X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=secnet.git;a=blobdiff_plain;f=resolver.c;h=a39e9fcde510dea5e96bf81dcf05aad079ea982d;hp=b7c56e3bdc4cd6ea87a16eae3636bde459e8cd35;hb=6b30affc1ec14bf38a73994e8fdd39f26b5bccb3;hpb=389070fed67552c613ce5afd3cdb436f8f8c538f diff --git a/resolver.c b/resolver.c index b7c56e3..a39e9fc 100644 --- a/resolver.c +++ b/resolver.c @@ -2,10 +2,13 @@ #include #include "secnet.h" +#include "util.h" #ifndef HAVE_LIBADNS #error secnet requires ADNS version 1.0 or above #endif #include +#include +#include struct adns { @@ -17,37 +20,88 @@ struct adns { struct query { void *cst; + const char *name; + int port; + struct comm_if *comm; resolve_answer_fn *answer; adns_query query; }; static resolve_request_fn resolve_request; static bool_t resolve_request(void *sst, cstring_t name, + int port, struct comm_if *comm, resolve_answer_fn *cb, void *cst) { struct adns *st=sst; struct query *q; int rv; + const int maxlitlen= +#ifdef CONFIG_IPV6 + ADNS_ADDR2TEXT_BUFLEN*2 +#else + 50 +#endif + ; + ssize_t l=strlen(name); + if (name[0]=='[' && l2 && name[l-1]==']') { + char trimmed[maxlitlen+1]; + memcpy(trimmed,name+1,l-2); + trimmed[l-2]=0; + struct comm_addr ca; + ca.comm=comm; + ca.ix=-1; +#ifdef CONFIG_IPV6 + socklen_t salen=sizeof(ca.ia); + rv=adns_text2addr(trimmed, port, adns_qf_addrlit_ipv4_quadonly, + &ca.ia.sa, &salen); + assert(rv!=ENOSPC); + if (rv) { + char msg[250]; + snprintf(msg,sizeof(msg),"invalid address literal: %s", + strerror(rv)); + msg[sizeof(msg)-1]=0; + cb(cst,0,0,0,name,msg); + } else { + cb(cst,&ca,1,1,name,0); + } +#else + ca.ia.sin.sin_family=AF_INET; + ca.ia.sin.sin_port=htons(port); + if (inet_aton(trimmed,&ca.ia.sin.sin_addr)) + cb(cst,&ca,1,1,name,0); + else + cb(cst,0,0,0,name,"invalid IP address"); +#endif + return True; + } q=safe_malloc(sizeof *q,"resolve_request"); q->cst=cst; + q->comm=comm; + q->port=port; + q->name=name; q->answer=cb; - rv=adns_submit(st->ast, name, adns_r_a, 0, q, &q->query); + rv=adns_submit(st->ast, name, adns_r_addr, 0, q, &q->query); + if (rv) { + Message(M_WARNING, + "resolver: failed to submit lookup for %s: %s",name, + adns_strerror(rv)); + free(q); + return False; + } - return rv==0; + return True; } static int resolver_beforepoll(void *sst, struct pollfd *fds, int *nfds_io, - int *timeout_io, const struct timeval *tv_now, - uint64_t *now) + int *timeout_io) { struct adns *st=sst; return adns_beforepoll(st->ast, fds, nfds_io, timeout_io, tv_now); } -static void resolver_afterpoll(void *sst, struct pollfd *fds, int nfds, - const struct timeval *tv_now, uint64_t *now) +static void resolver_afterpoll(void *sst, struct pollfd *fds, int nfds) { struct adns *st=sst; adns_query aq; @@ -64,11 +118,39 @@ static void resolver_afterpoll(void *sst, struct pollfd *fds, int nfds, if (rv==0) { q=qp; if (ans->status!=adns_s_ok) { - q->answer(q->cst,NULL); /* Failure */ + q->answer(q->cst,NULL,0,0,q->name,adns_strerror(ans->status)); free(q); free(ans); } else { - q->answer(q->cst,ans->rrs.inaddr); + int rslot, wslot, total; + int ca_len=MIN(ans->nrrs,MAX_PEER_ADDRS); + struct comm_addr ca_buf[ca_len]; + for (rslot=0, wslot=0, total=0; + rslotnrrs; + rslot++) { + total++; + if (!(wslotrrs.addr[rslot]; + struct comm_addr *ca=&ca_buf[wslot]; + ca->comm=q->comm; + ca->ix=-1; + switch (ra->addr.sa.sa_family) { + case AF_INET: + assert(ra->len == sizeof(ca->ia.sin)); + break; +#ifdef CONFIG_IPV6 + case AF_INET6: + assert(ra->len == sizeof(ca->ia.sin6)); + break; +#endif /*CONFIG_IPV6*/ + default: + /* silently skip unexpected AFs from adns */ + continue; + } + memcpy(&ca->ia,&ra->addr,ra->len); + wslot++; + } + q->answer(q->cst,ca_buf,wslot,total,q->name,0); free(q); free(ans); } @@ -118,7 +200,7 @@ static list_t *adnsresolver_apply(closure_t *self, struct cloc loc, } register_for_poll(st, resolver_beforepoll, resolver_afterpoll, - ADNS_POLLFDS_RECOMMENDED+5,"resolver"); + "resolver"); return new_closure(&st->cl); }