X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=secnet.git;a=blobdiff_plain;f=resolver.c;h=8109a27d565388888bef7912588fe97667b569e1;hp=f60b11282e0bbdc41ba5830414903a3ecb0a3479;hb=b2671056cc7c0025fdb52af8c1f3b0844c66dcfe;hpb=90a39563035b70196da9c5bdc7c17a63b64449b0 diff --git a/resolver.c b/resolver.c index f60b112..8109a27 100644 --- a/resolver.c +++ b/resolver.c @@ -2,10 +2,13 @@ #include #include "secnet.h" +#include "util.h" #ifndef HAVE_LIBADNS #error secnet requires ADNS version 1.0 or above #endif #include +#include +#include struct adns { @@ -17,25 +20,79 @@ struct adns { struct query { void *cst; + const char *name; + int port; + struct comm_if *comm; resolve_answer_fn *answer; adns_query query; }; static resolve_request_fn resolve_request; static bool_t resolve_request(void *sst, cstring_t name, + int port, struct comm_if *comm, resolve_answer_fn *cb, void *cst) { struct adns *st=sst; struct query *q; int rv; + const int maxlitlen= +#ifdef CONFIG_IPV6 + ADNS_ADDR2TEXT_BUFLEN*2 +#else + 50 +#endif + ; + ssize_t l=strlen(name); + if (name[0]=='[' && l2 && name[l-1]==']') { + char trimmed[maxlitlen+1]; + memcpy(trimmed,name+1,l-2); + trimmed[l-2]=0; + struct comm_addr ca; + FILLZERO(ca); + ca.comm=comm; + ca.ix=-1; +#ifdef CONFIG_IPV6 + socklen_t salen=sizeof(ca.ia); + rv=adns_text2addr(trimmed, port, adns_qf_addrlit_ipv4_quadonly, + &ca.ia.sa, &salen); + assert(rv!=ENOSPC); + if (rv) { + char msg[250]; + snprintf(msg,sizeof(msg),"invalid address literal: %s", + strerror(rv)); + msg[sizeof(msg)-1]=0; + cb(cst,0,0,name,msg); + } else { + cb(cst,&ca,1,name,0); + } +#else + ca.ia.sin.sin_family=AF_INET; + ca.ia.sin.sin_port=htons(port); + if (inet_aton(trimmed,&ca.ia.sin.sin_addr)) + cb(cst,&ca,1,name,0); + else + cb(cst,0,0,name,"invalid IP address"); +#endif + return True; + } q=safe_malloc(sizeof *q,"resolve_request"); q->cst=cst; + q->comm=comm; + q->port=port; + q->name=name; q->answer=cb; - rv=adns_submit(st->ast, name, adns_r_a, 0, q, &q->query); + rv=adns_submit(st->ast, name, adns_r_addr, 0, q, &q->query); + if (rv) { + Message(M_WARNING, + "resolver: failed to submit lookup for %s: %s",name, + adns_strerror(rv)); + free(q); + return False; + } - return rv==0; + return True; } static int resolver_beforepoll(void *sst, struct pollfd *fds, int *nfds_io, @@ -62,11 +119,43 @@ static void resolver_afterpoll(void *sst, struct pollfd *fds, int nfds) if (rv==0) { q=qp; if (ans->status!=adns_s_ok) { - q->answer(q->cst,NULL); /* Failure */ + q->answer(q->cst,NULL,0,q->name,adns_strerror(ans->status)); free(q); free(ans); } else { - q->answer(q->cst,ans->rrs.inaddr); + int rslot, wslot; + int ca_len=MIN(ans->nrrs,MAX_PEER_ADDRS); + struct comm_addr ca_buf[ca_len]; + FILLZERO(ca_buf); + for (rslot=0, wslot=0; + rslotnrrs && wslotrrs.addr[rslot]; + struct comm_addr *ca=&ca_buf[wslot]; + ca->comm=q->comm; + /* copy fields individually so we leave holes zeroed: */ + switch (ra->addr.sa.sa_family) { + case AF_INET: + assert(ra->len == sizeof(ca->ia.sin)); + ca->ia.sin.sin_family=ra->addr.inet.sin_family; + ca->ia.sin.sin_addr= ra->addr.inet.sin_addr; + ca->ia.sin.sin_port= htons(q->port); + wslot++; + break; +#ifdef CONFIG_IPV6 + case AF_INET6: + assert(ra->len == sizeof(ca->ia.sin6)); + ca->ia.sin6.sin6_family=ra->addr.inet6.sin6_family; + ca->ia.sin6.sin6_addr= ra->addr.inet6.sin6_addr; + ca->ia.sin6.sin6_port= htons(q->port); + wslot++; + break; +#endif /*CONFIG_IPV6*/ + default: + break; + } + } + q->answer(q->cst,ca_buf,wslot,q->name,0); free(q); free(ans); }