summaryrefslogtreecommitdiff
path: root/server
diff options
context:
space:
mode:
Diffstat (limited to 'server')
-rw-r--r--server/Makefile.am12
-rw-r--r--server/external/libcares.m422
-rw-r--r--server/resolv/ares/ares_dns.h91
-rw-r--r--server/resolv/ares/ares_parse_srv_reply.c173
-rw-r--r--server/resolv/ares/ares_parse_srv_reply.h14
-rw-r--r--server/resolv/ares/ares_parse_txt_reply.c157
-rw-r--r--server/resolv/ares/ares_parse_txt_reply.h12
-rw-r--r--server/resolv/async_resolv.c10
-rw-r--r--server/resolv/async_resolv.h8
9 files changed, 498 insertions, 1 deletions
diff --git a/server/Makefile.am b/server/Makefile.am
index 575f5212..4ee344bb 100644
--- a/server/Makefile.am
+++ b/server/Makefile.am
@@ -151,6 +151,13 @@ SSSD_TOOLS_OBJ = \
SSSD_RESOLV_OBJ = \
resolv/async_resolv.c
+if BUILD_ARES_PARSE_SRV
+ SSSD_RESOLV_OBJ += resolv/ares/ares_parse_srv_reply.c
+endif
+if BUILD_ARES_PARSE_TXT
+ SSSD_RESOLV_OBJ += resolv/ares/ares_parse_txt_reply.c
+endif
+
SSSD_LIBS = \
$(TALLOC_LIBS) \
@@ -200,7 +207,10 @@ dist_noinst_HEADERS = \
providers/ldap/sdap_async.h \
tools/tools_util.h \
krb5_plugin/sssd_krb5_locator_plugin.h \
- resolv/async_resolv.h
+ resolv/async_resolv.h \
+ resolv/ares/ares_parse_srv_reply.h \
+ resolv/ares/ares_parse_txt_reply.h
+
####################
# Program Binaries #
diff --git a/server/external/libcares.m4 b/server/external/libcares.m4
index 09451b3f..020a1708 100644
--- a/server/external/libcares.m4
+++ b/server/external/libcares.m4
@@ -7,3 +7,25 @@ AC_CHECK_HEADERS(ares.h,
[AC_MSG_ERROR([c-ares header files are not installed])]
)
+dnl Check if this particular version of c-ares supports parsing of SRV records
+AC_CHECK_LIB([cares],
+ [ares_parse_srv_reply],
+ [AC_DEFINE([HAVE_ARES_PARSE_SRV], 1, [Does c-ares support srv parsing?])
+ ],
+ [
+ ares_build_srv=1
+ ]
+)
+
+dnl Check if this particular version of c-ares supports parsing of TXT records
+AC_CHECK_LIB([cares],
+ [ares_parse_txt_reply],
+ [AC_DEFINE([HAVE_ARES_PARSE_TXT], 1, [Does c-ares support txt parsing?])
+ ],
+ [
+ ares_build_txt=1
+ ]
+)
+
+AM_CONDITIONAL(BUILD_ARES_PARSE_SRV, test x$ares_build_srv = x1)
+AM_CONDITIONAL(BUILD_ARES_PARSE_TXT, test x$ares_build_txt = x1)
diff --git a/server/resolv/ares/ares_dns.h b/server/resolv/ares/ares_dns.h
new file mode 100644
index 00000000..c0a9dda6
--- /dev/null
+++ b/server/resolv/ares/ares_dns.h
@@ -0,0 +1,91 @@
+/* $Id: ares_dns.h,v 1.8 2007-02-16 14:22:08 yangtse Exp $ */
+
+/* Copyright 1998 by the Massachusetts Institute of Technology.
+ *
+ * Permission to use, copy, modify, and distribute this
+ * software and its documentation for any purpose and without
+ * fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright
+ * notice and this permission notice appear in supporting
+ * documentation, and that the name of M.I.T. not be used in
+ * advertising or publicity pertaining to distribution of the
+ * software without specific, written prior permission.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is"
+ * without express or implied warranty.
+ */
+
+#ifndef ARES__DNS_H
+#define ARES__DNS_H
+
+#define DNS__16BIT(p) (((p)[0] << 8) | (p)[1])
+#define DNS__32BIT(p) (((p)[0] << 24) | ((p)[1] << 16) | \
+ ((p)[2] << 8) | (p)[3])
+
+#define DNS__SET16BIT(p, v) (((p)[0] = (unsigned char)(((v) >> 8) & 0xff)), \
+ ((p)[1] = (unsigned char)((v) & 0xff)))
+#define DNS__SET32BIT(p, v) (((p)[0] = (unsigned char)(((v) >> 24) & 0xff)), \
+ ((p)[1] = (unsigned char)(((v) >> 16) & 0xff)), \
+ ((p)[2] = (unsigned char)(((v) >> 8) & 0xff)), \
+ ((p)[3] = (unsigned char)((v) & 0xff)))
+
+#if 0
+/* we cannot use this approach on systems where we can't access 16/32 bit
+ data on un-aligned addresses */
+#define DNS__16BIT(p) ntohs(*(unsigned short*)(p))
+#define DNS__32BIT(p) ntohl(*(unsigned long*)(p))
+#define DNS__SET16BIT(p, v) *(unsigned short*)(p) = htons(v)
+#define DNS__SET32BIT(p, v) *(unsigned long*)(p) = htonl(v)
+#endif
+
+/* Macros for parsing a DNS header */
+#define DNS_HEADER_QID(h) DNS__16BIT(h)
+#define DNS_HEADER_QR(h) (((h)[2] >> 7) & 0x1)
+#define DNS_HEADER_OPCODE(h) (((h)[2] >> 3) & 0xf)
+#define DNS_HEADER_AA(h) (((h)[2] >> 2) & 0x1)
+#define DNS_HEADER_TC(h) (((h)[2] >> 1) & 0x1)
+#define DNS_HEADER_RD(h) ((h)[2] & 0x1)
+#define DNS_HEADER_RA(h) (((h)[3] >> 7) & 0x1)
+#define DNS_HEADER_Z(h) (((h)[3] >> 4) & 0x7)
+#define DNS_HEADER_RCODE(h) ((h)[3] & 0xf)
+#define DNS_HEADER_QDCOUNT(h) DNS__16BIT((h) + 4)
+#define DNS_HEADER_ANCOUNT(h) DNS__16BIT((h) + 6)
+#define DNS_HEADER_NSCOUNT(h) DNS__16BIT((h) + 8)
+#define DNS_HEADER_ARCOUNT(h) DNS__16BIT((h) + 10)
+
+/* Macros for constructing a DNS header */
+#define DNS_HEADER_SET_QID(h, v) DNS__SET16BIT(h, v)
+#define DNS_HEADER_SET_QR(h, v) ((h)[2] |= (unsigned char)(((v) & 0x1) << 7))
+#define DNS_HEADER_SET_OPCODE(h, v) ((h)[2] |= (unsigned char)(((v) & 0xf) << 3))
+#define DNS_HEADER_SET_AA(h, v) ((h)[2] |= (unsigned char)(((v) & 0x1) << 2))
+#define DNS_HEADER_SET_TC(h, v) ((h)[2] |= (unsigned char)(((v) & 0x1) << 1))
+#define DNS_HEADER_SET_RD(h, v) ((h)[2] |= (unsigned char)((v) & 0x1))
+#define DNS_HEADER_SET_RA(h, v) ((h)[3] |= (unsigned char)(((v) & 0x1) << 7))
+#define DNS_HEADER_SET_Z(h, v) ((h)[3] |= (unsigned char)(((v) & 0x7) << 4))
+#define DNS_HEADER_SET_RCODE(h, v) ((h)[3] |= (unsigned char)((v) & 0xf))
+#define DNS_HEADER_SET_QDCOUNT(h, v) DNS__SET16BIT((h) + 4, v)
+#define DNS_HEADER_SET_ANCOUNT(h, v) DNS__SET16BIT((h) + 6, v)
+#define DNS_HEADER_SET_NSCOUNT(h, v) DNS__SET16BIT((h) + 8, v)
+#define DNS_HEADER_SET_ARCOUNT(h, v) DNS__SET16BIT((h) + 10, v)
+
+/* Macros for parsing the fixed part of a DNS question */
+#define DNS_QUESTION_TYPE(q) DNS__16BIT(q)
+#define DNS_QUESTION_CLASS(q) DNS__16BIT((q) + 2)
+
+/* Macros for constructing the fixed part of a DNS question */
+#define DNS_QUESTION_SET_TYPE(q, v) DNS__SET16BIT(q, v)
+#define DNS_QUESTION_SET_CLASS(q, v) DNS__SET16BIT((q) + 2, v)
+
+/* Macros for parsing the fixed part of a DNS resource record */
+#define DNS_RR_TYPE(r) DNS__16BIT(r)
+#define DNS_RR_CLASS(r) DNS__16BIT((r) + 2)
+#define DNS_RR_TTL(r) DNS__32BIT((r) + 4)
+#define DNS_RR_LEN(r) DNS__16BIT((r) + 8)
+
+/* Macros for constructing the fixed part of a DNS resource record */
+#define DNS_RR_SET_TYPE(r) DNS__SET16BIT(r, v)
+#define DNS_RR_SET_CLASS(r) DNS__SET16BIT((r) + 2, v)
+#define DNS_RR_SET_TTL(r) DNS__SET32BIT((r) + 4, v)
+#define DNS_RR_SET_LEN(r) DNS__SET16BIT((r) + 8, v)
+
+#endif /* ARES__DNS_H */
diff --git a/server/resolv/ares/ares_parse_srv_reply.c b/server/resolv/ares/ares_parse_srv_reply.c
new file mode 100644
index 00000000..9745fb07
--- /dev/null
+++ b/server/resolv/ares/ares_parse_srv_reply.c
@@ -0,0 +1,173 @@
+/*
+ SSSD
+
+ Async resolver - SRV records parsing
+
+ Authors:
+ Jakub Hrozek <jhrozek@redhat.com>
+
+ Copyright (C) Red Hat, Inc 2009
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+/*
+ * This code is based on other c-ares parsing licensed as follows:
+
+ * Copyright 1998 by the Massachusetts Institute of Technology.
+ *
+ * Permission to use, copy, modify, and distribute this
+ * software and its documentation for any purpose and without
+ * fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright
+ * notice and this permission notice appear in supporting
+ * documentation, and that the name of M.I.T. not be used in
+ * advertising or publicity pertaining to distribution of the
+ * software without specific, written prior permission.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is"
+ * without express or implied warranty.
+ */
+
+
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <netdb.h>
+#include <arpa/nameser.h>
+#include <stdlib.h>
+#include <string.h>
+#include "ares.h"
+/* this drags in some private macros c-ares uses */
+#include "ares_dns.h"
+
+#include "ares_parse_srv_reply.h"
+
+int _ares_parse_srv_reply (const unsigned char *abuf, int alen,
+ struct srv_reply **srv_out, int *nsrvreply)
+{
+ unsigned int qdcount, ancount;
+ const unsigned char *aptr;
+ int status, i, rr_type, rr_class, rr_len;
+ long len;
+ char *hostname = NULL, *rr_name = NULL;
+ struct srv_reply *srv = NULL;
+
+ /* Set *srv_out to NULL for all failure cases. */
+ if (srv_out)
+ *srv_out = NULL;
+ /* Same with *nsrvreply. */
+ if (nsrvreply)
+ *nsrvreply = 0;
+
+ /* Give up if abuf doesn't have room for a header. */
+ if (alen < HFIXEDSZ)
+ return ARES_EBADRESP;
+
+ /* Fetch the question and answer count from the header. */
+ qdcount = DNS_HEADER_QDCOUNT (abuf);
+ ancount = DNS_HEADER_ANCOUNT (abuf);
+ if (qdcount != 1)
+ return ARES_EBADRESP;
+ if (ancount == 0)
+ return ARES_ENODATA;
+
+ /* Expand the name from the question, and skip past the question. */
+ aptr = abuf + HFIXEDSZ;
+ status = ares_expand_name (aptr, abuf, alen, &hostname, &len);
+ if (status != ARES_SUCCESS)
+ return status;
+
+ if (aptr + len + QFIXEDSZ > abuf + alen)
+ {
+ free (hostname);
+ return ARES_EBADRESP;
+ }
+ aptr += len + QFIXEDSZ;
+
+ /* Allocate srv_reply array; ancount gives an upper bound */
+ srv = malloc ((ancount) * sizeof (struct srv_reply));
+ if (!srv)
+ {
+ free (hostname);
+ return ARES_ENOMEM;
+ }
+
+ /* Examine each answer resource record (RR) in turn. */
+ for (i = 0; i < (int) ancount; i++)
+ {
+ /* Decode the RR up to the data field. */
+ status = ares_expand_name (aptr, abuf, alen, &rr_name, &len);
+ if (status != ARES_SUCCESS)
+ {
+ break;
+ }
+ aptr += len;
+ if (aptr + RRFIXEDSZ > abuf + alen)
+ {
+ status = ARES_EBADRESP;
+ break;
+ }
+ rr_type = DNS_RR_TYPE (aptr);
+ rr_class = DNS_RR_CLASS (aptr);
+ rr_len = DNS_RR_LEN (aptr);
+ aptr += RRFIXEDSZ;
+
+ /* Check if we are really looking at a SRV record */
+ if (rr_class == C_IN && rr_type == T_SRV)
+ {
+ /* parse the SRV record itself */
+ if (rr_len < 6)
+ {
+ status = ARES_EBADRESP;
+ break;
+ }
+
+ srv[i].priority = ntohs (*((const uint16_t *)aptr));
+ aptr += sizeof(uint16_t);
+ srv[i].weight = ntohs (*((const uint16_t *)aptr));
+ aptr += sizeof(uint16_t);
+ srv[i].port = ntohs (*((const uint16_t *)aptr));
+ aptr += sizeof(uint16_t);
+
+ status = ares_expand_name (aptr, abuf, alen, &srv[i].host, &len);
+ if (status != ARES_SUCCESS)
+ break;
+
+ /* Move on to the next record */
+ aptr += len;
+
+ /* Don't lose memory in the next iteration */
+ free (rr_name);
+ rr_name = NULL;
+ }
+ }
+
+ /* clean up on error */
+ if (status != ARES_SUCCESS)
+ {
+ free (srv);
+ free (hostname);
+ free (rr_name);
+ return status;
+ }
+
+ /* everything looks fine, return the data */
+ *srv_out = srv;
+ *nsrvreply = ancount;
+
+ free (hostname);
+ free (rr_name);
+ return status;
+}
diff --git a/server/resolv/ares/ares_parse_srv_reply.h b/server/resolv/ares/ares_parse_srv_reply.h
new file mode 100644
index 00000000..43eb4154
--- /dev/null
+++ b/server/resolv/ares/ares_parse_srv_reply.h
@@ -0,0 +1,14 @@
+#ifndef __ARES_PARSE_SRV_REPLY_H__
+#define __ARES_PARSE_SRV_REPLY_H__
+
+struct srv_reply {
+ u_int16_t weight;
+ u_int16_t priority;
+ u_int16_t port;
+ char *host;
+};
+
+int _ares_parse_srv_reply (const unsigned char *abuf, int alen,
+ struct srv_reply **srv_out, int *nsrvreply);
+
+#endif /* __ARES_PARSE_SRV_REPLY_H__ */
diff --git a/server/resolv/ares/ares_parse_txt_reply.c b/server/resolv/ares/ares_parse_txt_reply.c
new file mode 100644
index 00000000..feb6af23
--- /dev/null
+++ b/server/resolv/ares/ares_parse_txt_reply.c
@@ -0,0 +1,157 @@
+/*
+ SSSD
+
+ Async resolver - TXT records parsing
+
+ Authors:
+ Jakub Hrozek <jhrozek@redhat.com>
+
+ Copyright (C) Red Hat, Inc 2009
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+/*
+ * This code is based on other c-ares parsing licensed as follows:
+
+ * Copyright 1998 by the Massachusetts Institute of Technology.
+ *
+ * Permission to use, copy, modify, and distribute this
+ * software and its documentation for any purpose and without
+ * fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright
+ * notice and this permission notice appear in supporting
+ * documentation, and that the name of M.I.T. not be used in
+ * advertising or publicity pertaining to distribution of the
+ * software without specific, written prior permission.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is"
+ * without express or implied warranty.
+ */
+
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <netdb.h>
+#include <arpa/nameser.h>
+#include <stdlib.h>
+#include <string.h>
+#include "ares.h"
+/* this drags in some private macros c-ares uses */
+#include "ares_dns.h"
+
+#include "ares_parse_txt_reply.h"
+
+int _ares_parse_txt_reply(const unsigned char* abuf, int alen,
+ struct txt_reply **txt_out, int *ntxtreply)
+{
+ unsigned int qdcount, ancount;
+ const unsigned char *aptr;
+ int status, i, rr_type, rr_class, rr_len;
+ long len;
+ char *hostname = NULL, *rr_name = NULL;
+ struct txt_reply *txt = NULL;
+
+ if (txt_out)
+ *txt_out = NULL;
+
+ /* Give up if abuf doesn't have room for a header. */
+ if (alen < HFIXEDSZ)
+ return ARES_EBADRESP;
+
+ /* Fetch the question and answer count from the header. */
+ qdcount = DNS_HEADER_QDCOUNT(abuf);
+ ancount = DNS_HEADER_ANCOUNT(abuf);
+ if (qdcount != 1)
+ return ARES_EBADRESP;
+ if (ancount == 0)
+ return ARES_ENODATA;
+
+ /* Expand the name from the question, and skip past the question. */
+ aptr = abuf + HFIXEDSZ;
+ status = ares_expand_name(aptr, abuf, alen, &hostname, &len);
+ if (status != ARES_SUCCESS)
+ return status;
+
+ if (aptr + len + QFIXEDSZ > abuf + alen)
+ {
+ free (hostname);
+ return ARES_EBADRESP;
+ }
+ aptr += len + QFIXEDSZ;
+
+ /* Allocate txt_reply array; ancount gives an upper bound */
+ txt = malloc ((ancount) * sizeof (struct txt_reply));
+ if (!txt)
+ {
+ free (hostname);
+ return ARES_ENOMEM;
+ }
+
+ /* Examine each answer resource record (RR) in turn. */
+ for (i = 0; i < (int) ancount; i++)
+ {
+ /* Decode the RR up to the data field. */
+ status = ares_expand_name(aptr, abuf, alen, &rr_name, &len);
+ if (status != ARES_SUCCESS)
+ {
+ break;
+ }
+ aptr += len;
+ if (aptr + RRFIXEDSZ > abuf + alen)
+ {
+ status = ARES_EBADRESP;
+ break;
+ }
+ rr_type = DNS_RR_TYPE(aptr);
+ rr_class = DNS_RR_CLASS(aptr);
+ rr_len = DNS_RR_LEN(aptr);
+ aptr += RRFIXEDSZ;
+
+ /* Check if we are really looking at a TXT record */
+ if (rr_class == C_IN && rr_type == T_TXT)
+ {
+ /* Grab the TXT payload */
+ txt[i].length = rr_len;
+ txt[i].txt = malloc(sizeof(unsigned char) * rr_len);
+ if (txt[i].txt == NULL)
+ {
+ status = ARES_ENOMEM;
+ break;
+ }
+ memcpy((void *) txt[i].txt, aptr+1, sizeof(unsigned char) * rr_len);
+ /* Move on to the next record */
+ aptr += rr_len;
+ }
+
+ /* Don't lose memory in the next iteration */
+ free(rr_name);
+ rr_name = NULL;
+ }
+
+ free(hostname);
+ free(rr_name);
+
+ /* clean up on error */
+ if (status != ARES_SUCCESS)
+ {
+ free (txt);
+ return status;
+ }
+
+ /* everything looks fine, return the data */
+ *txt_out = txt;
+ *ntxtreply = ancount;
+ return 0;
+}
diff --git a/server/resolv/ares/ares_parse_txt_reply.h b/server/resolv/ares/ares_parse_txt_reply.h
new file mode 100644
index 00000000..b1e32698
--- /dev/null
+++ b/server/resolv/ares/ares_parse_txt_reply.h
@@ -0,0 +1,12 @@
+#ifndef __ARES_PARSE_TXT_REPLY_H__
+#define __ARES_PARSE_TXT_REPLY_H__
+
+struct txt_reply {
+ int length; /* length of the text */
+ unsigned char *txt; /* may contain nulls */
+};
+
+int _ares_parse_txt_reply(const unsigned char* abuf, int alen,
+ struct txt_reply **txt_out, int *ntxtreply);
+
+#endif /* __ARES_PARSE_TXT_REPLY_H__ */
diff --git a/server/resolv/async_resolv.c b/server/resolv/async_resolv.c
index 70bea6c8..b77819c0 100644
--- a/server/resolv/async_resolv.c
+++ b/server/resolv/async_resolv.c
@@ -42,6 +42,16 @@
#include "util/dlinklist.h"
#include "util/util.h"
+#ifndef HAVE_ARES_PARSE_SRV
+#define ares_parse_srv_reply(abuf, alen, srv_out, nsrvreply) \
+ _ares_parse_srv_reply(abuf, alen, srv_out, nsrvreply)
+#endif /* HAVE_ARES_PARSE_SRV */
+
+#ifndef HAVE_ARES_PARSE_TXT
+#define ares_parse_txt_reply(abuf, alen, txt_out, ntxtreply) \
+ _ares_parse_txt_reply(abuf, alen, txt_out, ntxtreply)
+#endif /* HAVE_ARES_PARSE_TXT */
+
/* TODO: remove later
* These functions are available in the latest tevent/talloc and are the ones
* that should be used as tevent_req is rightfully opaque there */
diff --git a/server/resolv/async_resolv.h b/server/resolv/async_resolv.h
index 6acb6b2a..aabf871b 100644
--- a/server/resolv/async_resolv.h
+++ b/server/resolv/async_resolv.h
@@ -29,6 +29,14 @@
#include <netdb.h>
#include <ares.h>
+#ifndef HAVE_ARES_PARSE_TXT
+#include "resolv/ares/ares_parse_txt_reply.h"
+#endif /* HAVE_ARES_PARSE_TXT */
+
+#ifndef HAVE_ARES_PARSE_SRV
+#include "resolv/ares/ares_parse_srv_reply.h"
+#endif /* HAVE_ARES_PARSE_SRV */
+
/*
* An opaque structure which holds context for a module using the async
* resolver. Is should be used as a "local-global" variable - in sssd,