Path: blob/main/crypto/krb5/src/util/support/fake-addrinfo.c
34889 views
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */1/*2* Copyright (C) 2001,2002,2003,2004,2005,2006 by the Massachusetts Institute of Technology,3* Cambridge, MA, USA. All Rights Reserved.4*5* This software is being provided to you, the LICENSEE, by the6* Massachusetts Institute of Technology (M.I.T.) under the following7* license. By obtaining, using and/or copying this software, you agree8* that you have read, understood, and will comply with these terms and9* conditions:10*11* Export of this software from the United States of America may12* require a specific license from the United States Government.13* It is the responsibility of any person or organization contemplating14* export to obtain such a license before exporting.15*16* WITHIN THAT CONSTRAINT, permission to use, copy, modify and distribute17* this software and its documentation for any purpose and without fee or18* royalty is hereby granted, provided that you agree to comply with the19* following copyright notice and statements, including the disclaimer, and20* that the same appear on ALL copies of the software and documentation,21* including modifications that you make for internal use or for22* distribution:23*24* THIS SOFTWARE IS PROVIDED "AS IS", AND M.I.T. MAKES NO REPRESENTATIONS25* OR WARRANTIES, EXPRESS OR IMPLIED. By way of example, but not26* limitation, M.I.T. MAKES NO REPRESENTATIONS OR WARRANTIES OF27* MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF28* THE LICENSED SOFTWARE OR DOCUMENTATION WILL NOT INFRINGE ANY THIRD PARTY29* PATENTS, COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS.30*31* The name of the Massachusetts Institute of Technology or M.I.T. may NOT32* be used in advertising or publicity pertaining to distribution of the33* software. Title to copyright in this software and any associated34* documentation shall at all times remain with M.I.T., and USER agrees to35* preserve same.36*37* Furthermore if you modify this software you must label38* your software as modified software and not distribute it in such a39* fashion that it might be confused with the original M.I.T. software.40*/4142/*43* Approach overview:44*45* If a system version is available but buggy, save handles to it,46* redefine the names to refer to static functions defined here, and47* in those functions, call the system versions and fix up the48* returned data. Use the native data structures and flag values.49*50* If no system version exists, use gethostby* and fake it. Define51* the data structures and flag values locally.52*53*54* On macOS, getaddrinfo results aren't cached (though55* gethostbyname results are), so we need to build a cache here. Now56* things are getting really messy. Because the cache is in use, we57* use getservbyname, and throw away thread safety. (Not that the58* cache is thread safe, but when we get locking support, that'll be59* dealt with.) This code needs tearing down and rebuilding, soon.60*61*62* Note that recent Windows developers' code has an interesting hack:63* When you include the right header files, with the right set of64* macros indicating system versions, you'll get an inline function65* that looks for getaddrinfo (or whatever) in the system library, and66* calls it if it's there. If it's not there, it fakes it with67* gethostby* calls.68*69* We're taking a simpler approach: A system provides these routines or70* it does not.71*72* Someday, we may want to take into account different versions (say,73* different revs of GNU libc) where some are broken in one way, and74* some work or are broken in another way. Cross that bridge when we75* come to it.76*/7778/*79* To do, maybe:80*81* + For AIX 4.3.3, using the RFC 2133 definition: Implement82* AI_NUMERICHOST. It's not defined in the header file.83*84* For certain (old?) versions of GNU libc, AI_NUMERICHOST is85* defined but not implemented.86*87* + Use gethostbyname2, inet_aton and other IPv6 or thread-safe88* functions if available. But, see89* https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=135182 for one90* gethostbyname2 problem on Linux. And besides, if a platform is91* supporting IPv6 at all, they really should be doing getaddrinfo92* by now.93*94* + inet_ntop, inet_pton95*96* + Conditionally export/import the function definitions, so a97* library can have a single copy instead of multiple.98*99* + Upgrade host requirements to include working implementations of100* these functions, and throw all this away. Pleeease? :-)101*/102103#include "k5-platform.h"104#include "k5-thread.h"105#include "port-sockets.h"106#include "socket-utils.h"107#include "supp-int.h"108109#define IMPLEMENT_FAKE_GETADDRINFO110#include "fake-addrinfo.h"111112#ifdef S_SPLINT_S113/*@-incondefs@*/114extern int115getaddrinfo (/*@in@*/ /*@null@*/ const char *,116/*@in@*/ /*@null@*/ const char *,117/*@in@*/ /*@null@*/ const struct addrinfo *,118/*@out@*/ struct addrinfo **)119;120extern void121freeaddrinfo (/*@only@*/ /*@out@*/ struct addrinfo *)122;123extern int124getnameinfo (const struct sockaddr *addr, socklen_t addrsz,125/*@out@*/ /*@null@*/ char *h, socklen_t hsz,126/*@out@*/ /*@null@*/ char *s, socklen_t ssz,127int flags)128/*@requires (maxSet(h)+1) >= hsz /\ (maxSet(s)+1) >= ssz @*/129/* too hard: maxRead(addr) >= (addrsz-1) */130/*@modifies *h, *s@*/;131extern /*@dependent@*/ char *gai_strerror (int code) /*@*/;132/*@=incondefs@*/133#endif134135136#include "cache-addrinfo.h"137138#if (defined (__linux__) && defined(HAVE_GETADDRINFO)) || defined (_AIX)139/* See comments below. */140# define WRAP_GETADDRINFO141#endif142143#if defined (__linux__) && defined(HAVE_GETADDRINFO)144/* Define COPY_FIRST_CANONNAME for glibc 2.3 and prior. */145#include <features.h>146# ifdef __GLIBC_PREREQ147# if ! __GLIBC_PREREQ(2, 4)148# define COPY_FIRST_CANONNAME149# endif150# else151# define COPY_FIRST_CANONNAME152# endif153#endif154155#ifdef _AIX156# define NUMERIC_SERVICE_BROKEN157# define COPY_FIRST_CANONNAME158#endif159160161#ifdef COPY_FIRST_CANONNAME162# include <string.h>163#endif164165#ifdef NUMERIC_SERVICE_BROKEN166# include <ctype.h> /* isdigit */167# include <stdlib.h> /* strtoul */168#endif169170171/* Do we actually have *any* systems we care about that don't provide172either getaddrinfo or one of these two flavors of173gethostbyname_r? */174#if !defined(HAVE_GETHOSTBYNAME_R) || defined(THREADSAFE_GETHOSTBYNAME)175typedef struct hostent *GET_HOST_TMP;176#define GET_HOST_BY_NAME(NAME, HP, ERR, TMP) \177{ TMP = gethostbyname (NAME); (ERR) = h_errno; (HP) = TMP; }178#define GET_HOST_BY_ADDR(ADDR, ADDRLEN, FAMILY, HP, ERR, TMP) \179{ TMP = gethostbyaddr ((ADDR), (ADDRLEN), (FAMILY)); (ERR) = h_errno; (HP) = TMP; }180#else181#ifdef _AIX /* XXX should have a feature test! */182typedef struct {183struct hostent ent;184struct hostent_data data;185} GET_HOST_TMP;186#define GET_HOST_BY_NAME(NAME, HP, ERR, TMP) \187{ \188(HP) = (gethostbyname_r((NAME), &TMP.ent, &TMP.data) \189? 0 \190: &TMP.ent); \191(ERR) = h_errno; \192}193/*194#define GET_HOST_BY_ADDR(ADDR, ADDRLEN, FAMILY, HP, ERR) \195{ \196struct hostent my_h_ent; \197struct hostent_data my_h_ent_data; \198(HP) = (gethostbyaddr_r((ADDR), (ADDRLEN), (FAMILY), &my_h_ent, \199&my_h_ent_data) \200? 0 \201: &my_h_ent); \202(ERR) = my_h_err; \203}204*/205#else206#ifdef GETHOSTBYNAME_R_RETURNS_INT207typedef struct {208struct hostent ent;209char buf[8192];210} GET_HOST_TMP;211#define GET_HOST_BY_NAME(NAME, HP, ERR, TMP) \212{ \213struct hostent *my_hp = NULL; \214int my_h_err, my_ret; \215my_ret = gethostbyname_r((NAME), &TMP.ent, \216TMP.buf, sizeof (TMP.buf), &my_hp, \217&my_h_err); \218(HP) = (((my_ret != 0) || (my_hp != &TMP.ent)) \219? 0 \220: &TMP.ent); \221(ERR) = my_h_err; \222}223#define GET_HOST_BY_ADDR(ADDR, ADDRLEN, FAMILY, HP, ERR, TMP) \224{ \225struct hostent *my_hp; \226int my_h_err, my_ret; \227my_ret = gethostbyaddr_r((ADDR), (ADDRLEN), (FAMILY), &TMP.ent, \228TMP.buf, sizeof (TMP.buf), &my_hp, \229&my_h_err); \230(HP) = (((my_ret != 0) || (my_hp != &TMP.ent)) \231? 0 \232: &TMP.ent); \233(ERR) = my_h_err; \234}235#else236typedef struct {237struct hostent ent;238char buf[8192];239} GET_HOST_TMP;240#define GET_HOST_BY_NAME(NAME, HP, ERR, TMP) \241{ \242int my_h_err; \243(HP) = gethostbyname_r((NAME), &TMP.ent, \244TMP.buf, sizeof (TMP.buf), &my_h_err); \245(ERR) = my_h_err; \246}247#define GET_HOST_BY_ADDR(ADDR, ADDRLEN, FAMILY, HP, ERR, TMP) \248{ \249int my_h_err; \250(HP) = gethostbyaddr_r((ADDR), (ADDRLEN), (FAMILY), &TMP.ent, \251TMP.buf, sizeof (TMP.buf), &my_h_err); \252(ERR) = my_h_err; \253}254#endif /* returns int? */255#endif /* _AIX */256#endif257258/* Now do the same for getservby* functions. */259#ifndef HAVE_GETSERVBYNAME_R260typedef struct servent *GET_SERV_TMP;261#define GET_SERV_BY_NAME(NAME, PROTO, SP, ERR, TMP) \262(TMP = getservbyname (NAME, PROTO), (SP) = TMP, (ERR) = (SP) ? 0 : -1)263#define GET_SERV_BY_PORT(PORT, PROTO, SP, ERR, TMP) \264(TMP = getservbyport (PORT, PROTO), (SP) = TMP, (ERR) = (SP) ? 0 : -1)265#else266#ifdef GETSERVBYNAME_R_RETURNS_INT267typedef struct {268struct servent ent;269char buf[8192];270} GET_SERV_TMP;271#define GET_SERV_BY_NAME(NAME, PROTO, SP, ERR, TMP) \272{ \273struct servent *my_sp; \274int my_s_err; \275(SP) = (getservbyname_r((NAME), (PROTO), &TMP.ent, \276TMP.buf, sizeof (TMP.buf), &my_sp, \277&my_s_err) \278? 0 \279: &TMP.ent); \280(ERR) = my_s_err; \281}282#define GET_SERV_BY_PORT(PORT, PROTO, SP, ERR, TMP) \283{ \284struct servent *my_sp; \285int my_s_err; \286(SP) = (getservbyport_r((PORT), (PROTO), &TMP.ent, \287TMP.buf, sizeof (TMP.buf), &my_sp, \288&my_s_err) \289? 0 \290: &TMP.ent); \291(ERR) = my_s_err; \292}293#else294/* returns ptr -- IRIX? */295typedef struct {296struct servent ent;297char buf[8192];298} GET_SERV_TMP;299#define GET_SERV_BY_NAME(NAME, PROTO, SP, ERR, TMP) \300{ \301(SP) = getservbyname_r((NAME), (PROTO), &TMP.ent, \302TMP.buf, sizeof (TMP.buf)); \303(ERR) = (SP) == NULL; \304}305306#define GET_SERV_BY_PORT(PORT, PROTO, SP, ERR, TMP) \307{ \308struct servent *my_sp; \309my_sp = getservbyport_r((PORT), (PROTO), &TMP.ent, \310TMP.buf, sizeof (TMP.buf)); \311(SP) = my_sp; \312(ERR) = my_sp == 0; \313(ERR) = (ERR); /* avoid "unused" warning */ \314}315#endif316#endif317318#if defined(WRAP_GETADDRINFO) || defined(FAI_CACHE)319static inline int320system_getaddrinfo (const char *name, const char *serv,321const struct addrinfo *hint,322struct addrinfo **res)323{324return getaddrinfo(name, serv, hint, res);325}326327static inline void328system_freeaddrinfo (struct addrinfo *ai)329{330freeaddrinfo(ai);331}332333#endif334335#if !defined (HAVE_GETADDRINFO) || defined(WRAP_GETADDRINFO) || defined(FAI_CACHE)336337#undef getaddrinfo338#define getaddrinfo my_fake_getaddrinfo339#undef freeaddrinfo340#define freeaddrinfo my_fake_freeaddrinfo341342#endif343344#if !defined (HAVE_GETADDRINFO)345346#undef gai_strerror347#define gai_strerror my_fake_gai_strerror348349#endif /* ! HAVE_GETADDRINFO */350351#if (!defined (HAVE_GETADDRINFO) || defined (WRAP_GETADDRINFO)) && defined(DEBUG_ADDRINFO)352/* Some debug routines. */353354static const char *protoname (int p, char *buf, size_t bufsize) {355#define X(N) if (p == IPPROTO_ ## N) return #N356357X(TCP);358X(UDP);359X(ICMP);360X(IPV6);361#ifdef IPPROTO_GRE362X(GRE);363#endif364X(NONE);365X(RAW);366#ifdef IPPROTO_COMP367X(COMP);368#endif369#ifdef IPPROTO_IGMP370X(IGMP);371#endif372373snprintf(buf, bufsize, " %-2d", p);374return buf;375}376377static const char *socktypename (int t, char *buf, size_t bufsize) {378switch (t) {379case SOCK_DGRAM: return "DGRAM";380case SOCK_STREAM: return "STREAM";381case SOCK_RAW: return "RAW";382case SOCK_RDM: return "RDM";383case SOCK_SEQPACKET: return "SEQPACKET";384}385snprintf(buf, bufsize, " %-2d", t);386return buf;387}388389static const char *familyname (int f, char *buf, size_t bufsize) {390switch (f) {391default:392snprintf(buf, bufsize, "AF %d", f);393return buf;394case AF_INET: return "AF_INET";395case AF_INET6: return "AF_INET6";396#ifdef AF_UNIX397case AF_UNIX: return "AF_UNIX";398#endif399}400}401402static void debug_dump_getaddrinfo_args (const char *name, const char *serv,403const struct addrinfo *hint)404{405const char *sep;406fprintf(stderr,407"getaddrinfo(hostname %s, service %s,\n"408" hints { ",409name ? name : "(null)", serv ? serv : "(null)");410if (hint) {411char buf[30];412sep = "";413#define Z(FLAG) if (hint->ai_flags & AI_##FLAG) fprintf(stderr, "%s%s", sep, #FLAG), sep = "|"414Z(CANONNAME);415Z(PASSIVE);416#ifdef AI_NUMERICHOST417Z(NUMERICHOST);418#endif419if (sep[0] == 0)420fprintf(stderr, "no-flags");421if (hint->ai_family)422fprintf(stderr, " %s", familyname(hint->ai_family, buf,423sizeof(buf)));424if (hint->ai_socktype)425fprintf(stderr, " SOCK_%s", socktypename(hint->ai_socktype, buf,426sizeof(buf)));427if (hint->ai_protocol)428fprintf(stderr, " IPPROTO_%s", protoname(hint->ai_protocol, buf,429sizeof(buf)));430} else431fprintf(stderr, "(null)");432fprintf(stderr, " }):\n");433}434435static void debug_dump_error (int err)436{437fprintf(stderr, "error %d: %s\n", err, gai_strerror(err));438}439440static void debug_dump_addrinfos (const struct addrinfo *ai)441{442int count = 0;443char buf[10];444fprintf(stderr, "addrinfos returned:\n");445while (ai) {446fprintf(stderr, "%p...", ai);447fprintf(stderr, " socktype=%s", socktypename(ai->ai_socktype, buf,448sizeof(buf)));449fprintf(stderr, " ai_family=%s", familyname(ai->ai_family, buf,450sizeof(buf)));451if (ai->ai_family != ai->ai_addr->sa_family)452fprintf(stderr, " sa_family=%s",453familyname(ai->ai_addr->sa_family, buf, sizeof(buf)));454fprintf(stderr, "\n");455ai = ai->ai_next;456count++;457}458fprintf(stderr, "end addrinfos returned (%d)\n");459}460461#endif462463#if !defined (HAVE_GETADDRINFO) || defined (WRAP_GETADDRINFO)464465static466int getaddrinfo (const char *name, const char *serv,467const struct addrinfo *hint, struct addrinfo **result);468469static470void freeaddrinfo (struct addrinfo *ai);471472#endif473474#if !defined (HAVE_GETADDRINFO)475476#define HAVE_FAKE_GETADDRINFO /* was not originally HAVE_GETADDRINFO */477#define HAVE_GETADDRINFO478#define NEED_FAKE_GETNAMEINFO479#undef HAVE_GETNAMEINFO480#define HAVE_GETNAMEINFO 1481482#undef getnameinfo483#define getnameinfo my_fake_getnameinfo484485static486char *gai_strerror (int code);487488#endif489490#if !defined (HAVE_GETADDRINFO)491static492int getnameinfo (const struct sockaddr *addr, socklen_t len,493char *host, socklen_t hostlen,494char *service, socklen_t servicelen,495int flags);496#endif497498/* Fudge things on older gai implementations. */499/* AIX 4.3.3 is based on RFC 2133; no AI_NUMERICHOST. */500#ifndef AI_NUMERICHOST501# define AI_NUMERICHOST 0502#endif503/* Partial RFC 2553 implementations may not have AI_ADDRCONFIG and504friends, which RFC 3493 says are now part of the getaddrinfo505interface, and we'll want to use. */506#ifndef AI_ADDRCONFIG507# define AI_ADDRCONFIG 0508#endif509#ifndef AI_V4MAPPED510# define AI_V4MAPPED 0511#endif512#ifndef AI_ALL513# define AI_ALL 0514#endif515#ifndef AI_DEFAULT516# define AI_DEFAULT (AI_ADDRCONFIG|AI_V4MAPPED)517#endif518519#if defined(HAVE_FAKE_GETADDRINFO) || defined(FAI_CACHE)520#define NEED_FAKE_GETADDRINFO521#endif522523#if defined(NEED_FAKE_GETADDRINFO) || defined(WRAP_GETADDRINFO)524#include <stdlib.h>525#endif526527#ifdef NEED_FAKE_GETADDRINFO528#include <string.h> /* for strspn */529530static inline int translate_h_errno (int h);531532static inline int fai_add_entry (struct addrinfo **result, void *addr,533int port, const struct addrinfo *template)534{535struct addrinfo *n = malloc (sizeof (struct addrinfo));536if (n == 0)537return EAI_MEMORY;538if (template->ai_family != AF_INET539&& template->ai_family != AF_INET6540)541return EAI_FAMILY;542*n = *template;543if (template->ai_family == AF_INET) {544struct sockaddr_in *sin4;545sin4 = malloc (sizeof (struct sockaddr_in));546if (sin4 == 0)547return EAI_MEMORY;548memset (sin4, 0, sizeof (struct sockaddr_in)); /* for sin_zero */549n->ai_addr = (struct sockaddr *) sin4;550sin4->sin_family = AF_INET;551sin4->sin_addr = *(struct in_addr *)addr;552sin4->sin_port = port;553}554if (template->ai_family == AF_INET6) {555struct sockaddr_in6 *sin6;556sin6 = malloc (sizeof (struct sockaddr_in6));557if (sin6 == 0)558return EAI_MEMORY;559memset (sin6, 0, sizeof (struct sockaddr_in6)); /* for sin_zero */560n->ai_addr = (struct sockaddr *) sin6;561sin6->sin6_family = AF_INET6;562sin6->sin6_addr = *(struct in6_addr *)addr;563sin6->sin6_port = port;564}565n->ai_next = *result;566*result = n;567return 0;568}569570#ifdef FAI_CACHE571/* fake addrinfo cache entries */572#define CACHE_ENTRY_LIFETIME 15 /* seconds */573574static void plant_face (const char *name, struct face *entry)575{576entry->name = strdup(name);577if (entry->name == NULL)578/* @@ Wastes memory. */579return;580k5_mutex_assert_locked(&krb5int_fac.lock);581entry->next = krb5int_fac.data;582entry->expiration = time(0) + CACHE_ENTRY_LIFETIME;583krb5int_fac.data = entry;584#ifdef DEBUG_ADDRINFO585printf("added cache entry '%s' at %p: %d ipv4, %d ipv6; expire %d\n",586name, entry, entry->naddrs4, entry->naddrs6, entry->expiration);587#endif588}589590static int find_face (const char *name, struct face **entry)591{592struct face *fp, **fpp;593time_t now = time(0);594595/* First, scan for expired entries and free them.596(Future improvement: Integrate these two loops.) */597#ifdef DEBUG_ADDRINFO598printf("scanning cache at %d for '%s'...\n", now, name);599#endif600k5_mutex_assert_locked(&krb5int_fac.lock);601for (fpp = &krb5int_fac.data; *fpp; ) {602fp = *fpp;603#ifdef DEBUG_ADDRINFO604printf(" checking expiration time of @%p: %d\n",605fp, fp->expiration);606#endif607if (fp->expiration < now) {608#ifdef DEBUG_ADDRINFO609printf("\texpiring cache entry\n");610#endif611free(fp->name);612free(fp->canonname);613free(fp->addrs4);614free(fp->addrs6);615*fpp = fp->next;616free(fp);617/* Stay at this point in the list, and check again. */618} else619/* Move forward. */620fpp = &(*fpp)->next;621}622623for (fp = krb5int_fac.data; fp; fp = fp->next) {624#ifdef DEBUG_ADDRINFO625printf(" comparing entry @%p\n", fp);626#endif627if (!strcasecmp(fp->name, name)) {628#ifdef DEBUG_ADDRINFO629printf("\tMATCH!\n");630#endif631*entry = fp;632return 1;633}634}635return 0;636}637638#endif639640#ifdef FAI_CACHE641static int krb5int_lock_fac(void), krb5int_unlock_fac(void);642#endif643644static inline int fai_add_hosts_by_name (const char *name,645struct addrinfo *template,646int portnum, int flags,647struct addrinfo **result)648{649#ifdef FAI_CACHE650651struct face *ce;652int i, r, err;653654err = krb5int_lock_fac();655if (err) {656errno = err;657return EAI_SYSTEM;658}659if (!find_face(name, &ce)) {660struct addrinfo myhints = { 0 }, *ai, *ai2;661int i4, i6, aierr;662663#ifdef DEBUG_ADDRINFO664printf("looking up new data for '%s'...\n", name);665#endif666myhints.ai_socktype = SOCK_STREAM;667myhints.ai_flags = AI_CANONNAME;668/* Don't set ai_family -- we want to cache all address types,669because the next lookup may not use the same constraints as670the current one. We *could* cache them separately, so that671we never have to look up an IPv6 address if we are always672asked for IPv4 only, but let's deal with that later, if we673have to. */674/* Try NULL for the service for now.675676It would be nice to use the requested service name, and not677have to patch things up, but then we'd be doing multiple678queries for the same host when we get different services.679We were using "telnet" for a little more confidence that680getaddrinfo would heed the hints to only give us stream681socket types (with no socket type and null service name, we682might get stream *and* dgram *and* raw, for each address,683or only raw). The RFC 3493 description of ai_socktype684sometimes associates it with the specified service,685sometimes not.686687But on macOS (10.3, 10.4) they've "extended" getaddrinfo688to make SRV RR queries. (Please, somebody, show me689something in the specs that actually supports this? RFC6903493 says nothing about it, but it does say getaddrinfo is691the new way to look up hostnames. RFC 2782 says SRV692records should *not* be used unless the application693protocol spec says to do so. The Telnet spec does not say694to do it.) And then they complain when our code695"unexpectedly" seems to use this "extension" in cases where696they don't want it to be used.697698Fortunately, it appears that if we specify ai_socktype as699SOCK_STREAM and use a null service name, we only get one700copy of each address on all the platforms I've tried,701although it may not have ai_socktype filled in properly.702So, we'll fudge it with that for now. */703aierr = system_getaddrinfo(name, NULL, &myhints, &ai);704if (aierr) {705krb5int_unlock_fac();706return aierr;707}708ce = malloc(sizeof(struct face));709memset(ce, 0, sizeof(*ce));710ce->expiration = time(0) + 30;711for (ai2 = ai; ai2; ai2 = ai2->ai_next) {712#ifdef DEBUG_ADDRINFO713printf(" found an address in family %d...\n", ai2->ai_family);714#endif715switch (ai2->ai_family) {716case AF_INET:717ce->naddrs4++;718break;719case AF_INET6:720ce->naddrs6++;721break;722default:723break;724}725}726ce->addrs4 = calloc(ce->naddrs4, sizeof(*ce->addrs4));727if (ce->addrs4 == NULL && ce->naddrs4 != 0) {728krb5int_unlock_fac();729system_freeaddrinfo(ai);730return EAI_MEMORY;731}732ce->addrs6 = calloc(ce->naddrs6, sizeof(*ce->addrs6));733if (ce->addrs6 == NULL && ce->naddrs6 != 0) {734krb5int_unlock_fac();735free(ce->addrs4);736system_freeaddrinfo(ai);737return EAI_MEMORY;738}739for (ai2 = ai, i4 = i6 = 0; ai2; ai2 = ai2->ai_next) {740switch (ai2->ai_family) {741case AF_INET:742ce->addrs4[i4++] = ((struct sockaddr_in *)ai2->ai_addr)->sin_addr;743break;744case AF_INET6:745ce->addrs6[i6++] = ((struct sockaddr_in6 *)ai2->ai_addr)->sin6_addr;746break;747default:748break;749}750}751ce->canonname = ai->ai_canonname ? strdup(ai->ai_canonname) : 0;752system_freeaddrinfo(ai);753plant_face(name, ce);754}755template->ai_family = AF_INET6;756template->ai_addrlen = sizeof(struct sockaddr_in6);757for (i = 0; i < ce->naddrs6; i++) {758r = fai_add_entry (result, &ce->addrs6[i], portnum, template);759if (r) {760krb5int_unlock_fac();761return r;762}763}764template->ai_family = AF_INET;765template->ai_addrlen = sizeof(struct sockaddr_in);766for (i = 0; i < ce->naddrs4; i++) {767r = fai_add_entry (result, &ce->addrs4[i], portnum, template);768if (r) {769krb5int_unlock_fac();770return r;771}772}773if (*result && (flags & AI_CANONNAME))774(*result)->ai_canonname = (ce->canonname775? strdup(ce->canonname)776: NULL);777krb5int_unlock_fac();778return 0;779780#else781782struct hostent *hp;783int i, r;784int herr;785GET_HOST_TMP htmp;786787GET_HOST_BY_NAME (name, hp, herr, htmp);788if (hp == 0)789return translate_h_errno (herr);790for (i = 0; hp->h_addr_list[i]; i++) {791r = fai_add_entry (result, hp->h_addr_list[i], portnum, template);792if (r)793return r;794}795if (*result && (flags & AI_CANONNAME))796(*result)->ai_canonname = strdup (hp->h_name);797return 0;798799#endif800}801802static inline void803fake_freeaddrinfo (struct addrinfo *ai)804{805struct addrinfo *next;806while (ai) {807next = ai->ai_next;808if (ai->ai_canonname)809free (ai->ai_canonname);810if (ai->ai_addr)811free (ai->ai_addr);812free (ai);813ai = next;814}815}816817static inline int818fake_getaddrinfo (const char *name, const char *serv,819const struct addrinfo *hint, struct addrinfo **result)820{821struct addrinfo *res = 0;822int ret;823int port = 0, socktype;824int flags;825struct addrinfo template;826827#ifdef DEBUG_ADDRINFO828debug_dump_getaddrinfo_args(name, serv, hint);829#endif830831if (hint != 0) {832if (hint->ai_family != 0 && hint->ai_family != AF_INET)833return EAI_NODATA;834socktype = hint->ai_socktype;835flags = hint->ai_flags;836} else {837socktype = 0;838flags = 0;839}840841if (serv) {842size_t numlen = strspn (serv, "0123456789");843if (serv[numlen] == '\0') {844/* pure numeric */845unsigned long p = strtoul (serv, 0, 10);846if (p == 0 || p > 65535)847return EAI_NONAME;848port = htons (p);849} else {850struct servent *sp;851int try_dgram_too = 0, s_err;852GET_SERV_TMP stmp;853854if (socktype == 0) {855try_dgram_too = 1;856socktype = SOCK_STREAM;857}858try_service_lookup:859GET_SERV_BY_NAME(serv, socktype == SOCK_STREAM ? "tcp" : "udp",860sp, s_err, stmp);861if (sp == 0) {862if (try_dgram_too) {863socktype = SOCK_DGRAM;864goto try_service_lookup;865}866return EAI_SERVICE;867}868port = sp->s_port;869}870}871872if (name == 0) {873name = (flags & AI_PASSIVE) ? "0.0.0.0" : "127.0.0.1";874flags |= AI_NUMERICHOST;875}876877template.ai_family = AF_INET;878template.ai_addrlen = sizeof (struct sockaddr_in);879template.ai_socktype = socktype;880template.ai_protocol = 0;881template.ai_flags = 0;882template.ai_canonname = 0;883template.ai_next = 0;884template.ai_addr = 0;885886/* If NUMERICHOST is set, parse a numeric address.887If it's not set, don't accept such names. */888if (flags & AI_NUMERICHOST) {889struct in_addr addr4;890addr4.s_addr = inet_addr (name);891if (addr4.s_addr == 0xffffffff || addr4.s_addr == -1)892/* 255.255.255.255 or parse error, both bad */893return EAI_NONAME;894ret = fai_add_entry (&res, &addr4, port, &template);895} else {896ret = fai_add_hosts_by_name (name, &template, port, flags,897&res);898}899900if (ret && ret != NO_ADDRESS) {901fake_freeaddrinfo (res);902return ret;903}904if (res == 0)905return NO_ADDRESS;906*result = res;907return 0;908}909910#ifdef NEED_FAKE_GETNAMEINFO911static inline int912fake_getnameinfo (const struct sockaddr *sa, socklen_t len,913char *host, socklen_t hostlen,914char *service, socklen_t servicelen,915int flags)916{917struct hostent *hp;918const struct sockaddr_in *sinp;919struct servent *sp;920size_t hlen, slen;921922if (sa->sa_family != AF_INET) {923return EAI_FAMILY;924}925sinp = (const struct sockaddr_in *) sa;926927hlen = hostlen;928if (hostlen < 0 || hlen != hostlen) {929errno = EINVAL;930return EAI_SYSTEM;931}932slen = servicelen;933if (servicelen < 0 || slen != servicelen) {934errno = EINVAL;935return EAI_SYSTEM;936}937938if (host) {939if (flags & NI_NUMERICHOST) {940#if (defined(__GNUC__) && defined(__mips__)) || 1 /* thread safety always */941/* The inet_ntoa call, passing a struct, fails on IRIX 6.5942using gcc 2.95; we get back "0.0.0.0". Since this in a943configuration still important at Athena, here's the944workaround, which also happens to be thread-safe.... */945const unsigned char *uc;946char tmpbuf[20];947numeric_host:948uc = (const unsigned char *) &sinp->sin_addr;949snprintf(tmpbuf, sizeof(tmpbuf), "%d.%d.%d.%d",950uc[0], uc[1], uc[2], uc[3]);951strncpy(host, tmpbuf, hlen);952#else953char *p;954numeric_host:955p = inet_ntoa (sinp->sin_addr);956strncpy (host, p, hlen);957#endif958} else {959int herr;960GET_HOST_TMP htmp;961962GET_HOST_BY_ADDR((const char *) &sinp->sin_addr,963sizeof (struct in_addr),964sa->sa_family, hp, herr, htmp);965if (hp == 0) {966if (herr == NO_ADDRESS && !(flags & NI_NAMEREQD)) /* ??? */967goto numeric_host;968return translate_h_errno (herr);969}970/* According to the Open Group spec, getnameinfo can971silently truncate, but must still return a972null-terminated string. */973strncpy (host, hp->h_name, hlen);974}975host[hostlen-1] = 0;976}977978if (service) {979if (flags & NI_NUMERICSERV) {980char numbuf[10];981int port;982numeric_service:983port = ntohs (sinp->sin_port);984if (port < 0 || port > 65535)985return EAI_FAIL;986snprintf (numbuf, sizeof(numbuf), "%d", port);987strncpy (service, numbuf, slen);988} else {989int serr;990GET_SERV_TMP stmp;991992GET_SERV_BY_PORT(sinp->sin_port,993(flags & NI_DGRAM) ? "udp" : "tcp",994sp, serr, stmp);995if (sp == 0)996goto numeric_service;997strncpy (service, sp->s_name, slen);998}999service[servicelen-1] = 0;1000}10011002return 0;1003}1004#endif10051006#if defined(HAVE_FAKE_GETADDRINFO) || defined(NEED_FAKE_GETNAMEINFO)10071008static inline1009char *gai_strerror (int code)1010{1011switch (code) {1012case EAI_ADDRFAMILY: return "address family for nodename not supported";1013case EAI_AGAIN: return "temporary failure in name resolution";1014case EAI_BADFLAGS: return "bad flags to getaddrinfo/getnameinfo";1015case EAI_FAIL: return "non-recoverable failure in name resolution";1016case EAI_FAMILY: return "ai_family not supported";1017case EAI_MEMORY: return "out of memory";1018case EAI_NODATA: return "no address associated with hostname";1019case EAI_NONAME: return "name does not exist";1020case EAI_SERVICE: return "service name not supported for specified socket type";1021case EAI_SOCKTYPE: return "ai_socktype not supported";1022case EAI_SYSTEM: return strerror (errno);1023default: return "bogus getaddrinfo error?";1024}1025}1026#endif10271028static inline int translate_h_errno (int h)1029{1030switch (h) {1031case 0:1032return 0;1033#ifdef NETDB_INTERNAL1034case NETDB_INTERNAL:1035if (errno == ENOMEM)1036return EAI_MEMORY;1037return EAI_SYSTEM;1038#endif1039case HOST_NOT_FOUND:1040return EAI_NONAME;1041case TRY_AGAIN:1042return EAI_AGAIN;1043case NO_RECOVERY:1044return EAI_FAIL;1045case NO_DATA:1046#if NO_DATA != NO_ADDRESS1047case NO_ADDRESS:1048#endif1049return EAI_NODATA;1050default:1051return EAI_SYSTEM;1052}1053}10541055#if defined(HAVE_FAKE_GETADDRINFO) || defined(FAI_CACHE)1056static inline1057int getaddrinfo (const char *name, const char *serv,1058const struct addrinfo *hint, struct addrinfo **result)1059{1060return fake_getaddrinfo(name, serv, hint, result);1061}10621063static inline1064void freeaddrinfo (struct addrinfo *ai)1065{1066fake_freeaddrinfo(ai);1067}10681069#ifdef NEED_FAKE_GETNAMEINFO1070static inline1071int getnameinfo (const struct sockaddr *sa, socklen_t len,1072char *host, socklen_t hostlen,1073char *service, socklen_t servicelen,1074int flags)1075{1076return fake_getnameinfo(sa, len, host, hostlen, service, servicelen,1077flags);1078}1079#endif /* NEED_FAKE_GETNAMEINFO */1080#endif /* HAVE_FAKE_GETADDRINFO */1081#endif /* NEED_FAKE_GETADDRINFO */108210831084#ifdef WRAP_GETADDRINFO10851086static inline1087int1088getaddrinfo (const char *name, const char *serv, const struct addrinfo *hint,1089struct addrinfo **result)1090{1091int aierr;1092#if defined(_AIX) || defined(COPY_FIRST_CANONNAME)1093struct addrinfo *ai;1094#endif1095#ifdef NUMERIC_SERVICE_BROKEN1096int service_is_numeric = 0;1097int service_port = 0;1098int socket_type = 0;1099#endif11001101#ifdef DEBUG_ADDRINFO1102debug_dump_getaddrinfo_args(name, serv, hint);1103#endif11041105#ifdef NUMERIC_SERVICE_BROKEN1106/* AIX 4.3.3 is broken. (Or perhaps out of date?)11071108If a numeric service is provided, and it doesn't correspond to1109a known service name for tcp or udp (as appropriate), an error1110code (for "host not found") is returned. If the port maps to a1111known service for both udp and tcp, all is well. */1112if (serv && serv[0] && isdigit(serv[0])) {1113unsigned long lport;1114char *end;1115lport = strtoul(serv, &end, 10);1116if (!*end) {1117if (lport > 65535)1118return EAI_SOCKTYPE;1119service_is_numeric = 1;1120service_port = lport;1121#ifdef AI_NUMERICSERV1122if (hint && hint->ai_flags & AI_NUMERICSERV)1123serv = "9";1124else1125#endif1126serv = "discard"; /* defined for both udp and tcp */1127if (hint)1128socket_type = hint->ai_socktype;1129}1130}1131#endif11321133aierr = system_getaddrinfo (name, serv, hint, result);1134if (aierr || *result == 0) {1135#ifdef DEBUG_ADDRINFO1136debug_dump_error(aierr);1137#endif1138return aierr;1139}11401141/* Linux libc version 6 prior to 2.3.4 is broken.11421143RFC 2553 says that when AI_CANONNAME is set, the ai_canonname1144flag of the first returned structure has the canonical name of1145the host. Instead, GNU libc sets ai_canonname in each returned1146structure to the name that the corresponding address maps to,1147if any, or a printable numeric form.11481149RFC 2553 bis and the new Open Group spec say that field will be1150the canonical name if it can be determined, otherwise, the1151provided hostname or a copy of it.11521153IMNSHO, "canonical name" means CNAME processing and not PTR1154processing, but I can see arguing it. Using the numeric form1155when that's not the form provided is just wrong. So, let's fix1156it.11571158The glibc 2.2.5 sources indicate that the canonical name is1159*not* allocated separately, it's just some extra storage tacked1160on the end of the addrinfo structure. So, let's try this1161approach: If getaddrinfo sets ai_canonname, we'll replace the1162*first* one with allocated storage, and free up that pointer in1163freeaddrinfo if it's set; the other ai_canonname fields will be1164left untouched. And we'll just pray that the application code1165won't mess around with the list structure; if we start doing1166that, we'll have to start replacing and freeing all of the1167ai_canonname fields.11681169Ref: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=133668 .11701171Since it's dependent on the target hostname, it's hard to check1172for at configure time. The bug was fixed in glibc 2.3.4.1173After the fix, the ai_canonname field is allocated, so our1174workaround leaks memory. We disable the workaround for glibc1175>= 2.4, but there is no easy way to test for glibc patch1176versions, so we still leak memory under glibc 2.3.4 through11772.3.6.11781179Some Windows documentation says that even when AI_CANONNAME is1180set, the returned ai_canonname field can be null. The NetBSD11811.5 implementation also does this, if the input hostname is a1182numeric host address string. That case isn't handled well at1183the moment.11841185Libc version 5 didn't have getaddrinfo at all. */11861187#ifdef COPY_FIRST_CANONNAME1188/*1189* This code must *always* return an error, return a null1190* ai_canonname, or return an ai_canonname allocated here using1191* malloc, so that freeaddrinfo can always free a non-null1192* ai_canonname. Note that it really doesn't matter if the1193* AI_CANONNAME flag was set.1194*/1195ai = *result;1196if (ai->ai_canonname) {1197struct hostent *hp;1198const char *name2 = 0;1199int i, herr;1200GET_HOST_TMP htmp;12011202/*1203* Current versions of GET_HOST_BY_NAME will fail if the1204* target hostname has IPv6 addresses only. Make sure it1205* fails fairly cleanly.1206*/1207GET_HOST_BY_NAME (name, hp, herr, htmp);1208if (hp == 0) {1209/*1210* This case probably means it's an IPv6-only name. If1211* ai_canonname is a numeric address, get rid of it.1212*/1213if (ai->ai_canonname && strchr(ai->ai_canonname, ':'))1214ai->ai_canonname = 0;1215name2 = ai->ai_canonname ? ai->ai_canonname : name;1216} else {1217/*1218* Sometimes gethostbyname will be directed to /etc/hosts1219* first, and sometimes that file will have entries with1220* the unqualified name first. So take the first entry1221* that looks like it could be a FQDN. Starting with h_name1222* and then all the aliases.1223*/1224for (i = 0, name2 = hp->h_name; name2; i++) {1225if (strchr(name2, '.') != 0)1226break;1227name2 = hp->h_aliases[i];1228}1229if (name2 == 0)1230name2 = hp->h_name;1231}12321233ai->ai_canonname = strdup(name2);1234if (name2 != 0 && ai->ai_canonname == 0) {1235system_freeaddrinfo(ai);1236*result = 0;1237#ifdef DEBUG_ADDRINFO1238debug_dump_error(EAI_MEMORY);1239#endif1240return EAI_MEMORY;1241}1242/* Zap the remaining ai_canonname fields glibc fills in, in1243case the application messes around with the list1244structure. */1245while ((ai = ai->ai_next) != NULL)1246ai->ai_canonname = 0;1247}1248#endif12491250#ifdef NUMERIC_SERVICE_BROKEN1251if (service_port != 0) {1252for (ai = *result; ai; ai = ai->ai_next) {1253if (socket_type != 0 && ai->ai_socktype == 0)1254/* Is this check actually needed? */1255ai->ai_socktype = socket_type;1256sa_setport(ai->ai_addr, service_port);1257}1258}1259#endif12601261#ifdef _AIX1262for (ai = *result; ai; ai = ai->ai_next) {1263/* AIX 4.3.3 libc is broken. It doesn't set the family or len1264fields of the sockaddr structures. Usually, sa_family is1265zero, but I've seen it set to 1 in some cases also (maybe1266just leftover from previous contents of the memory1267block?). So, always override what libc returned. */1268ai->ai_addr->sa_family = ai->ai_family;1269}1270#endif12711272/* Not dealt with currently:12731274- Some versions of GNU libc can lose some IPv4 addresses in1275certain cases when multiple IPv4 and IPv6 addresses are1276available. */12771278#ifdef DEBUG_ADDRINFO1279debug_dump_addrinfos(*result);1280#endif12811282return 0;1283}12841285static inline1286void freeaddrinfo (struct addrinfo *ai)1287{1288#ifdef COPY_FIRST_CANONNAME1289if (ai) {1290free(ai->ai_canonname);1291ai->ai_canonname = 0;1292system_freeaddrinfo(ai);1293}1294#else1295system_freeaddrinfo(ai);1296#endif1297}1298#endif /* WRAP_GETADDRINFO */12991300#ifdef FAI_CACHE1301static int krb5int_lock_fac (void)1302{1303int err;1304err = krb5int_call_thread_support_init();1305if (err)1306return err;1307return k5_mutex_lock(&krb5int_fac.lock);1308}13091310static int krb5int_unlock_fac (void)1311{1312return k5_mutex_unlock(&krb5int_fac.lock);1313}1314#endif13151316/* Some systems don't define in6addr_any. */1317const struct in6_addr krb5int_in6addr_any = IN6ADDR_ANY_INIT;13181319int krb5int_getaddrinfo (const char *node, const char *service,1320const struct addrinfo *hints,1321struct addrinfo **aip)1322{1323return getaddrinfo(node, service, hints, aip);1324}13251326void krb5int_freeaddrinfo (struct addrinfo *ai)1327{1328freeaddrinfo(ai);1329}13301331const char *krb5int_gai_strerror(int err)1332{1333return gai_strerror(err);1334}13351336int krb5int_getnameinfo (const struct sockaddr *sa, socklen_t salen,1337char *hbuf, size_t hbuflen,1338char *sbuf, size_t sbuflen,1339int flags)1340{1341return getnameinfo(sa, salen, hbuf, hbuflen, sbuf, sbuflen, flags);1342}134313441345