2 * Copyright (c) 2014-2018 Andreas Schneider <asn@samba.org>
3 * Copyright (c) 2014-2016 Jakub Hrozek <jakub.hrozek@posteo.se>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
18 * 3. Neither the name of the author nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
38 #include <arpa/inet.h>
39 #ifdef HAVE_ARPA_NAMESER_H
40 #include <arpa/nameser.h>
41 #endif /* HAVE_ARPA_NAMESER_H */
42 #include <netinet/in.h>
43 #include <sys/socket.h>
44 #include <sys/types.h>
55 /* GCC has printf type attribute check. */
56 #ifdef HAVE_ATTRIBUTE_PRINTF_FORMAT
57 #define PRINTF_ATTRIBUTE(a,b) __attribute__ ((__format__ (__printf__, a, b)))
59 #define PRINTF_ATTRIBUTE(a,b)
60 #endif /* HAVE_ATTRIBUTE_PRINTF_FORMAT */
62 #ifdef HAVE_DESTRUCTOR_ATTRIBUTE
63 #define DESTRUCTOR_ATTRIBUTE __attribute__ ((destructor))
65 #define DESTRUCTOR_ATTRIBUTE
66 #endif /* HAVE_DESTRUCTOR_ATTRIBUTE */
68 #ifndef RWRAP_DEFAULT_FAKE_TTL
69 #define RWRAP_DEFAULT_FAKE_TTL 600
70 #endif /* RWRAP_DEFAULT_FAKE_TTL */
72 #ifndef HAVE_NS_NAME_COMPRESS
73 #define ns_name_compress dn_comp
86 static void rwrap_log(enum rwrap_dbglvl_e dbglvl, const char *func, const char *format, ...) PRINTF_ATTRIBUTE(3, 4);
87 # define RWRAP_LOG(dbglvl, ...) rwrap_log((dbglvl), __func__, __VA_ARGS__)
89 static void rwrap_log(enum rwrap_dbglvl_e dbglvl,
91 const char *format, ...)
98 const char *prefix = NULL;
100 d = getenv("RESOLV_WRAPPER_DEBUGLEVEL");
109 va_start(va, format);
110 vsnprintf(buffer, sizeof(buffer), format, va);
114 case RWRAP_LOG_ERROR:
115 prefix = "RWRAP_ERROR";
118 prefix = "RWRAP_WARN";
120 case RWRAP_LOG_NOTICE:
121 prefix = "RWRAP_NOTICE";
123 case RWRAP_LOG_DEBUG:
124 prefix = "RWRAP_DEBUG";
126 case RWRAP_LOG_TRACE:
127 prefix = "RWRAP_TRACE";
140 #define SAFE_FREE(x) do { if ((x) != NULL) {free(x); (x)=NULL;} } while(0)
143 #define NEXT_KEY(buf, key) do { \
144 (key) = (buf) ? strpbrk((buf), " \t") : NULL; \
145 if ((key) != NULL) { \
149 while ((key) != NULL \
150 && (isblank((int)(key)[0]))) { \
155 #define RWRAP_MAX_RECURSION 64
157 /* Priority and weight can be omitted from the hosts file, but need to be part
160 #define DFL_SRV_PRIO 1
161 #define DFL_SRV_WEIGHT 100
162 #define DFL_URI_PRIO 1
163 #define DFL_URI_WEIGHT 100
165 struct rwrap_srv_rrdata {
169 char hostname[MAXDNAME];
172 struct rwrap_uri_rrdata {
178 struct rwrap_soa_rrdata {
184 char nameserver[MAXDNAME];
185 char mailbox[MAXDNAME];
188 struct rwrap_fake_rr {
190 struct in_addr a_rec;
191 struct in6_addr aaaa_rec;
192 struct rwrap_srv_rrdata srv_rec;
193 struct rwrap_uri_rrdata uri_rec;
194 struct rwrap_soa_rrdata soa_rec;
195 char cname_rec[MAXDNAME];
196 char ptr_rec[MAXDNAME];
200 int type; /* ns_t_* */
203 static void rwrap_fake_rr_init(struct rwrap_fake_rr *rr, size_t len)
207 for (i = 0; i < len; i++) {
208 rr[i].type = ns_t_invalid;
212 static int rwrap_create_fake_a_rr(const char *key,
214 struct rwrap_fake_rr *rr)
218 ok = inet_pton(AF_INET, value, &rr->rrdata.a_rec);
220 RWRAP_LOG(RWRAP_LOG_ERROR,
221 "Failed to convert [%s] to binary\n", value);
225 memcpy(rr->key, key, strlen(key) + 1);
230 static int rwrap_create_fake_aaaa_rr(const char *key,
232 struct rwrap_fake_rr *rr)
236 ok = inet_pton(AF_INET6, value, &rr->rrdata.aaaa_rec);
238 RWRAP_LOG(RWRAP_LOG_ERROR,
239 "Failed to convert [%s] to binary\n", value);
243 memcpy(rr->key, key, strlen(key) + 1);
244 rr->type = ns_t_aaaa;
247 static int rwrap_create_fake_ns_rr(const char *key,
249 struct rwrap_fake_rr *rr)
251 memcpy(rr->rrdata.srv_rec.hostname, value, strlen(value) + 1);
252 memcpy(rr->key, key, strlen(key) + 1);
257 static int rwrap_create_fake_srv_rr(const char *key,
259 struct rwrap_fake_rr *rr)
264 const char *hostname;
266 /* parse the value into priority, weight, port and hostname
267 * and check the validity */
269 NEXT_KEY(hostname, str_port);
270 NEXT_KEY(str_port, str_prio);
271 NEXT_KEY(str_prio, str_weight);
272 if (str_port == NULL || hostname == NULL) {
273 RWRAP_LOG(RWRAP_LOG_ERROR,
274 "Malformed SRV entry [%s]\n", value);
279 rr->rrdata.srv_rec.prio = atoi(str_prio);
281 rr->rrdata.srv_rec.prio = DFL_SRV_PRIO;
284 rr->rrdata.srv_rec.weight = atoi(str_weight);
286 rr->rrdata.srv_rec.weight = DFL_SRV_WEIGHT;
288 rr->rrdata.srv_rec.port = atoi(str_port);
289 memcpy(rr->rrdata.srv_rec.hostname , hostname, strlen(hostname) + 1);
291 memcpy(rr->key, key, strlen(key) + 1);
296 static int rwrap_create_fake_uri_rr(const char *key,
298 struct rwrap_fake_rr *rr)
304 /* parse the value into priority, weight, and uri
305 * and check the validity */
307 NEXT_KEY(uri, str_prio);
308 NEXT_KEY(str_prio, str_weight);
310 RWRAP_LOG(RWRAP_LOG_ERROR,
311 "Malformed URI entry [%s]\n", value);
316 rr->rrdata.uri_rec.prio = atoi(str_prio);
318 rr->rrdata.uri_rec.prio = DFL_URI_PRIO;
321 rr->rrdata.uri_rec.weight = atoi(str_weight);
323 rr->rrdata.uri_rec.weight = DFL_URI_WEIGHT;
325 memcpy(rr->rrdata.uri_rec.uri, uri, strlen(uri) + 1);
327 memcpy(rr->key, key, strlen(key) + 1);
332 static int rwrap_create_fake_soa_rr(const char *key,
334 struct rwrap_fake_rr *rr)
336 const char *nameserver;
344 /* parse the value into nameserver, mailbox, serial, refresh,
345 * retry, expire, minimum and check the validity
348 NEXT_KEY(nameserver, mailbox);
349 NEXT_KEY(mailbox, str_serial);
350 NEXT_KEY(str_serial, str_refresh);
351 NEXT_KEY(str_refresh, str_retry);
352 NEXT_KEY(str_retry, str_expire);
353 NEXT_KEY(str_expire, str_minimum);
354 if (nameserver == NULL || mailbox == NULL || str_serial == NULL ||
355 str_refresh == NULL || str_retry == NULL || str_expire == NULL ||
356 str_minimum == NULL) {
357 RWRAP_LOG(RWRAP_LOG_ERROR,
358 "Malformed SOA entry [%s]\n", value);
362 memcpy(rr->rrdata.soa_rec.nameserver, nameserver, strlen(nameserver)+1);
363 memcpy(rr->rrdata.soa_rec.mailbox, mailbox, strlen(mailbox)+1);
365 rr->rrdata.soa_rec.serial = atoi(str_serial);
366 rr->rrdata.soa_rec.refresh = atoi(str_refresh);
367 rr->rrdata.soa_rec.retry = atoi(str_retry);
368 rr->rrdata.soa_rec.expire = atoi(str_expire);
369 rr->rrdata.soa_rec.minimum = atoi(str_minimum);
371 memcpy(rr->key, key, strlen(key) + 1);
376 static int rwrap_create_fake_cname_rr(const char *key,
378 struct rwrap_fake_rr *rr)
380 memcpy(rr->rrdata.cname_rec , value, strlen(value) + 1);
381 memcpy(rr->key, key, strlen(key) + 1);
382 rr->type = ns_t_cname;
386 static int rwrap_create_fake_ptr_rr(const char *key,
388 struct rwrap_fake_rr *rr)
390 memcpy(rr->rrdata.ptr_rec , value, strlen(value) + 1);
391 memcpy(rr->key, key, strlen(key) + 1);
396 /* Prepares a fake header with a single response. Advances header_blob */
397 static ssize_t rwrap_fake_header(uint8_t **header_blob, size_t remaining,
398 size_t ancount, size_t arcount)
403 if (remaining < NS_HFIXEDSZ) {
404 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small!\n");
409 memset(hb, 0, NS_HFIXEDSZ);
412 h->id = res_randomid(); /* random query ID */
413 h->qr = 1; /* response flag */
414 h->rd = 1; /* recursion desired */
415 h->ra = 1; /* recursion available */
417 h->qdcount = htons(1); /* no. of questions */
418 h->ancount = htons(ancount); /* no. of answers */
419 h->arcount = htons(arcount); /* no. of add'tl records */
421 hb += NS_HFIXEDSZ; /* move past the header */
427 static ssize_t rwrap_fake_question(const char *question,
429 uint8_t **question_ptr,
432 uint8_t *qb = *question_ptr;
435 n = ns_name_compress(question, qb, remaining, NULL, NULL);
437 RWRAP_LOG(RWRAP_LOG_ERROR,
438 "Failed to compress [%s]\n", question);
445 if (remaining < 2 * sizeof(uint16_t)) {
446 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small!\n");
451 NS_PUT16(ns_c_in, qb);
454 return n + 2 * sizeof(uint16_t);
457 static ssize_t rwrap_fake_rdata_common(uint16_t type,
463 uint8_t *rd = *rdata_ptr;
466 written = ns_name_compress(key, rd, remaining, NULL, NULL);
468 RWRAP_LOG(RWRAP_LOG_ERROR,
469 "Failed to compress [%s]\n", key);
473 remaining -= written;
475 if (remaining < 3 * sizeof(uint16_t) + sizeof(uint32_t)) {
476 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small\n");
481 NS_PUT16(ns_c_in, rd);
482 NS_PUT32(RWRAP_DEFAULT_FAKE_TTL, rd);
483 NS_PUT16(rdata_size, rd);
485 if (remaining < rdata_size) {
486 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small\n");
491 return written + 3 * sizeof(uint16_t) + sizeof(uint32_t) + rdata_size;
494 static ssize_t rwrap_fake_a(struct rwrap_fake_rr *rr,
498 uint8_t *a = answer_ptr;
501 if (rr->type != ns_t_a) {
502 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
505 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding A RR");
507 resp_size = rwrap_fake_rdata_common(ns_t_a, sizeof(struct in_addr), rr->key,
513 memcpy(a, &rr->rrdata.a_rec, sizeof(struct in_addr));
518 static ssize_t rwrap_fake_aaaa(struct rwrap_fake_rr *rr,
525 if (rr->type != ns_t_aaaa) {
526 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
529 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding AAAA RR");
531 resp_size = rwrap_fake_rdata_common(ns_t_aaaa, sizeof(struct in6_addr),
532 rr->key, anslen, &a);
537 memcpy(a, &rr->rrdata.aaaa_rec, sizeof(struct in6_addr));
542 static ssize_t rwrap_fake_ns(struct rwrap_fake_rr *rr,
547 ssize_t resp_size = 0;
549 unsigned char hostname_compressed[MAXDNAME];
550 ssize_t compressed_len;
552 if (rr->type != ns_t_ns) {
553 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
556 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding NS RR");
558 /* Prepare the data to write */
559 compressed_len = ns_name_compress(rr->rrdata.srv_rec.hostname,
564 if (compressed_len < 0) {
568 /* Is this enough? */
569 rdata_size = compressed_len;
571 resp_size = rwrap_fake_rdata_common(ns_t_ns, rdata_size,
572 rr->key, anslen, &a);
577 memcpy(a, hostname_compressed, compressed_len);
582 static ssize_t rwrap_fake_srv(struct rwrap_fake_rr *rr,
589 unsigned char hostname_compressed[MAXDNAME];
590 ssize_t compressed_len;
592 if (rr->type != ns_t_srv) {
593 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
596 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding SRV RR");
597 rdata_size = 3 * sizeof(uint16_t);
599 /* Prepare the data to write */
600 compressed_len = ns_name_compress(rr->rrdata.srv_rec.hostname,
601 hostname_compressed, MAXDNAME,
603 if (compressed_len < 0) {
606 rdata_size += compressed_len;
608 resp_size = rwrap_fake_rdata_common(ns_t_srv, rdata_size,
609 rr->key, anslen, &a);
614 NS_PUT16(rr->rrdata.srv_rec.prio, a);
615 NS_PUT16(rr->rrdata.srv_rec.weight, a);
616 NS_PUT16(rr->rrdata.srv_rec.port, a);
617 memcpy(a, hostname_compressed, compressed_len);
622 static ssize_t rwrap_fake_uri(struct rwrap_fake_rr *rr,
631 if (rr->type != ns_t_uri) {
632 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
635 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding URI RR");
636 rdata_size = 3 * sizeof(uint16_t);
637 uri_len = strlen(rr->rrdata.uri_rec.uri) + 1;
638 rdata_size += uri_len;
640 resp_size = rwrap_fake_rdata_common(ns_t_uri, rdata_size,
641 rr->key, anslen, &a);
646 NS_PUT16(rr->rrdata.uri_rec.prio, a);
647 NS_PUT16(rr->rrdata.uri_rec.weight, a);
648 memcpy(a, rr->rrdata.uri_rec.uri, uri_len);
653 static ssize_t rwrap_fake_soa(struct rwrap_fake_rr *rr,
660 unsigned char nameser_compressed[MAXDNAME];
661 ssize_t compressed_ns_len;
662 unsigned char mailbox_compressed[MAXDNAME];
663 ssize_t compressed_mb_len;
665 if (rr->type != ns_t_soa) {
666 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
669 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding SOA RR");
670 rdata_size = 5 * sizeof(uint16_t);
672 compressed_ns_len = ns_name_compress(rr->rrdata.soa_rec.nameserver,
674 MAXDNAME, NULL, NULL);
675 if (compressed_ns_len < 0) {
678 rdata_size += compressed_ns_len;
680 compressed_mb_len = ns_name_compress(rr->rrdata.soa_rec.mailbox,
682 MAXDNAME, NULL, NULL);
683 if (compressed_mb_len < 0) {
686 rdata_size += compressed_mb_len;
688 resp_size = rwrap_fake_rdata_common(ns_t_soa, rdata_size,
689 rr->key, anslen, &a);
694 memcpy(a, nameser_compressed, compressed_ns_len);
695 a += compressed_ns_len;
696 memcpy(a, mailbox_compressed, compressed_mb_len);
697 a += compressed_mb_len;
698 NS_PUT32(rr->rrdata.soa_rec.serial, a);
699 NS_PUT32(rr->rrdata.soa_rec.refresh, a);
700 NS_PUT32(rr->rrdata.soa_rec.retry, a);
701 NS_PUT32(rr->rrdata.soa_rec.expire, a);
702 NS_PUT32(rr->rrdata.soa_rec.minimum, a);
707 static ssize_t rwrap_fake_cname(struct rwrap_fake_rr *rr,
713 unsigned char hostname_compressed[MAXDNAME];
716 if (rr->type != ns_t_cname) {
717 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
720 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding CNAME RR");
722 /* Prepare the data to write */
723 rdata_size = ns_name_compress(rr->rrdata.cname_rec,
724 hostname_compressed, MAXDNAME,
726 if (rdata_size < 0) {
730 resp_size = rwrap_fake_rdata_common(ns_t_cname, rdata_size,
731 rr->key, anslen, &a);
736 memcpy(a, hostname_compressed, rdata_size);
741 static ssize_t rwrap_fake_ptr(struct rwrap_fake_rr *rr,
748 unsigned char hostname_compressed[MAXDNAME];
750 if (rr->type != ns_t_ptr) {
751 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
754 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding PTR RR");
756 /* Prepare the data to write */
757 rdata_size = ns_name_compress(rr->rrdata.ptr_rec,
758 hostname_compressed, MAXDNAME,
760 if (rdata_size < 0) {
764 resp_size = rwrap_fake_rdata_common(ns_t_ptr, rdata_size,
765 rr->key, anslen, &a);
770 memcpy(a, hostname_compressed, rdata_size);
775 #define RESOLV_MATCH(line, name) \
776 (strncmp(line, name, sizeof(name) - 1) == 0 && \
777 (line[sizeof(name) - 1] == ' ' || \
778 line[sizeof(name) - 1] == '\t'))
780 #define TYPE_MATCH(type, ns_type, rec_type, str_type, key, query) \
781 ((type) == (ns_type) && \
782 (strncmp((rec_type), (str_type), sizeof(str_type)) == 0) && \
783 (strcasecmp(key, query)) == 0)
786 static int rwrap_get_record(const char *hostfile, unsigned recursion,
787 const char *query, int type,
788 struct rwrap_fake_rr *rr);
790 static int rwrap_uri_recurse(const char *hostfile, unsigned recursion,
791 const char *query, struct rwrap_fake_rr *rr)
795 rc = rwrap_get_record(hostfile, recursion, query, ns_t_uri, rr);
803 static int rwrap_srv_recurse(const char *hostfile, unsigned recursion,
804 const char *query, struct rwrap_fake_rr *rr)
808 rc = rwrap_get_record(hostfile, recursion, query, ns_t_a, rr);
809 if (rc == 0) return 0;
811 rc = rwrap_get_record(hostfile, recursion, query, ns_t_aaaa, rr);
812 if (rc == ENOENT) rc = 0;
817 static int rwrap_cname_recurse(const char *hostfile, unsigned recursion,
818 const char *query, struct rwrap_fake_rr *rr)
822 rc = rwrap_get_record(hostfile, recursion, query, ns_t_a, rr);
823 if (rc == 0) return 0;
825 rc = rwrap_get_record(hostfile, recursion, query, ns_t_aaaa, rr);
826 if (rc == 0) return 0;
828 rc = rwrap_get_record(hostfile, recursion, query, ns_t_cname, rr);
829 if (rc == ENOENT) rc = 0;
834 static int rwrap_get_record(const char *hostfile, unsigned recursion,
835 const char *query, int type,
836 struct rwrap_fake_rr *rr)
843 unsigned num_uris = 0;
845 if (recursion >= RWRAP_MAX_RECURSION) {
846 RWRAP_LOG(RWRAP_LOG_ERROR, "Recursed too deep!\n");
850 RWRAP_LOG(RWRAP_LOG_TRACE,
851 "Searching in fake hosts file %s for %s:%d\n", hostfile,
854 fp = fopen(hostfile, "r");
856 RWRAP_LOG(RWRAP_LOG_WARN,
857 "Opening %s failed: %s",
858 hostfile, strerror(errno));
862 while (fgets(buf, sizeof(buf), fp) != NULL) {
869 NEXT_KEY(rec_type, key);
870 NEXT_KEY(key, value);
872 if (key == NULL || value == NULL) {
873 RWRAP_LOG(RWRAP_LOG_WARN,
874 "Malformed line: not enough parts, use \"rec_type key data\n"
875 "For example \"A cwrap.org 10.10.10.10\"");
880 while(q[0] != '\n' && q[0] != '\0') {
885 if (type == ns_t_uri && recursion > 0) {
886 /* Skip non-URI records. */
887 if (!TYPE_MATCH(type, ns_t_uri, rec_type, "URI", key, query)) {
890 /* Skip previous records based on the recurse depth. */
892 if (num_uris <= recursion) {
897 if (TYPE_MATCH(type, ns_t_a, rec_type, "A", key, query)) {
898 rc = rwrap_create_fake_a_rr(key, value, rr);
900 } else if (TYPE_MATCH(type, ns_t_aaaa,
901 rec_type, "AAAA", key, query)) {
902 rc = rwrap_create_fake_aaaa_rr(key, value, rr);
904 } else if (TYPE_MATCH(type, ns_t_ns,
905 rec_type, "NS", key, query)) {
906 rc = rwrap_create_fake_ns_rr(key, value, rr);
908 } else if (TYPE_MATCH(type, ns_t_srv,
909 rec_type, "SRV", key, query)) {
910 rc = rwrap_create_fake_srv_rr(key, value, rr);
912 rc = rwrap_srv_recurse(hostfile, recursion+1,
913 rr->rrdata.srv_rec.hostname,
917 } else if (TYPE_MATCH(type, ns_t_uri,
918 rec_type, "URI", key, query)) {
919 rc = rwrap_create_fake_uri_rr(key, value, rr);
921 /* Recurse to collect multiple URI answers under a single key. */
922 rc = rwrap_uri_recurse(hostfile, recursion + 1, key, rr + 1);
925 } else if (TYPE_MATCH(type, ns_t_soa,
926 rec_type, "SOA", key, query)) {
927 rc = rwrap_create_fake_soa_rr(key, value, rr);
929 } else if (TYPE_MATCH(type, ns_t_cname,
930 rec_type, "CNAME", key, query)) {
931 rc = rwrap_create_fake_cname_rr(key, value, rr);
933 rc = rwrap_cname_recurse(hostfile, recursion+1,
937 } else if (TYPE_MATCH(type, ns_t_a, rec_type, "CNAME", key, query)) {
938 rc = rwrap_create_fake_cname_rr(key, value, rr);
940 rc = rwrap_cname_recurse(hostfile, recursion+1,
944 } else if (TYPE_MATCH(type, ns_t_ptr,
945 rec_type, "PTR", key, query)) {
946 rc = rwrap_create_fake_ptr_rr(key, value, rr);
951 if (rc == ENOENT && recursion == 0 && key != NULL) {
952 RWRAP_LOG(RWRAP_LOG_TRACE, "Record for [%s] not found\n", query);
953 memcpy(rr->key, key, strlen(key) + 1);
960 static ssize_t rwrap_fake_empty(int type,
961 const char *question,
966 size_t remaining = anslen;
968 resp_data = rwrap_fake_header(&answer, remaining, 0, 0);
972 remaining -= resp_data;
974 resp_data += rwrap_fake_question(question, type, &answer, remaining);
978 remaining -= resp_data;
980 resp_data += rwrap_fake_rdata_common(type, 0, question,
989 static inline bool rwrap_known_type(int type)
1006 static int rwrap_ancount(struct rwrap_fake_rr *rrs, int qtype)
1011 /* For URI return the number of URIs. */
1012 if (qtype == ns_t_uri) {
1013 for (i = 0; i < RWRAP_MAX_RECURSION; i++) {
1014 if (rwrap_known_type(rrs[i].type) &&
1015 rrs[i].type == qtype) {
1022 /* Include all RRs in the stack until the sought type
1023 * in the answer section. This is the case i.e. when looking
1024 * up an A record but the name points to a CNAME
1026 for (i = 0; i < RWRAP_MAX_RECURSION; i++) {
1029 if (rwrap_known_type(rrs[i].type) &&
1030 rrs[i].type == qtype) {
1035 /* Return 0 records if the sought type wasn't in the stack */
1036 return i < RWRAP_MAX_RECURSION ? ancount : 0;
1039 static int rwrap_arcount(struct rwrap_fake_rr *rrs, int ancount)
1044 /* start from index ancount */
1045 for (i = ancount; i < RWRAP_MAX_RECURSION; i++) {
1046 if (rwrap_known_type(rrs[i].type)) {
1054 static ssize_t rwrap_add_rr(struct rwrap_fake_rr *rr,
1061 RWRAP_LOG(RWRAP_LOG_ERROR, "Internal error!\n");
1067 resp_data = rwrap_fake_a(rr, answer, anslen);
1070 resp_data = rwrap_fake_aaaa(rr, answer, anslen);
1073 resp_data = rwrap_fake_ns(rr, answer, anslen);
1076 resp_data = rwrap_fake_srv(rr, answer, anslen);
1079 resp_data = rwrap_fake_uri(rr, answer, anslen);
1082 resp_data = rwrap_fake_soa(rr, answer, anslen);
1085 resp_data = rwrap_fake_cname(rr, answer, anslen);
1088 resp_data = rwrap_fake_ptr(rr, answer, anslen);
1097 static ssize_t rwrap_fake_answer(struct rwrap_fake_rr *rrs,
1105 size_t remaining = anslen;
1110 ancount = rwrap_ancount(rrs, type);
1111 arcount = rwrap_arcount(rrs, ancount);
1112 RWRAP_LOG(RWRAP_LOG_TRACE,
1113 "Got %d answers and %d additional records\n", ancount, arcount);
1115 resp_data = rwrap_fake_header(&answer, remaining, ancount, arcount);
1116 if (resp_data < 0) {
1119 remaining -= resp_data;
1121 resp_data += rwrap_fake_question(rrs->key, rrs->type, &answer, remaining);
1122 if (resp_data < 0) {
1125 remaining -= resp_data;
1128 for (i = 0; i < ancount; i++) {
1129 rrlen = rwrap_add_rr(&rrs[i], answer, remaining);
1138 /* add authoritative NS here? */
1140 /* additional records */
1141 for (i = ancount; i < ancount + arcount; i++) {
1142 rrlen = rwrap_add_rr(&rrs[i], answer, remaining);
1154 /* Reads in a file in the following format:
1157 * Malformed entries are silently skipped.
1158 * Allocates answer buffer of size anslen that has to be freed after use.
1160 static int rwrap_res_fake_hosts(const char *hostfile,
1163 unsigned char *answer,
1167 char *query_name = NULL;
1168 size_t qlen = strlen(query);
1169 struct rwrap_fake_rr rrs[RWRAP_MAX_RECURSION];
1172 RWRAP_LOG(RWRAP_LOG_TRACE,
1173 "Searching in fake hosts file %s\n", hostfile);
1175 if (qlen > 0 && query[qlen-1] == '.') {
1179 query_name = strndup(query, qlen);
1180 if (query_name == NULL) {
1184 rwrap_fake_rr_init(rrs, RWRAP_MAX_RECURSION);
1186 rc = rwrap_get_record(hostfile, 0, query_name, type, rrs);
1189 RWRAP_LOG(RWRAP_LOG_TRACE,
1190 "Found record for [%s]\n", query_name);
1191 resp_size = rwrap_fake_answer(rrs, type, answer, anslen);
1194 RWRAP_LOG(RWRAP_LOG_TRACE,
1195 "No record for [%s]\n", query_name);
1196 resp_size = rwrap_fake_empty(type, rrs->key, answer, anslen);
1199 RWRAP_LOG(RWRAP_LOG_NOTICE,
1200 "Searching for [%s] did not return any results\n",
1206 switch (resp_size) {
1208 RWRAP_LOG(RWRAP_LOG_ERROR,
1209 "Error faking answer for [%s]\n", query_name);
1212 RWRAP_LOG(RWRAP_LOG_TRACE,
1213 "Successfully faked answer for [%s]\n",
1222 /*********************************************************
1223 * RWRAP LOADING LIBC FUNCTIONS
1224 *********************************************************/
1228 typedef int (*__libc_res_ninit)(struct __res_state *state);
1229 typedef int (*__libc___res_ninit)(struct __res_state *state);
1230 typedef void (*__libc_res_nclose)(struct __res_state *state);
1231 typedef void (*__libc___res_nclose)(struct __res_state *state);
1232 typedef int (*__libc_res_nquery)(struct __res_state *state,
1236 unsigned char *answer,
1238 typedef int (*__libc___res_nquery)(struct __res_state *state,
1242 unsigned char *answer,
1244 typedef int (*__libc_res_nsearch)(struct __res_state *state,
1248 unsigned char *answer,
1250 typedef int (*__libc___res_nsearch)(struct __res_state *state,
1254 unsigned char *answer,
1257 #define RWRAP_SYMBOL_ENTRY(i) \
1263 struct rwrap_libc_symbols {
1264 RWRAP_SYMBOL_ENTRY(res_ninit);
1265 RWRAP_SYMBOL_ENTRY(__res_ninit);
1266 RWRAP_SYMBOL_ENTRY(res_nclose);
1267 RWRAP_SYMBOL_ENTRY(__res_nclose);
1268 RWRAP_SYMBOL_ENTRY(res_nquery);
1269 RWRAP_SYMBOL_ENTRY(__res_nquery);
1270 RWRAP_SYMBOL_ENTRY(res_nsearch);
1271 RWRAP_SYMBOL_ENTRY(__res_nsearch);
1273 #undef RWRAP_SYMBOL_ENTRY
1278 struct rwrap_libc_symbols symbols;
1283 struct rwrap_libc_symbols symbols;
1292 static struct rwrap rwrap;
1299 static const char *rwrap_str_lib(enum rwrap_lib lib)
1304 case RWRAP_LIBRESOLV:
1308 /* Compiler would warn us about unhandled enum value if we get here */
1312 static void *rwrap_load_lib_handle(enum rwrap_lib lib)
1314 int flags = RTLD_LAZY;
1315 void *handle = NULL;
1318 #ifdef RTLD_DEEPBIND
1319 flags |= RTLD_DEEPBIND;
1323 case RWRAP_LIBRESOLV:
1324 #ifdef HAVE_LIBRESOLV
1325 handle = rwrap.libresolv.handle;
1326 if (handle == NULL) {
1327 for (i = 10; i >= 0; i--) {
1328 char soname[256] = {0};
1330 snprintf(soname, sizeof(soname), "libresolv.so.%d", i);
1331 handle = dlopen(soname, flags);
1332 if (handle != NULL) {
1337 rwrap.libresolv.handle = handle;
1343 handle = rwrap.libc.handle;
1345 if (handle == NULL) {
1346 handle = dlopen(LIBC_SO, flags);
1348 rwrap.libc.handle = handle;
1351 if (handle == NULL) {
1352 for (i = 10; i >= 0; i--) {
1353 char soname[256] = {0};
1355 snprintf(soname, sizeof(soname), "libc.so.%d", i);
1356 handle = dlopen(soname, flags);
1357 if (handle != NULL) {
1362 rwrap.libc.handle = handle;
1367 if (handle == NULL) {
1369 handle = rwrap.libc.handle = rwrap.libresolv.handle = RTLD_NEXT;
1371 RWRAP_LOG(RWRAP_LOG_ERROR,
1372 "Failed to dlopen library: %s\n",
1381 static void *_rwrap_bind_symbol(enum rwrap_lib lib, const char *fn_name)
1386 handle = rwrap_load_lib_handle(lib);
1388 func = dlsym(handle, fn_name);
1390 RWRAP_LOG(RWRAP_LOG_ERROR,
1391 "Failed to find %s: %s\n",
1392 fn_name, dlerror());
1396 RWRAP_LOG(RWRAP_LOG_TRACE,
1397 "Loaded %s from %s",
1398 fn_name, rwrap_str_lib(lib));
1402 #define rwrap_bind_symbol_libc(sym_name) \
1403 if (rwrap.libc.symbols._libc_##sym_name.obj == NULL) { \
1404 rwrap.libc.symbols._libc_##sym_name.obj = \
1405 _rwrap_bind_symbol(RWRAP_LIBC, #sym_name); \
1408 #define rwrap_bind_symbol_libresolv(sym_name) \
1409 if (rwrap.libresolv.symbols._libc_##sym_name.obj == NULL) { \
1410 rwrap.libresolv.symbols._libc_##sym_name.obj = \
1411 _rwrap_bind_symbol(RWRAP_LIBRESOLV, #sym_name); \
1417 * Functions especially from libc need to be loaded individually, you can't load
1418 * all at once or gdb will segfault at startup. The same applies to valgrind and
1419 * has probably something todo with with the linker.
1420 * So we need load each function at the point it is called the first time.
1423 static int libc_res_ninit(struct __res_state *state)
1425 #if !defined(res_ninit) && defined(HAVE_RES_NINIT)
1427 #if defined(HAVE_RES_NINIT_IN_LIBRESOLV)
1428 rwrap_bind_symbol_libresolv(res_ninit);
1430 return rwrap.libresolv.symbols._libc_res_ninit.f(state);
1431 #else /* HAVE_RES_NINIT_IN_LIBRESOLV */
1432 rwrap_bind_symbol_libc(res_ninit);
1434 return rwrap.libc.symbols._libc_res_ninit.f(state);
1435 #endif /* HAVE_RES_NINIT_IN_LIBRESOLV */
1437 #elif defined(HAVE___RES_NINIT)
1438 rwrap_bind_symbol_libc(__res_ninit);
1440 return rwrap.libc.symbols._libc___res_ninit.f(state);
1442 #error "No res_ninit function"
1446 static void libc_res_nclose(struct __res_state *state)
1448 #if !defined(res_close) && defined(HAVE_RES_NCLOSE)
1450 #if defined(HAVE_RES_NCLOSE_IN_LIBRESOLV)
1451 rwrap_bind_symbol_libresolv(res_nclose);
1453 rwrap.libresolv.symbols._libc_res_nclose.f(state);
1455 #else /* HAVE_RES_NCLOSE_IN_LIBRESOLV */
1456 rwrap_bind_symbol_libc(res_nclose);
1458 rwrap.libc.symbols._libc_res_nclose.f(state);
1460 #endif /* HAVE_RES_NCLOSE_IN_LIBRESOLV */
1462 #elif defined(HAVE___RES_NCLOSE)
1463 rwrap_bind_symbol_libc(__res_nclose);
1465 rwrap.libc.symbols._libc___res_nclose.f(state);
1467 #error "No res_nclose function"
1471 static int libc_res_nquery(struct __res_state *state,
1475 unsigned char *answer,
1478 #if !defined(res_nquery) && defined(HAVE_RES_NQUERY)
1479 rwrap_bind_symbol_libresolv(res_nquery);
1481 return rwrap.libresolv.symbols._libc_res_nquery.f(state,
1487 #elif defined(HAVE___RES_NQUERY)
1488 rwrap_bind_symbol_libresolv(__res_nquery);
1490 return rwrap.libresolv.symbols._libc___res_nquery.f(state,
1497 #error "No res_nquery function"
1501 static int libc_res_nsearch(struct __res_state *state,
1505 unsigned char *answer,
1508 #if !defined(res_nsearch) && defined(HAVE_RES_NSEARCH)
1509 rwrap_bind_symbol_libresolv(res_nsearch);
1511 return rwrap.libresolv.symbols._libc_res_nsearch.f(state,
1517 #elif defined(HAVE___RES_NSEARCH)
1518 rwrap_bind_symbol_libresolv(__res_nsearch);
1520 return rwrap.libresolv.symbols._libc___res_nsearch.f(state,
1527 #error "No res_nsearch function"
1531 /****************************************************************************
1533 ***************************************************************************/
1535 static int rwrap_parse_resolv_conf(struct __res_state *state,
1536 const char *resolv_conf)
1542 fp = fopen(resolv_conf, "r");
1544 RWRAP_LOG(RWRAP_LOG_ERROR,
1545 "Opening %s failed: %s",
1546 resolv_conf, strerror(errno));
1550 while(fgets(buf, sizeof(buf), fp) != NULL) {
1553 /* Ignore comments */
1554 if (buf[0] == '#' || buf[0] == ';') {
1558 if (RESOLV_MATCH(buf, "nameserver") && nserv < MAXNS) {
1563 p = buf + strlen("nameserver");
1565 /* Skip spaces and tabs */
1566 while(isblank((int)p[0])) {
1571 while(q[0] != '\n' && q[0] != '\0') {
1576 ok = inet_pton(AF_INET, p, &a);
1578 state->nsaddr_list[state->nscount] = (struct sockaddr_in) {
1579 .sin_family = AF_INET,
1581 .sin_port = htons(53),
1588 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1591 ok = inet_pton(AF_INET6, p, &a6);
1593 struct sockaddr_in6 *sa6;
1595 sa6 = malloc(sizeof(*sa6));
1601 sa6->sin6_family = AF_INET6;
1602 sa6->sin6_port = htons(53);
1603 sa6->sin6_flowinfo = 0;
1604 sa6->sin6_addr = a6;
1606 state->_u._ext.nsaddrs[state->_u._ext.nscount] = sa6;
1607 state->_u._ext.nssocks[state->_u._ext.nscount] = -1;
1608 state->_u._ext.nsmap[state->_u._ext.nscount] = MAXNS + 1;
1610 state->_u._ext.nscount++;
1613 RWRAP_LOG(RWRAP_LOG_ERROR,
1614 "Malformed DNS server");
1617 #else /* !HAVE_RESOLV_IPV6_NSADDRS */
1619 * BSD uses an opaque structure to store the
1620 * IPv6 addresses. So we can not simply store
1621 * these addresses the same way as above.
1623 RWRAP_LOG(RWRAP_LOG_WARN,
1624 "resolve_wrapper does not support "
1625 "IPv6 on this platform");
1630 } /* TODO: match other keywords */
1634 RWRAP_LOG(RWRAP_LOG_ERROR,
1635 "Reading from %s failed",
1645 /****************************************************************************
1647 ***************************************************************************/
1649 static int rwrap_res_ninit(struct __res_state *state)
1653 rc = libc_res_ninit(state);
1655 const char *resolv_conf = getenv("RESOLV_WRAPPER_CONF");
1657 if (resolv_conf != NULL) {
1660 (void)i; /* maybe unused */
1662 /* Delete name servers */
1664 memset(state->nsaddr_list, 0, sizeof(state->nsaddr_list));
1666 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1667 state->_u._ext.nscount = 0;
1668 for (i = 0; i < state->_u._ext.nscount; i++) {
1669 SAFE_FREE(state->_u._ext.nsaddrs[i]);
1673 rc = rwrap_parse_resolv_conf(state, resolv_conf);
1680 #if !defined(res_ninit) && defined(HAVE_RES_NINIT)
1681 int res_ninit(struct __res_state *state)
1682 #elif defined(HAVE___RES_NINIT)
1683 int __res_ninit(struct __res_state *state)
1686 return rwrap_res_ninit(state);
1689 /****************************************************************************
1691 ***************************************************************************/
1693 static struct __res_state rwrap_res_state;
1695 static int rwrap_res_init(void)
1699 rc = rwrap_res_ninit(&rwrap_res_state);
1704 #if !defined(res_ninit) && defined(HAVE_RES_INIT)
1706 #elif defined(HAVE___RES_INIT)
1707 int __res_init(void)
1710 return rwrap_res_init();
1713 /****************************************************************************
1715 ***************************************************************************/
1717 static void rwrap_res_nclose(struct __res_state *state)
1719 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1723 libc_res_nclose(state);
1725 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1726 if (state != NULL) {
1727 for (i = 0; i < state->_u._ext.nscount; i++) {
1728 SAFE_FREE(state->_u._ext.nsaddrs[i]);
1734 #if !defined(res_nclose) && defined(HAVE_RES_NCLOSE)
1735 void res_nclose(struct __res_state *state)
1736 #elif defined(HAVE___RES_NCLOSE)
1737 void __res_nclose(struct __res_state *state)
1740 rwrap_res_nclose(state);
1743 /****************************************************************************
1745 ***************************************************************************/
1747 static void rwrap_res_close(void)
1749 rwrap_res_nclose(&rwrap_res_state);
1752 #if defined(HAVE_RES_CLOSE)
1753 void res_close(void)
1754 #elif defined(HAVE___RES_CLOSE)
1755 void __res_close(void)
1761 /****************************************************************************
1763 ***************************************************************************/
1765 static int rwrap_res_nquery(struct __res_state *state,
1769 unsigned char *answer,
1773 const char *fake_hosts;
1778 RWRAP_LOG(RWRAP_LOG_TRACE,
1779 "Resolve the domain name [%s] - class=%d, type=%d",
1780 dname, class, type);
1782 for (i = 0; i < state->nscount; i++) {
1783 char ip[INET6_ADDRSTRLEN];
1785 inet_ntop(AF_INET, &state->nsaddr_list[i].sin_addr, ip, sizeof(ip));
1786 RWRAP_LOG(RWRAP_LOG_TRACE,
1792 fake_hosts = getenv("RESOLV_WRAPPER_HOSTS");
1793 if (fake_hosts != NULL) {
1794 rc = rwrap_res_fake_hosts(fake_hosts, dname, type, answer, anslen);
1796 rc = libc_res_nquery(state, dname, class, type, answer, anslen);
1800 RWRAP_LOG(RWRAP_LOG_TRACE,
1801 "The returned response length is: %d",
1807 #if !defined(res_nquery) && defined(HAVE_RES_NQUERY)
1808 int res_nquery(struct __res_state *state,
1812 unsigned char *answer,
1814 #elif defined(HAVE___RES_NQUERY)
1815 int __res_nquery(struct __res_state *state,
1819 unsigned char *answer,
1823 return rwrap_res_nquery(state, dname, class, type, answer, anslen);
1826 /****************************************************************************
1828 ***************************************************************************/
1830 static int rwrap_res_query(const char *dname,
1833 unsigned char *answer,
1838 rc = rwrap_res_ninit(&rwrap_res_state);
1843 rc = rwrap_res_nquery(&rwrap_res_state,
1853 #if !defined(res_query) && defined(HAVE_RES_QUERY)
1854 int res_query(const char *dname,
1857 unsigned char *answer,
1859 #elif defined(HAVE___RES_QUERY)
1860 int __res_query(const char *dname,
1863 unsigned char *answer,
1867 return rwrap_res_query(dname, class, type, answer, anslen);
1870 /****************************************************************************
1872 ***************************************************************************/
1874 static int rwrap_res_nsearch(struct __res_state *state,
1878 unsigned char *answer,
1882 const char *fake_hosts;
1887 RWRAP_LOG(RWRAP_LOG_TRACE,
1888 "Resolve the domain name [%s] - class=%d, type=%d",
1889 dname, class, type);
1891 for (i = 0; i < state->nscount; i++) {
1892 char ip[INET6_ADDRSTRLEN];
1894 inet_ntop(AF_INET, &state->nsaddr_list[i].sin_addr, ip, sizeof(ip));
1895 RWRAP_LOG(RWRAP_LOG_TRACE,
1901 fake_hosts = getenv("RESOLV_WRAPPER_HOSTS");
1902 if (fake_hosts != NULL) {
1903 rc = rwrap_res_fake_hosts(fake_hosts, dname, type, answer, anslen);
1905 rc = libc_res_nsearch(state, dname, class, type, answer, anslen);
1908 RWRAP_LOG(RWRAP_LOG_TRACE,
1909 "The returned response length is: %d",
1915 #if !defined(res_nsearch) && defined(HAVE_RES_NSEARCH)
1916 int res_nsearch(struct __res_state *state,
1920 unsigned char *answer,
1922 #elif defined(HAVE___RES_NSEARCH)
1923 int __res_nsearch(struct __res_state *state,
1927 unsigned char *answer,
1931 return rwrap_res_nsearch(state, dname, class, type, answer, anslen);
1934 /****************************************************************************
1936 ***************************************************************************/
1938 static int rwrap_res_search(const char *dname,
1941 unsigned char *answer,
1946 rc = rwrap_res_ninit(&rwrap_res_state);
1951 rc = rwrap_res_nsearch(&rwrap_res_state,
1961 #if !defined(res_search) && defined(HAVE_RES_SEARCH)
1962 int res_search(const char *dname,
1965 unsigned char *answer,
1967 #elif defined(HAVE___RES_SEARCH)
1968 int __res_search(const char *dname,
1971 unsigned char *answer,
1975 return rwrap_res_search(dname, class, type, answer, anslen);