#include <errno.h>
#include "secnet.h"
+#include "util.h"
#ifndef HAVE_LIBADNS
#error secnet requires ADNS version 1.0 or above
#endif
#include <adns.h>
+#include <arpa/inet.h>
+#include <string.h>
struct adns {
struct query {
void *cst;
+ const char *name;
+ int port;
+ struct comm_if *comm;
resolve_answer_fn *answer;
adns_query query;
};
-static bool_t resolve_request(void *sst, string_t name,
+static resolve_request_fn resolve_request;
+static bool_t resolve_request(void *sst, cstring_t name,
+ int port, struct comm_if *comm,
resolve_answer_fn *cb, void *cst)
{
struct adns *st=sst;
struct query *q;
int rv;
+ const int maxlitlen=
+#ifdef CONFIG_IPV6
+ ADNS_ADDR2TEXT_BUFLEN*2
+#else
+ 50
+#endif
+ ;
+ ssize_t l=strlen(name);
+ if (name[0]=='[' && l<maxlitlen && l>2 && name[l-1]==']') {
+ char trimmed[maxlitlen+1];
+ memcpy(trimmed,name+1,l-2);
+ trimmed[l-2]=0;
+ struct comm_addr ca;
+ ca.comm=comm;
+ ca.ix=-1;
+#ifdef CONFIG_IPV6
+ socklen_t salen=sizeof(ca.ia);
+ rv=adns_text2addr(trimmed, port, adns_qf_addrlit_ipv4_quadonly,
+ &ca.ia.sa, &salen);
+ assert(rv!=ENOSPC);
+ if (rv) {
+ char msg[250];
+ snprintf(msg,sizeof(msg),"invalid address literal: %s",
+ strerror(rv));
+ msg[sizeof(msg)-1]=0;
+ cb(cst,0,0,0,name,msg);
+ } else {
+ cb(cst,&ca,1,1,name,0);
+ }
+#else
+ ca.ia.sin.sin_family=AF_INET;
+ ca.ia.sin.sin_port=htons(port);
+ if (inet_aton(trimmed,&ca.ia.sin.sin_addr))
+ cb(cst,&ca,1,1,name,0);
+ else
+ cb(cst,0,0,0,name,"invalid IP address");
+#endif
+ return True;
+ }
q=safe_malloc(sizeof *q,"resolve_request");
q->cst=cst;
+ q->comm=comm;
+ q->port=port;
+ q->name=name;
q->answer=cb;
- rv=adns_submit(st->ast, name, adns_r_a, 0, q, &q->query);
+ rv=adns_submit(st->ast, name, adns_r_addr, 0, q, &q->query);
+ if (rv) {
+ Message(M_WARNING,
+ "resolver: failed to submit lookup for %s: %s",name,
+ adns_strerror(rv));
+ free(q);
+ return False;
+ }
- return rv==0;
+ return True;
}
static int resolver_beforepoll(void *sst, struct pollfd *fds, int *nfds_io,
- int *timeout_io, const struct timeval *tv_now,
- uint64_t *now)
+ int *timeout_io)
{
struct adns *st=sst;
return adns_beforepoll(st->ast, fds, nfds_io, timeout_io, tv_now);
}
-static void resolver_afterpoll(void *sst, struct pollfd *fds, int nfds,
- const struct timeval *tv_now, uint64_t *now)
+static void resolver_afterpoll(void *sst, struct pollfd *fds, int nfds)
{
struct adns *st=sst;
adns_query aq;
if (rv==0) {
q=qp;
if (ans->status!=adns_s_ok) {
- q->answer(q->cst,NULL); /* Failure */
+ q->answer(q->cst,NULL,0,0,q->name,adns_strerror(ans->status));
free(q);
free(ans);
} else {
- q->answer(q->cst,ans->rrs.inaddr);
+ int rslot, wslot, total;
+ int ca_len=MIN(ans->nrrs,MAX_PEER_ADDRS);
+ struct comm_addr ca_buf[ca_len];
+ for (rslot=0, wslot=0, total=0;
+ rslot<ans->nrrs;
+ rslot++) {
+ total++;
+ if (!(wslot<ca_len)) continue;
+ adns_rr_addr *ra=&ans->rrs.addr[rslot];
+ struct comm_addr *ca=&ca_buf[wslot];
+ ca->comm=q->comm;
+ ca->ix=-1;
+ switch (ra->addr.sa.sa_family) {
+ case AF_INET:
+ assert(ra->len == sizeof(ca->ia.sin));
+ break;
+#ifdef CONFIG_IPV6
+ case AF_INET6:
+ assert(ra->len == sizeof(ca->ia.sin6));
+ break;
+#endif /*CONFIG_IPV6*/
+ default:
+ /* silently skip unexpected AFs from adns */
+ continue;
+ }
+ memcpy(&ca->ia,&ra->addr,ra->len);
+ wslot++;
+ }
+ q->answer(q->cst,ca_buf,wslot,total,q->name,0);
free(q);
free(ans);
}
}
register_for_poll(st, resolver_beforepoll, resolver_afterpoll,
- ADNS_POLLFDS_RECOMMENDED+5,"resolver");
+ "resolver");
return new_closure(&st->cl);
}
-init_module resolver_module;
void resolver_module(dict_t *dict)
{
add_closure(dict,"adns",adnsresolver_apply);