src/resolv_wrapper.c

   1 /*
   2  * Copyright (c) 2014-2018 Andreas Schneider <asn@samba.org>
   3  * Copyright (c) 2014-2016 Jakub Hrozek <jakub.hrozek@posteo.se>
   4  *
   5  * All rights reserved.
   6  *
   7  * Redistribution and use in source and binary forms, with or without
   8  * modification, are permitted provided that the following conditions
   9  * are met:
  10  *
  11  * 1. Redistributions of source code must retain the above copyright
  12  *    notice, this list of conditions and the following disclaimer.
  13  *
  14  * 2. Redistributions in binary form must reproduce the above copyright
  15  *    notice, this list of conditions and the following disclaimer in the
  16  *    documentation and/or other materials provided with the distribution.
  17  *
  18  * 3. Neither the name of the author nor the names of its contributors
  19  *    may be used to endorse or promote products derived from this software
  20  *    without specific prior written permission.
  21  *
  22  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
  23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  32  * SUCH DAMAGE.
  33  */
  34
  35 #include "config.h"
  36
  37 #include <errno.h>
  38 #include <arpa/inet.h>
  39 #ifdef HAVE_ARPA_NAMESER_H
  40 #include <arpa/nameser.h>
  41 #endif /* HAVE_ARPA_NAMESER_H */
  42 #include <netinet/in.h>
  43 #include <sys/socket.h>
  44 #include <sys/types.h>
  45 #include <stdarg.h>
  46 #include <stdlib.h>
  47 #include <stdio.h>
  48 #include <stdbool.h>
  49 #include <string.h>
  50 #include <unistd.h>
  51 #include <ctype.h>
  52
  53 #include <resolv.h>
  54
  55 /* GCC has printf type attribute check. */
  56 #ifdef HAVE_ATTRIBUTE_PRINTF_FORMAT
  57 #define PRINTF_ATTRIBUTE(a,b) __attribute__ ((__format__ (__printf__, a, b)))
  58 #else
  59 #define PRINTF_ATTRIBUTE(a,b)
  60 #endif /* HAVE_ATTRIBUTE_PRINTF_FORMAT */
  61
  62 #ifdef HAVE_DESTRUCTOR_ATTRIBUTE
  63 #define DESTRUCTOR_ATTRIBUTE __attribute__ ((destructor))
  64 #else
  65 #define DESTRUCTOR_ATTRIBUTE
  66 #endif /* HAVE_DESTRUCTOR_ATTRIBUTE */
  67
  68 #ifndef RWRAP_DEFAULT_FAKE_TTL
  69 #define RWRAP_DEFAULT_FAKE_TTL 600
  70 #endif  /* RWRAP_DEFAULT_FAKE_TTL */
  71
  72 #ifndef HAVE_NS_NAME_COMPRESS
  73 #define ns_name_compress dn_comp
  74 #endif
  75
  76 #define ns_t_uri 256
  77
  78 enum rwrap_dbglvl_e {
  79         RWRAP_LOG_ERROR = 0,
  80         RWRAP_LOG_WARN,
  81         RWRAP_LOG_NOTICE,
  82         RWRAP_LOG_DEBUG,
  83         RWRAP_LOG_TRACE
  84 };
  85
  86 static void rwrap_log(enum rwrap_dbglvl_e dbglvl, const char *func, const char *format, ...) PRINTF_ATTRIBUTE(3, 4);
  87 # define RWRAP_LOG(dbglvl, ...) rwrap_log((dbglvl), __func__, __VA_ARGS__)
  88
  89 static void rwrap_log(enum rwrap_dbglvl_e dbglvl,
  90                       const char *func,
  91                       const char *format, ...)
  92 {
  93         char buffer[1024];
  94         va_list va;
  95         const char *d;
  96         unsigned int lvl = 0;
  97         int pid = getpid();
  98         const char *prefix = NULL;
  99
 100         d = getenv("RESOLV_WRAPPER_DEBUGLEVEL");
 101         if (d != NULL) {
 102                 lvl = atoi(d);
 103         }
 104
 105         if (lvl < dbglvl) {
 106                 return;
 107         }
 108
 109         va_start(va, format);
 110         vsnprintf(buffer, sizeof(buffer), format, va);
 111         va_end(va);
 112
 113         switch (dbglvl) {
 114                 case RWRAP_LOG_ERROR:
 115                         prefix = "RWRAP_ERROR";
 116                         break;
 117                 case RWRAP_LOG_WARN:
 118                         prefix = "RWRAP_WARN";
 119                         break;
 120                 case RWRAP_LOG_NOTICE:
 121                         prefix = "RWRAP_NOTICE";
 122                         break;
 123                 case RWRAP_LOG_DEBUG:
 124                         prefix = "RWRAP_DEBUG";
 125                         break;
 126                 case RWRAP_LOG_TRACE:
 127                         prefix = "RWRAP_TRACE";
 128                         break;
 129         }
 130
 131         fprintf(stderr,
 132                 "%s(%d) - %s: %s\n",
 133                 prefix,
 134                 pid,
 135                 func,
 136                 buffer);
 137 }
 138
 139 #ifndef SAFE_FREE
 140 #define SAFE_FREE(x) do { if ((x) != NULL) {free(x); (x)=NULL;} } while(0)
 141 #endif
 142
 143 #define NEXT_KEY(buf, key) do {                                 \
 144         (key) = (buf) ? strpbrk((buf), " \t") : NULL;           \
 145         if ((key) != NULL) {                                    \
 146                 (key)[0] = '\0';                                \
 147                 (key)++;                                        \
 148         }                                                       \
 149         while ((key) != NULL                                    \
 150                && (isblank((int)(key)[0]))) {                   \
 151                 (key)++;                                        \
 152         }                                                       \
 153 } while(0);
 154
 155 #define RWRAP_MAX_RECURSION 64
 156
 157 /* Priority and weight can be omitted from the hosts file, but need to be part
 158  * of the output
 159  */
 160 #define DFL_SRV_PRIO    1
 161 #define DFL_SRV_WEIGHT  100
 162 #define DFL_URI_PRIO    1
 163 #define DFL_URI_WEIGHT  100
 164
 165 struct rwrap_srv_rrdata {
 166         uint16_t port;
 167         uint16_t prio;
 168         uint16_t weight;
 169         char hostname[MAXDNAME];
 170 };
 171
 172 struct rwrap_uri_rrdata {
 173         uint16_t prio;
 174         uint16_t weight;
 175         char uri[MAXDNAME];
 176 };
 177
 178 struct rwrap_soa_rrdata {
 179         uint32_t serial;
 180         uint32_t refresh;
 181         uint32_t retry;
 182         uint32_t expire;
 183         uint32_t minimum;
 184         char nameserver[MAXDNAME];
 185         char mailbox[MAXDNAME];
 186 };
 187
 188 struct rwrap_fake_rr {
 189         union fake_rrdata {
 190                 struct in_addr a_rec;
 191                 struct in6_addr aaaa_rec;
 192                 struct rwrap_srv_rrdata srv_rec;
 193                 struct rwrap_uri_rrdata uri_rec;
 194                 struct rwrap_soa_rrdata soa_rec;
 195                 char cname_rec[MAXDNAME];
 196                 char ptr_rec[MAXDNAME];
 197         } rrdata;
 198
 199         char key[MAXDNAME];
 200         int type; /* ns_t_* */
 201 };
 202
 203 static void rwrap_fake_rr_init(struct rwrap_fake_rr *rr, size_t len)
 204 {
 205         size_t i;
 206
 207         for (i = 0; i < len; i++) {
 208                 rr[i].type = ns_t_invalid;
 209         }
 210 }
 211
 212 static int rwrap_create_fake_a_rr(const char *key,
 213                                   const char *value,
 214                                   struct rwrap_fake_rr *rr)
 215 {
 216         int ok;
 217
 218         ok = inet_pton(AF_INET, value, &rr->rrdata.a_rec);
 219         if (!ok) {
 220                 RWRAP_LOG(RWRAP_LOG_ERROR,
 221                           "Failed to convert [%s] to binary\n", value);
 222                 return -1;
 223         }
 224
 225         memcpy(rr->key, key, strlen(key) + 1);
 226         rr->type = ns_t_a;
 227         return 0;
 228 }
 229
 230 static int rwrap_create_fake_aaaa_rr(const char *key,
 231                                      const char *value,
 232                                      struct rwrap_fake_rr *rr)
 233 {
 234         int ok;
 235
 236         ok = inet_pton(AF_INET6, value, &rr->rrdata.aaaa_rec);
 237         if (!ok) {
 238                 RWRAP_LOG(RWRAP_LOG_ERROR,
 239                           "Failed to convert [%s] to binary\n", value);
 240                 return -1;
 241         }
 242
 243         memcpy(rr->key, key, strlen(key) + 1);
 244         rr->type = ns_t_aaaa;
 245         return 0;
 246 }
 247 static int rwrap_create_fake_ns_rr(const char *key,
 248                                    const char *value,
 249                                    struct rwrap_fake_rr *rr)
 250 {
 251         memcpy(rr->rrdata.srv_rec.hostname, value, strlen(value) + 1);
 252         memcpy(rr->key, key, strlen(key) + 1);
 253         rr->type = ns_t_ns;
 254         return 0;
 255 }
 256
 257 static int rwrap_create_fake_srv_rr(const char *key,
 258                                     const char *value,
 259                                     struct rwrap_fake_rr *rr)
 260 {
 261         char *str_prio;
 262         char *str_weight;
 263         char *str_port;
 264         const char *hostname;
 265
 266         /* parse the value into priority, weight, port and hostname
 267          * and check the validity */
 268         hostname = value;
 269         NEXT_KEY(hostname, str_port);
 270         NEXT_KEY(str_port, str_prio);
 271         NEXT_KEY(str_prio, str_weight);
 272         if (str_port == NULL || hostname == NULL) {
 273                 RWRAP_LOG(RWRAP_LOG_ERROR,
 274                           "Malformed SRV entry [%s]\n", value);
 275                 return -1;
 276         }
 277
 278         if (str_prio) {
 279                 rr->rrdata.srv_rec.prio = atoi(str_prio);
 280         } else {
 281                 rr->rrdata.srv_rec.prio = DFL_SRV_PRIO;
 282         }
 283         if (str_weight) {
 284                 rr->rrdata.srv_rec.weight = atoi(str_weight);
 285         } else {
 286                 rr->rrdata.srv_rec.weight = DFL_SRV_WEIGHT;
 287         }
 288         rr->rrdata.srv_rec.port = atoi(str_port);
 289         memcpy(rr->rrdata.srv_rec.hostname , hostname, strlen(hostname) + 1);
 290
 291         memcpy(rr->key, key, strlen(key) + 1);
 292         rr->type = ns_t_srv;
 293         return 0;
 294 }
 295
 296 static int rwrap_create_fake_uri_rr(const char *key,
 297                                     const char *value,
 298                                     struct rwrap_fake_rr *rr)
 299 {
 300         char *str_prio;
 301         char *str_weight;
 302         const char *uri;
 303
 304         /* parse the value into priority, weight, and uri
 305          * and check the validity */
 306         uri = value;
 307         NEXT_KEY(uri, str_prio);
 308         NEXT_KEY(str_prio, str_weight);
 309         if (uri == NULL) {
 310                 RWRAP_LOG(RWRAP_LOG_ERROR,
 311                           "Malformed URI entry [%s]\n", value);
 312                 return -1;
 313         }
 314
 315         if (str_prio) {
 316                 rr->rrdata.uri_rec.prio = atoi(str_prio);
 317         } else {
 318                 rr->rrdata.uri_rec.prio = DFL_URI_PRIO;
 319         }
 320         if (str_weight) {
 321                 rr->rrdata.uri_rec.weight = atoi(str_weight);
 322         } else {
 323                 rr->rrdata.uri_rec.weight = DFL_URI_WEIGHT;
 324         }
 325         memcpy(rr->rrdata.uri_rec.uri, uri, strlen(uri) + 1);
 326
 327         memcpy(rr->key, key, strlen(key) + 1);
 328         rr->type = ns_t_uri;
 329         return 0;
 330 }
 331
 332 static int rwrap_create_fake_soa_rr(const char *key,
 333                                     const char *value,
 334                                     struct rwrap_fake_rr *rr)
 335 {
 336         const char *nameserver;
 337         char *mailbox;
 338         char *str_serial;
 339         char *str_refresh;
 340         char *str_retry;
 341         char *str_expire;
 342         char *str_minimum;
 343
 344         /* parse the value into nameserver, mailbox, serial, refresh,
 345          * retry, expire, minimum and check the validity
 346          */
 347         nameserver = value;
 348         NEXT_KEY(nameserver, mailbox);
 349         NEXT_KEY(mailbox, str_serial);
 350         NEXT_KEY(str_serial, str_refresh);
 351         NEXT_KEY(str_refresh, str_retry);
 352         NEXT_KEY(str_retry, str_expire);
 353         NEXT_KEY(str_expire, str_minimum);
 354         if (nameserver == NULL || mailbox == NULL || str_serial == NULL ||
 355             str_refresh == NULL || str_retry == NULL || str_expire == NULL ||
 356             str_minimum == NULL) {
 357                 RWRAP_LOG(RWRAP_LOG_ERROR,
 358                           "Malformed SOA entry [%s]\n", value);
 359                 return -1;
 360         }
 361
 362         memcpy(rr->rrdata.soa_rec.nameserver, nameserver, strlen(nameserver)+1);
 363         memcpy(rr->rrdata.soa_rec.mailbox, mailbox, strlen(mailbox)+1);
 364
 365         rr->rrdata.soa_rec.serial = atoi(str_serial);
 366         rr->rrdata.soa_rec.refresh = atoi(str_refresh);
 367         rr->rrdata.soa_rec.retry = atoi(str_retry);
 368         rr->rrdata.soa_rec.expire = atoi(str_expire);
 369         rr->rrdata.soa_rec.minimum = atoi(str_minimum);
 370
 371         memcpy(rr->key, key, strlen(key) + 1);
 372         rr->type = ns_t_soa;
 373         return 0;
 374 }
 375
 376 static int rwrap_create_fake_cname_rr(const char *key,
 377                                       const char *value,
 378                                       struct rwrap_fake_rr *rr)
 379 {
 380         memcpy(rr->rrdata.cname_rec , value, strlen(value) + 1);
 381         memcpy(rr->key, key, strlen(key) + 1);
 382         rr->type = ns_t_cname;
 383         return 0;
 384 }
 385
 386 static int rwrap_create_fake_ptr_rr(const char *key,
 387                                     const char *value,
 388                                     struct rwrap_fake_rr *rr)
 389 {
 390         memcpy(rr->rrdata.ptr_rec , value, strlen(value) + 1);
 391         memcpy(rr->key, key, strlen(key) + 1);
 392         rr->type = ns_t_ptr;
 393         return 0;
 394 }
 395
 396 /* Prepares a fake header with a single response. Advances header_blob */
 397 static ssize_t rwrap_fake_header(uint8_t **header_blob, size_t remaining,
 398                                  size_t ancount, size_t arcount)
 399 {
 400         uint8_t *hb;
 401         HEADER *h;
 402
 403         if (remaining < NS_HFIXEDSZ) {
 404                 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small!\n");
 405                 return -1;
 406         }
 407
 408         hb = *header_blob;
 409         memset(hb, 0, NS_HFIXEDSZ);
 410
 411         h = (HEADER *) hb;
 412         h->id = res_randomid();         /* random query ID */
 413         h->qr = 1;                      /* response flag */
 414         h->rd = 1;                      /* recursion desired */
 415         h->ra = 1;                      /* recursion available */
 416
 417         h->qdcount = htons(1);          /* no. of questions */
 418         h->ancount = htons(ancount);    /* no. of answers */
 419         h->arcount = htons(arcount);    /* no. of add'tl records */
 420
 421         hb += NS_HFIXEDSZ;              /* move past the header */
 422         *header_blob = hb;
 423
 424         return NS_HFIXEDSZ;
 425 }
 426
 427 static ssize_t rwrap_fake_question(const char *question,
 428                                    uint16_t type,
 429                                    uint8_t **question_ptr,
 430                                    size_t remaining)
 431 {
 432         uint8_t *qb = *question_ptr;
 433         int n;
 434
 435         n = ns_name_compress(question, qb, remaining, NULL, NULL);
 436         if (n < 0) {
 437                 RWRAP_LOG(RWRAP_LOG_ERROR,
 438                           "Failed to compress [%s]\n", question);
 439                 return -1;
 440         }
 441
 442         qb += n;
 443         remaining -= n;
 444
 445         if (remaining < 2 * sizeof(uint16_t)) {
 446                 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small!\n");
 447                 return -1;
 448         }
 449
 450         NS_PUT16(type, qb);
 451         NS_PUT16(ns_c_in, qb);
 452
 453         *question_ptr = qb;
 454         return n + 2 * sizeof(uint16_t);
 455 }
 456
 457 static ssize_t rwrap_fake_rdata_common(uint16_t type,
 458                                        size_t rdata_size,
 459                                        const char *key,
 460                                        size_t remaining,
 461                                        uint8_t **rdata_ptr)
 462 {
 463         uint8_t *rd = *rdata_ptr;
 464         ssize_t written = 0;
 465
 466         written = ns_name_compress(key, rd, remaining, NULL, NULL);
 467         if (written < 0) {
 468                 RWRAP_LOG(RWRAP_LOG_ERROR,
 469                           "Failed to compress [%s]\n", key);
 470                 return -1;
 471         }
 472         rd += written;
 473         remaining -= written;
 474
 475         if (remaining < 3 * sizeof(uint16_t) + sizeof(uint32_t)) {
 476                 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small\n");
 477                 return -1;
 478         }
 479
 480         NS_PUT16(type, rd);
 481         NS_PUT16(ns_c_in, rd);
 482         NS_PUT32(RWRAP_DEFAULT_FAKE_TTL, rd);
 483         NS_PUT16(rdata_size, rd);
 484
 485         if (remaining < rdata_size) {
 486                 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small\n");
 487                 return -1;
 488         }
 489
 490         *rdata_ptr = rd;
 491         return written + 3 * sizeof(uint16_t) + sizeof(uint32_t) + rdata_size;
 492 }
 493
 494 static ssize_t rwrap_fake_a(struct rwrap_fake_rr *rr,
 495                             uint8_t *answer_ptr,
 496                             size_t anslen)
 497 {
 498         uint8_t *a = answer_ptr;
 499         ssize_t resp_size;
 500
 501         if (rr->type != ns_t_a) {
 502                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 503                 return -1;
 504         }
 505         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding A RR");
 506
 507         resp_size = rwrap_fake_rdata_common(ns_t_a, sizeof(struct in_addr), rr->key,
 508                                             anslen, &a);
 509         if (resp_size < 0) {
 510                 return -1;
 511         }
 512
 513         memcpy(a, &rr->rrdata.a_rec, sizeof(struct in_addr));
 514
 515         return resp_size;
 516 }
 517
 518 static ssize_t rwrap_fake_aaaa(struct rwrap_fake_rr *rr,
 519                                uint8_t *answer,
 520                                size_t anslen)
 521 {
 522         uint8_t *a = answer;
 523         ssize_t resp_size;
 524
 525         if (rr->type != ns_t_aaaa) {
 526                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 527                 return -1;
 528         }
 529         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding AAAA RR");
 530
 531         resp_size = rwrap_fake_rdata_common(ns_t_aaaa, sizeof(struct in6_addr),
 532                                             rr->key, anslen, &a);
 533         if (resp_size < 0) {
 534                 return -1;
 535         }
 536
 537         memcpy(a, &rr->rrdata.aaaa_rec, sizeof(struct in6_addr));
 538
 539         return resp_size;
 540 }
 541
 542 static ssize_t rwrap_fake_ns(struct rwrap_fake_rr *rr,
 543                              uint8_t *answer,
 544                             size_t anslen)
 545 {
 546         uint8_t *a = answer;
 547         ssize_t resp_size = 0;
 548         size_t rdata_size;
 549         unsigned char hostname_compressed[MAXDNAME];
 550         ssize_t compressed_len;
 551
 552         if (rr->type != ns_t_ns) {
 553                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 554                 return -1;
 555         }
 556         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding NS RR");
 557
 558         /* Prepare the data to write */
 559         compressed_len = ns_name_compress(rr->rrdata.srv_rec.hostname,
 560                                           hostname_compressed,
 561                                           MAXDNAME,
 562                                           NULL,
 563                                           NULL);
 564         if (compressed_len < 0) {
 565                 return -1;
 566         }
 567
 568         /* Is this enough? */
 569         rdata_size = compressed_len;
 570
 571         resp_size = rwrap_fake_rdata_common(ns_t_ns, rdata_size,
 572                                             rr->key, anslen, &a);
 573         if (resp_size < 0) {
 574                 return -1;
 575         }
 576
 577         memcpy(a, hostname_compressed, compressed_len);
 578
 579         return resp_size;
 580 }
 581
 582 static ssize_t rwrap_fake_srv(struct rwrap_fake_rr *rr,
 583                               uint8_t *answer,
 584                               size_t anslen)
 585 {
 586         uint8_t *a = answer;
 587         ssize_t resp_size;
 588         size_t rdata_size;
 589         unsigned char hostname_compressed[MAXDNAME];
 590         ssize_t compressed_len;
 591
 592         if (rr->type != ns_t_srv) {
 593                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 594                 return -1;
 595         }
 596         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding SRV RR");
 597         rdata_size = 3 * sizeof(uint16_t);
 598
 599         /* Prepare the data to write */
 600         compressed_len = ns_name_compress(rr->rrdata.srv_rec.hostname,
 601                                           hostname_compressed, MAXDNAME,
 602                                           NULL, NULL);
 603         if (compressed_len < 0) {
 604                 return -1;
 605         }
 606         rdata_size += compressed_len;
 607
 608         resp_size = rwrap_fake_rdata_common(ns_t_srv, rdata_size,
 609                                             rr->key, anslen, &a);
 610         if (resp_size < 0) {
 611                 return -1;
 612         }
 613
 614         NS_PUT16(rr->rrdata.srv_rec.prio, a);
 615         NS_PUT16(rr->rrdata.srv_rec.weight, a);
 616         NS_PUT16(rr->rrdata.srv_rec.port, a);
 617         memcpy(a, hostname_compressed, compressed_len);
 618
 619         return resp_size;
 620 }
 621
 622 static ssize_t rwrap_fake_uri(struct rwrap_fake_rr *rr,
 623                               uint8_t *answer,
 624                               size_t anslen)
 625 {
 626         uint8_t *a = answer;
 627         ssize_t resp_size;
 628         size_t rdata_size;
 629         size_t uri_len;
 630
 631         if (rr->type != ns_t_uri) {
 632                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 633                 return -1;
 634         }
 635         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding URI RR");
 636         rdata_size = 3 * sizeof(uint16_t);
 637         uri_len = strlen(rr->rrdata.uri_rec.uri) + 1;
 638         rdata_size += uri_len;
 639
 640         resp_size = rwrap_fake_rdata_common(ns_t_uri, rdata_size,
 641                                             rr->key, anslen, &a);
 642         if (resp_size < 0) {
 643                 return -1;
 644         }
 645
 646         NS_PUT16(rr->rrdata.uri_rec.prio, a);
 647         NS_PUT16(rr->rrdata.uri_rec.weight, a);
 648         memcpy(a, rr->rrdata.uri_rec.uri, uri_len);
 649
 650         return resp_size;
 651 }
 652
 653 static ssize_t rwrap_fake_soa(struct rwrap_fake_rr *rr,
 654                               uint8_t *answer,
 655                               size_t anslen)
 656 {
 657         uint8_t *a = answer;
 658         ssize_t resp_size;
 659         size_t rdata_size;
 660         unsigned char nameser_compressed[MAXDNAME];
 661         ssize_t compressed_ns_len;
 662         unsigned char mailbox_compressed[MAXDNAME];
 663         ssize_t compressed_mb_len;
 664
 665         if (rr->type != ns_t_soa) {
 666                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 667                 return -1;
 668         }
 669         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding SOA RR");
 670         rdata_size = 5 * sizeof(uint16_t);
 671
 672         compressed_ns_len = ns_name_compress(rr->rrdata.soa_rec.nameserver,
 673                                              nameser_compressed,
 674                                              MAXDNAME, NULL, NULL);
 675         if (compressed_ns_len < 0) {
 676                 return -1;
 677         }
 678         rdata_size += compressed_ns_len;
 679
 680         compressed_mb_len = ns_name_compress(rr->rrdata.soa_rec.mailbox,
 681                                              mailbox_compressed,
 682                                              MAXDNAME, NULL, NULL);
 683         if (compressed_mb_len < 0) {
 684                 return -1;
 685         }
 686         rdata_size += compressed_mb_len;
 687
 688         resp_size = rwrap_fake_rdata_common(ns_t_soa, rdata_size,
 689                                             rr->key, anslen, &a);
 690         if (resp_size < 0) {
 691                 return -1;
 692         }
 693
 694         memcpy(a, nameser_compressed, compressed_ns_len);
 695         a += compressed_ns_len;
 696         memcpy(a, mailbox_compressed, compressed_mb_len);
 697         a += compressed_mb_len;
 698         NS_PUT32(rr->rrdata.soa_rec.serial, a);
 699         NS_PUT32(rr->rrdata.soa_rec.refresh, a);
 700         NS_PUT32(rr->rrdata.soa_rec.retry, a);
 701         NS_PUT32(rr->rrdata.soa_rec.expire, a);
 702         NS_PUT32(rr->rrdata.soa_rec.minimum, a);
 703
 704         return resp_size;
 705 }
 706
 707 static ssize_t rwrap_fake_cname(struct rwrap_fake_rr *rr,
 708                                 uint8_t *answer,
 709                                 size_t anslen)
 710 {
 711         uint8_t *a = answer;
 712         ssize_t resp_size;
 713         unsigned char hostname_compressed[MAXDNAME];
 714         ssize_t rdata_size;
 715
 716         if (rr->type != ns_t_cname) {
 717                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 718                 return -1;
 719         }
 720         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding CNAME RR");
 721
 722         /* Prepare the data to write */
 723         rdata_size = ns_name_compress(rr->rrdata.cname_rec,
 724                                       hostname_compressed, MAXDNAME,
 725                                       NULL, NULL);
 726         if (rdata_size < 0) {
 727                 return -1;
 728         }
 729
 730         resp_size = rwrap_fake_rdata_common(ns_t_cname, rdata_size,
 731                                             rr->key, anslen, &a);
 732         if (resp_size < 0) {
 733                 return -1;
 734         }
 735
 736         memcpy(a, hostname_compressed, rdata_size);
 737
 738         return resp_size;
 739 }
 740
 741 static ssize_t rwrap_fake_ptr(struct rwrap_fake_rr *rr,
 742                               uint8_t *answer,
 743                               size_t anslen)
 744 {
 745         uint8_t *a = answer;
 746         ssize_t rdata_size;
 747         ssize_t resp_size;
 748         unsigned char hostname_compressed[MAXDNAME];
 749
 750         if (rr->type != ns_t_ptr) {
 751                 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
 752                 return -1;
 753         }
 754         RWRAP_LOG(RWRAP_LOG_TRACE, "Adding PTR RR");
 755
 756         /* Prepare the data to write */
 757         rdata_size = ns_name_compress(rr->rrdata.ptr_rec,
 758                                       hostname_compressed, MAXDNAME,
 759                                       NULL, NULL);
 760         if (rdata_size < 0) {
 761                 return -1;
 762         }
 763
 764         resp_size = rwrap_fake_rdata_common(ns_t_ptr, rdata_size,
 765                                             rr->key, anslen, &a);
 766         if (resp_size < 0) {
 767                 return -1;
 768         }
 769
 770         memcpy(a, hostname_compressed, rdata_size);
 771
 772         return resp_size;
 773 }
 774
 775 #define RESOLV_MATCH(line, name) \
 776         (strncmp(line, name, sizeof(name) - 1) == 0 && \
 777         (line[sizeof(name) - 1] == ' ' || \
 778          line[sizeof(name) - 1] == '\t'))
 779
 780 #define TYPE_MATCH(type, ns_type, rec_type, str_type, key, query) \
 781         ((type) == (ns_type) && \
 782          (strncmp((rec_type), (str_type), sizeof(str_type)) == 0) && \
 783          (strcasecmp(key, query)) == 0)
 784
 785
 786 static int rwrap_get_record(const char *hostfile, unsigned recursion,
 787                             const char *query, int type,
 788                             struct rwrap_fake_rr *rr);
 789
 790 static int rwrap_uri_recurse(const char *hostfile, unsigned recursion,
 791                              const char *query, struct rwrap_fake_rr *rr)
 792 {
 793         int rc;
 794
 795         rc = rwrap_get_record(hostfile, recursion, query, ns_t_uri, rr);
 796         if (rc == ENOENT) {
 797                 rc = 0;
 798         }
 799
 800         return rc;
 801 }
 802
 803 static int rwrap_srv_recurse(const char *hostfile, unsigned recursion,
 804                              const char *query, struct rwrap_fake_rr *rr)
 805 {
 806         int rc;
 807
 808         rc = rwrap_get_record(hostfile, recursion, query, ns_t_a, rr);
 809         if (rc == 0) return 0;
 810
 811         rc = rwrap_get_record(hostfile, recursion, query, ns_t_aaaa, rr);
 812         if (rc == ENOENT) rc = 0;
 813
 814         return rc;
 815 }
 816
 817 static int rwrap_cname_recurse(const char *hostfile, unsigned recursion,
 818                                const char *query, struct rwrap_fake_rr *rr)
 819 {
 820         int rc;
 821
 822         rc = rwrap_get_record(hostfile, recursion, query, ns_t_a, rr);
 823         if (rc == 0) return 0;
 824
 825         rc = rwrap_get_record(hostfile, recursion, query, ns_t_aaaa, rr);
 826         if (rc == 0) return 0;
 827
 828         rc = rwrap_get_record(hostfile, recursion, query, ns_t_cname, rr);
 829         if (rc == ENOENT) rc = 0;
 830
 831         return rc;
 832 }
 833
 834 static int rwrap_get_record(const char *hostfile, unsigned recursion,
 835                             const char *query, int type,
 836                             struct rwrap_fake_rr *rr)
 837 {
 838         FILE *fp = NULL;
 839         char buf[BUFSIZ];
 840         char *key = NULL;
 841         char *value = NULL;
 842         int rc = ENOENT;
 843         unsigned num_uris = 0;
 844
 845         if (recursion >= RWRAP_MAX_RECURSION) {
 846                 RWRAP_LOG(RWRAP_LOG_ERROR, "Recursed too deep!\n");
 847                 return -1;
 848         }
 849
 850         RWRAP_LOG(RWRAP_LOG_TRACE,
 851                   "Searching in fake hosts file %s for %s:%d\n", hostfile,
 852                   query, type);
 853
 854         fp = fopen(hostfile, "r");
 855         if (fp == NULL) {
 856                 RWRAP_LOG(RWRAP_LOG_WARN,
 857                           "Opening %s failed: %s",
 858                           hostfile, strerror(errno));
 859                 return -1;
 860         }
 861
 862         while (fgets(buf, sizeof(buf), fp) != NULL) {
 863                 char *rec_type;
 864                 char *q;
 865
 866                 rec_type = buf;
 867                 key = value = NULL;
 868
 869                 NEXT_KEY(rec_type, key);
 870                 NEXT_KEY(key, value);
 871
 872                 if (key == NULL || value == NULL) {
 873                         RWRAP_LOG(RWRAP_LOG_WARN,
 874                                 "Malformed line: not enough parts, use \"rec_type key data\n"
 875                                 "For example \"A cwrap.org 10.10.10.10\"");
 876                         continue;
 877                 }
 878
 879                 q = value;
 880                 while(q[0] != '\n' && q[0] != '\0') {
 881                         q++;
 882                 }
 883                 q[0] = '\0';
 884
 885                 if (type == ns_t_uri && recursion > 0) {
 886                         /* Skip non-URI records. */
 887                         if (!TYPE_MATCH(type, ns_t_uri, rec_type, "URI", key, query)) {
 888                                 continue;
 889                         }
 890                         /* Skip previous records based on the recurse depth. */
 891                         num_uris++;
 892                         if (num_uris <= recursion) {
 893                                 continue;
 894                         }
 895                 }
 896
 897                 if (TYPE_MATCH(type, ns_t_a, rec_type, "A", key, query)) {
 898                         rc = rwrap_create_fake_a_rr(key, value, rr);
 899                         break;
 900                 } else if (TYPE_MATCH(type, ns_t_aaaa,
 901                                       rec_type, "AAAA", key, query)) {
 902                         rc = rwrap_create_fake_aaaa_rr(key, value, rr);
 903                         break;
 904                 } else if (TYPE_MATCH(type, ns_t_ns,
 905                                       rec_type, "NS", key, query)) {
 906                         rc = rwrap_create_fake_ns_rr(key, value, rr);
 907                         break;
 908                 } else if (TYPE_MATCH(type, ns_t_srv,
 909                                       rec_type, "SRV", key, query)) {
 910                         rc = rwrap_create_fake_srv_rr(key, value, rr);
 911                         if (rc == 0) {
 912                                 rc = rwrap_srv_recurse(hostfile, recursion+1,
 913                                                 rr->rrdata.srv_rec.hostname,
 914                                                 rr + 1);
 915                         }
 916                         break;
 917                 } else if (TYPE_MATCH(type, ns_t_uri,
 918                                       rec_type, "URI", key, query)) {
 919                         rc = rwrap_create_fake_uri_rr(key, value, rr);
 920                         if (rc == 0) {
 921                                 /* Recurse to collect multiple URI answers under a single key. */
 922                                 rc = rwrap_uri_recurse(hostfile, recursion + 1, key, rr + 1);
 923                         }
 924                         break;
 925                 } else if (TYPE_MATCH(type, ns_t_soa,
 926                                       rec_type, "SOA", key, query)) {
 927                         rc = rwrap_create_fake_soa_rr(key, value, rr);
 928                         break;
 929                 } else if (TYPE_MATCH(type, ns_t_cname,
 930                                       rec_type, "CNAME", key, query)) {
 931                         rc = rwrap_create_fake_cname_rr(key, value, rr);
 932                         if (rc == 0) {
 933                                 rc = rwrap_cname_recurse(hostfile, recursion+1,
 934                                                          value, rr + 1);
 935                         }
 936                         break;
 937                 } else if (TYPE_MATCH(type, ns_t_a, rec_type, "CNAME", key, query)) {
 938                         rc = rwrap_create_fake_cname_rr(key, value, rr);
 939                         if (rc == 0) {
 940                                 rc = rwrap_cname_recurse(hostfile, recursion+1,
 941                                                          value, rr + 1);
 942                         }
 943                         break;
 944                 } else if (TYPE_MATCH(type, ns_t_ptr,
 945                                       rec_type, "PTR", key, query)) {
 946                         rc = rwrap_create_fake_ptr_rr(key, value, rr);
 947                         break;
 948                 }
 949         }
 950
 951         if (rc == ENOENT && recursion == 0 && key != NULL) {
 952                 RWRAP_LOG(RWRAP_LOG_TRACE, "Record for [%s] not found\n", query);
 953                 memcpy(rr->key, key, strlen(key) + 1);
 954         }
 955
 956         fclose(fp);
 957         return rc;
 958 }
 959
 960 static ssize_t rwrap_fake_empty(int type,
 961                                 const char *question,
 962                                 uint8_t *answer,
 963                                 size_t anslen)
 964 {
 965         ssize_t resp_data;
 966         size_t remaining = anslen;
 967
 968         resp_data = rwrap_fake_header(&answer, remaining, 0, 0);
 969         if (resp_data < 0) {
 970                 return -1;
 971         }
 972         remaining -= resp_data;
 973
 974         resp_data += rwrap_fake_question(question, type, &answer, remaining);
 975         if (resp_data < 0) {
 976                 return -1;
 977         }
 978         remaining -= resp_data;
 979
 980         resp_data += rwrap_fake_rdata_common(type, 0, question,
 981                                             remaining, &answer);
 982         if (resp_data < 0) {
 983                 return -1;
 984         }
 985
 986         return resp_data;
 987 }
 988
 989 static inline bool rwrap_known_type(int type)
 990 {
 991         switch (type) {
 992         case ns_t_a:
 993         case ns_t_aaaa:
 994         case ns_t_ns:
 995         case ns_t_srv:
 996         case ns_t_uri:
 997         case ns_t_soa:
 998         case ns_t_cname:
 999         case ns_t_ptr:
1000                 return true;
1001         }
1002
1003         return false;
1004 }
1005
1006 static int rwrap_ancount(struct rwrap_fake_rr *rrs, int qtype)
1007 {
1008         int i;
1009         int ancount = 0;
1010
1011         /* For URI return the number of URIs. */
1012         if (qtype == ns_t_uri) {
1013                 for (i = 0; i < RWRAP_MAX_RECURSION; i++) {
1014                         if (rwrap_known_type(rrs[i].type) &&
1015                             rrs[i].type == qtype) {
1016                                 ancount++;
1017                         }
1018                 }
1019                 return ancount;
1020         }
1021
1022         /* Include all RRs in the stack until the sought type
1023          * in the answer section. This is the case i.e. when looking
1024          * up an A record but the name points to a CNAME
1025          */
1026         for (i = 0; i < RWRAP_MAX_RECURSION; i++) {
1027                 ancount++;
1028
1029                 if (rwrap_known_type(rrs[i].type) &&
1030                     rrs[i].type == qtype) {
1031                         break;
1032                 }
1033         }
1034
1035         /* Return 0 records if the sought type wasn't in the stack */
1036         return i < RWRAP_MAX_RECURSION ? ancount : 0;
1037 }
1038
1039 static int rwrap_arcount(struct rwrap_fake_rr *rrs, int ancount)
1040 {
1041         int i;
1042         int arcount = 0;
1043
1044         /* start from index ancount */
1045         for (i = ancount; i < RWRAP_MAX_RECURSION; i++) {
1046                 if (rwrap_known_type(rrs[i].type)) {
1047                         arcount++;
1048                 }
1049         }
1050
1051         return arcount;
1052 }
1053
1054 static ssize_t rwrap_add_rr(struct rwrap_fake_rr *rr,
1055                             uint8_t *answer,
1056                             size_t anslen)
1057 {
1058         ssize_t resp_data;
1059
1060         if (rr == NULL) {
1061                 RWRAP_LOG(RWRAP_LOG_ERROR, "Internal error!\n");
1062                 return -1;
1063         }
1064
1065         switch (rr->type) {
1066         case ns_t_a:
1067                 resp_data = rwrap_fake_a(rr, answer, anslen);
1068                 break;
1069         case ns_t_aaaa:
1070                 resp_data = rwrap_fake_aaaa(rr, answer, anslen);
1071                 break;
1072         case ns_t_ns:
1073                 resp_data = rwrap_fake_ns(rr, answer, anslen);
1074                 break;
1075         case ns_t_srv:
1076                 resp_data = rwrap_fake_srv(rr, answer, anslen);
1077                 break;
1078         case ns_t_uri:
1079                 resp_data = rwrap_fake_uri(rr, answer, anslen);
1080                 break;
1081         case ns_t_soa:
1082                 resp_data = rwrap_fake_soa(rr, answer, anslen);
1083                 break;
1084         case ns_t_cname:
1085                 resp_data = rwrap_fake_cname(rr, answer, anslen);
1086                 break;
1087         case ns_t_ptr:
1088                 resp_data = rwrap_fake_ptr(rr, answer, anslen);
1089                 break;
1090         default:
1091                 return -1;
1092         }
1093
1094         return resp_data;
1095 }
1096
1097 static ssize_t rwrap_fake_answer(struct rwrap_fake_rr *rrs,
1098                                  int type,
1099                                  uint8_t *answer,
1100                                  size_t anslen)
1101
1102 {
1103         ssize_t resp_data;
1104         ssize_t rrlen;
1105         size_t remaining = anslen;
1106         int ancount;
1107         int arcount;
1108         int i;
1109
1110         ancount = rwrap_ancount(rrs, type);
1111         arcount = rwrap_arcount(rrs, ancount);
1112         RWRAP_LOG(RWRAP_LOG_TRACE,
1113                   "Got %d answers and %d additional records\n", ancount, arcount);
1114
1115         resp_data = rwrap_fake_header(&answer, remaining, ancount, arcount);
1116         if (resp_data < 0) {
1117                 return -1;
1118         }
1119         remaining -= resp_data;
1120
1121         resp_data += rwrap_fake_question(rrs->key, rrs->type, &answer, remaining);
1122         if (resp_data < 0) {
1123                 return -1;
1124         }
1125         remaining -= resp_data;
1126
1127         /* answer */
1128         for (i = 0; i < ancount; i++) {
1129                 rrlen = rwrap_add_rr(&rrs[i], answer, remaining);
1130                 if (rrlen < 0) {
1131                         return -1;
1132                 }
1133                 remaining -= rrlen;
1134                 answer += rrlen;
1135                 resp_data += rrlen;
1136         }
1137
1138         /* add authoritative NS here? */
1139
1140         /* additional records */
1141         for (i = ancount; i < ancount + arcount; i++) {
1142                 rrlen = rwrap_add_rr(&rrs[i], answer, remaining);
1143                 if (rrlen < 0) {
1144                         return -1;
1145                 }
1146                 remaining -= rrlen;
1147                 answer += rrlen;
1148                 resp_data += rrlen;
1149         }
1150
1151         return resp_data;
1152 }
1153
1154 /* Reads in a file in the following format:
1155  * TYPE RDATA
1156  *
1157  * Malformed entries are silently skipped.
1158  * Allocates answer buffer of size anslen that has to be freed after use.
1159  */
1160 static int rwrap_res_fake_hosts(const char *hostfile,
1161                                 const char *query,
1162                                 int type,
1163                                 unsigned char *answer,
1164                                 size_t anslen)
1165 {
1166         int rc = ENOENT;
1167         char *query_name = NULL;
1168         size_t qlen = strlen(query);
1169         struct rwrap_fake_rr rrs[RWRAP_MAX_RECURSION];
1170         ssize_t resp_size;
1171
1172         RWRAP_LOG(RWRAP_LOG_TRACE,
1173                   "Searching in fake hosts file %s\n", hostfile);
1174
1175         if (qlen > 0 && query[qlen-1] == '.') {
1176                 qlen--;
1177         }
1178
1179         query_name = strndup(query, qlen);
1180         if (query_name == NULL) {
1181                 return -1;
1182         }
1183
1184         rwrap_fake_rr_init(rrs, RWRAP_MAX_RECURSION);
1185
1186         rc = rwrap_get_record(hostfile, 0, query_name, type, rrs);
1187         switch (rc) {
1188         case 0:
1189                 RWRAP_LOG(RWRAP_LOG_TRACE,
1190                                 "Found record for [%s]\n", query_name);
1191                 resp_size = rwrap_fake_answer(rrs, type, answer, anslen);
1192                 break;
1193         case ENOENT:
1194                 RWRAP_LOG(RWRAP_LOG_TRACE,
1195                                 "No record for [%s]\n", query_name);
1196                 resp_size = rwrap_fake_empty(type, rrs->key, answer, anslen);
1197                 break;
1198         default:
1199                 RWRAP_LOG(RWRAP_LOG_NOTICE,
1200                           "Searching for [%s] did not return any results\n",
1201                           query_name);
1202                 free(query_name);
1203                 return -1;
1204         }
1205
1206         switch (resp_size) {
1207         case -1:
1208                 RWRAP_LOG(RWRAP_LOG_ERROR,
1209                                 "Error faking answer for [%s]\n", query_name);
1210                 break;
1211         default:
1212                 RWRAP_LOG(RWRAP_LOG_TRACE,
1213                                 "Successfully faked answer for [%s]\n",
1214                                 query_name);
1215                 break;
1216         }
1217
1218         free(query_name);
1219         return resp_size;
1220 }
1221
1222 /*********************************************************
1223  * RWRAP LOADING LIBC FUNCTIONS
1224  *********************************************************/
1225
1226 #include <dlfcn.h>
1227
1228 typedef int (*__libc_res_ninit)(struct __res_state *state);
1229 typedef int (*__libc___res_ninit)(struct __res_state *state);
1230 typedef void (*__libc_res_nclose)(struct __res_state *state);
1231 typedef void (*__libc___res_nclose)(struct __res_state *state);
1232 typedef int (*__libc_res_nquery)(struct __res_state *state,
1233                                  const char *dname,
1234                                  int class,
1235                                  int type,
1236                                  unsigned char *answer,
1237                                  int anslen);
1238 typedef int (*__libc___res_nquery)(struct __res_state *state,
1239                                    const char *dname,
1240                                    int class,
1241                                    int type,
1242                                    unsigned char *answer,
1243                                    int anslen);
1244 typedef int (*__libc_res_nsearch)(struct __res_state *state,
1245                                   const char *dname,
1246                                   int class,
1247                                   int type,
1248                                   unsigned char *answer,
1249                                   int anslen);
1250 typedef int (*__libc___res_nsearch)(struct __res_state *state,
1251                                     const char *dname,
1252                                     int class,
1253                                     int type,
1254                                     unsigned char *answer,
1255                                     int anslen);
1256
1257 #define RWRAP_SYMBOL_ENTRY(i) \
1258         union { \
1259                 __libc_##i f; \
1260                 void *obj; \
1261         } _libc_##i
1262
1263 struct rwrap_libc_symbols {
1264         RWRAP_SYMBOL_ENTRY(res_ninit);
1265         RWRAP_SYMBOL_ENTRY(__res_ninit);
1266         RWRAP_SYMBOL_ENTRY(res_nclose);
1267         RWRAP_SYMBOL_ENTRY(__res_nclose);
1268         RWRAP_SYMBOL_ENTRY(res_nquery);
1269         RWRAP_SYMBOL_ENTRY(__res_nquery);
1270         RWRAP_SYMBOL_ENTRY(res_nsearch);
1271         RWRAP_SYMBOL_ENTRY(__res_nsearch);
1272 };
1273 #undef RWRAP_SYMBOL_ENTRY
1274
1275 struct rwrap {
1276         struct {
1277                 void *handle;
1278                 struct rwrap_libc_symbols symbols;
1279         } libc;
1280
1281         struct {
1282                 void *handle;
1283                 struct rwrap_libc_symbols symbols;
1284         } libresolv;
1285
1286         bool initialised;
1287         bool enabled;
1288
1289         char *socket_dir;
1290 };
1291
1292 static struct rwrap rwrap;
1293
1294 enum rwrap_lib {
1295     RWRAP_LIBC,
1296     RWRAP_LIBRESOLV
1297 };
1298
1299 static const char *rwrap_str_lib(enum rwrap_lib lib)
1300 {
1301         switch (lib) {
1302         case RWRAP_LIBC:
1303                 return "libc";
1304         case RWRAP_LIBRESOLV:
1305                 return "libresolv";
1306         }
1307
1308         /* Compiler would warn us about unhandled enum value if we get here */
1309         return "unknown";
1310 }
1311
1312 static void *rwrap_load_lib_handle(enum rwrap_lib lib)
1313 {
1314         int flags = RTLD_LAZY;
1315         void *handle = NULL;
1316         int i;
1317
1318 #ifdef RTLD_DEEPBIND
1319         flags |= RTLD_DEEPBIND;
1320 #endif
1321
1322         switch (lib) {
1323         case RWRAP_LIBRESOLV:
1324 #ifdef HAVE_LIBRESOLV
1325                 handle = rwrap.libresolv.handle;
1326                 if (handle == NULL) {
1327                         for (i = 10; i >= 0; i--) {
1328                                 char soname[256] = {0};
1329
1330                                 snprintf(soname, sizeof(soname), "libresolv.so.%d", i);
1331                                 handle = dlopen(soname, flags);
1332                                 if (handle != NULL) {
1333                                         break;
1334                                 }
1335                         }
1336
1337                         rwrap.libresolv.handle = handle;
1338                 }
1339                 break;
1340 #endif
1341                 /* FALL TROUGH */
1342         case RWRAP_LIBC:
1343                 handle = rwrap.libc.handle;
1344 #ifdef LIBC_SO
1345                 if (handle == NULL) {
1346                         handle = dlopen(LIBC_SO, flags);
1347
1348                         rwrap.libc.handle = handle;
1349                 }
1350 #endif
1351                 if (handle == NULL) {
1352                         for (i = 10; i >= 0; i--) {
1353                                 char soname[256] = {0};
1354
1355                                 snprintf(soname, sizeof(soname), "libc.so.%d", i);
1356                                 handle = dlopen(soname, flags);
1357                                 if (handle != NULL) {
1358                                         break;
1359                                 }
1360                         }
1361
1362                         rwrap.libc.handle = handle;
1363                 }
1364                 break;
1365         }
1366
1367         if (handle == NULL) {
1368 #ifdef RTLD_NEXT
1369                 handle = rwrap.libc.handle = rwrap.libresolv.handle = RTLD_NEXT;
1370 #else
1371                 RWRAP_LOG(RWRAP_LOG_ERROR,
1372                           "Failed to dlopen library: %s\n",
1373                           dlerror());
1374                 exit(-1);
1375 #endif
1376         }
1377
1378         return handle;
1379 }
1380
1381 static void *_rwrap_bind_symbol(enum rwrap_lib lib, const char *fn_name)
1382 {
1383         void *handle;
1384         void *func;
1385
1386         handle = rwrap_load_lib_handle(lib);
1387
1388         func = dlsym(handle, fn_name);
1389         if (func == NULL) {
1390                 RWRAP_LOG(RWRAP_LOG_ERROR,
1391                                 "Failed to find %s: %s\n",
1392                                 fn_name, dlerror());
1393                 exit(-1);
1394         }
1395
1396         RWRAP_LOG(RWRAP_LOG_TRACE,
1397                         "Loaded %s from %s",
1398                         fn_name, rwrap_str_lib(lib));
1399         return func;
1400 }
1401
1402 #define rwrap_bind_symbol_libc(sym_name) \
1403         if (rwrap.libc.symbols._libc_##sym_name.obj == NULL) { \
1404                 rwrap.libc.symbols._libc_##sym_name.obj = \
1405                         _rwrap_bind_symbol(RWRAP_LIBC, #sym_name); \
1406         }
1407
1408 #define rwrap_bind_symbol_libresolv(sym_name) \
1409         if (rwrap.libresolv.symbols._libc_##sym_name.obj == NULL) { \
1410                 rwrap.libresolv.symbols._libc_##sym_name.obj = \
1411                         _rwrap_bind_symbol(RWRAP_LIBRESOLV, #sym_name); \
1412         }
1413
1414 /*
1415  * IMPORTANT
1416  *
1417  * Functions especially from libc need to be loaded individually, you can't load
1418  * all at once or gdb will segfault at startup. The same applies to valgrind and
1419  * has probably something todo with with the linker.
1420  * So we need load each function at the point it is called the first time.
1421  */
1422
1423 static int libc_res_ninit(struct __res_state *state)
1424 {
1425 #if !defined(res_ninit) && defined(HAVE_RES_NINIT)
1426
1427 #if defined(HAVE_RES_NINIT_IN_LIBRESOLV)
1428         rwrap_bind_symbol_libresolv(res_ninit);
1429
1430         return rwrap.libresolv.symbols._libc_res_ninit.f(state);
1431 #else /* HAVE_RES_NINIT_IN_LIBRESOLV */
1432         rwrap_bind_symbol_libc(res_ninit);
1433
1434         return rwrap.libc.symbols._libc_res_ninit.f(state);
1435 #endif /* HAVE_RES_NINIT_IN_LIBRESOLV */
1436
1437 #elif defined(HAVE___RES_NINIT)
1438         rwrap_bind_symbol_libc(__res_ninit);
1439
1440         return rwrap.libc.symbols._libc___res_ninit.f(state);
1441 #else
1442 #error "No res_ninit function"
1443 #endif
1444 }
1445
1446 static void libc_res_nclose(struct __res_state *state)
1447 {
1448 #if !defined(res_close) && defined(HAVE_RES_NCLOSE)
1449
1450 #if defined(HAVE_RES_NCLOSE_IN_LIBRESOLV)
1451         rwrap_bind_symbol_libresolv(res_nclose);
1452
1453         rwrap.libresolv.symbols._libc_res_nclose.f(state);
1454         return;
1455 #else /* HAVE_RES_NCLOSE_IN_LIBRESOLV */
1456         rwrap_bind_symbol_libc(res_nclose);
1457
1458         rwrap.libc.symbols._libc_res_nclose.f(state);
1459         return;
1460 #endif /* HAVE_RES_NCLOSE_IN_LIBRESOLV */
1461
1462 #elif defined(HAVE___RES_NCLOSE)
1463         rwrap_bind_symbol_libc(__res_nclose);
1464
1465         rwrap.libc.symbols._libc___res_nclose.f(state);
1466 #else
1467 #error "No res_nclose function"
1468 #endif
1469 }
1470
1471 static int libc_res_nquery(struct __res_state *state,
1472                            const char *dname,
1473                            int class,
1474                            int type,
1475                            unsigned char *answer,
1476                            int anslen)
1477 {
1478 #if !defined(res_nquery) && defined(HAVE_RES_NQUERY)
1479         rwrap_bind_symbol_libresolv(res_nquery);
1480
1481         return rwrap.libresolv.symbols._libc_res_nquery.f(state,
1482                                                           dname,
1483                                                           class,
1484                                                           type,
1485                                                           answer,
1486                                                           anslen);
1487 #elif defined(HAVE___RES_NQUERY)
1488         rwrap_bind_symbol_libresolv(__res_nquery);
1489
1490         return rwrap.libresolv.symbols._libc___res_nquery.f(state,
1491                                                             dname,
1492                                                             class,
1493                                                             type,
1494                                                             answer,
1495                                                             anslen);
1496 #else
1497 #error "No res_nquery function"
1498 #endif
1499 }
1500
1501 static int libc_res_nsearch(struct __res_state *state,
1502                             const char *dname,
1503                             int class,
1504                             int type,
1505                             unsigned char *answer,
1506                             int anslen)
1507 {
1508 #if !defined(res_nsearch) && defined(HAVE_RES_NSEARCH)
1509         rwrap_bind_symbol_libresolv(res_nsearch);
1510
1511         return rwrap.libresolv.symbols._libc_res_nsearch.f(state,
1512                                                            dname,
1513                                                            class,
1514                                                            type,
1515                                                            answer,
1516                                                            anslen);
1517 #elif defined(HAVE___RES_NSEARCH)
1518         rwrap_bind_symbol_libresolv(__res_nsearch);
1519
1520         return rwrap.libresolv.symbols._libc___res_nsearch.f(state,
1521                                                              dname,
1522                                                              class,
1523                                                              type,
1524                                                              answer,
1525                                                              anslen);
1526 #else
1527 #error "No res_nsearch function"
1528 #endif
1529 }
1530
1531 /****************************************************************************
1532  *   RES_HELPER
1533  ***************************************************************************/
1534
1535 static int rwrap_parse_resolv_conf(struct __res_state *state,
1536                                    const char *resolv_conf)
1537 {
1538         FILE *fp;
1539         char buf[BUFSIZ];
1540         int nserv = 0;
1541
1542         fp = fopen(resolv_conf, "r");
1543         if (fp == NULL) {
1544                 RWRAP_LOG(RWRAP_LOG_ERROR,
1545                           "Opening %s failed: %s",
1546                           resolv_conf, strerror(errno));
1547                 return -1;
1548         }
1549
1550         while(fgets(buf, sizeof(buf), fp) != NULL) {
1551                 char *p;
1552
1553                 /* Ignore comments */
1554                 if (buf[0] == '#' || buf[0] == ';') {
1555                         continue;
1556                 }
1557
1558                 if (RESOLV_MATCH(buf, "nameserver") && nserv < MAXNS) {
1559                         struct in_addr a;
1560                         char *q;
1561                         int ok;
1562
1563                         p = buf + strlen("nameserver");
1564
1565                         /* Skip spaces and tabs */
1566                         while(isblank((int)p[0])) {
1567                                 p++;
1568                         }
1569
1570                         q = p;
1571                         while(q[0] != '\n' && q[0] != '\0') {
1572                                 q++;
1573                         }
1574                         q[0] = '\0';
1575
1576                         ok = inet_pton(AF_INET, p, &a);
1577                         if (ok) {
1578                                 state->nsaddr_list[state->nscount] = (struct sockaddr_in) {
1579                                         .sin_family = AF_INET,
1580                                         .sin_addr = a,
1581                                         .sin_port = htons(53),
1582                                         .sin_zero = { 0 },
1583                                 };
1584
1585                                 state->nscount++;
1586                                 nserv++;
1587                         } else {
1588 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1589                                 /* IPv6 */
1590                                 struct in6_addr a6;
1591                                 ok = inet_pton(AF_INET6, p, &a6);
1592                                 if (ok) {
1593                                         struct sockaddr_in6 *sa6;
1594
1595                                         sa6 = malloc(sizeof(*sa6));
1596                                         if (sa6 == NULL) {
1597                                                 fclose(fp);
1598                                                 return -1;
1599                                         }
1600
1601                                         sa6->sin6_family = AF_INET6;
1602                                         sa6->sin6_port = htons(53);
1603                                         sa6->sin6_flowinfo = 0;
1604                                         sa6->sin6_addr = a6;
1605
1606                                         state->_u._ext.nsaddrs[state->_u._ext.nscount] = sa6;
1607                                         state->_u._ext.nssocks[state->_u._ext.nscount] = -1;
1608                                         state->_u._ext.nsmap[state->_u._ext.nscount] = MAXNS + 1;
1609
1610                                         state->_u._ext.nscount++;
1611                                         nserv++;
1612                                 } else {
1613                                         RWRAP_LOG(RWRAP_LOG_ERROR,
1614                                                 "Malformed DNS server");
1615                                         continue;
1616                                 }
1617 #else /* !HAVE_RESOLV_IPV6_NSADDRS */
1618                                 /*
1619                                  * BSD uses an opaque structure to store the
1620                                  * IPv6 addresses. So we can not simply store
1621                                  * these addresses the same way as above.
1622                                  */
1623                                 RWRAP_LOG(RWRAP_LOG_WARN,
1624                                           "resolve_wrapper does not support "
1625                                           "IPv6 on this platform");
1626                                         continue;
1627 #endif
1628                         }
1629                         continue;
1630                 } /* TODO: match other keywords */
1631         }
1632
1633         if (ferror(fp)) {
1634                 RWRAP_LOG(RWRAP_LOG_ERROR,
1635                           "Reading from %s failed",
1636                           resolv_conf);
1637                 fclose(fp);
1638                 return -1;
1639         }
1640
1641         fclose(fp);
1642         return 0;
1643 }
1644
1645 /****************************************************************************
1646  *   RES_NINIT
1647  ***************************************************************************/
1648
1649 static int rwrap_res_ninit(struct __res_state *state)
1650 {
1651         int rc;
1652
1653         rc = libc_res_ninit(state);
1654         if (rc == 0) {
1655                 const char *resolv_conf = getenv("RESOLV_WRAPPER_CONF");
1656
1657                 if (resolv_conf != NULL) {
1658                         uint16_t i;
1659
1660                         (void)i; /* maybe unused */
1661
1662                         /* Delete name servers */
1663                         state->nscount = 0;
1664                         memset(state->nsaddr_list, 0, sizeof(state->nsaddr_list));
1665
1666 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1667                         state->_u._ext.nscount = 0;
1668                         for (i = 0; i < state->_u._ext.nscount; i++) {
1669                                 SAFE_FREE(state->_u._ext.nsaddrs[i]);
1670                         }
1671 #endif
1672
1673                         rc = rwrap_parse_resolv_conf(state, resolv_conf);
1674                 }
1675         }
1676
1677         return rc;
1678 }
1679
1680 #if !defined(res_ninit) && defined(HAVE_RES_NINIT)
1681 int res_ninit(struct __res_state *state)
1682 #elif defined(HAVE___RES_NINIT)
1683 int __res_ninit(struct __res_state *state)
1684 #endif
1685 {
1686         return rwrap_res_ninit(state);
1687 }
1688
1689 /****************************************************************************
1690  *   RES_INIT
1691  ***************************************************************************/
1692
1693 static struct __res_state rwrap_res_state;
1694
1695 static int rwrap_res_init(void)
1696 {
1697         int rc;
1698
1699         rc = rwrap_res_ninit(&rwrap_res_state);
1700
1701         return rc;
1702 }
1703
1704 #if !defined(res_ninit) && defined(HAVE_RES_INIT)
1705 int res_init(void)
1706 #elif defined(HAVE___RES_INIT)
1707 int __res_init(void)
1708 #endif
1709 {
1710         return rwrap_res_init();
1711 }
1712
1713 /****************************************************************************
1714  *   RES_NCLOSE
1715  ***************************************************************************/
1716
1717 static void rwrap_res_nclose(struct __res_state *state)
1718 {
1719 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1720         int i;
1721 #endif
1722
1723         libc_res_nclose(state);
1724
1725 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1726         if (state != NULL) {
1727                 for (i = 0; i < state->_u._ext.nscount; i++) {
1728                         SAFE_FREE(state->_u._ext.nsaddrs[i]);
1729                 }
1730         }
1731 #endif
1732 }
1733
1734 #if !defined(res_nclose) && defined(HAVE_RES_NCLOSE)
1735 void res_nclose(struct __res_state *state)
1736 #elif defined(HAVE___RES_NCLOSE)
1737 void __res_nclose(struct __res_state *state)
1738 #endif
1739 {
1740         rwrap_res_nclose(state);
1741 }
1742
1743 /****************************************************************************
1744  *   RES_CLOSE
1745  ***************************************************************************/
1746
1747 static void rwrap_res_close(void)
1748 {
1749         rwrap_res_nclose(&rwrap_res_state);
1750 }
1751
1752 #if defined(HAVE_RES_CLOSE)
1753 void res_close(void)
1754 #elif defined(HAVE___RES_CLOSE)
1755 void __res_close(void)
1756 #endif
1757 {
1758         rwrap_res_close();
1759 }
1760
1761 /****************************************************************************
1762  *   RES_NQUERY
1763  ***************************************************************************/
1764
1765 static int rwrap_res_nquery(struct __res_state *state,
1766                             const char *dname,
1767                             int class,
1768                             int type,
1769                             unsigned char *answer,
1770                             int anslen)
1771 {
1772         int rc;
1773         const char *fake_hosts;
1774 #ifndef NDEBUG
1775         int i;
1776 #endif
1777
1778         RWRAP_LOG(RWRAP_LOG_TRACE,
1779                   "Resolve the domain name [%s] - class=%d, type=%d",
1780                   dname, class, type);
1781 #ifndef NDEBUG
1782         for (i = 0; i < state->nscount; i++) {
1783                 char ip[INET6_ADDRSTRLEN];
1784
1785                 inet_ntop(AF_INET, &state->nsaddr_list[i].sin_addr, ip, sizeof(ip));
1786                 RWRAP_LOG(RWRAP_LOG_TRACE,
1787                           "        nameserver: %s",
1788                           ip);
1789         }
1790 #endif
1791
1792         fake_hosts = getenv("RESOLV_WRAPPER_HOSTS");
1793         if (fake_hosts != NULL) {
1794                 rc = rwrap_res_fake_hosts(fake_hosts, dname, type, answer, anslen);
1795         } else {
1796                 rc = libc_res_nquery(state, dname, class, type, answer, anslen);
1797         }
1798
1799
1800         RWRAP_LOG(RWRAP_LOG_TRACE,
1801                   "The returned response length is: %d",
1802                   rc);
1803
1804         return rc;
1805 }
1806
1807 #if !defined(res_nquery) && defined(HAVE_RES_NQUERY)
1808 int res_nquery(struct __res_state *state,
1809                const char *dname,
1810                int class,
1811                int type,
1812                unsigned char *answer,
1813                int anslen)
1814 #elif defined(HAVE___RES_NQUERY)
1815 int __res_nquery(struct __res_state *state,
1816                  const char *dname,
1817                  int class,
1818                  int type,
1819                  unsigned char *answer,
1820                  int anslen)
1821 #endif
1822 {
1823         return rwrap_res_nquery(state, dname, class, type, answer, anslen);
1824 }
1825
1826 /****************************************************************************
1827  *   RES_QUERY
1828  ***************************************************************************/
1829
1830 static int rwrap_res_query(const char *dname,
1831                            int class,
1832                            int type,
1833                            unsigned char *answer,
1834                            int anslen)
1835 {
1836         int rc;
1837
1838         rc = rwrap_res_ninit(&rwrap_res_state);
1839         if (rc != 0) {
1840                 return rc;
1841         }
1842
1843         rc = rwrap_res_nquery(&rwrap_res_state,
1844                               dname,
1845                               class,
1846                               type,
1847                               answer,
1848                               anslen);
1849
1850         return rc;
1851 }
1852
1853 #if !defined(res_query) && defined(HAVE_RES_QUERY)
1854 int res_query(const char *dname,
1855               int class,
1856               int type,
1857               unsigned char *answer,
1858               int anslen)
1859 #elif defined(HAVE___RES_QUERY)
1860 int __res_query(const char *dname,
1861                 int class,
1862                 int type,
1863                 unsigned char *answer,
1864                 int anslen)
1865 #endif
1866 {
1867         return rwrap_res_query(dname, class, type, answer, anslen);
1868 }
1869
1870 /****************************************************************************
1871  *   RES_NSEARCH
1872  ***************************************************************************/
1873
1874 static int rwrap_res_nsearch(struct __res_state *state,
1875                              const char *dname,
1876                              int class,
1877                              int type,
1878                              unsigned char *answer,
1879                              int anslen)
1880 {
1881         int rc;
1882         const char *fake_hosts;
1883 #ifndef NDEBUG
1884         int i;
1885 #endif
1886
1887         RWRAP_LOG(RWRAP_LOG_TRACE,
1888                   "Resolve the domain name [%s] - class=%d, type=%d",
1889                   dname, class, type);
1890 #ifndef NDEBUG
1891         for (i = 0; i < state->nscount; i++) {
1892                 char ip[INET6_ADDRSTRLEN];
1893
1894                 inet_ntop(AF_INET, &state->nsaddr_list[i].sin_addr, ip, sizeof(ip));
1895                 RWRAP_LOG(RWRAP_LOG_TRACE,
1896                           "        nameserver: %s",
1897                           ip);
1898         }
1899 #endif
1900
1901         fake_hosts = getenv("RESOLV_WRAPPER_HOSTS");
1902         if (fake_hosts != NULL) {
1903                 rc = rwrap_res_fake_hosts(fake_hosts, dname, type, answer, anslen);
1904         } else {
1905                 rc = libc_res_nsearch(state, dname, class, type, answer, anslen);
1906         }
1907
1908         RWRAP_LOG(RWRAP_LOG_TRACE,
1909                   "The returned response length is: %d",
1910                   rc);
1911
1912         return rc;
1913 }
1914
1915 #if !defined(res_nsearch) && defined(HAVE_RES_NSEARCH)
1916 int res_nsearch(struct __res_state *state,
1917                 const char *dname,
1918                 int class,
1919                 int type,
1920                 unsigned char *answer,
1921                 int anslen)
1922 #elif defined(HAVE___RES_NSEARCH)
1923 int __res_nsearch(struct __res_state *state,
1924                   const char *dname,
1925                   int class,
1926                   int type,
1927                   unsigned char *answer,
1928                   int anslen)
1929 #endif
1930 {
1931         return rwrap_res_nsearch(state, dname, class, type, answer, anslen);
1932 }
1933
1934 /****************************************************************************
1935  *   RES_SEARCH
1936  ***************************************************************************/
1937
1938 static int rwrap_res_search(const char *dname,
1939                             int class,
1940                             int type,
1941                             unsigned char *answer,
1942                             int anslen)
1943 {
1944         int rc;
1945
1946         rc = rwrap_res_ninit(&rwrap_res_state);
1947         if (rc != 0) {
1948                 return rc;
1949         }
1950
1951         rc = rwrap_res_nsearch(&rwrap_res_state,
1952                                dname,
1953                                class,
1954                                type,
1955                                answer,
1956                                anslen);
1957
1958         return rc;
1959 }
1960
1961 #if !defined(res_search) && defined(HAVE_RES_SEARCH)
1962 int res_search(const char *dname,
1963                int class,
1964                int type,
1965                unsigned char *answer,
1966                int anslen)
1967 #elif defined(HAVE___RES_SEARCH)
1968 int __res_search(const char *dname,
1969                  int class,
1970                  int type,
1971                  unsigned char *answer,
1972                  int anslen)
1973 #endif
1974 {
1975         return rwrap_res_search(dname, class, type, answer, anslen);
1976 }