about summary refs log tree commit diff
path: root/src/network
Commit message (Collapse)AuthorAgeFilesLines
* fix regression in support for resolv.conf attempts optionRich Felker2017-04-211-2/+2
| | | | | | | | commit d6cb08bcaca4ff1f921375510ca72bccea969c75 moved the code and introduced an incorrect string offset for the new parsing, probably due to a copy-and-paste error. patch by Stefan Sedich.
* fix read past end of buffer in getaddrinfo backendRich Felker2017-04-111-2/+2
| | | | | | | | | | | | | | due to testing buf[i].family==AF_INET before checking i==cnt, it was possible to read past the end of the array, or past the valid part. in practice, without active bounds/indeterminate-value checking by the compiler, the worst that happened was failure to return early and optimize out the sorting that's unneeded for v4-only results. returning on i==cnt-1 rather than i==cnt would be an alternate fix, but the approach this patch takes is more idiomatic and less error-prone. patch by Timo Teräs.
* fix possible fd leak, unrestored cancellation state on dns socket failRich Felker2017-03-141-1/+5
|
* fix getservby*_r result pointer value on errorDaniel Sabogal2016-09-242-0/+3
| | | | | | | this is a clone of the fix to the gethostby*_r functions in commit fe82bb9b921be34370e6b71a1c6f062c20999ae0. the man pages document that the getservby*_r functions set this pointer to NULL if there was an error or if no record was found.
* remove dead case in gethostbyname2_rDaniel Sabogal2016-09-241-2/+0
| | | | | this case statement was accidently left behind when this function was refactored in commit e8f39ca4898237cf71657500f0b11534c47a0521.
* fix if_indextoname error caseDaniel Sabogal2016-09-161-1/+6
| | | | | posix requires errno to be set to ENXIO if the interface does not exist. linux returns ENODEV instead so we handle this.
* remove obsolete and unused gethostbyaddr implementationRich Felker2016-07-061-52/+0
| | | | | | | this code was already under #if 0, but could be confusing if a reader didn't notice that, and it's almost surely full of bugs and/or inconsistencies with the current code that uses the gethostbyname2_r backend.
* refactor name_from_dns in hostname lookup backendNatanael Copa2016-06-291-14/+13
| | | | | loop over an address family / resource record mapping to avoid repetitive code.
* in performing dns lookups, check result from res_mkqueryNatanael Copa2016-06-291-0/+4
| | | | don't send a query that may be malformed.
* fix misaligned address buffers in gethostbyname[2][_r] resultsRich Felker2016-06-271-7/+7
| | | | | mistakenly ordering strings before addresses in the result buffer broke the alignment that the preceding code had set up.
* fix incorrect protocol name and number for egpAndrew Kelley2016-05-041-1/+1
| | | | | | previously if you called getprotobyname("egp") you would get NULL because \008 is invalid octal and so the protocol id was interpreted as 0 and name as "8egp".
* remove dead store in res_msendPetr Vaněk2016-04-181-1/+0
| | | | The variable nss is set to zero in following line.
* fix gethostbyaddr_r to fill struct hostent.h_length as appropriateTimo Teräs2016-03-241-0/+1
|
* handle non-matching address family entries in hosts fileRich Felker2016-03-021-3/+11
| | | | | | | | | | | | | name_from_hosts failed to account for the possibility of an address family error from name_from_numeric, wrongly counting such a return as success and using the uninitialized address data as part of the results passed up to the caller. non-matching address family entries cannot simply be ignored or results would be inconsistent with respect to whether AF_UNSPEC or a specific address family is queried. instead, record that a non-matching entry was seen, and fail the lookup with EAI_NONAME of no matching-family entries are found.
* reuse parsed resolv.conf in dns core to avoid re-reading/re-parsingRich Felker2016-01-282-16/+22
|
* fix uninitialized variable in new resolv.conf parserRich Felker2016-01-281-1/+1
|
* add support for search domains to dns resolverRich Felker2016-01-281-1/+41
| | | | | | | | | | | | | search is only performed if the search or domain keyword is used in resolv.conf and the queried name has fewer than ndots dots. there is no default domain and names with >=ndots dots are never subjected to search; failure in the root scope is final. the (non-POSIX) res_search API presently does not honor search. this may be added at some point in the future if needed. resolv.conf is now parsed twice, at two different layers of the code involved. this will be fixed in a subsequent patch.
* fix handling of dns response codesRich Felker2016-01-281-1/+2
| | | | | | | | | | | | | | | rcode of 3 (NxDomain) was treated as a hard EAI_NONAME failure, but it should instead return 0 (no results) so the caller can continue searching. this will be important for adding search domain support. the top-level caller will automatically return EAI_NONAME if there are zero results at the end. also, the case where rcode is 0 (success) but there are no results was not handled. this happens when the domain exists but there are no A or AAAA records for it. in this case a hard EAI_NONAME should be imposed to inhibit further search, since the name was defined and just does not have any address associated with it. previously a misleading hard failure of EAI_FAIL was reported.
* fix logic for matching search/domain keywords in resolv.confRich Felker2016-01-281-1/+1
|
* factor resolv.conf parsing out of res_msend to its own fileRich Felker2016-01-283-60/+126
| | | | | | | | | | | | this change is made in preparation for adding search domains, for which higher-level code will need to parse resolv.conf. simply parsing it twice for each lookup would be one reasonable option, but the existing parser code was buggy anyway, which suggested to me that it's a bad idea to have two variants of this code in two different places. the old code in res_msend potentially misinterpreted overly long lines in resolv.conf, and stopped parsing after it found 3 nameservers, even if there were relevant options left to be parsed later in the file.
* fix if_nametoindex return value when socket open failsRon Yorston2016-01-171-1/+1
| | | | | The return value of if_nametoindex is unsigned; it should return 0 on error.
* add missing protocols to protoent lookup functionsTimo Teräs2016-01-061-1/+16
|
* properly handle point-to-point interfaces in getifaddrs()Jo-Philipp Wich2015-11-301-3/+16
| | | | | | | | | | | | | | | | With point-to-point interfaces, the IFA_ADDRESS netlink attribute contains the peer address while an extra attribute IFA_LOCAL carries the actual local interface address. Both the glibc and uclibc implementations of getifaddrs() handle this case by moving the ifa_addr contents to the broadcast/remote address union and overwriting ifa_addr upon receipt of an IFA_LOCAL attribute. This patch adds the same special treatment logic of IFA_LOCAL to musl's implementation of getifaddrs() in order to align its behaviour with that of uclibc and glibc. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
* getnameinfo: make size check not fail for bigger sizesHauke Mehrtens2015-10-261-2/+2
| | | | | | | | | | | | | | | | getnameinfo() compares the size of the given struct sockaddr with sizeof(struct sockaddr_in) and sizeof(struct sockaddr_in6) depending on the net family. When you add a sockaddr of size sizeof(struct sockaddr_storage) this function will fail because the size of the sockaddr is too big. Change the check that it only fails if the size is too small, but make it work when it is too big for example when someone calls this function with a struct sockaddr_storage and its size. This fixes a problem with IoTivity 1.0.0 and musl. glibc and bionic are only failing if it is smaller, net/freebsd implemented the != check. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* safely handle failure to open hosts, services, resolv.conf filesRich Felker2015-10-263-4/+29
| | | | | | | | | | | | | | | | | | | | previously, transient failures like fd exhaustion or other resource-related errors were treated the same as non-existence of these files, leading to fallbacks or false-negative results. in particular: - failure to open hosts resulted in fallback to dns, possibly yielding EAI_NONAME for a hostname that should be defined locally, or an unwanted result from dns that the hosts file was intended to replace. - failure to open services resulted in EAI_SERVICE. - failure to open resolv.conf resulted in querying localhost rather than the configured nameservers. now, only permanent errors trigger the fallback behaviors above; all other errors are reportable to the caller as EAI_SYSTEM.
* avoid attempting to lookup IP literals as hostnamesRich Felker2015-09-251-27/+32
| | | | | | | | | | | | | | | | previously, __lookup_ipliteral only checked its argument against the requested address family, so IPv4 literals passed through to __lookup_name if the caller asked for only IPv6 results, and likewise for IPv6 literals when the caller asked for only IPv4. this resulted in spurious DNS lookups that reportedly even succeeded with some nameservers. now, __lookup_ipliteral attempts to parse its argument as both IPv4 and IPv6, and returns an error (to stop further search) rather than 0 (no results yet) if the form of the argument mismatches the requested address family. based on patch by Julien Ramseier.
* make getaddrinfo return error if both host and service name are nullRich Felker2015-09-251-0/+2
| | | | | | this case is specified as a mandatory ("shall fail") error. based on patch by Julien Ramseier.
* fix uninitialized scopeid in lookups from hosts file and ip literalsTimo Teräs2015-09-111-2/+2
|
* fix negated return value of ns_skiprr, breakage in related functionsRich Felker2015-07-081-1/+1
| | | | | | | | due to a reversed pointer difference computation, ns_skiprr always returned a negative value, which functions using it would interpret as an error. patch by Yu Lu.
* fix internal buffer overrun in inet_ptonRich Felker2015-03-231-2/+3
| | | | | | | | one stop condition for parsing abbreviated ipv6 addressed was missed, allowing the internal ip[] buffer to overflow. this patch adds the missing stop condition and masks the array index so that, in case there are any remaining stop conditions missing, overflowing the buffer is not possible.
* make protocol table zero byte separated and add ipv6 protocolsTimo Teräs2015-02-101-22/+26
|
* make getaddrinfo support SOCK_RAW and other socket typesRich Felker2015-02-074-34/+42
| | | | | | | | | all socket types are accepted at this point, but that may be changed at a later time if the behavior is not meaningful for other types. as before, omitting type (a value of 0) gives both UDP and TCP results, and SOCK_DGRAM or SOCK_STREAM restricts to UDP or TCP, respectively. for other socket types, the service name argument is required to be a null pointer, and the protocol number provided by the caller is used.
* add basic dns record parsing functionsRich Felker2014-12-171-0/+171
| | | | | | | | | | | | based on patch by Timo Teräs, with some corrections to bounds checking code and other minor changes. while they are borderline scope creep, the functions added are fairly small and are roughly the minimum code needed to use the results of the res_query API without re-implementing error-prone DNS packet parsing, and they are used in practice by some kerberos related software and possibly other things. at this time there is no intent to implement further nameser.h API functions.
* fix potential read past end of buffer in getnameinfo service name lookupRich Felker2014-09-051-1/+1
| | | | | | | | | if the loop stopped due to reaching the end of the string, the subsequent increment could possibly move the position one past the end of the buffer. no further writes happen, the reads cannot fault anyway unless the stack completely lacks any zero bytes, and reading junk should not yield an incorrect result from the function either. nonetheless the code was wrong and needs to be fixed.
* remove incorrect and useless check in network service name lookup codeRich Felker2014-09-051-1/+0
| | | | | | the condition was probably intended to be !*p rather than !p, but neither is needed here. the subsequent code naturally handles the case where it's already at end of string.
* remove an extra layer of buffer copying in getnameinfo reverse dnsRich Felker2014-09-051-3/+2
| | | | | | | | | | | the outer getnameinfo function already has a properly-sized temporary buffer for storing the reverse dns (ptr) result. there is no reason for the callback to use a secondary buffer and copy it on success, and doing so potentially expanded the impact of the dn_expand bug that was fixed in commit 49d2c8c6bcf8c926e52c7f510033b6adc31355f5. this change reduces the code size by a small amount, and also reduces the run-time stack space requirements by about 256 bytes.
* fix dn_expand empty name handling and offsets to 0Szabolcs Nagy2014-09-041-6/+9
| | | | | | | | | | Empty name was rejected in dn_expand since commit 56b57f37a46dab432247bf29d96fcb11fbd02a6d which is a regression as reported by Natanael Copa. Furthermore if an offset pointer in a compressed name pointed to a terminating 0 byte (instead of a label) the returned name was not null terminated.
* reimplement if_nameindex and getifaddrs using netlinkTimo Teräs2014-07-294-184/+411
| | | | | | | | | | | | | | the previous implementations had several deficiencies, the most severe of which was the inability to report unconfigured interfaces or interfaces without ipv4 addresses. among the options discussed for fixing this, using netlink turned out to be the one with the least cost and most additional advantages. other improvements include: if_nameindex now avoids duplicates in the list it produces, but still includes legacy-style interface aliases if any are in use. getifaddrs now reports hardware addresses and includes the scope_id for link-local ipv6 addresses in the resulting address.
* add support for LC_TIME and LC_MESSAGES translationsRich Felker2014-07-262-2/+6
| | | | | | | | | | | | | | | | | for LC_MESSAGES, translation of strerror and similar literal message functions is supported. for messages in other places (particularly the dynamic linker) that use format strings, translation is not yet supported. in order to make it possible and safe, such messages will need to be refactored to separate the textual content from the format. for LC_TIME, the day and month names and strftime-style format strings provided by nl_langinfo are supported for translation. however there may be limitations, as some of the original C-locale nl_langinfo strings are non-unique and thus perhaps non-suitable as keys. overall, the locale support activated by this commit should not be seen as complete and polished but as a basis for beginning to test locale functionality and implement locales.
* add routing protocols to getprotoent-family functionsTimo Teräs2014-06-241-0/+2
| | | | iptables and quagga need them to work.
* implement result address sorting in the resolver (getaddrinfo, etc.)Rich Felker2014-06-212-0/+136
|
* fix gethostby*_r result pointer value on errorTimo Teräs2014-06-202-0/+3
| | | | | | | according to the documentation in the man pages, the GNU extension functions gethostbyaddr_r, gethostbyname_r and gethostbyname2_r are guaranteed to set the result pointer to NULL in case of error or no result.
* fix sendmmsg emulation return value for zero-length vectorRich Felker2014-06-201-0/+1
| | | | | this case is not even documented, but the kernel returns 0 here and it makes sense to be consistent.
* implement sendmmsg and recvmmsgRich Felker2014-06-192-0/+44
| | | | | | | these are not pure syscall wrappers because they have to work around kernel API bugs on 64-bit archs. the workarounds could probably be made somewhat more efficient, but at the cost of more complexity. this may be revisited later.
* avoid spurious lookup failures from badly-behaved nameserversRich Felker2014-06-071-5/+22
| | | | | | | | | | | | | | | | | | | | | | | | the results of a dns query, whether it's performed as part of one of the standard name-resolving functions or directly by res_send, should be a function of the query, not of the particular nameserver that responds to it. thus, all responses which indicate a failure or refusal by the nameserver, as opposed to a positive or negative result for the query, should be ignored. the strategy used is to re-issue the query immediately (but with a limit on the number of retries, in case the server is really broken) when a response code of 2 (server failure, typically transient) is seen, and otherwise take no action on bad responses (which generally indicate a misconfigured nameserver or one which the client does not have permission to use), allowing the normal retry interval to apply and of course accepting responses from other nameservers queried in parallel. empirically this matches the traditional resolver behavior for nameservers that respond with a code of 2 in the case where there is just a single nameserver configured. the behavior diverges when multiple nameservers are available, since musl is querying them in parallel. in this case we are mildly more aggressive at retrying.
* optimize SOCK_CLOEXEC fallback for socket functionRich Felker2014-06-061-2/+2
| | | | | | | | | the fcntl function is heavy, so make the syscall directly instead. also, avoid the code size and runtime overhead of querying the old flags, since it's reasonable to assume nothing will be set on a newly-created socket. this code is only used on old kernels which lack proper atomic close-on-exec support, so future changes that might invalidate such an assumption do not need to be considered.
* add SOCK_CLOEXEC fallback for socketpair on old kernelsRich Felker2014-06-061-1/+19
| | | | | as usual, this is non-atomic, but better than producing an error or failing to set the close-on-exec flag at all.
* implement dn_comp RFC 1035 domain name compressionSzabolcs Nagy2014-06-061-1/+102
| | | | | | | | the input name is validated, the other parameters are assumed to be valid (the list of already compressed names are not checked for infinite reference loops or out-of-bound offsets). names are handled case-sensitively for now.
* accept trailing . and empty domain namesSzabolcs Nagy2014-06-063-12/+16
| | | | | | trailing . should be accepted in domain name strings by convention (RFC 1034), host name lookup accepts "." but rejects empty "", res_* interfaces also accept empty name following existing practice.
* fix the domain name length limit checksSzabolcs Nagy2014-06-053-8/+8
| | | | | A domain name is at most 255 bytes long (RFC 1035), but the string representation is two bytes smaller so the strlen maximum is 253.