src/resolv_wrapper.c

   1 /*
   2  * Copyright (c) 2014-2018 Andreas Schneider <asn@samba.org>
   3  * Copyright (c) 2014-2016 Jakub Hrozek <jakub.hrozek@posteo.se>
   4  *
   5  * All rights reserved.
   6  *
   7  * Redistribution and use in source and binary forms, with or without
   8  * modification, are permitted provided that the following conditions
   9  * are met:
  10  *
  11  * 1. Redistributions of source code must retain the above copyright
  12  *    notice, this list of conditions and the following disclaimer.
  13  *
  14  * 2. Redistributions in binary form must reproduce the above copyright
  15  *    notice, this list of conditions and the following disclaimer in the
  16  *    documentation and/or other materials provided with the distribution.
  17  *
  18  * 3. Neither the name of the author nor the names of its contributors
  19  *    may be used to endorse or promote products derived from this software
  20  *    without specific prior written permission.
  21  *
  22  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
  23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  32  * SUCH DAMAGE.
  33  */
  34
  35 #include "config.h"
  36
  37 #include <errno.h>
  38 #include <arpa/inet.h>
  39 #ifdef HAVE_ARPA_NAMESER_H
  40 #include <arpa/nameser.h>
  41 #endif /* HAVE_ARPA_NAMESER_H */
  42 #include <netinet/in.h>
  43 #include <sys/socket.h>
  44 #include <sys/types.h>
  45 #include <stdarg.h>
  46 #include <stdlib.h>
  47 #include <stdio.h>
  48 #include <stdbool.h>
  49 #include <string.h>
  50 #include <unistd.h>
  51 #include <ctype.h>
  52
  53 #include <resolv.h>
  54
  55 /* GCC has printf type attribute check. */
  56 #ifdef HAVE_ATTRIBUTE_PRINTF_FORMAT
  57 #define PRINTF_ATTRIBUTE(a,b) __attribute__ ((__format__ (__printf__, a, b)))
  58 #else
  59 #define PRINTF_ATTRIBUTE(a,b)
  60 #endif /* HAVE_ATTRIBUTE_PRINTF_FORMAT */
  61
  62 #ifdef HAVE_DESTRUCTOR_ATTRIBUTE
  63 #define DESTRUCTOR_ATTRIBUTE __attribute__ ((destructor))
  64 #else
  65 #define DESTRUCTOR_ATTRIBUTE
  66 #endif /* HAVE_DESTRUCTOR_ATTRIBUTE */
  67
  68 #ifndef RWRAP_DEFAULT_FAKE_TTL
  69 #define RWRAP_DEFAULT_FAKE_TTL 600
  70 #endif  /* RWRAP_DEFAULT_FAKE_TTL */
  71
  72 #ifndef HAVE_NS_NAME_COMPRESS
  73 #define ns_name_compress dn_comp
  74 #endif
  75
  76 #define ns_t_uri 256
  77
  78 enum rwrap_dbglvl_e {
  79         RWRAP_LOG_ERROR = 0,
  80         RWRAP_LOG_WARN,
  81         RWRAP_LOG_NOTICE,
  82         RWRAP_LOG_DEBUG,
  83         RWRAP_LOG_TRACE
  84 };
  85
  86 static void rwrap_log(enum rwrap_dbglvl_e dbglvl, const char *func, const char *format, ...) PRINTF_ATTRIBUTE(3, 4);
  87 # define RWRAP_LOG(dbglvl, ...) rwrap_log((dbglvl), __func__, __VA_ARGS__)
  88
  89 static void rwrap_log(enum rwrap_dbglvl_e dbglvl,
  90                       const char *func,
  91                       const char *format, ...)
  92 {
  93         char buffer[1024];
  94         va_list va;
  95         const char *d;
  96         unsigned int lvl = 0;
  97         int pid = getpid();
  98         const char *prefix = NULL;
  99
 100         d = getenv("RESOLV_WRAPPER_DEBUGLEVEL");
 101         if (d != NULL) {
 102                 lvl = atoi(d);
 103         }
 104
 105         if (lvl < dbglvl) {
 106                 return;
 107         }
 108
 109         va_start(va, format);
 110         vsnprintf(buffer, sizeof(buffer), format, va);
 111         va_end(va);
 112
 113         switch (dbglvl) {
 114                 case RWRAP_LOG_ERROR:
 115                         prefix = "RWRAP_ERROR";
 116                         break;
 117                 case RWRAP_LOG_WARN:
 118                         prefix = "RWRAP_WARN";
 119                         break;
 120                 case RWRAP_LOG_NOTICE:
 121                         prefix = "RWRAP_NOTICE";
 122                         break;
 123                 case RWRAP_LOG_DEBUG:
 124                         prefix = "RWRAP_DEBUG";
 125                         break;
 126                 case RWRAP_LOG_TRACE:
 127                         prefix = "RWRAP_TRACE";
 128                         break;
 129         }
 130
 131         fprintf(stderr,
 132                 "%s(%d) - %s: %s\n",
 133                 prefix,
 134                 pid,
 135                 func,
 136                 buffer);
 137 }
 138
 139 #ifndef SAFE_FREE
 140 #define SAFE_FREE(x) do { if ((x) != NULL) {free(x); (x)=NULL;} } while(0)
 141 #endif
 142
 143 #define NEXT_KEY(buf, key) do {                                 \
 144         (key) = (buf) ? strpbrk((buf), " \t") : NULL;           \
 145         if ((key) != NULL) {                                    \
 146                 (key)[0] = '\0';                                \
 147                 (key)++;                                        \
 148         }                                                       \
 149         while ((key) != NULL                                    \
 150                && (isblank((int)(key)[0]))) {                   \
 151                 (key)++;                                        \
 152         }                                                       \
 153 } while(0);
 154
 155 #define RWRAP_MAX_RECURSION 64
 156
 157 /* Priority and weight can be omitted from the hosts file, but need to be part
 158  * of the output
 159  */
 160 #define DFL_SRV_PRIO    1
 161 #define DFL_SRV_WEIGHT  100
 162 #define DFL_URI_PRIO    1
 163 #define DFL_URI_WEIGHT  100
 164
 165 struct rwrap_srv_rrdata {
 166         uint16_t port;
 167         uint16_t prio;
 168         uint16_t weight;
 169         char hostname[MAXDNAME];
 170 };
 171
 172 struct rwrap_uri_rrdata {
 173         uint16_t prio;
 174         uint16_t weight;
 175         char uri[MAXDNAME];
 176 };
 177
 178 struct rwrap_soa_rrdata {
 179         uint32_t serial;
 180         uint32_t refresh;
 181         uint32_t retry;
 182         uint32_t expire;
 183         uint32_t minimum;
 184         char nameserver[MAXDNAME];
 185         char mailbox[MAXDNAME];
 186 };
 187
 188 struct rwrap_fake_rr {
 189         union fake_rrdata {
 190                 struct in_addr a_rec;
 191                 struct in6_addr aaaa_rec;
 192                 struct rwrap_srv_rrdata srv_rec;
 193                 struct rwrap_uri_rrdata uri_rec;
 194                 struct rwrap_soa_rrdata soa_rec;
 195                 char cname_rec[MAXDNAME];
 196                 char ptr_rec[MAXDNAME];
 197         } rrdata;
 198
 199         char key[MAXDNAME];
 200         int type; /* ns_t_* */
 201 };
 202
 203 static void rwrap_fake_rr_init(struct rwrap_fake_rr *rr, size_t len)
 204 {
 205         size_t i;
 206
 207         for (i = 0; i < len; i++) {
 208                 rr[i].type = ns_t_invalid;
 209         }
 210 }
 211
 212 static int rwrap_create_fake_a_rr(const char *key,
 213                                   const char *value,
 214                                   struct rwrap_fake_rr *rr)
 215 {
 216         int ok;
 217
 218         ok = inet_pton(AF_INET, value, &rr->rrdata.a_rec);
 219         if (!ok) {
 220                 RWRAP_LOG(RWRAP_LOG_ERROR,
 221                           "Failed to convert [%s] to binary\n", value);
 222                 return -1;
 223         }
 224
 225         memcpy(rr->key, key, strlen(key) + 1);
 226         rr->type = ns_t_a;
 227         return 0;
 228 }
 229
 230 static int rwrap_create_fake_aaaa_rr(const char *key,
 231                                      const char *value,
 232                                      struct rwrap_fake_rr *rr)
 233 {
 234         int ok;
 235
 236         ok = inet_pton(AF_INET6, value, &rr->rrdata.aaaa_rec);
 237         if (!ok) {
 238                 RWRAP_LOG(RWRAP_LOG_ERROR,
 239                           "Failed to convert [%s] to binary\n", value);
 240                 return -1;
 241         }
 242
 243         memcpy(rr->key, key, strlen(key) + 1);
 244         rr->type = ns_t_aaaa;
 245         return 0;
 246 }
 247 static int rwrap_create_fake_ns_rr(const char *key,
 248                                    const char *value,
 249                                    struct rwrap_fake_rr *rr)
 250 {
 251         memcpy(rr->rrdata.srv_rec.hostname, value, strlen(value) + 1);
 252         memcpy(rr->key, key, strlen(key) + 1);
 253         rr->type = ns_t_ns;
 254         return 0;
 255 }
 256
 257 static int rwrap_create_fake_srv_rr(const char *key,
 258                                     const char *value,
 259                                     struct rwrap_fake_rr *rr)
 260 {
 261         char *str_prio;
 262         char *str_weight;
 263         char *str_port;
 264         const char *hostname;
 265
 266         /* parse the value into priority, weight, port and hostname
 267          * and check the validity */
 268         hostname = value;
 269         NEXT_KEY(hostname, str_port);
 270         NEXT_KEY(str_port, str_prio);
 271         NEXT_KEY(str_prio, str_weight);
 272         if (str_port == NULL || hostname == NULL) {
 273                 RWRAP_LOG(RWRAP_LOG_ERROR,
 274                           "Malformed SRV entry [%s]\n", value);
 275                 return -1;
 276         }
 277
 278         if (str_prio) {
 279                 rr->rrdata.srv_rec.prio = atoi(str_prio);
 280         } else {
 281                 rr->rrdata.srv_rec.prio = DFL_SRV_PRIO;
 282         }
 283         if (str_weight) {
 284                 rr->rrdata.srv_rec.weight = atoi(str_weight);
 285         } else {
 286                 rr->rrdata.srv_rec.weight = DFL_SRV_WEIGHT;
 287         }
 288         rr->rrdata.srv_rec.port = atoi(str_port);
 289         memcpy(rr->rrdata.srv_rec.hostname , hostname, strlen(hostname) + 1);
 290
 291         memcpy(rr->key, key, strlen(key) + 1);
 292         rr->type = ns_t_srv;
 293         return 0;
 294 }
 295
 296 static int rwrap_create_fake_uri_rr(const char *key,
 297                                     const char *value,
 298                                     struct rwrap_fake_rr *rr)
 299 {
 300         char *str_prio;
 301         char *str_weight;
 302         const char *uri;
 303
 304         /* parse the value into priority, weight, and uri
 305          * and check the validity */
 306         uri = value;
 307         NEXT_KEY(uri, str_prio);
 308         NEXT_KEY(str_prio, str_weight);
 309         if (uri == NULL) {
 310                 RWRAP_LOG(RWRAP_LOG_ERROR,
 311                           "Malformed URI entry [%s]\n", value);
 312                 return -1;
 313         }
 314
 315         if (str_prio) {
 316                 rr->rrdata.uri_rec.prio = atoi(str_prio);
 317         } else {
 318                 rr->rrdata.uri_rec.prio = DFL_URI_PRIO;
 319         }
 320         if (str_weight) {
 321                 rr->rrdata.uri_rec.weight = atoi(str_weight);
 322         } else {
 323                 rr->rrdata.uri_rec.weight = DFL_URI_WEIGHT;
 324         }
 325         memcpy(rr->rrdata.uri_rec.uri, uri, strlen(uri) + 1);
 326
 327         memcpy(rr->key, key, strlen(key) + 1);
 328         rr->type = ns_t_uri;
 329         return 0;
 330 }
 331
 332 static int rwrap_create_fake_soa_rr(const char *key,
 333                                     const char *value,
 334                                     struct rwrap_fake_rr *rr)
 335 {
 336         const char *nameserver;
 337         char *mailbox;
 338         char *str_serial;
 339         char *str_refresh;
 340         char *str_retry;
 341         char *str_expire;
 342         char *str_minimum;
 343
 344         /* parse the value into nameserver, mailbox, serial, refresh,
 345          * retry, expire, minimum and check the validity
 346          */
 347         nameserver = value;
 348         NEXT_KEY(nameserver, mailbox);
 349         NEXT_KEY(mailbox, str_serial);
 350         NEXT_KEY(str_serial, str_refresh);
 351         NEXT_KEY(str_refresh, str_retry);
 352         NEXT_KEY(str_retry, str_expire);
 353         NEXT_KEY(str_expire, str_minimum);
 354         if (nameserver == NULL || mailbox == NULL || str_serial == NULL ||
 355             str_refresh == NULL || str_retry == NULL || str_expire == NULL ||
 356             str_minimum == NULL) {
 357                 RWRAP_LOG(RWRAP_LOG_ERROR,
 358                           "Malformed SOA entry [%s]\n", value);
 359                 return -1;
 360         }
 361
 362         memcpy(rr->rrdata.soa_rec.nameserver, nameserver, strlen(nameserver)+1);
 363         memcpy(rr->rrdata.soa_rec.mailbox, mailbox, strlen(mailbox)+1);
 364
 365         rr->rrdata.soa_rec.serial = atoi(str_serial);
 366         rr->rrdata.soa_rec.refresh = atoi(str_refresh);
 367         rr->rrdata.soa_rec.retry = atoi(str_retry);
 368         rr->rrdata.soa_rec.expire = atoi(str_expire);
 369         rr->rrdata.soa_rec.minimum = atoi(str_minimum);
 370
 371         memcpy(rr->key, key, strlen(key) + 1);
 372         rr->type = ns_t_soa;
 373         return 0;
 374 }
 375
 376 static int rwrap_create_fake_cname_rr(const char *key,
 377                                       const char *value,
 378                                       struct rwrap_fake_rr *rr)
 379 {
 380         memcpy(rr->rrdata.cname_rec , value, strlen(value) + 1);
 381         memcpy(rr->key, key, strlen(key) + 1);
 382         rr->type = ns_t_cname;
 383         return 0;
 384 }
 385
 386 static int rwrap_create_fake_ptr_rr(const char *key,
 387                                     const char *value,
 388                                     struct rwrap_fake_rr *rr)
 389 {
 390         memcpy(rr->rrdata.ptr_rec , value, strlen(value) + 1);
 391         memcpy(rr->key, key, strlen(key) + 1);
 392         rr->type = ns_t_ptr;
 393         return 0;
 394 }
 395
 396 /* Prepares a fake header with a single response. Advances header_blob */
 397 static ssize_t rwrap_fake_header(uint8_t **header_blob, size_t remaining,
 398                                  size_t ancount, size_t arcount)
 399 {
 400         uint8_t *hb;
 401         HEADER *h;
 402
 403         if (remaining < NS_HFIXEDSZ) {
 404                 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small!\n");
 405                 return -1;
 406         }
 407
 408         hb = *header_blob;
 409         memset(hb, 0, NS_HFIXEDSZ);
 410
 411         h = (HEADER *) hb;
 412         h->id = res_randomid();         /* random query ID */
 413         h->qr = 1;                      /* response flag */
 414         h->rd = 1;                      /* recursion desired */
 415         h->ra = 1;                      /* recursion available */
 416
 417         h->qdcount = htons(1);          /* no. of questions */
 418         h->ancount = htons(ancount);    /* no. of answers */
 419         h->arcount = htons(arcount);    /* no. of add'tl records */
 420
 421         hb += NS_HFIXEDSZ;              /* move past the header */
 422         *header_blob = hb;
 423
 424         return NS_HFIXEDSZ;
 425 }
 426
 427 static ssize_t rwrap_fake_question(const char *question,
 428                                    uint16_t type,
 429                                    uint8_t **question_ptr,
 430                                    size_t remaining)
 431 {
 432         uint8_t *qb = *question_ptr;
 433         int n;
 434
 435         n = ns_name_compress(question, qb, remaining, NULL, NULL);
 436         if (n < 0) {
 437                 RWRAP_LOG(RWRAP_LOG_ERROR,
 438                           "Failed to compress [%s]\n", question);
 439                 return -1;
 440         }
 441
 442         qb += n;
 443         remaining -= n;
 444
 445         if (remaining < 2 * sizeof(uint16_t)) {
 446                 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small!\n");
 447                 return -1;
 448         }
 449
 450         NS_PUT16(type, qb);
 451         NS_PUT16(ns_c_in, qb);
 452
 453         *question_ptr = qb;
 454         return n + 2 * sizeof(uint16_t);
 455 }
 456
 457 static ssize_t rwrap_fake_rdata_common(uint16_t type,
 458                                        size_t rdata_size,
 459                                        const char *key,
 460                                        size_t remaining,
 461                                        uint8_t **rdata_ptr)
 462 {
 463         uint8_t *rd = *rdata_ptr;
 464         ssize_t written = 0;
 465
 466         written = ns_name_compress(key, rd, remaining, NULL, NULL);
 467         if (written < 0) {
 468                 RWRAP_LOG(RWRAP_LOG_ERROR,
 469                           "Failed to compress [%s]\n", key);
 470                 return -1;
 471         }
 472         rd += written;
 473         remaining -= written;
 474
 475         if (remaining < 3 * sizeof(uint16_t) + sizeof(uint32_t)) {
 476                 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small\n");
 477                 return -1;
 478         }
 479
 480         NS_PUT16(type, rd);
 481         NS_PUT16(ns_c_in, rd);
 482         NS_PUT32(RWRAP_DEFAULT_FAKE_TTL, rd);
 483         NS_PUT16(rdata_size, rd);
 484
 485         if (remaining < rdata_size) {
 486                 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small\n");
 487                 return -1;
 488         }
 489
 490         *rdata_ptr = rd;
 491         return written + 3 * sizeof(uint16_t) + sizeof(uint32_t) + rdata_size;
 492 }
 493
 494 static ssize_t rwrap_fake_a(struct rwrap_fake_rr *rr,
 495                             uint8_t *answer_ptr,
 496                             size_t anslen)
 497 {
 498         uint8_t *a = answer_ptr;
 499         ssize_t resp_size;
 500
 501         if (rr->type != ns_t_a) {
 502                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 503                 return -1;
 504         }
 505         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding A RR");
 506
 507         resp_size = rwrap_fake_rdata_common(ns_t_a, sizeof(struct in_addr), rr->key,
 508                                             anslen, &a);
 509         if (resp_size < 0) {
 510                 return -1;
 511         }
 512
 513         memcpy(a, &rr->rrdata.a_rec, sizeof(struct in_addr));
 514
 515         return resp_size;
 516 }
 517
 518 static ssize_t rwrap_fake_aaaa(struct rwrap_fake_rr *rr,
 519                                uint8_t *answer,
 520                                size_t anslen)
 521 {
 522         uint8_t *a = answer;
 523         ssize_t resp_size;
 524
 525         if (rr->type != ns_t_aaaa) {
 526                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 527                 return -1;
 528         }
 529         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding AAAA RR");
 530
 531         resp_size = rwrap_fake_rdata_common(ns_t_aaaa, sizeof(struct in6_addr),
 532                                             rr->key, anslen, &a);
 533         if (resp_size < 0) {
 534                 return -1;
 535         }
 536
 537         memcpy(a, &rr->rrdata.aaaa_rec, sizeof(struct in6_addr));
 538
 539         return resp_size;
 540 }
 541
 542 static ssize_t rwrap_fake_ns(struct rwrap_fake_rr *rr,
 543                              uint8_t *answer,
 544                             size_t anslen)
 545 {
 546         uint8_t *a = answer;
 547         ssize_t resp_size = 0;
 548         size_t rdata_size;
 549         unsigned char hostname_compressed[MAXDNAME];
 550         ssize_t compressed_len;
 551
 552         if (rr->type != ns_t_ns) {
 553                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 554                 return -1;
 555         }
 556         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding NS RR");
 557
 558         /* Prepare the data to write */
 559         compressed_len = ns_name_compress(rr->rrdata.srv_rec.hostname,
 560                                           hostname_compressed,
 561                                           MAXDNAME,
 562                                           NULL,
 563                                           NULL);
 564         if (compressed_len < 0) {
 565                 return -1;
 566         }
 567
 568         /* Is this enough? */
 569         rdata_size = compressed_len;
 570
 571         resp_size = rwrap_fake_rdata_common(ns_t_ns, rdata_size,
 572                                             rr->key, anslen, &a);
 573         if (resp_size < 0) {
 574                 return -1;
 575         }
 576
 577         memcpy(a, hostname_compressed, compressed_len);
 578
 579         return resp_size;
 580 }
 581
 582 static ssize_t rwrap_fake_srv(struct rwrap_fake_rr *rr,
 583                               uint8_t *answer,
 584                               size_t anslen)
 585 {
 586         uint8_t *a = answer;
 587         ssize_t resp_size;
 588         size_t rdata_size;
 589         unsigned char hostname_compressed[MAXDNAME];
 590         ssize_t compressed_len;
 591
 592         if (rr->type != ns_t_srv) {
 593                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 594                 return -1;
 595         }
 596         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding SRV RR");
 597         rdata_size = 3 * sizeof(uint16_t);
 598
 599         /* Prepare the data to write */
 600         compressed_len = ns_name_compress(rr->rrdata.srv_rec.hostname,
 601                                           hostname_compressed, MAXDNAME,
 602                                           NULL, NULL);
 603         if (compressed_len < 0) {
 604                 return -1;
 605         }
 606         rdata_size += compressed_len;
 607
 608         resp_size = rwrap_fake_rdata_common(ns_t_srv, rdata_size,
 609                                             rr->key, anslen, &a);
 610         if (resp_size < 0) {
 611                 return -1;
 612         }
 613
 614         NS_PUT16(rr->rrdata.srv_rec.prio, a);
 615         NS_PUT16(rr->rrdata.srv_rec.weight, a);
 616         NS_PUT16(rr->rrdata.srv_rec.port, a);
 617         memcpy(a, hostname_compressed, compressed_len);
 618
 619         return resp_size;
 620 }
 621
 622 static ssize_t rwrap_fake_uri(struct rwrap_fake_rr *rr,
 623                               uint8_t *answer,
 624                               size_t anslen)
 625 {
 626         uint8_t *a = answer;
 627         ssize_t resp_size;
 628         size_t rdata_size;
 629         size_t uri_len;
 630
 631         if (rr->type != ns_t_uri) {
 632                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 633                 return -1;
 634         }
 635         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding URI RR");
 636         rdata_size = 3 * sizeof(uint16_t);
 637         uri_len = strlen(rr->rrdata.uri_rec.uri) + 1;
 638         rdata_size += uri_len;
 639
 640         resp_size = rwrap_fake_rdata_common(ns_t_uri, rdata_size,
 641                                             rr->key, anslen, &a);
 642         if (resp_size < 0) {
 643                 return -1;
 644         }
 645
 646         NS_PUT16(rr->rrdata.uri_rec.prio, a);
 647         NS_PUT16(rr->rrdata.uri_rec.weight, a);
 648         memcpy(a, rr->rrdata.uri_rec.uri, uri_len);
 649
 650         return resp_size;
 651 }
 652
 653 static ssize_t rwrap_fake_soa(struct rwrap_fake_rr *rr,
 654                               uint8_t *answer,
 655                               size_t anslen)
 656 {
 657         uint8_t *a = answer;
 658         ssize_t resp_size;
 659         size_t rdata_size;
 660         unsigned char nameser_compressed[MAXDNAME];
 661         ssize_t compressed_ns_len;
 662         unsigned char mailbox_compressed[MAXDNAME];
 663         ssize_t compressed_mb_len;
 664
 665         if (rr->type != ns_t_soa) {
 666                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 667                 return -1;
 668         }
 669         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding SOA RR");
 670         rdata_size = 5 * sizeof(uint16_t);
 671
 672         compressed_ns_len = ns_name_compress(rr->rrdata.soa_rec.nameserver,
 673                                              nameser_compressed,
 674                                              MAXDNAME, NULL, NULL);
 675         if (compressed_ns_len < 0) {
 676                 return -1;
 677         }
 678         rdata_size += compressed_ns_len;
 679
 680         compressed_mb_len = ns_name_compress(rr->rrdata.soa_rec.mailbox,
 681                                              mailbox_compressed,
 682                                              MAXDNAME, NULL, NULL);
 683         if (compressed_mb_len < 0) {
 684                 return -1;
 685         }
 686         rdata_size += compressed_mb_len;
 687
 688         resp_size = rwrap_fake_rdata_common(ns_t_soa, rdata_size,
 689                                             rr->key, anslen, &a);
 690         if (resp_size < 0) {
 691                 return -1;
 692         }
 693
 694         memcpy(a, nameser_compressed, compressed_ns_len);
 695         a += compressed_ns_len;
 696         memcpy(a, mailbox_compressed, compressed_mb_len);
 697         a += compressed_mb_len;
 698         NS_PUT32(rr->rrdata.soa_rec.serial, a);
 699         NS_PUT32(rr->rrdata.soa_rec.refresh, a);
 700         NS_PUT32(rr->rrdata.soa_rec.retry, a);
 701         NS_PUT32(rr->rrdata.soa_rec.expire, a);
 702         NS_PUT32(rr->rrdata.soa_rec.minimum, a);
 703
 704         return resp_size;
 705 }
 706
 707 static ssize_t rwrap_fake_cname(struct rwrap_fake_rr *rr,
 708                                 uint8_t *answer,
 709                                 size_t anslen)
 710 {
 711         uint8_t *a = answer;
 712         ssize_t resp_size;
 713         unsigned char hostname_compressed[MAXDNAME];
 714         ssize_t rdata_size;
 715
 716         if (rr->type != ns_t_cname) {
 717                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 718                 return -1;
 719         }
 720         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding CNAME RR");
 721
 722         /* Prepare the data to write */
 723         rdata_size = ns_name_compress(rr->rrdata.cname_rec,
 724                                       hostname_compressed, MAXDNAME,
 725                                       NULL, NULL);
 726         if (rdata_size < 0) {
 727                 return -1;
 728         }
 729
 730         resp_size = rwrap_fake_rdata_common(ns_t_cname, rdata_size,
 731                                             rr->key, anslen, &a);
 732         if (resp_size < 0) {
 733                 return -1;
 734         }
 735
 736         memcpy(a, hostname_compressed, rdata_size);
 737
 738         return resp_size;
 739 }
 740
 741 static ssize_t rwrap_fake_ptr(struct rwrap_fake_rr *rr,
 742                               uint8_t *answer,
 743                               size_t anslen)
 744 {
 745         uint8_t *a = answer;
 746         ssize_t rdata_size;
 747         ssize_t resp_size;
 748         unsigned char hostname_compressed[MAXDNAME];
 749
 750         if (rr->type != ns_t_ptr) {
 751                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 752                 return -1;
 753         }
 754         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding PTR RR");
 755
 756         /* Prepare the data to write */
 757         rdata_size = ns_name_compress(rr->rrdata.ptr_rec,
 758                                       hostname_compressed, MAXDNAME,
 759                                       NULL, NULL);
 760         if (rdata_size < 0) {
 761                 return -1;
 762         }
 763
 764         resp_size = rwrap_fake_rdata_common(ns_t_ptr, rdata_size,
 765                                             rr->key, anslen, &a);
 766         if (resp_size < 0) {
 767                 return -1;
 768         }
 769
 770         memcpy(a, hostname_compressed, rdata_size);
 771
 772         return resp_size;
 773 }
 774
 775 #define RESOLV_MATCH(line, name) \
 776         (strncmp(line, name, sizeof(name) - 1) == 0 && \
 777         (line[sizeof(name) - 1] == ' ' || \
 778          line[sizeof(name) - 1] == '\t'))
 779
 780 #define TYPE_MATCH(type, ns_type, rec_type, str_type, key, query) \
 781         ((type) == (ns_type) && \
 782          (strncmp((rec_type), (str_type), sizeof(str_type)) == 0) && \
 783          (strcasecmp(key, query)) == 0)
 784
 785
 786 static int rwrap_get_record(const char *hostfile, unsigned recursion,
 787                             const char *query, int type,
 788                             struct rwrap_fake_rr *rr);
 789
 790 static int rwrap_uri_recurse(const char *hostfile, unsigned recursion,
 791                              const char *query, struct rwrap_fake_rr *rr)
 792 {
 793         int rc;
 794
 795         rc = rwrap_get_record(hostfile, recursion, query, ns_t_uri, rr);
 796         if (rc == ENOENT) {
 797                 rc = 0;
 798         }
 799
 800         return rc;
 801 }
 802
 803 static int rwrap_srv_recurse(const char *hostfile, unsigned recursion,
 804                              const char *query, struct rwrap_fake_rr *rr)
 805 {
 806         int rc;
 807
 808         rc = rwrap_get_record(hostfile, recursion, query, ns_t_a, rr);
 809         if (rc == 0) return 0;
 810
 811         rc = rwrap_get_record(hostfile, recursion, query, ns_t_aaaa, rr);
 812         if (rc == ENOENT) rc = 0;
 813
 814         return rc;
 815 }
 816
 817 static int rwrap_cname_recurse(const char *hostfile, unsigned recursion,
 818                                const char *query, struct rwrap_fake_rr *rr)
 819 {
 820         int rc;
 821
 822         rc = rwrap_get_record(hostfile, recursion, query, ns_t_a, rr);
 823         if (rc == 0) return 0;
 824
 825         rc = rwrap_get_record(hostfile, recursion, query, ns_t_aaaa, rr);
 826         if (rc == 0) return 0;
 827
 828         rc = rwrap_get_record(hostfile, recursion, query, ns_t_cname, rr);
 829         if (rc == ENOENT) rc = 0;
 830
 831         return rc;
 832 }
 833
 834 static int rwrap_get_record(const char *hostfile, unsigned recursion,
 835                             const char *query, int type,
 836                             struct rwrap_fake_rr *rr)
 837 {
 838         FILE *fp = NULL;
 839         char buf[BUFSIZ];
 840         char *key = NULL;
 841         char *value = NULL;
 842         int rc = ENOENT;
 843         unsigned num_uris = 0;
 844
 845         if (recursion >= RWRAP_MAX_RECURSION) {
 846                 RWRAP_LOG(RWRAP_LOG_ERROR, "Recursed too deep!\n");
 847                 return -1;
 848         }
 849
 850         RWRAP_LOG(RWRAP_LOG_TRACE,
 851                   "Searching in fake hosts file %s for %s:%d\n", hostfile,
 852                   query, type);
 853
 854         fp = fopen(hostfile, "r");
 855         if (fp == NULL) {
 856                 RWRAP_LOG(RWRAP_LOG_WARN,
 857                           "Opening %s failed: %s",
 858                           hostfile, strerror(errno));
 859                 return -1;
 860         }
 861
 862         while (fgets(buf, sizeof(buf), fp) != NULL) {
 863                 char *rec_type;
 864                 char *q;
 865
 866                 rec_type = buf;
 867                 key = value = NULL;
 868
 869                 NEXT_KEY(rec_type, key);
 870                 NEXT_KEY(key, value);
 871
 872                 if (key == NULL || value == NULL) {
 873                         RWRAP_LOG(RWRAP_LOG_WARN,
 874                                 "Malformed line: not enough parts, use \"rec_type key data\n"
 875                                 "For example \"A cwrap.org 10.10.10.10\"");
 876                         continue;
 877                 }
 878
 879                 q = value;
 880                 while(q[0] != '\n' && q[0] != '\0') {
 881                         q++;
 882                 }
 883                 q[0] = '\0';
 884
 885                 if (type == ns_t_uri && recursion > 0) {
 886                         /* Skip non-URI records. */
 887                         if (!TYPE_MATCH(type, ns_t_uri, rec_type, "URI", key, query)) {
 888                                 continue;
 889                         }
 890                         /* Skip previous records based on the recurse depth. */
 891                         num_uris++;
 892                         if (num_uris <= recursion) {
 893                                 continue;
 894                         }
 895                 }
 896
 897                 if (TYPE_MATCH(type, ns_t_a, rec_type, "A", key, query)) {
 898                         rc = rwrap_create_fake_a_rr(key, value, rr);
 899                         break;
 900                 } else if (TYPE_MATCH(type, ns_t_aaaa,
 901                                       rec_type, "AAAA", key, query)) {
 902                         rc = rwrap_create_fake_aaaa_rr(key, value, rr);
 903                         break;
 904                 } else if (TYPE_MATCH(type, ns_t_ns,
 905                                       rec_type, "NS", key, query)) {
 906                         rc = rwrap_create_fake_ns_rr(key, value, rr);
 907                         break;
 908                 } else if (TYPE_MATCH(type, ns_t_srv,
 909                                       rec_type, "SRV", key, query)) {
 910                         rc = rwrap_create_fake_srv_rr(key, value, rr);
 911                         if (rc == 0) {
 912                                 rc = rwrap_srv_recurse(hostfile, recursion+1,
 913                                                 rr->rrdata.srv_rec.hostname,
 914                                                 rr + 1);
 915                         }
 916                         break;
 917                 } else if (TYPE_MATCH(type, ns_t_uri,
 918                                       rec_type, "URI", key, query)) {
 919                         rc = rwrap_create_fake_uri_rr(key, value, rr);
 920                         if (rc == 0) {
 921                                 /* Recurse to collect multiple URI answers under a single key. */
 922                                 rc = rwrap_uri_recurse(hostfile, recursion + 1, key, rr + 1);
 923                         }
 924                         break;
 925                 } else if (TYPE_MATCH(type, ns_t_soa,
 926                                       rec_type, "SOA", key, query)) {
 927                         rc = rwrap_create_fake_soa_rr(key, value, rr);
 928                         break;
 929                 } else if (TYPE_MATCH(type, ns_t_cname,
 930                                       rec_type, "CNAME", key, query)) {
 931                         rc = rwrap_create_fake_cname_rr(key, value, rr);
 932                         if (rc == 0) {
 933                                 rc = rwrap_cname_recurse(hostfile, recursion+1,
 934                                                          value, rr + 1);
 935                         }
 936                         break;
 937                 } else if (TYPE_MATCH(type, ns_t_a, rec_type, "CNAME", key, query)) {
 938                         rc = rwrap_create_fake_cname_rr(key, value, rr);
 939                         if (rc == 0) {
 940                                 rc = rwrap_cname_recurse(hostfile, recursion+1,
 941                                                          value, rr + 1);
 942                         }
 943                         break;
 944                 } else if (TYPE_MATCH(type, ns_t_ptr,
 945                                       rec_type, "PTR", key, query)) {
 946                         rc = rwrap_create_fake_ptr_rr(key, value, rr);
 947                         break;
 948                 }
 949         }
 950
 951         if (rc == ENOENT && recursion == 0 && key != NULL) {
 952                 RWRAP_LOG(RWRAP_LOG_TRACE, "Record for [%s] not found\n", query);
 953                 memcpy(rr->key, key, strlen(key) + 1);
 954         }
 955
 956         fclose(fp);
 957         return rc;
 958 }
 959
 960 static ssize_t rwrap_fake_empty(int type,
 961                                 const char *question,
 962                                 uint8_t *answer,
 963                                 size_t anslen)
 964 {
 965         ssize_t resp_data;
 966         size_t remaining = anslen;
 967
 968         resp_data = rwrap_fake_header(&answer, remaining, 0, 0);
 969         if (resp_data < 0) {
 970                 return -1;
 971         }
 972         remaining -= resp_data;
 973
 974         resp_data += rwrap_fake_question(question, type, &answer, remaining);
 975         if (resp_data < 0) {
 976                 return -1;
 977         }
 978         remaining -= resp_data;
 979
 980         resp_data += rwrap_fake_rdata_common(type, 0, question,
 981                                             remaining, &answer);
 982         if (resp_data < 0) {
 983                 return -1;
 984         }
 985
 986         return resp_data;
 987 }
 988
 989 static inline bool rwrap_known_type(int type)
 990 {
 991         switch (type) {
 992         case ns_t_a:
 993         case ns_t_aaaa:
 994         case ns_t_ns:
 995         case ns_t_srv:
 996         case ns_t_uri:
 997         case ns_t_soa:
 998         case ns_t_cname:
 999         case ns_t_ptr:
1000                 return true;
1001         }
1002
1003         return false;
1004 }
1005
1006 static int rwrap_ancount(struct rwrap_fake_rr *rrs, int qtype)
1007 {
1008         int i;
1009         int ancount = 0;
1010
1011         /* For URI return the number of URIs. */
1012         if (qtype == ns_t_uri) {
1013                 for (i = 0; i < RWRAP_MAX_RECURSION; i++) {
1014                         if (rwrap_known_type(rrs[i].type) &&
1015                             rrs[i].type == qtype) {
1016                                 ancount++;
1017                         }
1018                 }
1019                 return ancount;
1020         }
1021
1022         /* Include all RRs in the stack until the sought type
1023          * in the answer section. This is the case i.e. when looking
1024          * up an A record but the name points to a CNAME
1025          */
1026         for (i = 0; i < RWRAP_MAX_RECURSION; i++) {
1027                 ancount++;
1028
1029                 if (rwrap_known_type(rrs[i].type) &&
1030                     rrs[i].type == qtype) {
1031                         break;
1032                 }
1033         }
1034
1035         /* Return 0 records if the sought type wasn't in the stack */
1036         return i < RWRAP_MAX_RECURSION ? ancount : 0;
1037 }
1038
1039 static int rwrap_arcount(struct rwrap_fake_rr *rrs, int ancount)
1040 {
1041         int i;
1042         int arcount = 0;
1043
1044         /* start from index ancount */
1045         for (i = ancount; i < RWRAP_MAX_RECURSION; i++) {
1046                 if (rwrap_known_type(rrs[i].type)) {
1047                         arcount++;
1048                 }
1049         }
1050
1051         return arcount;
1052 }
1053
1054 static ssize_t rwrap_add_rr(struct rwrap_fake_rr *rr,
1055                             uint8_t *answer,
1056                             size_t anslen)
1057 {
1058         ssize_t resp_data;
1059
1060         if (rr == NULL) {
1061                 RWRAP_LOG(RWRAP_LOG_ERROR, "Internal error!\n");
1062                 return -1;
1063         }
1064
1065         switch (rr->type) {
1066         case ns_t_a:
1067                 resp_data = rwrap_fake_a(rr, answer, anslen);
1068                 break;
1069         case ns_t_aaaa:
1070                 resp_data = rwrap_fake_aaaa(rr, answer, anslen);
1071                 break;
1072         case ns_t_ns:
1073                 resp_data = rwrap_fake_ns(rr, answer, anslen);
1074                 break;
1075         case ns_t_srv:
1076                 resp_data = rwrap_fake_srv(rr, answer, anslen);
1077                 break;
1078         case ns_t_uri:
1079                 resp_data = rwrap_fake_uri(rr, answer, anslen);
1080                 break;
1081         case ns_t_soa:
1082                 resp_data = rwrap_fake_soa(rr, answer, anslen);
1083                 break;
1084         case ns_t_cname:
1085                 resp_data = rwrap_fake_cname(rr, answer, anslen);
1086                 break;
1087         case ns_t_ptr:
1088                 resp_data = rwrap_fake_ptr(rr, answer, anslen);
1089                 break;
1090         default:
1091                 return -1;
1092         }
1093
1094         return resp_data;
1095 }
1096
1097 static ssize_t rwrap_fake_answer(struct rwrap_fake_rr *rrs,
1098                                  int type,
1099                                  uint8_t *answer,
1100                                  size_t anslen)
1101
1102 {
1103         ssize_t resp_data;
1104         ssize_t rrlen;
1105         size_t remaining = anslen;
1106         int ancount;
1107         int arcount;
1108         int i;
1109
1110         ancount = rwrap_ancount(rrs, type);
1111         arcount = rwrap_arcount(rrs, ancount);
1112         RWRAP_LOG(RWRAP_LOG_TRACE,
1113                   "Got %d answers and %d additional records\n", ancount, arcount);
1114
1115         resp_data = rwrap_fake_header(&answer, remaining, ancount, arcount);
1116         if (resp_data < 0) {
1117                 return -1;
1118         }
1119         remaining -= resp_data;
1120
1121         resp_data += rwrap_fake_question(rrs->key, rrs->type, &answer, remaining);
1122         if (resp_data < 0) {
1123                 return -1;
1124         }
1125         remaining -= resp_data;
1126
1127         /* answer */
1128         for (i = 0; i < ancount; i++) {
1129                 rrlen = rwrap_add_rr(&rrs[i], answer, remaining);
1130                 if (rrlen < 0) {
1131                         return -1;
1132                 }
1133                 remaining -= rrlen;
1134                 answer += rrlen;
1135                 resp_data += rrlen;
1136         }
1137
1138         /* add authoritative NS here? */
1139
1140         /* additional records */
1141         for (i = ancount; i < ancount + arcount; i++) {
1142                 rrlen = rwrap_add_rr(&rrs[i], answer, remaining);
1143                 if (rrlen < 0) {
1144                         return -1;
1145                 }
1146                 remaining -= rrlen;
1147                 answer += rrlen;
1148                 resp_data += rrlen;
1149         }
1150
1151         return resp_data;
1152 }
1153
1154 /* Reads in a file in the following format:
1155  * TYPE RDATA
1156  *
1157  * Malformed entries are silently skipped.
1158  * Allocates answer buffer of size anslen that has to be freed after use.
1159  */
1160 static int rwrap_res_fake_hosts(const char *hostfile,
1161                                 const char *query,
1162                                 int type,
1163                                 unsigned char *answer,
1164                                 size_t anslen)
1165 {
1166         int rc = ENOENT;
1167         char *query_name = NULL;
1168         size_t qlen = strlen(query);
1169         struct rwrap_fake_rr rrs[RWRAP_MAX_RECURSION];
1170         ssize_t resp_size;
1171
1172         RWRAP_LOG(RWRAP_LOG_TRACE,
1173                   "Searching in fake hosts file %s\n", hostfile);
1174
1175         if (qlen > 0 && query[qlen-1] == '.') {
1176                 qlen--;
1177         }
1178
1179         query_name = strndup(query, qlen);
1180         if (query_name == NULL) {
1181                 return -1;
1182         }
1183
1184         rwrap_fake_rr_init(rrs, RWRAP_MAX_RECURSION);
1185
1186         rc = rwrap_get_record(hostfile, 0, query_name, type, rrs);
1187         switch (rc) {
1188         case 0:
1189                 RWRAP_LOG(RWRAP_LOG_TRACE,
1190                                 "Found record for [%s]\n", query_name);
1191                 resp_size = rwrap_fake_answer(rrs, type, answer, anslen);
1192                 break;
1193         case ENOENT:
1194                 RWRAP_LOG(RWRAP_LOG_TRACE,
1195                                 "No record for [%s]\n", query_name);
1196                 resp_size = rwrap_fake_empty(type, rrs->key, answer, anslen);
1197                 break;
1198         default:
1199                 RWRAP_LOG(RWRAP_LOG_NOTICE,
1200                           "Searching for [%s] did not return any results\n",
1201                           query_name);
1202                 free(query_name);
1203                 return -1;
1204         }
1205
1206         switch (resp_size) {
1207         case -1:
1208                 RWRAP_LOG(RWRAP_LOG_ERROR,
1209                                 "Error faking answer for [%s]\n", query_name);
1210                 break;
1211         default:
1212                 RWRAP_LOG(RWRAP_LOG_TRACE,
1213                                 "Successfully faked answer for [%s]\n",
1214                                 query_name);
1215                 break;
1216         }
1217
1218         free(query_name);
1219         return resp_size;
1220 }
1221
1222 /*********************************************************
1223  * RWRAP LOADING LIBC FUNCTIONS
1224  *********************************************************/
1225
1226 #include <dlfcn.h>
1227
1228 typedef int (*__libc_res_ninit)(struct __res_state *state);
1229 typedef int (*__libc___res_ninit)(struct __res_state *state);
1230 typedef void (*__libc_res_nclose)(struct __res_state *state);
1231 typedef void (*__libc___res_nclose)(struct __res_state *state);
1232 typedef int (*__libc_res_nquery)(struct __res_state *state,
1233                                  const char *dname,
1234                                  int class,
1235                                  int type,
1236                                  unsigned char *answer,
1237                                  int anslen);
1238 typedef int (*__libc___res_nquery)(struct __res_state *state,
1239                                    const char *dname,
1240                                    int class,
1241                                    int type,
1242                                    unsigned char *answer,
1243                                    int anslen);
1244 typedef int (*__libc_res_nsearch)(struct __res_state *state,
1245                                   const char *dname,
1246                                   int class,
1247                                   int type,
1248                                   unsigned char *answer,
1249                                   int anslen);
1250 typedef int (*__libc___res_nsearch)(struct __res_state *state,
1251                                     const char *dname,
1252                                     int class,
1253                                     int type,
1254                                     unsigned char *answer,
1255                                     int anslen);
1256
1257 #define RWRAP_SYMBOL_ENTRY(i) \
1258         union { \
1259                 __libc_##i f; \
1260                 void *obj; \
1261         } _libc_##i
1262
1263 struct rwrap_libc_symbols {
1264         RWRAP_SYMBOL_ENTRY(res_ninit);
1265         RWRAP_SYMBOL_ENTRY(__res_ninit);
1266         RWRAP_SYMBOL_ENTRY(res_nclose);
1267         RWRAP_SYMBOL_ENTRY(__res_nclose);
1268         RWRAP_SYMBOL_ENTRY(res_nquery);
1269         RWRAP_SYMBOL_ENTRY(__res_nquery);
1270         RWRAP_SYMBOL_ENTRY(res_nsearch);
1271         RWRAP_SYMBOL_ENTRY(__res_nsearch);
1272 };
1273 #undef RWRAP_SYMBOL_ENTRY
1274
1275 struct rwrap {
1276         struct {
1277                 void *handle;
1278                 struct rwrap_libc_symbols symbols;
1279         } libc;
1280
1281         struct {
1282                 void *handle;
1283                 struct rwrap_libc_symbols symbols;
1284         } libresolv;
1285
1286         bool initialised;
1287         bool enabled;
1288
1289         char *socket_dir;
1290 };
1291
1292 static struct rwrap rwrap;
1293
1294 enum rwrap_lib {
1295     RWRAP_LIBC,
1296     RWRAP_LIBRESOLV
1297 };
1298
1299 #ifndef NDEBUG
1300 static const char *rwrap_str_lib(enum rwrap_lib lib)
1301 {
1302         switch (lib) {
1303         case RWRAP_LIBC:
1304                 return "libc";
1305         case RWRAP_LIBRESOLV:
1306                 return "libresolv";
1307         }
1308
1309         /* Compiler would warn us about unhandled enum value if we get here */
1310         return "unknown";
1311 }
1312 #endif
1313
1314 static void *rwrap_load_lib_handle(enum rwrap_lib lib)
1315 {
1316         int flags = RTLD_LAZY;
1317         void *handle = NULL;
1318         int i;
1319
1320 #ifdef RTLD_DEEPBIND
1321         flags |= RTLD_DEEPBIND;
1322 #endif
1323
1324         switch (lib) {
1325         case RWRAP_LIBRESOLV:
1326 #ifdef HAVE_LIBRESOLV
1327                 handle = rwrap.libresolv.handle;
1328                 if (handle == NULL) {
1329                         for (i = 10; i >= 0; i--) {
1330                                 char soname[256] = {0};
1331
1332                                 snprintf(soname, sizeof(soname), "libresolv.so.%d", i);
1333                                 handle = dlopen(soname, flags);
1334                                 if (handle != NULL) {
1335                                         break;
1336                                 }
1337                         }
1338
1339                         rwrap.libresolv.handle = handle;
1340                 }
1341                 break;
1342 #endif
1343                 /* FALL TROUGH */
1344         case RWRAP_LIBC:
1345                 handle = rwrap.libc.handle;
1346 #ifdef LIBC_SO
1347                 if (handle == NULL) {
1348                         handle = dlopen(LIBC_SO, flags);
1349
1350                         rwrap.libc.handle = handle;
1351                 }
1352 #endif
1353                 if (handle == NULL) {
1354                         for (i = 10; i >= 0; i--) {
1355                                 char soname[256] = {0};
1356
1357                                 snprintf(soname, sizeof(soname), "libc.so.%d", i);
1358                                 handle = dlopen(soname, flags);
1359                                 if (handle != NULL) {
1360                                         break;
1361                                 }
1362                         }
1363
1364                         rwrap.libc.handle = handle;
1365                 }
1366                 break;
1367         }
1368
1369         if (handle == NULL) {
1370 #ifdef RTLD_NEXT
1371                 handle = rwrap.libc.handle = rwrap.libresolv.handle = RTLD_NEXT;
1372 #else
1373                 RWRAP_LOG(RWRAP_LOG_ERROR,
1374                           "Failed to dlopen library: %s\n",
1375                           dlerror());
1376                 exit(-1);
1377 #endif
1378         }
1379
1380         return handle;
1381 }
1382
1383 static void *_rwrap_bind_symbol(enum rwrap_lib lib, const char *fn_name)
1384 {
1385         void *handle;
1386         void *func;
1387
1388         handle = rwrap_load_lib_handle(lib);
1389
1390         func = dlsym(handle, fn_name);
1391         if (func == NULL) {
1392                 RWRAP_LOG(RWRAP_LOG_ERROR,
1393                                 "Failed to find %s: %s\n",
1394                                 fn_name, dlerror());
1395                 exit(-1);
1396         }
1397
1398         RWRAP_LOG(RWRAP_LOG_TRACE,
1399                         "Loaded %s from %s",
1400                         fn_name, rwrap_str_lib(lib));
1401         return func;
1402 }
1403
1404 #define rwrap_bind_symbol_libc(sym_name) \
1405         if (rwrap.libc.symbols._libc_##sym_name.obj == NULL) { \
1406                 rwrap.libc.symbols._libc_##sym_name.obj = \
1407                         _rwrap_bind_symbol(RWRAP_LIBC, #sym_name); \
1408         }
1409
1410 #define rwrap_bind_symbol_libresolv(sym_name) \
1411         if (rwrap.libresolv.symbols._libc_##sym_name.obj == NULL) { \
1412                 rwrap.libresolv.symbols._libc_##sym_name.obj = \
1413                         _rwrap_bind_symbol(RWRAP_LIBRESOLV, #sym_name); \
1414         }
1415
1416 /*
1417  * IMPORTANT
1418  *
1419  * Functions especially from libc need to be loaded individually, you can't load
1420  * all at once or gdb will segfault at startup. The same applies to valgrind and
1421  * has probably something todo with with the linker.
1422  * So we need load each function at the point it is called the first time.
1423  */
1424
1425 static int libc_res_ninit(struct __res_state *state)
1426 {
1427 #if !defined(res_ninit) && defined(HAVE_RES_NINIT)
1428
1429 #if defined(HAVE_RES_NINIT_IN_LIBRESOLV)
1430         rwrap_bind_symbol_libresolv(res_ninit);
1431
1432         return rwrap.libresolv.symbols._libc_res_ninit.f(state);
1433 #else /* HAVE_RES_NINIT_IN_LIBRESOLV */
1434         rwrap_bind_symbol_libc(res_ninit);
1435
1436         return rwrap.libc.symbols._libc_res_ninit.f(state);
1437 #endif /* HAVE_RES_NINIT_IN_LIBRESOLV */
1438
1439 #elif defined(HAVE___RES_NINIT)
1440         rwrap_bind_symbol_libc(__res_ninit);
1441
1442         return rwrap.libc.symbols._libc___res_ninit.f(state);
1443 #else
1444 #error "No res_ninit function"
1445 #endif
1446 }
1447
1448 static void libc_res_nclose(struct __res_state *state)
1449 {
1450 #if !defined(res_close) && defined(HAVE_RES_NCLOSE)
1451
1452 #if defined(HAVE_RES_NCLOSE_IN_LIBRESOLV)
1453         rwrap_bind_symbol_libresolv(res_nclose);
1454
1455         rwrap.libresolv.symbols._libc_res_nclose.f(state);
1456         return;
1457 #else /* HAVE_RES_NCLOSE_IN_LIBRESOLV */
1458         rwrap_bind_symbol_libc(res_nclose);
1459
1460         rwrap.libc.symbols._libc_res_nclose.f(state);
1461         return;
1462 #endif /* HAVE_RES_NCLOSE_IN_LIBRESOLV */
1463
1464 #elif defined(HAVE___RES_NCLOSE)
1465         rwrap_bind_symbol_libc(__res_nclose);
1466
1467         rwrap.libc.symbols._libc___res_nclose.f(state);
1468 #else
1469 #error "No res_nclose function"
1470 #endif
1471 }
1472
1473 static int libc_res_nquery(struct __res_state *state,
1474                            const char *dname,
1475                            int class,
1476                            int type,
1477                            unsigned char *answer,
1478                            int anslen)
1479 {
1480 #if !defined(res_nquery) && defined(HAVE_RES_NQUERY)
1481         rwrap_bind_symbol_libresolv(res_nquery);
1482
1483         return rwrap.libresolv.symbols._libc_res_nquery.f(state,
1484                                                           dname,
1485                                                           class,
1486                                                           type,
1487                                                           answer,
1488                                                           anslen);
1489 #elif defined(HAVE___RES_NQUERY)
1490         rwrap_bind_symbol_libresolv(__res_nquery);
1491
1492         return rwrap.libresolv.symbols._libc___res_nquery.f(state,
1493                                                             dname,
1494                                                             class,
1495                                                             type,
1496                                                             answer,
1497                                                             anslen);
1498 #else
1499 #error "No res_nquery function"
1500 #endif
1501 }
1502
1503 static int libc_res_nsearch(struct __res_state *state,
1504                             const char *dname,
1505                             int class,
1506                             int type,
1507                             unsigned char *answer,
1508                             int anslen)
1509 {
1510 #if !defined(res_nsearch) && defined(HAVE_RES_NSEARCH)
1511         rwrap_bind_symbol_libresolv(res_nsearch);
1512
1513         return rwrap.libresolv.symbols._libc_res_nsearch.f(state,
1514                                                            dname,
1515                                                            class,
1516                                                            type,
1517                                                            answer,
1518                                                            anslen);
1519 #elif defined(HAVE___RES_NSEARCH)
1520         rwrap_bind_symbol_libresolv(__res_nsearch);
1521
1522         return rwrap.libresolv.symbols._libc___res_nsearch.f(state,
1523                                                              dname,
1524                                                              class,
1525                                                              type,
1526                                                              answer,
1527                                                              anslen);
1528 #else
1529 #error "No res_nsearch function"
1530 #endif
1531 }
1532
1533 /****************************************************************************
1534  *   RES_HELPER
1535  ***************************************************************************/
1536
1537 static int rwrap_parse_resolv_conf(struct __res_state *state,
1538                                    const char *resolv_conf)
1539 {
1540         FILE *fp;
1541         char buf[BUFSIZ];
1542         int nserv = 0;
1543
1544         fp = fopen(resolv_conf, "r");
1545         if (fp == NULL) {
1546                 RWRAP_LOG(RWRAP_LOG_ERROR,
1547                           "Opening %s failed: %s",
1548                           resolv_conf, strerror(errno));
1549                 return -1;
1550         }
1551
1552         while(fgets(buf, sizeof(buf), fp) != NULL) {
1553                 char *p;
1554
1555                 /* Ignore comments */
1556                 if (buf[0] == '#' || buf[0] == ';') {
1557                         continue;
1558                 }
1559
1560                 if (RESOLV_MATCH(buf, "nameserver") && nserv < MAXNS) {
1561                         struct in_addr a;
1562                         char *q;
1563                         int ok;
1564
1565                         p = buf + strlen("nameserver");
1566
1567                         /* Skip spaces and tabs */
1568                         while(isblank((int)p[0])) {
1569                                 p++;
1570                         }
1571
1572                         q = p;
1573                         while(q[0] != '\n' && q[0] != '\0') {
1574                                 q++;
1575                         }
1576                         q[0] = '\0';
1577
1578                         ok = inet_pton(AF_INET, p, &a);
1579                         if (ok) {
1580                                 state->nsaddr_list[state->nscount] = (struct sockaddr_in) {
1581                                         .sin_family = AF_INET,
1582                                         .sin_addr = a,
1583                                         .sin_port = htons(53),
1584                                         .sin_zero = { 0 },
1585                                 };
1586
1587                                 state->nscount++;
1588                                 nserv++;
1589                         } else {
1590 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1591                                 /* IPv6 */
1592                                 struct in6_addr a6;
1593                                 ok = inet_pton(AF_INET6, p, &a6);
1594                                 if (ok) {
1595                                         struct sockaddr_in6 *sa6;
1596
1597                                         sa6 = malloc(sizeof(*sa6));
1598                                         if (sa6 == NULL) {
1599                                                 fclose(fp);
1600                                                 return -1;
1601                                         }
1602
1603                                         sa6->sin6_family = AF_INET6;
1604                                         sa6->sin6_port = htons(53);
1605                                         sa6->sin6_flowinfo = 0;
1606                                         sa6->sin6_addr = a6;
1607
1608                                         state->_u._ext.nsaddrs[state->_u._ext.nscount] = sa6;
1609                                         state->_u._ext.nssocks[state->_u._ext.nscount] = -1;
1610                                         state->_u._ext.nsmap[state->_u._ext.nscount] = MAXNS + 1;
1611
1612                                         state->_u._ext.nscount++;
1613                                         nserv++;
1614                                 } else {
1615                                         RWRAP_LOG(RWRAP_LOG_ERROR,
1616                                                 "Malformed DNS server");
1617                                         continue;
1618                                 }
1619 #else /* !HAVE_RESOLV_IPV6_NSADDRS */
1620                                 /*
1621                                  * BSD uses an opaque structure to store the
1622                                  * IPv6 addresses. So we can not simply store
1623                                  * these addresses the same way as above.
1624                                  */
1625                                 RWRAP_LOG(RWRAP_LOG_WARN,
1626                                           "resolve_wrapper does not support "
1627                                           "IPv6 on this platform");
1628                                         continue;
1629 #endif
1630                         }
1631                         continue;
1632                 } /* TODO: match other keywords */
1633         }
1634
1635         if (ferror(fp)) {
1636                 RWRAP_LOG(RWRAP_LOG_ERROR,
1637                           "Reading from %s failed",
1638                           resolv_conf);
1639                 fclose(fp);
1640                 return -1;
1641         }
1642
1643         fclose(fp);
1644         return 0;
1645 }
1646
1647 /****************************************************************************
1648  *   RES_NINIT
1649  ***************************************************************************/
1650
1651 static int rwrap_res_ninit(struct __res_state *state)
1652 {
1653         int rc;
1654
1655         rc = libc_res_ninit(state);
1656         if (rc == 0) {
1657                 const char *resolv_conf = getenv("RESOLV_WRAPPER_CONF");
1658
1659                 if (resolv_conf != NULL) {
1660                         uint16_t i;
1661
1662                         (void)i; /* maybe unused */
1663
1664                         /* Delete name servers */
1665                         state->nscount = 0;
1666                         memset(state->nsaddr_list, 0, sizeof(state->nsaddr_list));
1667
1668 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1669                         state->_u._ext.nscount = 0;
1670                         for (i = 0; i < state->_u._ext.nscount; i++) {
1671                                 SAFE_FREE(state->_u._ext.nsaddrs[i]);
1672                         }
1673 #endif
1674
1675                         rc = rwrap_parse_resolv_conf(state, resolv_conf);
1676                 }
1677         }
1678
1679         return rc;
1680 }
1681
1682 #if !defined(res_ninit) && defined(HAVE_RES_NINIT)
1683 int res_ninit(struct __res_state *state)
1684 #elif defined(HAVE___RES_NINIT)
1685 int __res_ninit(struct __res_state *state)
1686 #endif
1687 {
1688         return rwrap_res_ninit(state);
1689 }
1690
1691 /****************************************************************************
1692  *   RES_INIT
1693  ***************************************************************************/
1694
1695 static struct __res_state rwrap_res_state;
1696
1697 static int rwrap_res_init(void)
1698 {
1699         int rc;
1700
1701         rc = rwrap_res_ninit(&rwrap_res_state);
1702
1703         return rc;
1704 }
1705
1706 #if !defined(res_ninit) && defined(HAVE_RES_INIT)
1707 int res_init(void)
1708 #elif defined(HAVE___RES_INIT)
1709 int __res_init(void)
1710 #endif
1711 {
1712         return rwrap_res_init();
1713 }
1714
1715 /****************************************************************************
1716  *   RES_NCLOSE
1717  ***************************************************************************/
1718
1719 static void rwrap_res_nclose(struct __res_state *state)
1720 {
1721 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1722         int i;
1723 #endif
1724
1725         libc_res_nclose(state);
1726
1727 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1728         if (state != NULL) {
1729                 for (i = 0; i < state->_u._ext.nscount; i++) {
1730                         SAFE_FREE(state->_u._ext.nsaddrs[i]);
1731                 }
1732         }
1733 #endif
1734 }
1735
1736 #if !defined(res_nclose) && defined(HAVE_RES_NCLOSE)
1737 void res_nclose(struct __res_state *state)
1738 #elif defined(HAVE___RES_NCLOSE)
1739 void __res_nclose(struct __res_state *state)
1740 #endif
1741 {
1742         rwrap_res_nclose(state);
1743 }
1744
1745 /****************************************************************************
1746  *   RES_CLOSE
1747  ***************************************************************************/
1748
1749 static void rwrap_res_close(void)
1750 {
1751         rwrap_res_nclose(&rwrap_res_state);
1752 }
1753
1754 #if defined(HAVE_RES_CLOSE)
1755 void res_close(void)
1756 #elif defined(HAVE___RES_CLOSE)
1757 void __res_close(void)
1758 #endif
1759 {
1760         rwrap_res_close();
1761 }
1762
1763 /****************************************************************************
1764  *   RES_NQUERY
1765  ***************************************************************************/
1766
1767 static int rwrap_res_nquery(struct __res_state *state,
1768                             const char *dname,
1769                             int class,
1770                             int type,
1771                             unsigned char *answer,
1772                             int anslen)
1773 {
1774         int rc;
1775         const char *fake_hosts;
1776 #ifndef NDEBUG
1777         int i;
1778 #endif
1779
1780         RWRAP_LOG(RWRAP_LOG_TRACE,
1781                   "Resolve the domain name [%s] - class=%d, type=%d",
1782                   dname, class, type);
1783 #ifndef NDEBUG
1784         for (i = 0; i < state->nscount; i++) {
1785                 char ip[INET6_ADDRSTRLEN];
1786
1787                 inet_ntop(AF_INET, &state->nsaddr_list[i].sin_addr, ip, sizeof(ip));
1788                 RWRAP_LOG(RWRAP_LOG_TRACE,
1789                           "        nameserver: %s",
1790                           ip);
1791         }
1792 #endif
1793
1794         fake_hosts = getenv("RESOLV_WRAPPER_HOSTS");
1795         if (fake_hosts != NULL) {
1796                 rc = rwrap_res_fake_hosts(fake_hosts, dname, type, answer, anslen);
1797         } else {
1798                 rc = libc_res_nquery(state, dname, class, type, answer, anslen);
1799         }
1800
1801
1802         RWRAP_LOG(RWRAP_LOG_TRACE,
1803                   "The returned response length is: %d",
1804                   rc);
1805
1806         return rc;
1807 }
1808
1809 #if !defined(res_nquery) && defined(HAVE_RES_NQUERY)
1810 int res_nquery(struct __res_state *state,
1811                const char *dname,
1812                int class,
1813                int type,
1814                unsigned char *answer,
1815                int anslen)
1816 #elif defined(HAVE___RES_NQUERY)
1817 int __res_nquery(struct __res_state *state,
1818                  const char *dname,
1819                  int class,
1820                  int type,
1821                  unsigned char *answer,
1822                  int anslen)
1823 #endif
1824 {
1825         return rwrap_res_nquery(state, dname, class, type, answer, anslen);
1826 }
1827
1828 /****************************************************************************
1829  *   RES_QUERY
1830  ***************************************************************************/
1831
1832 static int rwrap_res_query(const char *dname,
1833                            int class,
1834                            int type,
1835                            unsigned char *answer,
1836                            int anslen)
1837 {
1838         int rc;
1839
1840         rc = rwrap_res_ninit(&rwrap_res_state);
1841         if (rc != 0) {
1842                 return rc;
1843         }
1844
1845         rc = rwrap_res_nquery(&rwrap_res_state,
1846                               dname,
1847                               class,
1848                               type,
1849                               answer,
1850                               anslen);
1851
1852         return rc;
1853 }
1854
1855 #if !defined(res_query) && defined(HAVE_RES_QUERY)
1856 int res_query(const char *dname,
1857               int class,
1858               int type,
1859               unsigned char *answer,
1860               int anslen)
1861 #elif defined(HAVE___RES_QUERY)
1862 int __res_query(const char *dname,
1863                 int class,
1864                 int type,
1865                 unsigned char *answer,
1866                 int anslen)
1867 #endif
1868 {
1869         return rwrap_res_query(dname, class, type, answer, anslen);
1870 }
1871
1872 /****************************************************************************
1873  *   RES_NSEARCH
1874  ***************************************************************************/
1875
1876 static int rwrap_res_nsearch(struct __res_state *state,
1877                              const char *dname,
1878                              int class,
1879                              int type,
1880                              unsigned char *answer,
1881                              int anslen)
1882 {
1883         int rc;
1884         const char *fake_hosts;
1885 #ifndef NDEBUG
1886         int i;
1887 #endif
1888
1889         RWRAP_LOG(RWRAP_LOG_TRACE,
1890                   "Resolve the domain name [%s] - class=%d, type=%d",
1891                   dname, class, type);
1892 #ifndef NDEBUG
1893         for (i = 0; i < state->nscount; i++) {
1894                 char ip[INET6_ADDRSTRLEN];
1895
1896                 inet_ntop(AF_INET, &state->nsaddr_list[i].sin_addr, ip, sizeof(ip));
1897                 RWRAP_LOG(RWRAP_LOG_TRACE,
1898                           "        nameserver: %s",
1899                           ip);
1900         }
1901 #endif
1902
1903         fake_hosts = getenv("RESOLV_WRAPPER_HOSTS");
1904         if (fake_hosts != NULL) {
1905                 rc = rwrap_res_fake_hosts(fake_hosts, dname, type, answer, anslen);
1906         } else {
1907                 rc = libc_res_nsearch(state, dname, class, type, answer, anslen);
1908         }
1909
1910         RWRAP_LOG(RWRAP_LOG_TRACE,
1911                   "The returned response length is: %d",
1912                   rc);
1913
1914         return rc;
1915 }
1916
1917 #if !defined(res_nsearch) && defined(HAVE_RES_NSEARCH)
1918 int res_nsearch(struct __res_state *state,
1919                 const char *dname,
1920                 int class,
1921                 int type,
1922                 unsigned char *answer,
1923                 int anslen)
1924 #elif defined(HAVE___RES_NSEARCH)
1925 int __res_nsearch(struct __res_state *state,
1926                   const char *dname,
1927                   int class,
1928                   int type,
1929                   unsigned char *answer,
1930                   int anslen)
1931 #endif
1932 {
1933         return rwrap_res_nsearch(state, dname, class, type, answer, anslen);
1934 }
1935
1936 /****************************************************************************
1937  *   RES_SEARCH
1938  ***************************************************************************/
1939
1940 static int rwrap_res_search(const char *dname,
1941                             int class,
1942                             int type,
1943                             unsigned char *answer,
1944                             int anslen)
1945 {
1946         int rc;
1947
1948         rc = rwrap_res_ninit(&rwrap_res_state);
1949         if (rc != 0) {
1950                 return rc;
1951         }
1952
1953         rc = rwrap_res_nsearch(&rwrap_res_state,
1954                                dname,
1955                                class,
1956                                type,
1957                                answer,
1958                                anslen);
1959
1960         return rc;
1961 }
1962
1963 #if !defined(res_search) && defined(HAVE_RES_SEARCH)
1964 int res_search(const char *dname,
1965                int class,
1966                int type,
1967                unsigned char *answer,
1968                int anslen)
1969 #elif defined(HAVE___RES_SEARCH)
1970 int __res_search(const char *dname,
1971                  int class,
1972                  int type,
1973                  unsigned char *answer,
1974                  int anslen)
1975 #endif
1976 {
1977         return rwrap_res_search(dname, class, type, answer, anslen);
1978 }