
         if (type == 0)
                 type = arg_type ?: DNS_TYPE_A;
 
-        return resolve_record(bus, n, class, type);
+        return resolve_record(bus, n, class, type, true);
 
 invalid:
         log_error("Invalid DNS URI: %s", name);
@@ -778,7 +780,6 @@ static int resolve_service(sd_bus *bus, const char *name, const char *type, cons
         if (r < 0)
                 return bus_log_parse_error(r);
 
-        c = 0;
         while ((r = sd_bus_message_read_array(reply, 'y', (const void**) &p, &sz)) > 0) {
                 _cleanup_free_ char *escaped = NULL;
 
@@ -787,7 +788,6 @@ static int resolve_service(sd_bus *bus, const char *name, const char *type, cons
                         return log_oom();
 
                 printf("%*s%s\n", (int) indent, "", escaped);
-                c++;
         }
         if (r < 0)
                 return bus_log_parse_error(r);
@@ -840,16 +840,34 @@ static int resolve_openpgp(sd_bus *bus, const char *address) {
         }
         domain++;
 
-        r = string_hashsum_sha224(address, domain - 1 - address, &hashed);
+        r = string_hashsum_sha256(address, domain - 1 - address, &hashed);
         if (r < 0)
                 return log_error_errno(r, "Hashing failed: %m");
 
+        strshorten(hashed, 56);
+
         full = strjoina(hashed, "._openpgpkey.", domain);
         log_debug("Looking up \"%s\".", full);
 
-        return resolve_record(bus, full,
-                              arg_class ?: DNS_CLASS_IN,
-                              arg_type ?: DNS_TYPE_OPENPGPKEY);
+        r = resolve_record(bus, full,
+                           arg_class ?: DNS_CLASS_IN,
+                           arg_type ?: DNS_TYPE_OPENPGPKEY, false);
+
+        if (IN_SET(r, -ENXIO, -ESRCH)) { /* NXDOMAIN or NODATA? */
+              hashed = NULL;
+              r = string_hashsum_sha224(address, domain - 1 - address, &hashed);
+              if (r < 0)
+                    return log_error_errno(r, "Hashing failed: %m");
+
+              full = strjoina(hashed, "._openpgpkey.", domain);
+              log_debug("Looking up \"%s\".", full);
+
+              return resolve_record(bus, full,
+                                    arg_class ?: DNS_CLASS_IN,
+                                    arg_type ?: DNS_TYPE_OPENPGPKEY, true);
+        }
+
+        return r;
 }
 
 static int resolve_tlsa(sd_bus *bus, const char *address) {
@@ -881,7 +899,7 @@ static int resolve_tlsa(sd_bus *bus, const char *address) {
 
         return resolve_record(bus, full,
                               arg_class ?: DNS_CLASS_IN,
-                              arg_type ?: DNS_TYPE_TLSA);
+                              arg_type ?: DNS_TYPE_TLSA, true);
 }
 
 static int show_statistics(sd_bus *bus) {
@@ -1542,7 +1560,7 @@ static void help(void) {
                "%1$s [OPTIONS...] --statistics\n"
                "%1$s [OPTIONS...] --reset-statistics\n"
                "\n"
-               "Resolve domain names, IPv4 and IPv6 addresses, DNS resource records, and services.\n\n"
+               "Resolve domain names, IPv4 and IPv6 addresses, DNS records, and services.\n\n"
                "  -h --help                 Show this help\n"
                "     --version              Show package version\n"
                "     --no-pager             Do not pipe output into a pager\n"
@@ -1877,7 +1895,7 @@ int main(int argc, char **argv) {
                 while (argv[optind]) {
                         int k;
 
-                        k = resolve_record(bus, argv[optind], arg_class, arg_type);
+                        k = resolve_record(bus, argv[optind], arg_class, arg_type, true);
                         if (r == 0)
                                 r = k;
 
diff --git a/src/grp-resolve/systemd-resolve/systemd-resolve.completion.bash b/src/grp-resolve/systemd-resolve/systemd-resolve.completion.bash
index 0c501c9405..f59482fe23 100644
--- a/src/grp-resolve/systemd-resolve/systemd-resolve.completion.bash
+++ b/src/grp-resolve/systemd-resolve/systemd-resolve.completion.bash
@@ -36,8 +36,8 @@ _systemd-resolve() {
         local cur=${COMP_WORDS[COMP_CWORD]} prev=${COMP_WORDS[COMP_CWORD-1]}
         local -A OPTS=(
                [STANDALONE]='-h --help --version -4 -6
-                             --service --openpgp --tlsa --statistics --reset-statistics
-                             --service-address=no --service-txt=no
+                             --service --openpgp --tlsa --status --statistics
+                             --reset-statistics --service-address=no --service-txt=no
                              --cname=no --search=no --legend=no'
                       [ARG]='-i --interface -p --protocol -t --type -c --class'
         )
diff --git a/src/grp-resolve/systemd-resolve/systemd-resolve.xml b/src/grp-resolve/systemd-resolve/systemd-resolve.xml
index ca26bb4d49..2bc917ac26 100644
--- a/src/grp-resolve/systemd-resolve/systemd-resolve.xml
+++ b/src/grp-resolve/systemd-resolve/systemd-resolve.xml
@@ -135,7 +135,7 @@
     TXT).</para>
 
     <para>The <option>--openpgp</option> switch may be used to query PGP keys stored as
-    <ulink url="https://tools.ietf.org/html/draft-wouters-dane-openpgp-02">OPENPGPKEY</ulink> resource records.
+    <ulink url="https://tools.ietf.org/html/rfc7929">OPENPGPKEY</ulink> resource records.
     When this option is specified one or more e-mail address must be specified.</para>
 
     <para>The <option>--tlsa</option> switch maybe be used to query TLS public
@@ -339,7 +339,7 @@ www.0pointer.net: 2a01:238:43ed:c300:10c3:bcf3:3266:da74
     </example>
 
     <example>
-      <title>Retrieve the MX record of the <literal>0pointer.net</literal> domain</title>
+      <title>Retrieve the MX record of the <literal>yahoo.com</literal> domain</title>
 
       <programlisting>$ systemd-resolve -t MX yahoo.com --legend=no
 yahoo.com. IN MX    1 mta7.am0.yahoodns.net