2 * Copyright (c) 2014 Andreas Schneider <asn@samba.org>
3 * Copyright (c) 2014 Jakub Hrozek <jakub.hrozek@posteo.se>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
18 * 3. Neither the name of the author nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
38 #include <arpa/inet.h>
39 #ifdef HAVE_ARPA_NAMESER_H
40 #include <arpa/nameser.h>
41 #endif /* HAVE_ARPA_NAMESER_H */
42 #include <netinet/in.h>
43 #include <sys/socket.h>
44 #include <sys/types.h>
55 /* GCC has printf type attribute check. */
56 #ifdef HAVE_ATTRIBUTE_PRINTF_FORMAT
57 #define PRINTF_ATTRIBUTE(a,b) __attribute__ ((__format__ (__printf__, a, b)))
59 #define PRINTF_ATTRIBUTE(a,b)
60 #endif /* HAVE_ATTRIBUTE_PRINTF_FORMAT */
62 #ifdef HAVE_DESTRUCTOR_ATTRIBUTE
63 #define DESTRUCTOR_ATTRIBUTE __attribute__ ((destructor))
65 #define DESTRUCTOR_ATTRIBUTE
66 #endif /* HAVE_DESTRUCTOR_ATTRIBUTE */
68 #ifndef RWRAP_DEFAULT_FAKE_TTL
69 #define RWRAP_DEFAULT_FAKE_TTL 600
70 #endif /* RWRAP_DEFAULT_FAKE_TTL */
72 #ifndef HAVE_NS_NAME_COMPRESS
73 #define ns_name_compress dn_comp
85 static void rwrap_log(enum rwrap_dbglvl_e dbglvl, const char *func, const char *format, ...) PRINTF_ATTRIBUTE(3, 4);
86 # define RWRAP_LOG(dbglvl, ...) rwrap_log((dbglvl), __func__, __VA_ARGS__)
88 static void rwrap_log(enum rwrap_dbglvl_e dbglvl,
90 const char *format, ...)
98 d = getenv("RESOLV_WRAPPER_DEBUGLEVEL");
107 va_start(va, format);
108 vsnprintf(buffer, sizeof(buffer), format, va);
112 case RWRAP_LOG_ERROR:
114 "RWRAP_ERROR(%d) - %s: %s\n",
119 "RWRAP_WARN(%d) - %s: %s\n",
122 case RWRAP_LOG_DEBUG:
124 "RWRAP_DEBUG(%d) - %s: %s\n",
127 case RWRAP_LOG_TRACE:
129 "RWRAP_TRACE(%d) - %s: %s\n",
136 #define SAFE_FREE(x) do { if ((x) != NULL) {free(x); (x)=NULL;} } while(0)
139 #define NEXT_KEY(buf, key) do { \
140 (key) = (buf) ? strpbrk((buf), " \t") : NULL; \
141 if ((key) != NULL) { \
145 while ((key) != NULL \
146 && (isblank((int)(key)[0]))) { \
151 #define RWRAP_MAX_RECURSION 64
153 /* Priority and weight can be omitted from the hosts file, but need to be part
156 #define DFL_SRV_PRIO 1
157 #define DFL_SRV_WEIGHT 100
158 #define DFL_URI_PRIO 1
159 #define DFL_URI_WEIGHT 100
161 struct rwrap_srv_rrdata {
165 char hostname[MAXDNAME];
168 struct rwrap_uri_rrdata {
174 struct rwrap_soa_rrdata {
180 char nameserver[MAXDNAME];
181 char mailbox[MAXDNAME];
184 struct rwrap_fake_rr {
186 struct in_addr a_rec;
187 struct in6_addr aaaa_rec;
188 struct rwrap_srv_rrdata srv_rec;
189 struct rwrap_uri_rrdata uri_rec;
190 struct rwrap_soa_rrdata soa_rec;
191 char cname_rec[MAXDNAME];
192 char ptr_rec[MAXDNAME];
196 int type; /* ns_t_* */
199 static void rwrap_fake_rr_init(struct rwrap_fake_rr *rr, size_t len)
203 for (i = 0; i < len; i++) {
204 rr[i].type = ns_t_invalid;
208 static int rwrap_create_fake_a_rr(const char *key,
210 struct rwrap_fake_rr *rr)
214 ok = inet_pton(AF_INET, value, &rr->rrdata.a_rec);
216 RWRAP_LOG(RWRAP_LOG_ERROR,
217 "Failed to convert [%s] to binary\n", value);
221 memcpy(rr->key, key, strlen(key) + 1);
226 static int rwrap_create_fake_aaaa_rr(const char *key,
228 struct rwrap_fake_rr *rr)
232 ok = inet_pton(AF_INET6, value, &rr->rrdata.aaaa_rec);
234 RWRAP_LOG(RWRAP_LOG_ERROR,
235 "Failed to convert [%s] to binary\n", value);
239 memcpy(rr->key, key, strlen(key) + 1);
240 rr->type = ns_t_aaaa;
243 static int rwrap_create_fake_ns_rr(const char *key,
245 struct rwrap_fake_rr *rr)
247 memcpy(rr->rrdata.srv_rec.hostname, value, strlen(value) + 1);
248 memcpy(rr->key, key, strlen(key) + 1);
253 static int rwrap_create_fake_srv_rr(const char *key,
255 struct rwrap_fake_rr *rr)
260 const char *hostname;
262 /* parse the value into priority, weight, port and hostname
263 * and check the validity */
265 NEXT_KEY(hostname, str_port);
266 NEXT_KEY(str_port, str_prio);
267 NEXT_KEY(str_prio, str_weight);
268 if (str_port == NULL || hostname == NULL) {
269 RWRAP_LOG(RWRAP_LOG_ERROR,
270 "Malformed SRV entry [%s]\n", value);
275 rr->rrdata.srv_rec.prio = atoi(str_prio);
277 rr->rrdata.srv_rec.prio = DFL_SRV_PRIO;
280 rr->rrdata.srv_rec.weight = atoi(str_weight);
282 rr->rrdata.srv_rec.weight = DFL_SRV_WEIGHT;
284 rr->rrdata.srv_rec.port = atoi(str_port);
285 memcpy(rr->rrdata.srv_rec.hostname , hostname, strlen(hostname) + 1);
287 memcpy(rr->key, key, strlen(key) + 1);
292 static int rwrap_create_fake_uri_rr(const char *key,
294 struct rwrap_fake_rr *rr)
300 /* parse the value into priority, weight, and uri
301 * and check the validity */
303 NEXT_KEY(uri, str_prio);
304 NEXT_KEY(str_prio, str_weight);
306 RWRAP_LOG(RWRAP_LOG_ERROR,
307 "Malformed URI entry [%s]\n", value);
312 rr->rrdata.uri_rec.prio = atoi(str_prio);
314 rr->rrdata.uri_rec.prio = DFL_URI_PRIO;
317 rr->rrdata.uri_rec.weight = atoi(str_weight);
319 rr->rrdata.uri_rec.weight = DFL_URI_WEIGHT;
321 memcpy(rr->rrdata.uri_rec.uri, uri, strlen(uri) + 1);
323 memcpy(rr->key, key, strlen(key) + 1);
328 static int rwrap_create_fake_soa_rr(const char *key,
330 struct rwrap_fake_rr *rr)
332 const char *nameserver;
340 /* parse the value into nameserver, mailbox, serial, refresh,
341 * retry, expire, minimum and check the validity
344 NEXT_KEY(nameserver, mailbox);
345 NEXT_KEY(mailbox, str_serial);
346 NEXT_KEY(str_serial, str_refresh);
347 NEXT_KEY(str_refresh, str_retry);
348 NEXT_KEY(str_retry, str_expire);
349 NEXT_KEY(str_expire, str_minimum);
350 if (nameserver == NULL || mailbox == NULL || str_serial == NULL ||
351 str_refresh == NULL || str_retry == NULL || str_expire == NULL ||
352 str_minimum == NULL) {
353 RWRAP_LOG(RWRAP_LOG_ERROR,
354 "Malformed SOA entry [%s]\n", value);
358 memcpy(rr->rrdata.soa_rec.nameserver, nameserver, strlen(nameserver)+1);
359 memcpy(rr->rrdata.soa_rec.mailbox, mailbox, strlen(mailbox)+1);
361 rr->rrdata.soa_rec.serial = atoi(str_serial);
362 rr->rrdata.soa_rec.refresh = atoi(str_refresh);
363 rr->rrdata.soa_rec.retry = atoi(str_retry);
364 rr->rrdata.soa_rec.expire = atoi(str_expire);
365 rr->rrdata.soa_rec.minimum = atoi(str_minimum);
367 memcpy(rr->key, key, strlen(key) + 1);
372 static int rwrap_create_fake_cname_rr(const char *key,
374 struct rwrap_fake_rr *rr)
376 memcpy(rr->rrdata.cname_rec , value, strlen(value) + 1);
377 memcpy(rr->key, key, strlen(key) + 1);
378 rr->type = ns_t_cname;
382 static int rwrap_create_fake_ptr_rr(const char *key,
384 struct rwrap_fake_rr *rr)
386 memcpy(rr->rrdata.ptr_rec , value, strlen(value) + 1);
387 memcpy(rr->key, key, strlen(key) + 1);
392 /* Prepares a fake header with a single response. Advances header_blob */
393 static ssize_t rwrap_fake_header(uint8_t **header_blob, size_t remaining,
394 size_t ancount, size_t arcount)
399 if (remaining < NS_HFIXEDSZ) {
400 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small!\n");
405 memset(hb, 0, NS_HFIXEDSZ);
408 h->id = res_randomid(); /* random query ID */
409 h->qr = 1; /* response flag */
410 h->rd = 1; /* recursion desired */
411 h->ra = 1; /* recursion available */
413 h->qdcount = htons(1); /* no. of questions */
414 h->ancount = htons(ancount); /* no. of answers */
415 h->arcount = htons(arcount); /* no. of add'tl records */
417 hb += NS_HFIXEDSZ; /* move past the header */
423 static ssize_t rwrap_fake_question(const char *question,
425 uint8_t **question_ptr,
428 uint8_t *qb = *question_ptr;
431 n = ns_name_compress(question, qb, remaining, NULL, NULL);
433 RWRAP_LOG(RWRAP_LOG_ERROR,
434 "Failed to compress [%s]\n", question);
441 if (remaining < 2 * sizeof(uint16_t)) {
442 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small!\n");
447 NS_PUT16(ns_c_in, qb);
450 return n + 2 * sizeof(uint16_t);
453 static ssize_t rwrap_fake_rdata_common(uint16_t type,
459 uint8_t *rd = *rdata_ptr;
462 written = ns_name_compress(key, rd, remaining, NULL, NULL);
464 RWRAP_LOG(RWRAP_LOG_ERROR,
465 "Failed to compress [%s]\n", key);
469 remaining -= written;
471 if (remaining < 3 * sizeof(uint16_t) + sizeof(uint32_t)) {
472 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small\n");
477 NS_PUT16(ns_c_in, rd);
478 NS_PUT32(RWRAP_DEFAULT_FAKE_TTL, rd);
479 NS_PUT16(rdata_size, rd);
481 if (remaining < rdata_size) {
482 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small\n");
487 return written + 3 * sizeof(uint16_t) + sizeof(uint32_t) + rdata_size;
490 static ssize_t rwrap_fake_a(struct rwrap_fake_rr *rr,
494 uint8_t *a = answer_ptr;
497 if (rr->type != ns_t_a) {
498 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
501 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding A RR");
503 resp_size = rwrap_fake_rdata_common(ns_t_a, sizeof(struct in_addr), rr->key,
509 memcpy(a, &rr->rrdata.a_rec, sizeof(struct in_addr));
514 static ssize_t rwrap_fake_aaaa(struct rwrap_fake_rr *rr,
521 if (rr->type != ns_t_aaaa) {
522 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
525 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding AAAA RR");
527 resp_size = rwrap_fake_rdata_common(ns_t_aaaa, sizeof(struct in6_addr),
528 rr->key, anslen, &a);
533 memcpy(a, &rr->rrdata.aaaa_rec, sizeof(struct in6_addr));
538 static ssize_t rwrap_fake_ns(struct rwrap_fake_rr *rr,
543 ssize_t resp_size = 0;
545 unsigned char hostname_compressed[MAXDNAME];
546 ssize_t compressed_len;
548 if (rr->type != ns_t_ns) {
549 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
552 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding NS RR");
554 /* Prepare the data to write */
555 compressed_len = ns_name_compress(rr->rrdata.srv_rec.hostname,
560 if (compressed_len < 0) {
564 /* Is this enough? */
565 rdata_size = compressed_len;
567 resp_size = rwrap_fake_rdata_common(ns_t_ns, rdata_size,
568 rr->key, anslen, &a);
573 memcpy(a, hostname_compressed, compressed_len);
578 static ssize_t rwrap_fake_srv(struct rwrap_fake_rr *rr,
585 unsigned char hostname_compressed[MAXDNAME];
586 ssize_t compressed_len;
588 if (rr->type != ns_t_srv) {
589 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
592 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding SRV RR");
593 rdata_size = 3 * sizeof(uint16_t);
595 /* Prepare the data to write */
596 compressed_len = ns_name_compress(rr->rrdata.srv_rec.hostname,
597 hostname_compressed, MAXDNAME,
599 if (compressed_len < 0) {
602 rdata_size += compressed_len;
604 resp_size = rwrap_fake_rdata_common(ns_t_srv, rdata_size,
605 rr->key, anslen, &a);
610 NS_PUT16(rr->rrdata.srv_rec.prio, a);
611 NS_PUT16(rr->rrdata.srv_rec.weight, a);
612 NS_PUT16(rr->rrdata.srv_rec.port, a);
613 memcpy(a, hostname_compressed, compressed_len);
618 static ssize_t rwrap_fake_uri(struct rwrap_fake_rr *rr,
627 if (rr->type != ns_t_uri) {
628 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
631 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding URI RR");
632 rdata_size = 3 * sizeof(uint16_t);
633 uri_len = strlen(rr->rrdata.uri_rec.uri) + 1;
634 rdata_size += uri_len;
636 resp_size = rwrap_fake_rdata_common(ns_t_uri, rdata_size,
637 rr->key, anslen, &a);
642 NS_PUT16(rr->rrdata.uri_rec.prio, a);
643 NS_PUT16(rr->rrdata.uri_rec.weight, a);
644 memcpy(a, rr->rrdata.uri_rec.uri, uri_len);
649 static ssize_t rwrap_fake_soa(struct rwrap_fake_rr *rr,
656 unsigned char nameser_compressed[MAXDNAME];
657 ssize_t compressed_ns_len;
658 unsigned char mailbox_compressed[MAXDNAME];
659 ssize_t compressed_mb_len;
661 if (rr->type != ns_t_soa) {
662 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
665 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding SOA RR");
666 rdata_size = 5 * sizeof(uint16_t);
668 compressed_ns_len = ns_name_compress(rr->rrdata.soa_rec.nameserver,
670 MAXDNAME, NULL, NULL);
671 if (compressed_ns_len < 0) {
674 rdata_size += compressed_ns_len;
676 compressed_mb_len = ns_name_compress(rr->rrdata.soa_rec.mailbox,
678 MAXDNAME, NULL, NULL);
679 if (compressed_mb_len < 0) {
682 rdata_size += compressed_mb_len;
684 resp_size = rwrap_fake_rdata_common(ns_t_soa, rdata_size,
685 rr->key, anslen, &a);
690 memcpy(a, nameser_compressed, compressed_ns_len);
691 a += compressed_ns_len;
692 memcpy(a, mailbox_compressed, compressed_mb_len);
693 a += compressed_mb_len;
694 NS_PUT32(rr->rrdata.soa_rec.serial, a);
695 NS_PUT32(rr->rrdata.soa_rec.refresh, a);
696 NS_PUT32(rr->rrdata.soa_rec.retry, a);
697 NS_PUT32(rr->rrdata.soa_rec.expire, a);
698 NS_PUT32(rr->rrdata.soa_rec.minimum, a);
703 static ssize_t rwrap_fake_cname(struct rwrap_fake_rr *rr,
709 unsigned char hostname_compressed[MAXDNAME];
712 if (rr->type != ns_t_cname) {
713 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
716 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding CNAME RR");
718 /* Prepare the data to write */
719 rdata_size = ns_name_compress(rr->rrdata.cname_rec,
720 hostname_compressed, MAXDNAME,
722 if (rdata_size < 0) {
726 resp_size = rwrap_fake_rdata_common(ns_t_cname, rdata_size,
727 rr->key, anslen, &a);
732 memcpy(a, hostname_compressed, rdata_size);
737 static ssize_t rwrap_fake_ptr(struct rwrap_fake_rr *rr,
744 unsigned char hostname_compressed[MAXDNAME];
746 if (rr->type != ns_t_ptr) {
747 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
750 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding PTR RR");
752 /* Prepare the data to write */
753 rdata_size = ns_name_compress(rr->rrdata.ptr_rec,
754 hostname_compressed, MAXDNAME,
756 if (rdata_size < 0) {
760 resp_size = rwrap_fake_rdata_common(ns_t_ptr, rdata_size,
761 rr->key, anslen, &a);
766 memcpy(a, hostname_compressed, rdata_size);
771 #define RESOLV_MATCH(line, name) \
772 (strncmp(line, name, sizeof(name) - 1) == 0 && \
773 (line[sizeof(name) - 1] == ' ' || \
774 line[sizeof(name) - 1] == '\t'))
776 #define TYPE_MATCH(type, ns_type, rec_type, str_type, key, query) \
777 ((type) == (ns_type) && \
778 (strncmp((rec_type), (str_type), sizeof(str_type)) == 0) && \
779 (strcasecmp(key, query)) == 0)
782 static int rwrap_get_record(const char *hostfile, unsigned recursion,
783 const char *query, int type,
784 struct rwrap_fake_rr *rr);
786 static int rwrap_uri_recurse(const char *hostfile, unsigned recursion,
787 const char *query, struct rwrap_fake_rr *rr)
791 rc = rwrap_get_record(hostfile, recursion, query, ns_t_uri, rr);
799 static int rwrap_srv_recurse(const char *hostfile, unsigned recursion,
800 const char *query, struct rwrap_fake_rr *rr)
804 rc = rwrap_get_record(hostfile, recursion, query, ns_t_a, rr);
805 if (rc == 0) return 0;
807 rc = rwrap_get_record(hostfile, recursion, query, ns_t_aaaa, rr);
808 if (rc == ENOENT) rc = 0;
813 static int rwrap_cname_recurse(const char *hostfile, unsigned recursion,
814 const char *query, struct rwrap_fake_rr *rr)
818 rc = rwrap_get_record(hostfile, recursion, query, ns_t_a, rr);
819 if (rc == 0) return 0;
821 rc = rwrap_get_record(hostfile, recursion, query, ns_t_aaaa, rr);
822 if (rc == 0) return 0;
824 rc = rwrap_get_record(hostfile, recursion, query, ns_t_cname, rr);
825 if (rc == ENOENT) rc = 0;
830 static int rwrap_get_record(const char *hostfile, unsigned recursion,
831 const char *query, int type,
832 struct rwrap_fake_rr *rr)
839 unsigned num_uris = 0;
841 if (recursion >= RWRAP_MAX_RECURSION) {
842 RWRAP_LOG(RWRAP_LOG_ERROR, "Recursed too deep!\n");
846 RWRAP_LOG(RWRAP_LOG_TRACE,
847 "Searching in fake hosts file %s for %s:%d\n", hostfile,
850 fp = fopen(hostfile, "r");
852 RWRAP_LOG(RWRAP_LOG_ERROR,
853 "Opening %s failed: %s",
854 hostfile, strerror(errno));
858 while (fgets(buf, sizeof(buf), fp) != NULL) {
865 NEXT_KEY(rec_type, key);
866 NEXT_KEY(key, value);
868 if (key == NULL || value == NULL) {
869 RWRAP_LOG(RWRAP_LOG_WARN,
870 "Malformed line: not enough parts, use \"rec_type key data\n"
871 "For example \"A cwrap.org 10.10.10.10\"");
876 while(q[0] != '\n' && q[0] != '\0') {
881 if (type == ns_t_uri && recursion > 0) {
882 /* Skip non-URI records. */
883 if (!TYPE_MATCH(type, ns_t_uri, rec_type, "URI", key, query)) {
886 /* Skip previous records based on the recurse depth. */
888 if (num_uris <= recursion) {
893 if (TYPE_MATCH(type, ns_t_a, rec_type, "A", key, query)) {
894 rc = rwrap_create_fake_a_rr(key, value, rr);
896 } else if (TYPE_MATCH(type, ns_t_aaaa,
897 rec_type, "AAAA", key, query)) {
898 rc = rwrap_create_fake_aaaa_rr(key, value, rr);
900 } else if (TYPE_MATCH(type, ns_t_ns,
901 rec_type, "NS", key, query)) {
902 rc = rwrap_create_fake_ns_rr(key, value, rr);
904 } else if (TYPE_MATCH(type, ns_t_srv,
905 rec_type, "SRV", key, query)) {
906 rc = rwrap_create_fake_srv_rr(key, value, rr);
908 rc = rwrap_srv_recurse(hostfile, recursion+1,
909 rr->rrdata.srv_rec.hostname,
913 } else if (TYPE_MATCH(type, ns_t_uri,
914 rec_type, "URI", key, query)) {
915 rc = rwrap_create_fake_uri_rr(key, value, rr);
917 /* Recurse to collect multiple URI answers under a single key. */
918 rc = rwrap_uri_recurse(hostfile, recursion + 1, key, rr + 1);
921 } else if (TYPE_MATCH(type, ns_t_soa,
922 rec_type, "SOA", key, query)) {
923 rc = rwrap_create_fake_soa_rr(key, value, rr);
925 } else if (TYPE_MATCH(type, ns_t_cname,
926 rec_type, "CNAME", key, query)) {
927 rc = rwrap_create_fake_cname_rr(key, value, rr);
929 rc = rwrap_cname_recurse(hostfile, recursion+1,
933 } else if (TYPE_MATCH(type, ns_t_a, rec_type, "CNAME", key, query)) {
934 rc = rwrap_create_fake_cname_rr(key, value, rr);
936 rc = rwrap_cname_recurse(hostfile, recursion+1,
940 } else if (TYPE_MATCH(type, ns_t_ptr,
941 rec_type, "PTR", key, query)) {
942 rc = rwrap_create_fake_ptr_rr(key, value, rr);
947 if (rc == ENOENT && recursion == 0 && key != NULL) {
948 RWRAP_LOG(RWRAP_LOG_TRACE, "Record for [%s] not found\n", query);
949 memcpy(rr->key, key, strlen(key) + 1);
956 static ssize_t rwrap_fake_empty(int type,
957 const char *question,
962 size_t remaining = anslen;
964 resp_data = rwrap_fake_header(&answer, remaining, 0, 0);
968 remaining -= resp_data;
970 resp_data += rwrap_fake_question(question, type, &answer, remaining);
974 remaining -= resp_data;
976 resp_data += rwrap_fake_rdata_common(type, 0, question,
985 static inline bool rwrap_known_type(int type)
1002 static int rwrap_ancount(struct rwrap_fake_rr *rrs, int qtype)
1007 /* For URI return the number of URIs. */
1008 if (qtype == ns_t_uri) {
1009 for (i = 0; i < RWRAP_MAX_RECURSION; i++) {
1010 if (rwrap_known_type(rrs[i].type) &&
1011 rrs[i].type == qtype) {
1018 /* Include all RRs in the stack until the sought type
1019 * in the answer section. This is the case i.e. when looking
1020 * up an A record but the name points to a CNAME
1022 for (i = 0; i < RWRAP_MAX_RECURSION; i++) {
1025 if (rwrap_known_type(rrs[i].type) &&
1026 rrs[i].type == qtype) {
1031 /* Return 0 records if the sought type wasn't in the stack */
1032 return i < RWRAP_MAX_RECURSION ? ancount : 0;
1035 static int rwrap_arcount(struct rwrap_fake_rr *rrs, int ancount)
1040 /* start from index ancount */
1041 for (i = ancount; i < RWRAP_MAX_RECURSION; i++) {
1042 if (rwrap_known_type(rrs[i].type)) {
1050 static ssize_t rwrap_add_rr(struct rwrap_fake_rr *rr,
1057 RWRAP_LOG(RWRAP_LOG_ERROR, "Internal error!\n");
1063 resp_data = rwrap_fake_a(rr, answer, anslen);
1066 resp_data = rwrap_fake_aaaa(rr, answer, anslen);
1069 resp_data = rwrap_fake_ns(rr, answer, anslen);
1072 resp_data = rwrap_fake_srv(rr, answer, anslen);
1075 resp_data = rwrap_fake_uri(rr, answer, anslen);
1078 resp_data = rwrap_fake_soa(rr, answer, anslen);
1081 resp_data = rwrap_fake_cname(rr, answer, anslen);
1084 resp_data = rwrap_fake_ptr(rr, answer, anslen);
1093 static ssize_t rwrap_fake_answer(struct rwrap_fake_rr *rrs,
1101 size_t remaining = anslen;
1106 ancount = rwrap_ancount(rrs, type);
1107 arcount = rwrap_arcount(rrs, ancount);
1108 RWRAP_LOG(RWRAP_LOG_TRACE,
1109 "Got %d answers and %d additional records\n", ancount, arcount);
1111 resp_data = rwrap_fake_header(&answer, remaining, ancount, arcount);
1112 if (resp_data < 0) {
1115 remaining -= resp_data;
1117 resp_data += rwrap_fake_question(rrs->key, rrs->type, &answer, remaining);
1118 if (resp_data < 0) {
1121 remaining -= resp_data;
1124 for (i = 0; i < ancount; i++) {
1125 rrlen = rwrap_add_rr(&rrs[i], answer, remaining);
1134 /* add authoritative NS here? */
1136 /* additional records */
1137 for (i = ancount; i < ancount + arcount; i++) {
1138 rrlen = rwrap_add_rr(&rrs[i], answer, remaining);
1150 /* Reads in a file in the following format:
1153 * Malformed entries are silently skipped.
1154 * Allocates answer buffer of size anslen that has to be freed after use.
1156 static int rwrap_res_fake_hosts(const char *hostfile,
1159 unsigned char *answer,
1163 char *query_name = NULL;
1164 size_t qlen = strlen(query);
1165 struct rwrap_fake_rr rrs[RWRAP_MAX_RECURSION];
1168 RWRAP_LOG(RWRAP_LOG_TRACE,
1169 "Searching in fake hosts file %s\n", hostfile);
1171 if (qlen > 0 && query[qlen-1] == '.') {
1175 query_name = strndup(query, qlen);
1176 if (query_name == NULL) {
1180 rwrap_fake_rr_init(rrs, RWRAP_MAX_RECURSION);
1182 rc = rwrap_get_record(hostfile, 0, query_name, type, rrs);
1185 RWRAP_LOG(RWRAP_LOG_TRACE,
1186 "Found record for [%s]\n", query_name);
1187 resp_size = rwrap_fake_answer(rrs, type, answer, anslen);
1190 RWRAP_LOG(RWRAP_LOG_TRACE,
1191 "No record for [%s]\n", query_name);
1192 resp_size = rwrap_fake_empty(type, rrs->key, answer, anslen);
1195 RWRAP_LOG(RWRAP_LOG_ERROR,
1196 "Error searching for [%s]\n", query_name);
1201 switch (resp_size) {
1203 RWRAP_LOG(RWRAP_LOG_ERROR,
1204 "Error faking answer for [%s]\n", query_name);
1207 RWRAP_LOG(RWRAP_LOG_TRACE,
1208 "Successfully faked answer for [%s]\n",
1217 /*********************************************************
1218 * RWRAP LOADING LIBC FUNCTIONS
1219 *********************************************************/
1223 typedef int (*__libc_res_ninit)(struct __res_state *state);
1224 typedef int (*__libc___res_ninit)(struct __res_state *state);
1225 typedef void (*__libc_res_nclose)(struct __res_state *state);
1226 typedef void (*__libc___res_nclose)(struct __res_state *state);
1227 typedef int (*__libc_res_nquery)(struct __res_state *state,
1231 unsigned char *answer,
1233 typedef int (*__libc___res_nquery)(struct __res_state *state,
1237 unsigned char *answer,
1239 typedef int (*__libc_res_nsearch)(struct __res_state *state,
1243 unsigned char *answer,
1245 typedef int (*__libc___res_nsearch)(struct __res_state *state,
1249 unsigned char *answer,
1252 #define RWRAP_SYMBOL_ENTRY(i) \
1258 struct rwrap_libc_symbols {
1259 RWRAP_SYMBOL_ENTRY(res_ninit);
1260 RWRAP_SYMBOL_ENTRY(__res_ninit);
1261 RWRAP_SYMBOL_ENTRY(res_nclose);
1262 RWRAP_SYMBOL_ENTRY(__res_nclose);
1263 RWRAP_SYMBOL_ENTRY(res_nquery);
1264 RWRAP_SYMBOL_ENTRY(__res_nquery);
1265 RWRAP_SYMBOL_ENTRY(res_nsearch);
1266 RWRAP_SYMBOL_ENTRY(__res_nsearch);
1268 #undef RWRAP_SYMBOL_ENTRY
1273 struct rwrap_libc_symbols symbols;
1278 struct rwrap_libc_symbols symbols;
1287 static struct rwrap rwrap;
1295 static const char *rwrap_str_lib(enum rwrap_lib lib)
1300 case RWRAP_LIBRESOLV:
1304 /* Compiler would warn us about unhandled enum value if we get here */
1309 static void *rwrap_load_lib_handle(enum rwrap_lib lib)
1311 int flags = RTLD_LAZY;
1312 void *handle = NULL;
1315 #ifdef RTLD_DEEPBIND
1316 flags |= RTLD_DEEPBIND;
1320 case RWRAP_LIBRESOLV:
1321 #ifdef HAVE_LIBRESOLV
1322 handle = rwrap.libresolv.handle;
1323 if (handle == NULL) {
1324 for (i = 10; i >= 0; i--) {
1325 char soname[256] = {0};
1327 snprintf(soname, sizeof(soname), "libresolv.so.%d", i);
1328 handle = dlopen(soname, flags);
1329 if (handle != NULL) {
1334 rwrap.libresolv.handle = handle;
1340 handle = rwrap.libc.handle;
1342 if (handle == NULL) {
1343 handle = dlopen(LIBC_SO, flags);
1345 rwrap.libc.handle = handle;
1348 if (handle == NULL) {
1349 for (i = 10; i >= 0; i--) {
1350 char soname[256] = {0};
1352 snprintf(soname, sizeof(soname), "libc.so.%d", i);
1353 handle = dlopen(soname, flags);
1354 if (handle != NULL) {
1359 rwrap.libc.handle = handle;
1364 if (handle == NULL) {
1366 handle = rwrap.libc.handle = rwrap.libresolv.handle = RTLD_NEXT;
1368 RWRAP_LOG(RWRAP_LOG_ERROR,
1369 "Failed to dlopen library: %s\n",
1378 static void *_rwrap_bind_symbol(enum rwrap_lib lib, const char *fn_name)
1383 handle = rwrap_load_lib_handle(lib);
1385 func = dlsym(handle, fn_name);
1387 RWRAP_LOG(RWRAP_LOG_ERROR,
1388 "Failed to find %s: %s\n",
1389 fn_name, dlerror());
1393 RWRAP_LOG(RWRAP_LOG_TRACE,
1394 "Loaded %s from %s",
1395 fn_name, rwrap_str_lib(lib));
1399 #define rwrap_bind_symbol_libc(sym_name) \
1400 if (rwrap.libc.symbols._libc_##sym_name.obj == NULL) { \
1401 rwrap.libc.symbols._libc_##sym_name.obj = \
1402 _rwrap_bind_symbol(RWRAP_LIBC, #sym_name); \
1405 #define rwrap_bind_symbol_libresolv(sym_name) \
1406 if (rwrap.libresolv.symbols._libc_##sym_name.obj == NULL) { \
1407 rwrap.libresolv.symbols._libc_##sym_name.obj = \
1408 _rwrap_bind_symbol(RWRAP_LIBRESOLV, #sym_name); \
1414 * Functions especially from libc need to be loaded individually, you can't load
1415 * all at once or gdb will segfault at startup. The same applies to valgrind and
1416 * has probably something todo with with the linker.
1417 * So we need load each function at the point it is called the first time.
1420 static int libc_res_ninit(struct __res_state *state)
1422 #if !defined(res_ninit) && defined(HAVE_RES_NINIT)
1424 #if defined(HAVE_RES_NINIT_IN_LIBRESOLV)
1425 rwrap_bind_symbol_libresolv(res_ninit);
1427 return rwrap.libresolv.symbols._libc_res_ninit.f(state);
1428 #else /* HAVE_RES_NINIT_IN_LIBRESOLV */
1429 rwrap_bind_symbol_libc(res_ninit);
1431 return rwrap.libc.symbols._libc_res_ninit.f(state);
1432 #endif /* HAVE_RES_NINIT_IN_LIBRESOLV */
1434 #elif defined(HAVE___RES_NINIT)
1435 rwrap_bind_symbol_libc(__res_ninit);
1437 return rwrap.libc.symbols._libc___res_ninit.f(state);
1439 #error "No res_ninit function"
1443 static void libc_res_nclose(struct __res_state *state)
1445 #if !defined(res_close) && defined(HAVE_RES_NCLOSE)
1447 #if defined(HAVE_RES_NCLOSE_IN_LIBRESOLV)
1448 rwrap_bind_symbol_libresolv(res_nclose);
1450 rwrap.libresolv.symbols._libc_res_nclose.f(state);
1452 #else /* HAVE_RES_NCLOSE_IN_LIBRESOLV */
1453 rwrap_bind_symbol_libc(res_nclose);
1455 rwrap.libc.symbols._libc_res_nclose.f(state);
1457 #endif /* HAVE_RES_NCLOSE_IN_LIBRESOLV */
1459 #elif defined(HAVE___RES_NCLOSE)
1460 rwrap_bind_symbol_libc(__res_nclose);
1462 rwrap.libc.symbols._libc___res_nclose.f(state);
1464 #error "No res_nclose function"
1468 static int libc_res_nquery(struct __res_state *state,
1472 unsigned char *answer,
1475 #if !defined(res_nquery) && defined(HAVE_RES_NQUERY)
1476 rwrap_bind_symbol_libresolv(res_nquery);
1478 return rwrap.libresolv.symbols._libc_res_nquery.f(state,
1484 #elif defined(HAVE___RES_NQUERY)
1485 rwrap_bind_symbol_libresolv(__res_nquery);
1487 return rwrap.libresolv.symbols._libc___res_nquery.f(state,
1494 #error "No res_nquery function"
1498 static int libc_res_nsearch(struct __res_state *state,
1502 unsigned char *answer,
1505 #if !defined(res_nsearch) && defined(HAVE_RES_NSEARCH)
1506 rwrap_bind_symbol_libresolv(res_nsearch);
1508 return rwrap.libresolv.symbols._libc_res_nsearch.f(state,
1514 #elif defined(HAVE___RES_NSEARCH)
1515 rwrap_bind_symbol_libresolv(__res_nsearch);
1517 return rwrap.libresolv.symbols._libc___res_nsearch.f(state,
1524 #error "No res_nsearch function"
1528 /****************************************************************************
1530 ***************************************************************************/
1532 static int rwrap_parse_resolv_conf(struct __res_state *state,
1533 const char *resolv_conf)
1539 fp = fopen(resolv_conf, "r");
1541 RWRAP_LOG(RWRAP_LOG_ERROR,
1542 "Opening %s failed: %s",
1543 resolv_conf, strerror(errno));
1547 while(fgets(buf, sizeof(buf), fp) != NULL) {
1550 /* Ignore comments */
1551 if (buf[0] == '#' || buf[0] == ';') {
1555 if (RESOLV_MATCH(buf, "nameserver") && nserv < MAXNS) {
1560 p = buf + strlen("nameserver");
1562 /* Skip spaces and tabs */
1563 while(isblank((int)p[0])) {
1568 while(q[0] != '\n' && q[0] != '\0') {
1573 ok = inet_pton(AF_INET, p, &a);
1575 state->nsaddr_list[state->nscount] = (struct sockaddr_in) {
1576 .sin_family = AF_INET,
1578 .sin_port = htons(53),
1585 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1588 ok = inet_pton(AF_INET6, p, &a6);
1590 struct sockaddr_in6 *sa6;
1592 sa6 = malloc(sizeof(*sa6));
1598 sa6->sin6_family = AF_INET6;
1599 sa6->sin6_port = htons(53);
1600 sa6->sin6_flowinfo = 0;
1601 sa6->sin6_addr = a6;
1603 state->_u._ext.nsaddrs[state->_u._ext.nscount] = sa6;
1604 state->_u._ext.nssocks[state->_u._ext.nscount] = -1;
1605 state->_u._ext.nsmap[state->_u._ext.nscount] = MAXNS + 1;
1607 state->_u._ext.nscount++;
1610 RWRAP_LOG(RWRAP_LOG_ERROR,
1611 "Malformed DNS server");
1614 #else /* !HAVE_RESOLV_IPV6_NSADDRS */
1616 * BSD uses an opaque structure to store the
1617 * IPv6 addresses. So we can not simply store
1618 * these addresses the same way as above.
1620 RWRAP_LOG(RWRAP_LOG_WARN,
1621 "resolve_wrapper does not support "
1622 "IPv6 on this platform");
1627 } /* TODO: match other keywords */
1631 RWRAP_LOG(RWRAP_LOG_ERROR,
1632 "Reading from %s failed",
1642 /****************************************************************************
1644 ***************************************************************************/
1646 static int rwrap_res_ninit(struct __res_state *state)
1650 rc = libc_res_ninit(state);
1652 const char *resolv_conf = getenv("RESOLV_WRAPPER_CONF");
1654 if (resolv_conf != NULL) {
1657 (void)i; /* maybe unused */
1659 /* Delete name servers */
1661 memset(state->nsaddr_list, 0, sizeof(state->nsaddr_list));
1663 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1664 state->_u._ext.nscount = 0;
1665 for (i = 0; i < state->_u._ext.nscount; i++) {
1666 SAFE_FREE(state->_u._ext.nsaddrs[i]);
1670 rc = rwrap_parse_resolv_conf(state, resolv_conf);
1677 #if !defined(res_ninit) && defined(HAVE_RES_NINIT)
1678 int res_ninit(struct __res_state *state)
1679 #elif defined(HAVE___RES_NINIT)
1680 int __res_ninit(struct __res_state *state)
1683 return rwrap_res_ninit(state);
1686 /****************************************************************************
1688 ***************************************************************************/
1690 static struct __res_state rwrap_res_state;
1692 static int rwrap_res_init(void)
1696 rc = rwrap_res_ninit(&rwrap_res_state);
1701 #if !defined(res_ninit) && defined(HAVE_RES_INIT)
1703 #elif defined(HAVE___RES_INIT)
1704 int __res_init(void)
1707 return rwrap_res_init();
1710 /****************************************************************************
1712 ***************************************************************************/
1714 static void rwrap_res_nclose(struct __res_state *state)
1716 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1720 libc_res_nclose(state);
1722 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1723 if (state != NULL) {
1724 for (i = 0; i < state->_u._ext.nscount; i++) {
1725 SAFE_FREE(state->_u._ext.nsaddrs[i]);
1731 #if !defined(res_nclose) && defined(HAVE_RES_NCLOSE)
1732 void res_nclose(struct __res_state *state)
1733 #elif defined(HAVE___RES_NCLOSE)
1734 void __res_nclose(struct __res_state *state)
1737 rwrap_res_nclose(state);
1740 /****************************************************************************
1742 ***************************************************************************/
1744 static void rwrap_res_close(void)
1746 rwrap_res_nclose(&rwrap_res_state);
1749 #if defined(HAVE_RES_CLOSE)
1750 void res_close(void)
1751 #elif defined(HAVE___RES_CLOSE)
1752 void __res_close(void)
1758 /****************************************************************************
1760 ***************************************************************************/
1762 static int rwrap_res_nquery(struct __res_state *state,
1766 unsigned char *answer,
1770 const char *fake_hosts;
1775 RWRAP_LOG(RWRAP_LOG_TRACE,
1776 "Resolve the domain name [%s] - class=%d, type=%d",
1777 dname, class, type);
1779 for (i = 0; i < state->nscount; i++) {
1780 char ip[INET6_ADDRSTRLEN];
1782 inet_ntop(AF_INET, &state->nsaddr_list[i].sin_addr, ip, sizeof(ip));
1783 RWRAP_LOG(RWRAP_LOG_TRACE,
1789 fake_hosts = getenv("RESOLV_WRAPPER_HOSTS");
1790 if (fake_hosts != NULL) {
1791 rc = rwrap_res_fake_hosts(fake_hosts, dname, type, answer, anslen);
1793 rc = libc_res_nquery(state, dname, class, type, answer, anslen);
1797 RWRAP_LOG(RWRAP_LOG_TRACE,
1798 "The returned response length is: %d",
1804 #if !defined(res_nquery) && defined(HAVE_RES_NQUERY)
1805 int res_nquery(struct __res_state *state,
1809 unsigned char *answer,
1811 #elif defined(HAVE___RES_NQUERY)
1812 int __res_nquery(struct __res_state *state,
1816 unsigned char *answer,
1820 return rwrap_res_nquery(state, dname, class, type, answer, anslen);
1823 /****************************************************************************
1825 ***************************************************************************/
1827 static int rwrap_res_query(const char *dname,
1830 unsigned char *answer,
1835 rc = rwrap_res_ninit(&rwrap_res_state);
1840 rc = rwrap_res_nquery(&rwrap_res_state,
1850 #if !defined(res_query) && defined(HAVE_RES_QUERY)
1851 int res_query(const char *dname,
1854 unsigned char *answer,
1856 #elif defined(HAVE___RES_QUERY)
1857 int __res_query(const char *dname,
1860 unsigned char *answer,
1864 return rwrap_res_query(dname, class, type, answer, anslen);
1867 /****************************************************************************
1869 ***************************************************************************/
1871 static int rwrap_res_nsearch(struct __res_state *state,
1875 unsigned char *answer,
1879 const char *fake_hosts;
1884 RWRAP_LOG(RWRAP_LOG_TRACE,
1885 "Resolve the domain name [%s] - class=%d, type=%d",
1886 dname, class, type);
1888 for (i = 0; i < state->nscount; i++) {
1889 char ip[INET6_ADDRSTRLEN];
1891 inet_ntop(AF_INET, &state->nsaddr_list[i].sin_addr, ip, sizeof(ip));
1892 RWRAP_LOG(RWRAP_LOG_TRACE,
1898 fake_hosts = getenv("RESOLV_WRAPPER_HOSTS");
1899 if (fake_hosts != NULL) {
1900 rc = rwrap_res_fake_hosts(fake_hosts, dname, type, answer, anslen);
1902 rc = libc_res_nsearch(state, dname, class, type, answer, anslen);
1905 RWRAP_LOG(RWRAP_LOG_TRACE,
1906 "The returned response length is: %d",
1912 #if !defined(res_nsearch) && defined(HAVE_RES_NSEARCH)
1913 int res_nsearch(struct __res_state *state,
1917 unsigned char *answer,
1919 #elif defined(HAVE___RES_NSEARCH)
1920 int __res_nsearch(struct __res_state *state,
1924 unsigned char *answer,
1928 return rwrap_res_nsearch(state, dname, class, type, answer, anslen);
1931 /****************************************************************************
1933 ***************************************************************************/
1935 static int rwrap_res_search(const char *dname,
1938 unsigned char *answer,
1943 rc = rwrap_res_ninit(&rwrap_res_state);
1948 rc = rwrap_res_nsearch(&rwrap_res_state,
1958 #if !defined(res_search) && defined(HAVE_RES_SEARCH)
1959 int res_search(const char *dname,
1962 unsigned char *answer,
1964 #elif defined(HAVE___RES_SEARCH)
1965 int __res_search(const char *dname,
1968 unsigned char *answer,
1972 return rwrap_res_search(dname, class, type, answer, anslen);