2 Unix SMB/CIFS implementation.
4 async getaddrinfo()/dns_lookup() name resolution module
6 Copyright (C) Andrew Tridgell 2005
7 Copyright (C) Stefan Metzmacher 2008
8 Copyright (C) Matthieu Patou 2011
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 this module uses a fork() per getaddrinfo() or dns_looup() call.
26 At first that might seem crazy, but it is actually very fast,
27 and solves many of the tricky problems of keeping a child
28 hanging around in a librar (like what happens when the parent forks).
29 We use a talloc destructor to ensure that the child is cleaned up
30 when we have finished with this name resolution.
34 #include "lib/events/events.h"
35 #include "system/network.h"
36 #include "system/filesys.h"
37 #include "lib/socket/socket.h"
38 #include "libcli/composite/composite.h"
39 #include "librpc/gen_ndr/ndr_nbt.h"
40 #include "libcli/resolve/resolve.h"
41 #include "lib/util/util_net.h"
47 #include "heimdal/lib/roken/resolve.h"
54 struct socket_address
**addrs
;
58 struct tevent_fd
*fde
;
59 struct tevent_context
*event_ctx
;
63 kill off a wayward child if needed. This allows us to stop an async
64 name resolution without leaving a potentially blocking call running
67 static int dns_ex_destructor(struct dns_ex_state
*state
)
71 kill(state
->child
, SIGTERM
);
72 if (waitpid(state
->child
, &status
, WNOHANG
) == 0) {
73 kill(state
->child
, SIGKILL
);
74 waitpid(state
->child
, &status
, 0);
80 static uint32_t count_dns_rr(struct rk_resource_record
*head
, unsigned record_type
)
83 struct rk_resource_record
*rr
;
85 for (rr
=head
; rr
; rr
=rr
->next
) {
87 /* we are only interested in the IN class */
88 if (rr
->class != rk_ns_c_in
) {
92 /* we are only interested by requested record */
93 if (rr
->type
!= record_type
) {
100 /* verify we actually have a SRV record here */
105 /* Verify we got a port */
106 if (rr
->u
.srv
->port
== 0) {
113 /* verify we actually have a record here */
128 struct dns_records_container
{
133 static char* rr_to_string(TALLOC_CTX
*mem_ctx
,
134 struct rk_resource_record
*rr
,
137 char addrstr
[INET6_ADDRSTRLEN
];
142 if (inet_ntop(AF_INET
, rr
->u
.a
,
143 addrstr
, sizeof(addrstr
)) == NULL
) {
149 if (inet_ntop(AF_INET6
, (struct in6_addr
*)rr
->u
.data
,
150 addrstr
, sizeof(addrstr
)) == NULL
) {
159 addr
= talloc_asprintf(mem_ctx
, "%s@%u/%s", addrstr
,
165 static struct dns_records_container
get_a_aaaa_records(TALLOC_CTX
*mem_ctx
,
169 struct rk_dns_reply
*reply
, *reply2
, *rep
, *tmp
[3];
170 struct rk_resource_record
*rr
;
171 struct dns_records_container ret
;
173 uint32_t count
, count2
, total
;
176 memset(&ret
, 0, sizeof(struct dns_records_container
));
177 /* this is the blocking call we are going to lots of trouble
178 to avoid them in the parent */
179 reply
= rk_dns_lookup(name
, "AAAA");
185 count
= count_dns_rr(reply
->head
, rk_ns_t_aaaa
);
186 count2
= count_dns_rr(reply
->head
, rk_ns_t_a
);
190 * DNS server didn't returned A when asked for AAAA records.
191 * Most of the server do it, let's ask for A specificaly.
193 reply2
= rk_dns_lookup(name
, "A");
199 count2
= count_dns_rr(reply2
->head
, rk_ns_t_a
);
205 reply
= rk_dns_lookup(name
, "A");
211 count
= count_dns_rr(reply
->head
, rk_ns_t_a
);
219 addrs
= talloc_zero_array(mem_ctx
, char*, count
);
226 /* Loop over all returned records and pick the records */
227 for (i
=0; tmp
[i
] != NULL
; i
++) {
229 for (rr
=rep
->head
; rr
; rr
=rr
->next
) {
230 /* we are only interested in the IN class */
231 if (rr
->class != rk_ns_c_in
) {
235 /* we are only interested in A and AAAA records */
236 if (rr
->type
!= rk_ns_t_a
&& rr
->type
!= rk_ns_t_aaaa
) {
240 /* verify we actually have a record here */
244 rr_to_string(mem_ctx
, rr
, port
);
245 addrs
[total
] = rr_to_string(mem_ctx
, rr
, port
);
258 rk_dns_free_data(reply
);
261 rk_dns_free_data(reply2
);
266 static struct dns_records_container
get_srv_records(TALLOC_CTX
*mem_ctx
,
269 struct rk_dns_reply
*reply
;
270 struct rk_resource_record
*rr
;
271 struct dns_records_container ret
;
273 uint32_t count
, total
;
275 memset(&ret
, 0, sizeof(struct dns_records_container
));
276 /* this is the blocking call we are going to lots of trouble
277 to avoid them in the parent */
278 reply
= rk_dns_lookup(name
, "SRV");
284 rk_dns_srv_order(reply
);
285 count
= count_dns_rr(reply
->head
, rk_ns_t_srv
);
292 /* Loop over all returned records and pick the records */
293 for (rr
=reply
->head
; rr
; rr
=rr
->next
) {
294 struct dns_records_container c
;
296 /* we are only interested in the IN class */
297 if (rr
->class != rk_ns_c_in
) {
301 /* we are only interested in SRV records */
302 if (rr
->type
!= rk_ns_t_srv
) {
306 /* verify we actually have a srv record here */
311 /* Verify we got a port */
312 if (rr
->u
.srv
->port
== 0) {
316 tmp_str
= rr
->u
.srv
->target
;
317 if (strchr(tmp_str
, '.') && tmp_str
[strlen(tmp_str
)-1] != '.') {
318 /* we are asking for a fully qualified name, but the
319 name doesn't end in a '.'. We need to prevent the
320 DNS library trying the search domains configured in
322 tmp_str
= talloc_asprintf(mem_ctx
, "%s.", tmp_str
);
325 c
= get_a_aaaa_records(mem_ctx
, tmp_str
, rr
->u
.srv
->port
);
332 addrs
= talloc_realloc(mem_ctx
, addrs
, char*, total
);
333 for (j
=0; j
< c
.count
; j
++) {
334 addrs
[total
- j
- 1] = talloc_steal(addrs
, c
.list
[j
]);
347 rk_dns_free_data(reply
);
354 static void run_child_dns_lookup(struct dns_ex_state
*state
, int fd
)
357 bool do_srv
= (state
->flags
& RESOLVE_NAME_FLAG_DNS_SRV
);
358 struct dns_records_container c
;
362 if (strchr(state
->name
.name
, '.') && state
->name
.name
[strlen(state
->name
.name
)-1] != '.') {
363 /* we are asking for a fully qualified name, but the
364 name doesn't end in a '.'. We need to prevent the
365 DNS library trying the search domains configured in
367 state
->name
.name
= talloc_strdup_append(discard_const_p(char, state
->name
.name
),
373 c
= get_srv_records(state
, state
->name
.name
);
375 c
= get_a_aaaa_records(state
, state
->name
.name
, state
->port
);
378 addrs
= talloc_strdup(state
, "");
384 for (i
=0; i
< c
.count
; i
++) {
385 addrs
= talloc_asprintf_append_buffer(addrs
, "%s%s",
392 DEBUG(11, ("Addrs = %s\n", addrs
));
393 write(fd
, addrs
, talloc_get_size(addrs
));
403 static void run_child_getaddrinfo(struct dns_ex_state
*state
, int fd
)
406 struct addrinfo hints
;
407 struct addrinfo
*res
;
408 struct addrinfo
*res_list
= NULL
;
413 hints
.ai_socktype
= SOCK_STREAM
;
414 hints
.ai_flags
= AI_ADDRCONFIG
| AI_NUMERICSERV
;
416 ret
= getaddrinfo(state
->name
.name
, "0", &hints
, &res_list
);
417 /* try to fallback in case of error */
418 if (state
->do_fallback
) {
424 /* getaddrinfo() doesn't handle CNAME records */
425 run_child_dns_lookup(state
, fd
);
435 addrs
= talloc_strdup(state
, "");
440 for (res
= res_list
; res
; res
= res
->ai_next
) {
441 char addrstr
[INET6_ADDRSTRLEN
];
442 if (!print_sockaddr_len(addrstr
, sizeof(addrstr
), (struct sockaddr
*)res
->ai_addr
, res
->ai_addrlen
)) {
445 addrs
= talloc_asprintf_append_buffer(addrs
, "%s%s@%u/%s",
457 write(fd
, addrs
, talloc_get_size(addrs
));
461 freeaddrinfo(res_list
);
467 handle a read event on the pipe
469 static void pipe_handler(struct tevent_context
*ev
, struct tevent_fd
*fde
,
470 uint16_t flags
, void *private_data
)
472 struct composite_context
*c
= talloc_get_type(private_data
, struct composite_context
);
473 struct dns_ex_state
*state
= talloc_get_type(c
->private_data
,
474 struct dns_ex_state
);
476 uint32_t num_addrs
, i
;
482 /* if we get any event from the child then we know that we
483 won't need to kill it off */
484 talloc_set_destructor(state
, NULL
);
486 if (ioctl(state
->child_fd
, FIONREAD
, &value
) != 0) {
490 address
= talloc_array(state
, char, value
+1);
492 /* yes, we don't care about EAGAIN or other niceities
493 here. They just can't happen with this parent/child
494 relationship, and even if they did then giving an error is
495 the right thing to do */
496 ret
= read(state
->child_fd
, address
, value
);
500 if (waitpid(state
->child
, &status
, WNOHANG
) == 0) {
501 kill(state
->child
, SIGKILL
);
502 waitpid(state
->child
, &status
, 0);
506 DEBUG(3,("dns child failed to find name '%s' of type %s\n",
507 state
->name
.name
, (state
->flags
& RESOLVE_NAME_FLAG_DNS_SRV
)?"SRV":"A"));
508 composite_error(c
, NT_STATUS_OBJECT_NAME_NOT_FOUND
);
512 /* enusre the address looks good */
515 addrs
= str_list_make(state
, address
, ",");
516 if (composite_nomem(addrs
, c
)) return;
518 num_addrs
= str_list_length((const char * const *)addrs
);
520 state
->addrs
= talloc_array(state
, struct socket_address
*,
522 if (composite_nomem(state
->addrs
, c
)) return;
524 state
->names
= talloc_array(state
, char *, num_addrs
+1);
525 if (composite_nomem(state
->names
, c
)) return;
527 for (i
=0; i
< num_addrs
; i
++) {
529 char *p
= strrchr(addrs
[i
], '@');
533 composite_error(c
, NT_STATUS_OBJECT_NAME_NOT_FOUND
);
542 composite_error(c
, NT_STATUS_OBJECT_NAME_NOT_FOUND
);
549 if (strcmp(addrs
[i
], "0.0.0.0") == 0) {
550 composite_error(c
, NT_STATUS_OBJECT_NAME_NOT_FOUND
);
553 port
= strtoul(p
, NULL
, 10);
554 if (port
> UINT16_MAX
) {
555 composite_error(c
, NT_STATUS_OBJECT_NAME_NOT_FOUND
);
558 state
->addrs
[i
] = socket_address_from_strings(state
->addrs
,
562 if (composite_nomem(state
->addrs
[i
], c
)) return;
564 state
->names
[i
] = talloc_strdup(state
->names
, n
);
565 if (composite_nomem(state
->names
[i
], c
)) return;
567 state
->addrs
[i
] = NULL
;
568 state
->names
[i
] = NULL
;
574 getaddrinfo() or dns_lookup() name resolution method - async send
576 struct composite_context
*resolve_name_dns_ex_send(TALLOC_CTX
*mem_ctx
,
577 struct tevent_context
*event_ctx
,
581 struct nbt_name
*name
,
584 struct composite_context
*c
;
585 struct dns_ex_state
*state
;
586 int fd
[2] = { -1, -1 };
589 c
= composite_create(mem_ctx
, event_ctx
);
590 if (c
== NULL
) return NULL
;
592 if (flags
& RESOLVE_NAME_FLAG_FORCE_NBT
) {
593 composite_error(c
, NT_STATUS_OBJECT_NAME_NOT_FOUND
);
597 state
= talloc_zero(c
, struct dns_ex_state
);
598 if (composite_nomem(state
, c
)) return c
;
599 c
->private_data
= state
;
601 c
->status
= nbt_name_dup(state
, name
, &state
->name
);
602 if (!composite_is_ok(c
)) return c
;
604 /* setup a pipe to chat to our child */
607 composite_error(c
, map_nt_error_from_unix_common(errno
));
611 state
->do_fallback
= do_fallback
;
612 state
->flags
= flags
;
615 state
->child_fd
= fd
[0];
616 state
->event_ctx
= c
->event_ctx
;
618 /* we need to put the child in our event context so
619 we know when the dns_lookup() has finished */
620 state
->fde
= tevent_add_fd(c
->event_ctx
, c
, state
->child_fd
, TEVENT_FD_READ
,
622 if (composite_nomem(state
->fde
, c
)) {
627 tevent_fd_set_auto_close(state
->fde
);
629 state
->child
= fork();
630 if (state
->child
== (pid_t
)-1) {
631 composite_error(c
, map_nt_error_from_unix_common(errno
));
635 if (state
->child
== 0) {
637 if (state
->flags
& RESOLVE_NAME_FLAG_FORCE_DNS
) {
638 run_child_dns_lookup(state
, fd
[1]);
640 run_child_getaddrinfo(state
, fd
[1]);
646 /* cleanup wayward children */
647 talloc_set_destructor(state
, dns_ex_destructor
);
653 getaddrinfo() or dns_lookup() name resolution method - recv side
655 NTSTATUS
resolve_name_dns_ex_recv(struct composite_context
*c
,
657 struct socket_address
***addrs
,
662 status
= composite_wait(c
);
664 if (NT_STATUS_IS_OK(status
)) {
665 struct dns_ex_state
*state
= talloc_get_type(c
->private_data
,
666 struct dns_ex_state
);
667 *addrs
= talloc_steal(mem_ctx
, state
->addrs
);
669 *names
= talloc_steal(mem_ctx
, state
->names
);