2 Unix SMB/CIFS implementation.
4 async getaddrinfo()/dns_lookup() name resolution module
6 Copyright (C) Andrew Tridgell 2005
7 Copyright (C) Stefan Metzmacher 2008
8 Copyright (C) Matthieu Patou 2011
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 this module uses a fork() per getaddrinfo() or dns_looup() call.
26 At first that might seem crazy, but it is actually very fast,
27 and solves many of the tricky problems of keeping a child
28 hanging around in a librar (like what happens when the parent forks).
29 We use a talloc destructor to ensure that the child is cleaned up
30 when we have finished with this name resolution.
34 #include "lib/events/events.h"
35 #include "system/network.h"
36 #include "system/filesys.h"
37 #include "lib/socket/socket.h"
38 #include "libcli/composite/composite.h"
39 #include "librpc/gen_ndr/ndr_nbt.h"
40 #include "libcli/resolve/resolve.h"
41 #include "lib/util/util_net.h"
47 #include "heimdal/lib/roken/resolve.h"
54 struct socket_address **addrs;
58 struct tevent_fd *fde;
59 struct tevent_context *event_ctx;
63 kill off a wayward child if needed. This allows us to stop an async
64 name resolution without leaving a potentially blocking call running
67 static int dns_ex_destructor(struct dns_ex_state *state)
71 kill(state->child, SIGTERM);
72 if (waitpid(state->child, &status, WNOHANG) == 0) {
73 kill(state->child, SIGKILL);
74 waitpid(state->child, &status, 0);
80 static uint32_t count_dns_rr(struct rk_resource_record *head, unsigned record_type)
83 struct rk_resource_record *rr;
85 for (rr=head; rr; rr=rr->next) {
87 /* we are only interested in the IN class */
88 if (rr->class != rk_ns_c_in) {
92 /* we are only interested by requested record */
93 if (rr->type != record_type) {
100 /* verify we actually have a SRV record here */
105 /* Verify we got a port */
106 if (rr->u.srv->port == 0) {
113 /* verify we actually have a record here */
128 struct dns_records_container {
133 static char* rr_to_string(TALLOC_CTX *mem_ctx,
134 struct rk_resource_record *rr,
137 char addrstr[INET6_ADDRSTRLEN];
142 if (inet_ntop(AF_INET, rr->u.a,
143 addrstr, sizeof(addrstr)) == NULL) {
149 if (inet_ntop(AF_INET6, (struct in6_addr *)rr->u.data,
150 addrstr, sizeof(addrstr)) == NULL) {
159 addr = talloc_asprintf(mem_ctx, "%s@%u/%s", addrstr,
165 static struct dns_records_container get_a_aaaa_records(TALLOC_CTX *mem_ctx,
169 struct rk_dns_reply *reply, *reply2, *rep, *tmp[3];
170 struct rk_resource_record *rr;
171 struct dns_records_container ret;
173 uint32_t count, count2, total;
176 memset(&ret, 0, sizeof(struct dns_records_container));
177 /* this is the blocking call we are going to lots of trouble
178 to avoid them in the parent */
179 reply = rk_dns_lookup(name, "AAAA");
185 count = count_dns_rr(reply->head, rk_ns_t_aaaa);
186 count2 = count_dns_rr(reply->head, rk_ns_t_a);
190 * DNS server didn't returned A when asked for AAAA records.
191 * Most of the server do it, let's ask for A specificaly.
193 reply2 = rk_dns_lookup(name, "A");
199 count2 = count_dns_rr(reply2->head, rk_ns_t_a);
210 addrs = talloc_zero_array(mem_ctx, char*, count);
217 /* Loop over all returned records and pick the records */
218 for (i=0; tmp[i] != NULL; i++) {
220 for (rr=rep->head; rr; rr=rr->next) {
221 /* we are only interested in the IN class */
222 if (rr->class != rk_ns_c_in) {
226 /* we are only interested in A and AAAA records */
227 if (rr->type != rk_ns_t_a && rr->type != rk_ns_t_aaaa) {
231 /* verify we actually have a record here */
235 rr_to_string(mem_ctx, rr, port);
236 addrs[total] = rr_to_string(mem_ctx, rr, port);
249 rk_dns_free_data(reply);
252 rk_dns_free_data(reply2);
257 static struct dns_records_container get_srv_records(TALLOC_CTX *mem_ctx,
260 struct rk_dns_reply *reply;
261 struct rk_resource_record *rr;
262 struct dns_records_container ret;
264 uint32_t count, total;
266 memset(&ret, 0, sizeof(struct dns_records_container));
267 /* this is the blocking call we are going to lots of trouble
268 to avoid them in the parent */
269 reply = rk_dns_lookup(name, "SRV");
275 rk_dns_srv_order(reply);
276 count = count_dns_rr(reply->head, rk_ns_t_srv);
283 /* Loop over all returned records and pick the records */
284 for (rr=reply->head; rr; rr=rr->next) {
285 struct dns_records_container c;
287 /* we are only interested in the IN class */
288 if (rr->class != rk_ns_c_in) {
292 /* we are only interested in SRV records */
293 if (rr->type != rk_ns_t_srv) {
297 /* verify we actually have a srv record here */
302 /* Verify we got a port */
303 if (rr->u.srv->port == 0) {
307 tmp_str = rr->u.srv->target;
308 if (strchr(tmp_str, '.') && tmp_str[strlen(tmp_str)-1] != '.') {
309 /* we are asking for a fully qualified name, but the
310 name doesn't end in a '.'. We need to prevent the
311 DNS library trying the search domains configured in
313 tmp_str = talloc_asprintf(mem_ctx, "%s.", tmp_str);
316 c = get_a_aaaa_records(mem_ctx, tmp_str, rr->u.srv->port);
323 addrs = talloc_realloc(mem_ctx, addrs, char*, total);
324 for (j=0; j < c.count; j++) {
325 addrs[total - j] = talloc_steal(addrs, c.list[j]);
338 rk_dns_free_data(reply);
345 static void run_child_dns_lookup(struct dns_ex_state *state, int fd)
348 bool do_srv = (state->flags & RESOLVE_NAME_FLAG_DNS_SRV);
349 struct dns_records_container c;
353 if (strchr(state->name.name, '.') && state->name.name[strlen(state->name.name)-1] != '.') {
354 /* we are asking for a fully qualified name, but the
355 name doesn't end in a '.'. We need to prevent the
356 DNS library trying the search domains configured in
358 state->name.name = talloc_strdup_append(discard_const_p(char, state->name.name),
364 c = get_srv_records(state, state->name.name);
366 c = get_a_aaaa_records(state, state->name.name, state->port);
369 addrs = talloc_strdup(state, "");
375 for (i=0; i < c.count; i++) {
376 addrs = talloc_asprintf_append_buffer(addrs, "%s%s",
383 DEBUG(11, ("Addrs = %s\n", addrs));
384 write(fd, addrs, talloc_get_size(addrs));
394 static void run_child_getaddrinfo(struct dns_ex_state *state, int fd)
397 struct addrinfo hints;
398 struct addrinfo *res;
399 struct addrinfo *res_list = NULL;
404 hints.ai_socktype = SOCK_STREAM;
405 hints.ai_flags = AI_ADDRCONFIG | AI_NUMERICSERV;
407 ret = getaddrinfo(state->name.name, "0", &hints, &res_list);
408 /* try to fallback in case of error */
409 if (state->do_fallback) {
415 /* getaddrinfo() doesn't handle CNAME records */
416 run_child_dns_lookup(state, fd);
426 addrs = talloc_strdup(state, "");
431 for (res = res_list; res; res = res->ai_next) {
432 char addrstr[INET6_ADDRSTRLEN];
433 if (!print_sockaddr_len(addrstr, sizeof(addrstr), (struct sockaddr *)res->ai_addr, res->ai_addrlen)) {
436 addrs = talloc_asprintf_append_buffer(addrs, "%s%s@%u/%s",
448 write(fd, addrs, talloc_get_size(addrs));
452 freeaddrinfo(res_list);
458 handle a read event on the pipe
460 static void pipe_handler(struct tevent_context *ev, struct tevent_fd *fde,
461 uint16_t flags, void *private_data)
463 struct composite_context *c = talloc_get_type(private_data, struct composite_context);
464 struct dns_ex_state *state = talloc_get_type(c->private_data,
465 struct dns_ex_state);
467 uint32_t num_addrs, i;
473 /* if we get any event from the child then we know that we
474 won't need to kill it off */
475 talloc_set_destructor(state, NULL);
477 if (ioctl(state->child_fd, FIONREAD, &value) != 0) {
481 address = talloc_array(state, char, value+1);
483 /* yes, we don't care about EAGAIN or other niceities
484 here. They just can't happen with this parent/child
485 relationship, and even if they did then giving an error is
486 the right thing to do */
487 ret = read(state->child_fd, address, value);
491 if (waitpid(state->child, &status, WNOHANG) == 0) {
492 kill(state->child, SIGKILL);
493 waitpid(state->child, &status, 0);
497 DEBUG(3,("dns child failed to find name '%s' of type %s\n",
498 state->name.name, (state->flags & RESOLVE_NAME_FLAG_DNS_SRV)?"SRV":"A"));
499 composite_error(c, NT_STATUS_OBJECT_NAME_NOT_FOUND);
503 /* enusre the address looks good */
506 addrs = str_list_make(state, address, ",");
507 if (composite_nomem(addrs, c)) return;
509 num_addrs = str_list_length((const char * const *)addrs);
511 state->addrs = talloc_array(state, struct socket_address *,
513 if (composite_nomem(state->addrs, c)) return;
515 state->names = talloc_array(state, char *, num_addrs+1);
516 if (composite_nomem(state->names, c)) return;
518 for (i=0; i < num_addrs; i++) {
520 char *p = strrchr(addrs[i], '@');
524 composite_error(c, NT_STATUS_OBJECT_NAME_NOT_FOUND);
533 composite_error(c, NT_STATUS_OBJECT_NAME_NOT_FOUND);
540 if (strcmp(addrs[i], "0.0.0.0") == 0) {
541 composite_error(c, NT_STATUS_OBJECT_NAME_NOT_FOUND);
544 port = strtoul(p, NULL, 10);
545 if (port > UINT16_MAX) {
546 composite_error(c, NT_STATUS_OBJECT_NAME_NOT_FOUND);
549 state->addrs[i] = socket_address_from_strings(state->addrs,
553 if (composite_nomem(state->addrs[i], c)) return;
555 state->names[i] = talloc_strdup(state->names, n);
556 if (composite_nomem(state->names[i], c)) return;
558 state->addrs[i] = NULL;
559 state->names[i] = NULL;
565 getaddrinfo() or dns_lookup() name resolution method - async send
567 struct composite_context *resolve_name_dns_ex_send(TALLOC_CTX *mem_ctx,
568 struct tevent_context *event_ctx,
572 struct nbt_name *name,
575 struct composite_context *c;
576 struct dns_ex_state *state;
577 int fd[2] = { -1, -1 };
580 c = composite_create(mem_ctx, event_ctx);
581 if (c == NULL) return NULL;
583 if (flags & RESOLVE_NAME_FLAG_FORCE_NBT) {
584 composite_error(c, NT_STATUS_OBJECT_NAME_NOT_FOUND);
588 state = talloc_zero(c, struct dns_ex_state);
589 if (composite_nomem(state, c)) return c;
590 c->private_data = state;
592 c->status = nbt_name_dup(state, name, &state->name);
593 if (!composite_is_ok(c)) return c;
595 /* setup a pipe to chat to our child */
598 composite_error(c, map_nt_error_from_unix_common(errno));
602 state->do_fallback = do_fallback;
603 state->flags = flags;
606 state->child_fd = fd[0];
607 state->event_ctx = c->event_ctx;
609 /* we need to put the child in our event context so
610 we know when the dns_lookup() has finished */
611 state->fde = tevent_add_fd(c->event_ctx, c, state->child_fd, TEVENT_FD_READ,
613 if (composite_nomem(state->fde, c)) {
618 tevent_fd_set_auto_close(state->fde);
620 state->child = fork();
621 if (state->child == (pid_t)-1) {
622 composite_error(c, map_nt_error_from_unix_common(errno));
626 if (state->child == 0) {
628 if (state->flags & RESOLVE_NAME_FLAG_FORCE_DNS) {
629 run_child_dns_lookup(state, fd[1]);
631 run_child_getaddrinfo(state, fd[1]);
637 /* cleanup wayward children */
638 talloc_set_destructor(state, dns_ex_destructor);
644 getaddrinfo() or dns_lookup() name resolution method - recv side
646 NTSTATUS resolve_name_dns_ex_recv(struct composite_context *c,
648 struct socket_address ***addrs,
653 status = composite_wait(c);
655 if (NT_STATUS_IS_OK(status)) {
656 struct dns_ex_state *state = talloc_get_type(c->private_data,
657 struct dns_ex_state);
658 *addrs = talloc_steal(mem_ctx, state->addrs);
660 *names = talloc_steal(mem_ctx, state->names);