aboutsummaryrefslogtreecommitdiff
path: root/resolv/res_init.c
AgeCommit message (Collapse)Author
2020-02-18Move implementation of <file_change_detection.h> into a C fileFlorian Weimer
file_change_detection_for_stat partially initialize struct file_change_detection in some cases, when the size member alone determines the outcome of all comparisons. This results in maybe-uninitialized compiler warnings in case of sufficiently aggressive inlining. Once the implementation is moved into a separate C file, this kind of inlining is no longer possible, so the compiler warnings are gone.
2020-02-14resolv: Enhance __resolv_conf_load to capture file change dataFlorian Weimer
The data is captured after reading the file. This allows callers to check the change data against an earlier measurement. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-02-14resolv: Fix file handle leak in __resolv_conf_load [BZ #25429]Florian Weimer
res_vinit_1 did not close the stream on errors, only on success. This change moves closing the stream to __resolv_conf_load, for both the success and error cases. Fixes commit 89f187a40fc0ad4e22838526bfe34d73f758b776 ("resolv: Use getline for configuration file reading in res_vinit_1") and commit 3f853f22c87f0b671c0366eb290919719fa56c0e ("resolv: Lift domain search list limits [BZ #19569] [BZ #21475]"), where memory allocation was introduced into res_vinit_1. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-01-01Update copyright dates with scripts/update-copyrights.Joseph Myers
2019-11-27resolv: Implement trust-ad option for /etc/resolv.conf [BZ #20358]Florian Weimer
This introduces a concept of trusted name servers, for which the AD bit is passed through to applications. For untrusted name servers (the default), the AD bit in responses are cleared, to provide a safe default. This approach is very similar to the one suggested by Pavel Šimerda in <https://bugzilla.redhat.com/show_bug.cgi?id=1164339#c15>. The DNS test framework in support/ is enhanced with support for setting the AD bit in responses. Tested on x86_64-linux-gnu. Change-Id: Ibfe0f7c73ea221c35979842c5c3b6ed486495ccc
2019-09-07Prefer https to http for gnu.org and fsf.org URLsPaul Eggert
Also, change sources.redhat.com to sourceware.org. This patch was automatically generated by running the following shell script, which uses GNU sed, and which avoids modifying files imported from upstream: sed -ri ' s,(http|ftp)(://(.*\.)?(gnu|fsf|sourceware)\.org($|[^.]|\.[^a-z])),https\2,g s,(http|ftp)(://(.*\.)?)sources\.redhat\.com($|[^.]|\.[^a-z]),https\2sourceware.org\4,g ' \ $(find $(git ls-files) -prune -type f \ ! -name '*.po' \ ! -name 'ChangeLog*' \ ! -path COPYING ! -path COPYING.LIB \ ! -path manual/fdl-1.3.texi ! -path manual/lgpl-2.1.texi \ ! -path manual/texinfo.tex ! -path scripts/config.guess \ ! -path scripts/config.sub ! -path scripts/install-sh \ ! -path scripts/mkinstalldirs ! -path scripts/move-if-change \ ! -path INSTALL ! -path locale/programs/charmap-kw.h \ ! -path po/libc.pot ! -path sysdeps/gnu/errlist.c \ ! '(' -name configure \ -execdir test -f configure.ac -o -f configure.in ';' ')' \ ! '(' -name preconfigure \ -execdir test -f preconfigure.ac ';' ')' \ -print) and then by running 'make dist-prepare' to regenerate files built from the altered files, and then executing the following to cleanup: chmod a+x sysdeps/unix/sysv/linux/riscv/configure # Omit irrelevant whitespace and comment-only changes, # perhaps from a slightly-different Autoconf version. git checkout -f \ sysdeps/csky/configure \ sysdeps/hppa/configure \ sysdeps/riscv/configure \ sysdeps/unix/sysv/linux/csky/configure # Omit changes that caused a pre-commit check to fail like this: # remote: *** error: sysdeps/powerpc/powerpc64/ppc-mcount.S: trailing lines git checkout -f \ sysdeps/powerpc/powerpc64/ppc-mcount.S \ sysdeps/unix/sysv/linux/s390/s390-64/syscall.S # Omit change that caused a pre-commit check to fail like this: # remote: *** error: sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S: last line does not end in newline git checkout -f sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S
2019-04-08resolv: Remove support for RES_USE_INET6 and the inet6 optionFlorian Weimer
This functionality was deprecated in glibc 2.25. This commit only includes the core changes to remove the functionality. It does not remove the RES_USE_INET6 handling in the individual NSS service modules and the res_use_inet6 function. These changes will happen in future commits.
2019-01-21CVE-2016-10739: getaddrinfo: Fully parse IPv4 address strings [BZ #20018]Florian Weimer
The IPv4 address parser in the getaddrinfo function is changed so that it does not ignore trailing whitespace and all characters after it. For backwards compatibility, the getaddrinfo function still recognizes legacy name syntax, such as 192.000.002.010 interpreted as 192.0.2.8 (octal). This commit does not change the behavior of inet_addr and inet_aton. gethostbyname already had additional sanity checks (but is switched over to the new __inet_aton_exact function for completeness as well). To avoid sending the problematic query names over DNS, commit 6ca53a2453598804a2559a548a08424fca96434a ("resolv: Do not send queries for non-host-names in nss_dns [BZ #24112]") is needed.
2019-01-01Update copyright dates with scripts/update-copyrights.Joseph Myers
* All files with FSF copyright notices: Update copyright dates using scripts/update-copyrights. * locale/programs/charmap-kw.h: Regenerated. * locale/programs/locfile-kw.h: Likewise.
2018-01-01Update copyright dates with scripts/update-copyrights.Joseph Myers
* All files with FSF copyright notices: Update copyright dates using scripts/update-copyrights. * locale/programs/charmap-kw.h: Regenerated. * locale/programs/locfile-kw.h: Likewise.
2017-09-06resolv: Fix memory leak with OOM during resolv.conf parsing [BZ #22095]Florian Weimer
2017-07-03resolv: Automatically reload a changed /etc/resolv.conf file [BZ #984]Florian Weimer
This commit enhances the stub resolver to reload the configuration in the per-thread _res object if the /etc/resolv.conf file has changed. The resolver checks whether the application has modified _res and will not overwrite the _res object in that case. The struct resolv_context mechanism is used to check the configuration file only once per name lookup.
2017-07-03resolv: Mirror the entire resolver configuration in struct resolv_confFlorian Weimer
This commit adds the remaining unchanging members (which are loaded from /etc/resolv.conf) to struct resolv_conf. The extended name server list is currently not used by the stub resolver. The switch depends on a cleanup: The _u._ext.nssocks array stores just a single socket, and needs to be replaced with a single socket value. (The compatibility gethostname implementation does not use the extended addres sort list, either. Updating the compat code is not worthwhile.)
2017-07-03resolv: Lift domain search list limits [BZ #19569] [BZ #21475]Florian Weimer
This change uses the extended resolver state in struct resolv_conf to store the search list. If applications have not patched the _res object directly, this extended search list will be used by the stub resolver during name resolution.
2017-07-03resolv: Introduce struct resolv_conf with extended resolver stateFlorian Weimer
This change provides additional resolver configuration state which is not exposed through the _res ABI. It reuses the existing initstamp field in the supposedly-private part of _res. Some effort is undertaken to avoid memory safety issues introduced by applications which directly patch the _res object. With this commit, only the initstamp field is moved into struct resolv_conf. Additional members will be added later, eventually migrating the entire resolver configuration.
2017-06-30resolv: Remove source argument fron res_optionsFlorian Weimer
2017-06-27resolv: Call _res_hconf_init from __res_vinitFlorian Weimer
Many callers of __res_maybe_init also call _res_hconf_init. Additional calls to the latter do not hurt because the function does its work only once. (/etc/hosts.conf is not reloaded or even checked for changes.) This means that we can simplify the code by calling _res_hconf_init directly from __res_vinit.
2017-06-23resolv: Clean up declarations of the __res_initstamp variableFlorian Weimer
2017-06-19resolv: Use getline for configuration file reading in res_vinit_1Florian Weimer
2017-06-19resolv: Report allocation errors in __res_vinitFlorian Weimer
2017-06-19resolv: Reformat res_vinit and related functions to GNU styleFlorian Weimer
Also remove some obsolete comments.
2017-06-19resolv: Introduce is_sort_mask and call it from res_vinitFlorian Weimer
2017-06-19resolv: Remove DEBUG preprocessor conditionals from res_setoptionsFlorian Weimer
2017-06-19resolv: Move _res deallocation functions to their own fileFlorian Weimer
2017-06-19resolv: Move res_randomid to its own fileFlorian Weimer
2017-06-19resolv: Make __res_vinit hiddenFlorian Weimer
And remove unnecessary separate declarations.
2017-04-19resolv: Replace __builtin_expect with __glibc_unlikely/__glibc_likelyFlorian Weimer
2016-12-31resolv: Deprecate the "inet6" option and RES_USE_INET6 [BZ #19582]Florian Weimer
2016-10-07resolv: Remove RES_USEBSTRING and its implementation [BZ #20629]Florian Weimer
In ns_name_ntop, the NS_CMPRSFLGS check is no longer needed because labellen (called earlier) already rejects everything which is not a plain label (compression references and extended label types).
2016-10-07resolv: Remove RES_NOIP6DOTINT and its implementationFlorian Weimer
2016-10-07resolv: Deprecate unimplemented flagsFlorian Weimer
RES_AAONLY, RES_PRIMARY, RES_NOCHECKNAME, RES_KEEPTSIG result in compile-time warnings. Some of these flags are still used in applications.
2016-09-21resolv: Remove unsupported hook functions from the API [BZ #20016]Florian Weimer
2016-09-15inet: Add __inet6_scopeid_pton function [BZ #20611]Florian Weimer
__inet6_scopeid_pton implements strict validation of numeric scope IDs. Use it in getaddrinfo and __res_vinit.
2016-09-13resolv: Remove _LIBC_REENTRANTFlorian Weimer
2016-04-28resolv: Reindent preprocessor conditionals following cleanupsFlorian Weimer
2016-04-28resolv: Assorted preprocessor cleanupsFlorian Weimer
2016-04-28resolv: Remove RFC1535 conditionalsFlorian Weimer
2016-04-28resolv: Remove RESOLVSORT preprocess conditionalsFlorian Weimer
2016-04-28resolv: Remove _LIBC conditionalsFlorian Weimer
2016-04-28resolv: Remove SCCS and RCS keywordsFlorian Weimer
2016-03-15Fix resource leak in resolver (bug 19257)Andreas Schwab
The number of currently defined nameservers is stored in ->nscount, whereas ->_u._ext.nscount is set by __libc_res_nsend only after local initializations.
2016-02-19res_ninit: Update commentFlorian Weimer
Since commit e66e7419a6f58200eec6941b14e2dcff9875cc6c (Actually make it possible to user the default name server.), the default is INADDR_LOOPBACK, not INADDR_ANY.
2015-12-29resolv: Reset defdname before use in __res_vinit [BZ #19369]Rob Wu
Resetting defdname (default domain name) before use in __res_vinit ensures that the default domain name is correctly set to a default value when it is not set by the LOCALDOMAIN environment variable or the "domain" or "search" parameters in resolv.conf Tested using the steps from: https://sourceware.org/bugzilla/show_bug.cgi?id=19369
2015-10-21Convert a few more function definitions to prototype style.Joseph Myers
This patch converts a few more function definitions in glibc from old-style K&R to prototype style. This is sufficient to build and test on x86_64 and x86 with -Wold-style-definition (I'll test on some more architectures before proposing the actual addition of -Wold-style-definition). Tested for x86_64 and x86 with -Wold-style-definition in use (testsuite - this patch affects files containing assertions). * io/fts.c (fts_open): Convert to prototype-style function definition. * malloc/mcheck.c (mcheck): Likewise. (mcheck_pedantic): Likewise. * posix/regexec.c (re_search_2_stub): Likewise. Use internal_function. (re_search_internal): Likewise. * resolv/res_init.c [RESOLVSORT] (net_mask): Convert to prototype-style function definition. * sunrpc/clnt_udp.c (clntudp_call): Likewise. * sunrpc/pmap_rmt.c (clnt_broadcast): Likewise. * sunrpc/rpcsvc/rusers.x (xdr_utmp): Likewise. (xdr_utmpptr): Likewise. (xdr_utmparr): Likewise. (xdr_utmpidle): Likewise. (xdr_utmpidleptr): Likewise. (xdr_utmpidlearr): Likewise.
2015-05-21Simplify handling of nameserver configuration in resolverAndreas Schwab
Remove use of ext.nsmap member of struct __res_state and always use an identity mapping betwen the nsaddr_list array and the ext.nsaddrs array. The fact that a nameserver has an IPv6 address is signalled by setting nsaddr_list[].sin_family to zero.
2015-01-06resolv: fix rotate optionAurelien Jarno
The rotate option doesn't work correctly, and only send the query to the same server (the second in the list). The rotation code in itself is not broken, but the nsaddrs structure is reinitialized each time at the beginning of __libc_res_nsend unless RES_STAYOPEN is enabled. This is due to a call to __res_iclose from the end of __libc_res_nsend when answers from the name server have been received. This function closes all the sockets, but doesn't free the addresses (it can do that, but in that case the second argument is false). This patch change the code of __res_iclose to clear statp->_u._ext.nsinit only when the addresses are actually freed. * resolv/res_init.c (__res_iclose): Only clear nsinit if the addresses have been freed.
2015-01-06resolv: improve comments about nserv and nservallAurelien Jarno
The current comments concerning nserv and nservall are not really clear and lead to confusion when reviewing an already complex code. Improve them, there real meaning have been confirmed by a code analysis. * resolv/res_init.c (__res_vinit): Improve comments about nserv and nservall.
2014-12-17Fix resolver inet_* namespace (bug 17722).Joseph Myers
Parts of the resolver brought in by pthreads (at least) use inet_* functions that aren't in the 1995/6 edition of POSIX that introduced pthreads (or in one case, use __inet_aton which is then defined in the same file as non-weak inet_addr). This patch fixes this by making the affected functions into weak alias for __inet_* and using those names in the problematic resolver code. Tested for x86_64 (testsuite, and that disassembly of installed shared libraries is unchanged by the patch). [BZ #17722] * inet/inet_mkadr.c (inet_makeaddr): Rename to __inet_makeaddr and define as weak alias of __inet_makeaddr. * resolv/inet_addr.c (inet_addr): Rename to __inet_addr and define as weak alias of __inet_addr. * resolv/inet_pton.c (inet_pton): Rename to __inet_pton and define as weak alias of __inet_pton. Use libc_hidden_weak. * include/arpa/inet.h (__inet_pton): Declare. Use libc_hidden_proto. (inet_makeaddr): Don't use libc_hidden_proto. (__inet_makeaddr): Declare. Use libc_hidden_proto. * resolv/res_init.c (__res_vinit): Use __inet_pton instead of inet_pton. Use __inet_makeaddr instead of inet_makeaddr. * conform/Makefile (test-xfail-POSIX/pthread.h/linknamespace): Remove variable. (test-xfail-POSIX/sched.h/linknamespace): Likewise. (test-xfail-POSIX/time.h/linknamespace): Likewise.
2014-12-16Fix resolver if_* namespace (bug 17717).Joseph Myers
Resolver code, brought in by pthreads (at least), uses if_* interfaces that weren't in POSIX before 2001, resulting in linknamespace failures. This patch changes those interfaces to be weak aliases of __if_* and makes the resolver use __if_* directly. Tested for x86_64 (testsuite, and that disassembly of installed shared libraries is unchanged by this patch). [BZ #17717] * inet/if_index.c (if_nametoindex): Rename to __if_nametoindex and define as weak alias of __if_nametoindex. Use libc_hidden_weak. (if_indextoname): Rename to __if_indextoname and define as weak alias of __if_indextoname. Use libc_hidden_weak. (if_freenameindex): Rename to __if_freenameindex and define as weak alias of __if_freenameindex. (if_nameindex): Rename to __if_nameindex and define as weak alias of __if_nameindex. * sysdeps/mach/hurd/if_index.c (if_nametoindex): Rename to __if_nametoindex and define as weak alias of __if_nametoindex. Use libc_hidden_weak. (if_freenameindex): Rename to __if_freenameindex and define as weak alias of __if_freenameindex. (if_nameindex): Rename to __if_nameindex and define as weak alias of __if_nameindex. (if_indextoname): Rename to __if_indextoname and define as weak alias of __if_indextoname. Use libc_hidden_weak. * sysdeps/unix/sysv/linux/if_index.c (if_nametoindex): Rename to __if_nametoindex and define as weak alias of __if_nametoindex. Use libc_hidden_weak. (if_freenameindex): Rename to __if_freenameindex and define as weak alias of __if_freenameindex. Use libc_hidden_weak. (if_nameindex_netlink): Use __if_freenameindex instead of if_freenameindex. (if_nameindex): Rename to __if_nameindex and define as weak alias of __if_nameindex. Use libc_hidden_weak. (if_indextoname): Rename to __if_indextoname and define as weak alias of __if_indextoname. Use libc_hidden_weak. * include/net/if.h [!_ISOMAC] (__if_nametoindex): Declare and use libc_hidden_proto. [!_ISOMAC] (__if_freenameindex): Likewise. * resolv/res_init.c (__res_vinit): Use __if_nametoindex instead of if_nametoindex. * conform/Makefile (test-xfail-XPG4/grp.h/linknamespace): Remove variable. (test-xfail-XPG4/pwd.h/linknamespace): Likewise. (test-xfail-UNIX98/aio.h/linknamespace): Likewise. (test-xfail-UNIX98/grp.h/linknamespace): Likewise. (test-xfail-UNIX98/pthread.h/linknamespace): Likewise. (test-xfail-UNIX98/pwd.h/linknamespace): Likewise. (test-xfail-UNIX98/sched.h/linknamespace): Likewise. (test-xfail-UNIX98/time.h/linknamespace): Likewise.
2014-12-02Fix fgets_unlocked namespace issues (bug 17664).Joseph Myers
Various POSIX functions bring in res_init.o, res_hconf.o or mntent_r.o, which use fgets_unlocked, which is not a POSIX function. This patch arranges for them to use __fgets_unlocked instead. (The IS_IN (libc) conditional in rec_hconf.c is needed because that file is also used in nscd.) Tested for x86_64 (testsuite, and that disassembly of installed shared libraries is unchanged by the patch except for an assertion line number). Note that most of the linknamespace tests that failed because of fgets_unlocked from the resolver also fail because of other symbols brought in by the resolver, so the number of XFAILs this removes is limited. Also note that fgets_unlocked failures for unistd.h for XPG3/XPG4 showed up that actually unistd.h is declaring too much for XPG3/XPG4 (bug 17665) - there is no actual need to make getusershell.c use __fgets_unlocked (at least as regards formal standards are concerned; maybe it should still change for namespace-cleanness of _DEFAULT_SOURCE) because the functions there aren't actually in any of the supported standards; the correct fix for those failures will be to stop the *usershell* functions appearing in unistd.h for XPG3/XPG4. [BZ #17664] * misc/mntent_r.c (__getmntent_r): Use __fgets_unlocked instead of fgets_unlocked. * resolv/res_hconf.c [IS_IN (libc)] (fgets_unlocked): Define to __fgets_unlocked. * resolv/res_init.c (__res_vinit): Use __fgets_unlocked instead of fgets_unlocked. * conform/Makefile (test-xfail-XPG4/sys/statvfs.h/linknamespace): Remove variable. (test-xfail-POSIX/sys/mman.h/linknamespace): Likewise. (test-xfail-UNIX98/sys/mman.h/linknamespace): Likewise. (test-xfail-UNIX98/sys/statvfs.h/linknamespace): Likewise. (test-xfail-XOPEN2K/sys/mman.h/linknamespace): Likewise. (test-xfail-XOPEN2K/sys/statvfs.h/linknamespace): Likewise. (test-xfail-POSIX2008/sys/mman.h/linknamespace): Likewise. (test-xfail-POSIX2008/sys/statvfs.h/linknamespace): Likewise. (test-xfail-XOPEN2K8/sys/mman.h/linknamespace): Likewise. (test-xfail-XOPEN2K8/sys/statvfs.h/linknamespace): Likewise.