mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-03 12:11:33 +01:00
dirmngr: Add basic libdns support
* dirmngr/dns.c: New file. * dirmngr/dns.h: New file. * dirmngr/Makefile.am (dirmngr_SOURCES): Add new files. * dirmngr/dns-stuff.c: Include dns.h.xxx use libdns (libdns): New global var for the libdns state. (libdns_error_to_gpg_error): New. (libdns_init): New. (resolve_name_libdns): New. (get_dns_cert_libdns): New stub. (getsrv_libdns): New stub. (get_dns_cname_libdns): New stub. Signed-off-by: Justus Winter <justus@g10code.com>
This commit is contained in:
parent
2e734a3ce1
commit
f6acd04264
@ -59,6 +59,7 @@ dirmngr_SOURCES = dirmngr.c dirmngr.h server.c crlcache.c crlfetch.c \
|
|||||||
loadswdb.c \
|
loadswdb.c \
|
||||||
cdb.h cdblib.c misc.c dirmngr-err.h \
|
cdb.h cdblib.c misc.c dirmngr-err.h \
|
||||||
ocsp.c ocsp.h validate.c validate.h \
|
ocsp.c ocsp.h validate.c validate.h \
|
||||||
|
dns.c dns.h \
|
||||||
dns-stuff.c dns-stuff.h \
|
dns-stuff.c dns-stuff.h \
|
||||||
http.c http.h \
|
http.c http.h \
|
||||||
ks-action.c ks-action.h ks-engine.h \
|
ks-action.c ks-action.h ks-engine.h \
|
||||||
@ -102,7 +103,7 @@ dirmngr_client_LDADD = $(libcommon) \
|
|||||||
dirmngr_client_LDFLAGS = $(extra_bin_ldflags)
|
dirmngr_client_LDFLAGS = $(extra_bin_ldflags)
|
||||||
|
|
||||||
|
|
||||||
t_common_src = t-support.h
|
t_common_src = t-support.h dns.c dns.h
|
||||||
t_common_ldadd = $(libcommon) $(LIBASSUAN_LIBS) $(LIBGCRYPT_LIBS) \
|
t_common_ldadd = $(libcommon) $(LIBASSUAN_LIBS) $(LIBGCRYPT_LIBS) \
|
||||||
$(GPG_ERROR_LIBS) $(NETLIBS) \
|
$(GPG_ERROR_LIBS) $(NETLIBS) \
|
||||||
$(NTBTLS_LIBS) $(LIBGNUTLS_LIBS) \
|
$(NTBTLS_LIBS) $(LIBGNUTLS_LIBS) \
|
||||||
@ -130,7 +131,7 @@ endif
|
|||||||
|
|
||||||
|
|
||||||
# http tests
|
# http tests
|
||||||
t_http_SOURCES = t-http.c http.c dns-stuff.c
|
t_http_SOURCES = $(t_common_src) t-http.c http.c dns-stuff.c
|
||||||
t_http_CFLAGS = -DWITHOUT_NPTH=1 \
|
t_http_CFLAGS = -DWITHOUT_NPTH=1 \
|
||||||
$(LIBGCRYPT_CFLAGS) $(NTBTLS_CFLAGS) $(LIBGNUTLS_CFLAGS) \
|
$(LIBGCRYPT_CFLAGS) $(NTBTLS_CFLAGS) $(LIBGNUTLS_CFLAGS) \
|
||||||
$(GPG_ERROR_CFLAGS)
|
$(GPG_ERROR_CFLAGS)
|
||||||
@ -147,7 +148,7 @@ t_ldap_parse_uri_LDADD = $(ldaplibs) $(t_common_ldadd) $(DNSLIBS)
|
|||||||
|
|
||||||
t_dns_stuff_CFLAGS = -DWITHOUT_NPTH=1 \
|
t_dns_stuff_CFLAGS = -DWITHOUT_NPTH=1 \
|
||||||
$(LIBGCRYPT_CFLAGS) $(GPG_ERROR_CFLAGS)
|
$(LIBGCRYPT_CFLAGS) $(GPG_ERROR_CFLAGS)
|
||||||
t_dns_stuff_SOURCES = t-dns-stuff.c dns-stuff.c
|
t_dns_stuff_SOURCES = $(t_common_src) t-dns-stuff.c dns-stuff.c
|
||||||
t_dns_stuff_LDADD = $(t_common_ldadd) $(DNSLIBS)
|
t_dns_stuff_LDADD = $(t_common_ldadd) $(DNSLIBS)
|
||||||
|
|
||||||
$(PROGRAMS) : $(libcommon) $(libcommonpth)
|
$(PROGRAMS) : $(libcommon) $(libcommonpth)
|
||||||
|
@ -46,6 +46,9 @@
|
|||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
|
|
||||||
|
/* William Ahern's DNS library, included as a source copy. */
|
||||||
|
#include "dns.h"
|
||||||
|
|
||||||
#ifdef WITHOUT_NPTH /* Give the Makefile a chance to build without Pth. */
|
#ifdef WITHOUT_NPTH /* Give the Makefile a chance to build without Pth. */
|
||||||
# undef USE_NPTH
|
# undef USE_NPTH
|
||||||
#endif
|
#endif
|
||||||
@ -125,6 +128,8 @@ standard_resolver_p (void)
|
|||||||
gpg_error_t
|
gpg_error_t
|
||||||
enable_dns_tormode (int new_circuit)
|
enable_dns_tormode (int new_circuit)
|
||||||
{
|
{
|
||||||
|
/* XXX: dns.c doesn't support SOCKS credentials. */
|
||||||
|
|
||||||
if (!*tor_credentials || new_circuit)
|
if (!*tor_credentials || new_circuit)
|
||||||
{
|
{
|
||||||
static unsigned int counter;
|
static unsigned int counter;
|
||||||
@ -193,6 +198,191 @@ map_eai_to_gpg_error (int ec)
|
|||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
struct
|
||||||
|
{
|
||||||
|
struct dns_resolv_conf *resolv_conf;
|
||||||
|
struct dns_hosts *hosts;
|
||||||
|
struct dns_hints *hints;
|
||||||
|
|
||||||
|
struct sockaddr_storage socks_host;
|
||||||
|
} libdns;
|
||||||
|
|
||||||
|
static gpg_error_t
|
||||||
|
libdns_error_to_gpg_error (int error)
|
||||||
|
{
|
||||||
|
gpg_err_code_t ec;
|
||||||
|
|
||||||
|
switch (error)
|
||||||
|
{
|
||||||
|
case 0:
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
default:
|
||||||
|
/* XXX */
|
||||||
|
fprintf (stderr, "libdns: %s\n", dns_strerror (error));
|
||||||
|
ec = GPG_ERR_GENERAL;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
return gpg_error (ec);
|
||||||
|
}
|
||||||
|
|
||||||
|
static gpg_error_t
|
||||||
|
libdns_init (void)
|
||||||
|
{
|
||||||
|
int error;
|
||||||
|
|
||||||
|
libdns.resolv_conf = dns_resconf_open (&error);
|
||||||
|
if (! libdns.resolv_conf)
|
||||||
|
goto leave;
|
||||||
|
|
||||||
|
#if 0
|
||||||
|
error = dns_resconf_pton (&libdns.resolv_conf->nameserver[0],
|
||||||
|
"[127.0.0.1]:53");
|
||||||
|
if (error)
|
||||||
|
goto leave;
|
||||||
|
#else
|
||||||
|
error = dns_resconf_loadpath (libdns.resolv_conf, "/etc/resolv.conf");
|
||||||
|
if (error)
|
||||||
|
goto leave;
|
||||||
|
|
||||||
|
error = dns_nssconf_loadpath (libdns.resolv_conf, "/etc/nsswitch.conf");
|
||||||
|
if (error)
|
||||||
|
goto leave;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
libdns.hosts = dns_hosts_open (&error);
|
||||||
|
if (! libdns.hosts)
|
||||||
|
goto leave;
|
||||||
|
|
||||||
|
/* dns_hints_local for stub mode, dns_hints_root for recursive. */
|
||||||
|
libdns.hints = dns_hints_local (libdns.resolv_conf, &error);
|
||||||
|
if (! libdns.hints)
|
||||||
|
goto leave;
|
||||||
|
|
||||||
|
/* XXX */
|
||||||
|
leave:
|
||||||
|
return libdns_error_to_gpg_error (error);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static gpg_error_t
|
||||||
|
resolve_name_libdns (const char *name, unsigned short port,
|
||||||
|
int want_family, int want_socktype,
|
||||||
|
dns_addrinfo_t *r_dai, char **r_canonname)
|
||||||
|
{
|
||||||
|
gpg_error_t err = 0;
|
||||||
|
dns_addrinfo_t daihead = NULL;
|
||||||
|
dns_addrinfo_t dai;
|
||||||
|
struct dns_resolver *res;
|
||||||
|
struct dns_addrinfo *ai = NULL;
|
||||||
|
struct addrinfo hints;
|
||||||
|
struct addrinfo *ent;
|
||||||
|
char portstr_[21];
|
||||||
|
char *portstr = portstr_;
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
err = libdns_init ();
|
||||||
|
if (err)
|
||||||
|
return err;
|
||||||
|
|
||||||
|
*r_dai = NULL;
|
||||||
|
if (r_canonname)
|
||||||
|
*r_canonname = NULL;
|
||||||
|
|
||||||
|
memset (&hints, 0, sizeof hints);
|
||||||
|
hints.ai_family = want_family;
|
||||||
|
hints.ai_socktype = want_socktype;
|
||||||
|
hints.ai_flags = AI_ADDRCONFIG;
|
||||||
|
if (r_canonname)
|
||||||
|
hints.ai_flags |= AI_CANONNAME;
|
||||||
|
|
||||||
|
if (port)
|
||||||
|
snprintf (portstr_, sizeof portstr_, "%hu", port);
|
||||||
|
else
|
||||||
|
portstr = NULL;
|
||||||
|
|
||||||
|
res = dns_res_open (libdns.resolv_conf, libdns.hosts, libdns.hints, NULL,
|
||||||
|
dns_opts (/*.socks_host=&libdns.socks_host*/), &ret);
|
||||||
|
if (! res)
|
||||||
|
return libdns_error_to_gpg_error (ret);
|
||||||
|
|
||||||
|
ai = dns_ai_open (name, portstr, 0, &hints, res, &ret);
|
||||||
|
if (! ai)
|
||||||
|
goto leave;
|
||||||
|
|
||||||
|
/* XXX this is blocking. */
|
||||||
|
do {
|
||||||
|
ret = dns_ai_nextent (&ent, ai);
|
||||||
|
switch (ret) {
|
||||||
|
case 0:
|
||||||
|
if (r_canonname && ! *r_canonname && ent && ent->ai_canonname)
|
||||||
|
{
|
||||||
|
*r_canonname = xtrystrdup (ent->ai_canonname);
|
||||||
|
if (!*r_canonname)
|
||||||
|
{
|
||||||
|
err = gpg_error_from_syserror ();
|
||||||
|
goto leave;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
dai = xtrymalloc (sizeof *dai + ent->ai_addrlen - 1);
|
||||||
|
if (dai == NULL)
|
||||||
|
{
|
||||||
|
err = ENOMEM;
|
||||||
|
goto leave;
|
||||||
|
}
|
||||||
|
|
||||||
|
dai->family = ent->ai_family;
|
||||||
|
dai->socktype = ent->ai_socktype;
|
||||||
|
dai->protocol = ent->ai_protocol;
|
||||||
|
dai->addrlen = ent->ai_addrlen;
|
||||||
|
memcpy (dai->addr, ent->ai_addr, ent->ai_addrlen);
|
||||||
|
dai->next = daihead;
|
||||||
|
daihead = dai;
|
||||||
|
|
||||||
|
xfree (ent);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case ENOENT:
|
||||||
|
break;
|
||||||
|
|
||||||
|
case EAGAIN:
|
||||||
|
if (dns_ai_elapsed (ai) > 30)
|
||||||
|
log_assert (! "XXX: query timed-out");
|
||||||
|
|
||||||
|
dns_ai_poll (ai, 1);
|
||||||
|
break;
|
||||||
|
|
||||||
|
default:
|
||||||
|
goto leave;
|
||||||
|
}
|
||||||
|
} while (ret != ENOENT);
|
||||||
|
|
||||||
|
if (ret == ENOENT && daihead != NULL)
|
||||||
|
ret = 0; /* We got some results, we're good. */
|
||||||
|
|
||||||
|
leave:
|
||||||
|
dns_ai_close (ai);
|
||||||
|
dns_res_close (res);
|
||||||
|
|
||||||
|
if (ret && ! err)
|
||||||
|
err = libdns_error_to_gpg_error (ret);
|
||||||
|
|
||||||
|
if (err)
|
||||||
|
{
|
||||||
|
if (r_canonname)
|
||||||
|
{
|
||||||
|
xfree (*r_canonname);
|
||||||
|
*r_canonname = NULL;
|
||||||
|
}
|
||||||
|
free_dns_addrinfo (daihead);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
*r_dai = daihead;
|
||||||
|
|
||||||
|
return err;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/* Resolve a name using the standard system function. */
|
/* Resolve a name using the standard system function. */
|
||||||
static gpg_error_t
|
static gpg_error_t
|
||||||
@ -376,11 +566,10 @@ resolve_dns_name (const char *name, unsigned short port,
|
|||||||
int want_family, int want_socktype,
|
int want_family, int want_socktype,
|
||||||
dns_addrinfo_t *r_ai, char **r_canonname)
|
dns_addrinfo_t *r_ai, char **r_canonname)
|
||||||
{
|
{
|
||||||
#ifdef NOTYET
|
|
||||||
if (!standard_resolver)
|
if (!standard_resolver)
|
||||||
return resolve_name_libdns (name, port, want_family, want_socktype,
|
return resolve_name_libdns (name, port, want_family, want_socktype,
|
||||||
r_ai, r_canonname);
|
r_ai, r_canonname);
|
||||||
#endif
|
|
||||||
return resolve_name_standard (name, port, want_family, want_socktype,
|
return resolve_name_standard (name, port, want_family, want_socktype,
|
||||||
r_ai, r_canonname);
|
r_ai, r_canonname);
|
||||||
}
|
}
|
||||||
@ -475,6 +664,16 @@ is_onion_address (const char *name)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* libdns version of get_dns_cert. */
|
||||||
|
static gpg_error_t
|
||||||
|
get_dns_cert_libdns (const char *name, int want_certtype,
|
||||||
|
void **r_key, size_t *r_keylen,
|
||||||
|
unsigned char **r_fpr, size_t *r_fprlen, char **r_url)
|
||||||
|
{
|
||||||
|
return gpg_error (ENOTSUP);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/* Standard resolver version of get_dns_cert. */
|
/* Standard resolver version of get_dns_cert. */
|
||||||
static gpg_error_t
|
static gpg_error_t
|
||||||
get_dns_cert_standard (const char *name, int want_certtype,
|
get_dns_cert_standard (const char *name, int want_certtype,
|
||||||
@ -701,11 +900,10 @@ get_dns_cert (const char *name, int want_certtype,
|
|||||||
*r_fprlen = 0;
|
*r_fprlen = 0;
|
||||||
*r_url = NULL;
|
*r_url = NULL;
|
||||||
|
|
||||||
#ifdef NOTYET
|
|
||||||
if (!standard_resolver)
|
if (!standard_resolver)
|
||||||
return get_dns_cert_libdns (name, want_certtype, r_key, r_keylen,
|
return get_dns_cert_libdns (name, want_certtype, r_key, r_keylen,
|
||||||
r_fpr, r_fprlen, r_url);
|
r_fpr, r_fprlen, r_url);
|
||||||
#endif
|
|
||||||
return get_dns_cert_standard (name, want_certtype, r_key, r_keylen,
|
return get_dns_cert_standard (name, want_certtype, r_key, r_keylen,
|
||||||
r_fpr, r_fprlen, r_url);
|
r_fpr, r_fprlen, r_url);
|
||||||
}
|
}
|
||||||
@ -727,6 +925,14 @@ priosort(const void *a,const void *b)
|
|||||||
/* Standard resolver based helper for getsrv. */
|
/* Standard resolver based helper for getsrv. */
|
||||||
static int
|
static int
|
||||||
getsrv_standard (const char *name, struct srventry **list)
|
getsrv_standard (const char *name, struct srventry **list)
|
||||||
|
{
|
||||||
|
return gpg_error (ENOTSUP);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* libdns based helper for getsrv. */
|
||||||
|
static int
|
||||||
|
getsrv_libdns (const char *name, struct srventry **list)
|
||||||
{
|
{
|
||||||
#ifdef HAVE_SYSTEM_RESOLVER
|
#ifdef HAVE_SYSTEM_RESOLVER
|
||||||
union {
|
union {
|
||||||
@ -850,12 +1056,8 @@ getsrv (const char *name, struct srventry **list)
|
|||||||
|
|
||||||
*list = NULL;
|
*list = NULL;
|
||||||
|
|
||||||
if (0)
|
if (!standard_resolver)
|
||||||
;
|
|
||||||
#ifdef NOTYET
|
|
||||||
else if (!standard_resolver)
|
|
||||||
srvcount = getsrv_libdns (name, list);
|
srvcount = getsrv_libdns (name, list);
|
||||||
#endif
|
|
||||||
else
|
else
|
||||||
srvcount = getsrv_standard (name, list);
|
srvcount = getsrv_standard (name, list);
|
||||||
|
|
||||||
@ -939,6 +1141,14 @@ getsrv (const char *name, struct srventry **list)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* libdns version of get_dns_cname. */
|
||||||
|
gpg_error_t
|
||||||
|
get_dns_cname_libdns (const char *name, char **r_cname)
|
||||||
|
{
|
||||||
|
return gpg_error (ENOTSUP);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/* Standard resolver version of get_dns_cname. */
|
/* Standard resolver version of get_dns_cname. */
|
||||||
gpg_error_t
|
gpg_error_t
|
||||||
get_dns_cname_standard (const char *name, char **r_cname)
|
get_dns_cname_standard (const char *name, char **r_cname)
|
||||||
@ -1022,10 +1232,8 @@ get_dns_cname (const char *name, char **r_cname)
|
|||||||
{
|
{
|
||||||
*r_cname = NULL;
|
*r_cname = NULL;
|
||||||
|
|
||||||
#ifdef NOTYET
|
|
||||||
if (!standard_resolver)
|
if (!standard_resolver)
|
||||||
return get_dns_cname_libdns (name, r_cname);
|
return get_dns_cname_libdns (name, r_cname);
|
||||||
#endif
|
|
||||||
|
|
||||||
return get_dns_cname_standard (name, r_cname);
|
return get_dns_cname_standard (name, r_cname);
|
||||||
}
|
}
|
||||||
|
11152
dirmngr/dns.c
Normal file
11152
dirmngr/dns.c
Normal file
File diff suppressed because it is too large
Load Diff
1361
dirmngr/dns.h
Normal file
1361
dirmngr/dns.h
Normal file
File diff suppressed because it is too large
Load Diff
Loading…
x
Reference in New Issue
Block a user