2 Unix SMB/CIFS implementation.
4 async getaddrinfo()/dns_lookup() name resolution module
6 Copyright (C) Andrew Tridgell 2005
7 Copyright (C) Stefan Metzmacher 2008
8 Copyright (C) Matthieu Patou 2011
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 this module uses a fork() per getaddrinfo() or dns_looup() call.
26 At first that might seem crazy, but it is actually very fast,
27 and solves many of the tricky problems of keeping a child
28 hanging around in a librar (like what happens when the parent forks).
29 We use a talloc destructor to ensure that the child is cleaned up
30 when we have finished with this name resolution.
34 #include "lib/events/events.h"
35 #include "system/network.h"
36 #include "system/filesys.h"
37 #include "lib/socket/socket.h"
38 #include "libcli/composite/composite.h"
39 #include "librpc/gen_ndr/ndr_nbt.h"
40 #include "libcli/resolve/resolve.h"
41 #include "lib/util/util_net.h"
47 #include "heimdal/lib/roken/resolve.h"
54 struct socket_address
**addrs
;
58 struct tevent_fd
*fde
;
59 struct tevent_context
*event_ctx
;
63 kill off a wayward child if needed. This allows us to stop an async
64 name resolution without leaving a potentially blocking call running
67 static int dns_ex_destructor(struct dns_ex_state
*state
)
71 kill(state
->child
, SIGTERM
);
72 if (waitpid(state
->child
, &status
, WNOHANG
) == 0) {
73 kill(state
->child
, SIGKILL
);
74 waitpid(state
->child
, &status
, 0);
80 static uint32_t count_dns_rr(struct rk_resource_record
*head
, unsigned record_type
)
83 struct rk_resource_record
*rr
;
85 for (rr
=head
; rr
; rr
=rr
->next
) {
87 /* we are only interested in the IN class */
88 if (rr
->class != rk_ns_c_in
) {
92 if (rr
->type
== rk_ns_t_ns
) {
94 * Record that will follow will be related to the NS
95 * not what we are really interested with.
96 * It's a good idea not to count them
100 /* we are only interested by requested record */
101 if (rr
->type
!= record_type
) {
105 switch(record_type
) {
108 /* verify we actually have a SRV record here */
113 /* Verify we got a port */
114 if (rr
->u
.srv
->port
== 0) {
121 /* verify we actually have a record here */
136 struct dns_records_container
{
141 static char* rr_to_string(TALLOC_CTX
*mem_ctx
,
142 struct rk_resource_record
*rr
,
145 char addrstr
[INET6_ADDRSTRLEN
];
150 if (inet_ntop(AF_INET
, rr
->u
.a
,
151 addrstr
, sizeof(addrstr
)) == NULL
) {
157 if (inet_ntop(AF_INET6
, (struct in6_addr
*)rr
->u
.data
,
158 addrstr
, sizeof(addrstr
)) == NULL
) {
167 addr
= talloc_asprintf(mem_ctx
, "%s@%u/%s", addrstr
,
173 static struct dns_records_container
get_a_aaaa_records(TALLOC_CTX
*mem_ctx
,
177 struct rk_dns_reply
*reply
, *reply2
, *rep
, *tmp
[3];
178 struct rk_resource_record
*rr
;
179 struct dns_records_container ret
;
181 uint32_t count
, count2
, total
;
184 memset(&ret
, 0, sizeof(struct dns_records_container
));
185 /* this is the blocking call we are going to lots of trouble
186 to avoid them in the parent */
187 reply
= rk_dns_lookup(name
, "AAAA");
193 count
= count_dns_rr(reply
->head
, rk_ns_t_aaaa
);
194 count2
= count_dns_rr(reply
->head
, rk_ns_t_a
);
198 * DNS server didn't returned A when asked for AAAA records.
199 * Most of the server do it, let's ask for A specificaly.
201 reply2
= rk_dns_lookup(name
, "A");
207 /* Some servers (Microsoft at least return here AAAA records .... */
208 count
+= count_dns_rr(reply2
->head
, rk_ns_t_aaaa
);
209 count2
= count_dns_rr(reply2
->head
, rk_ns_t_a
);
215 reply
= rk_dns_lookup(name
, "A");
221 count
= count_dns_rr(reply
->head
, rk_ns_t_a
);
229 addrs
= talloc_zero_array(mem_ctx
, char*, count
);
236 /* Loop over all returned records and pick the records */
237 for (i
=0; tmp
[i
] != NULL
; i
++) {
239 for (rr
=rep
->head
; rr
; rr
=rr
->next
) {
240 /* we are only interested in the IN class */
241 if (rr
->class != rk_ns_c_in
) {
245 if (rr
->type
== rk_ns_t_ns
) {
247 * After the record for NS will come the A or AAAA
253 /* we are only interested in A and AAAA records */
254 if (rr
->type
!= rk_ns_t_a
&& rr
->type
!= rk_ns_t_aaaa
) {
258 /* verify we actually have a record here */
263 addrs
[total
] = rr_to_string(addrs
, rr
, port
);
276 rk_dns_free_data(reply
);
279 rk_dns_free_data(reply2
);
284 static struct dns_records_container
get_srv_records(TALLOC_CTX
*mem_ctx
,
287 struct rk_dns_reply
*reply
;
288 struct rk_resource_record
*rr
;
289 struct dns_records_container ret
;
291 uint32_t count
, total
;
293 memset(&ret
, 0, sizeof(struct dns_records_container
));
294 /* this is the blocking call we are going to lots of trouble
295 to avoid them in the parent */
296 reply
= rk_dns_lookup(name
, "SRV");
302 rk_dns_srv_order(reply
);
303 count
= count_dns_rr(reply
->head
, rk_ns_t_srv
);
310 /* Loop over all returned records and pick the records */
311 for (rr
=reply
->head
; rr
; rr
=rr
->next
) {
312 struct dns_records_container c
;
314 /* we are only interested in the IN class */
315 if (rr
->class != rk_ns_c_in
) {
319 /* we are only interested in SRV records */
320 if (rr
->type
!= rk_ns_t_srv
) {
324 /* verify we actually have a srv record here */
329 /* Verify we got a port */
330 if (rr
->u
.srv
->port
== 0) {
334 tmp_str
= rr
->u
.srv
->target
;
335 if (strchr(tmp_str
, '.') && tmp_str
[strlen(tmp_str
)-1] != '.') {
336 /* we are asking for a fully qualified name, but the
337 name doesn't end in a '.'. We need to prevent the
338 DNS library trying the search domains configured in
340 tmp_str
= talloc_asprintf(mem_ctx
, "%s.", tmp_str
);
343 c
= get_a_aaaa_records(mem_ctx
, tmp_str
, rr
->u
.srv
->port
);
350 addrs
= talloc_realloc(mem_ctx
, addrs
, char*, total
);
351 for (j
=0; j
< c
.count
; j
++) {
352 addrs
[total
- j
- 1] = talloc_steal(addrs
, c
.list
[j
]);
365 rk_dns_free_data(reply
);
372 static void run_child_dns_lookup(struct dns_ex_state
*state
, int fd
)
375 bool do_srv
= (state
->flags
& RESOLVE_NAME_FLAG_DNS_SRV
);
376 struct dns_records_container c
;
380 if (strchr(state
->name
.name
, '.') && state
->name
.name
[strlen(state
->name
.name
)-1] != '.') {
381 /* we are asking for a fully qualified name, but the
382 name doesn't end in a '.'. We need to prevent the
383 DNS library trying the search domains configured in
385 state
->name
.name
= talloc_strdup_append(discard_const_p(char, state
->name
.name
),
391 c
= get_srv_records(state
, state
->name
.name
);
393 c
= get_a_aaaa_records(state
, state
->name
.name
, state
->port
);
396 /* This line in critical - if we return without writing to the
397 * pipe, this is the signal that the name did not exist */
402 addrs
= talloc_strdup(state
, "");
408 for (i
=0; i
< c
.count
; i
++) {
409 addrs
= talloc_asprintf_append_buffer(addrs
, "%s%s",
416 DEBUG(11, ("Addrs = %s\n", addrs
));
417 write(fd
, addrs
, talloc_get_size(addrs
));
427 static void run_child_getaddrinfo(struct dns_ex_state
*state
, int fd
)
430 struct addrinfo hints
;
431 struct addrinfo
*res
;
432 struct addrinfo
*res_list
= NULL
;
437 hints
.ai_socktype
= SOCK_STREAM
;
438 hints
.ai_flags
= AI_ADDRCONFIG
| AI_NUMERICSERV
;
440 ret
= getaddrinfo(state
->name
.name
, "0", &hints
, &res_list
);
441 /* try to fallback in case of error */
442 if (state
->do_fallback
) {
448 /* getaddrinfo() doesn't handle CNAME records */
449 run_child_dns_lookup(state
, fd
);
459 addrs
= talloc_strdup(state
, "");
464 for (res
= res_list
; res
; res
= res
->ai_next
) {
465 char addrstr
[INET6_ADDRSTRLEN
];
466 if (!print_sockaddr_len(addrstr
, sizeof(addrstr
), (struct sockaddr
*)res
->ai_addr
, res
->ai_addrlen
)) {
469 addrs
= talloc_asprintf_append_buffer(addrs
, "%s%s@%u/%s",
481 write(fd
, addrs
, talloc_get_size(addrs
));
485 freeaddrinfo(res_list
);
491 handle a read event on the pipe
493 static void pipe_handler(struct tevent_context
*ev
, struct tevent_fd
*fde
,
494 uint16_t flags
, void *private_data
)
496 struct composite_context
*c
= talloc_get_type(private_data
, struct composite_context
);
497 struct dns_ex_state
*state
= talloc_get_type(c
->private_data
,
498 struct dns_ex_state
);
500 uint32_t num_addrs
, i
;
506 /* if we get any event from the child then we know that we
507 won't need to kill it off */
508 talloc_set_destructor(state
, NULL
);
510 if (ioctl(state
->child_fd
, FIONREAD
, &value
) != 0) {
514 address
= talloc_array(state
, char, value
+1);
516 /* yes, we don't care about EAGAIN or other niceities
517 here. They just can't happen with this parent/child
518 relationship, and even if they did then giving an error is
519 the right thing to do */
520 ret
= read(state
->child_fd
, address
, value
);
524 if (waitpid(state
->child
, &status
, WNOHANG
) == 0) {
525 kill(state
->child
, SIGKILL
);
526 waitpid(state
->child
, &status
, 0);
530 /* The check for ret == 0 here is important, if the
531 * name does not exist, then no bytes are written to
533 DEBUG(3,("dns child failed to find name '%s' of type %s\n",
534 state
->name
.name
, (state
->flags
& RESOLVE_NAME_FLAG_DNS_SRV
)?"SRV":"A"));
535 composite_error(c
, NT_STATUS_OBJECT_NAME_NOT_FOUND
);
539 /* enusre the address looks good */
542 addrs
= str_list_make(state
, address
, ",");
543 if (composite_nomem(addrs
, c
)) return;
545 num_addrs
= str_list_length((const char * const *)addrs
);
547 state
->addrs
= talloc_array(state
, struct socket_address
*,
549 if (composite_nomem(state
->addrs
, c
)) return;
551 state
->names
= talloc_array(state
, char *, num_addrs
+1);
552 if (composite_nomem(state
->names
, c
)) return;
554 for (i
=0; i
< num_addrs
; i
++) {
556 char *p
= strrchr(addrs
[i
], '@');
560 composite_error(c
, NT_STATUS_OBJECT_NAME_NOT_FOUND
);
569 composite_error(c
, NT_STATUS_OBJECT_NAME_NOT_FOUND
);
576 if (strcmp(addrs
[i
], "0.0.0.0") == 0) {
577 composite_error(c
, NT_STATUS_OBJECT_NAME_NOT_FOUND
);
580 port
= strtoul(p
, NULL
, 10);
581 if (port
> UINT16_MAX
) {
582 composite_error(c
, NT_STATUS_OBJECT_NAME_NOT_FOUND
);
585 state
->addrs
[i
] = socket_address_from_strings(state
->addrs
,
589 if (composite_nomem(state
->addrs
[i
], c
)) return;
591 state
->names
[i
] = talloc_strdup(state
->names
, n
);
592 if (composite_nomem(state
->names
[i
], c
)) return;
594 state
->addrs
[i
] = NULL
;
595 state
->names
[i
] = NULL
;
601 getaddrinfo() or dns_lookup() name resolution method - async send
603 struct composite_context
*resolve_name_dns_ex_send(TALLOC_CTX
*mem_ctx
,
604 struct tevent_context
*event_ctx
,
608 struct nbt_name
*name
,
611 struct composite_context
*c
;
612 struct dns_ex_state
*state
;
613 int fd
[2] = { -1, -1 };
616 c
= composite_create(mem_ctx
, event_ctx
);
617 if (c
== NULL
) return NULL
;
619 if (flags
& RESOLVE_NAME_FLAG_FORCE_NBT
) {
620 composite_error(c
, NT_STATUS_OBJECT_NAME_NOT_FOUND
);
624 state
= talloc_zero(c
, struct dns_ex_state
);
625 if (composite_nomem(state
, c
)) return c
;
626 c
->private_data
= state
;
628 c
->status
= nbt_name_dup(state
, name
, &state
->name
);
629 if (!composite_is_ok(c
)) return c
;
631 /* setup a pipe to chat to our child */
634 composite_error(c
, map_nt_error_from_unix_common(errno
));
638 state
->do_fallback
= do_fallback
;
639 state
->flags
= flags
;
642 state
->child_fd
= fd
[0];
643 state
->event_ctx
= c
->event_ctx
;
645 /* we need to put the child in our event context so
646 we know when the dns_lookup() has finished */
647 state
->fde
= tevent_add_fd(c
->event_ctx
, c
, state
->child_fd
, TEVENT_FD_READ
,
649 if (composite_nomem(state
->fde
, c
)) {
654 tevent_fd_set_auto_close(state
->fde
);
656 state
->child
= fork();
657 if (state
->child
== (pid_t
)-1) {
658 composite_error(c
, map_nt_error_from_unix_common(errno
));
662 if (state
->child
== 0) {
664 if (state
->flags
& RESOLVE_NAME_FLAG_FORCE_DNS
) {
665 run_child_dns_lookup(state
, fd
[1]);
667 run_child_getaddrinfo(state
, fd
[1]);
673 /* cleanup wayward children */
674 talloc_set_destructor(state
, dns_ex_destructor
);
680 getaddrinfo() or dns_lookup() name resolution method - recv side
682 NTSTATUS
resolve_name_dns_ex_recv(struct composite_context
*c
,
684 struct socket_address
***addrs
,
689 status
= composite_wait(c
);
691 if (NT_STATUS_IS_OK(status
)) {
692 struct dns_ex_state
*state
= talloc_get_type(c
->private_data
,
693 struct dns_ex_state
);
694 *addrs
= talloc_steal(mem_ctx
, state
->addrs
);
696 *names
= talloc_steal(mem_ctx
, state
->names
);