/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 2001,2002,2003,2004,2005,2006 by the Massachusetts Institute of Technology,
* Cambridge, MA, USA. All Rights Reserved.
*
* This software is being provided to you, the LICENSEE, by the
* Massachusetts Institute of Technology (M.I.T.) under the following
* that you have read, understood, and will comply with these terms and
* conditions:
*
* Export of this software from the United States of America may
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify and distribute
* this software and its documentation for any purpose and without fee or
* royalty is hereby granted, provided that you agree to comply with the
* following copyright notice and statements, including the disclaimer, and
* that the same appear on ALL copies of the software and documentation,
* including modifications that you make for internal use or for
* distribution:
*
* THIS SOFTWARE IS PROVIDED "AS IS", AND M.I.T. MAKES NO REPRESENTATIONS
* OR WARRANTIES, EXPRESS OR IMPLIED. By way of example, but not
* limitation, M.I.T. MAKES NO REPRESENTATIONS OR WARRANTIES OF
* MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF
* THE LICENSED SOFTWARE OR DOCUMENTATION WILL NOT INFRINGE ANY THIRD PARTY
* PATENTS, COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS.
*
* The name of the Massachusetts Institute of Technology or M.I.T. may NOT
* be used in advertising or publicity pertaining to distribution of the
* software. Title to copyright in this software and any associated
* documentation shall at all times remain with M.I.T., and USER agrees to
* preserve same.
*
* Furthermore if you modify this software you must label
* your software as modified software and not distribute it in such a
* fashion that it might be confused with the original M.I.T. software.
*/
/*
* Approach overview:
*
* If a system version is available but buggy, save handles to it,
* redefine the names to refer to static functions defined here, and
* in those functions, call the system versions and fix up the
* returned data. Use the native data structures and flag values.
*
* If no system version exists, use gethostby* and fake it. Define
* the data structures and flag values locally.
*
*
* On Mac OS X, getaddrinfo results aren't cached (though
* gethostbyname results are), so we need to build a cache here. Now
* things are getting really messy. Because the cache is in use, we
* use getservbyname, and throw away thread safety. (Not that the
* cache is thread safe, but when we get locking support, that'll be
* dealt with.) This code needs tearing down and rebuilding, soon.
*
*
* Note that recent Windows developers' code has an interesting hack:
* When you include the right header files, with the right set of
* macros indicating system versions, you'll get an inline function
* that looks for getaddrinfo (or whatever) in the system library, and
* calls it if it's there. If it's not there, it fakes it with
* gethostby* calls.
*
* We're taking a simpler approach: A system provides these routines or
* it does not.
*
* Someday, we may want to take into account different versions (say,
* different revs of GNU libc) where some are broken in one way, and
* some work or are broken in another way. Cross that bridge when we
* come to it.
*/
/*
* To do, maybe:
*
* + For AIX 4.3.3, using the RFC 2133 definition: Implement
* AI_NUMERICHOST. It's not defined in the header file.
*
* For certain (old?) versions of GNU libc, AI_NUMERICHOST is
* defined but not implemented.
*
* + Use gethostbyname2, inet_aton and other IPv6 or thread-safe
* functions if available. But, see
* gethostbyname2 problem on Linux. And besides, if a platform is
* supporting IPv6 at all, they really should be doing getaddrinfo
* by now.
*
* + inet_ntop, inet_pton
*
* library can have a single copy instead of multiple.
*
* + Upgrade host requirements to include working implementations of
* these functions, and throw all this away. Pleeease? :-)
*/
#include "port-sockets.h"
#include "socket-utils.h"
#include "k5-platform.h"
#include "k5-thread.h"
#include "supp-int.h"
#include <stdio.h>
#include <errno.h>
#define IMPLEMENT_FAKE_GETADDRINFO
#include "fake-addrinfo.h"
#ifdef S_SPLINT_S
/*@-incondefs@*/
extern int
/*@in@*/ /*@null@*/ const char *,
/*@out@*/ struct addrinfo **)
;
extern void
;
extern int
int flags)
/*@requires (maxSet(h)+1) >= hsz /\ (maxSet(s)+1) >= ssz @*/
/* too hard: maxRead(addr) >= (addrsz-1) */
/*@modifies *h, *s@*/;
/*@=incondefs@*/
#endif
#include "cache-addrinfo.h"
/* See comments below. */
# define WRAP_GETADDRINFO
#endif
#if defined (__linux__) && defined(HAVE_GETADDRINFO)
/* Define COPY_FIRST_CANONNAME for glibc 2.3 and prior. */
#include <features.h>
# ifdef __GLIBC_PREREQ
# define COPY_FIRST_CANONNAME
# endif
# else
# define COPY_FIRST_CANONNAME
# endif
#endif
#ifdef _AIX
# define NUMERIC_SERVICE_BROKEN
# define COPY_FIRST_CANONNAME
#endif
#ifdef COPY_FIRST_CANONNAME
# include <string.h>
#endif
#ifdef NUMERIC_SERVICE_BROKEN
# include <ctype.h> /* isdigit */
# include <stdlib.h> /* strtoul */
#endif
/* Do we actually have *any* systems we care about that don't provide
either getaddrinfo or one of these two flavors of
gethostbyname_r? */
#if !defined(HAVE_GETHOSTBYNAME_R) || defined(THREADSAFE_GETHOSTBYNAME)
#else
#ifdef _AIX /* XXX should have a feature test! */
typedef struct {
} GET_HOST_TMP;
{ \
? 0 \
}
/*
#define GET_HOST_BY_ADDR(ADDR, ADDRLEN, FAMILY, HP, ERR) \
{ \
struct hostent my_h_ent; \
struct hostent_data my_h_ent_data; \
(HP) = (gethostbyaddr_r((ADDR), (ADDRLEN), (FAMILY), &my_h_ent, \
&my_h_ent_data) \
? 0 \
: &my_h_ent); \
(ERR) = my_h_err; \
}
*/
#else
#ifdef GETHOSTBYNAME_R_RETURNS_INT
typedef struct {
} GET_HOST_TMP;
{ \
&my_h_err); \
? 0 \
}
{ \
&my_h_err); \
? 0 \
}
#else
typedef struct {
} GET_HOST_TMP;
{ \
int my_h_err; \
}
{ \
int my_h_err; \
}
#endif /* returns int? */
#endif /* _AIX */
#endif
/* Now do the same for getservby* functions. */
#ifndef HAVE_GETSERVBYNAME_R
#else
#ifdef GETSERVBYNAME_R_RETURNS_INT
typedef struct {
} GET_SERV_TMP;
{ \
int my_s_err; \
&my_s_err) \
? 0 \
}
{ \
int my_s_err; \
&my_s_err) \
? 0 \
}
#else
/* returns ptr -- IRIX? */
typedef struct {
} GET_SERV_TMP;
{ \
}
{ \
}
#endif
#endif
#if defined(WRAP_GETADDRINFO) || defined(FAI_CACHE)
static inline int
{
}
static inline void
{
}
/* Note: Implementations written to RFC 2133 use size_t, while RFC
2553 implementations use socklen_t, for the second parameter.
Mac OS X (10.2) and AIX 4.3.3 appear to be in the RFC 2133 camp,
but we don't have an autoconf test for that right now. */
static inline int
int flags)
{
}
#endif
#endif
#if !defined (HAVE_GETADDRINFO)
#endif /* ! HAVE_GETADDRINFO */
/* Some debug routines. */
#define X(N) if (p == IPPROTO_ ## N) return #N
X(TCP);
X(UDP);
X(ICMP);
X(IPV6);
#ifdef IPPROTO_GRE
X(GRE);
#endif
X(NONE);
X(RAW);
#ifdef IPPROTO_COMP
X(COMP);
#endif
#ifdef IPPROTO_IGMP
X(IGMP);
#endif
return buf;
}
switch (t) {
case SOCK_DGRAM: return "DGRAM";
case SOCK_STREAM: return "STREAM";
case SOCK_RAW: return "RAW";
case SOCK_RDM: return "RDM";
case SOCK_SEQPACKET: return "SEQPACKET";
}
return buf;
}
switch (f) {
default:
return buf;
case AF_INET: return "AF_INET";
case AF_INET6: return "AF_INET6";
#ifdef AF_UNIX
case AF_UNIX: return "AF_UNIX";
#endif
}
}
{
const char *sep;
"getaddrinfo(hostname %s, service %s,\n"
" hints { ",
if (hint) {
sep = "";
Z(CANONNAME);
Z(PASSIVE);
#ifdef AI_NUMERICHOST
Z(NUMERICHOST);
#endif
if (sep[0] == 0)
sizeof(buf)));
if (hint->ai_socktype)
sizeof(buf)));
if (hint->ai_protocol)
sizeof(buf)));
} else
}
{
}
{
int count = 0;
while (ai) {
sizeof(buf)));
sizeof(buf)));
count++;
}
}
#endif
#if !defined (HAVE_GETADDRINFO) || defined (WRAP_GETADDRINFO)
static
static
#endif
#if !defined (HAVE_GETADDRINFO)
#define HAVE_GETADDRINFO
#define NEED_FAKE_GETNAMEINFO
static
char *gai_strerror (int code);
#endif
#if !defined (HAVE_GETADDRINFO)
static
int flags);
#endif
/* Fudge things on older gai implementations. */
/* AIX 4.3.3 is based on RFC 2133; no AI_NUMERICHOST. */
#ifndef AI_NUMERICHOST
# define AI_NUMERICHOST 0
#endif
/* Partial RFC 2553 implementations may not have AI_ADDRCONFIG and
friends, which RFC 3493 says are now part of the getaddrinfo
interface, and we'll want to use. */
#ifndef AI_ADDRCONFIG
# define AI_ADDRCONFIG 0
#endif
#ifndef AI_V4MAPPED
# define AI_V4MAPPED 0
#endif
#ifndef AI_ALL
# define AI_ALL 0
#endif
#ifndef AI_DEFAULT
#endif
#if defined(HAVE_FAKE_GETADDRINFO) || defined(FAI_CACHE)
#define NEED_FAKE_GETADDRINFO
#endif
#if defined(NEED_FAKE_GETADDRINFO) || defined(WRAP_GETADDRINFO)
#include <stdlib.h>
#endif
#ifdef NEED_FAKE_GETADDRINFO
#include <string.h> /* for strspn */
static inline int translate_h_errno (int h);
{
if (n == 0)
return EAI_MEMORY;
#ifdef KRB5_USE_INET6
#endif
)
return EAI_FAMILY;
*n = *template;
if (sin4 == 0)
return EAI_MEMORY;
#ifdef HAVE_SA_LEN
#endif
}
#ifdef KRB5_USE_INET6
if (sin6 == 0)
return EAI_MEMORY;
#ifdef HAVE_SA_LEN
#endif
}
#endif
*result = n;
return 0;
}
#ifdef FAI_CACHE
/* fake addrinfo cache entries */
{
/* @@ Wastes memory. */
return;
#ifdef DEBUG_ADDRINFO
printf("added cache entry '%s' at %p: %d ipv4, %d ipv6; expire %d\n",
#endif
}
{
/* First, scan for expired entries and free them.
(Future improvement: Integrate these two loops.) */
#ifdef DEBUG_ADDRINFO
#endif
#ifdef DEBUG_ADDRINFO
printf(" checking expiration time of @%p: %d\n",
#endif
#ifdef DEBUG_ADDRINFO
printf("\texpiring cache entry\n");
#endif
/* Stay at this point in the list, and check again. */
} else
/* Move forward. */
}
#ifdef DEBUG_ADDRINFO
#endif
#ifdef DEBUG_ADDRINFO
printf("\tMATCH!\n");
#endif
return 1;
}
}
return 0;
}
#endif
#ifdef FAI_CACHE
static int krb5int_lock_fac(void), krb5int_unlock_fac(void);
#endif
{
#ifdef FAI_CACHE
int i, r, err;
err = krb5int_lock_fac();
if (err) {
return EAI_SYSTEM;
}
#ifdef DEBUG_ADDRINFO
#endif
/* Don't set ai_family -- we want to cache all address types,
because the next lookup may not use the same constraints as
the current one. We *could* cache them separately, so that
we never have to look up an IPv6 address if we are always
asked for IPv4 only, but let's deal with that later, if we
have to. */
/* Try NULL for the service for now.
It would be nice to use the requested service name, and not
have to patch things up, but then we'd be doing multiple
queries for the same host when we get different services.
We were using "telnet" for a little more confidence that
getaddrinfo would heed the hints to only give us stream
socket types (with no socket type and null service name, we
might get stream *and* dgram *and* raw, for each address,
or only raw). The RFC 3493 description of ai_socktype
sometimes associates it with the specified service,
sometimes not.
But on Mac OS X (10.3, 10.4) they've "extended" getaddrinfo
to make SRV RR queries. (Please, somebody, show me
something in the specs that actually supports this? RFC
3493 says nothing about it, but it does say getaddrinfo is
the new way to look up hostnames. RFC 2782 says SRV
records should *not* be used unless the application
protocol spec says to do so. The Telnet spec does not say
to do it.) And then they complain when our code
"unexpectedly" seems to use this "extension" in cases where
they don't want it to be used.
Fortunately, it appears that if we specify ai_socktype as
SOCK_STREAM and use a null service name, we only get one
copy of each address on all the platforms I've tried,
although it may not have ai_socktype filled in properly.
So, we'll fudge it with that for now. */
if (aierr) {
return aierr;
}
#ifdef DEBUG_ADDRINFO
#endif
case AF_INET:
break;
case AF_INET6:
break;
default:
break;
}
}
return EAI_MEMORY;
}
return EAI_MEMORY;
}
case AF_INET:
break;
case AF_INET6:
break;
default:
break;
}
}
}
if (r) {
return r;
}
}
if (r) {
return r;
}
}
: NULL);
return 0;
#else
int i, r;
int herr;
if (hp == 0)
return translate_h_errno (herr);
for (i = 0; hp->h_addr_list[i]; i++) {
if (r)
return r;
}
return 0;
#endif
}
static inline void
{
while (ai) {
if (ai->ai_canonname)
}
}
static inline int
{
int ret;
int flags;
#ifdef DEBUG_ADDRINFO
#endif
if (hint != 0) {
return EAI_NODATA;
} else {
socktype = 0;
flags = 0;
}
if (serv) {
/* pure numeric */
if (p == 0 || p > 65535)
return EAI_NONAME;
} else {
if (socktype == 0) {
try_dgram_too = 1;
}
if (sp == 0) {
if (try_dgram_too) {
goto try_service_lookup;
}
return EAI_SERVICE;
}
}
}
if (name == 0) {
flags |= AI_NUMERICHOST;
}
template.ai_protocol = 0;
template.ai_canonname = 0;
/* If NUMERICHOST is set, parse a numeric address.
If it's not set, don't accept such names. */
if (flags & AI_NUMERICHOST) {
#if 0
if (ret)
return EAI_NONAME;
#else
/* 255.255.255.255 or parse error, both bad */
return EAI_NONAME;
#endif
} else {
&res);
}
return ret;
}
if (res == 0)
return NO_ADDRESS;
return 0;
}
#ifdef NEED_FAKE_GETNAMEINFO
static inline int
int flags)
{
return EAI_FAMILY;
}
return EAI_SYSTEM;
}
slen = servicelen;
return EAI_SYSTEM;
}
if (host) {
if (flags & NI_NUMERICHOST) {
/* The inet_ntoa call, passing a struct, fails on IRIX 6.5
using gcc 2.95; we get back "0.0.0.0". Since this in a
configuration still important at Athena, here's the
workaround, which also happens to be thread-safe.... */
const unsigned char *uc;
#else
char *p;
#endif
} else {
int herr;
sizeof (struct in_addr),
if (hp == 0) {
goto numeric_host;
return translate_h_errno (herr);
}
/* According to the Open Group spec, getnameinfo can
silently truncate, but must still return a
null-terminated string. */
}
}
if (service) {
if (flags & NI_NUMERICSERV) {
int port;
return EAI_FAIL;
} else {
int serr;
if (sp == 0)
goto numeric_service;
}
}
return 0;
}
#endif
#if defined(HAVE_FAKE_GETADDRINFO) || defined(NEED_FAKE_GETNAMEINFO)
static inline
{
switch (code) {
case EAI_ADDRFAMILY: return "address family for nodename not supported";
case EAI_AGAIN: return "temporary failure in name resolution";
case EAI_BADFLAGS: return "bad flags to getaddrinfo/getnameinfo";
case EAI_FAIL: return "non-recoverable failure in name resolution";
case EAI_FAMILY: return "ai_family not supported";
case EAI_MEMORY: return "out of memory";
case EAI_NODATA: return "no address associated with hostname";
case EAI_NONAME: return "name does not exist";
case EAI_SERVICE: return "service name not supported for specified socket type";
case EAI_SOCKTYPE: return "ai_socktype not supported";
default: return "bogus getaddrinfo error?";
}
}
#endif
static inline int translate_h_errno (int h)
{
switch (h) {
case 0:
return 0;
#ifdef NETDB_INTERNAL
case NETDB_INTERNAL:
return EAI_MEMORY;
return EAI_SYSTEM;
#endif
case HOST_NOT_FOUND:
return EAI_NONAME;
case TRY_AGAIN:
return EAI_AGAIN;
case NO_RECOVERY:
return EAI_FAIL;
case NO_DATA:
#if NO_DATA != NO_ADDRESS
case NO_ADDRESS:
#endif
return EAI_NODATA;
default:
return EAI_SYSTEM;
}
}
#if defined(HAVE_FAKE_GETADDRINFO) || defined(FAI_CACHE)
static inline
{
}
static inline
{
}
#ifdef NEED_FAKE_GETNAMEINFO
static inline
int flags)
{
flags);
}
#endif /* NEED_FAKE_GETNAMEINFO */
#endif /* HAVE_FAKE_GETADDRINFO */
#endif /* NEED_FAKE_GETADDRINFO */
#ifdef WRAP_GETADDRINFO
static inline
int
{
int aierr;
#if defined(_AIX) || defined(COPY_FIRST_CANONNAME)
#endif
#ifdef NUMERIC_SERVICE_BROKEN
int service_is_numeric = 0;
int service_port = 0;
int socket_type = 0;
#endif
#ifdef DEBUG_ADDRINFO
#endif
#ifdef NUMERIC_SERVICE_BROKEN
/* AIX 4.3.3 is broken. (Or perhaps out of date?)
If a numeric service is provided, and it doesn't correspond to
a known service name for tcp or udp (as appropriate), an error
code (for "host not found") is returned. If the port maps to a
known service for both udp and tcp, all is well. */
unsigned long lport;
char *end;
if (!*end) {
if (lport > 65535)
return EAI_SOCKTYPE;
service_is_numeric = 1;
#ifdef AI_NUMERICSERV
serv = "9";
else
#endif
if (hint)
}
}
#endif
#ifdef DEBUG_ADDRINFO
#endif
return aierr;
}
/* Linux libc version 6 prior to 2.3.4 is broken.
RFC 2553 says that when AI_CANONNAME is set, the ai_canonname
flag of the first returned structure has the canonical name of
the host. Instead, GNU libc sets ai_canonname in each returned
structure to the name that the corresponding address maps to,
if any, or a printable numeric form.
RFC 2553 bis and the new Open Group spec say that field will be
the canonical name if it can be determined, otherwise, the
provided hostname or a copy of it.
IMNSHO, "canonical name" means CNAME processing and not PTR
processing, but I can see arguing it. Using the numeric form
when that's not the form provided is just wrong. So, let's fix
it.
The glibc 2.2.5 sources indicate that the canonical name is
*not* allocated separately, it's just some extra storage tacked
on the end of the addrinfo structure. So, let's try this
approach: If getaddrinfo sets ai_canonname, we'll replace the
*first* one with allocated storage, and free up that pointer in
freeaddrinfo if it's set; the other ai_canonname fields will be
left untouched. And we'll just pray that the application code
won't mess around with the list structure; if we start doing
that, we'll have to start replacing and freeing all of the
ai_canonname fields.
Since it's dependent on the target hostname, it's hard to check
for at configure time. The bug was fixed in glibc 2.3.4.
After the fix, the ai_canonname field is allocated, so our
workaround leaks memory. We disable the workaround for glibc
>= 2.4, but there is no easy way to test for glibc patch
versions, so we still leak memory under glibc 2.3.4 through
2.3.6.
Some Windows documentation says that even when AI_CANONNAME is
set, the returned ai_canonname field can be null. The NetBSD
1.5 implementation also does this, if the input hostname is a
numeric host address string. That case isn't handled well at
the moment.
Libc version 5 didn't have getaddrinfo at all. */
#ifdef COPY_FIRST_CANONNAME
/*
* This code must *always* return an error, return a null
* ai_canonname, or return an ai_canonname allocated here using
* malloc, so that freeaddrinfo can always free a non-null
* ai_canonname. Note that it really doesn't matter if the
* AI_CANONNAME flag was set.
*/
if (ai->ai_canonname) {
const char *name2 = 0;
int i, herr;
/*
* Current versions of GET_HOST_BY_NAME will fail if the
* target hostname has IPv6 addresses only. Make sure it
* fails fairly cleanly.
*/
if (hp == 0) {
/*
* This case probably means it's an IPv6-only name. If
* ai_canonname is a numeric address, get rid of it.
*/
ai->ai_canonname = 0;
} else {
first, and sometimes that file will have entries with
the unqualified name first. So take the first entry
that looks like it could be a FQDN. */
break;
}
}
/* Give up, just use the first name (h_name ==
h_aliases[0] on all systems I've seen). */
}
*result = 0;
#ifdef DEBUG_ADDRINFO
#endif
return EAI_MEMORY;
}
/* Zap the remaining ai_canonname fields glibc fills in, in
case the application messes around with the list
structure. */
ai->ai_canonname = 0;
}
#endif
#ifdef NUMERIC_SERVICE_BROKEN
if (service_port != 0) {
/* Is this check actually needed? */
case AF_INET:
break;
case AF_INET6:
break;
}
}
}
#endif
#ifdef _AIX
/* AIX 4.3.3 libc is broken. It doesn't set the family or len
fields of the sockaddr structures. Usually, sa_family is
zero, but I've seen it set to 1 in some cases also (maybe
just leftover from previous contents of the memory
block?). So, always override what libc returned. */
#ifdef HAVE_SA_LEN /* always true on AIX, actually */
#endif
}
#endif
/* Not dealt with currently:
- Some versions of GNU libc can lose some IPv4 addresses in
certain cases when multiple IPv4 and IPv6 addresses are
available. */
#ifdef DEBUG_ADDRINFO
#endif
return 0;
}
static inline
{
#ifdef COPY_FIRST_CANONNAME
if (ai) {
ai->ai_canonname = 0;
}
#else
#endif
}
#endif /* WRAP_GETADDRINFO */
#ifdef FAI_CACHE
static int krb5int_lock_fac (void)
{
int err;
if (err)
return err;
}
static int krb5int_unlock_fac (void)
{
}
#endif
#if defined(KRB5_USE_INET6)
/* Some systems don't define in6addr_any. */
#else
/* Are any of the systems without IPv6 support among those where
we cross-check the actual exported symbols against the export
list? Not sure, play it safe. */
const char krb5int_in6addr_any = 0;
#endif
{
}
{
}
{
return gai_strerror(err);
}
int flags)
{
}