src/resolv_wrapper.c

   1 /*
   2  * Copyright (c) 2014      Andreas Schneider <asn@samba.org>
   3  * Copyright (c) 2014      Jakub Hrozek <jakub.hrozek@posteo.se>
   4  *
   5  * All rights reserved.
   6  *
   7  * Redistribution and use in source and binary forms, with or without
   8  * modification, are permitted provided that the following conditions
   9  * are met:
  10  *
  11  * 1. Redistributions of source code must retain the above copyright
  12  *    notice, this list of conditions and the following disclaimer.
  13  *
  14  * 2. Redistributions in binary form must reproduce the above copyright
  15  *    notice, this list of conditions and the following disclaimer in the
  16  *    documentation and/or other materials provided with the distribution.
  17  *
  18  * 3. Neither the name of the author nor the names of its contributors
  19  *    may be used to endorse or promote products derived from this software
  20  *    without specific prior written permission.
  21  *
  22  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
  23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  32  * SUCH DAMAGE.
  33  */
  34
  35 #include "config.h"
  36
  37 #include <errno.h>
  38 #include <arpa/inet.h>
  39 #ifdef HAVE_ARPA_NAMESER_H
  40 #include <arpa/nameser.h>
  41 #endif /* HAVE_ARPA_NAMESER_H */
  42 #include <netinet/in.h>
  43 #include <sys/socket.h>
  44 #include <sys/types.h>
  45 #include <stdarg.h>
  46 #include <stdlib.h>
  47 #include <stdio.h>
  48 #include <stdbool.h>
  49 #include <string.h>
  50 #include <unistd.h>
  51 #include <ctype.h>
  52
  53 #include <resolv.h>
  54
  55 /* GCC has printf type attribute check. */
  56 #ifdef HAVE_ATTRIBUTE_PRINTF_FORMAT
  57 #define PRINTF_ATTRIBUTE(a,b) __attribute__ ((__format__ (__printf__, a, b)))
  58 #else
  59 #define PRINTF_ATTRIBUTE(a,b)
  60 #endif /* HAVE_ATTRIBUTE_PRINTF_FORMAT */
  61
  62 #ifdef HAVE_DESTRUCTOR_ATTRIBUTE
  63 #define DESTRUCTOR_ATTRIBUTE __attribute__ ((destructor))
  64 #else
  65 #define DESTRUCTOR_ATTRIBUTE
  66 #endif /* HAVE_DESTRUCTOR_ATTRIBUTE */
  67
  68 #ifndef RWRAP_DEFAULT_FAKE_TTL
  69 #define RWRAP_DEFAULT_FAKE_TTL 600
  70 #endif  /* RWRAP_DEFAULT_FAKE_TTL */
  71
  72 #ifndef HAVE_NS_NAME_COMPRESS
  73 #define ns_name_compress dn_comp
  74 #endif
  75
  76 #define ns_t_uri 256
  77
  78 enum rwrap_dbglvl_e {
  79         RWRAP_LOG_ERROR = 0,
  80         RWRAP_LOG_WARN,
  81         RWRAP_LOG_DEBUG,
  82         RWRAP_LOG_TRACE
  83 };
  84
  85 static void rwrap_log(enum rwrap_dbglvl_e dbglvl, const char *func, const char *format, ...) PRINTF_ATTRIBUTE(3, 4);
  86 # define RWRAP_LOG(dbglvl, ...) rwrap_log((dbglvl), __func__, __VA_ARGS__)
  87
  88 static void rwrap_log(enum rwrap_dbglvl_e dbglvl,
  89                       const char *func,
  90                       const char *format, ...)
  91 {
  92         char buffer[1024];
  93         va_list va;
  94         const char *d;
  95         unsigned int lvl = 0;
  96         int pid = getpid();
  97
  98         d = getenv("RESOLV_WRAPPER_DEBUGLEVEL");
  99         if (d != NULL) {
 100                 lvl = atoi(d);
 101         }
 102
 103         if (lvl < dbglvl) {
 104                 return;
 105         }
 106
 107         va_start(va, format);
 108         vsnprintf(buffer, sizeof(buffer), format, va);
 109         va_end(va);
 110
 111         switch (dbglvl) {
 112                 case RWRAP_LOG_ERROR:
 113                         fprintf(stderr,
 114                                 "RWRAP_ERROR(%d) - %s: %s\n",
 115                                 pid, func, buffer);
 116                         break;
 117                 case RWRAP_LOG_WARN:
 118                         fprintf(stderr,
 119                                 "RWRAP_WARN(%d) - %s: %s\n",
 120                                 pid, func, buffer);
 121                         break;
 122                 case RWRAP_LOG_DEBUG:
 123                         fprintf(stderr,
 124                                 "RWRAP_DEBUG(%d) - %s: %s\n",
 125                                 pid, func, buffer);
 126                         break;
 127                 case RWRAP_LOG_TRACE:
 128                         fprintf(stderr,
 129                                 "RWRAP_TRACE(%d) - %s: %s\n",
 130                                 pid, func, buffer);
 131                         break;
 132         }
 133 }
 134
 135 #ifndef SAFE_FREE
 136 #define SAFE_FREE(x) do { if ((x) != NULL) {free(x); (x)=NULL;} } while(0)
 137 #endif
 138
 139 #define NEXT_KEY(buf, key) do {                                 \
 140         (key) = (buf) ? strpbrk((buf), " \t") : NULL;           \
 141         if ((key) != NULL) {                                    \
 142                 (key)[0] = '\0';                                \
 143                 (key)++;                                        \
 144         }                                                       \
 145         while ((key) != NULL                                    \
 146                && (isblank((int)(key)[0]))) {                   \
 147                 (key)++;                                        \
 148         }                                                       \
 149 } while(0);
 150
 151 #define RWRAP_MAX_RECURSION 64
 152
 153 /* Priority and weight can be omitted from the hosts file, but need to be part
 154  * of the output
 155  */
 156 #define DFL_SRV_PRIO    1
 157 #define DFL_SRV_WEIGHT  100
 158 #define DFL_URI_PRIO    1
 159 #define DFL_URI_WEIGHT  100
 160
 161 struct rwrap_srv_rrdata {
 162         uint16_t port;
 163         uint16_t prio;
 164         uint16_t weight;
 165         char hostname[MAXDNAME];
 166 };
 167
 168 struct rwrap_uri_rrdata {
 169         uint16_t prio;
 170         uint16_t weight;
 171         char uri[MAXDNAME];
 172 };
 173
 174 struct rwrap_soa_rrdata {
 175         uint32_t serial;
 176         uint32_t refresh;
 177         uint32_t retry;
 178         uint32_t expire;
 179         uint32_t minimum;
 180         char nameserver[MAXDNAME];
 181         char mailbox[MAXDNAME];
 182 };
 183
 184 struct rwrap_fake_rr {
 185         union fake_rrdata {
 186                 struct in_addr a_rec;
 187                 struct in6_addr aaaa_rec;
 188                 struct rwrap_srv_rrdata srv_rec;
 189                 struct rwrap_uri_rrdata uri_rec;
 190                 struct rwrap_soa_rrdata soa_rec;
 191                 char cname_rec[MAXDNAME];
 192                 char ptr_rec[MAXDNAME];
 193         } rrdata;
 194
 195         char key[MAXDNAME];
 196         int type; /* ns_t_* */
 197 };
 198
 199 static void rwrap_fake_rr_init(struct rwrap_fake_rr *rr, size_t len)
 200 {
 201         size_t i;
 202
 203         for (i = 0; i < len; i++) {
 204                 rr[i].type = ns_t_invalid;
 205         }
 206 }
 207
 208 static int rwrap_create_fake_a_rr(const char *key,
 209                                   const char *value,
 210                                   struct rwrap_fake_rr *rr)
 211 {
 212         int ok;
 213
 214         ok = inet_pton(AF_INET, value, &rr->rrdata.a_rec);
 215         if (!ok) {
 216                 RWRAP_LOG(RWRAP_LOG_ERROR,
 217                           "Failed to convert [%s] to binary\n", value);
 218                 return -1;
 219         }
 220
 221         memcpy(rr->key, key, strlen(key) + 1);
 222         rr->type = ns_t_a;
 223         return 0;
 224 }
 225
 226 static int rwrap_create_fake_aaaa_rr(const char *key,
 227                                      const char *value,
 228                                      struct rwrap_fake_rr *rr)
 229 {
 230         int ok;
 231
 232         ok = inet_pton(AF_INET6, value, &rr->rrdata.aaaa_rec);
 233         if (!ok) {
 234                 RWRAP_LOG(RWRAP_LOG_ERROR,
 235                           "Failed to convert [%s] to binary\n", value);
 236                 return -1;
 237         }
 238
 239         memcpy(rr->key, key, strlen(key) + 1);
 240         rr->type = ns_t_aaaa;
 241         return 0;
 242 }
 243 static int rwrap_create_fake_ns_rr(const char *key,
 244                                    const char *value,
 245                                    struct rwrap_fake_rr *rr)
 246 {
 247         memcpy(rr->rrdata.srv_rec.hostname, value, strlen(value) + 1);
 248         memcpy(rr->key, key, strlen(key) + 1);
 249         rr->type = ns_t_ns;
 250         return 0;
 251 }
 252
 253 static int rwrap_create_fake_srv_rr(const char *key,
 254                                     const char *value,
 255                                     struct rwrap_fake_rr *rr)
 256 {
 257         char *str_prio;
 258         char *str_weight;
 259         char *str_port;
 260         const char *hostname;
 261
 262         /* parse the value into priority, weight, port and hostname
 263          * and check the validity */
 264         hostname = value;
 265         NEXT_KEY(hostname, str_port);
 266         NEXT_KEY(str_port, str_prio);
 267         NEXT_KEY(str_prio, str_weight);
 268         if (str_port == NULL || hostname == NULL) {
 269                 RWRAP_LOG(RWRAP_LOG_ERROR,
 270                           "Malformed SRV entry [%s]\n", value);
 271                 return -1;
 272         }
 273
 274         if (str_prio) {
 275                 rr->rrdata.srv_rec.prio = atoi(str_prio);
 276         } else {
 277                 rr->rrdata.srv_rec.prio = DFL_SRV_PRIO;
 278         }
 279         if (str_weight) {
 280                 rr->rrdata.srv_rec.weight = atoi(str_weight);
 281         } else {
 282                 rr->rrdata.srv_rec.weight = DFL_SRV_WEIGHT;
 283         }
 284         rr->rrdata.srv_rec.port = atoi(str_port);
 285         memcpy(rr->rrdata.srv_rec.hostname , hostname, strlen(hostname) + 1);
 286
 287         memcpy(rr->key, key, strlen(key) + 1);
 288         rr->type = ns_t_srv;
 289         return 0;
 290 }
 291
 292 static int rwrap_create_fake_uri_rr(const char *key,
 293                                     const char *value,
 294                                     struct rwrap_fake_rr *rr)
 295 {
 296         char *str_prio;
 297         char *str_weight;
 298         const char *uri;
 299
 300         /* parse the value into priority, weight, and uri
 301          * and check the validity */
 302         uri = value;
 303         NEXT_KEY(uri, str_prio);
 304         NEXT_KEY(str_prio, str_weight);
 305         if (uri == NULL) {
 306                 RWRAP_LOG(RWRAP_LOG_ERROR,
 307                           "Malformed URI entry [%s]\n", value);
 308                 return -1;
 309         }
 310
 311         if (str_prio) {
 312                 rr->rrdata.uri_rec.prio = atoi(str_prio);
 313         } else {
 314                 rr->rrdata.uri_rec.prio = DFL_URI_PRIO;
 315         }
 316         if (str_weight) {
 317                 rr->rrdata.uri_rec.weight = atoi(str_weight);
 318         } else {
 319                 rr->rrdata.uri_rec.weight = DFL_URI_WEIGHT;
 320         }
 321         memcpy(rr->rrdata.uri_rec.uri, uri, strlen(uri) + 1);
 322
 323         memcpy(rr->key, key, strlen(key) + 1);
 324         rr->type = ns_t_uri;
 325         return 0;
 326 }
 327
 328 static int rwrap_create_fake_soa_rr(const char *key,
 329                                     const char *value,
 330                                     struct rwrap_fake_rr *rr)
 331 {
 332         const char *nameserver;
 333         char *mailbox;
 334         char *str_serial;
 335         char *str_refresh;
 336         char *str_retry;
 337         char *str_expire;
 338         char *str_minimum;
 339
 340         /* parse the value into nameserver, mailbox, serial, refresh,
 341          * retry, expire, minimum and check the validity
 342          */
 343         nameserver = value;
 344         NEXT_KEY(nameserver, mailbox);
 345         NEXT_KEY(mailbox, str_serial);
 346         NEXT_KEY(str_serial, str_refresh);
 347         NEXT_KEY(str_refresh, str_retry);
 348         NEXT_KEY(str_retry, str_expire);
 349         NEXT_KEY(str_expire, str_minimum);
 350         if (nameserver == NULL || mailbox == NULL || str_serial == NULL ||
 351             str_refresh == NULL || str_retry == NULL || str_expire == NULL ||
 352             str_minimum == NULL) {
 353                 RWRAP_LOG(RWRAP_LOG_ERROR,
 354                           "Malformed SOA entry [%s]\n", value);
 355                 return -1;
 356         }
 357
 358         memcpy(rr->rrdata.soa_rec.nameserver, nameserver, strlen(nameserver)+1);
 359         memcpy(rr->rrdata.soa_rec.mailbox, mailbox, strlen(mailbox)+1);
 360
 361         rr->rrdata.soa_rec.serial = atoi(str_serial);
 362         rr->rrdata.soa_rec.refresh = atoi(str_refresh);
 363         rr->rrdata.soa_rec.retry = atoi(str_retry);
 364         rr->rrdata.soa_rec.expire = atoi(str_expire);
 365         rr->rrdata.soa_rec.minimum = atoi(str_minimum);
 366
 367         memcpy(rr->key, key, strlen(key) + 1);
 368         rr->type = ns_t_soa;
 369         return 0;
 370 }
 371
 372 static int rwrap_create_fake_cname_rr(const char *key,
 373                                       const char *value,
 374                                       struct rwrap_fake_rr *rr)
 375 {
 376         memcpy(rr->rrdata.cname_rec , value, strlen(value) + 1);
 377         memcpy(rr->key, key, strlen(key) + 1);
 378         rr->type = ns_t_cname;
 379         return 0;
 380 }
 381
 382 static int rwrap_create_fake_ptr_rr(const char *key,
 383                                     const char *value,
 384                                     struct rwrap_fake_rr *rr)
 385 {
 386         memcpy(rr->rrdata.ptr_rec , value, strlen(value) + 1);
 387         memcpy(rr->key, key, strlen(key) + 1);
 388         rr->type = ns_t_ptr;
 389         return 0;
 390 }
 391
 392 /* Prepares a fake header with a single response. Advances header_blob */
 393 static ssize_t rwrap_fake_header(uint8_t **header_blob, size_t remaining,
 394                                  size_t ancount, size_t arcount)
 395 {
 396         uint8_t *hb;
 397         HEADER *h;
 398
 399         if (remaining < NS_HFIXEDSZ) {
 400                 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small!\n");
 401                 return -1;
 402         }
 403
 404         hb = *header_blob;
 405         memset(hb, 0, NS_HFIXEDSZ);
 406
 407         h = (HEADER *) hb;
 408         h->id = res_randomid();         /* random query ID */
 409         h->qr = 1;                      /* response flag */
 410         h->rd = 1;                      /* recursion desired */
 411         h->ra = 1;                      /* recursion available */
 412
 413         h->qdcount = htons(1);          /* no. of questions */
 414         h->ancount = htons(ancount);    /* no. of answers */
 415         h->arcount = htons(arcount);    /* no. of add'tl records */
 416
 417         hb += NS_HFIXEDSZ;              /* move past the header */
 418         *header_blob = hb;
 419
 420         return NS_HFIXEDSZ;
 421 }
 422
 423 static ssize_t rwrap_fake_question(const char *question,
 424                                    uint16_t type,
 425                                    uint8_t **question_ptr,
 426                                    size_t remaining)
 427 {
 428         uint8_t *qb = *question_ptr;
 429         int n;
 430
 431         n = ns_name_compress(question, qb, remaining, NULL, NULL);
 432         if (n < 0) {
 433                 RWRAP_LOG(RWRAP_LOG_ERROR,
 434                           "Failed to compress [%s]\n", question);
 435                 return -1;
 436         }
 437
 438         qb += n;
 439         remaining -= n;
 440
 441         if (remaining < 2 * sizeof(uint16_t)) {
 442                 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small!\n");
 443                 return -1;
 444         }
 445
 446         NS_PUT16(type, qb);
 447         NS_PUT16(ns_c_in, qb);
 448
 449         *question_ptr = qb;
 450         return n + 2 * sizeof(uint16_t);
 451 }
 452
 453 static ssize_t rwrap_fake_rdata_common(uint16_t type,
 454                                        size_t rdata_size,
 455                                        const char *key,
 456                                        size_t remaining,
 457                                        uint8_t **rdata_ptr)
 458 {
 459         uint8_t *rd = *rdata_ptr;
 460         ssize_t written = 0;
 461
 462         written = ns_name_compress(key, rd, remaining, NULL, NULL);
 463         if (written < 0) {
 464                 RWRAP_LOG(RWRAP_LOG_ERROR,
 465                           "Failed to compress [%s]\n", key);
 466                 return -1;
 467         }
 468         rd += written;
 469         remaining -= written;
 470
 471         if (remaining < 3 * sizeof(uint16_t) + sizeof(uint32_t)) {
 472                 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small\n");
 473                 return -1;
 474         }
 475
 476         NS_PUT16(type, rd);
 477         NS_PUT16(ns_c_in, rd);
 478         NS_PUT32(RWRAP_DEFAULT_FAKE_TTL, rd);
 479         NS_PUT16(rdata_size, rd);
 480
 481         if (remaining < rdata_size) {
 482                 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small\n");
 483                 return -1;
 484         }
 485
 486         *rdata_ptr = rd;
 487         return written + 3 * sizeof(uint16_t) + sizeof(uint32_t) + rdata_size;
 488 }
 489
 490 static ssize_t rwrap_fake_a(struct rwrap_fake_rr *rr,
 491                             uint8_t *answer_ptr,
 492                             size_t anslen)
 493 {
 494         uint8_t *a = answer_ptr;
 495         ssize_t resp_size;
 496
 497         if (rr->type != ns_t_a) {
 498                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 499                 return -1;
 500         }
 501         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding A RR");
 502
 503         resp_size = rwrap_fake_rdata_common(ns_t_a, sizeof(struct in_addr), rr->key,
 504                                             anslen, &a);
 505         if (resp_size < 0) {
 506                 return -1;
 507         }
 508
 509         memcpy(a, &rr->rrdata.a_rec, sizeof(struct in_addr));
 510
 511         return resp_size;
 512 }
 513
 514 static ssize_t rwrap_fake_aaaa(struct rwrap_fake_rr *rr,
 515                                uint8_t *answer,
 516                                size_t anslen)
 517 {
 518         uint8_t *a = answer;
 519         ssize_t resp_size;
 520
 521         if (rr->type != ns_t_aaaa) {
 522                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 523                 return -1;
 524         }
 525         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding AAAA RR");
 526
 527         resp_size = rwrap_fake_rdata_common(ns_t_aaaa, sizeof(struct in6_addr),
 528                                             rr->key, anslen, &a);
 529         if (resp_size < 0) {
 530                 return -1;
 531         }
 532
 533         memcpy(a, &rr->rrdata.aaaa_rec, sizeof(struct in6_addr));
 534
 535         return resp_size;
 536 }
 537
 538 static ssize_t rwrap_fake_ns(struct rwrap_fake_rr *rr,
 539                              uint8_t *answer,
 540                             size_t anslen)
 541 {
 542         uint8_t *a = answer;
 543         ssize_t resp_size = 0;
 544         size_t rdata_size;
 545         unsigned char hostname_compressed[MAXDNAME];
 546         ssize_t compressed_len;
 547
 548         if (rr->type != ns_t_ns) {
 549                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 550                 return -1;
 551         }
 552         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding NS RR");
 553
 554         /* Prepare the data to write */
 555         compressed_len = ns_name_compress(rr->rrdata.srv_rec.hostname,
 556                                           hostname_compressed,
 557                                           MAXDNAME,
 558                                           NULL,
 559                                           NULL);
 560         if (compressed_len < 0) {
 561                 return -1;
 562         }
 563
 564         /* Is this enough? */
 565         rdata_size = compressed_len;
 566
 567         resp_size = rwrap_fake_rdata_common(ns_t_ns, rdata_size,
 568                                             rr->key, anslen, &a);
 569         if (resp_size < 0) {
 570                 return -1;
 571         }
 572
 573         memcpy(a, hostname_compressed, compressed_len);
 574
 575         return resp_size;
 576 }
 577
 578 static ssize_t rwrap_fake_srv(struct rwrap_fake_rr *rr,
 579                               uint8_t *answer,
 580                               size_t anslen)
 581 {
 582         uint8_t *a = answer;
 583         ssize_t resp_size;
 584         size_t rdata_size;
 585         unsigned char hostname_compressed[MAXDNAME];
 586         ssize_t compressed_len;
 587
 588         if (rr->type != ns_t_srv) {
 589                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 590                 return -1;
 591         }
 592         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding SRV RR");
 593         rdata_size = 3 * sizeof(uint16_t);
 594
 595         /* Prepare the data to write */
 596         compressed_len = ns_name_compress(rr->rrdata.srv_rec.hostname,
 597                                           hostname_compressed, MAXDNAME,
 598                                           NULL, NULL);
 599         if (compressed_len < 0) {
 600                 return -1;
 601         }
 602         rdata_size += compressed_len;
 603
 604         resp_size = rwrap_fake_rdata_common(ns_t_srv, rdata_size,
 605                                             rr->key, anslen, &a);
 606         if (resp_size < 0) {
 607                 return -1;
 608         }
 609
 610         NS_PUT16(rr->rrdata.srv_rec.prio, a);
 611         NS_PUT16(rr->rrdata.srv_rec.weight, a);
 612         NS_PUT16(rr->rrdata.srv_rec.port, a);
 613         memcpy(a, hostname_compressed, compressed_len);
 614
 615         return resp_size;
 616 }
 617
 618 static ssize_t rwrap_fake_uri(struct rwrap_fake_rr *rr,
 619                               uint8_t *answer,
 620                               size_t anslen)
 621 {
 622         uint8_t *a = answer;
 623         ssize_t resp_size;
 624         size_t rdata_size;
 625         size_t uri_len;
 626
 627         if (rr->type != ns_t_uri) {
 628                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 629                 return -1;
 630         }
 631         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding URI RR");
 632         rdata_size = 3 * sizeof(uint16_t);
 633         uri_len = strlen(rr->rrdata.uri_rec.uri) + 1;
 634         rdata_size += uri_len;
 635
 636         resp_size = rwrap_fake_rdata_common(ns_t_uri, rdata_size,
 637                                             rr->key, anslen, &a);
 638         if (resp_size < 0) {
 639                 return -1;
 640         }
 641
 642         NS_PUT16(rr->rrdata.uri_rec.prio, a);
 643         NS_PUT16(rr->rrdata.uri_rec.weight, a);
 644         memcpy(a, rr->rrdata.uri_rec.uri, uri_len);
 645
 646         return resp_size;
 647 }
 648
 649 static ssize_t rwrap_fake_soa(struct rwrap_fake_rr *rr,
 650                               uint8_t *answer,
 651                               size_t anslen)
 652 {
 653         uint8_t *a = answer;
 654         ssize_t resp_size;
 655         size_t rdata_size;
 656         unsigned char nameser_compressed[MAXDNAME];
 657         ssize_t compressed_ns_len;
 658         unsigned char mailbox_compressed[MAXDNAME];
 659         ssize_t compressed_mb_len;
 660
 661         if (rr->type != ns_t_soa) {
 662                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 663                 return -1;
 664         }
 665         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding SOA RR");
 666         rdata_size = 5 * sizeof(uint16_t);
 667
 668         compressed_ns_len = ns_name_compress(rr->rrdata.soa_rec.nameserver,
 669                                              nameser_compressed,
 670                                              MAXDNAME, NULL, NULL);
 671         if (compressed_ns_len < 0) {
 672                 return -1;
 673         }
 674         rdata_size += compressed_ns_len;
 675
 676         compressed_mb_len = ns_name_compress(rr->rrdata.soa_rec.mailbox,
 677                                              mailbox_compressed,
 678                                              MAXDNAME, NULL, NULL);
 679         if (compressed_mb_len < 0) {
 680                 return -1;
 681         }
 682         rdata_size += compressed_mb_len;
 683
 684         resp_size = rwrap_fake_rdata_common(ns_t_soa, rdata_size,
 685                                             rr->key, anslen, &a);
 686         if (resp_size < 0) {
 687                 return -1;
 688         }
 689
 690         memcpy(a, nameser_compressed, compressed_ns_len);
 691         a += compressed_ns_len;
 692         memcpy(a, mailbox_compressed, compressed_mb_len);
 693         a += compressed_mb_len;
 694         NS_PUT32(rr->rrdata.soa_rec.serial, a);
 695         NS_PUT32(rr->rrdata.soa_rec.refresh, a);
 696         NS_PUT32(rr->rrdata.soa_rec.retry, a);
 697         NS_PUT32(rr->rrdata.soa_rec.expire, a);
 698         NS_PUT32(rr->rrdata.soa_rec.minimum, a);
 699
 700         return resp_size;
 701 }
 702
 703 static ssize_t rwrap_fake_cname(struct rwrap_fake_rr *rr,
 704                                 uint8_t *answer,
 705                                 size_t anslen)
 706 {
 707         uint8_t *a = answer;
 708         ssize_t resp_size;
 709         unsigned char hostname_compressed[MAXDNAME];
 710         ssize_t rdata_size;
 711
 712         if (rr->type != ns_t_cname) {
 713                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 714                 return -1;
 715         }
 716         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding CNAME RR");
 717
 718         /* Prepare the data to write */
 719         rdata_size = ns_name_compress(rr->rrdata.cname_rec,
 720                                       hostname_compressed, MAXDNAME,
 721                                       NULL, NULL);
 722         if (rdata_size < 0) {
 723                 return -1;
 724         }
 725
 726         resp_size = rwrap_fake_rdata_common(ns_t_cname, rdata_size,
 727                                             rr->key, anslen, &a);
 728         if (resp_size < 0) {
 729                 return -1;
 730         }
 731
 732         memcpy(a, hostname_compressed, rdata_size);
 733
 734         return resp_size;
 735 }
 736
 737 static ssize_t rwrap_fake_ptr(struct rwrap_fake_rr *rr,
 738                               uint8_t *answer,
 739                               size_t anslen)
 740 {
 741         uint8_t *a = answer;
 742         ssize_t rdata_size;
 743         ssize_t resp_size;
 744         unsigned char hostname_compressed[MAXDNAME];
 745
 746         if (rr->type != ns_t_ptr) {
 747                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 748                 return -1;
 749         }
 750         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding PTR RR");
 751
 752         /* Prepare the data to write */
 753         rdata_size = ns_name_compress(rr->rrdata.ptr_rec,
 754                                       hostname_compressed, MAXDNAME,
 755                                       NULL, NULL);
 756         if (rdata_size < 0) {
 757                 return -1;
 758         }
 759
 760         resp_size = rwrap_fake_rdata_common(ns_t_ptr, rdata_size,
 761                                             rr->key, anslen, &a);
 762         if (resp_size < 0) {
 763                 return -1;
 764         }
 765
 766         memcpy(a, hostname_compressed, rdata_size);
 767
 768         return resp_size;
 769 }
 770
 771 #define RESOLV_MATCH(line, name) \
 772         (strncmp(line, name, sizeof(name) - 1) == 0 && \
 773         (line[sizeof(name) - 1] == ' ' || \
 774          line[sizeof(name) - 1] == '\t'))
 775
 776 #define TYPE_MATCH(type, ns_type, rec_type, str_type, key, query) \
 777         ((type) == (ns_type) && \
 778          (strncmp((rec_type), (str_type), sizeof(str_type)) == 0) && \
 779          (strcasecmp(key, query)) == 0)
 780
 781
 782 static int rwrap_get_record(const char *hostfile, unsigned recursion,
 783                             const char *query, int type,
 784                             struct rwrap_fake_rr *rr);
 785
 786 static int rwrap_uri_recurse(const char *hostfile, unsigned recursion,
 787                              const char *query, struct rwrap_fake_rr *rr)
 788 {
 789         int rc;
 790
 791         rc = rwrap_get_record(hostfile, recursion, query, ns_t_uri, rr);
 792         if (rc == ENOENT) {
 793                 rc = 0;
 794         }
 795
 796         return rc;
 797 }
 798
 799 static int rwrap_srv_recurse(const char *hostfile, unsigned recursion,
 800                              const char *query, struct rwrap_fake_rr *rr)
 801 {
 802         int rc;
 803
 804         rc = rwrap_get_record(hostfile, recursion, query, ns_t_a, rr);
 805         if (rc == 0) return 0;
 806
 807         rc = rwrap_get_record(hostfile, recursion, query, ns_t_aaaa, rr);
 808         if (rc == ENOENT) rc = 0;
 809
 810         return rc;
 811 }
 812
 813 static int rwrap_cname_recurse(const char *hostfile, unsigned recursion,
 814                                const char *query, struct rwrap_fake_rr *rr)
 815 {
 816         int rc;
 817
 818         rc = rwrap_get_record(hostfile, recursion, query, ns_t_a, rr);
 819         if (rc == 0) return 0;
 820
 821         rc = rwrap_get_record(hostfile, recursion, query, ns_t_aaaa, rr);
 822         if (rc == 0) return 0;
 823
 824         rc = rwrap_get_record(hostfile, recursion, query, ns_t_cname, rr);
 825         if (rc == ENOENT) rc = 0;
 826
 827         return rc;
 828 }
 829
 830 static int rwrap_get_record(const char *hostfile, unsigned recursion,
 831                             const char *query, int type,
 832                             struct rwrap_fake_rr *rr)
 833 {
 834         FILE *fp = NULL;
 835         char buf[BUFSIZ];
 836         char *key = NULL;
 837         char *value = NULL;
 838         int rc = ENOENT;
 839         unsigned num_uris = 0;
 840
 841         if (recursion >= RWRAP_MAX_RECURSION) {
 842                 RWRAP_LOG(RWRAP_LOG_ERROR, "Recursed too deep!\n");
 843                 return -1;
 844         }
 845
 846         RWRAP_LOG(RWRAP_LOG_TRACE,
 847                   "Searching in fake hosts file %s for %s:%d\n", hostfile,
 848                   query, type);
 849
 850         fp = fopen(hostfile, "r");
 851         if (fp == NULL) {
 852                 RWRAP_LOG(RWRAP_LOG_ERROR,
 853                           "Opening %s failed: %s",
 854                           hostfile, strerror(errno));
 855                 return -1;
 856         }
 857
 858         while (fgets(buf, sizeof(buf), fp) != NULL) {
 859                 char *rec_type;
 860                 char *q;
 861
 862                 rec_type = buf;
 863                 key = value = NULL;
 864
 865                 NEXT_KEY(rec_type, key);
 866                 NEXT_KEY(key, value);
 867
 868                 if (key == NULL || value == NULL) {
 869                         RWRAP_LOG(RWRAP_LOG_WARN,
 870                                 "Malformed line: not enough parts, use \"rec_type key data\n"
 871                                 "For example \"A cwrap.org 10.10.10.10\"");
 872                         continue;
 873                 }
 874
 875                 q = value;
 876                 while(q[0] != '\n' && q[0] != '\0') {
 877                         q++;
 878                 }
 879                 q[0] = '\0';
 880
 881                 if (type == ns_t_uri && recursion > 0) {
 882                         /* Skip non-URI records. */
 883                         if (!TYPE_MATCH(type, ns_t_uri, rec_type, "URI", key, query)) {
 884                                 continue;
 885                         }
 886                         /* Skip previous records based on the recurse depth. */
 887                         num_uris++;
 888                         if (num_uris <= recursion) {
 889                                 continue;
 890                         }
 891                 }
 892
 893                 if (TYPE_MATCH(type, ns_t_a, rec_type, "A", key, query)) {
 894                         rc = rwrap_create_fake_a_rr(key, value, rr);
 895                         break;
 896                 } else if (TYPE_MATCH(type, ns_t_aaaa,
 897                                       rec_type, "AAAA", key, query)) {
 898                         rc = rwrap_create_fake_aaaa_rr(key, value, rr);
 899                         break;
 900                 } else if (TYPE_MATCH(type, ns_t_ns,
 901                                       rec_type, "NS", key, query)) {
 902                         rc = rwrap_create_fake_ns_rr(key, value, rr);
 903                         break;
 904                 } else if (TYPE_MATCH(type, ns_t_srv,
 905                                       rec_type, "SRV", key, query)) {
 906                         rc = rwrap_create_fake_srv_rr(key, value, rr);
 907                         if (rc == 0) {
 908                                 rc = rwrap_srv_recurse(hostfile, recursion+1,
 909                                                 rr->rrdata.srv_rec.hostname,
 910                                                 rr + 1);
 911                         }
 912                         break;
 913                 } else if (TYPE_MATCH(type, ns_t_uri,
 914                                       rec_type, "URI", key, query)) {
 915                         rc = rwrap_create_fake_uri_rr(key, value, rr);
 916                         if (rc == 0) {
 917                                 /* Recurse to collect multiple URI answers under a single key. */
 918                                 rc = rwrap_uri_recurse(hostfile, recursion + 1, key, rr + 1);
 919                         }
 920                         break;
 921                 } else if (TYPE_MATCH(type, ns_t_soa,
 922                                       rec_type, "SOA", key, query)) {
 923                         rc = rwrap_create_fake_soa_rr(key, value, rr);
 924                         break;
 925                 } else if (TYPE_MATCH(type, ns_t_cname,
 926                                       rec_type, "CNAME", key, query)) {
 927                         rc = rwrap_create_fake_cname_rr(key, value, rr);
 928                         if (rc == 0) {
 929                                 rc = rwrap_cname_recurse(hostfile, recursion+1,
 930                                                          value, rr + 1);
 931                         }
 932                         break;
 933                 } else if (TYPE_MATCH(type, ns_t_a, rec_type, "CNAME", key, query)) {
 934                         rc = rwrap_create_fake_cname_rr(key, value, rr);
 935                         if (rc == 0) {
 936                                 rc = rwrap_cname_recurse(hostfile, recursion+1,
 937                                                          value, rr + 1);
 938                         }
 939                         break;
 940                 } else if (TYPE_MATCH(type, ns_t_ptr,
 941                                       rec_type, "PTR", key, query)) {
 942                         rc = rwrap_create_fake_ptr_rr(key, value, rr);
 943                         break;
 944                 }
 945         }
 946
 947         if (rc == ENOENT && recursion == 0 && key != NULL) {
 948                 RWRAP_LOG(RWRAP_LOG_TRACE, "Record for [%s] not found\n", query);
 949                 memcpy(rr->key, key, strlen(key) + 1);
 950         }
 951
 952         fclose(fp);
 953         return rc;
 954 }
 955
 956 static ssize_t rwrap_fake_empty(int type,
 957                                 const char *question,
 958                                 uint8_t *answer,
 959                                 size_t anslen)
 960 {
 961         ssize_t resp_data;
 962         size_t remaining = anslen;
 963
 964         resp_data = rwrap_fake_header(&answer, remaining, 0, 0);
 965         if (resp_data < 0) {
 966                 return -1;
 967         }
 968         remaining -= resp_data;
 969
 970         resp_data += rwrap_fake_question(question, type, &answer, remaining);
 971         if (resp_data < 0) {
 972                 return -1;
 973         }
 974         remaining -= resp_data;
 975
 976         resp_data += rwrap_fake_rdata_common(type, 0, question,
 977                                             remaining, &answer);
 978         if (resp_data < 0) {
 979                 return -1;
 980         }
 981
 982         return resp_data;
 983 }
 984
 985 static inline bool rwrap_known_type(int type)
 986 {
 987         switch (type) {
 988         case ns_t_a:
 989         case ns_t_aaaa:
 990         case ns_t_ns:
 991         case ns_t_srv:
 992         case ns_t_uri:
 993         case ns_t_soa:
 994         case ns_t_cname:
 995         case ns_t_ptr:
 996                 return true;
 997         }
 998
 999         return false;
1000 }
1001
1002 static int rwrap_ancount(struct rwrap_fake_rr *rrs, int qtype)
1003 {
1004         int i;
1005         int ancount = 0;
1006
1007         /* For URI return the number of URIs. */
1008         if (qtype == ns_t_uri) {
1009                 for (i = 0; i < RWRAP_MAX_RECURSION; i++) {
1010                         if (rwrap_known_type(rrs[i].type) &&
1011                             rrs[i].type == qtype) {
1012                                 ancount++;
1013                         }
1014                 }
1015                 return ancount;
1016         }
1017
1018         /* Include all RRs in the stack until the sought type
1019          * in the answer section. This is the case i.e. when looking
1020          * up an A record but the name points to a CNAME
1021          */
1022         for (i = 0; i < RWRAP_MAX_RECURSION; i++) {
1023                 ancount++;
1024
1025                 if (rwrap_known_type(rrs[i].type) &&
1026                     rrs[i].type == qtype) {
1027                         break;
1028                 }
1029         }
1030
1031         /* Return 0 records if the sought type wasn't in the stack */
1032         return i < RWRAP_MAX_RECURSION ? ancount : 0;
1033 }
1034
1035 static int rwrap_arcount(struct rwrap_fake_rr *rrs, int ancount)
1036 {
1037         int i;
1038         int arcount = 0;
1039
1040         /* start from index ancount */
1041         for (i = ancount; i < RWRAP_MAX_RECURSION; i++) {
1042                 if (rwrap_known_type(rrs[i].type)) {
1043                         arcount++;
1044                 }
1045         }
1046
1047         return arcount;
1048 }
1049
1050 static ssize_t rwrap_add_rr(struct rwrap_fake_rr *rr,
1051                             uint8_t *answer,
1052                             size_t anslen)
1053 {
1054         ssize_t resp_data;
1055
1056         if (rr == NULL) {
1057                 RWRAP_LOG(RWRAP_LOG_ERROR, "Internal error!\n");
1058                 return -1;
1059         }
1060
1061         switch (rr->type) {
1062         case ns_t_a:
1063                 resp_data = rwrap_fake_a(rr, answer, anslen);
1064                 break;
1065         case ns_t_aaaa:
1066                 resp_data = rwrap_fake_aaaa(rr, answer, anslen);
1067                 break;
1068         case ns_t_ns:
1069                 resp_data = rwrap_fake_ns(rr, answer, anslen);
1070                 break;
1071         case ns_t_srv:
1072                 resp_data = rwrap_fake_srv(rr, answer, anslen);
1073                 break;
1074         case ns_t_uri:
1075                 resp_data = rwrap_fake_uri(rr, answer, anslen);
1076                 break;
1077         case ns_t_soa:
1078                 resp_data = rwrap_fake_soa(rr, answer, anslen);
1079                 break;
1080         case ns_t_cname:
1081                 resp_data = rwrap_fake_cname(rr, answer, anslen);
1082                 break;
1083         case ns_t_ptr:
1084                 resp_data = rwrap_fake_ptr(rr, answer, anslen);
1085                 break;
1086         default:
1087                 return -1;
1088         }
1089
1090         return resp_data;
1091 }
1092
1093 static ssize_t rwrap_fake_answer(struct rwrap_fake_rr *rrs,
1094                                  int type,
1095                                  uint8_t *answer,
1096                                  size_t anslen)
1097
1098 {
1099         ssize_t resp_data;
1100         ssize_t rrlen;
1101         size_t remaining = anslen;
1102         int ancount;
1103         int arcount;
1104         int i;
1105
1106         ancount = rwrap_ancount(rrs, type);
1107         arcount = rwrap_arcount(rrs, ancount);
1108         RWRAP_LOG(RWRAP_LOG_TRACE,
1109                   "Got %d answers and %d additional records\n", ancount, arcount);
1110
1111         resp_data = rwrap_fake_header(&answer, remaining, ancount, arcount);
1112         if (resp_data < 0) {
1113                 return -1;
1114         }
1115         remaining -= resp_data;
1116
1117         resp_data += rwrap_fake_question(rrs->key, rrs->type, &answer, remaining);
1118         if (resp_data < 0) {
1119                 return -1;
1120         }
1121         remaining -= resp_data;
1122
1123         /* answer */
1124         for (i = 0; i < ancount; i++) {
1125                 rrlen = rwrap_add_rr(&rrs[i], answer, remaining);
1126                 if (rrlen < 0) {
1127                         return -1;
1128                 }
1129                 remaining -= rrlen;
1130                 answer += rrlen;
1131                 resp_data += rrlen;
1132         }
1133
1134         /* add authoritative NS here? */
1135
1136         /* additional records */
1137         for (i = ancount; i < ancount + arcount; i++) {
1138                 rrlen = rwrap_add_rr(&rrs[i], answer, remaining);
1139                 if (rrlen < 0) {
1140                         return -1;
1141                 }
1142                 remaining -= rrlen;
1143                 answer += rrlen;
1144                 resp_data += rrlen;
1145         }
1146
1147         return resp_data;
1148 }
1149
1150 /* Reads in a file in the following format:
1151  * TYPE RDATA
1152  *
1153  * Malformed entries are silently skipped.
1154  * Allocates answer buffer of size anslen that has to be freed after use.
1155  */
1156 static int rwrap_res_fake_hosts(const char *hostfile,
1157                                 const char *query,
1158                                 int type,
1159                                 unsigned char *answer,
1160                                 size_t anslen)
1161 {
1162         int rc = ENOENT;
1163         char *query_name = NULL;
1164         size_t qlen = strlen(query);
1165         struct rwrap_fake_rr rrs[RWRAP_MAX_RECURSION];
1166         ssize_t resp_size;
1167
1168         RWRAP_LOG(RWRAP_LOG_TRACE,
1169                   "Searching in fake hosts file %s\n", hostfile);
1170
1171         if (qlen > 0 && query[qlen-1] == '.') {
1172                 qlen--;
1173         }
1174
1175         query_name = strndup(query, qlen);
1176         if (query_name == NULL) {
1177                 return -1;
1178         }
1179
1180         rwrap_fake_rr_init(rrs, RWRAP_MAX_RECURSION);
1181
1182         rc = rwrap_get_record(hostfile, 0, query_name, type, rrs);
1183         switch (rc) {
1184         case 0:
1185                 RWRAP_LOG(RWRAP_LOG_TRACE,
1186                                 "Found record for [%s]\n", query_name);
1187                 resp_size = rwrap_fake_answer(rrs, type, answer, anslen);
1188                 break;
1189         case ENOENT:
1190                 RWRAP_LOG(RWRAP_LOG_TRACE,
1191                                 "No record for [%s]\n", query_name);
1192                 resp_size = rwrap_fake_empty(type, rrs->key, answer, anslen);
1193                 break;
1194         default:
1195                 RWRAP_LOG(RWRAP_LOG_ERROR,
1196                                 "Error searching for [%s]\n", query_name);
1197                 free(query_name);
1198                 return -1;
1199         }
1200
1201         switch (resp_size) {
1202         case -1:
1203                 RWRAP_LOG(RWRAP_LOG_ERROR,
1204                                 "Error faking answer for [%s]\n", query_name);
1205                 break;
1206         default:
1207                 RWRAP_LOG(RWRAP_LOG_TRACE,
1208                                 "Successfully faked answer for [%s]\n",
1209                                 query_name);
1210                 break;
1211         }
1212
1213         free(query_name);
1214         return resp_size;
1215 }
1216
1217 /*********************************************************
1218  * RWRAP LOADING LIBC FUNCTIONS
1219  *********************************************************/
1220
1221 #include <dlfcn.h>
1222
1223 typedef int (*__libc_res_ninit)(struct __res_state *state);
1224 typedef int (*__libc___res_ninit)(struct __res_state *state);
1225 typedef void (*__libc_res_nclose)(struct __res_state *state);
1226 typedef void (*__libc___res_nclose)(struct __res_state *state);
1227 typedef int (*__libc_res_nquery)(struct __res_state *state,
1228                                  const char *dname,
1229                                  int class,
1230                                  int type,
1231                                  unsigned char *answer,
1232                                  int anslen);
1233 typedef int (*__libc___res_nquery)(struct __res_state *state,
1234                                    const char *dname,
1235                                    int class,
1236                                    int type,
1237                                    unsigned char *answer,
1238                                    int anslen);
1239 typedef int (*__libc_res_nsearch)(struct __res_state *state,
1240                                   const char *dname,
1241                                   int class,
1242                                   int type,
1243                                   unsigned char *answer,
1244                                   int anslen);
1245 typedef int (*__libc___res_nsearch)(struct __res_state *state,
1246                                     const char *dname,
1247                                     int class,
1248                                     int type,
1249                                     unsigned char *answer,
1250                                     int anslen);
1251
1252 #define RWRAP_SYMBOL_ENTRY(i) \
1253         union { \
1254                 __libc_##i f; \
1255                 void *obj; \
1256         } _libc_##i
1257
1258 struct rwrap_libc_symbols {
1259         RWRAP_SYMBOL_ENTRY(res_ninit);
1260         RWRAP_SYMBOL_ENTRY(__res_ninit);
1261         RWRAP_SYMBOL_ENTRY(res_nclose);
1262         RWRAP_SYMBOL_ENTRY(__res_nclose);
1263         RWRAP_SYMBOL_ENTRY(res_nquery);
1264         RWRAP_SYMBOL_ENTRY(__res_nquery);
1265         RWRAP_SYMBOL_ENTRY(res_nsearch);
1266         RWRAP_SYMBOL_ENTRY(__res_nsearch);
1267 };
1268 #undef RWRAP_SYMBOL_ENTRY
1269
1270 struct rwrap {
1271         struct {
1272                 void *handle;
1273                 struct rwrap_libc_symbols symbols;
1274         } libc;
1275
1276         struct {
1277                 void *handle;
1278                 struct rwrap_libc_symbols symbols;
1279         } libresolv;
1280
1281         bool initialised;
1282         bool enabled;
1283
1284         char *socket_dir;
1285 };
1286
1287 static struct rwrap rwrap;
1288
1289 enum rwrap_lib {
1290     RWRAP_LIBC,
1291     RWRAP_LIBRESOLV
1292 };
1293
1294 #ifndef NDEBUG
1295 static const char *rwrap_str_lib(enum rwrap_lib lib)
1296 {
1297         switch (lib) {
1298         case RWRAP_LIBC:
1299                 return "libc";
1300         case RWRAP_LIBRESOLV:
1301                 return "libresolv";
1302         }
1303
1304         /* Compiler would warn us about unhandled enum value if we get here */
1305         return "unknown";
1306 }
1307 #endif
1308
1309 static void *rwrap_load_lib_handle(enum rwrap_lib lib)
1310 {
1311         int flags = RTLD_LAZY;
1312         void *handle = NULL;
1313         int i;
1314
1315 #ifdef RTLD_DEEPBIND
1316         flags |= RTLD_DEEPBIND;
1317 #endif
1318
1319         switch (lib) {
1320         case RWRAP_LIBRESOLV:
1321 #ifdef HAVE_LIBRESOLV
1322                 handle = rwrap.libresolv.handle;
1323                 if (handle == NULL) {
1324                         for (i = 10; i >= 0; i--) {
1325                                 char soname[256] = {0};
1326
1327                                 snprintf(soname, sizeof(soname), "libresolv.so.%d", i);
1328                                 handle = dlopen(soname, flags);
1329                                 if (handle != NULL) {
1330                                         break;
1331                                 }
1332                         }
1333
1334                         rwrap.libresolv.handle = handle;
1335                 }
1336                 break;
1337 #endif
1338                 /* FALL TROUGH */
1339         case RWRAP_LIBC:
1340                 handle = rwrap.libc.handle;
1341 #ifdef LIBC_SO
1342                 if (handle == NULL) {
1343                         handle = dlopen(LIBC_SO, flags);
1344
1345                         rwrap.libc.handle = handle;
1346                 }
1347 #endif
1348                 if (handle == NULL) {
1349                         for (i = 10; i >= 0; i--) {
1350                                 char soname[256] = {0};
1351
1352                                 snprintf(soname, sizeof(soname), "libc.so.%d", i);
1353                                 handle = dlopen(soname, flags);
1354                                 if (handle != NULL) {
1355                                         break;
1356                                 }
1357                         }
1358
1359                         rwrap.libc.handle = handle;
1360                 }
1361                 break;
1362         }
1363
1364         if (handle == NULL) {
1365 #ifdef RTLD_NEXT
1366                 handle = rwrap.libc.handle = rwrap.libresolv.handle = RTLD_NEXT;
1367 #else
1368                 RWRAP_LOG(RWRAP_LOG_ERROR,
1369                           "Failed to dlopen library: %s\n",
1370                           dlerror());
1371                 exit(-1);
1372 #endif
1373         }
1374
1375         return handle;
1376 }
1377
1378 static void *_rwrap_bind_symbol(enum rwrap_lib lib, const char *fn_name)
1379 {
1380         void *handle;
1381         void *func;
1382
1383         handle = rwrap_load_lib_handle(lib);
1384
1385         func = dlsym(handle, fn_name);
1386         if (func == NULL) {
1387                 RWRAP_LOG(RWRAP_LOG_ERROR,
1388                                 "Failed to find %s: %s\n",
1389                                 fn_name, dlerror());
1390                 exit(-1);
1391         }
1392
1393         RWRAP_LOG(RWRAP_LOG_TRACE,
1394                         "Loaded %s from %s",
1395                         fn_name, rwrap_str_lib(lib));
1396         return func;
1397 }
1398
1399 #define rwrap_bind_symbol_libc(sym_name) \
1400         if (rwrap.libc.symbols._libc_##sym_name.obj == NULL) { \
1401                 rwrap.libc.symbols._libc_##sym_name.obj = \
1402                         _rwrap_bind_symbol(RWRAP_LIBC, #sym_name); \
1403         }
1404
1405 #define rwrap_bind_symbol_libresolv(sym_name) \
1406         if (rwrap.libresolv.symbols._libc_##sym_name.obj == NULL) { \
1407                 rwrap.libresolv.symbols._libc_##sym_name.obj = \
1408                         _rwrap_bind_symbol(RWRAP_LIBRESOLV, #sym_name); \
1409         }
1410
1411 /*
1412  * IMPORTANT
1413  *
1414  * Functions especially from libc need to be loaded individually, you can't load
1415  * all at once or gdb will segfault at startup. The same applies to valgrind and
1416  * has probably something todo with with the linker.
1417  * So we need load each function at the point it is called the first time.
1418  */
1419
1420 static int libc_res_ninit(struct __res_state *state)
1421 {
1422 #if !defined(res_ninit) && defined(HAVE_RES_NINIT)
1423
1424 #if defined(HAVE_RES_NINIT_IN_LIBRESOLV)
1425         rwrap_bind_symbol_libresolv(res_ninit);
1426
1427         return rwrap.libresolv.symbols._libc_res_ninit.f(state);
1428 #else /* HAVE_RES_NINIT_IN_LIBRESOLV */
1429         rwrap_bind_symbol_libc(res_ninit);
1430
1431         return rwrap.libc.symbols._libc_res_ninit.f(state);
1432 #endif /* HAVE_RES_NINIT_IN_LIBRESOLV */
1433
1434 #elif defined(HAVE___RES_NINIT)
1435         rwrap_bind_symbol_libc(__res_ninit);
1436
1437         return rwrap.libc.symbols._libc___res_ninit.f(state);
1438 #else
1439 #error "No res_ninit function"
1440 #endif
1441 }
1442
1443 static void libc_res_nclose(struct __res_state *state)
1444 {
1445 #if !defined(res_close) && defined(HAVE_RES_NCLOSE)
1446
1447 #if defined(HAVE_RES_NCLOSE_IN_LIBRESOLV)
1448         rwrap_bind_symbol_libresolv(res_nclose);
1449
1450         rwrap.libresolv.symbols._libc_res_nclose.f(state);
1451         return;
1452 #else /* HAVE_RES_NCLOSE_IN_LIBRESOLV */
1453         rwrap_bind_symbol_libc(res_nclose);
1454
1455         rwrap.libc.symbols._libc_res_nclose.f(state);
1456         return;
1457 #endif /* HAVE_RES_NCLOSE_IN_LIBRESOLV */
1458
1459 #elif defined(HAVE___RES_NCLOSE)
1460         rwrap_bind_symbol_libc(__res_nclose);
1461
1462         rwrap.libc.symbols._libc___res_nclose.f(state);
1463 #else
1464 #error "No res_nclose function"
1465 #endif
1466 }
1467
1468 static int libc_res_nquery(struct __res_state *state,
1469                            const char *dname,
1470                            int class,
1471                            int type,
1472                            unsigned char *answer,
1473                            int anslen)
1474 {
1475 #if !defined(res_nquery) && defined(HAVE_RES_NQUERY)
1476         rwrap_bind_symbol_libresolv(res_nquery);
1477
1478         return rwrap.libresolv.symbols._libc_res_nquery.f(state,
1479                                                           dname,
1480                                                           class,
1481                                                           type,
1482                                                           answer,
1483                                                           anslen);
1484 #elif defined(HAVE___RES_NQUERY)
1485         rwrap_bind_symbol_libresolv(__res_nquery);
1486
1487         return rwrap.libresolv.symbols._libc___res_nquery.f(state,
1488                                                             dname,
1489                                                             class,
1490                                                             type,
1491                                                             answer,
1492                                                             anslen);
1493 #else
1494 #error "No res_nquery function"
1495 #endif
1496 }
1497
1498 static int libc_res_nsearch(struct __res_state *state,
1499                             const char *dname,
1500                             int class,
1501                             int type,
1502                             unsigned char *answer,
1503                             int anslen)
1504 {
1505 #if !defined(res_nsearch) && defined(HAVE_RES_NSEARCH)
1506         rwrap_bind_symbol_libresolv(res_nsearch);
1507
1508         return rwrap.libresolv.symbols._libc_res_nsearch.f(state,
1509                                                            dname,
1510                                                            class,
1511                                                            type,
1512                                                            answer,
1513                                                            anslen);
1514 #elif defined(HAVE___RES_NSEARCH)
1515         rwrap_bind_symbol_libresolv(__res_nsearch);
1516
1517         return rwrap.libresolv.symbols._libc___res_nsearch.f(state,
1518                                                              dname,
1519                                                              class,
1520                                                              type,
1521                                                              answer,
1522                                                              anslen);
1523 #else
1524 #error "No res_nsearch function"
1525 #endif
1526 }
1527
1528 /****************************************************************************
1529  *   RES_HELPER
1530  ***************************************************************************/
1531
1532 static int rwrap_parse_resolv_conf(struct __res_state *state,
1533                                    const char *resolv_conf)
1534 {
1535         FILE *fp;
1536         char buf[BUFSIZ];
1537         int nserv = 0;
1538
1539         fp = fopen(resolv_conf, "r");
1540         if (fp == NULL) {
1541                 RWRAP_LOG(RWRAP_LOG_ERROR,
1542                           "Opening %s failed: %s",
1543                           resolv_conf, strerror(errno));
1544                 return -1;
1545         }
1546
1547         while(fgets(buf, sizeof(buf), fp) != NULL) {
1548                 char *p;
1549
1550                 /* Ignore comments */
1551                 if (buf[0] == '#' || buf[0] == ';') {
1552                         continue;
1553                 }
1554
1555                 if (RESOLV_MATCH(buf, "nameserver") && nserv < MAXNS) {
1556                         struct in_addr a;
1557                         char *q;
1558                         int ok;
1559
1560                         p = buf + strlen("nameserver");
1561
1562                         /* Skip spaces and tabs */
1563                         while(isblank((int)p[0])) {
1564                                 p++;
1565                         }
1566
1567                         q = p;
1568                         while(q[0] != '\n' && q[0] != '\0') {
1569                                 q++;
1570                         }
1571                         q[0] = '\0';
1572
1573                         ok = inet_pton(AF_INET, p, &a);
1574                         if (ok) {
1575                                 state->nsaddr_list[state->nscount] = (struct sockaddr_in) {
1576                                         .sin_family = AF_INET,
1577                                         .sin_addr = a,
1578                                         .sin_port = htons(53),
1579                                         .sin_zero = { 0 },
1580                                 };
1581
1582                                 state->nscount++;
1583                                 nserv++;
1584                         } else {
1585 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1586                                 /* IPv6 */
1587                                 struct in6_addr a6;
1588                                 ok = inet_pton(AF_INET6, p, &a6);
1589                                 if (ok) {
1590                                         struct sockaddr_in6 *sa6;
1591
1592                                         sa6 = malloc(sizeof(*sa6));
1593                                         if (sa6 == NULL) {
1594                                                 fclose(fp);
1595                                                 return -1;
1596                                         }
1597
1598                                         sa6->sin6_family = AF_INET6;
1599                                         sa6->sin6_port = htons(53);
1600                                         sa6->sin6_flowinfo = 0;
1601                                         sa6->sin6_addr = a6;
1602
1603                                         state->_u._ext.nsaddrs[state->_u._ext.nscount] = sa6;
1604                                         state->_u._ext.nssocks[state->_u._ext.nscount] = -1;
1605                                         state->_u._ext.nsmap[state->_u._ext.nscount] = MAXNS + 1;
1606
1607                                         state->_u._ext.nscount++;
1608                                         nserv++;
1609                                 } else {
1610                                         RWRAP_LOG(RWRAP_LOG_ERROR,
1611                                                 "Malformed DNS server");
1612                                         continue;
1613                                 }
1614 #else /* !HAVE_RESOLV_IPV6_NSADDRS */
1615                                 /*
1616                                  * BSD uses an opaque structure to store the
1617                                  * IPv6 addresses. So we can not simply store
1618                                  * these addresses the same way as above.
1619                                  */
1620                                 RWRAP_LOG(RWRAP_LOG_WARN,
1621                                           "resolve_wrapper does not support "
1622                                           "IPv6 on this platform");
1623                                         continue;
1624 #endif
1625                         }
1626                         continue;
1627                 } /* TODO: match other keywords */
1628         }
1629
1630         if (ferror(fp)) {
1631                 RWRAP_LOG(RWRAP_LOG_ERROR,
1632                           "Reading from %s failed",
1633                           resolv_conf);
1634                 fclose(fp);
1635                 return -1;
1636         }
1637
1638         fclose(fp);
1639         return 0;
1640 }
1641
1642 /****************************************************************************
1643  *   RES_NINIT
1644  ***************************************************************************/
1645
1646 static int rwrap_res_ninit(struct __res_state *state)
1647 {
1648         int rc;
1649
1650         rc = libc_res_ninit(state);
1651         if (rc == 0) {
1652                 const char *resolv_conf = getenv("RESOLV_WRAPPER_CONF");
1653
1654                 if (resolv_conf != NULL) {
1655                         uint16_t i;
1656
1657                         (void)i; /* maybe unused */
1658
1659                         /* Delete name servers */
1660                         state->nscount = 0;
1661                         memset(state->nsaddr_list, 0, sizeof(state->nsaddr_list));
1662
1663 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1664                         state->_u._ext.nscount = 0;
1665                         for (i = 0; i < state->_u._ext.nscount; i++) {
1666                                 SAFE_FREE(state->_u._ext.nsaddrs[i]);
1667                         }
1668 #endif
1669
1670                         rc = rwrap_parse_resolv_conf(state, resolv_conf);
1671                 }
1672         }
1673
1674         return rc;
1675 }
1676
1677 #if !defined(res_ninit) && defined(HAVE_RES_NINIT)
1678 int res_ninit(struct __res_state *state)
1679 #elif defined(HAVE___RES_NINIT)
1680 int __res_ninit(struct __res_state *state)
1681 #endif
1682 {
1683         return rwrap_res_ninit(state);
1684 }
1685
1686 /****************************************************************************
1687  *   RES_INIT
1688  ***************************************************************************/
1689
1690 static struct __res_state rwrap_res_state;
1691
1692 static int rwrap_res_init(void)
1693 {
1694         int rc;
1695
1696         rc = rwrap_res_ninit(&rwrap_res_state);
1697
1698         return rc;
1699 }
1700
1701 #if !defined(res_ninit) && defined(HAVE_RES_INIT)
1702 int res_init(void)
1703 #elif defined(HAVE___RES_INIT)
1704 int __res_init(void)
1705 #endif
1706 {
1707         return rwrap_res_init();
1708 }
1709
1710 /****************************************************************************
1711  *   RES_NCLOSE
1712  ***************************************************************************/
1713
1714 static void rwrap_res_nclose(struct __res_state *state)
1715 {
1716 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1717         int i;
1718 #endif
1719
1720         libc_res_nclose(state);
1721
1722 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1723         if (state != NULL) {
1724                 for (i = 0; i < state->_u._ext.nscount; i++) {
1725                         SAFE_FREE(state->_u._ext.nsaddrs[i]);
1726                 }
1727         }
1728 #endif
1729 }
1730
1731 #if !defined(res_nclose) && defined(HAVE_RES_NCLOSE)
1732 void res_nclose(struct __res_state *state)
1733 #elif defined(HAVE___RES_NCLOSE)
1734 void __res_nclose(struct __res_state *state)
1735 #endif
1736 {
1737         rwrap_res_nclose(state);
1738 }
1739
1740 /****************************************************************************
1741  *   RES_CLOSE
1742  ***************************************************************************/
1743
1744 static void rwrap_res_close(void)
1745 {
1746         rwrap_res_nclose(&rwrap_res_state);
1747 }
1748
1749 #if defined(HAVE_RES_CLOSE)
1750 void res_close(void)
1751 #elif defined(HAVE___RES_CLOSE)
1752 void __res_close(void)
1753 #endif
1754 {
1755         rwrap_res_close();
1756 }
1757
1758 /****************************************************************************
1759  *   RES_NQUERY
1760  ***************************************************************************/
1761
1762 static int rwrap_res_nquery(struct __res_state *state,
1763                             const char *dname,
1764                             int class,
1765                             int type,
1766                             unsigned char *answer,
1767                             int anslen)
1768 {
1769         int rc;
1770         const char *fake_hosts;
1771 #ifndef NDEBUG
1772         int i;
1773 #endif
1774
1775         RWRAP_LOG(RWRAP_LOG_TRACE,
1776                   "Resolve the domain name [%s] - class=%d, type=%d",
1777                   dname, class, type);
1778 #ifndef NDEBUG
1779         for (i = 0; i < state->nscount; i++) {
1780                 char ip[INET6_ADDRSTRLEN];
1781
1782                 inet_ntop(AF_INET, &state->nsaddr_list[i].sin_addr, ip, sizeof(ip));
1783                 RWRAP_LOG(RWRAP_LOG_TRACE,
1784                           "        nameserver: %s",
1785                           ip);
1786         }
1787 #endif
1788
1789         fake_hosts = getenv("RESOLV_WRAPPER_HOSTS");
1790         if (fake_hosts != NULL) {
1791                 rc = rwrap_res_fake_hosts(fake_hosts, dname, type, answer, anslen);
1792         } else {
1793                 rc = libc_res_nquery(state, dname, class, type, answer, anslen);
1794         }
1795
1796
1797         RWRAP_LOG(RWRAP_LOG_TRACE,
1798                   "The returned response length is: %d",
1799                   rc);
1800
1801         return rc;
1802 }
1803
1804 #if !defined(res_nquery) && defined(HAVE_RES_NQUERY)
1805 int res_nquery(struct __res_state *state,
1806                const char *dname,
1807                int class,
1808                int type,
1809                unsigned char *answer,
1810                int anslen)
1811 #elif defined(HAVE___RES_NQUERY)
1812 int __res_nquery(struct __res_state *state,
1813                  const char *dname,
1814                  int class,
1815                  int type,
1816                  unsigned char *answer,
1817                  int anslen)
1818 #endif
1819 {
1820         return rwrap_res_nquery(state, dname, class, type, answer, anslen);
1821 }
1822
1823 /****************************************************************************
1824  *   RES_QUERY
1825  ***************************************************************************/
1826
1827 static int rwrap_res_query(const char *dname,
1828                            int class,
1829                            int type,
1830                            unsigned char *answer,
1831                            int anslen)
1832 {
1833         int rc;
1834
1835         rc = rwrap_res_ninit(&rwrap_res_state);
1836         if (rc != 0) {
1837                 return rc;
1838         }
1839
1840         rc = rwrap_res_nquery(&rwrap_res_state,
1841                               dname,
1842                               class,
1843                               type,
1844                               answer,
1845                               anslen);
1846
1847         return rc;
1848 }
1849
1850 #if !defined(res_query) && defined(HAVE_RES_QUERY)
1851 int res_query(const char *dname,
1852               int class,
1853               int type,
1854               unsigned char *answer,
1855               int anslen)
1856 #elif defined(HAVE___RES_QUERY)
1857 int __res_query(const char *dname,
1858                 int class,
1859                 int type,
1860                 unsigned char *answer,
1861                 int anslen)
1862 #endif
1863 {
1864         return rwrap_res_query(dname, class, type, answer, anslen);
1865 }
1866
1867 /****************************************************************************
1868  *   RES_NSEARCH
1869  ***************************************************************************/
1870
1871 static int rwrap_res_nsearch(struct __res_state *state,
1872                              const char *dname,
1873                              int class,
1874                              int type,
1875                              unsigned char *answer,
1876                              int anslen)
1877 {
1878         int rc;
1879         const char *fake_hosts;
1880 #ifndef NDEBUG
1881         int i;
1882 #endif
1883
1884         RWRAP_LOG(RWRAP_LOG_TRACE,
1885                   "Resolve the domain name [%s] - class=%d, type=%d",
1886                   dname, class, type);
1887 #ifndef NDEBUG
1888         for (i = 0; i < state->nscount; i++) {
1889                 char ip[INET6_ADDRSTRLEN];
1890
1891                 inet_ntop(AF_INET, &state->nsaddr_list[i].sin_addr, ip, sizeof(ip));
1892                 RWRAP_LOG(RWRAP_LOG_TRACE,
1893                           "        nameserver: %s",
1894                           ip);
1895         }
1896 #endif
1897
1898         fake_hosts = getenv("RESOLV_WRAPPER_HOSTS");
1899         if (fake_hosts != NULL) {
1900                 rc = rwrap_res_fake_hosts(fake_hosts, dname, type, answer, anslen);
1901         } else {
1902                 rc = libc_res_nsearch(state, dname, class, type, answer, anslen);
1903         }
1904
1905         RWRAP_LOG(RWRAP_LOG_TRACE,
1906                   "The returned response length is: %d",
1907                   rc);
1908
1909         return rc;
1910 }
1911
1912 #if !defined(res_nsearch) && defined(HAVE_RES_NSEARCH)
1913 int res_nsearch(struct __res_state *state,
1914                 const char *dname,
1915                 int class,
1916                 int type,
1917                 unsigned char *answer,
1918                 int anslen)
1919 #elif defined(HAVE___RES_NSEARCH)
1920 int __res_nsearch(struct __res_state *state,
1921                   const char *dname,
1922                   int class,
1923                   int type,
1924                   unsigned char *answer,
1925                   int anslen)
1926 #endif
1927 {
1928         return rwrap_res_nsearch(state, dname, class, type, answer, anslen);
1929 }
1930
1931 /****************************************************************************
1932  *   RES_SEARCH
1933  ***************************************************************************/
1934
1935 static int rwrap_res_search(const char *dname,
1936                             int class,
1937                             int type,
1938                             unsigned char *answer,
1939                             int anslen)
1940 {
1941         int rc;
1942
1943         rc = rwrap_res_ninit(&rwrap_res_state);
1944         if (rc != 0) {
1945                 return rc;
1946         }
1947
1948         rc = rwrap_res_nsearch(&rwrap_res_state,
1949                                dname,
1950                                class,
1951                                type,
1952                                answer,
1953                                anslen);
1954
1955         return rc;
1956 }
1957
1958 #if !defined(res_search) && defined(HAVE_RES_SEARCH)
1959 int res_search(const char *dname,
1960                int class,
1961                int type,
1962                unsigned char *answer,
1963                int anslen)
1964 #elif defined(HAVE___RES_SEARCH)
1965 int __res_search(const char *dname,
1966                  int class,
1967                  int type,
1968                  unsigned char *answer,
1969                  int anslen)
1970 #endif
1971 {
1972         return rwrap_res_search(dname, class, type, answer, anslen);
1973 }