2 * Copyright (c) 2014 Andreas Schneider <asn@samba.org>
3 * Copyright (c) 2014 Jakub Hrozek <jakub.hrozek@posteo.se>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
18 * 3. Neither the name of the author nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
38 #include <arpa/inet.h>
39 #ifdef HAVE_ARPA_NAMESER_H
40 #include <arpa/nameser.h>
41 #endif /* HAVE_ARPA_NAMESER_H */
42 #include <netinet/in.h>
43 #include <sys/socket.h>
44 #include <sys/types.h>
55 /* GCC has printf type attribute check. */
56 #ifdef HAVE_ATTRIBUTE_PRINTF_FORMAT
57 #define PRINTF_ATTRIBUTE(a,b) __attribute__ ((__format__ (__printf__, a, b)))
59 #define PRINTF_ATTRIBUTE(a,b)
60 #endif /* HAVE_ATTRIBUTE_PRINTF_FORMAT */
62 #ifdef HAVE_DESTRUCTOR_ATTRIBUTE
63 #define DESTRUCTOR_ATTRIBUTE __attribute__ ((destructor))
65 #define DESTRUCTOR_ATTRIBUTE
66 #endif /* HAVE_DESTRUCTOR_ATTRIBUTE */
68 #ifndef RWRAP_DEFAULT_FAKE_TTL
69 #define RWRAP_DEFAULT_FAKE_TTL 600
70 #endif /* RWRAP_DEFAULT_FAKE_TTL */
72 #ifndef HAVE_NS_NAME_COMPRESS
73 #define ns_name_compress dn_comp
86 # define RWRAP_LOG(...)
89 static void rwrap_log(enum rwrap_dbglvl_e dbglvl, const char *func, const char *format, ...) PRINTF_ATTRIBUTE(3, 4);
90 # define RWRAP_LOG(dbglvl, ...) rwrap_log((dbglvl), __func__, __VA_ARGS__)
92 static void rwrap_log(enum rwrap_dbglvl_e dbglvl,
94 const char *format, ...)
102 d = getenv("RESOLV_WRAPPER_DEBUGLEVEL");
107 va_start(va, format);
108 vsnprintf(buffer, sizeof(buffer), format, va);
113 case RWRAP_LOG_ERROR:
115 "RWRAP_ERROR(%d) - %s: %s\n",
120 "RWRAP_WARN(%d) - %s: %s\n",
123 case RWRAP_LOG_DEBUG:
125 "RWRAP_DEBUG(%d) - %s: %s\n",
128 case RWRAP_LOG_TRACE:
130 "RWRAP_TRACE(%d) - %s: %s\n",
136 #endif /* NDEBUG RWRAP_LOG */
139 #define SAFE_FREE(x) do { if ((x) != NULL) {free(x); (x)=NULL;} } while(0)
142 #define NEXT_KEY(buf, key) do { \
143 (key) = (buf) ? strpbrk((buf), " \t") : NULL; \
144 if ((key) != NULL) { \
148 while ((key) != NULL \
149 && (isblank((int)(key)[0]))) { \
154 #define RWRAP_MAX_RECURSION 5
156 /* Priority and weight can be omitted from the hosts file, but need to be part
159 #define DFL_SRV_PRIO 1
160 #define DFL_SRV_WEIGHT 100
161 #define DFL_URI_PRIO 1
162 #define DFL_URI_WEIGHT 100
164 struct rwrap_srv_rrdata {
168 char hostname[MAXDNAME];
171 struct rwrap_uri_rrdata {
177 struct rwrap_soa_rrdata {
183 char nameserver[MAXDNAME];
184 char mailbox[MAXDNAME];
187 struct rwrap_fake_rr {
189 struct in_addr a_rec;
190 struct in6_addr aaaa_rec;
191 struct rwrap_srv_rrdata srv_rec;
192 struct rwrap_uri_rrdata uri_rec;
193 struct rwrap_soa_rrdata soa_rec;
194 char cname_rec[MAXDNAME];
195 char ptr_rec[MAXDNAME];
199 int type; /* ns_t_* */
202 static void rwrap_fake_rr_init(struct rwrap_fake_rr *rr, size_t len)
206 for (i = 0; i < len; i++) {
207 rr[i].type = ns_t_invalid;
211 static int rwrap_create_fake_a_rr(const char *key,
213 struct rwrap_fake_rr *rr)
217 ok = inet_pton(AF_INET, value, &rr->rrdata.a_rec);
219 RWRAP_LOG(RWRAP_LOG_ERROR,
220 "Failed to convert [%s] to binary\n", value);
224 memcpy(rr->key, key, strlen(key) + 1);
229 static int rwrap_create_fake_aaaa_rr(const char *key,
231 struct rwrap_fake_rr *rr)
235 ok = inet_pton(AF_INET6, value, &rr->rrdata.aaaa_rec);
237 RWRAP_LOG(RWRAP_LOG_ERROR,
238 "Failed to convert [%s] to binary\n", value);
242 memcpy(rr->key, key, strlen(key) + 1);
243 rr->type = ns_t_aaaa;
246 static int rwrap_create_fake_ns_rr(const char *key,
248 struct rwrap_fake_rr *rr)
250 memcpy(rr->rrdata.srv_rec.hostname, value, strlen(value) + 1);
251 memcpy(rr->key, key, strlen(key) + 1);
256 static int rwrap_create_fake_srv_rr(const char *key,
258 struct rwrap_fake_rr *rr)
263 const char *hostname;
265 /* parse the value into priority, weight, port and hostname
266 * and check the validity */
268 NEXT_KEY(hostname, str_port);
269 NEXT_KEY(str_port, str_prio);
270 NEXT_KEY(str_prio, str_weight);
271 if (str_port == NULL || hostname == NULL) {
272 RWRAP_LOG(RWRAP_LOG_ERROR,
273 "Malformed SRV entry [%s]\n", value);
278 rr->rrdata.srv_rec.prio = atoi(str_prio);
280 rr->rrdata.srv_rec.prio = DFL_SRV_PRIO;
283 rr->rrdata.srv_rec.weight = atoi(str_weight);
285 rr->rrdata.srv_rec.weight = DFL_SRV_WEIGHT;
287 rr->rrdata.srv_rec.port = atoi(str_port);
288 memcpy(rr->rrdata.srv_rec.hostname , hostname, strlen(hostname) + 1);
290 memcpy(rr->key, key, strlen(key) + 1);
295 static int rwrap_create_fake_uri_rr(const char *key,
297 struct rwrap_fake_rr *rr)
303 /* parse the value into priority, weight, and uri
304 * and check the validity */
306 NEXT_KEY(uri, str_prio);
307 NEXT_KEY(str_prio, str_weight);
309 RWRAP_LOG(RWRAP_LOG_ERROR,
310 "Malformed URI entry [%s]\n", value);
315 rr->rrdata.uri_rec.prio = atoi(str_prio);
317 rr->rrdata.uri_rec.prio = DFL_URI_PRIO;
320 rr->rrdata.uri_rec.weight = atoi(str_weight);
322 rr->rrdata.uri_rec.weight = DFL_URI_WEIGHT;
324 memcpy(rr->rrdata.uri_rec.uri, uri, strlen(uri) + 1);
326 memcpy(rr->key, key, strlen(key) + 1);
331 static int rwrap_create_fake_soa_rr(const char *key,
333 struct rwrap_fake_rr *rr)
335 const char *nameserver;
343 /* parse the value into nameserver, mailbox, serial, refresh,
344 * retry, expire, minimum and check the validity
347 NEXT_KEY(nameserver, mailbox);
348 NEXT_KEY(mailbox, str_serial);
349 NEXT_KEY(str_serial, str_refresh);
350 NEXT_KEY(str_refresh, str_retry);
351 NEXT_KEY(str_retry, str_expire);
352 NEXT_KEY(str_expire, str_minimum);
353 if (nameserver == NULL || mailbox == NULL || str_serial == NULL ||
354 str_refresh == NULL || str_retry == NULL || str_expire == NULL ||
355 str_minimum == NULL) {
356 RWRAP_LOG(RWRAP_LOG_ERROR,
357 "Malformed SOA entry [%s]\n", value);
361 memcpy(rr->rrdata.soa_rec.nameserver, nameserver, strlen(nameserver)+1);
362 memcpy(rr->rrdata.soa_rec.mailbox, mailbox, strlen(mailbox)+1);
364 rr->rrdata.soa_rec.serial = atoi(str_serial);
365 rr->rrdata.soa_rec.refresh = atoi(str_refresh);
366 rr->rrdata.soa_rec.retry = atoi(str_retry);
367 rr->rrdata.soa_rec.expire = atoi(str_expire);
368 rr->rrdata.soa_rec.minimum = atoi(str_minimum);
370 memcpy(rr->key, key, strlen(key) + 1);
375 static int rwrap_create_fake_cname_rr(const char *key,
377 struct rwrap_fake_rr *rr)
379 memcpy(rr->rrdata.cname_rec , value, strlen(value) + 1);
380 memcpy(rr->key, key, strlen(key) + 1);
381 rr->type = ns_t_cname;
385 static int rwrap_create_fake_ptr_rr(const char *key,
387 struct rwrap_fake_rr *rr)
389 memcpy(rr->rrdata.ptr_rec , value, strlen(value) + 1);
390 memcpy(rr->key, key, strlen(key) + 1);
395 /* Prepares a fake header with a single response. Advances header_blob */
396 static ssize_t rwrap_fake_header(uint8_t **header_blob, size_t remaining,
397 size_t ancount, size_t arcount)
402 if (remaining < NS_HFIXEDSZ) {
403 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small!\n");
408 memset(hb, 0, NS_HFIXEDSZ);
411 h->id = res_randomid(); /* random query ID */
412 h->qr = 1; /* response flag */
413 h->rd = 1; /* recursion desired */
414 h->ra = 1; /* recursion available */
416 h->qdcount = htons(1); /* no. of questions */
417 h->ancount = htons(ancount); /* no. of answers */
418 h->arcount = htons(arcount); /* no. of add'tl records */
420 hb += NS_HFIXEDSZ; /* move past the header */
426 static ssize_t rwrap_fake_question(const char *question,
428 uint8_t **question_ptr,
431 uint8_t *qb = *question_ptr;
434 n = ns_name_compress(question, qb, remaining, NULL, NULL);
436 RWRAP_LOG(RWRAP_LOG_ERROR,
437 "Failed to compress [%s]\n", question);
444 if (remaining < 2 * sizeof(uint16_t)) {
445 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small!\n");
450 NS_PUT16(ns_c_in, qb);
453 return n + 2 * sizeof(uint16_t);
456 static ssize_t rwrap_fake_rdata_common(uint16_t type,
462 uint8_t *rd = *rdata_ptr;
465 written = ns_name_compress(key, rd, remaining, NULL, NULL);
467 RWRAP_LOG(RWRAP_LOG_ERROR,
468 "Failed to compress [%s]\n", key);
472 remaining -= written;
474 if (remaining < 3 * sizeof(uint16_t) + sizeof(uint32_t)) {
475 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small\n");
480 NS_PUT16(ns_c_in, rd);
481 NS_PUT32(RWRAP_DEFAULT_FAKE_TTL, rd);
482 NS_PUT16(rdata_size, rd);
484 if (remaining < rdata_size) {
485 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small\n");
490 return written + 3 * sizeof(uint16_t) + sizeof(uint32_t) + rdata_size;
493 static ssize_t rwrap_fake_a(struct rwrap_fake_rr *rr,
497 uint8_t *a = answer_ptr;
500 if (rr->type != ns_t_a) {
501 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
504 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding A RR");
506 resp_size = rwrap_fake_rdata_common(ns_t_a, sizeof(struct in_addr), rr->key,
512 memcpy(a, &rr->rrdata.a_rec, sizeof(struct in_addr));
517 static ssize_t rwrap_fake_aaaa(struct rwrap_fake_rr *rr,
524 if (rr->type != ns_t_aaaa) {
525 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
528 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding AAAA RR");
530 resp_size = rwrap_fake_rdata_common(ns_t_aaaa, sizeof(struct in6_addr),
531 rr->key, anslen, &a);
536 memcpy(a, &rr->rrdata.aaaa_rec, sizeof(struct in6_addr));
541 static ssize_t rwrap_fake_ns(struct rwrap_fake_rr *rr,
546 ssize_t resp_size = 0;
548 unsigned char hostname_compressed[MAXDNAME];
549 ssize_t compressed_len;
551 if (rr->type != ns_t_ns) {
552 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
555 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding NS RR");
557 /* Prepare the data to write */
558 compressed_len = ns_name_compress(rr->rrdata.srv_rec.hostname,
563 if (compressed_len < 0) {
567 /* Is this enough? */
568 rdata_size = compressed_len;
570 resp_size = rwrap_fake_rdata_common(ns_t_ns, rdata_size,
571 rr->key, anslen, &a);
576 memcpy(a, hostname_compressed, compressed_len);
581 static ssize_t rwrap_fake_srv(struct rwrap_fake_rr *rr,
588 unsigned char hostname_compressed[MAXDNAME];
589 ssize_t compressed_len;
591 if (rr->type != ns_t_srv) {
592 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
595 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding SRV RR");
596 rdata_size = 3 * sizeof(uint16_t);
598 /* Prepare the data to write */
599 compressed_len = ns_name_compress(rr->rrdata.srv_rec.hostname,
600 hostname_compressed, MAXDNAME,
602 if (compressed_len < 0) {
605 rdata_size += compressed_len;
607 resp_size = rwrap_fake_rdata_common(ns_t_srv, rdata_size,
608 rr->key, anslen, &a);
613 NS_PUT16(rr->rrdata.srv_rec.prio, a);
614 NS_PUT16(rr->rrdata.srv_rec.weight, a);
615 NS_PUT16(rr->rrdata.srv_rec.port, a);
616 memcpy(a, hostname_compressed, compressed_len);
621 static ssize_t rwrap_fake_uri(struct rwrap_fake_rr *rr,
630 if (rr->type != ns_t_uri) {
631 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
634 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding URI RR");
635 rdata_size = 3 * sizeof(uint16_t);
636 uri_len = strlen(rr->rrdata.uri_rec.uri) + 1;
637 rdata_size += uri_len;
639 resp_size = rwrap_fake_rdata_common(ns_t_uri, rdata_size,
640 rr->key, anslen, &a);
645 NS_PUT16(rr->rrdata.uri_rec.prio, a);
646 NS_PUT16(rr->rrdata.uri_rec.weight, a);
647 memcpy(a, rr->rrdata.uri_rec.uri, uri_len);
652 static ssize_t rwrap_fake_soa(struct rwrap_fake_rr *rr,
659 unsigned char nameser_compressed[MAXDNAME];
660 ssize_t compressed_ns_len;
661 unsigned char mailbox_compressed[MAXDNAME];
662 ssize_t compressed_mb_len;
664 if (rr->type != ns_t_soa) {
665 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
668 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding SOA RR");
669 rdata_size = 5 * sizeof(uint16_t);
671 compressed_ns_len = ns_name_compress(rr->rrdata.soa_rec.nameserver,
673 MAXDNAME, NULL, NULL);
674 if (compressed_ns_len < 0) {
677 rdata_size += compressed_ns_len;
679 compressed_mb_len = ns_name_compress(rr->rrdata.soa_rec.mailbox,
681 MAXDNAME, NULL, NULL);
682 if (compressed_mb_len < 0) {
685 rdata_size += compressed_mb_len;
687 resp_size = rwrap_fake_rdata_common(ns_t_soa, rdata_size,
688 rr->key, anslen, &a);
693 memcpy(a, nameser_compressed, compressed_ns_len);
694 a += compressed_ns_len;
695 memcpy(a, mailbox_compressed, compressed_mb_len);
696 a += compressed_mb_len;
697 NS_PUT32(rr->rrdata.soa_rec.serial, a);
698 NS_PUT32(rr->rrdata.soa_rec.refresh, a);
699 NS_PUT32(rr->rrdata.soa_rec.retry, a);
700 NS_PUT32(rr->rrdata.soa_rec.expire, a);
701 NS_PUT32(rr->rrdata.soa_rec.minimum, a);
706 static ssize_t rwrap_fake_cname(struct rwrap_fake_rr *rr,
712 unsigned char hostname_compressed[MAXDNAME];
715 if (rr->type != ns_t_cname) {
716 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
719 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding CNAME RR");
721 /* Prepare the data to write */
722 rdata_size = ns_name_compress(rr->rrdata.cname_rec,
723 hostname_compressed, MAXDNAME,
725 if (rdata_size < 0) {
729 resp_size = rwrap_fake_rdata_common(ns_t_cname, rdata_size,
730 rr->key, anslen, &a);
735 memcpy(a, hostname_compressed, rdata_size);
740 static ssize_t rwrap_fake_ptr(struct rwrap_fake_rr *rr,
747 unsigned char hostname_compressed[MAXDNAME];
749 if (rr->type != ns_t_ptr) {
750 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
753 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding PTR RR");
755 /* Prepare the data to write */
756 rdata_size = ns_name_compress(rr->rrdata.ptr_rec,
757 hostname_compressed, MAXDNAME,
759 if (rdata_size < 0) {
763 resp_size = rwrap_fake_rdata_common(ns_t_ptr, rdata_size,
764 rr->key, anslen, &a);
769 memcpy(a, hostname_compressed, rdata_size);
774 #define RESOLV_MATCH(line, name) \
775 (strncmp(line, name, sizeof(name) - 1) == 0 && \
776 (line[sizeof(name) - 1] == ' ' || \
777 line[sizeof(name) - 1] == '\t'))
779 #define TYPE_MATCH(type, ns_type, rec_type, str_type, key, query) \
780 ((type) == (ns_type) && \
781 (strncmp((rec_type), (str_type), sizeof(str_type)) == 0) && \
782 (strcasecmp(key, query)) == 0)
785 static int rwrap_get_record(const char *hostfile, unsigned recursion,
786 const char *query, int type,
787 struct rwrap_fake_rr *rr);
789 static int rwrap_srv_recurse(const char *hostfile, unsigned recursion,
790 const char *query, struct rwrap_fake_rr *rr)
794 rc = rwrap_get_record(hostfile, recursion, query, ns_t_a, rr);
795 if (rc == 0) return 0;
797 rc = rwrap_get_record(hostfile, recursion, query, ns_t_aaaa, rr);
798 if (rc == ENOENT) rc = 0;
803 static int rwrap_cname_recurse(const char *hostfile, unsigned recursion,
804 const char *query, struct rwrap_fake_rr *rr)
808 rc = rwrap_get_record(hostfile, recursion, query, ns_t_a, rr);
809 if (rc == 0) return 0;
811 rc = rwrap_get_record(hostfile, recursion, query, ns_t_aaaa, rr);
812 if (rc == 0) return 0;
814 rc = rwrap_get_record(hostfile, recursion, query, ns_t_cname, rr);
815 if (rc == ENOENT) rc = 0;
820 static int rwrap_get_record(const char *hostfile, unsigned recursion,
821 const char *query, int type,
822 struct rwrap_fake_rr *rr)
830 if (recursion >= RWRAP_MAX_RECURSION) {
831 RWRAP_LOG(RWRAP_LOG_ERROR, "Recursed too deep!\n");
835 RWRAP_LOG(RWRAP_LOG_TRACE,
836 "Searching in fake hosts file %s for %s:%d\n", hostfile,
839 fp = fopen(hostfile, "r");
841 RWRAP_LOG(RWRAP_LOG_ERROR,
842 "Opening %s failed: %s",
843 hostfile, strerror(errno));
847 while (fgets(buf, sizeof(buf), fp) != NULL) {
854 NEXT_KEY(rec_type, key);
855 NEXT_KEY(key, value);
857 if (key == NULL || value == NULL) {
858 RWRAP_LOG(RWRAP_LOG_WARN,
859 "Malformed line: not enough parts, use \"rec_type key data\n"
860 "For example \"A cwrap.org 10.10.10.10\"");
865 while(q[0] != '\n' && q[0] != '\0') {
870 if (TYPE_MATCH(type, ns_t_a, rec_type, "A", key, query)) {
871 rc = rwrap_create_fake_a_rr(key, value, rr);
873 } else if (TYPE_MATCH(type, ns_t_aaaa,
874 rec_type, "AAAA", key, query)) {
875 rc = rwrap_create_fake_aaaa_rr(key, value, rr);
877 } else if (TYPE_MATCH(type, ns_t_ns,
878 rec_type, "NS", key, query)) {
879 rc = rwrap_create_fake_ns_rr(key, value, rr);
881 } else if (TYPE_MATCH(type, ns_t_srv,
882 rec_type, "SRV", key, query)) {
883 rc = rwrap_create_fake_srv_rr(key, value, rr);
885 rc = rwrap_srv_recurse(hostfile, recursion+1,
886 rr->rrdata.srv_rec.hostname,
890 } else if (TYPE_MATCH(type, ns_t_uri,
891 rec_type, "URI", key, query)) {
892 rc = rwrap_create_fake_uri_rr(key, value, rr);
894 } else if (TYPE_MATCH(type, ns_t_soa,
895 rec_type, "SOA", key, query)) {
896 rc = rwrap_create_fake_soa_rr(key, value, rr);
898 } else if (TYPE_MATCH(type, ns_t_cname,
899 rec_type, "CNAME", key, query)) {
900 rc = rwrap_create_fake_cname_rr(key, value, rr);
902 rc = rwrap_cname_recurse(hostfile, recursion+1,
906 } else if (TYPE_MATCH(type, ns_t_a, rec_type, "CNAME", key, query)) {
907 rc = rwrap_create_fake_cname_rr(key, value, rr);
909 rc = rwrap_cname_recurse(hostfile, recursion+1,
913 } else if (TYPE_MATCH(type, ns_t_ptr,
914 rec_type, "PTR", key, query)) {
915 rc = rwrap_create_fake_ptr_rr(key, value, rr);
920 if (rc == ENOENT && recursion == 0 && key != NULL) {
921 RWRAP_LOG(RWRAP_LOG_TRACE, "Record for [%s] not found\n", query);
922 memcpy(rr->key, key, strlen(key) + 1);
929 static ssize_t rwrap_fake_empty(int type,
930 const char *question,
935 size_t remaining = anslen;
937 resp_data = rwrap_fake_header(&answer, remaining, 0, 0);
941 remaining -= resp_data;
943 resp_data += rwrap_fake_question(question, type, &answer, remaining);
947 remaining -= resp_data;
949 resp_data += rwrap_fake_rdata_common(type, 0, question,
958 static inline bool rwrap_known_type(int type)
975 static int rwrap_ancount(struct rwrap_fake_rr *rrs, int qtype)
980 /* Include all RRs in the stack until the sought type
981 * in the answer section. This is the case i.e. when looking
982 * up an A record but the name points to a CNAME
984 for (i = 0; i < RWRAP_MAX_RECURSION; i++) {
987 if (rwrap_known_type(rrs[i].type) &&
988 rrs[i].type == qtype) {
993 /* Return 0 records if the sought type wasn't in the stack */
994 return i < RWRAP_MAX_RECURSION ? ancount : 0;
997 static int rwrap_arcount(struct rwrap_fake_rr *rrs, int ancount)
1002 /* start from index ancount */
1003 for (i = ancount; i < RWRAP_MAX_RECURSION; i++) {
1004 if (rwrap_known_type(rrs[i].type)) {
1012 static ssize_t rwrap_add_rr(struct rwrap_fake_rr *rr,
1019 RWRAP_LOG(RWRAP_LOG_ERROR, "Internal error!\n");
1025 resp_data = rwrap_fake_a(rr, answer, anslen);
1028 resp_data = rwrap_fake_aaaa(rr, answer, anslen);
1031 resp_data = rwrap_fake_ns(rr, answer, anslen);
1034 resp_data = rwrap_fake_srv(rr, answer, anslen);
1037 resp_data = rwrap_fake_uri(rr, answer, anslen);
1040 resp_data = rwrap_fake_soa(rr, answer, anslen);
1043 resp_data = rwrap_fake_cname(rr, answer, anslen);
1046 resp_data = rwrap_fake_ptr(rr, answer, anslen);
1055 static ssize_t rwrap_fake_answer(struct rwrap_fake_rr *rrs,
1063 size_t remaining = anslen;
1068 ancount = rwrap_ancount(rrs, type);
1069 arcount = rwrap_arcount(rrs, ancount);
1070 RWRAP_LOG(RWRAP_LOG_TRACE,
1071 "Got %d answers and %d additional records\n", ancount, arcount);
1073 resp_data = rwrap_fake_header(&answer, remaining, ancount, arcount);
1074 if (resp_data < 0) {
1077 remaining -= resp_data;
1079 resp_data += rwrap_fake_question(rrs->key, rrs->type, &answer, remaining);
1080 if (resp_data < 0) {
1083 remaining -= resp_data;
1086 for (i = 0; i < ancount; i++) {
1087 rrlen = rwrap_add_rr(&rrs[i], answer, remaining);
1096 /* add authoritative NS here? */
1098 /* additional records */
1099 for (i = ancount; i < ancount + arcount; i++) {
1100 rrlen = rwrap_add_rr(&rrs[i], answer, remaining);
1112 /* Reads in a file in the following format:
1115 * Malformed entries are silently skipped.
1116 * Allocates answer buffer of size anslen that has to be freed after use.
1118 static int rwrap_res_fake_hosts(const char *hostfile,
1121 unsigned char *answer,
1125 char *query_name = NULL;
1126 size_t qlen = strlen(query);
1127 struct rwrap_fake_rr rrs[RWRAP_MAX_RECURSION];
1130 RWRAP_LOG(RWRAP_LOG_TRACE,
1131 "Searching in fake hosts file %s\n", hostfile);
1133 if (qlen > 0 && query[qlen-1] == '.') {
1137 query_name = strndup(query, qlen);
1138 if (query_name == NULL) {
1142 rwrap_fake_rr_init(rrs, RWRAP_MAX_RECURSION);
1144 rc = rwrap_get_record(hostfile, 0, query_name, type, rrs);
1147 RWRAP_LOG(RWRAP_LOG_TRACE,
1148 "Found record for [%s]\n", query_name);
1149 resp_size = rwrap_fake_answer(rrs, type, answer, anslen);
1152 RWRAP_LOG(RWRAP_LOG_TRACE,
1153 "No record for [%s]\n", query_name);
1154 resp_size = rwrap_fake_empty(type, rrs->key, answer, anslen);
1157 RWRAP_LOG(RWRAP_LOG_ERROR,
1158 "Error searching for [%s]\n", query_name);
1163 switch (resp_size) {
1165 RWRAP_LOG(RWRAP_LOG_ERROR,
1166 "Error faking answer for [%s]\n", query_name);
1169 RWRAP_LOG(RWRAP_LOG_TRACE,
1170 "Successfully faked answer for [%s]\n",
1179 /*********************************************************
1180 * RWRAP LOADING LIBC FUNCTIONS
1181 *********************************************************/
1185 typedef int (*__libc_res_ninit)(struct __res_state *state);
1186 typedef int (*__libc___res_ninit)(struct __res_state *state);
1187 typedef void (*__libc_res_nclose)(struct __res_state *state);
1188 typedef void (*__libc___res_nclose)(struct __res_state *state);
1189 typedef int (*__libc_res_nquery)(struct __res_state *state,
1193 unsigned char *answer,
1195 typedef int (*__libc___res_nquery)(struct __res_state *state,
1199 unsigned char *answer,
1201 typedef int (*__libc_res_nsearch)(struct __res_state *state,
1205 unsigned char *answer,
1207 typedef int (*__libc___res_nsearch)(struct __res_state *state,
1211 unsigned char *answer,
1214 #define RWRAP_SYMBOL_ENTRY(i) \
1220 struct rwrap_libc_symbols {
1221 RWRAP_SYMBOL_ENTRY(res_ninit);
1222 RWRAP_SYMBOL_ENTRY(__res_ninit);
1223 RWRAP_SYMBOL_ENTRY(res_nclose);
1224 RWRAP_SYMBOL_ENTRY(__res_nclose);
1225 RWRAP_SYMBOL_ENTRY(res_nquery);
1226 RWRAP_SYMBOL_ENTRY(__res_nquery);
1227 RWRAP_SYMBOL_ENTRY(res_nsearch);
1228 RWRAP_SYMBOL_ENTRY(__res_nsearch);
1230 #undef RWRAP_SYMBOL_ENTRY
1235 struct rwrap_libc_symbols symbols;
1240 struct rwrap_libc_symbols symbols;
1249 static struct rwrap rwrap;
1257 static const char *rwrap_str_lib(enum rwrap_lib lib)
1262 case RWRAP_LIBRESOLV:
1266 /* Compiler would warn us about unhandled enum value if we get here */
1271 static void *rwrap_load_lib_handle(enum rwrap_lib lib)
1273 int flags = RTLD_LAZY;
1274 void *handle = NULL;
1277 #ifdef RTLD_DEEPBIND
1278 flags |= RTLD_DEEPBIND;
1282 case RWRAP_LIBRESOLV:
1283 #ifdef HAVE_LIBRESOLV
1284 handle = rwrap.libresolv.handle;
1285 if (handle == NULL) {
1286 for (i = 10; i >= 0; i--) {
1287 char soname[256] = {0};
1289 snprintf(soname, sizeof(soname), "libresolv.so.%d", i);
1290 handle = dlopen(soname, flags);
1291 if (handle != NULL) {
1296 rwrap.libresolv.handle = handle;
1302 handle = rwrap.libc.handle;
1304 if (handle == NULL) {
1305 handle = dlopen(LIBC_SO, flags);
1307 rwrap.libc.handle = handle;
1310 if (handle == NULL) {
1311 for (i = 10; i >= 0; i--) {
1312 char soname[256] = {0};
1314 snprintf(soname, sizeof(soname), "libc.so.%d", i);
1315 handle = dlopen(soname, flags);
1316 if (handle != NULL) {
1321 rwrap.libc.handle = handle;
1326 if (handle == NULL) {
1328 handle = rwrap.libc.handle = rwrap.libresolv.handle = RTLD_NEXT;
1330 RWRAP_LOG(RWRAP_LOG_ERROR,
1331 "Failed to dlopen library: %s\n",
1340 static void *_rwrap_bind_symbol(enum rwrap_lib lib, const char *fn_name)
1345 handle = rwrap_load_lib_handle(lib);
1347 func = dlsym(handle, fn_name);
1349 RWRAP_LOG(RWRAP_LOG_ERROR,
1350 "Failed to find %s: %s\n",
1351 fn_name, dlerror());
1355 RWRAP_LOG(RWRAP_LOG_TRACE,
1356 "Loaded %s from %s",
1357 fn_name, rwrap_str_lib(lib));
1361 #define rwrap_bind_symbol_libc(sym_name) \
1362 if (rwrap.libc.symbols._libc_##sym_name.obj == NULL) { \
1363 rwrap.libc.symbols._libc_##sym_name.obj = \
1364 _rwrap_bind_symbol(RWRAP_LIBC, #sym_name); \
1367 #define rwrap_bind_symbol_libresolv(sym_name) \
1368 if (rwrap.libresolv.symbols._libc_##sym_name.obj == NULL) { \
1369 rwrap.libresolv.symbols._libc_##sym_name.obj = \
1370 _rwrap_bind_symbol(RWRAP_LIBRESOLV, #sym_name); \
1376 * Functions especially from libc need to be loaded individually, you can't load
1377 * all at once or gdb will segfault at startup. The same applies to valgrind and
1378 * has probably something todo with with the linker.
1379 * So we need load each function at the point it is called the first time.
1382 static int libc_res_ninit(struct __res_state *state)
1384 #if !defined(res_ninit) && defined(HAVE_RES_NINIT)
1386 #if defined(HAVE_RES_NINIT_IN_LIBRESOLV)
1387 rwrap_bind_symbol_libresolv(res_ninit);
1389 return rwrap.libresolv.symbols._libc_res_ninit.f(state);
1390 #else /* HAVE_RES_NINIT_IN_LIBRESOLV */
1391 rwrap_bind_symbol_libc(res_ninit);
1393 return rwrap.libc.symbols._libc_res_ninit.f(state);
1394 #endif /* HAVE_RES_NINIT_IN_LIBRESOLV */
1396 #elif defined(HAVE___RES_NINIT)
1397 rwrap_bind_symbol_libc(__res_ninit);
1399 return rwrap.libc.symbols._libc___res_ninit.f(state);
1401 #error "No res_ninit function"
1405 static void libc_res_nclose(struct __res_state *state)
1407 #if !defined(res_close) && defined(HAVE_RES_NCLOSE)
1409 #if defined(HAVE_RES_NCLOSE_IN_LIBRESOLV)
1410 rwrap_bind_symbol_libresolv(res_nclose);
1412 rwrap.libresolv.symbols._libc_res_nclose.f(state);
1414 #else /* HAVE_RES_NCLOSE_IN_LIBRESOLV */
1415 rwrap_bind_symbol_libc(res_nclose);
1417 rwrap.libc.symbols._libc_res_nclose.f(state);
1419 #endif /* HAVE_RES_NCLOSE_IN_LIBRESOLV */
1421 #elif defined(HAVE___RES_NCLOSE)
1422 rwrap_bind_symbol_libc(__res_nclose);
1424 rwrap.libc.symbols._libc___res_nclose.f(state);
1426 #error "No res_nclose function"
1430 static int libc_res_nquery(struct __res_state *state,
1434 unsigned char *answer,
1437 #if !defined(res_nquery) && defined(HAVE_RES_NQUERY)
1438 rwrap_bind_symbol_libresolv(res_nquery);
1440 return rwrap.libresolv.symbols._libc_res_nquery.f(state,
1446 #elif defined(HAVE___RES_NQUERY)
1447 rwrap_bind_symbol_libresolv(__res_nquery);
1449 return rwrap.libresolv.symbols._libc___res_nquery.f(state,
1456 #error "No res_nquery function"
1460 static int libc_res_nsearch(struct __res_state *state,
1464 unsigned char *answer,
1467 #if !defined(res_nsearch) && defined(HAVE_RES_NSEARCH)
1468 rwrap_bind_symbol_libresolv(res_nsearch);
1470 return rwrap.libresolv.symbols._libc_res_nsearch.f(state,
1476 #elif defined(HAVE___RES_NSEARCH)
1477 rwrap_bind_symbol_libresolv(__res_nsearch);
1479 return rwrap.libresolv.symbols._libc___res_nsearch.f(state,
1486 #error "No res_nsearch function"
1490 /****************************************************************************
1492 ***************************************************************************/
1494 static int rwrap_parse_resolv_conf(struct __res_state *state,
1495 const char *resolv_conf)
1501 fp = fopen(resolv_conf, "r");
1503 RWRAP_LOG(RWRAP_LOG_ERROR,
1504 "Opening %s failed: %s",
1505 resolv_conf, strerror(errno));
1509 while(fgets(buf, sizeof(buf), fp) != NULL) {
1512 /* Ignore comments */
1513 if (buf[0] == '#' || buf[0] == ';') {
1517 if (RESOLV_MATCH(buf, "nameserver") && nserv < MAXNS) {
1522 p = buf + strlen("nameserver");
1524 /* Skip spaces and tabs */
1525 while(isblank((int)p[0])) {
1530 while(q[0] != '\n' && q[0] != '\0') {
1535 ok = inet_pton(AF_INET, p, &a);
1537 state->nsaddr_list[state->nscount] = (struct sockaddr_in) {
1538 .sin_family = AF_INET,
1540 .sin_port = htons(53),
1547 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1550 ok = inet_pton(AF_INET6, p, &a6);
1552 struct sockaddr_in6 *sa6;
1554 sa6 = malloc(sizeof(*sa6));
1560 sa6->sin6_family = AF_INET6;
1561 sa6->sin6_port = htons(53);
1562 sa6->sin6_flowinfo = 0;
1563 sa6->sin6_addr = a6;
1565 state->_u._ext.nsaddrs[state->_u._ext.nscount] = sa6;
1566 state->_u._ext.nssocks[state->_u._ext.nscount] = -1;
1567 state->_u._ext.nsmap[state->_u._ext.nscount] = MAXNS + 1;
1569 state->_u._ext.nscount++;
1572 RWRAP_LOG(RWRAP_LOG_ERROR,
1573 "Malformed DNS server");
1576 #else /* !HAVE_RESOLV_IPV6_NSADDRS */
1578 * BSD uses an opaque structure to store the
1579 * IPv6 addresses. So we can not simply store
1580 * these addresses the same way as above.
1582 RWRAP_LOG(RWRAP_LOG_WARN,
1583 "resolve_wrapper does not support "
1584 "IPv6 on this platform");
1589 } /* TODO: match other keywords */
1593 RWRAP_LOG(RWRAP_LOG_ERROR,
1594 "Reading from %s failed",
1604 /****************************************************************************
1606 ***************************************************************************/
1608 static int rwrap_res_ninit(struct __res_state *state)
1612 rc = libc_res_ninit(state);
1614 const char *resolv_conf = getenv("RESOLV_WRAPPER_CONF");
1616 if (resolv_conf != NULL) {
1619 (void)i; /* maybe unused */
1621 /* Delete name servers */
1623 memset(state->nsaddr_list, 0, sizeof(state->nsaddr_list));
1625 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1626 state->_u._ext.nscount = 0;
1627 for (i = 0; i < state->_u._ext.nscount; i++) {
1628 SAFE_FREE(state->_u._ext.nsaddrs[i]);
1632 rc = rwrap_parse_resolv_conf(state, resolv_conf);
1639 #if !defined(res_ninit) && defined(HAVE_RES_NINIT)
1640 int res_ninit(struct __res_state *state)
1641 #elif defined(HAVE___RES_NINIT)
1642 int __res_ninit(struct __res_state *state)
1645 return rwrap_res_ninit(state);
1648 /****************************************************************************
1650 ***************************************************************************/
1652 static struct __res_state rwrap_res_state;
1654 static int rwrap_res_init(void)
1658 rc = rwrap_res_ninit(&rwrap_res_state);
1663 #if !defined(res_ninit) && defined(HAVE_RES_INIT)
1665 #elif defined(HAVE___RES_INIT)
1666 int __res_init(void)
1669 return rwrap_res_init();
1672 /****************************************************************************
1674 ***************************************************************************/
1676 static void rwrap_res_nclose(struct __res_state *state)
1678 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1682 libc_res_nclose(state);
1684 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1685 if (state != NULL) {
1686 for (i = 0; i < state->_u._ext.nscount; i++) {
1687 SAFE_FREE(state->_u._ext.nsaddrs[i]);
1693 #if !defined(res_nclose) && defined(HAVE_RES_NCLOSE)
1694 void res_nclose(struct __res_state *state)
1695 #elif defined(HAVE___RES_NCLOSE)
1696 void __res_nclose(struct __res_state *state)
1699 rwrap_res_nclose(state);
1702 /****************************************************************************
1704 ***************************************************************************/
1706 static void rwrap_res_close(void)
1708 rwrap_res_nclose(&rwrap_res_state);
1711 #if defined(HAVE_RES_CLOSE)
1712 void res_close(void)
1713 #elif defined(HAVE___RES_CLOSE)
1714 void __res_close(void)
1720 /****************************************************************************
1722 ***************************************************************************/
1724 static int rwrap_res_nquery(struct __res_state *state,
1728 unsigned char *answer,
1732 const char *fake_hosts;
1737 RWRAP_LOG(RWRAP_LOG_TRACE,
1738 "Resolve the domain name [%s] - class=%d, type=%d",
1739 dname, class, type);
1741 for (i = 0; i < state->nscount; i++) {
1742 char ip[INET6_ADDRSTRLEN];
1744 inet_ntop(AF_INET, &state->nsaddr_list[i].sin_addr, ip, sizeof(ip));
1745 RWRAP_LOG(RWRAP_LOG_TRACE,
1751 fake_hosts = getenv("RESOLV_WRAPPER_HOSTS");
1752 if (fake_hosts != NULL) {
1753 rc = rwrap_res_fake_hosts(fake_hosts, dname, type, answer, anslen);
1755 rc = libc_res_nquery(state, dname, class, type, answer, anslen);
1759 RWRAP_LOG(RWRAP_LOG_TRACE,
1760 "The returned response length is: %d",
1766 #if !defined(res_nquery) && defined(HAVE_RES_NQUERY)
1767 int res_nquery(struct __res_state *state,
1771 unsigned char *answer,
1773 #elif defined(HAVE___RES_NQUERY)
1774 int __res_nquery(struct __res_state *state,
1778 unsigned char *answer,
1782 return rwrap_res_nquery(state, dname, class, type, answer, anslen);
1785 /****************************************************************************
1787 ***************************************************************************/
1789 static int rwrap_res_query(const char *dname,
1792 unsigned char *answer,
1797 rc = rwrap_res_ninit(&rwrap_res_state);
1802 rc = rwrap_res_nquery(&rwrap_res_state,
1812 #if !defined(res_query) && defined(HAVE_RES_QUERY)
1813 int res_query(const char *dname,
1816 unsigned char *answer,
1818 #elif defined(HAVE___RES_QUERY)
1819 int __res_query(const char *dname,
1822 unsigned char *answer,
1826 return rwrap_res_query(dname, class, type, answer, anslen);
1829 /****************************************************************************
1831 ***************************************************************************/
1833 static int rwrap_res_nsearch(struct __res_state *state,
1837 unsigned char *answer,
1841 const char *fake_hosts;
1846 RWRAP_LOG(RWRAP_LOG_TRACE,
1847 "Resolve the domain name [%s] - class=%d, type=%d",
1848 dname, class, type);
1850 for (i = 0; i < state->nscount; i++) {
1851 char ip[INET6_ADDRSTRLEN];
1853 inet_ntop(AF_INET, &state->nsaddr_list[i].sin_addr, ip, sizeof(ip));
1854 RWRAP_LOG(RWRAP_LOG_TRACE,
1860 fake_hosts = getenv("RESOLV_WRAPPER_HOSTS");
1861 if (fake_hosts != NULL) {
1862 rc = rwrap_res_fake_hosts(fake_hosts, dname, type, answer, anslen);
1864 rc = libc_res_nsearch(state, dname, class, type, answer, anslen);
1867 RWRAP_LOG(RWRAP_LOG_TRACE,
1868 "The returned response length is: %d",
1874 #if !defined(res_nsearch) && defined(HAVE_RES_NSEARCH)
1875 int res_nsearch(struct __res_state *state,
1879 unsigned char *answer,
1881 #elif defined(HAVE___RES_NSEARCH)
1882 int __res_nsearch(struct __res_state *state,
1886 unsigned char *answer,
1890 return rwrap_res_nsearch(state, dname, class, type, answer, anslen);
1893 /****************************************************************************
1895 ***************************************************************************/
1897 static int rwrap_res_search(const char *dname,
1900 unsigned char *answer,
1905 rc = rwrap_res_ninit(&rwrap_res_state);
1910 rc = rwrap_res_nsearch(&rwrap_res_state,
1920 #if !defined(res_search) && defined(HAVE_RES_SEARCH)
1921 int res_search(const char *dname,
1924 unsigned char *answer,
1926 #elif defined(HAVE___RES_SEARCH)
1927 int __res_search(const char *dname,
1930 unsigned char *answer,
1934 return rwrap_res_search(dname, class, type, answer, anslen);