about summary refs log tree commit diff
path: root/src/network
Commit message (Collapse)AuthorAgeFilesLines
...
* add ipsec and tunneling protocols to getprotoent-family functionsTimo Teräs2014-06-021-0/+4
| | | | | iptables and ipsec-tools among others require these to function properly.
* fix off-by-one in checking hostname length in new resolver backendRich Felker2014-06-021-2/+2
| | | | | | | | | this bug was introduced in the recent resolver overhaul commits. it likely had visible symptoms. these were probably limited to wrongly accepting truncated versions of over-long names (vs rejecting them), as opposed to stack-based overflows or anything more severe, but no extensive checks were made. there have been no releases where this bug was present.
* improve getservbyname_r using new resolver backendRich Felker2014-06-012-22/+16
| | | | | | | | | | | | now that host and service lookup have been separated in the backend, there's no need for service lookup functions to pull in the host lookup code. moreover, dynamic allocation is no longer needed, so this function should now be async-signal-safe. it's also significantly smaller. one change in getservbyname is also made: knowing that getservbyname_r needs only two character pointers in the caller-provided buffer, some wasted bss can be avoided.
* improve gethostbyname2_r using new resolver backendRich Felker2014-06-011-35/+22
| | | | | | | | these changes reduce the size of the function somewhat and remove many of its dependencies, including free. in principle it should now be async-signal-safe, but this has not been verified in detail. minor changes to error handling are also made.
* refactor getaddrinfo and add support for most remaining featuresRich Felker2014-05-314-228/+360
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | this is the first phase of the "resolver overhaul" project. conceptually, the results of getaddrinfo are a direct product of a list of address results and a list of service results. the new code makes this explicit by computing these lists separately and combining the results. this adds support for services that have both tcp and udp versions, where the caller has not specified which it wants, and eliminates a number of duplicate code paths which were all producing the final output addrinfo structures, but in subtly different ways, making it difficult to implement any of the features which were missing. in addition to the above benefits, the refactoring allows for legacy functions like gethostbyname to be implemented without using the getaddrinfo function itself. such changes to the legacy functions have not yet been made, however. further improvements include matching of service alias names from /etc/services (previously only the primary name was supported), returning multiple results from /etc/hosts (previously only the first matching line was honored), and support for the AI_V4MAPPED and AI_ALL flags. features which remain unimplemented are IDN translations (encoding non-ASCII hostnames for DNS lookup) and the AI_ADDRCONFIG flag. at this point, the DNS-based name resolving code is still based on the old interfaces in __dns.c, albeit somewhat simpler in its use of them. there may be some dead code which could already be removed, but changes to this layer will be a later phase of the resolver overhaul.
* add fallback emulation for accept4 on old kernelsRich Felker2014-02-211-1/+12
| | | | | | | | | | | | the other atomic FD_CLOEXEC interfaces (dup3, pipe2, socket) already had such emulation in place. the justification for doing the emulation here is the same as for the other functions: it allows applications to simply use accept4 rather than having to have their own fallback code for ENOSYS/EINVAL (which one you get is arch-specific!) and there is no reasonable way an application could benefit from knowing the operation is emulated/non-atomic since there is no workaround at the application level for non-atomicity (that is the whole reason these interfaces were added).
* add ipv6 and icmpv6 to getprotoent-family functionsRich Felker2014-02-131-1/+3
| | | | based on patch by orc.
* fix typo in table for getprotoent that caused out-of-bound readsRich Felker2014-02-131-1/+1
| | | | | | | | this was unlikely to lead to any crash or dangerous behavior, but caused adjacent string constants to be treated as part of the protocols table, possibly returning nonsensical results for unknown protocol names/numbers or when getprotoent was called in a loop to enumerate all protocols.
* fix argument types for legacy function inet_makeaddrRich Felker2014-01-061-2/+1
| | | | | | the type int was taken from seemingly erroneous man pages. glibc uses in_addr_t (uint32_t), and semantically, the arguments should be unsigned.
* implement legacy function herrorRich Felker2013-12-201-0/+8
| | | | based on patch by Timo Teräs; greatly simplified to use fprintf.
* include cleanups: remove unused headers and add feature test macrosSzabolcs Nagy2013-12-1213-18/+3
|
* remove an unnecessary check in inet_ptonSzabolcs Nagy2013-12-121-2/+1
| | | | | at most 4 hexadecimal digits are processed in one field so the value cannot overflow. the netdb.h header was not used.
* support mix of IPv4 and v6 nameservers in resolv.confRich Felker2013-11-301-5/+31
| | | | | | | | | | | | | | | | | a v6 socket will only be used if there is at least one v6 nameserver address. if the kernel lacks v6 support, the code will fall back to using a v4 socket and requests to v6 servers will silently fail. when using a v6 socket, v4 addresses are converted to v4-mapped form and setsockopt is used to ensure that the v6 socket can accept both v4 and v6 traffic (this is on-by-default on Linux but the default is configurable in /proc and so it needs to be set explicitly on the socket level). this scheme avoids increasing resource usage during lookups and allows the existing network io loop to be used without modification. previously, nameservers whose address family did not match the address family of the first-listed nameserver were simply ignored. prior to recent __ipparse fixes, they were not ignored but erroneously parsed.
* reject invalid address families in getaddrinfoRich Felker2013-11-271-0/+3
| | | | | | | subsequent code assumes the address family requested is either unspecified or one of IPv4/IPv6, and could malfunction if this constraint is not met, so other address families should be explicitly rejected.
* remove duplicate includes from dynlink.c, strfmon.c and getaddrinfo.cSzabolcs Nagy2013-11-251-3/+0
|
* Fix dn_comp prototype and add stubMichael Forney2013-11-241-0/+9
| | | | This function is used by ping6 from iputils.
* Fix dn_expand pointer followingMichael Forney2013-11-231-1/+1
|
* fix fd leak (missing close-on-exec) in getifaddrsRich Felker2013-11-201-1/+1
|
* fix regression in inet_aton due to misinterpretation of __ipparse returnRich Felker2013-11-022-3/+3
| | | | | | | inet_aton returns a boolean success value, whereas __ipparse returns 0 on success and -1 on failure. also change the conditional in inet_addr to be consistent with other uses of __ipparse where only negative values are treated as failure.
* fix inet_ptonSzabolcs Nagy2013-10-231-26/+19
| | | | | | | | * parse IPv4 dotted-decimal correctly (without strtoul, no leading zeros) * disallow single leading ':' in IPv6 address * allow at most 4 hex digits in IPv6 address (according to RFC 2373) * have enough hex fields in IPv4 mapped IPv6 address * disallow leading zeros in IPv4 mapped IPv6 address
* fix __ipparse to parse the generic numbers-and-dots IPv4 format correctlySzabolcs Nagy2013-10-221-5/+12
| | | | | | | * allow at most 4 parts * bounds check the parts correctly * disallow leading whitespace and sign * check the address family before falling back to IPv6
* fix inet_aton to accept the generic "numbers-and-dots" IPv4 address formatSzabolcs Nagy2013-10-221-1/+4
|
* split inet_addr and inet_ntoa back into their own filesRich Felker2013-10-213-16/+21
| | | | | | | despite being practically deprecated, these functions are still part of the standard and thus cannot reside in a file that also contains namespace pollution. this reverts some of the changes made in commit e40f48a421a9176e3e298b5bac75f0355b219e58.
* fix return value for inet_pton in ipv6 failure casesRich Felker2013-10-191-6/+6
| | | | | in the case of input that does not match the expected form, the correct return value is 0, not -1.
* fix regression in dn_expand/reverse dnsRich Felker2013-08-231-1/+1
| | | | | | off-by-one error copying the name components was yielding junk at the beginning and truncating one character at the end (of every component).
* fix length computation in dn_expandRich Felker2013-08-141-3/+5
| | | | | | | there are two possible points where the length is evaluated: either the first 'compression' jump, or the null terminator if no jumps have taken place yet. the previous code only measured the length of the first component.
* de-duplicate dn_expand, fix return value and signature, clean upRich Felker2013-08-142-48/+23
| | | | | | | | | | | | | | | | | the duplicate code in dn_expand and its incorrect return values are both results of the history of the code: the version in __dns.c was originally written with no awareness of the legacy resolver API, and was later copy-and-paste duplicated to provide the legacy API. this commit is the first of a series that will restructure the internal dns code to share as much code as possible with the legacy resolver API functions. I have also removed the loop detection logic, since the output buffer length limit naturally prevents loops. in order to avoid long runtime when encountering a loop if the caller provided a ridiculously long buffer, the caller-provided length is clamped at the maximum dns name length.
* fix undefined strcpy call in inet_ntopRich Felker2013-07-251-1/+1
| | | | | source and dest arguments for strcpy cannot overlap, so memmove must be used here. the length is already known from the above loop.
* make inet_ntop format v4-mapped ipv6 addresses properlyRich Felker2013-07-251-8/+14
| | | | | | | | | | | | | | based on a patch by orc. POSIX actually fails to specify the format of the ntop conversion; presumably, any output that will correctly round-trip back via the (well-specified) pton operation is acceptable. the new behavior is much more convenient than the old, however. this patch also affects getnameinfo, which is implemented in terms of inet_ntop and which is the preferred interface for performing this conversion. I've also removed some inexplicable cruft (filling the buffer with 'x' before doing anything) whose origin I was unable to track down.
* make getaddrinfo with AF_UNSPEC and null host return both IPv4 and v6Rich Felker2013-07-241-14/+23
| | | | | | based on a patch by orc, with indexing and flow control cleaned up a little bit. this code is all going to be replaced at some point in the near future.
* fix missing SOCK_CLOEXEC in various functions that use sockets internallyRich Felker2013-07-094-4/+4
|
* add stubs for additional legacy ether.h functionsRich Felker2013-07-011-0/+15
| | | | | | these would not be expensive to actually implement, but reading /etc/ethers does not sound like a particularly useful feature, so for now I'm leaving them as stubs.
* implement inet_lnaof, inet_netof, and inet_makeaddrRich Felker2013-06-255-39/+55
| | | | | | | | | also move all legacy inet_* functions into a single file to avoid wasting object file and compile time overhead on them. the added functions are legacy interfaces for working with classful ipv4 network addresses. they have no modern usefulness whatsoever, but some programs unconditionally use them anyway, and they're tiny.
* add ether_aton[_r] and ether_ntoa[_r] functionsRich Felker2013-06-251-0/+43
| | | | | | | based on patch by Strake with minor stylistic changes, and combined into a single file. this patch remained open for a long time due to some question as to whether ether_aton would be better implemented in terms of sscanf, and it's time something was committed, so here it is.
* getifaddrs: implement proper ipv6 netmasksrofl0r2013-04-091-2/+11
|
* getifaddrs: remove unused labelrofl0r2013-04-061-1/+0
|
* getifaddrs: use if_nameindex to enumerate interfacesrofl0r2013-04-051-23/+9
|
* getifaddrs: one less indent levelrofl0r2013-04-051-30/+28
|
* getifaddrs: less mallocrofl0r2013-04-051-55/+52
|
* add getifaddrsrofl0r2013-04-051-0/+191
| | | | | | supports ipv4 and ipv6, but not the "extended" usage where usage statistics and other info are assigned to ifa_data members of duplicate entries with AF_PACKET family.
* implement dn_skipname (legacy resolver function)Rich Felker2013-04-041-0/+12
|
* dynamically allocate storage for gethostby* buffersRich Felker2013-02-022-10/+32
| | | | | | | | | | this change shaves ~1k off libc.so bss size, and also avoids hard errors in the case where the static buffer was not large enough to hold the result. this whole framework is really ugly and might should be replaced or at least heavily overhauled when some changes/factorizations are made to getaddrinfo internals in the future.
* fix blank ai_canonname from getaddrinfo for non-CNAMEsRich Felker2013-02-021-1/+1
|
* fix memory leak due to double call to getaddrinfo in gethostbyname*Rich Felker2013-02-021-1/+0
|
* fix error returns in gethostby*_r functionsRich Felker2013-02-022-17/+10
| | | | they're supposed to return an error code rather than using errno.
* add inet_network (required for wine)rofl0r2012-12-191-0/+11
|
* improve SOCK_NONBLOCK/SOCK_CLOEXEC fallback codeRich Felker2012-11-051-1/+2
| | | | | | | | | | | | | | | | checking for EINVAL should be sufficient, but qemu user emulation returns EPROTONOSUPPORT in some of the failure cases, and it seems conceivable that other kernels doing linux-emulation could make the same mistake. since DNS lookups and other important code might break if the fallback does not get invoked, be extra careful and check for either error. note that it's important NOT to perform the fallback code on other errors such as resource-exhaustion cases, since the fallback is not atomic and will lead to file-descriptor leaks in multi-threaded programs that use exec. the fallback code is only "safe" to run when the initial failure is caused by the application's choice of arguments, not the system state.
* fix some more O_CLOEXEC/SOCK_CLOEXEC issuesRich Felker2012-09-291-3/+1
|
* move accept4, dup3, and pipe2 to non-linux-specific locationsRich Felker2012-09-291-0/+9
| | | | | these interfaces have been adopted by the Austin Group for inclusion in the next version of POSIX.
* emulate SOCK_CLOEXEC and SOCK_NONBLOCK for old (pre-2.6.27) kernelsRich Felker2012-09-291-1/+14
| | | | | | | | | | | | | | | also update syslog to use SOCK_CLOEXEC rather than separate fcntl step, to make it safe in multithreaded programs that run external programs. emulation is not atomic; it could be made atomic by holding a lock on forking during the operation, but this seems like overkill. my goal is not to achieve perfect behavior on old kernels (which have plenty of other imperfect behavior already) but to avoid catastrophic breakage in (1) syslog, which would give no output on old kernels with the change to use SOCK_CLOEXEC, and (2) programs built on a new kernel where configure scripts detected a working SOCK_CLOEXEC, which later get run on older kernels (they may otherwise fail to work completely).