44f496c00a
- sprintf() can return negative value on error, so p += sprintf(p, blah) is unsafe - signed/unsigned mixup - wrong assumption: sizeof(time_t) <= sizeof(int) - need to init errno to 0 before strtoul()
1663 lines
40 KiB
C
1663 lines
40 KiB
C
/* $NetBSD: dns_ho.c,v 1.5 2002/07/04 23:30:39 itojun Exp $ */
|
|
|
|
/*
|
|
* Copyright (c) 1985, 1988, 1993
|
|
* The Regents of the University of California. All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
* 3. All advertising materials mentioning features or use of this software
|
|
* must display the following acknowledgement:
|
|
* This product includes software developed by the University of
|
|
* California, Berkeley and its contributors.
|
|
* 4. Neither the name of the University nor the names of its contributors
|
|
* may be used to endorse or promote products derived from this software
|
|
* without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*/
|
|
|
|
/*
|
|
* Portions Copyright (c) 1996-1999 by Internet Software Consortium.
|
|
*
|
|
* Permission to use, copy, modify, and distribute this software for any
|
|
* purpose with or without fee is hereby granted, provided that the above
|
|
* copyright notice and this permission notice appear in all copies.
|
|
*
|
|
* THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
|
|
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
|
|
* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
|
|
* CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
|
|
* DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
|
|
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
|
|
* ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
|
|
* SOFTWARE.
|
|
*/
|
|
|
|
/* from gethostnamadr.c 8.1 (Berkeley) 6/4/93 */
|
|
/* BIND Id: gethnamaddr.c,v 8.15 1996/05/22 04:56:30 vixie Exp $ */
|
|
|
|
#if defined(LIBC_SCCS) && !defined(lint)
|
|
static const char rcsid[] = "Id: dns_ho.c,v 1.39 2002/06/27 03:56:32 marka Exp";
|
|
#endif /* LIBC_SCCS and not lint */
|
|
|
|
/* Imports. */
|
|
|
|
#include "port_before.h"
|
|
|
|
#include <sys/types.h>
|
|
#include <sys/param.h>
|
|
#include <sys/socket.h>
|
|
|
|
#include <netinet/in.h>
|
|
#include <arpa/inet.h>
|
|
#include <arpa/nameser.h>
|
|
|
|
#include <ctype.h>
|
|
#include <errno.h>
|
|
#include <stdlib.h>
|
|
#include <netdb.h>
|
|
#include <resolv.h>
|
|
#include <stdio.h>
|
|
#include <string.h>
|
|
#include <syslog.h>
|
|
|
|
#include <isc/memcluster.h>
|
|
#include <irs.h>
|
|
|
|
#include "port_after.h"
|
|
|
|
#include "irs_p.h"
|
|
#include "dns_p.h"
|
|
|
|
#ifdef SPRINTF_CHAR
|
|
# define SPRINTF(x) strlen(sprintf/**/x)
|
|
#else
|
|
# define SPRINTF(x) sprintf x
|
|
#endif
|
|
|
|
/* Definitions. */
|
|
|
|
#define MAXALIASES 35
|
|
#define MAXADDRS 35
|
|
|
|
#define MAXPACKET (1024*64)
|
|
|
|
#define BOUNDS_CHECK(ptr, count) \
|
|
if ((ptr) + (count) > eom) { \
|
|
had_error++; \
|
|
continue; \
|
|
} else (void)0
|
|
|
|
typedef union {
|
|
HEADER hdr;
|
|
u_char buf[MAXPACKET];
|
|
} querybuf;
|
|
|
|
struct dns_res_target {
|
|
struct dns_res_target *next;
|
|
querybuf qbuf; /* query buffer */
|
|
u_char *answer; /* buffer to put answer */
|
|
int anslen; /* size of answer buffer */
|
|
int qclass, qtype; /* class and type of query */
|
|
int action; /* condition whether query is really issued */
|
|
char qname[MAXDNAME +1]; /* domain name */
|
|
#if 0
|
|
int n; /* result length */
|
|
#endif
|
|
};
|
|
enum {RESTGT_DOALWAYS, RESTGT_AFTERFAILURE, RESTGT_IGNORE};
|
|
enum {RESQRY_SUCCESS, RESQRY_FAIL};
|
|
|
|
struct pvt {
|
|
struct hostent host;
|
|
char * h_addr_ptrs[MAXADDRS + 1];
|
|
char * host_aliases[MAXALIASES];
|
|
char hostbuf[8*1024];
|
|
u_char host_addr[16]; /* IPv4 or IPv6 */
|
|
struct __res_state *res;
|
|
void (*free_res)(void *);
|
|
};
|
|
|
|
typedef union {
|
|
int32_t al;
|
|
char ac;
|
|
} align;
|
|
|
|
static const u_char mapped[] = { 0,0, 0,0, 0,0, 0,0, 0,0, 0xff,0xff };
|
|
static const u_char tunnelled[] = { 0,0, 0,0, 0,0, 0,0, 0,0, 0,0 };
|
|
/* Note: the IPv6 loopback address is in the "tunnel" space */
|
|
static const u_char v6local[] = { 0,0, 0,1 }; /* last 4 bytes of IPv6 addr */
|
|
|
|
/* Forwards. */
|
|
|
|
static void ho_close(struct irs_ho *this);
|
|
static struct hostent * ho_byname(struct irs_ho *this, const char *name);
|
|
static struct hostent * ho_byname2(struct irs_ho *this, const char *name,
|
|
int af);
|
|
static struct hostent * ho_byaddr(struct irs_ho *this, const void *addr,
|
|
int len, int af);
|
|
static struct hostent * ho_next(struct irs_ho *this);
|
|
static void ho_rewind(struct irs_ho *this);
|
|
static void ho_minimize(struct irs_ho *this);
|
|
static struct __res_state * ho_res_get(struct irs_ho *this);
|
|
static void ho_res_set(struct irs_ho *this,
|
|
struct __res_state *res,
|
|
void (*free_res)(void *));
|
|
static struct addrinfo * ho_addrinfo(struct irs_ho *this, const char *name,
|
|
const struct addrinfo *pai);
|
|
|
|
static void map_v4v6_hostent(struct hostent *hp, char **bp,
|
|
char *ep);
|
|
static void addrsort(res_state, char **, int);
|
|
static struct hostent * gethostans(struct irs_ho *this,
|
|
const u_char *ansbuf, int anslen,
|
|
const char *qname, int qtype,
|
|
int af, int size,
|
|
struct addrinfo **ret_aip,
|
|
const struct addrinfo *pai);
|
|
static int add_hostent(struct pvt *pvt, char *bp, char **hap,
|
|
struct addrinfo *ai);
|
|
static const u_char * ar_head(const u_char *, int, const u_char *,
|
|
const u_char *, struct pvt *,
|
|
int (*)(const char *));
|
|
static struct addrinfo * a6_expand(const u_char *, const u_char *, int,
|
|
const u_char *, const u_char *,
|
|
const struct in6_addr *, int,
|
|
const struct addrinfo *,
|
|
struct pvt *, int (*)(const char *), int *);
|
|
static const char *dname_subst(const char *, const char *, const char *);
|
|
static int init(struct irs_ho *this);
|
|
|
|
/* Exports. */
|
|
|
|
struct irs_ho *
|
|
irs_dns_ho(struct irs_acc *this) {
|
|
struct irs_ho *ho;
|
|
struct pvt *pvt;
|
|
|
|
UNUSED(this);
|
|
|
|
if (!(pvt = memget(sizeof *pvt))) {
|
|
errno = ENOMEM;
|
|
return (NULL);
|
|
}
|
|
memset(pvt, 0, sizeof *pvt);
|
|
|
|
if (!(ho = memget(sizeof *ho))) {
|
|
memput(pvt, sizeof *pvt);
|
|
errno = ENOMEM;
|
|
return (NULL);
|
|
}
|
|
memset(ho, 0x5e, sizeof *ho);
|
|
ho->private = pvt;
|
|
ho->close = ho_close;
|
|
ho->byname = ho_byname;
|
|
ho->byname2 = ho_byname2;
|
|
ho->byaddr = ho_byaddr;
|
|
ho->next = ho_next;
|
|
ho->rewind = ho_rewind;
|
|
ho->minimize = ho_minimize;
|
|
ho->res_get = ho_res_get;
|
|
ho->res_set = ho_res_set;
|
|
ho->addrinfo = ho_addrinfo;
|
|
return (ho);
|
|
}
|
|
|
|
/* Methods. */
|
|
|
|
static void
|
|
ho_close(struct irs_ho *this) {
|
|
struct pvt *pvt = (struct pvt *)this->private;
|
|
|
|
ho_minimize(this);
|
|
if (pvt->res && pvt->free_res)
|
|
(*pvt->free_res)(pvt->res);
|
|
if (pvt)
|
|
memput(pvt, sizeof *pvt);
|
|
memput(this, sizeof *this);
|
|
}
|
|
|
|
static struct hostent *
|
|
ho_byname(struct irs_ho *this, const char *name) {
|
|
struct pvt *pvt = (struct pvt *)this->private;
|
|
struct hostent *hp;
|
|
|
|
if (init(this) == -1)
|
|
return (NULL);
|
|
|
|
if (pvt->res->options & RES_USE_INET6) {
|
|
hp = ho_byname2(this, name, AF_INET6);
|
|
if (hp)
|
|
return (hp);
|
|
}
|
|
return (ho_byname2(this, name, AF_INET));
|
|
}
|
|
|
|
static struct hostent *
|
|
ho_byname2(struct irs_ho *this, const char *name, int af)
|
|
{
|
|
struct pvt *pvt = (struct pvt *)this->private;
|
|
struct hostent *hp = NULL;
|
|
int n, size;
|
|
char tmp[NS_MAXDNAME];
|
|
const char *cp;
|
|
struct addrinfo ai;
|
|
struct dns_res_target *q, *q2, *p;
|
|
int querystate = RESQRY_FAIL;
|
|
|
|
if (init(this) == -1)
|
|
return (NULL);
|
|
|
|
q = memget(sizeof(*q));
|
|
q2 = memget(sizeof(*q2));
|
|
if (q == NULL || q2 == NULL) {
|
|
RES_SET_H_ERRNO(pvt->res, NETDB_INTERNAL);
|
|
errno = ENOMEM;
|
|
goto cleanup;
|
|
}
|
|
memset(q, 0, sizeof(q));
|
|
memset(q2, 0, sizeof(q2));
|
|
|
|
switch (af) {
|
|
case AF_INET:
|
|
size = INADDRSZ;
|
|
q->qclass = C_IN;
|
|
q->qtype = T_A;
|
|
q->answer = q->qbuf.buf;
|
|
q->anslen = sizeof(q->qbuf);
|
|
q->action = RESTGT_DOALWAYS;
|
|
break;
|
|
case AF_INET6:
|
|
size = IN6ADDRSZ;
|
|
q->qclass = C_IN;
|
|
q->qtype = ns_t_a6;
|
|
q->answer = q->qbuf.buf;
|
|
q->anslen = sizeof(q->qbuf);
|
|
q->next = q2;
|
|
#ifdef RES_USE_A6
|
|
if ((pvt->res->options & RES_USE_A6) == 0)
|
|
q->action = RESTGT_IGNORE;
|
|
else
|
|
#endif
|
|
q->action = RESTGT_DOALWAYS;
|
|
q2->qclass = C_IN;
|
|
q2->qtype = T_AAAA;
|
|
q2->answer = q2->qbuf.buf;
|
|
q2->anslen = sizeof(q2->qbuf);
|
|
q2->action = RESTGT_AFTERFAILURE;
|
|
break;
|
|
default:
|
|
RES_SET_H_ERRNO(pvt->res, NETDB_INTERNAL);
|
|
errno = EAFNOSUPPORT;
|
|
hp = NULL;
|
|
goto cleanup;
|
|
}
|
|
|
|
/*
|
|
* if there aren't any dots, it could be a user-level alias.
|
|
* this is also done in res_nquery() since we are not the only
|
|
* function that looks up host names.
|
|
*/
|
|
if (!strchr(name, '.') && (cp = res_hostalias(pvt->res, name,
|
|
tmp, sizeof tmp)))
|
|
name = cp;
|
|
|
|
for (p = q; p; p = p->next) {
|
|
switch(p->action) {
|
|
case RESTGT_DOALWAYS:
|
|
break;
|
|
case RESTGT_AFTERFAILURE:
|
|
if (querystate == RESQRY_SUCCESS)
|
|
continue;
|
|
break;
|
|
case RESTGT_IGNORE:
|
|
continue;
|
|
}
|
|
|
|
if ((n = res_nsearch(pvt->res, name, p->qclass, p->qtype,
|
|
p->answer, p->anslen)) < 0) {
|
|
querystate = RESQRY_FAIL;
|
|
continue;
|
|
}
|
|
|
|
memset(&ai, 0, sizeof(ai));
|
|
ai.ai_family = af;
|
|
if ((hp = gethostans(this, p->answer, n, name, p->qtype,
|
|
af, size, NULL,
|
|
(const struct addrinfo *)&ai)) != NULL)
|
|
goto cleanup; /* no more loop is necessary */
|
|
|
|
querystate = RESQRY_FAIL;
|
|
continue;
|
|
}
|
|
|
|
cleanup:
|
|
if (q != NULL)
|
|
memput(q, sizeof(*q));
|
|
if (q2 != NULL)
|
|
memput(q2, sizeof(*q2));
|
|
return(hp);
|
|
}
|
|
|
|
static struct hostent *
|
|
ho_byaddr(struct irs_ho *this, const void *addr, int len, int af)
|
|
{
|
|
struct pvt *pvt = (struct pvt *)this->private;
|
|
const u_char *uaddr = addr;
|
|
char *qp;
|
|
struct hostent *hp = NULL;
|
|
struct addrinfo ai;
|
|
struct dns_res_target *q, *q2, *p;
|
|
int n, size, i;
|
|
int querystate = RESQRY_FAIL;
|
|
|
|
if (init(this) == -1)
|
|
return (NULL);
|
|
|
|
q = memget(sizeof(*q));
|
|
q2 = memget(sizeof(*q2));
|
|
if (q == NULL || q2 == NULL) {
|
|
RES_SET_H_ERRNO(pvt->res, NETDB_INTERNAL);
|
|
errno = ENOMEM;
|
|
goto cleanup;
|
|
}
|
|
memset(q, 0, sizeof(q));
|
|
memset(q2, 0, sizeof(q2));
|
|
|
|
if (af == AF_INET6 && len == IN6ADDRSZ &&
|
|
(!memcmp(uaddr, mapped, sizeof mapped) ||
|
|
(!memcmp(uaddr, tunnelled, sizeof tunnelled) &&
|
|
memcmp(&uaddr[sizeof tunnelled], v6local, sizeof(v6local))))) {
|
|
/* Unmap. */
|
|
addr = (const char *)addr + sizeof mapped;
|
|
uaddr += sizeof mapped;
|
|
af = AF_INET;
|
|
len = INADDRSZ;
|
|
}
|
|
switch (af) {
|
|
case AF_INET:
|
|
size = INADDRSZ;
|
|
q->qclass = C_IN;
|
|
q->qtype = T_PTR;
|
|
q->answer = q->qbuf.buf;
|
|
q->anslen = sizeof(q->qbuf);
|
|
q->action = RESTGT_DOALWAYS;
|
|
break;
|
|
case AF_INET6:
|
|
size = IN6ADDRSZ;
|
|
q->qclass = C_IN;
|
|
q->qtype = T_PTR;
|
|
q->answer = q->qbuf.buf;
|
|
q->anslen = sizeof(q->qbuf);
|
|
q->next = q2;
|
|
q->action = RESTGT_DOALWAYS;
|
|
q2->qclass = C_IN;
|
|
q2->qtype = T_PTR;
|
|
q2->answer = q2->qbuf.buf;
|
|
q2->anslen = sizeof(q2->qbuf);
|
|
if ((pvt->res->options & RES_NO_NIBBLE2) != 0)
|
|
q2->action = RESTGT_IGNORE;
|
|
else
|
|
q2->action = RESTGT_AFTERFAILURE;
|
|
break;
|
|
default:
|
|
errno = EAFNOSUPPORT;
|
|
RES_SET_H_ERRNO(pvt->res, NETDB_INTERNAL);
|
|
hp = NULL;
|
|
goto cleanup;
|
|
}
|
|
if (size > len) {
|
|
errno = EINVAL;
|
|
RES_SET_H_ERRNO(pvt->res, NETDB_INTERNAL);
|
|
hp = NULL;
|
|
goto cleanup;
|
|
}
|
|
switch (af) {
|
|
case AF_INET:
|
|
qp = q->qname;
|
|
(void) sprintf(qp, "%u.%u.%u.%u.in-addr.arpa",
|
|
(uaddr[3] & 0xff),
|
|
(uaddr[2] & 0xff),
|
|
(uaddr[1] & 0xff),
|
|
(uaddr[0] & 0xff));
|
|
break;
|
|
case AF_INET6:
|
|
if (q->action != RESTGT_IGNORE) {
|
|
qp = q->qname;
|
|
for (n = IN6ADDRSZ - 1; n >= 0; n--) {
|
|
i = SPRINTF((qp, "%x.%x.",
|
|
uaddr[n] & 0xf,
|
|
(uaddr[n] >> 4) & 0xf));
|
|
if (i < 0)
|
|
abort();
|
|
qp += i;
|
|
}
|
|
strcpy(qp, res_get_nibblesuffix(pvt->res));
|
|
}
|
|
if (q2->action != RESTGT_IGNORE) {
|
|
qp = q2->qname;
|
|
for (n = IN6ADDRSZ - 1; n >= 0; n--) {
|
|
i = SPRINTF((qp, "%x.%x.",
|
|
uaddr[n] & 0xf,
|
|
(uaddr[n] >> 4) & 0xf));
|
|
if (i < 0)
|
|
abort();
|
|
qp += i;
|
|
}
|
|
strcpy(qp, res_get_nibblesuffix2(pvt->res));
|
|
}
|
|
break;
|
|
default:
|
|
abort();
|
|
}
|
|
|
|
for (p = q; p; p = p->next) {
|
|
switch(p->action) {
|
|
case RESTGT_DOALWAYS:
|
|
break;
|
|
case RESTGT_AFTERFAILURE:
|
|
if (querystate == RESQRY_SUCCESS)
|
|
continue;
|
|
break;
|
|
case RESTGT_IGNORE:
|
|
continue;
|
|
}
|
|
|
|
if ((n = res_nquery(pvt->res, p->qname, p->qclass, p->qtype,
|
|
p->answer, p->anslen)) < 0) {
|
|
querystate = RESQRY_FAIL;
|
|
continue;
|
|
}
|
|
|
|
memset(&ai, 0, sizeof(ai));
|
|
ai.ai_family = af;
|
|
hp = gethostans(this, p->answer, n, p->qname, T_PTR, af, size,
|
|
NULL, (const struct addrinfo *)&ai);
|
|
if (!hp) {
|
|
querystate = RESQRY_FAIL;
|
|
continue;
|
|
}
|
|
|
|
memcpy(pvt->host_addr, addr, len);
|
|
pvt->h_addr_ptrs[0] = (char *)pvt->host_addr;
|
|
pvt->h_addr_ptrs[1] = NULL;
|
|
if (af == AF_INET && (pvt->res->options & RES_USE_INET6)) {
|
|
map_v4v6_address((char*)pvt->host_addr,
|
|
(char*)pvt->host_addr);
|
|
pvt->host.h_addrtype = AF_INET6;
|
|
pvt->host.h_length = IN6ADDRSZ;
|
|
}
|
|
|
|
RES_SET_H_ERRNO(pvt->res, NETDB_SUCCESS);
|
|
goto cleanup; /* no more loop is necessary. */
|
|
}
|
|
hp = NULL; /* H_ERRNO was set by subroutines */
|
|
|
|
cleanup:
|
|
if (q != NULL)
|
|
memput(q, sizeof(*q));
|
|
if (q2 != NULL)
|
|
memput(q2, sizeof(*q2));
|
|
return(hp);
|
|
}
|
|
|
|
static struct hostent *
|
|
ho_next(struct irs_ho *this) {
|
|
|
|
UNUSED(this);
|
|
|
|
return (NULL);
|
|
}
|
|
|
|
static void
|
|
ho_rewind(struct irs_ho *this) {
|
|
|
|
UNUSED(this);
|
|
|
|
/* NOOP */
|
|
}
|
|
|
|
static void
|
|
ho_minimize(struct irs_ho *this) {
|
|
struct pvt *pvt = (struct pvt *)this->private;
|
|
|
|
if (pvt->res)
|
|
res_nclose(pvt->res);
|
|
}
|
|
|
|
static struct __res_state *
|
|
ho_res_get(struct irs_ho *this) {
|
|
struct pvt *pvt = (struct pvt *)this->private;
|
|
|
|
if (!pvt->res) {
|
|
struct __res_state *res;
|
|
res = (struct __res_state *)malloc(sizeof *res);
|
|
if (!res) {
|
|
errno = ENOMEM;
|
|
return (NULL);
|
|
}
|
|
memset(res, 0, sizeof *res);
|
|
ho_res_set(this, res, free);
|
|
}
|
|
|
|
return (pvt->res);
|
|
}
|
|
|
|
/* XXX */
|
|
extern struct addrinfo *addr2addrinfo __P((const struct addrinfo *,
|
|
const char *));
|
|
|
|
static struct addrinfo *
|
|
ho_addrinfo(struct irs_ho *this, const char *name, const struct addrinfo *pai)
|
|
{
|
|
struct pvt *pvt = (struct pvt *)this->private;
|
|
int n;
|
|
char tmp[NS_MAXDNAME];
|
|
const char *cp;
|
|
struct dns_res_target *q, *q2, *q3, *p;
|
|
struct addrinfo sentinel, *cur;
|
|
int querystate = RESQRY_FAIL;
|
|
|
|
if (init(this) == -1)
|
|
return (NULL);
|
|
|
|
memset(&sentinel, 0, sizeof(sentinel));
|
|
cur = &sentinel;
|
|
|
|
q = memget(sizeof(*q));
|
|
q2 = memget(sizeof(*q2));
|
|
q3 = memget(sizeof(*q3));
|
|
if (q == NULL || q2 == NULL || q3 == NULL) {
|
|
RES_SET_H_ERRNO(pvt->res, NETDB_INTERNAL);
|
|
errno = ENOMEM;
|
|
goto cleanup;
|
|
}
|
|
memset(q, 0, sizeof(q2));
|
|
memset(q2, 0, sizeof(q2));
|
|
memset(q3, 0, sizeof(q3));
|
|
|
|
switch (pai->ai_family) {
|
|
case AF_UNSPEC:
|
|
/* prefer IPv6 */
|
|
q->qclass = C_IN;
|
|
q->qtype = ns_t_a6;
|
|
q->answer = q->qbuf.buf;
|
|
q->anslen = sizeof(q->qbuf);
|
|
q->next = q2;
|
|
#ifdef RES_USE_A6
|
|
if ((pvt->res->options & RES_USE_A6) == 0)
|
|
q->action = RESTGT_IGNORE;
|
|
else
|
|
#endif
|
|
q->action = RESTGT_DOALWAYS;
|
|
q2->qclass = C_IN;
|
|
q2->qtype = T_AAAA;
|
|
q2->answer = q2->qbuf.buf;
|
|
q2->anslen = sizeof(q2->qbuf);
|
|
q2->next = q3;
|
|
/* try AAAA only when A6 query fails */
|
|
q2->action = RESTGT_AFTERFAILURE;
|
|
q3->qclass = C_IN;
|
|
q3->qtype = T_A;
|
|
q3->answer = q3->qbuf.buf;
|
|
q3->anslen = sizeof(q3->qbuf);
|
|
q3->action = RESTGT_DOALWAYS;
|
|
break;
|
|
case AF_INET:
|
|
q->qclass = C_IN;
|
|
q->qtype = T_A;
|
|
q->answer = q->qbuf.buf;
|
|
q->anslen = sizeof(q->qbuf);
|
|
q->action = RESTGT_DOALWAYS;
|
|
break;
|
|
case AF_INET6:
|
|
q->qclass = C_IN;
|
|
q->qtype = ns_t_a6;
|
|
q->answer = q->qbuf.buf;
|
|
q->anslen = sizeof(q->qbuf);
|
|
q->next = q2;
|
|
#ifdef RES_USE_A6
|
|
if ((pvt->res->options & RES_USE_A6) == 0)
|
|
q->action = RESTGT_IGNORE;
|
|
else
|
|
#endif
|
|
q->action = RESTGT_DOALWAYS;
|
|
q2->qclass = C_IN;
|
|
q2->qtype = T_AAAA;
|
|
q2->answer = q2->qbuf.buf;
|
|
q2->anslen = sizeof(q2->qbuf);
|
|
q2->action = RESTGT_AFTERFAILURE;
|
|
break;
|
|
default:
|
|
RES_SET_H_ERRNO(pvt->res, NO_RECOVERY); /* better error? */
|
|
goto cleanup;
|
|
}
|
|
|
|
/*
|
|
* if there aren't any dots, it could be a user-level alias.
|
|
* this is also done in res_nquery() since we are not the only
|
|
* function that looks up host names.
|
|
*/
|
|
if (!strchr(name, '.') && (cp = res_hostalias(pvt->res, name,
|
|
tmp, sizeof tmp)))
|
|
name = cp;
|
|
|
|
for (p = q; p; p = p->next) {
|
|
struct addrinfo *ai;
|
|
|
|
switch(p->action) {
|
|
case RESTGT_DOALWAYS:
|
|
break;
|
|
case RESTGT_AFTERFAILURE:
|
|
if (querystate == RESQRY_SUCCESS)
|
|
continue;
|
|
break;
|
|
case RESTGT_IGNORE:
|
|
continue;
|
|
}
|
|
|
|
if ((n = res_nsearch(pvt->res, name, p->qclass, p->qtype,
|
|
p->answer, p->anslen)) < 0) {
|
|
querystate = RESQRY_FAIL;
|
|
continue;
|
|
}
|
|
(void)gethostans(this, p->answer, n, name, p->qtype,
|
|
pai->ai_family, /* XXX: meaningless */
|
|
0, &ai, pai);
|
|
if (ai) {
|
|
querystate = RESQRY_SUCCESS;
|
|
cur->ai_next = ai;
|
|
while (cur && cur->ai_next)
|
|
cur = cur->ai_next;
|
|
}
|
|
else
|
|
querystate = RESQRY_FAIL;
|
|
}
|
|
|
|
cleanup:
|
|
if (q != NULL)
|
|
memput(q, sizeof(*q));
|
|
if (q2 != NULL)
|
|
memput(q2, sizeof(*q2));
|
|
if (q3 != NULL)
|
|
memput(q3, sizeof(*q3));
|
|
return(sentinel.ai_next);
|
|
}
|
|
|
|
static const u_char *
|
|
ar_head(cp, count, msg, eom, pvt, name_ok)
|
|
const u_char *cp, *msg, *eom;
|
|
int count;
|
|
struct pvt *pvt;
|
|
int (*name_ok)(const char *);
|
|
{
|
|
int n;
|
|
char buf[1024]; /* XXX */
|
|
|
|
while (count-- > 0 && cp < eom) {
|
|
n = dn_expand(msg, eom, cp, buf, sizeof(buf));
|
|
if (n < 0 || !maybe_ok(pvt->res, buf, name_ok))
|
|
goto end;
|
|
cp += n; /* name */
|
|
if (cp + 3 * INT16SZ + INT32SZ >= eom)
|
|
goto end;
|
|
cp += INT16SZ; /* type */
|
|
cp += INT16SZ + INT32SZ; /* class, TTL */
|
|
n = ns_get16(cp);
|
|
cp += n + INT16SZ; /* len */
|
|
}
|
|
return(cp);
|
|
|
|
end:
|
|
return(eom); /* XXX */
|
|
}
|
|
|
|
/* XXX: too many arguments */
|
|
static struct addrinfo *
|
|
a6_expand(const u_char *ansbuf, const u_char *a6p,
|
|
int a6len, const u_char *arp, const u_char *eom,
|
|
const struct in6_addr *in6, int plen, const struct addrinfo *pai,
|
|
struct pvt *pvt, int (*name_ok)(const char *), int *errorp)
|
|
{
|
|
struct in6_addr a;
|
|
int n, pbyte, plen1, pbyte1, error = 0;
|
|
const u_char *cp;
|
|
struct addrinfo sentinel, *cur;
|
|
char pname[1024], buf[1024]; /* XXX */
|
|
|
|
*errorp = NETDB_SUCCESS;
|
|
memset(&sentinel, 0, sizeof(sentinel));
|
|
cur = &sentinel;
|
|
|
|
/*
|
|
* Validate A6 parameters.
|
|
*/
|
|
if (a6len == 0) { /* an A6 record must contain at least 1 byte. */
|
|
error = NO_RECOVERY;
|
|
goto bad;
|
|
}
|
|
/* prefix length check. */
|
|
if ((plen1 = *a6p) > 128) {
|
|
error = NO_RECOVERY;
|
|
goto bad;
|
|
}
|
|
if (plen1 > plen) {
|
|
/*
|
|
* New length must not be greater than old one.
|
|
* Ignore the record as specified in RFC 2874
|
|
* Section 3.1.2.
|
|
*/
|
|
return(NULL); /* just ignore. */
|
|
}
|
|
/* boundary check for new plen and prefix addr */
|
|
pbyte1 = (plen1 & ~7) / 8;
|
|
if ((int)sizeof(struct in6_addr) - pbyte1 > a6len - 1) {
|
|
error = NO_RECOVERY;
|
|
goto bad;
|
|
}
|
|
|
|
/*
|
|
* merge the new prefix portion.
|
|
* <--- plen(bits) --->
|
|
* <--- pbyte ---><-b->
|
|
* 000000000000000pppppxxxxxxxxxxx(= in6, 0: unknown, x: known, p: pad)
|
|
* PP++++++++(+ should be merged. P: padding, must be 0)
|
|
* <-- plen1-->
|
|
* <-pbyte1->
|
|
* ^a6p+1
|
|
* The result should be:
|
|
* 0000000000PP++++++++xxxxxxxxxxx(= a)
|
|
*/
|
|
pbyte = (plen & ~7) / 8;
|
|
a = *in6;
|
|
if (pbyte > pbyte1) {
|
|
/* N.B. the case of "pbyte1 == 128" is implicitly excluded. */
|
|
int b = plen % 8; /* = the length of "pp..." above */
|
|
u_char c_hi, c_lo;
|
|
|
|
memcpy(&a.s6_addr[pbyte1], a6p + 1, pbyte - pbyte1);
|
|
if (b > 0) {
|
|
c_hi = a6p[pbyte - pbyte1 + 1];
|
|
c_lo = in6->s6_addr[pbyte];
|
|
a.s6_addr[pbyte] =
|
|
(c_hi & (0xff << (8 - b))) |
|
|
((0x00ff >> b) & c_lo);
|
|
}
|
|
}
|
|
|
|
#if 0 /* for debug */
|
|
if ((pvt->res->options & RES_DEBUG) != 0) {
|
|
u_char ntopbuf[INET6_ADDRSTRLEN];
|
|
|
|
inet_ntop(AF_INET6, &a, ntopbuf, sizeof(ntopbuf));
|
|
printf("a6_expand: %s\\%d\n", ntopbuf, plen1);
|
|
}
|
|
#endif
|
|
|
|
if (plen1 == 0) {
|
|
/* Here is the end of A6 chain. make addrinfo, then return. */
|
|
return(addr2addrinfo(pai, (const char *)&a));
|
|
}
|
|
|
|
/*
|
|
* Expand the new prefix name. Since the prefix name must not be
|
|
* compressed (RFC 2874 Section 3.1.1), we could use ns_name_ntop()
|
|
* here if it had a stricter boundary check.
|
|
*/
|
|
cp = a6p + 1 + (sizeof(*in6) - pbyte1);
|
|
n = dn_expand(ansbuf, eom, cp, pname, sizeof(pname));
|
|
if (n < 0 || !maybe_ok(pvt->res, pname, name_ok)) {
|
|
error = NO_RECOVERY;
|
|
goto bad;
|
|
}
|
|
if (cp + n != a6p + a6len) { /* length mismatch */
|
|
error = NO_RECOVERY;
|
|
goto bad;
|
|
}
|
|
|
|
/*
|
|
* we need (more) additional section records, but no one is
|
|
* available, which possibly means a malformed answer.
|
|
*/
|
|
if (arp == NULL) {
|
|
error = NO_RECOVERY; /* we can't resolve the chain. */
|
|
goto bad;
|
|
}
|
|
|
|
/*
|
|
* Loop thru the rest of the buffer, searching for the next A6 record
|
|
* that has the same owner name as the prefix name. If found, then
|
|
* recursively call this function to expand the whole A6 chain.
|
|
*/
|
|
plen = plen1;
|
|
for (cp = arp; cp != NULL && cp < eom; cp += n) {
|
|
int class, type;
|
|
|
|
n = dn_expand(ansbuf, eom, cp, buf, sizeof(buf));
|
|
if (n < 0 || !maybe_ok(pvt->res, buf, name_ok)) {
|
|
error = NO_RECOVERY;
|
|
goto bad;
|
|
}
|
|
cp += n; /* name */
|
|
if (cp + 3 * INT16SZ + INT32SZ > eom) {
|
|
error = NO_RECOVERY;
|
|
goto bad;
|
|
}
|
|
type = ns_get16(cp);
|
|
cp += INT16SZ; /* type */
|
|
class = ns_get16(cp);
|
|
cp += INT16SZ + INT32SZ; /* class, TTL */
|
|
n = ns_get16(cp);
|
|
cp += INT16SZ; /* len */
|
|
if (cp + n > eom) {
|
|
error = NO_RECOVERY;
|
|
goto bad;
|
|
}
|
|
if (class != C_IN || type != ns_t_a6) {
|
|
/* we are only interested in A6 records. skip others */
|
|
continue;
|
|
}
|
|
|
|
if (ns_samename(buf, pname) != 1) {
|
|
continue;
|
|
}
|
|
|
|
/* Proceed to the next record in the chain. */
|
|
cur->ai_next = a6_expand(ansbuf, cp, n, cp + n, eom,
|
|
(const struct in6_addr *)&a,
|
|
plen, pai, pvt, name_ok, &error);
|
|
if (error != NETDB_SUCCESS)
|
|
goto bad;
|
|
while (cur && cur->ai_next)
|
|
cur = cur->ai_next;
|
|
}
|
|
|
|
return(sentinel.ai_next);
|
|
|
|
bad:
|
|
*errorp = error;
|
|
if (sentinel.ai_next)
|
|
freeaddrinfo(sentinel.ai_next);
|
|
return(NULL);
|
|
}
|
|
|
|
static const char *
|
|
dname_subst(const char *qname0, const char *owner0, const char *target) {
|
|
char owner[MAXDNAME];
|
|
static char qname[MAXDNAME];
|
|
const char blabelhead[] = "\\[x"; /* we can assume hex strings */
|
|
int qlen, olen;
|
|
int bufsiz = sizeof(qname);
|
|
|
|
/* make local copies, which are canonicalized. */
|
|
if (ns_makecanon(qname0, qname, sizeof(qname)) < 0 ||
|
|
ns_makecanon(owner0, owner, sizeof(owner)) < 0)
|
|
return(NULL);
|
|
qlen = strlen(qname);
|
|
olen = strlen(owner);
|
|
/* from now on, do not refer to qname0 nor owner0. */
|
|
|
|
/*
|
|
* check if QNAME is a subdomain of OWNER.
|
|
* XXX: currently, we only handle the following two cases:
|
|
* (A) none of the labels are bitlabels, or
|
|
* (B) both of the head labels are bitlabels (and the following
|
|
* labels are NOT bitlabels).
|
|
* If we pass the check, then subtract the remaining part from QNAME.
|
|
* ex. (A) qname=www.foo.com,owner=foo.com => new qname=www.
|
|
* (B) qname=\[x3ffe0501/32].foo.com,owner=\[x3ffe/16].foo.com
|
|
* => new qname=\[x0501/16].
|
|
*/
|
|
if (ns_samedomain(qname, owner)) { /* check (A) */
|
|
/* at this point, qlen must not be smaller than olen */
|
|
qname[qlen - olen] = 0;
|
|
bufsiz -= (qlen - olen);
|
|
} else { /* check (B) */
|
|
char *parent0, *parent1;
|
|
/* the following 3 have enough size to store 1 bitlabel */
|
|
u_char qlabel[64], olabel[64], newlabel[64];
|
|
int qlabellen, olabellen;
|
|
|
|
if (strncmp(qname, blabelhead, 3) != 0 ||
|
|
strncmp(owner, blabelhead, 3) != 0)
|
|
return(NULL);
|
|
/*
|
|
* Both two begin with bitlabels. The succeeding parts
|
|
* must exact match.
|
|
*/
|
|
if ((parent0 = strchr(qname, '.')) == NULL ||
|
|
(parent1 = strchr(owner, '.')) == NULL)
|
|
return(NULL);
|
|
|
|
/* ns_samename allows names to begin with '.' */
|
|
if (ns_samename(parent0, parent1) != 1)
|
|
return(NULL);
|
|
|
|
/* cut the upper domain parts off. */
|
|
*(parent0 + 1) = 0;
|
|
*(parent1 + 1) = 0;
|
|
/* convert the textual form into binary one. */
|
|
if (ns_name_pton(qname, qlabel, sizeof(qlabel)) < 0 ||
|
|
ns_name_pton(owner, olabel, sizeof(olabel)) < 0)
|
|
return(NULL);
|
|
if ((qlabellen = *(qlabel + 1)) == 0)
|
|
qlabellen = 256;
|
|
if ((olabellen = *(olabel + 1)) == 0)
|
|
olabellen = 256;
|
|
if (olabellen > qlabellen)
|
|
return(NULL); /* owner does not contain qname. */
|
|
else {
|
|
int qplen = (qlabellen + 7) / 8;
|
|
int oplen = (olabellen + 7) / 8;
|
|
int sft = olabellen % 8;
|
|
int nllen, n;
|
|
u_char *qp, *op, *np;
|
|
|
|
/* skip ELT and Count. */
|
|
qp = qlabel + 2;
|
|
op = olabel + 2;
|
|
|
|
/* check if olabel is a "subdomain" of qlabel. */
|
|
if (memcmp(qp, op, oplen - 1) != 0)
|
|
return(NULL);
|
|
if (sft > 0) {
|
|
/* compare trailing bits (between 1 and 7) */
|
|
if ((qp[qplen - 1] & (0xff << sft)) !=
|
|
op[qplen - 1])
|
|
return(NULL);
|
|
}
|
|
|
|
/* OK, get remaining bits from qlabel. */
|
|
np = newlabel;
|
|
if (olabellen == qlabellen) {
|
|
/*
|
|
* Two names (including bitlabels) are exactly
|
|
* same. Discard the whole names.
|
|
* XXX: ns_samename() above should exclude
|
|
* this case...
|
|
*/
|
|
qname[0] = 0;
|
|
goto maketarget;
|
|
}
|
|
*np++ = 0x41; /* XXX hardcoding */
|
|
*np++ = nllen = (qlabellen - olabellen);
|
|
if (sft == 0) {
|
|
/*
|
|
* No alignment issue. can just use memcpy.
|
|
* Note that the "else" part below contains
|
|
* this case. We separate the two cases just
|
|
* for efficiency.
|
|
* We assume that ns_name_pton above ensures
|
|
* QP does not contain trailing garbages.
|
|
*/
|
|
memcpy(np, qp + oplen, qplen - oplen);
|
|
np += qplen - oplen;
|
|
*np = 0;
|
|
} else {
|
|
/*
|
|
* copy the lower (8-SFT) bits of QP to the
|
|
* upper (8-SFT) bits of NP, then copy the
|
|
* upper SFT bits of QP+1 to the lower SFT bits
|
|
* of NP, and so on...
|
|
* if QP is xxxyyyyy zzzwww..., then
|
|
* NP would be yyyyyzzz ...
|
|
* Again, we assume QP does not contain
|
|
* trailing garbages.
|
|
*/
|
|
qp += (oplen - 1);
|
|
while (nllen > 0) {
|
|
*np = (*qp << sft) & 0xff;
|
|
if ((nllen -= (8 - sft)) <= 0)
|
|
break; /* done */
|
|
qp++;
|
|
*np |= ((*qp >> sft) & 0xff);
|
|
np++;
|
|
nllen -= sft;
|
|
}
|
|
*++np = 0;
|
|
}
|
|
|
|
/*
|
|
* make a new bitlabel with the remaining bits.
|
|
* Note that there's no buffer boundary issue, since
|
|
* qlabel, olabel, and newlabel all have the same size.
|
|
* ns_name_ntop() must not return 0, since we have
|
|
* a non-empty bitlabel.
|
|
*/
|
|
if ((n = ns_name_ntop(newlabel, qname, sizeof(qname)))
|
|
<= 0)
|
|
return(NULL);
|
|
bufsiz -= n;
|
|
if (qname[n - 1] != '.') { /* XXX no trailing dot */
|
|
qname[n - 1] = '.';
|
|
qname[n] = 0;
|
|
bufsiz--;
|
|
}
|
|
|
|
}
|
|
}
|
|
|
|
maketarget:
|
|
/*
|
|
* Finally, append the remaining part (maybe empty) to the new target.
|
|
*/
|
|
if (bufsiz < (int)strlen(target)) /* bufsiz takes care of the \0. */
|
|
return(NULL);
|
|
strcat(qname, target);
|
|
|
|
return((const char *)qname);
|
|
}
|
|
|
|
static void
|
|
ho_res_set(struct irs_ho *this, struct __res_state *res,
|
|
void (*free_res)(void *)) {
|
|
struct pvt *pvt = (struct pvt *)this->private;
|
|
|
|
if (pvt->res && pvt->free_res) {
|
|
res_nclose(pvt->res);
|
|
(*pvt->free_res)(pvt->res);
|
|
}
|
|
|
|
pvt->res = res;
|
|
pvt->free_res = free_res;
|
|
}
|
|
|
|
/* Private. */
|
|
|
|
static struct hostent *
|
|
gethostans(struct irs_ho *this,
|
|
const u_char *ansbuf, int anslen, const char *qname, int qtype,
|
|
int af, int size, /* meaningless for addrinfo cases */
|
|
struct addrinfo **ret_aip, const struct addrinfo *pai)
|
|
{
|
|
struct pvt *pvt = (struct pvt *)this->private;
|
|
int type, class, ancount, qdcount, n, haveanswer, had_error;
|
|
int error = NETDB_SUCCESS, arcount;
|
|
int (*name_ok)(const char *);
|
|
const HEADER *hp;
|
|
const u_char *eom;
|
|
const u_char *eor;
|
|
const u_char *cp;
|
|
const char *tname;
|
|
const char *hname;
|
|
char *bp, *ep, **ap, **hap;
|
|
char tbuf[MAXDNAME+1];
|
|
struct addrinfo sentinel, *cur, ai;
|
|
const u_char *arp = NULL;
|
|
|
|
if (pai == NULL) abort();
|
|
if (ret_aip != NULL)
|
|
*ret_aip = NULL;
|
|
memset(&sentinel, 0, sizeof(sentinel));
|
|
cur = &sentinel;
|
|
|
|
tname = qname;
|
|
eom = ansbuf + anslen;
|
|
switch (qtype) {
|
|
case ns_t_a6:
|
|
case T_A:
|
|
case T_AAAA:
|
|
case T_ANY: /* use T_ANY only for T_A/T_AAAA lookup */
|
|
name_ok = res_hnok;
|
|
break;
|
|
case T_PTR:
|
|
name_ok = res_dnok;
|
|
break;
|
|
default:
|
|
abort();
|
|
}
|
|
|
|
pvt->host.h_addrtype = af;
|
|
pvt->host.h_length = size;
|
|
hname = pvt->host.h_name = NULL;
|
|
|
|
/*
|
|
* Find first satisfactory answer.
|
|
*/
|
|
if (ansbuf + HFIXEDSZ > eom) {
|
|
RES_SET_H_ERRNO(pvt->res, NO_RECOVERY);
|
|
return (NULL);
|
|
}
|
|
hp = (const HEADER *)ansbuf;
|
|
ancount = ntohs(hp->ancount);
|
|
qdcount = ntohs(hp->qdcount);
|
|
arcount = ntohs(hp->arcount);
|
|
bp = pvt->hostbuf;
|
|
ep = pvt->hostbuf + sizeof(pvt->hostbuf);
|
|
cp = ansbuf + HFIXEDSZ;
|
|
if (qdcount != 1) {
|
|
RES_SET_H_ERRNO(pvt->res, NO_RECOVERY);
|
|
return (NULL);
|
|
}
|
|
n = dn_expand(ansbuf, eom, cp, bp, ep - bp);
|
|
if (n < 0 || !maybe_ok(pvt->res, bp, name_ok)) {
|
|
RES_SET_H_ERRNO(pvt->res, NO_RECOVERY);
|
|
return (NULL);
|
|
}
|
|
cp += n + QFIXEDSZ;
|
|
if (cp > eom) {
|
|
RES_SET_H_ERRNO(pvt->res, NO_RECOVERY);
|
|
return (NULL);
|
|
}
|
|
if (qtype == T_A || qtype == T_AAAA ||
|
|
qtype == ns_t_a6 || qtype == T_ANY) {
|
|
/* res_nsend() has already verified that the query name is the
|
|
* same as the one we sent; this just gets the expanded name
|
|
* (i.e., with the succeeding search-domain tacked on).
|
|
*/
|
|
n = strlen(bp) + 1; /* for the \0 */
|
|
if (n > MAXHOSTNAMELEN) {
|
|
RES_SET_H_ERRNO(pvt->res, NO_RECOVERY);
|
|
return (NULL);
|
|
}
|
|
pvt->host.h_name = bp;
|
|
hname = bp;
|
|
bp += n;
|
|
/* The qname can be abbreviated, but hname is now absolute. */
|
|
qname = pvt->host.h_name;
|
|
}
|
|
ap = pvt->host_aliases;
|
|
*ap = NULL;
|
|
pvt->host.h_aliases = pvt->host_aliases;
|
|
hap = pvt->h_addr_ptrs;
|
|
*hap = NULL;
|
|
pvt->host.h_addr_list = pvt->h_addr_ptrs;
|
|
haveanswer = 0;
|
|
had_error = 0;
|
|
while (ancount-- > 0 && cp < eom && !had_error) {
|
|
n = dn_expand(ansbuf, eom, cp, bp, ep - bp);
|
|
if (n < 0 || !maybe_ok(pvt->res, bp, name_ok)) {
|
|
had_error++;
|
|
continue;
|
|
}
|
|
cp += n; /* name */
|
|
BOUNDS_CHECK(cp, 3 * INT16SZ + INT32SZ);
|
|
type = ns_get16(cp);
|
|
cp += INT16SZ; /* type */
|
|
class = ns_get16(cp);
|
|
cp += INT16SZ + INT32SZ; /* class, TTL */
|
|
n = ns_get16(cp);
|
|
cp += INT16SZ; /* len */
|
|
BOUNDS_CHECK(cp, n);
|
|
if (class != C_IN) {
|
|
cp += n;
|
|
continue;
|
|
}
|
|
eor = cp + n;
|
|
if ((qtype == T_A || qtype == T_AAAA || qtype == ns_t_a6 ||
|
|
qtype == T_ANY) && type == T_CNAME) {
|
|
if (haveanswer) {
|
|
int level = LOG_CRIT;
|
|
#ifdef LOG_SECURITY
|
|
level |= LOG_SECURITY;
|
|
#endif
|
|
syslog(level,
|
|
"gethostans: possible attempt to exploit buffer overflow while looking up %s",
|
|
*qname ? qname : ".");
|
|
}
|
|
n = dn_expand(ansbuf, eor, cp, tbuf, sizeof tbuf);
|
|
if (n < 0 || !maybe_ok(pvt->res, tbuf, name_ok)) {
|
|
had_error++;
|
|
continue;
|
|
}
|
|
cp += n;
|
|
/* Store alias. */
|
|
if (ap >= &pvt->host_aliases[MAXALIASES-1])
|
|
continue;
|
|
*ap++ = bp;
|
|
n = strlen(bp) + 1; /* for the \0 */
|
|
bp += n;
|
|
/* Get canonical name. */
|
|
n = strlen(tbuf) + 1; /* for the \0 */
|
|
if (n > (ep - bp) || n > MAXHOSTNAMELEN) {
|
|
had_error++;
|
|
continue;
|
|
}
|
|
strcpy(bp, tbuf);
|
|
pvt->host.h_name = bp;
|
|
hname = bp;
|
|
bp += n;
|
|
continue;
|
|
}
|
|
if (type == ns_t_dname) {
|
|
const char *t0, *t;
|
|
|
|
/*
|
|
* just replace the query target; do not update the
|
|
* alias list. (Or should we?)
|
|
*/
|
|
t0 = (qtype == T_PTR) ? tname : hname;
|
|
|
|
n = dn_expand(ansbuf, eor, cp, tbuf, sizeof(tbuf));
|
|
if (n < 0 || !maybe_dnok(pvt->res, tbuf)) {
|
|
had_error++;
|
|
continue;
|
|
}
|
|
#ifdef RES_USE_DNAME
|
|
if ((pvt ->res->options & RES_USE_DNAME) == 0) {
|
|
cp += n;
|
|
continue;
|
|
}
|
|
#endif
|
|
if ((t = dname_subst(t0, bp, tbuf)) == NULL) {
|
|
cp += n;
|
|
continue;
|
|
}
|
|
#if 0 /* for debug */
|
|
if ((pvt->res->options & RES_DEBUG) != 0) {
|
|
printf("DNAME owner=%s, target=%s, next=%s\n",
|
|
bp, tbuf, t);
|
|
}
|
|
#endif
|
|
cp += n;
|
|
|
|
n = strlen(t) + 1; /* for the \0 */
|
|
if (n > (ep - bp)) {
|
|
had_error++;
|
|
continue;
|
|
}
|
|
strcpy(bp, t);
|
|
if (qtype == T_PTR)
|
|
tname = bp;
|
|
else
|
|
hname = bp;
|
|
bp += n;
|
|
|
|
continue;
|
|
}
|
|
if (qtype == T_PTR && type == T_CNAME) {
|
|
n = dn_expand(ansbuf, eor, cp, tbuf, sizeof tbuf);
|
|
if (n < 0 || !maybe_dnok(pvt->res, tbuf)) {
|
|
had_error++;
|
|
continue;
|
|
}
|
|
cp += n;
|
|
#ifdef RES_USE_DNAME
|
|
if ((pvt->res->options & RES_USE_DNAME) != 0)
|
|
#endif
|
|
{
|
|
/*
|
|
* We may be able to check this regardless
|
|
* of the USE_DNAME bit, but we add the check
|
|
* for now since the DNAME support is
|
|
* experimental.
|
|
*/
|
|
if (ns_samename(tname, bp) != 1)
|
|
continue;
|
|
}
|
|
/* Get canonical name. */
|
|
n = strlen(tbuf) + 1; /* for the \0 */
|
|
if (n > (ep - bp)) {
|
|
had_error++;
|
|
continue;
|
|
}
|
|
strcpy(bp, tbuf);
|
|
tname = bp;
|
|
bp += n;
|
|
continue;
|
|
}
|
|
if (qtype == T_ANY) {
|
|
if (!(type == T_A || type == T_AAAA ||
|
|
type == ns_t_a6)) {
|
|
cp += n;
|
|
continue;
|
|
}
|
|
} else if (type != qtype) {
|
|
cp += n;
|
|
continue;
|
|
}
|
|
switch (type) {
|
|
case T_PTR:
|
|
if (ret_aip != NULL) {
|
|
/* addrinfo never needs T_PTR */
|
|
cp += n;
|
|
continue;
|
|
}
|
|
if (ns_samename(tname, bp) != 1) {
|
|
cp += n;
|
|
continue;
|
|
}
|
|
n = dn_expand(ansbuf, eor, cp, bp, ep - bp);
|
|
if (n < 0 || !maybe_hnok(pvt->res, bp) ||
|
|
n >= MAXHOSTNAMELEN) {
|
|
had_error++;
|
|
break;
|
|
}
|
|
cp += n;
|
|
if (!haveanswer) {
|
|
pvt->host.h_name = bp;
|
|
hname = bp;
|
|
}
|
|
else if (ap < &pvt->host_aliases[MAXALIASES-1])
|
|
*ap++ = bp;
|
|
else
|
|
n = -1;
|
|
if (n != -1) {
|
|
n = strlen(bp) + 1; /* for the \0 */
|
|
bp += n;
|
|
}
|
|
break;
|
|
case ns_t_a6: {
|
|
struct in6_addr in6;
|
|
struct addrinfo ai;
|
|
|
|
#ifdef RES_USE_A6
|
|
if ((pvt->res->options & RES_USE_A6) == 0) {
|
|
cp += n;
|
|
continue;
|
|
}
|
|
#endif
|
|
|
|
if (ns_samename(hname, bp) != 1) {
|
|
cp += n;
|
|
continue;
|
|
}
|
|
|
|
/*
|
|
* search for the top of the additional section.
|
|
* once found, keep it for the case where we have
|
|
* more than one A6 record.
|
|
* XXX: however, we may not need this part.
|
|
*/
|
|
if (arp == NULL && arcount > 0) {
|
|
int nscount = ntohs(hp->nscount);
|
|
|
|
arp = ar_head(cp + n, nscount + ancount - 1,
|
|
ansbuf, eom, pvt, name_ok);
|
|
}
|
|
|
|
/* recursively collect the whole A6 chain */
|
|
ai = *pai; /* XXX: we can't override constant pai */
|
|
ai.ai_family = AF_INET6;
|
|
memset(&in6, 0, sizeof(in6)); /* just for safety */
|
|
cur->ai_next = a6_expand(ansbuf, cp, n, arp, eom,
|
|
&in6, 128,
|
|
(const struct addrinfo *)&ai,
|
|
pvt, name_ok, &error);
|
|
if (error != NETDB_SUCCESS) {
|
|
#ifdef DEBUG
|
|
/* in this case, cur->ai_next must be NULL. */
|
|
if (cur->ai_next != NULL)
|
|
abort();
|
|
#endif
|
|
had_error++;
|
|
continue;
|
|
}
|
|
|
|
/*
|
|
* We don't bother even if cur->ai_next is NULL unless
|
|
* the expansion failed by a fatal error. The list
|
|
* can be NULL if the given A6 is incomplete, but we
|
|
* may have another complete A6 chain in this answer.
|
|
* See the last paragraph of RFC 2874 Section 3.1.4.
|
|
*/
|
|
if (cur->ai_next == NULL) {
|
|
cp += n;
|
|
continue; /* no error, no answer */
|
|
}
|
|
goto convertinfo;
|
|
} /* FALLTHROUGH */
|
|
case T_A:
|
|
case T_AAAA:
|
|
if (ns_samename(hname, bp) != 1) {
|
|
cp += n;
|
|
continue;
|
|
}
|
|
if (type == T_A && n != INADDRSZ) {
|
|
cp += n;
|
|
continue;
|
|
}
|
|
if (type == T_AAAA && n != IN6ADDRSZ) {
|
|
cp += n;
|
|
continue;
|
|
}
|
|
|
|
/* make addrinfo. don't overwrite constant PAI */
|
|
ai = *pai;
|
|
ai.ai_family = (type == T_AAAA) ? AF_INET6 : AF_INET;
|
|
cur->ai_next = addr2addrinfo(
|
|
(const struct addrinfo *)&ai,
|
|
(const char *)cp);
|
|
if (cur->ai_next == NULL)
|
|
had_error++;
|
|
|
|
convertinfo: /* convert addrinfo into hostent form */
|
|
if (!haveanswer) {
|
|
int nn;
|
|
|
|
nn = strlen(bp) + 1; /* for the \0 */
|
|
if (nn >= MAXHOSTNAMELEN) {
|
|
cp += n;
|
|
had_error++;
|
|
continue;
|
|
}
|
|
pvt->host.h_name = bp;
|
|
hname = bp;
|
|
bp += nn;
|
|
}
|
|
/* Ensure alignment. */
|
|
bp = (char *)(((u_long)bp + (sizeof(align) - 1)) &
|
|
~(sizeof(align) - 1));
|
|
/* Avoid overflows. */
|
|
if (bp + n >= &pvt->hostbuf[sizeof pvt->hostbuf]) {
|
|
had_error++;
|
|
continue;
|
|
}
|
|
if (ret_aip) { /* need addrinfo. keep it. */
|
|
while (cur && cur->ai_next)
|
|
cur = cur->ai_next;
|
|
} else if (cur->ai_next) { /* need hostent */
|
|
struct addrinfo *aip = cur->ai_next;
|
|
|
|
for (aip = cur->ai_next; aip;
|
|
aip = aip->ai_next) {
|
|
int m;
|
|
|
|
m = add_hostent(pvt, bp, hap, aip);
|
|
if (m < 0) {
|
|
had_error++;
|
|
break;
|
|
}
|
|
if (m == 0)
|
|
continue;
|
|
if (hap < &pvt->h_addr_ptrs[MAXADDRS-1])
|
|
hap++;
|
|
|
|
bp += m;
|
|
}
|
|
|
|
freeaddrinfo(cur->ai_next);
|
|
cur->ai_next = NULL;
|
|
}
|
|
cp += n;
|
|
break;
|
|
default:
|
|
abort();
|
|
}
|
|
if (!had_error)
|
|
haveanswer++;
|
|
}
|
|
if (haveanswer) {
|
|
if (ret_aip == NULL) {
|
|
*ap = NULL;
|
|
*hap = NULL;
|
|
|
|
if (pvt->res->nsort && haveanswer > 1 && qtype == T_A)
|
|
addrsort(pvt->res, pvt->h_addr_ptrs,
|
|
haveanswer);
|
|
if (pvt->host.h_name == NULL) {
|
|
n = strlen(qname) + 1; /* for the \0 */
|
|
if (n > (ep - bp) || n >= MAXHOSTNAMELEN)
|
|
goto no_recovery;
|
|
strcpy(bp, qname);
|
|
pvt->host.h_name = bp;
|
|
bp += n;
|
|
}
|
|
if (pvt->res->options & RES_USE_INET6)
|
|
map_v4v6_hostent(&pvt->host, &bp, ep);
|
|
RES_SET_H_ERRNO(pvt->res, NETDB_SUCCESS);
|
|
return (&pvt->host);
|
|
} else {
|
|
if ((pai->ai_flags & AI_CANONNAME) != 0) {
|
|
if (pvt->host.h_name == NULL) {
|
|
sentinel.ai_next->ai_canonname =
|
|
strdup(qname);
|
|
}
|
|
else {
|
|
sentinel.ai_next->ai_canonname =
|
|
strdup(pvt->host.h_name);
|
|
}
|
|
}
|
|
*ret_aip = sentinel.ai_next;
|
|
return(NULL);
|
|
}
|
|
}
|
|
no_recovery:
|
|
if (sentinel.ai_next) {
|
|
/* this should be impossible, but check it for safety */
|
|
freeaddrinfo(sentinel.ai_next);
|
|
}
|
|
if (error == NETDB_SUCCESS)
|
|
RES_SET_H_ERRNO(pvt->res, NO_RECOVERY);
|
|
else
|
|
RES_SET_H_ERRNO(pvt->res, error);
|
|
return(NULL);
|
|
}
|
|
|
|
static int
|
|
add_hostent(struct pvt *pvt, char *bp, char **hap, struct addrinfo *ai)
|
|
{
|
|
int addrlen;
|
|
char *addrp;
|
|
const char **tap;
|
|
char *obp = bp;
|
|
|
|
switch(ai->ai_addr->sa_family) {
|
|
case AF_INET6:
|
|
addrlen = IN6ADDRSZ;
|
|
addrp = (char *)&((struct sockaddr_in6 *)ai->ai_addr)->sin6_addr;
|
|
break;
|
|
case AF_INET:
|
|
addrlen = INADDRSZ;
|
|
addrp = (char *)&((struct sockaddr_in *)ai->ai_addr)->sin_addr;
|
|
break;
|
|
default:
|
|
return(-1); /* abort? */
|
|
}
|
|
|
|
/* Ensure alignment. */
|
|
bp = (char *)(((u_long)bp + (sizeof(align) - 1)) &
|
|
~(sizeof(align) - 1));
|
|
/* Avoid overflows. */
|
|
if (bp + addrlen >= &pvt->hostbuf[sizeof pvt->hostbuf])
|
|
return(-1);
|
|
if (hap >= &pvt->h_addr_ptrs[MAXADDRS-1])
|
|
return(0); /* fail, but not treat it as an error. */
|
|
|
|
/* Suppress duplicates. */
|
|
for (tap = (const char **)pvt->h_addr_ptrs;
|
|
*tap != NULL;
|
|
tap++)
|
|
if (memcmp(*tap, addrp, addrlen) == 0)
|
|
break;
|
|
if (*tap != NULL)
|
|
return (0);
|
|
|
|
memcpy(*hap = bp, addrp, addrlen);
|
|
return((bp + addrlen) - obp);
|
|
}
|
|
|
|
static void
|
|
map_v4v6_hostent(struct hostent *hp, char **bpp, char *ep) {
|
|
char **ap;
|
|
|
|
if (hp->h_addrtype != AF_INET || hp->h_length != INADDRSZ)
|
|
return;
|
|
hp->h_addrtype = AF_INET6;
|
|
hp->h_length = IN6ADDRSZ;
|
|
for (ap = hp->h_addr_list; *ap; ap++) {
|
|
int i = (u_long)*bpp % sizeof(align);
|
|
|
|
if (i != 0)
|
|
i = sizeof(align) - i;
|
|
|
|
if ((ep - *bpp) < (i + IN6ADDRSZ)) {
|
|
/* Out of memory. Truncate address list here. */
|
|
*ap = NULL;
|
|
return;
|
|
}
|
|
*bpp += i;
|
|
map_v4v6_address(*ap, *bpp);
|
|
*ap = *bpp;
|
|
*bpp += IN6ADDRSZ;
|
|
}
|
|
}
|
|
|
|
static void
|
|
addrsort(res_state statp, char **ap, int num) {
|
|
int i, j, needsort = 0, aval[MAXADDRS];
|
|
char **p;
|
|
|
|
p = ap;
|
|
for (i = 0; i < num; i++, p++) {
|
|
for (j = 0 ; (unsigned)j < statp->nsort; j++)
|
|
if (statp->sort_list[j].addr.s_addr ==
|
|
(((struct in_addr *)(*p))->s_addr &
|
|
statp->sort_list[j].mask))
|
|
break;
|
|
aval[i] = j;
|
|
if (needsort == 0 && i > 0 && j < aval[i-1])
|
|
needsort = i;
|
|
}
|
|
if (!needsort)
|
|
return;
|
|
|
|
while (needsort < num) {
|
|
for (j = needsort - 1; j >= 0; j--) {
|
|
if (aval[j] > aval[j+1]) {
|
|
char *hp;
|
|
|
|
i = aval[j];
|
|
aval[j] = aval[j+1];
|
|
aval[j+1] = i;
|
|
|
|
hp = ap[j];
|
|
ap[j] = ap[j+1];
|
|
ap[j+1] = hp;
|
|
|
|
} else
|
|
break;
|
|
}
|
|
needsort++;
|
|
}
|
|
}
|
|
|
|
static int
|
|
init(struct irs_ho *this) {
|
|
struct pvt *pvt = (struct pvt *)this->private;
|
|
|
|
if (!pvt->res && !ho_res_get(this))
|
|
return (-1);
|
|
if (((pvt->res->options & RES_INIT) == 0) &&
|
|
res_ninit(pvt->res) == -1)
|
|
return (-1);
|
|
return (0);
|
|
}
|