X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fresolve%2Fresolved-dns-domain.c;h=8ed1ecf0a480cdebac763faab5b4094cfe743490;hp=94ffc0fac4abb37df7084cbd927634d082891db6;hb=be754d5443e5fe44ead733ad509b127409cdb0f0;hpb=74b2466e14a1961bf3ac0e8a60cfaceec705bd59
diff --git a/src/resolve/resolved-dns-domain.c b/src/resolve/resolved-dns-domain.c
index 94ffc0fac..8ed1ecf0a 100644
--- a/src/resolve/resolved-dns-domain.c
+++ b/src/resolve/resolved-dns-domain.c
@@ -19,6 +19,11 @@
along with systemd; If not, see .
***/
+#ifdef HAVE_LIBIDN
+#include
+#include
+#endif
+
#include "resolved-dns-domain.h"
int dns_label_unescape(const char **name, char *dest, size_t sz) {
@@ -45,6 +50,9 @@ int dns_label_unescape(const char **name, char *dest, size_t sz) {
if (sz <= 0)
return -ENOSPC;
+ if (r >= DNS_LABEL_MAX)
+ return -EINVAL;
+
if (*n == '\\') {
/* Escaped character */
@@ -85,7 +93,7 @@ int dns_label_unescape(const char **name, char *dest, size_t sz) {
} else
return -EINVAL;
- } else if (*n >= ' ' && *n != 127) {
+ } else if ((uint8_t) *n >= (uint8_t) ' ' && *n != 127) {
/* Normal character */
*(d++) = *(n++);
@@ -114,6 +122,9 @@ int dns_label_escape(const char *p, size_t l, char **ret) {
assert(p);
assert(ret);
+ if (l > DNS_LABEL_MAX)
+ return -EINVAL;
+
s = malloc(l * 4 + 1);
if (!s)
return -ENOMEM;
@@ -135,13 +146,13 @@ int dns_label_escape(const char *p, size_t l, char **ret) {
/* Proper character */
*(q++) = *p;
- } else if (*p >= ' ' && *p != 127) {
+ } else if ((uint8_t) *p >= (uint8_t) ' ' && *p != 127) {
/* Everything else */
*(q++) = '\\';
- *(q++) = '0' + (char) ((unsigned) *p / 100);
- *(q++) = '0' + (char) (((unsigned) *p / 10) % 10);
- *(q++) = '0' + (char) ((unsigned) *p % 10);
+ *(q++) = '0' + (char) ((uint8_t) *p / 100);
+ *(q++) = '0' + (char) (((uint8_t) *p / 10) % 10);
+ *(q++) = '0' + (char) ((uint8_t) *p % 10);
} else
return -EINVAL;
@@ -158,6 +169,83 @@ int dns_label_escape(const char *p, size_t l, char **ret) {
return r;
}
+int dns_label_apply_idna(const char *encoded, size_t encoded_size, char *decoded, size_t decoded_max) {
+#ifdef HAVE_LIBIDN
+ _cleanup_free_ uint32_t *input = NULL;
+ size_t input_size;
+ const char *p;
+ bool contains_8bit = false;
+
+ assert(encoded);
+ assert(decoded);
+ assert(decoded_max >= DNS_LABEL_MAX);
+
+ if (encoded_size <= 0)
+ return 0;
+
+ for (p = encoded; p < encoded + encoded_size; p++)
+ if ((uint8_t) *p > 127)
+ contains_8bit = true;
+
+ if (!contains_8bit)
+ return 0;
+
+ input = stringprep_utf8_to_ucs4(encoded, encoded_size, &input_size);
+ if (!input)
+ return -ENOMEM;
+
+ if (idna_to_ascii_4i(input, input_size, decoded, 0) != 0)
+ return -EINVAL;
+
+ return strlen(decoded);
+#else
+ return 0;
+#endif
+}
+
+int dns_label_undo_idna(const char *encoded, size_t encoded_size, char *decoded, size_t decoded_max) {
+#ifdef HAVE_LIBIDN
+ size_t input_size, output_size;
+ _cleanup_free_ uint32_t *input = NULL;
+ _cleanup_free_ char *result = NULL;
+ uint32_t *output = NULL;
+ size_t w;
+
+ /* To be invoked after unescaping */
+
+ assert(encoded);
+ assert(decoded);
+
+ if (encoded_size < sizeof(IDNA_ACE_PREFIX)-1)
+ return 0;
+
+ if (memcmp(encoded, IDNA_ACE_PREFIX, sizeof(IDNA_ACE_PREFIX) -1) != 0)
+ return 0;
+
+ input = stringprep_utf8_to_ucs4(encoded, encoded_size, &input_size);
+ if (!input)
+ return -ENOMEM;
+
+ output_size = input_size;
+ output = newa(uint32_t, output_size);
+
+ idna_to_unicode_44i(input, input_size, output, &output_size, 0);
+
+ result = stringprep_ucs4_to_utf8(output, output_size, NULL, &w);
+ if (!result)
+ return -ENOMEM;
+ if (w <= 0)
+ return 0;
+ if (w+1 > decoded_max)
+ return -EINVAL;
+
+ memcpy(decoded, result, w+1);
+ return w;
+#else
+ return 0;
+#endif
+}
+
int dns_name_normalize(const char *s, char **_ret) {
_cleanup_free_ char *ret = NULL;
size_t n = 0, allocated = 0;
@@ -166,11 +254,11 @@ int dns_name_normalize(const char *s, char **_ret) {
int r;
assert(s);
- assert(_ret);
for (;;) {
_cleanup_free_ char *t = NULL;
char label[DNS_LABEL_MAX];
+ int k;
r = dns_label_unescape(&p, label, sizeof(label));
if (r < 0)
@@ -181,6 +269,12 @@ int dns_name_normalize(const char *s, char **_ret) {
break;
}
+ k = dns_label_undo_idna(label, r, label, sizeof(label));
+ if (k < 0)
+ return k;
+ if (k > 0)
+ r = k;
+
r = dns_label_escape(label, r, &t);
if (r < 0)
return r;
@@ -197,34 +291,47 @@ int dns_name_normalize(const char *s, char **_ret) {
n += r;
}
+ if (n > DNS_NAME_MAX)
+ return -EINVAL;
+
if (!GREEDY_REALLOC(ret, allocated, n + 1))
return -ENOMEM;
ret[n] = 0;
- *_ret = ret;
- ret = NULL;
+
+ if (_ret) {
+ *_ret = ret;
+ ret = NULL;
+ }
return 0;
}
unsigned long dns_name_hash_func(const void *s, const uint8_t hash_key[HASH_KEY_SIZE]) {
const char *p = s;
- unsigned long ul = 0;
+ unsigned long ul = hash_key[0];
int r;
assert(p);
while (*p) {
char label[DNS_LABEL_MAX+1];
+ int k;
r = dns_label_unescape(&p, label, sizeof(label));
if (r < 0)
break;
+ k = dns_label_undo_idna(label, r, label, sizeof(label));
+ if (k < 0)
+ break;
+ if (k > 0)
+ r = k;
+
label[r] = 0;
ascii_strlower(label);
- ul = hash_key[0] * ul + ul + string_hash_func(label, hash_key);
+ ul = ul * hash_key[1] + ul + string_hash_func(label, hash_key);
}
return ul;
@@ -232,7 +339,7 @@ unsigned long dns_name_hash_func(const void *s, const uint8_t hash_key[HASH_KEY_
int dns_name_compare_func(const void *a, const void *b) {
const char *x = a, *y = b;
- int r, q;
+ int r, q, k, w;
assert(a);
assert(b);
@@ -248,6 +355,15 @@ int dns_name_compare_func(const void *a, const void *b) {
if (r < 0 || q < 0)
return r - q;
+ k = dns_label_undo_idna(la, r, la, sizeof(la));
+ w = dns_label_undo_idna(lb, q, lb, sizeof(lb));
+ if (k < 0 || w < 0)
+ return k - w;
+ if (k > 0)
+ r = k;
+ if (w > 0)
+ r = w;
+
la[r] = lb[q] = 0;
r = strcasecmp(la, lb);
if (r != 0)
@@ -256,7 +372,7 @@ int dns_name_compare_func(const void *a, const void *b) {
}
int dns_name_equal(const char *x, const char *y) {
- int r, q;
+ int r, q, k, w;
assert(x);
assert(y);
@@ -271,9 +387,20 @@ int dns_name_equal(const char *x, const char *y) {
if (r < 0)
return r;
+ k = dns_label_undo_idna(la, r, la, sizeof(la));
+ if (k < 0)
+ return k;
+ if (k > 0)
+ r = k;
+
q = dns_label_unescape(&y, lb, sizeof(lb));
if (q < 0)
return q;
+ w = dns_label_undo_idna(lb, q, lb, sizeof(lb));
+ if (w < 0)
+ return w;
+ if (w > 0)
+ q = w;
la[r] = lb[q] = 0;
if (strcasecmp(la, lb))
@@ -283,7 +410,7 @@ int dns_name_equal(const char *x, const char *y) {
int dns_name_endswith(const char *name, const char *suffix) {
const char *n, *s, *saved_n = NULL;
- int r, q;
+ int r, q, k, w;
assert(name);
assert(suffix);
@@ -297,13 +424,23 @@ int dns_name_endswith(const char *name, const char *suffix) {
r = dns_label_unescape(&n, ln, sizeof(ln));
if (r < 0)
return r;
+ k = dns_label_undo_idna(ln, r, ln, sizeof(ln));
+ if (k < 0)
+ return k;
+ if (k > 0)
+ r = k;
if (!saved_n)
saved_n = n;
q = dns_label_unescape(&s, ls, sizeof(ls));
- if (r < 0)
- return r;
+ if (q < 0)
+ return q;
+ w = dns_label_undo_idna(ls, q, ls, sizeof(ls));
+ if (w < 0)
+ return w;
+ if (w > 0)
+ q = w;
if (r == 0 && q == 0)
return true;
@@ -334,11 +471,15 @@ int dns_name_reverse(int family, const union in_addr_union *a, char **ret) {
if (family == AF_INET)
r = asprintf(ret, "%u.%u.%u.%u.in-addr.arpa", p[3], p[2], p[1], p[0]);
else if (family == AF_INET6)
- r = asprintf(ret, "%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.ip6.arpa",
- hexchar(p[15]), hexchar(p[14]), hexchar(p[13]), hexchar(p[12]),
- hexchar(p[11]), hexchar(p[10]), hexchar(p[ 9]), hexchar(p[ 8]),
- hexchar(p[ 7]), hexchar(p[ 6]), hexchar(p[ 5]), hexchar(p[ 4]),
- hexchar(p[ 3]), hexchar(p[ 2]), hexchar(p[ 1]), hexchar(p[ 0]));
+ r = asprintf(ret, "%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.%c.ip6.arpa",
+ hexchar(p[15] & 0xF), hexchar(p[15] >> 4), hexchar(p[14] & 0xF), hexchar(p[14] >> 4),
+ hexchar(p[13] & 0xF), hexchar(p[13] >> 4), hexchar(p[12] & 0xF), hexchar(p[12] >> 4),
+ hexchar(p[11] & 0xF), hexchar(p[11] >> 4), hexchar(p[10] & 0xF), hexchar(p[10] >> 4),
+ hexchar(p[ 9] & 0xF), hexchar(p[ 9] >> 4), hexchar(p[ 8] & 0xF), hexchar(p[ 8] >> 4),
+ hexchar(p[ 7] & 0xF), hexchar(p[ 7] >> 4), hexchar(p[ 6] & 0xF), hexchar(p[ 6] >> 4),
+ hexchar(p[ 5] & 0xF), hexchar(p[ 5] >> 4), hexchar(p[ 4] & 0xF), hexchar(p[ 4] >> 4),
+ hexchar(p[ 3] & 0xF), hexchar(p[ 3] >> 4), hexchar(p[ 2] & 0xF), hexchar(p[ 2] >> 4),
+ hexchar(p[ 1] & 0xF), hexchar(p[ 1] >> 4), hexchar(p[ 0] & 0xF), hexchar(p[ 0] >> 4));
else
return -EAFNOSUPPORT;
if (r < 0)
@@ -347,6 +488,93 @@ int dns_name_reverse(int family, const union in_addr_union *a, char **ret) {
return 0;
}
+int dns_name_address(const char *p, int *family, union in_addr_union *address) {
+ int r;
+
+ assert(p);
+ assert(family);
+ assert(address);
+
+ r = dns_name_endswith(p, "in-addr.arpa");
+ if (r < 0)
+ return r;
+ if (r > 0) {
+ uint8_t a[4];
+ unsigned i;
+
+ for (i = 0; i < ELEMENTSOF(a); i++) {
+ char label[DNS_LABEL_MAX+1];
+
+ r = dns_label_unescape(&p, label, sizeof(label));
+ if (r < 0)
+ return r;
+ if (r == 0)
+ return -EINVAL;
+ if (r > 3)
+ return -EINVAL;
+
+ r = safe_atou8(label, &a[i]);
+ if (r < 0)
+ return r;
+ }
+
+ r = dns_name_equal(p, "in-addr.arpa");
+ if (r <= 0)
+ return r;
+
+ *family = AF_INET;
+ address->in.s_addr = htobe32(((uint32_t) a[3] << 24) |
+ ((uint32_t) a[2] << 16) |
+ ((uint32_t) a[1] << 8) |
+ (uint32_t) a[0]);
+
+ return 1;
+ }
+
+ r = dns_name_endswith(p, "ip6.arpa");
+ if (r < 0)
+ return r;
+ if (r > 0) {
+ struct in6_addr a;
+ unsigned i;
+
+ for (i = 0; i < ELEMENTSOF(a.s6_addr); i++) {
+ char label[DNS_LABEL_MAX+1];
+ int x, y;
+
+ r = dns_label_unescape(&p, label, sizeof(label));
+ if (r <= 0)
+ return r;
+ if (r != 1)
+ return -EINVAL;
+ x = unhexchar(label[0]);
+ if (x < 0)
+ return -EINVAL;
+
+ r = dns_label_unescape(&p, label, sizeof(label));
+ if (r <= 0)
+ return r;
+ if (r != 1)
+ return -EINVAL;
+ y = unhexchar(label[0]);
+ if (y < 0)
+ return -EINVAL;
+
+ a.s6_addr[ELEMENTSOF(a.s6_addr) - i - 1] = (uint8_t) y << 4 | (uint8_t) x;
+ }
+
+ r = dns_name_equal(p, "ip6.arpa");
+ if (r <= 0)
+ return r;
+
+ *family = AF_INET6;
+ address->in6 = a;
+ return 1;
+ }
+
+ return 0;
+}
+
int dns_name_root(const char *name) {
char label[DNS_LABEL_MAX+1];
int r;
@@ -369,7 +597,6 @@ int dns_name_single_label(const char *name) {
r = dns_label_unescape(&name, label, sizeof(label));
if (r < 0)
return r;
-
if (r == 0)
return 0;