2 Unix SMB/CIFS implementation.
4 async getaddrinfo()/dns_lookup() name resolution module
6 Copyright (C) Andrew Tridgell 2005
7 Copyright (C) Stefan Metzmacher 2008
8 Copyright (C) Matthieu Patou 2011
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 this module uses a fork() per getaddrinfo() or dns_looup() call.
26 At first that might seem crazy, but it is actually very fast,
27 and solves many of the tricky problems of keeping a child
28 hanging around in a librar (like what happens when the parent forks).
29 We use a talloc destructor to ensure that the child is cleaned up
30 when we have finished with this name resolution.
34 #include "lib/events/events.h"
35 #include "system/network.h"
36 #include "system/filesys.h"
37 #include "lib/socket/socket.h"
38 #include "libcli/composite/composite.h"
39 #include "librpc/gen_ndr/ndr_nbt.h"
40 #include "libcli/resolve/resolve.h"
41 #include "lib/util/util_net.h"
42 #include "lib/addns/dnsquery.h"
43 #include "lib/addns/dns.h"
44 #include "lib/util/sys_rw.h"
45 #include <arpa/nameser.h>
53 struct socket_address **addrs;
57 struct tevent_fd *fde;
58 struct tevent_context *event_ctx;
62 kill off a wayward child if needed. This allows us to stop an async
63 name resolution without leaving a potentially blocking call running
66 static int dns_ex_destructor(struct dns_ex_state *state)
70 kill(state->child, SIGTERM);
71 if (waitpid(state->child, &status, WNOHANG) == 0) {
72 kill(state->child, SIGKILL);
73 waitpid(state->child, &status, 0);
79 struct dns_records_container {
84 static int reply_to_addrs(TALLOC_CTX *mem_ctx, uint32_t *a_num,
85 char ***cur_addrs, uint32_t total,
86 struct dns_request *reply, int port)
88 char addrstr[INET6_ADDRSTRLEN];
94 /* at most we over-allocate here, but not by much */
95 addrs = talloc_realloc(mem_ctx, *cur_addrs, char *,
96 total + reply->num_answers);
102 for (i = 0; i < reply->num_answers; i++) {
103 rr = reply->answers[i];
105 /* we are only interested in the IN class */
106 if (rr->r_class != DNS_CLASS_IN) {
110 if (rr->type == QTYPE_NS) {
112 * After the record for NS will come the A or AAAA
118 /* verify we actually have a record here */
123 /* we are only interested in A and AAAA records */
126 addr = inet_ntop(AF_INET,
127 (struct in_addr *)rr->data,
128 addrstr, sizeof(addrstr));
135 addr = inet_ntop(AF_INET6,
136 (struct in6_addr *)rr->data,
137 addrstr, sizeof(addrstr));
149 addrs[total] = talloc_asprintf(addrs, "%s@%u/%s",
151 rr->name->pLabelList->label);
154 if (rr->type == QTYPE_A) {
163 static DNS_ERROR dns_lookup(TALLOC_CTX *mem_ctx, const char* name,
164 uint16_t q_type, struct dns_request **reply)
169 struct dns_buffer buf;
172 /* give space for a good sized answer by default */
176 answer = talloc_realloc(mem_ctx, answer, uint8_t, len);
178 return ERROR_DNS_NO_MEMORY;
180 rlen = res_search(name, DNS_CLASS_IN, q_type, answer, len);
183 return ERROR_DNS_SOCKET_ERROR;
185 /* retry once with max packet size */
188 } else if (rlen > len) {
199 buf.error = ERROR_DNS_SUCCESS;
201 err = dns_unmarshall_request(mem_ctx, &buf, reply);
207 static struct dns_records_container get_a_aaaa_records(TALLOC_CTX *mem_ctx,
211 struct dns_request *reply;
212 struct dns_records_container ret;
214 uint32_t a_num, total;
219 memset(&ret, 0, sizeof(struct dns_records_container));
221 tmp_ctx = talloc_new(mem_ctx);
228 /* this is the blocking call we are going to lots of trouble
229 to avoid them in the parent */
230 err = dns_lookup(tmp_ctx, name, qtype, &reply);
231 if (!ERR_DNS_IS_OK(err)) {
233 err = dns_lookup(tmp_ctx, name, qtype, &reply);
234 if (!ERR_DNS_IS_OK(err)) {
240 total = reply_to_addrs(tmp_ctx, &a_num, &addrs, total, reply, port);
242 if (qtype == QTYPE_AAAA && a_num == 0) {
244 * DNS server didn't returned A when asked for AAAA records.
245 * Most of the server do it, let's ask for A specificaly.
247 err = dns_lookup(tmp_ctx, name, QTYPE_A, &reply);
248 if (!ERR_DNS_IS_OK(err)) {
252 total = reply_to_addrs(tmp_ctx, &a_num, &addrs, total,
258 talloc_steal(mem_ctx, addrs);
264 TALLOC_FREE(tmp_ctx);
268 static struct dns_records_container get_srv_records(TALLOC_CTX *mem_ctx,
271 struct dns_records_container ret;
273 struct dns_rr_srv *dclist;
279 memset(&ret, 0, sizeof(struct dns_records_container));
280 /* this is the blocking call we are going to lots of trouble
281 to avoid them in the parent */
282 status = ads_dns_lookup_srv(mem_ctx, name, &dclist, &count);
283 if (!NT_STATUS_IS_OK(status)) {
291 /* Loop over all returned records and pick the records */
292 for (i = 0; i < count; i++) {
293 struct dns_records_container c;
296 tmp_str = dclist[i].hostname;
297 if (strchr(tmp_str, '.') && tmp_str[strlen(tmp_str)-1] != '.') {
298 /* we are asking for a fully qualified name, but the
299 name doesn't end in a '.'. We need to prevent the
300 DNS library trying the search domains configured in
302 tmp_str = talloc_asprintf(mem_ctx, "%s.", tmp_str);
305 c = get_a_aaaa_records(mem_ctx, tmp_str, dclist[i].port);
312 addrs = talloc_realloc(mem_ctx, addrs, char*, total);
313 for (j=0; j < c.count; j++) {
314 addrs[total - j - 1] = talloc_steal(addrs, c.list[j]);
329 static void run_child_dns_lookup(struct dns_ex_state *state, int fd)
332 bool do_srv = (state->flags & RESOLVE_NAME_FLAG_DNS_SRV);
333 struct dns_records_container c;
337 if (strchr(state->name.name, '.') && state->name.name[strlen(state->name.name)-1] != '.') {
338 /* we are asking for a fully qualified name, but the
339 name doesn't end in a '.'. We need to prevent the
340 DNS library trying the search domains configured in
342 state->name.name = talloc_strdup_append(discard_const_p(char, state->name.name),
348 c = get_srv_records(state, state->name.name);
350 c = get_a_aaaa_records(state, state->name.name, state->port);
353 /* This line in critical - if we return without writing to the
354 * pipe, this is the signal that the name did not exist */
359 addrs = talloc_strdup(state, "");
365 for (i=0; i < c.count; i++) {
366 addrs = talloc_asprintf_append_buffer(addrs, "%s%s",
373 DEBUG(11, ("Addrs = %s\n", addrs));
374 sys_write_v(fd, addrs, talloc_get_size(addrs));
384 static void run_child_getaddrinfo(struct dns_ex_state *state, int fd)
387 struct addrinfo hints;
388 struct addrinfo *res;
389 struct addrinfo *res_list = NULL;
394 hints.ai_socktype = SOCK_STREAM;
395 hints.ai_flags = AI_ADDRCONFIG | AI_NUMERICSERV;
397 ret = getaddrinfo(state->name.name, "0", &hints, &res_list);
398 /* try to fallback in case of error */
399 if (state->do_fallback) {
405 /* Linux returns EAI_NODATA on non-RFC1034-compliant names. FreeBSD returns EAI_FAIL */
407 /* getaddrinfo() doesn't handle CNAME or non-RFC1034 compatible records */
408 run_child_dns_lookup(state, fd);
418 addrs = talloc_strdup(state, "");
423 for (res = res_list; res; res = res->ai_next) {
424 char addrstr[INET6_ADDRSTRLEN];
425 if (!print_sockaddr_len(addrstr, sizeof(addrstr), (struct sockaddr *)res->ai_addr, res->ai_addrlen)) {
428 addrs = talloc_asprintf_append_buffer(addrs, "%s%s@%u/%s",
440 sys_write_v(fd, addrs, talloc_get_size(addrs));
444 freeaddrinfo(res_list);
450 handle a read event on the pipe
452 static void pipe_handler(struct tevent_context *ev, struct tevent_fd *fde,
453 uint16_t flags, void *private_data)
455 struct composite_context *c = talloc_get_type(private_data, struct composite_context);
456 struct dns_ex_state *state = talloc_get_type(c->private_data,
457 struct dns_ex_state);
459 uint32_t num_addrs, i;
465 /* if we get any event from the child then we know that we
466 won't need to kill it off */
467 talloc_set_destructor(state, NULL);
469 if (ioctl(state->child_fd, FIONREAD, &value) != 0) {
473 address = talloc_array(state, char, value+1);
475 /* yes, we don't care about EAGAIN or other niceities
476 here. They just can't happen with this parent/child
477 relationship, and even if they did then giving an error is
478 the right thing to do */
479 ret = read(state->child_fd, address, value);
483 if (waitpid(state->child, &status, WNOHANG) == 0) {
484 kill(state->child, SIGKILL);
485 waitpid(state->child, &status, 0);
489 /* The check for ret == 0 here is important, if the
490 * name does not exist, then no bytes are written to
492 DEBUG(3,("dns child failed to find name '%s' of type %s\n",
493 state->name.name, (state->flags & RESOLVE_NAME_FLAG_DNS_SRV)?"SRV":"A"));
494 composite_error(c, NT_STATUS_OBJECT_NAME_NOT_FOUND);
498 /* ensure the address looks good */
501 addrs = str_list_make(state, address, ",");
502 if (composite_nomem(addrs, c)) return;
504 num_addrs = str_list_length((const char * const *)addrs);
506 state->addrs = talloc_array(state, struct socket_address *,
508 if (composite_nomem(state->addrs, c)) return;
510 state->names = talloc_array(state, char *, num_addrs+1);
511 if (composite_nomem(state->names, c)) return;
513 for (i=0; i < num_addrs; i++) {
515 char *p = strrchr(addrs[i], '@');
520 composite_error(c, NT_STATUS_OBJECT_NAME_NOT_FOUND);
529 composite_error(c, NT_STATUS_OBJECT_NAME_NOT_FOUND);
536 if (strcmp(addrs[i], "0.0.0.0") == 0) {
537 composite_error(c, NT_STATUS_OBJECT_NAME_NOT_FOUND);
540 port = strtoul_err(p, NULL, 10, &error);
541 if (port > UINT16_MAX || error != 0) {
542 composite_error(c, NT_STATUS_OBJECT_NAME_NOT_FOUND);
545 state->addrs[i] = socket_address_from_strings(state->addrs,
549 if (composite_nomem(state->addrs[i], c)) return;
551 state->names[i] = talloc_strdup(state->names, n);
552 if (composite_nomem(state->names[i], c)) return;
554 state->addrs[i] = NULL;
555 state->names[i] = NULL;
561 getaddrinfo() or dns_lookup() name resolution method - async send
563 struct composite_context *resolve_name_dns_ex_send(TALLOC_CTX *mem_ctx,
564 struct tevent_context *event_ctx,
568 struct nbt_name *name,
571 struct composite_context *c;
572 struct dns_ex_state *state;
573 int fd[2] = { -1, -1 };
576 c = composite_create(mem_ctx, event_ctx);
577 if (c == NULL) return NULL;
579 if (flags & RESOLVE_NAME_FLAG_FORCE_NBT) {
580 composite_error(c, NT_STATUS_OBJECT_NAME_NOT_FOUND);
584 state = talloc_zero(c, struct dns_ex_state);
585 if (composite_nomem(state, c)) return c;
586 c->private_data = state;
588 c->status = nbt_name_dup(state, name, &state->name);
589 if (!composite_is_ok(c)) return c;
591 /* setup a pipe to chat to our child */
594 composite_error(c, map_nt_error_from_unix_common(errno));
598 state->do_fallback = do_fallback;
599 state->flags = flags;
602 state->child_fd = fd[0];
603 state->event_ctx = c->event_ctx;
605 /* we need to put the child in our event context so
606 we know when the dns_lookup() has finished */
607 state->fde = tevent_add_fd(c->event_ctx, c, state->child_fd, TEVENT_FD_READ,
609 if (composite_nomem(state->fde, c)) {
614 tevent_fd_set_auto_close(state->fde);
616 state->child = fork();
617 if (state->child == (pid_t)-1) {
618 composite_error(c, map_nt_error_from_unix_common(errno));
622 if (state->child == 0) {
624 if (state->flags & RESOLVE_NAME_FLAG_FORCE_DNS) {
625 run_child_dns_lookup(state, fd[1]);
627 run_child_getaddrinfo(state, fd[1]);
633 /* cleanup wayward children */
634 talloc_set_destructor(state, dns_ex_destructor);
640 getaddrinfo() or dns_lookup() name resolution method - recv side
642 NTSTATUS resolve_name_dns_ex_recv(struct composite_context *c,
644 struct socket_address ***addrs,
649 status = composite_wait(c);
651 if (NT_STATUS_IS_OK(status)) {
652 struct dns_ex_state *state = talloc_get_type(c->private_data,
653 struct dns_ex_state);
654 *addrs = talloc_steal(mem_ctx, state->addrs);
656 *names = talloc_steal(mem_ctx, state->names);