]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/nss-myhostname/nss-myhostname.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #26213 from poettering/journal-rework-seqnum
[thirdparty/systemd.git] / src / nss-myhostname / nss-myhostname.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include <errno.h>
4 #include <net/if.h>
5 #include <netdb.h>
6 #include <nss.h>
7 #include <stdlib.h>
8
9 #include "alloc-util.h"
10 #include "errno-util.h"
11 #include "hostname-util.h"
12 #include "local-addresses.h"
13 #include "macro.h"
14 #include "nss-util.h"
15 #include "resolve-util.h"
16 #include "signal-util.h"
17 #include "socket-util.h"
18 #include "string-util.h"
19
20 /* We use 127.0.0.2 as IPv4 address. This has the advantage over
21 * 127.0.0.1 that it can be translated back to the local hostname. For
22 * IPv6 we use ::1 which unfortunately will not translate back to the
23 * hostname but instead something like "localhost" or so. */
24
25 #define LOCALADDRESS_IPV4 (htobe32(INADDR_LOCALADDRESS))
26 #define LOCALADDRESS_IPV6 &in6addr_loopback
27
28 NSS_GETHOSTBYNAME_PROTOTYPES(myhostname);
29 NSS_GETHOSTBYADDR_PROTOTYPES(myhostname);
30
31 enum nss_status _nss_myhostname_gethostbyname4_r(
32 const char *name,
33 struct gaih_addrtuple **pat,
34 char *buffer, size_t buflen,
35 int *errnop, int *h_errnop,
36 int32_t *ttlp) {
37
38 struct gaih_addrtuple *r_tuple, *r_tuple_prev = NULL;
39 _cleanup_free_ struct local_address *addresses = NULL;
40 _cleanup_free_ char *hn = NULL;
41 const char *canonical = NULL;
42 int n_addresses = 0;
43 uint32_t local_address_ipv4;
44 size_t l, idx, ms;
45 char *r_name;
46
47 PROTECT_ERRNO;
48 BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
49
50 assert(name);
51 assert(pat);
52 assert(buffer);
53 assert(errnop);
54 assert(h_errnop);
55
56 if (is_localhost(name)) {
57 /* We respond to 'localhost', so that /etc/hosts is optional */
58
59 canonical = "localhost";
60 local_address_ipv4 = htobe32(INADDR_LOOPBACK);
61
62 } else if (is_gateway_hostname(name)) {
63
64 n_addresses = local_gateways(NULL, 0, AF_UNSPEC, &addresses);
65 if (n_addresses <= 0)
66 goto not_found;
67
68 canonical = "_gateway";
69
70 } else if (is_outbound_hostname(name)) {
71
72 n_addresses = local_outbounds(NULL, 0, AF_UNSPEC, &addresses);
73 if (n_addresses <= 0)
74 goto not_found;
75
76 canonical = "_outbound";
77
78 } else {
79 hn = gethostname_malloc();
80 if (!hn) {
81 UNPROTECT_ERRNO;
82 *errnop = ENOMEM;
83 *h_errnop = NO_RECOVERY;
84 return NSS_STATUS_TRYAGAIN;
85 }
86
87 /* We respond to our local hostname, our hostname suffixed with a single dot. */
88 if (!streq(name, hn) && !streq_ptr(startswith(name, hn), "."))
89 goto not_found;
90
91 n_addresses = local_addresses(NULL, 0, AF_UNSPEC, &addresses);
92 if (n_addresses < 0)
93 n_addresses = 0;
94
95 canonical = hn;
96 local_address_ipv4 = LOCALADDRESS_IPV4;
97 }
98
99 l = strlen(canonical);
100 ms = ALIGN(l+1) + ALIGN(sizeof(struct gaih_addrtuple)) * (n_addresses > 0 ? n_addresses : 1 + socket_ipv6_is_enabled());
101 if (buflen < ms) {
102 UNPROTECT_ERRNO;
103 *errnop = ERANGE;
104 *h_errnop = NETDB_INTERNAL;
105 return NSS_STATUS_TRYAGAIN;
106 }
107
108 /* First, fill in hostname */
109 r_name = buffer;
110 memcpy(r_name, canonical, l+1);
111 idx = ALIGN(l+1);
112
113 assert(n_addresses >= 0);
114 if (n_addresses == 0) {
115 /* Second, fill in IPv6 tuple */
116 if (socket_ipv6_is_enabled()) {
117 r_tuple = (struct gaih_addrtuple*) (buffer + idx);
118 r_tuple->next = r_tuple_prev;
119 r_tuple->name = r_name;
120 r_tuple->family = AF_INET6;
121 memcpy(r_tuple->addr, LOCALADDRESS_IPV6, 16);
122 r_tuple->scopeid = 0;
123
124 idx += ALIGN(sizeof(struct gaih_addrtuple));
125 r_tuple_prev = r_tuple;
126 }
127
128 /* Third, fill in IPv4 tuple */
129 r_tuple = (struct gaih_addrtuple*) (buffer + idx);
130 r_tuple->next = r_tuple_prev;
131 r_tuple->name = r_name;
132 r_tuple->family = AF_INET;
133 *(uint32_t*) r_tuple->addr = local_address_ipv4;
134 r_tuple->scopeid = 0;
135
136 idx += ALIGN(sizeof(struct gaih_addrtuple));
137 r_tuple_prev = r_tuple;
138 }
139
140 /* Fourth, fill actual addresses in, but in backwards order */
141 for (int i = n_addresses; i > 0; i--) {
142 struct local_address *a = addresses + i - 1;
143
144 r_tuple = (struct gaih_addrtuple*) (buffer + idx);
145 r_tuple->next = r_tuple_prev;
146 r_tuple->name = r_name;
147 r_tuple->family = a->family;
148 r_tuple->scopeid = a->family == AF_INET6 && in6_addr_is_link_local(&a->address.in6) ? a->ifindex : 0;
149 memcpy(r_tuple->addr, &a->address, 16);
150
151 idx += ALIGN(sizeof(struct gaih_addrtuple));
152 r_tuple_prev = r_tuple;
153 }
154
155 /* Verify the size matches */
156 assert(idx == ms);
157
158 /* Nscd expects us to store the first record in **pat. */
159 if (*pat)
160 **pat = *r_tuple_prev;
161 else
162 *pat = r_tuple_prev;
163
164 if (ttlp)
165 *ttlp = 0;
166
167 /* Explicitly reset both *h_errnop and h_errno to work around
168 * https://bugzilla.redhat.com/show_bug.cgi?id=1125975 */
169 *h_errnop = NETDB_SUCCESS;
170 h_errno = 0;
171
172 return NSS_STATUS_SUCCESS;
173
174 not_found:
175 *h_errnop = HOST_NOT_FOUND;
176 return NSS_STATUS_NOTFOUND;
177 }
178
179 static enum nss_status fill_in_hostent(
180 const char *canonical, const char *additional,
181 int af,
182 struct local_address *addresses, unsigned n_addresses,
183 uint32_t local_address_ipv4,
184 struct hostent *result,
185 char *buffer, size_t buflen,
186 int *errnop, int *h_errnop,
187 int32_t *ttlp,
188 char **canonp) {
189
190 size_t l_canonical, l_additional, idx, ms, alen;
191 char *r_addr, *r_name, *r_aliases, *r_alias = NULL, *r_addr_list;
192 struct local_address *a;
193 unsigned n, c;
194
195 assert(canonical);
196 assert(IN_SET(af, AF_INET, AF_INET6));
197 assert(result);
198 assert(buffer);
199 assert(errnop);
200 assert(h_errnop);
201
202 PROTECT_ERRNO;
203
204 alen = FAMILY_ADDRESS_SIZE(af);
205
206 for (a = addresses, n = 0, c = 0; n < n_addresses; a++, n++)
207 if (af == a->family)
208 c++;
209
210 l_canonical = strlen(canonical);
211 l_additional = strlen_ptr(additional);
212 ms = ALIGN(l_canonical+1)+
213 (additional ? ALIGN(l_additional+1) : 0) +
214 sizeof(char*) +
215 (additional ? sizeof(char*) : 0) +
216 (c > 0 ? c : af == AF_INET ? 1 : socket_ipv6_is_enabled()) * ALIGN(alen) +
217 (c > 0 ? c+1 : af == AF_INET ? 2 : (unsigned) socket_ipv6_is_enabled() + 1) * sizeof(char*);
218
219 if (buflen < ms) {
220 UNPROTECT_ERRNO;
221 *errnop = ERANGE;
222 *h_errnop = NETDB_INTERNAL;
223 return NSS_STATUS_TRYAGAIN;
224 }
225
226 /* First, fill in hostnames */
227 r_name = buffer;
228 memcpy(r_name, canonical, l_canonical+1);
229 idx = ALIGN(l_canonical+1);
230
231 if (additional) {
232 r_alias = buffer + idx;
233 memcpy(r_alias, additional, l_additional+1);
234 idx += ALIGN(l_additional+1);
235 }
236
237 /* Second, create aliases array */
238 r_aliases = buffer + idx;
239 if (additional) {
240 ((char**) r_aliases)[0] = r_alias;
241 ((char**) r_aliases)[1] = NULL;
242 idx += 2*sizeof(char*);
243 } else {
244 ((char**) r_aliases)[0] = NULL;
245 idx += sizeof(char*);
246 }
247
248 /* Third, add addresses */
249 r_addr = buffer + idx;
250 if (c > 0) {
251 unsigned i = 0;
252
253 for (a = addresses, n = 0; n < n_addresses; a++, n++) {
254 if (af != a->family)
255 continue;
256
257 memcpy(r_addr + i*ALIGN(alen), &a->address, alen);
258 i++;
259 }
260
261 assert(i == c);
262 idx += c*ALIGN(alen);
263
264 } else if (af == AF_INET) {
265 *(uint32_t*) r_addr = local_address_ipv4;
266 idx += ALIGN(alen);
267 } else if (socket_ipv6_is_enabled()) {
268 memcpy(r_addr, LOCALADDRESS_IPV6, 16);
269 idx += ALIGN(alen);
270 }
271
272 /* Fourth, add address pointer array */
273 r_addr_list = buffer + idx;
274 if (c > 0) {
275 unsigned i;
276
277 for (i = 0; i < c; i++)
278 ((char**) r_addr_list)[i] = r_addr + i*ALIGN(alen);
279
280 ((char**) r_addr_list)[i] = NULL;
281 idx += (c+1) * sizeof(char*);
282
283 } else if (af == AF_INET || socket_ipv6_is_enabled()) {
284 ((char**) r_addr_list)[0] = r_addr;
285 ((char**) r_addr_list)[1] = NULL;
286 idx += 2 * sizeof(char*);
287 } else {
288 ((char**) r_addr_list)[0] = NULL;
289 idx += sizeof(char*);
290 }
291
292 /* Verify the size matches */
293 assert(idx == ms);
294
295 result->h_name = r_name;
296 result->h_aliases = (char**) r_aliases;
297 result->h_addrtype = af;
298 result->h_length = alen;
299 result->h_addr_list = (char**) r_addr_list;
300
301 if (ttlp)
302 *ttlp = 0;
303
304 if (canonp)
305 *canonp = r_name;
306
307 /* Explicitly reset both *h_errnop and h_errno to work around
308 * https://bugzilla.redhat.com/show_bug.cgi?id=1125975 */
309 *h_errnop = NETDB_SUCCESS;
310 h_errno = 0;
311
312 return NSS_STATUS_SUCCESS;
313 }
314
315 enum nss_status _nss_myhostname_gethostbyname3_r(
316 const char *name,
317 int af,
318 struct hostent *host,
319 char *buffer, size_t buflen,
320 int *errnop, int *h_errnop,
321 int32_t *ttlp,
322 char **canonp) {
323
324 _cleanup_free_ struct local_address *addresses = NULL;
325 const char *canonical, *additional = NULL;
326 _cleanup_free_ char *hn = NULL;
327 uint32_t local_address_ipv4 = 0;
328 int n_addresses = 0;
329
330 PROTECT_ERRNO;
331 BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
332
333 assert(name);
334 assert(host);
335 assert(buffer);
336 assert(errnop);
337 assert(h_errnop);
338
339 if (af == AF_UNSPEC)
340 af = AF_INET;
341
342 if (!IN_SET(af, AF_INET, AF_INET6)) {
343 UNPROTECT_ERRNO;
344 *errnop = EAFNOSUPPORT;
345 *h_errnop = NO_DATA;
346 return NSS_STATUS_UNAVAIL;
347 }
348
349 if (af == AF_INET6 && !socket_ipv6_is_enabled())
350 goto not_found;
351
352 if (is_localhost(name)) {
353
354 canonical = "localhost";
355 local_address_ipv4 = htobe32(INADDR_LOOPBACK);
356
357 } else if (is_gateway_hostname(name)) {
358
359 n_addresses = local_gateways(NULL, 0, af, &addresses);
360 if (n_addresses <= 0)
361 goto not_found;
362
363 canonical = "_gateway";
364
365 } else if (is_outbound_hostname(name)) {
366
367 n_addresses = local_outbounds(NULL, 0, af, &addresses);
368 if (n_addresses <= 0)
369 goto not_found;
370
371 canonical = "_outbound";
372
373 } else {
374 hn = gethostname_malloc();
375 if (!hn) {
376 UNPROTECT_ERRNO;
377 *errnop = ENOMEM;
378 *h_errnop = NO_RECOVERY;
379 return NSS_STATUS_TRYAGAIN;
380 }
381
382 if (!streq(name, hn) && !streq_ptr(startswith(name, hn), "."))
383 goto not_found;
384
385 n_addresses = local_addresses(NULL, 0, af, &addresses);
386 if (n_addresses < 0)
387 n_addresses = 0;
388
389 canonical = hn;
390 additional = n_addresses <= 0 && af == AF_INET6 ? "localhost" : NULL;
391 local_address_ipv4 = LOCALADDRESS_IPV4;
392 }
393
394 UNPROTECT_ERRNO;
395
396 return fill_in_hostent(
397 canonical, additional,
398 af,
399 addresses, n_addresses,
400 local_address_ipv4,
401 host,
402 buffer, buflen,
403 errnop, h_errnop,
404 ttlp,
405 canonp);
406
407 not_found:
408 *h_errnop = HOST_NOT_FOUND;
409 return NSS_STATUS_NOTFOUND;
410 }
411
412 enum nss_status _nss_myhostname_gethostbyaddr2_r(
413 const void* addr, socklen_t len,
414 int af,
415 struct hostent *host,
416 char *buffer, size_t buflen,
417 int *errnop, int *h_errnop,
418 int32_t *ttlp) {
419
420 const char *canonical = NULL, *additional = NULL;
421 uint32_t local_address_ipv4 = LOCALADDRESS_IPV4;
422 _cleanup_free_ struct local_address *addresses = NULL;
423 _cleanup_free_ char *hn = NULL;
424 int n_addresses = 0;
425 struct local_address *a;
426 bool additional_from_hostname = false;
427 unsigned n;
428
429 PROTECT_ERRNO;
430 BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
431
432 assert(addr);
433 assert(host);
434 assert(buffer);
435 assert(errnop);
436 assert(h_errnop);
437
438 if (!IN_SET(af, AF_INET, AF_INET6)) {
439 UNPROTECT_ERRNO;
440 *errnop = EAFNOSUPPORT;
441 *h_errnop = NO_DATA;
442 return NSS_STATUS_UNAVAIL;
443 }
444
445 if (len != FAMILY_ADDRESS_SIZE(af)) {
446 UNPROTECT_ERRNO;
447 *errnop = EINVAL;
448 *h_errnop = NO_RECOVERY;
449 return NSS_STATUS_UNAVAIL;
450 }
451
452 if (af == AF_INET) {
453 if ((*(uint32_t*) addr) == LOCALADDRESS_IPV4)
454 goto found;
455
456 if ((*(uint32_t*) addr) == htobe32(INADDR_LOOPBACK)) {
457 canonical = "localhost";
458 local_address_ipv4 = htobe32(INADDR_LOOPBACK);
459 goto found;
460 }
461
462 } else {
463 assert(af == AF_INET6);
464
465 if (!socket_ipv6_is_enabled())
466 goto not_found;
467
468 if (memcmp(addr, LOCALADDRESS_IPV6, 16) == 0) {
469 canonical = "localhost";
470 additional_from_hostname = true;
471 goto found;
472 }
473 }
474
475 n_addresses = local_addresses(NULL, 0, af, &addresses);
476 for (a = addresses, n = 0; (int) n < n_addresses; n++, a++)
477 if (memcmp(addr, &a->address, FAMILY_ADDRESS_SIZE(af)) == 0)
478 goto found;
479
480 addresses = mfree(addresses);
481
482 n_addresses = local_gateways(NULL, 0, af, &addresses);
483 for (a = addresses, n = 0; (int) n < n_addresses; n++, a++)
484 if (memcmp(addr, &a->address, FAMILY_ADDRESS_SIZE(af)) == 0) {
485 canonical = "_gateway";
486 goto found;
487 }
488
489 not_found:
490 *h_errnop = HOST_NOT_FOUND;
491 return NSS_STATUS_NOTFOUND;
492
493 found:
494 if (!canonical || additional_from_hostname) {
495 hn = gethostname_malloc();
496 if (!hn) {
497 UNPROTECT_ERRNO;
498 *errnop = ENOMEM;
499 *h_errnop = NO_RECOVERY;
500 return NSS_STATUS_TRYAGAIN;
501 }
502
503 if (!canonical)
504 canonical = hn;
505 else
506 additional = hn;
507 }
508
509 UNPROTECT_ERRNO;
510 return fill_in_hostent(
511 canonical, additional,
512 af,
513 addresses, n_addresses,
514 local_address_ipv4,
515 host,
516 buffer, buflen,
517 errnop, h_errnop,
518 ttlp,
519 NULL);
520 }
521
522 NSS_GETHOSTBYNAME_FALLBACKS(myhostname);
523 NSS_GETHOSTBYADDR_FALLBACKS(myhostname);
Unnamed repository; edit this file 'description' to name the repository.