2 * Copyright (c) 2014-2018 Andreas Schneider <asn@samba.org>
3 * Copyright (c) 2014-2016 Jakub Hrozek <jakub.hrozek@posteo.se>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
18 * 3. Neither the name of the author nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
38 #include <arpa/inet.h>
39 #ifdef HAVE_ARPA_NAMESER_H
40 #include <arpa/nameser.h>
41 #endif /* HAVE_ARPA_NAMESER_H */
42 #include <netinet/in.h>
43 #include <sys/socket.h>
44 #include <sys/types.h>
55 /* GCC has printf type attribute check. */
56 #ifdef HAVE_ATTRIBUTE_PRINTF_FORMAT
57 #define PRINTF_ATTRIBUTE(a,b) __attribute__ ((__format__ (__printf__, a, b)))
59 #define PRINTF_ATTRIBUTE(a,b)
60 #endif /* HAVE_ATTRIBUTE_PRINTF_FORMAT */
62 #ifdef HAVE_DESTRUCTOR_ATTRIBUTE
63 #define DESTRUCTOR_ATTRIBUTE __attribute__ ((destructor))
65 #define DESTRUCTOR_ATTRIBUTE
66 #endif /* HAVE_DESTRUCTOR_ATTRIBUTE */
68 #ifndef RWRAP_DEFAULT_FAKE_TTL
69 #define RWRAP_DEFAULT_FAKE_TTL 600
70 #endif /* RWRAP_DEFAULT_FAKE_TTL */
72 #ifndef HAVE_NS_NAME_COMPRESS
73 #define ns_name_compress dn_comp
86 #ifndef HAVE_GETPROGNAME
87 static const char *getprogname(void)
89 #if defined(HAVE_PROGRAM_INVOCATION_SHORT_NAME)
90 return program_invocation_short_name;
91 #elif defined(HAVE_GETEXECNAME)
95 #endif /* HAVE_PROGRAM_INVOCATION_SHORT_NAME */
97 #endif /* HAVE_GETPROGNAME */
99 static void rwrap_log(enum rwrap_dbglvl_e dbglvl, const char *func, const char *format, ...) PRINTF_ATTRIBUTE(3, 4);
100 # define RWRAP_LOG(dbglvl, ...) rwrap_log((dbglvl), __func__, __VA_ARGS__)
102 static void rwrap_log(enum rwrap_dbglvl_e dbglvl,
104 const char *format, ...)
109 unsigned int lvl = 0;
110 const char *prefix = NULL;
111 const char *progname = NULL;
113 d = getenv("RESOLV_WRAPPER_DEBUGLEVEL");
122 va_start(va, format);
123 vsnprintf(buffer, sizeof(buffer), format, va);
127 case RWRAP_LOG_ERROR:
128 prefix = "RWRAP_ERROR";
131 prefix = "RWRAP_WARN";
133 case RWRAP_LOG_NOTICE:
134 prefix = "RWRAP_NOTICE";
136 case RWRAP_LOG_DEBUG:
137 prefix = "RWRAP_DEBUG";
139 case RWRAP_LOG_TRACE:
140 prefix = "RWRAP_TRACE";
144 progname = getprogname();
145 if (progname == NULL) {
146 progname = "<unknown>";
150 "%s[%s (%u)] - %s: %s\n",
153 (unsigned int)getpid(),
159 #define SAFE_FREE(x) do { if ((x) != NULL) {free(x); (x)=NULL;} } while(0)
162 #define NEXT_KEY(buf, key) do { \
163 (key) = (buf) ? strpbrk((buf), " \t") : NULL; \
164 if ((key) != NULL) { \
168 while ((key) != NULL \
169 && (isblank((int)(key)[0]))) { \
174 #define RWRAP_MAX_RECURSION 64
176 /* Priority and weight can be omitted from the hosts file, but need to be part
179 #define DFL_SRV_PRIO 1
180 #define DFL_SRV_WEIGHT 100
181 #define DFL_URI_PRIO 1
182 #define DFL_URI_WEIGHT 100
184 struct rwrap_srv_rrdata {
188 char hostname[MAXDNAME];
191 struct rwrap_uri_rrdata {
197 struct rwrap_soa_rrdata {
203 char nameserver[MAXDNAME];
204 char mailbox[MAXDNAME];
207 struct rwrap_fake_rr {
209 struct in_addr a_rec;
210 struct in6_addr aaaa_rec;
211 struct rwrap_srv_rrdata srv_rec;
212 struct rwrap_uri_rrdata uri_rec;
213 struct rwrap_soa_rrdata soa_rec;
214 char cname_rec[MAXDNAME];
215 char ptr_rec[MAXDNAME];
216 char txt_rec[MAXDNAME];
220 int type; /* ns_t_* */
223 static void rwrap_fake_rr_init(struct rwrap_fake_rr *rr, size_t len)
227 for (i = 0; i < len; i++) {
228 rr[i].type = ns_t_invalid;
232 static int rwrap_create_fake_a_rr(const char *key,
234 struct rwrap_fake_rr *rr)
238 ok = inet_pton(AF_INET, value, &rr->rrdata.a_rec);
240 RWRAP_LOG(RWRAP_LOG_ERROR,
241 "Failed to convert [%s] to binary\n", value);
245 memcpy(rr->key, key, strlen(key) + 1);
250 static int rwrap_create_fake_aaaa_rr(const char *key,
252 struct rwrap_fake_rr *rr)
256 ok = inet_pton(AF_INET6, value, &rr->rrdata.aaaa_rec);
258 RWRAP_LOG(RWRAP_LOG_ERROR,
259 "Failed to convert [%s] to binary\n", value);
263 memcpy(rr->key, key, strlen(key) + 1);
264 rr->type = ns_t_aaaa;
267 static int rwrap_create_fake_ns_rr(const char *key,
269 struct rwrap_fake_rr *rr)
271 memcpy(rr->rrdata.srv_rec.hostname, value, strlen(value) + 1);
272 memcpy(rr->key, key, strlen(key) + 1);
277 static int rwrap_create_fake_srv_rr(const char *key,
279 struct rwrap_fake_rr *rr)
284 const char *hostname;
286 /* parse the value into priority, weight, port and hostname
287 * and check the validity */
289 NEXT_KEY(hostname, str_port);
290 NEXT_KEY(str_port, str_prio);
291 NEXT_KEY(str_prio, str_weight);
292 if (str_port == NULL || hostname == NULL) {
293 RWRAP_LOG(RWRAP_LOG_ERROR,
294 "Malformed SRV entry [%s]\n", value);
299 rr->rrdata.srv_rec.prio = atoi(str_prio);
301 rr->rrdata.srv_rec.prio = DFL_SRV_PRIO;
304 rr->rrdata.srv_rec.weight = atoi(str_weight);
306 rr->rrdata.srv_rec.weight = DFL_SRV_WEIGHT;
308 rr->rrdata.srv_rec.port = atoi(str_port);
309 memcpy(rr->rrdata.srv_rec.hostname , hostname, strlen(hostname) + 1);
311 memcpy(rr->key, key, strlen(key) + 1);
316 static int rwrap_create_fake_uri_rr(const char *key,
318 struct rwrap_fake_rr *rr)
324 /* parse the value into priority, weight, and uri
325 * and check the validity */
327 NEXT_KEY(uri, str_prio);
328 NEXT_KEY(str_prio, str_weight);
330 RWRAP_LOG(RWRAP_LOG_ERROR,
331 "Malformed URI entry [<null>]\n");
336 rr->rrdata.uri_rec.prio = atoi(str_prio);
338 rr->rrdata.uri_rec.prio = DFL_URI_PRIO;
341 rr->rrdata.uri_rec.weight = atoi(str_weight);
343 rr->rrdata.uri_rec.weight = DFL_URI_WEIGHT;
345 memcpy(rr->rrdata.uri_rec.uri, uri, strlen(uri) + 1);
347 memcpy(rr->key, key, strlen(key) + 1);
352 static int rwrap_create_fake_txt_rr(const char *key,
354 struct rwrap_fake_rr *rr)
356 memcpy(rr->rrdata.txt_rec, value, strlen(value) + 1);
358 memcpy(rr->key, key, strlen(key) + 1);
363 static int rwrap_create_fake_soa_rr(const char *key,
365 struct rwrap_fake_rr *rr)
367 const char *nameserver;
375 /* parse the value into nameserver, mailbox, serial, refresh,
376 * retry, expire, minimum and check the validity
379 NEXT_KEY(nameserver, mailbox);
380 NEXT_KEY(mailbox, str_serial);
381 NEXT_KEY(str_serial, str_refresh);
382 NEXT_KEY(str_refresh, str_retry);
383 NEXT_KEY(str_retry, str_expire);
384 NEXT_KEY(str_expire, str_minimum);
385 if (nameserver == NULL || mailbox == NULL || str_serial == NULL ||
386 str_refresh == NULL || str_retry == NULL || str_expire == NULL ||
387 str_minimum == NULL) {
388 RWRAP_LOG(RWRAP_LOG_ERROR,
389 "Malformed SOA entry [%s]\n", value);
393 memcpy(rr->rrdata.soa_rec.nameserver, nameserver, strlen(nameserver)+1);
394 memcpy(rr->rrdata.soa_rec.mailbox, mailbox, strlen(mailbox)+1);
396 rr->rrdata.soa_rec.serial = atoi(str_serial);
397 rr->rrdata.soa_rec.refresh = atoi(str_refresh);
398 rr->rrdata.soa_rec.retry = atoi(str_retry);
399 rr->rrdata.soa_rec.expire = atoi(str_expire);
400 rr->rrdata.soa_rec.minimum = atoi(str_minimum);
402 memcpy(rr->key, key, strlen(key) + 1);
407 static int rwrap_create_fake_cname_rr(const char *key,
409 struct rwrap_fake_rr *rr)
411 memcpy(rr->rrdata.cname_rec , value, strlen(value) + 1);
412 memcpy(rr->key, key, strlen(key) + 1);
413 rr->type = ns_t_cname;
417 static int rwrap_create_fake_ptr_rr(const char *key,
419 struct rwrap_fake_rr *rr)
421 memcpy(rr->rrdata.ptr_rec , value, strlen(value) + 1);
422 memcpy(rr->key, key, strlen(key) + 1);
427 /* Prepares a fake header with a single response. Advances header_blob */
428 static ssize_t rwrap_fake_header(uint8_t **header_blob, size_t remaining,
429 size_t ancount, size_t arcount)
436 if (remaining < NS_HFIXEDSZ) {
437 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small!\n");
441 h.blob = *header_blob;
442 memset(h.blob, 0, NS_HFIXEDSZ);
444 h.header->id = res_randomid(); /* random query ID */
445 h.header->qr = 1; /* response flag */
446 h.header->rd = 1; /* recursion desired */
447 h.header->ra = 1; /* recursion available */
449 h.header->qdcount = htons(1); /* no. of questions */
450 h.header->ancount = htons(ancount); /* no. of answers */
451 h.header->arcount = htons(arcount); /* no. of add'tl records */
453 /* move past the header */
454 *header_blob = h.blob += NS_HFIXEDSZ;
459 static ssize_t rwrap_fake_question(const char *question,
461 uint8_t **question_ptr,
464 uint8_t *qb = *question_ptr;
467 n = ns_name_compress(question, qb, remaining, NULL, NULL);
469 RWRAP_LOG(RWRAP_LOG_ERROR,
470 "Failed to compress [%s]\n", question);
477 if (remaining < 2 * sizeof(uint16_t)) {
478 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small!\n");
483 NS_PUT16(ns_c_in, qb);
486 return n + 2 * sizeof(uint16_t);
489 static ssize_t rwrap_fake_rdata_common(uint16_t type,
495 uint8_t *rd = *rdata_ptr;
498 written = ns_name_compress(key, rd, remaining, NULL, NULL);
500 RWRAP_LOG(RWRAP_LOG_ERROR,
501 "Failed to compress [%s]\n", key);
505 remaining -= written;
507 if (remaining < 3 * sizeof(uint16_t) + sizeof(uint32_t)) {
508 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small\n");
513 NS_PUT16(ns_c_in, rd);
514 NS_PUT32(RWRAP_DEFAULT_FAKE_TTL, rd);
515 NS_PUT16(rdata_size, rd);
517 if (remaining < rdata_size) {
518 RWRAP_LOG(RWRAP_LOG_ERROR, "Buffer too small\n");
523 return written + 3 * sizeof(uint16_t) + sizeof(uint32_t) + rdata_size;
526 static ssize_t rwrap_fake_a(struct rwrap_fake_rr *rr,
530 uint8_t *a = answer_ptr;
533 if (rr->type != ns_t_a) {
534 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
537 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding A RR");
539 resp_size = rwrap_fake_rdata_common(ns_t_a, sizeof(struct in_addr), rr->key,
545 memcpy(a, &rr->rrdata.a_rec, sizeof(struct in_addr));
550 static ssize_t rwrap_fake_aaaa(struct rwrap_fake_rr *rr,
557 if (rr->type != ns_t_aaaa) {
558 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
561 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding AAAA RR");
563 resp_size = rwrap_fake_rdata_common(ns_t_aaaa, sizeof(struct in6_addr),
564 rr->key, anslen, &a);
569 memcpy(a, &rr->rrdata.aaaa_rec, sizeof(struct in6_addr));
574 static ssize_t rwrap_fake_ns(struct rwrap_fake_rr *rr,
579 ssize_t resp_size = 0;
581 unsigned char hostname_compressed[MAXDNAME];
582 ssize_t compressed_len;
584 if (rr->type != ns_t_ns) {
585 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
588 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding NS RR");
590 /* Prepare the data to write */
591 compressed_len = ns_name_compress(rr->rrdata.srv_rec.hostname,
596 if (compressed_len < 0) {
600 /* Is this enough? */
601 rdata_size = compressed_len;
603 resp_size = rwrap_fake_rdata_common(ns_t_ns, rdata_size,
604 rr->key, anslen, &a);
609 memcpy(a, hostname_compressed, compressed_len);
614 static ssize_t rwrap_fake_srv(struct rwrap_fake_rr *rr,
621 unsigned char hostname_compressed[MAXDNAME];
622 ssize_t compressed_len;
624 if (rr->type != ns_t_srv) {
625 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
628 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding SRV RR");
629 rdata_size = 3 * sizeof(uint16_t);
631 /* Prepare the data to write */
632 compressed_len = ns_name_compress(rr->rrdata.srv_rec.hostname,
633 hostname_compressed, MAXDNAME,
635 if (compressed_len < 0) {
638 rdata_size += compressed_len;
640 resp_size = rwrap_fake_rdata_common(ns_t_srv, rdata_size,
641 rr->key, anslen, &a);
646 NS_PUT16(rr->rrdata.srv_rec.prio, a);
647 NS_PUT16(rr->rrdata.srv_rec.weight, a);
648 NS_PUT16(rr->rrdata.srv_rec.port, a);
649 memcpy(a, hostname_compressed, compressed_len);
654 static ssize_t rwrap_fake_uri(struct rwrap_fake_rr *rr,
663 if (rr->type != ns_t_uri) {
664 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
667 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding URI RR");
668 rdata_size = 3 * sizeof(uint16_t);
669 uri_len = strlen(rr->rrdata.uri_rec.uri) + 1;
670 rdata_size += uri_len;
672 resp_size = rwrap_fake_rdata_common(ns_t_uri, rdata_size,
673 rr->key, anslen, &a);
678 NS_PUT16(rr->rrdata.uri_rec.prio, a);
679 NS_PUT16(rr->rrdata.uri_rec.weight, a);
680 memcpy(a, rr->rrdata.uri_rec.uri, uri_len);
685 static ssize_t rwrap_fake_txt(struct rwrap_fake_rr *rr,
694 if (rr->type != ns_t_txt) {
695 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
698 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding TXT RR");
699 txt_len = strlen(rr->rrdata.txt_rec) + 1;
700 rdata_size = txt_len;
702 resp_size = rwrap_fake_rdata_common(ns_t_txt, rdata_size,
703 rr->key, anslen, &a);
708 memcpy(a, rr->rrdata.txt_rec, txt_len);
713 static ssize_t rwrap_fake_soa(struct rwrap_fake_rr *rr,
720 unsigned char nameser_compressed[MAXDNAME];
721 ssize_t compressed_ns_len;
722 unsigned char mailbox_compressed[MAXDNAME];
723 ssize_t compressed_mb_len;
725 if (rr->type != ns_t_soa) {
726 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
729 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding SOA RR");
730 rdata_size = 5 * sizeof(uint16_t);
732 compressed_ns_len = ns_name_compress(rr->rrdata.soa_rec.nameserver,
734 MAXDNAME, NULL, NULL);
735 if (compressed_ns_len < 0) {
738 rdata_size += compressed_ns_len;
740 compressed_mb_len = ns_name_compress(rr->rrdata.soa_rec.mailbox,
742 MAXDNAME, NULL, NULL);
743 if (compressed_mb_len < 0) {
746 rdata_size += compressed_mb_len;
748 resp_size = rwrap_fake_rdata_common(ns_t_soa, rdata_size,
749 rr->key, anslen, &a);
754 memcpy(a, nameser_compressed, compressed_ns_len);
755 a += compressed_ns_len;
756 memcpy(a, mailbox_compressed, compressed_mb_len);
757 a += compressed_mb_len;
758 NS_PUT32(rr->rrdata.soa_rec.serial, a);
759 NS_PUT32(rr->rrdata.soa_rec.refresh, a);
760 NS_PUT32(rr->rrdata.soa_rec.retry, a);
761 NS_PUT32(rr->rrdata.soa_rec.expire, a);
762 NS_PUT32(rr->rrdata.soa_rec.minimum, a);
767 static ssize_t rwrap_fake_cname(struct rwrap_fake_rr *rr,
773 unsigned char hostname_compressed[MAXDNAME];
776 if (rr->type != ns_t_cname) {
777 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
780 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding CNAME RR");
782 /* Prepare the data to write */
783 rdata_size = ns_name_compress(rr->rrdata.cname_rec,
784 hostname_compressed, MAXDNAME,
786 if (rdata_size < 0) {
790 resp_size = rwrap_fake_rdata_common(ns_t_cname, rdata_size,
791 rr->key, anslen, &a);
796 memcpy(a, hostname_compressed, rdata_size);
801 static ssize_t rwrap_fake_ptr(struct rwrap_fake_rr *rr,
808 unsigned char hostname_compressed[MAXDNAME];
810 if (rr->type != ns_t_ptr) {
811 RWRAP_LOG(RWRAP_LOG_ERROR, "Wrong type!\n");
814 RWRAP_LOG(RWRAP_LOG_TRACE, "Adding PTR RR");
816 /* Prepare the data to write */
817 rdata_size = ns_name_compress(rr->rrdata.ptr_rec,
818 hostname_compressed, MAXDNAME,
820 if (rdata_size < 0) {
824 resp_size = rwrap_fake_rdata_common(ns_t_ptr, rdata_size,
825 rr->key, anslen, &a);
830 memcpy(a, hostname_compressed, rdata_size);
835 #define RESOLV_MATCH(line, name) \
836 (strncmp(line, name, sizeof(name) - 1) == 0 && \
837 (line[sizeof(name) - 1] == ' ' || \
838 line[sizeof(name) - 1] == '\t'))
840 #define TYPE_MATCH(type, ns_type, rec_type, str_type, key, query) \
841 ((type) == (ns_type) && \
842 (strncmp((rec_type), (str_type), sizeof(str_type)) == 0) && \
843 (strcasecmp(key, query)) == 0)
846 static int rwrap_get_record(const char *hostfile, unsigned recursion,
847 const char *query, int type,
848 struct rwrap_fake_rr *rr);
850 static int rwrap_uri_recurse(const char *hostfile, unsigned recursion,
851 const char *query, struct rwrap_fake_rr *rr)
855 rc = rwrap_get_record(hostfile, recursion, query, ns_t_uri, rr);
863 static int rwrap_srv_recurse(const char *hostfile, unsigned recursion,
864 const char *query, struct rwrap_fake_rr *rr)
868 rc = rwrap_get_record(hostfile, recursion, query, ns_t_a, rr);
869 if (rc == 0) return 0;
871 rc = rwrap_get_record(hostfile, recursion, query, ns_t_aaaa, rr);
872 if (rc == ENOENT) rc = 0;
877 static int rwrap_cname_recurse(const char *hostfile, unsigned recursion,
878 const char *query, struct rwrap_fake_rr *rr)
882 rc = rwrap_get_record(hostfile, recursion, query, ns_t_a, rr);
883 if (rc == 0) return 0;
885 rc = rwrap_get_record(hostfile, recursion, query, ns_t_aaaa, rr);
886 if (rc == 0) return 0;
888 rc = rwrap_get_record(hostfile, recursion, query, ns_t_cname, rr);
889 if (rc == ENOENT) rc = 0;
894 static int rwrap_get_record(const char *hostfile, unsigned recursion,
895 const char *query, int type,
896 struct rwrap_fake_rr *rr)
903 unsigned num_uris = 0;
905 if (recursion >= RWRAP_MAX_RECURSION) {
906 RWRAP_LOG(RWRAP_LOG_ERROR, "Recursed too deep!\n");
910 RWRAP_LOG(RWRAP_LOG_TRACE,
911 "Searching in fake hosts file %s for %s:%d\n", hostfile,
914 fp = fopen(hostfile, "r");
916 RWRAP_LOG(RWRAP_LOG_WARN,
917 "Opening %s failed: %s",
918 hostfile, strerror(errno));
922 while (fgets(buf, sizeof(buf), fp) != NULL) {
929 NEXT_KEY(rec_type, key);
930 NEXT_KEY(key, value);
932 if (key == NULL || value == NULL) {
933 RWRAP_LOG(RWRAP_LOG_WARN,
934 "Malformed line: not enough parts, use \"rec_type key data\n"
935 "For example \"A cwrap.org 10.10.10.10\"");
940 while(q[0] != '\n' && q[0] != '\0') {
945 if (type == ns_t_uri && recursion > 0) {
946 /* Skip non-URI records. */
947 if (!TYPE_MATCH(type, ns_t_uri, rec_type, "URI", key, query)) {
950 /* Skip previous records based on the recurse depth. */
952 if (num_uris <= recursion) {
957 if (TYPE_MATCH(type, ns_t_a, rec_type, "A", key, query)) {
958 rc = rwrap_create_fake_a_rr(key, value, rr);
960 } else if (TYPE_MATCH(type, ns_t_aaaa,
961 rec_type, "AAAA", key, query)) {
962 rc = rwrap_create_fake_aaaa_rr(key, value, rr);
964 } else if (TYPE_MATCH(type, ns_t_ns,
965 rec_type, "NS", key, query)) {
966 rc = rwrap_create_fake_ns_rr(key, value, rr);
968 } else if (TYPE_MATCH(type, ns_t_srv,
969 rec_type, "SRV", key, query)) {
970 rc = rwrap_create_fake_srv_rr(key, value, rr);
972 rc = rwrap_srv_recurse(hostfile, recursion+1,
973 rr->rrdata.srv_rec.hostname,
977 } else if (TYPE_MATCH(type, ns_t_uri,
978 rec_type, "URI", key, query)) {
979 rc = rwrap_create_fake_uri_rr(key, value, rr);
981 /* Recurse to collect multiple URI answers under a single key. */
982 rc = rwrap_uri_recurse(hostfile, recursion + 1, key, rr + 1);
985 } else if (TYPE_MATCH(type, ns_t_soa,
986 rec_type, "SOA", key, query)) {
987 rc = rwrap_create_fake_soa_rr(key, value, rr);
989 } else if (TYPE_MATCH(type, ns_t_cname,
990 rec_type, "CNAME", key, query)) {
991 rc = rwrap_create_fake_cname_rr(key, value, rr);
993 rc = rwrap_cname_recurse(hostfile, recursion+1,
997 } else if (TYPE_MATCH(type, ns_t_a, rec_type, "CNAME", key, query)) {
998 rc = rwrap_create_fake_cname_rr(key, value, rr);
1000 rc = rwrap_cname_recurse(hostfile, recursion+1,
1004 } else if (TYPE_MATCH(type, ns_t_ptr,
1005 rec_type, "PTR", key, query)) {
1006 rc = rwrap_create_fake_ptr_rr(key, value, rr);
1009 else if (TYPE_MATCH(type, ns_t_txt,
1010 rec_type, "TXT", key, query)) {
1011 rc = rwrap_create_fake_txt_rr(key, value, rr);
1016 if (rc == ENOENT && recursion == 0 && key != NULL) {
1017 RWRAP_LOG(RWRAP_LOG_TRACE, "Record for [%s] not found\n", query);
1018 memcpy(rr->key, key, strlen(key) + 1);
1025 static ssize_t rwrap_fake_empty(int type,
1026 const char *question,
1031 size_t remaining = anslen;
1033 resp_data = rwrap_fake_header(&answer, remaining, 0, 0);
1034 if (resp_data < 0) {
1037 remaining -= resp_data;
1039 resp_data += rwrap_fake_question(question, type, &answer, remaining);
1040 if (resp_data < 0) {
1043 remaining -= resp_data;
1045 resp_data += rwrap_fake_rdata_common(type, 0, question,
1046 remaining, &answer);
1047 if (resp_data < 0) {
1054 static inline bool rwrap_known_type(int type)
1072 static int rwrap_ancount(struct rwrap_fake_rr *rrs, int qtype)
1077 /* For URI return the number of URIs. */
1078 if (qtype == ns_t_uri) {
1079 for (i = 0; i < RWRAP_MAX_RECURSION; i++) {
1080 if (rwrap_known_type(rrs[i].type) &&
1081 rrs[i].type == qtype) {
1088 /* Include all RRs in the stack until the sought type
1089 * in the answer section. This is the case i.e. when looking
1090 * up an A record but the name points to a CNAME
1092 for (i = 0; i < RWRAP_MAX_RECURSION; i++) {
1095 if (rwrap_known_type(rrs[i].type) &&
1096 rrs[i].type == qtype) {
1101 /* Return 0 records if the sought type wasn't in the stack */
1102 return i < RWRAP_MAX_RECURSION ? ancount : 0;
1105 static int rwrap_arcount(struct rwrap_fake_rr *rrs, int ancount)
1110 /* start from index ancount */
1111 for (i = ancount; i < RWRAP_MAX_RECURSION; i++) {
1112 if (rwrap_known_type(rrs[i].type)) {
1120 static ssize_t rwrap_add_rr(struct rwrap_fake_rr *rr,
1127 RWRAP_LOG(RWRAP_LOG_ERROR, "Internal error!\n");
1133 resp_data = rwrap_fake_a(rr, answer, anslen);
1136 resp_data = rwrap_fake_aaaa(rr, answer, anslen);
1139 resp_data = rwrap_fake_ns(rr, answer, anslen);
1142 resp_data = rwrap_fake_srv(rr, answer, anslen);
1145 resp_data = rwrap_fake_uri(rr, answer, anslen);
1148 resp_data = rwrap_fake_soa(rr, answer, anslen);
1151 resp_data = rwrap_fake_cname(rr, answer, anslen);
1154 resp_data = rwrap_fake_ptr(rr, answer, anslen);
1157 resp_data = rwrap_fake_txt(rr, answer, anslen);
1166 static ssize_t rwrap_fake_answer(struct rwrap_fake_rr *rrs,
1174 size_t remaining = anslen;
1179 ancount = rwrap_ancount(rrs, type);
1180 arcount = rwrap_arcount(rrs, ancount);
1181 RWRAP_LOG(RWRAP_LOG_TRACE,
1182 "Got %d answers and %d additional records\n", ancount, arcount);
1184 resp_data = rwrap_fake_header(&answer, remaining, ancount, arcount);
1185 if (resp_data < 0) {
1188 remaining -= resp_data;
1190 resp_data += rwrap_fake_question(rrs->key, rrs->type, &answer, remaining);
1191 if (resp_data < 0) {
1194 remaining -= resp_data;
1197 for (i = 0; i < ancount; i++) {
1198 rrlen = rwrap_add_rr(&rrs[i], answer, remaining);
1207 /* add authoritative NS here? */
1209 /* additional records */
1210 for (i = ancount; i < ancount + arcount; i++) {
1211 rrlen = rwrap_add_rr(&rrs[i], answer, remaining);
1223 /* Reads in a file in the following format:
1226 * Malformed entries are silently skipped.
1227 * Allocates answer buffer of size anslen that has to be freed after use.
1229 static int rwrap_res_fake_hosts(const char *hostfile,
1232 unsigned char *answer,
1236 char *query_name = NULL;
1237 size_t qlen = strlen(query);
1238 struct rwrap_fake_rr rrs[RWRAP_MAX_RECURSION];
1241 RWRAP_LOG(RWRAP_LOG_TRACE,
1242 "Searching in fake hosts file %s\n", hostfile);
1244 if (qlen > 0 && query[qlen-1] == '.') {
1248 query_name = strndup(query, qlen);
1249 if (query_name == NULL) {
1253 rwrap_fake_rr_init(rrs, RWRAP_MAX_RECURSION);
1255 rc = rwrap_get_record(hostfile, 0, query_name, type, rrs);
1258 RWRAP_LOG(RWRAP_LOG_TRACE,
1259 "Found record for [%s]\n", query_name);
1260 resp_size = rwrap_fake_answer(rrs, type, answer, anslen);
1263 RWRAP_LOG(RWRAP_LOG_TRACE,
1264 "No record for [%s]\n", query_name);
1265 resp_size = rwrap_fake_empty(type, rrs->key, answer, anslen);
1268 RWRAP_LOG(RWRAP_LOG_NOTICE,
1269 "Searching for [%s] did not return any results\n",
1275 switch (resp_size) {
1277 RWRAP_LOG(RWRAP_LOG_ERROR,
1278 "Error faking answer for [%s]\n", query_name);
1281 RWRAP_LOG(RWRAP_LOG_TRACE,
1282 "Successfully faked answer for [%s]\n",
1291 /*********************************************************
1292 * RWRAP LOADING LIBC FUNCTIONS
1293 *********************************************************/
1297 typedef int (*__libc_res_ninit)(struct __res_state *state);
1298 typedef int (*__libc___res_ninit)(struct __res_state *state);
1299 typedef void (*__libc_res_nclose)(struct __res_state *state);
1300 typedef void (*__libc___res_nclose)(struct __res_state *state);
1301 typedef int (*__libc_res_nquery)(struct __res_state *state,
1305 unsigned char *answer,
1307 typedef int (*__libc___res_nquery)(struct __res_state *state,
1311 unsigned char *answer,
1313 typedef int (*__libc_res_nsearch)(struct __res_state *state,
1317 unsigned char *answer,
1319 typedef int (*__libc___res_nsearch)(struct __res_state *state,
1323 unsigned char *answer,
1326 #define RWRAP_SYMBOL_ENTRY(i) \
1332 struct rwrap_libc_symbols {
1333 RWRAP_SYMBOL_ENTRY(res_ninit);
1334 RWRAP_SYMBOL_ENTRY(__res_ninit);
1335 RWRAP_SYMBOL_ENTRY(res_nclose);
1336 RWRAP_SYMBOL_ENTRY(__res_nclose);
1337 RWRAP_SYMBOL_ENTRY(res_nquery);
1338 RWRAP_SYMBOL_ENTRY(__res_nquery);
1339 RWRAP_SYMBOL_ENTRY(res_nsearch);
1340 RWRAP_SYMBOL_ENTRY(__res_nsearch);
1342 #undef RWRAP_SYMBOL_ENTRY
1347 struct rwrap_libc_symbols symbols;
1352 struct rwrap_libc_symbols symbols;
1361 static struct rwrap rwrap;
1368 static const char *rwrap_str_lib(enum rwrap_lib lib)
1373 case RWRAP_LIBRESOLV:
1377 /* Compiler would warn us about unhandled enum value if we get here */
1381 static void *rwrap_load_lib_handle(enum rwrap_lib lib)
1383 int flags = RTLD_LAZY;
1384 void *handle = NULL;
1387 #ifdef RTLD_DEEPBIND
1388 const char *env_preload = getenv("LD_PRELOAD");
1389 const char *env_deepbind = getenv("RESOLV_WRAPPER_DISABLE_DEEPBIND");
1390 bool enable_deepbind = true;
1392 /* Don't do a deepbind if we run with libasan */
1393 if (env_preload != NULL && strlen(env_preload) < 1024) {
1394 const char *p = strstr(env_preload, "libasan.so");
1396 enable_deepbind = false;
1400 if (env_deepbind != NULL && strlen(env_deepbind) >= 1) {
1401 enable_deepbind = false;
1404 if (enable_deepbind) {
1405 flags |= RTLD_DEEPBIND;
1410 case RWRAP_LIBRESOLV:
1411 #ifdef HAVE_LIBRESOLV
1412 handle = rwrap.libresolv.handle;
1413 if (handle == NULL) {
1414 for (i = 10; i >= 0; i--) {
1415 char soname[256] = {0};
1417 snprintf(soname, sizeof(soname), "libresolv.so.%d", i);
1418 handle = dlopen(soname, flags);
1419 if (handle != NULL) {
1424 rwrap.libresolv.handle = handle;
1430 handle = rwrap.libc.handle;
1432 if (handle == NULL) {
1433 handle = dlopen(LIBC_SO, flags);
1435 rwrap.libc.handle = handle;
1438 if (handle == NULL) {
1439 for (i = 10; i >= 0; i--) {
1440 char soname[256] = {0};
1442 snprintf(soname, sizeof(soname), "libc.so.%d", i);
1443 handle = dlopen(soname, flags);
1444 if (handle != NULL) {
1449 rwrap.libc.handle = handle;
1454 if (handle == NULL) {
1456 handle = rwrap.libc.handle = rwrap.libresolv.handle = RTLD_NEXT;
1458 RWRAP_LOG(RWRAP_LOG_ERROR,
1459 "Failed to dlopen library: %s\n",
1468 static void *_rwrap_bind_symbol(enum rwrap_lib lib, const char *fn_name)
1473 handle = rwrap_load_lib_handle(lib);
1475 func = dlsym(handle, fn_name);
1477 RWRAP_LOG(RWRAP_LOG_ERROR,
1478 "Failed to find %s: %s\n",
1479 fn_name, dlerror());
1483 RWRAP_LOG(RWRAP_LOG_TRACE,
1484 "Loaded %s from %s",
1485 fn_name, rwrap_str_lib(lib));
1489 #define rwrap_bind_symbol_libc(sym_name) \
1490 if (rwrap.libc.symbols._libc_##sym_name.obj == NULL) { \
1491 rwrap.libc.symbols._libc_##sym_name.obj = \
1492 _rwrap_bind_symbol(RWRAP_LIBC, #sym_name); \
1495 #define rwrap_bind_symbol_libresolv(sym_name) \
1496 if (rwrap.libresolv.symbols._libc_##sym_name.obj == NULL) { \
1497 rwrap.libresolv.symbols._libc_##sym_name.obj = \
1498 _rwrap_bind_symbol(RWRAP_LIBRESOLV, #sym_name); \
1504 * Functions especially from libc need to be loaded individually, you can't load
1505 * all at once or gdb will segfault at startup. The same applies to valgrind and
1506 * has probably something todo with with the linker.
1507 * So we need load each function at the point it is called the first time.
1510 static int libc_res_ninit(struct __res_state *state)
1512 #if !defined(res_ninit) && defined(HAVE_RES_NINIT)
1513 rwrap_bind_symbol_libresolv(res_ninit);
1515 return rwrap.libresolv.symbols._libc_res_ninit.f(state);
1516 #elif defined(HAVE___RES_NINIT)
1517 rwrap_bind_symbol_libresolv(__res_ninit);
1519 return rwrap.libresolv.symbols._libc___res_ninit.f(state);
1521 #error "No res_ninit function"
1525 static void libc_res_nclose(struct __res_state *state)
1527 #if !defined(res_close) && defined(HAVE_RES_NCLOSE)
1528 rwrap_bind_symbol_libresolv(res_nclose);
1530 rwrap.libresolv.symbols._libc_res_nclose.f(state);
1532 #elif defined(HAVE___RES_NCLOSE)
1533 rwrap_bind_symbol_libresolv(__res_nclose);
1535 rwrap.libresolv.symbols._libc___res_nclose.f(state);
1537 #error "No res_nclose function"
1541 static int libc_res_nquery(struct __res_state *state,
1545 unsigned char *answer,
1548 #if !defined(res_nquery) && defined(HAVE_RES_NQUERY)
1549 rwrap_bind_symbol_libresolv(res_nquery);
1551 return rwrap.libresolv.symbols._libc_res_nquery.f(state,
1557 #elif defined(HAVE___RES_NQUERY)
1558 rwrap_bind_symbol_libresolv(__res_nquery);
1560 return rwrap.libresolv.symbols._libc___res_nquery.f(state,
1567 #error "No res_nquery function"
1571 static int libc_res_nsearch(struct __res_state *state,
1575 unsigned char *answer,
1578 #if !defined(res_nsearch) && defined(HAVE_RES_NSEARCH)
1579 rwrap_bind_symbol_libresolv(res_nsearch);
1581 return rwrap.libresolv.symbols._libc_res_nsearch.f(state,
1587 #elif defined(HAVE___RES_NSEARCH)
1588 rwrap_bind_symbol_libresolv(__res_nsearch);
1590 return rwrap.libresolv.symbols._libc___res_nsearch.f(state,
1597 #error "No res_nsearch function"
1601 /****************************************************************************
1603 ***************************************************************************/
1605 static int rwrap_parse_resolv_conf(struct __res_state *state,
1606 const char *resolv_conf)
1612 fp = fopen(resolv_conf, "r");
1614 RWRAP_LOG(RWRAP_LOG_ERROR,
1615 "Opening %s failed: %s",
1616 resolv_conf, strerror(errno));
1620 while(fgets(buf, sizeof(buf), fp) != NULL) {
1623 /* Ignore comments */
1624 if (buf[0] == '#' || buf[0] == ';') {
1628 if (RESOLV_MATCH(buf, "nameserver") && nserv < MAXNS) {
1633 p = buf + strlen("nameserver");
1635 /* Skip spaces and tabs */
1636 while(isblank((int)p[0])) {
1641 while(q[0] != '\n' && q[0] != '\0') {
1646 ok = inet_pton(AF_INET, p, &a);
1648 state->nsaddr_list[state->nscount] = (struct sockaddr_in) {
1649 .sin_family = AF_INET,
1651 .sin_port = htons(53),
1658 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1661 ok = inet_pton(AF_INET6, p, &a6);
1663 struct sockaddr_in6 *sa6;
1665 sa6 = malloc(sizeof(*sa6));
1671 sa6->sin6_family = AF_INET6;
1672 sa6->sin6_port = htons(53);
1673 sa6->sin6_flowinfo = 0;
1674 sa6->sin6_addr = a6;
1676 state->_u._ext.nsaddrs[state->_u._ext.nscount] = sa6;
1677 state->_u._ext.nssocks[state->_u._ext.nscount] = -1;
1678 state->_u._ext.nsmap[state->_u._ext.nscount] = MAXNS + 1;
1680 state->_u._ext.nscount++;
1683 RWRAP_LOG(RWRAP_LOG_ERROR,
1684 "Malformed DNS server");
1687 #else /* !HAVE_RESOLV_IPV6_NSADDRS */
1689 * BSD uses an opaque structure to store the
1690 * IPv6 addresses. So we can not simply store
1691 * these addresses the same way as above.
1693 RWRAP_LOG(RWRAP_LOG_WARN,
1694 "resolve_wrapper does not support "
1695 "IPv6 on this platform");
1700 } /* TODO: match other keywords */
1704 RWRAP_LOG(RWRAP_LOG_ERROR,
1705 "Reading from %s failed",
1715 /****************************************************************************
1717 ***************************************************************************/
1719 static int rwrap_res_ninit(struct __res_state *state)
1723 rc = libc_res_ninit(state);
1725 const char *resolv_conf = getenv("RESOLV_WRAPPER_CONF");
1727 if (resolv_conf != NULL) {
1730 (void)i; /* maybe unused */
1732 /* Delete name servers */
1734 memset(state->nsaddr_list, 0, sizeof(state->nsaddr_list));
1736 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1737 state->_u._ext.nscount = 0;
1738 for (i = 0; i < state->_u._ext.nscount; i++) {
1739 SAFE_FREE(state->_u._ext.nsaddrs[i]);
1743 rc = rwrap_parse_resolv_conf(state, resolv_conf);
1750 #if !defined(res_ninit) && defined(HAVE_RES_NINIT)
1751 int res_ninit(struct __res_state *state)
1752 #elif defined(HAVE___RES_NINIT)
1753 int __res_ninit(struct __res_state *state)
1756 return rwrap_res_ninit(state);
1759 /****************************************************************************
1761 ***************************************************************************/
1763 static struct __res_state rwrap_res_state;
1765 static int rwrap_res_init(void)
1769 rc = rwrap_res_ninit(&rwrap_res_state);
1774 #if !defined(res_ninit) && defined(HAVE_RES_INIT)
1776 #elif defined(HAVE___RES_INIT)
1777 int __res_init(void)
1780 return rwrap_res_init();
1783 /****************************************************************************
1785 ***************************************************************************/
1787 static void rwrap_res_nclose(struct __res_state *state)
1789 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1793 libc_res_nclose(state);
1795 #ifdef HAVE_RESOLV_IPV6_NSADDRS
1796 if (state != NULL) {
1797 for (i = 0; i < state->_u._ext.nscount; i++) {
1798 SAFE_FREE(state->_u._ext.nsaddrs[i]);
1804 #if !defined(res_nclose) && defined(HAVE_RES_NCLOSE)
1805 void res_nclose(struct __res_state *state)
1806 #elif defined(HAVE___RES_NCLOSE)
1807 void __res_nclose(struct __res_state *state)
1810 rwrap_res_nclose(state);
1813 /****************************************************************************
1815 ***************************************************************************/
1817 static void rwrap_res_close(void)
1819 rwrap_res_nclose(&rwrap_res_state);
1822 #if defined(HAVE_RES_CLOSE)
1823 void res_close(void)
1824 #elif defined(HAVE___RES_CLOSE)
1825 void __res_close(void)
1831 /****************************************************************************
1833 ***************************************************************************/
1835 static int rwrap_res_nquery(struct __res_state *state,
1839 unsigned char *answer,
1843 const char *fake_hosts;
1848 RWRAP_LOG(RWRAP_LOG_TRACE,
1849 "Resolve the domain name [%s] - class=%d, type=%d",
1850 dname, class, type);
1852 for (i = 0; i < state->nscount; i++) {
1853 char ip[INET6_ADDRSTRLEN];
1855 inet_ntop(AF_INET, &state->nsaddr_list[i].sin_addr, ip, sizeof(ip));
1856 RWRAP_LOG(RWRAP_LOG_TRACE,
1862 fake_hosts = getenv("RESOLV_WRAPPER_HOSTS");
1863 if (fake_hosts != NULL) {
1864 rc = rwrap_res_fake_hosts(fake_hosts, dname, type, answer, anslen);
1866 rc = libc_res_nquery(state, dname, class, type, answer, anslen);
1870 RWRAP_LOG(RWRAP_LOG_TRACE,
1871 "The returned response length is: %d",
1877 #if !defined(res_nquery) && defined(HAVE_RES_NQUERY)
1878 int res_nquery(struct __res_state *state,
1882 unsigned char *answer,
1884 #elif defined(HAVE___RES_NQUERY)
1885 int __res_nquery(struct __res_state *state,
1889 unsigned char *answer,
1893 return rwrap_res_nquery(state, dname, class, type, answer, anslen);
1896 /****************************************************************************
1898 ***************************************************************************/
1900 static int rwrap_res_query(const char *dname,
1903 unsigned char *answer,
1908 rc = rwrap_res_ninit(&rwrap_res_state);
1913 rc = rwrap_res_nquery(&rwrap_res_state,
1923 #if !defined(res_query) && defined(HAVE_RES_QUERY)
1924 int res_query(const char *dname,
1927 unsigned char *answer,
1929 #elif defined(HAVE___RES_QUERY)
1930 int __res_query(const char *dname,
1933 unsigned char *answer,
1937 return rwrap_res_query(dname, class, type, answer, anslen);
1940 /****************************************************************************
1942 ***************************************************************************/
1944 static int rwrap_res_nsearch(struct __res_state *state,
1948 unsigned char *answer,
1952 const char *fake_hosts;
1957 RWRAP_LOG(RWRAP_LOG_TRACE,
1958 "Resolve the domain name [%s] - class=%d, type=%d",
1959 dname, class, type);
1961 for (i = 0; i < state->nscount; i++) {
1962 char ip[INET6_ADDRSTRLEN];
1964 inet_ntop(AF_INET, &state->nsaddr_list[i].sin_addr, ip, sizeof(ip));
1965 RWRAP_LOG(RWRAP_LOG_TRACE,
1971 fake_hosts = getenv("RESOLV_WRAPPER_HOSTS");
1972 if (fake_hosts != NULL) {
1973 rc = rwrap_res_fake_hosts(fake_hosts, dname, type, answer, anslen);
1975 rc = libc_res_nsearch(state, dname, class, type, answer, anslen);
1978 RWRAP_LOG(RWRAP_LOG_TRACE,
1979 "The returned response length is: %d",
1985 #if !defined(res_nsearch) && defined(HAVE_RES_NSEARCH)
1986 int res_nsearch(struct __res_state *state,
1990 unsigned char *answer,
1992 #elif defined(HAVE___RES_NSEARCH)
1993 int __res_nsearch(struct __res_state *state,
1997 unsigned char *answer,
2001 return rwrap_res_nsearch(state, dname, class, type, answer, anslen);
2004 /****************************************************************************
2006 ***************************************************************************/
2008 static int rwrap_res_search(const char *dname,
2011 unsigned char *answer,
2016 rc = rwrap_res_ninit(&rwrap_res_state);
2021 rc = rwrap_res_nsearch(&rwrap_res_state,
2031 #if !defined(res_search) && defined(HAVE_RES_SEARCH)
2032 int res_search(const char *dname,
2035 unsigned char *answer,
2037 #elif defined(HAVE___RES_SEARCH)
2038 int __res_search(const char *dname,
2041 unsigned char *answer,
2045 return rwrap_res_search(dname, class, type, answer, anslen);