]> git.ipfire.org Git - thirdparty/glibc.git/blame - resolv/res_send.c
projects / thirdparty / glibc.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
tunables: report sbrk() failure
[thirdparty/glibc.git] / resolv / res_send.c
CommitLineData
04277e02 1/* Copyright (C) 2016-2019 Free Software Foundation, Inc.
e9db92d3
CD		 2 This file is part of the GNU C Library.
3
4 The GNU C Library is free software; you can redistribute it and/or
5 modify it under the terms of the GNU Lesser General Public
6 License as published by the Free Software Foundation; either
7 version 2.1 of the License, or (at your option) any later version.
8
9 The GNU C Library is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 Lesser General Public License for more details.
13
14 You should have received a copy of the GNU Lesser General Public
15 License along with the GNU C Library; if not, see
5a82c748 16 <https://www.gnu.org/licenses/>. */
e9db92d3 17
28f540f4 18/*
28f540f4
RM		 19 * Copyright (c) 1985, 1989, 1993
20 * The Regents of the University of California. All rights reserved.
e62b2105 21 *
28f540f4
RM		 22 * Redistribution and use in source and binary forms, with or without
23 * modification, are permitted provided that the following conditions
24 * are met:
25 * 1. Redistributions of source code must retain the above copyright
26 * notice, this list of conditions and the following disclaimer.
27 * 2. Redistributions in binary form must reproduce the above copyright
28 * notice, this list of conditions and the following disclaimer in the
29 * documentation and/or other materials provided with the distribution.
28f540f4
RM		 30 * 4. Neither the name of the University nor the names of its contributors
31 * may be used to endorse or promote products derived from this software
32 * without specific prior written permission.
e62b2105 33 *
28f540f4
RM		 34 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
35 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
36 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
37 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
38 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
39 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
40 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
41 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
42 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
43 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
44 * SUCH DAMAGE.
b43b13ac
UD		 45 */
46
47/*
28f540f4 48 * Portions Copyright (c) 1993 by Digital Equipment Corporation.
e62b2105 49 *
28f540f4
RM		 50 * Permission to use, copy, modify, and distribute this software for any
51 * purpose with or without fee is hereby granted, provided that the above
52 * copyright notice and this permission notice appear in all copies, and that
53 * the name of Digital Equipment Corporation not be used in advertising or
54 * publicity pertaining to distribution of the document or software without
55 * specific, written prior permission.
e62b2105 56 *
28f540f4
RM		 57 * THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL
58 * WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES
59 * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT
60 * CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
61 * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
62 * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
63 * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
64 * SOFTWARE.
b43b13ac
UD		 65 */
66
67/*
68 * Portions Copyright (c) 1996-1999 by Internet Software Consortium.
69 *
70 * Permission to use, copy, modify, and distribute this software for any
71 * purpose with or without fee is hereby granted, provided that the above
72 * copyright notice and this permission notice appear in all copies.
73 *
74 * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
75 * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
76 * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
77 * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
78 * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
79 * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
80 * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
81 * SOFTWARE.
28f540f4
RM		 82 */
83
28f540f4
RM		 84/*
85 * Send query to name server and wait for reply.
86 */
87
17a10319 88#include <assert.h>
df21c858 89#include <sys/types.h>
28f540f4
RM		 90#include <sys/param.h>
91#include <sys/time.h>
92#include <sys/socket.h>
93#include <sys/uio.h>
e685e07d 94#include <sys/poll.h>
b43b13ac 95
28f540f4
RM		 96#include <netinet/in.h>
97#include <arpa/nameser.h>
98#include <arpa/inet.h>
0420d888 99#include <sys/ioctl.h>
28f540f4 100
28f540f4 101#include <errno.h>
f433b06b 102#include <fcntl.h>
b43b13ac 103#include <netdb.h>
a7ff1da8 104#include <resolv/resolv-internal.h>
352f4ff9 105#include <resolv/resolv_context.h>
b43b13ac 106#include <signal.h>
b43b13ac
UD		 107#include <stdlib.h>
108#include <string.h>
109#include <unistd.h>
9744268c 110#include <kernel-features.h>
9090848d 111#include <libc-diag.h>
359653aa 112#include <random-bits.h>
b43b13ac 113
0420d888
UD		 114#if PACKETSZ > 65536
115#define MAXPACKET PACKETSZ
116#else
117#define MAXPACKET 65536
118#endif
119
e685e07d 120/* From ev_streams.c. */
e62b2105 121
25337753
UD		 122static inline void
123__attribute ((always_inline))
124evConsIovec(void *buf, size_t cnt, struct iovec *vec) {
125 memset(vec, 0xf5, sizeof (*vec));
126 vec->iov_base = buf;
127 vec->iov_len = cnt;
e685e07d 128}
28f540f4 129
e685e07d 130/* From ev_timers.c. */
30f9ca19 131
b43b13ac 132#define BILLION 1000000000
e685e07d 133
25337753
UD		 134static inline void
135evConsTime(struct timespec *res, time_t sec, long nsec) {
136 res->tv_sec = sec;
137 res->tv_nsec = nsec;
b43b13ac 138}
28f540f4 139
25337753
UD		 140static inline void
141evAddTime(struct timespec *res, const struct timespec *addend1,
142 const struct timespec *addend2) {
143 res->tv_sec = addend1->tv_sec + addend2->tv_sec;
144 res->tv_nsec = addend1->tv_nsec + addend2->tv_nsec;
145 if (res->tv_nsec >= BILLION) {
146 res->tv_sec++;
147 res->tv_nsec -= BILLION;
b43b13ac 148 }
b43b13ac
UD		 149}
150
25337753
UD		 151static inline void
152evSubTime(struct timespec *res, const struct timespec *minuend,
153 const struct timespec *subtrahend) {
154 res->tv_sec = minuend->tv_sec - subtrahend->tv_sec;
155 if (minuend->tv_nsec >= subtrahend->tv_nsec)
156 res->tv_nsec = minuend->tv_nsec - subtrahend->tv_nsec;
b43b13ac 157 else {
25337753
UD		 158 res->tv_nsec = (BILLION
159 - subtrahend->tv_nsec + minuend->tv_nsec);
160 res->tv_sec--;
b43b13ac 161 }
b43b13ac
UD		 162}
163
f1d70dad 164static int
b43b13ac
UD		 165evCmpTime(struct timespec a, struct timespec b) {
166 long x = a.tv_sec - b.tv_sec;
167
168 if (x == 0L)
169 x = a.tv_nsec - b.tv_nsec;
170 return (x < 0L ? (-1) : x > 0L ? (1) : (0));
171}
172
f1d70dad 173static void
25337753 174evNowTime(struct timespec *res) {
4a39c34c 175 __clock_gettime(CLOCK_REALTIME, res);
b43b13ac 176}
b43b13ac 177
28f540f4 178
e685e07d 179#define EXT(res) ((res)->_u._ext)
28f540f4 180
e685e07d
UD		 181/* Forward. */
182
5b757a51 183static struct sockaddr *get_nsaddr (res_state, unsigned int);
e685e07d 184static int send_vc(res_state, const u_char *, int,
1eb946b9
UD		 185 const u_char *, int,
186 u_char **, int *, int *, int, u_char **,
ab09bf61 187 u_char **, int *, int *, int *);
e685e07d 188static int send_dg(res_state, const u_char *, int,
1eb946b9 189 const u_char *, int,
0420d888 190 u_char **, int *, int *, int,
1eb946b9 191 int *, int *, u_char **,
ab09bf61 192 u_char **, int *, int *, int *);
438e8239 193static int sock_eq(struct sockaddr_in6 *, struct sockaddr_in6 *);
e685e07d 194
e685e07d
UD		 195/* Public. */
196
28f540f4
RM		 197/* int
198 * res_isourserver(ina)
199 * looks up "ina" in _res.ns_addr_list[]
200 * returns:
201 * 0 : not found
202 * >0 : found
203 * author:
204 * paul vixie, 29may94
205 */
206int
438e8239 207res_ourserver_p(const res_state statp, const struct sockaddr_in6 *inp)
438e8239 208{
b43b13ac 209 int ns;
28f540f4 210
3a85895f
PB		 211 if (inp->sin6_family == AF_INET) {
212 struct sockaddr_in *in4p = (struct sockaddr_in *) inp;
e62b2105
UD		 213 in_port_t port = in4p->sin_port;
214 in_addr_t addr = in4p->sin_addr.s_addr;
438e8239 215
2212c142 216 for (ns = 0; ns < statp->nscount; ns++) {
3a85895f 217 const struct sockaddr_in *srv =
2212c142 218 (struct sockaddr_in *) get_nsaddr (statp, ns);
438e8239 219
2212c142 220 if ((srv->sin_family == AF_INET) &&
3a85895f
PB		 221 (srv->sin_port == port) &&
222 (srv->sin_addr.s_addr == INADDR_ANY ||
223 srv->sin_addr.s_addr == addr))
224 return (1);
225 }
226 } else if (inp->sin6_family == AF_INET6) {
2212c142
AS		 227 for (ns = 0; ns < statp->nscount; ns++) {
228 const struct sockaddr_in6 *srv
229 = (struct sockaddr_in6 *) get_nsaddr (statp, ns);
230 if ((srv->sin6_family == AF_INET6) &&
3a85895f
PB		 231 (srv->sin6_port == inp->sin6_port) &&
232 !(memcmp(&srv->sin6_addr, &in6addr_any,
233 sizeof (struct in6_addr)) &&
234 memcmp(&srv->sin6_addr, &inp->sin6_addr,
235 sizeof (struct in6_addr))))
236 return (1);
237 }
238 }
b43b13ac 239 return (0);
28f540f4
RM		 240}
241
ded60354
FW		 242int
243res_isourserver (const struct sockaddr_in *inp)
244{
245 return res_ourserver_p (&_res, (const struct sockaddr_in6 *) inp);
246}
247
28f540f4
RM		 248/* int
249 * res_nameinquery(name, type, class, buf, eom)
250 * look for (name,type,class) in the query section of packet (buf,eom)
66715f83 251 * requires:
b43b13ac 252 * buf + HFIXEDSZ <= eom
28f540f4
RM		 253 * returns:
254 * -1 : format error
255 * 0 : not found
256 * >0 : found
257 * author:
258 * paul vixie, 29may94
259 */
260int
b43b13ac
UD		 261res_nameinquery(const char *name, int type, int class,
262 const u_char *buf, const u_char *eom)
28f540f4 263{
b43b13ac 264 const u_char *cp = buf + HFIXEDSZ;
28f540f4
RM		 265 int qdcount = ntohs(((HEADER*)buf)->qdcount);
266
267 while (qdcount-- > 0) {
268 char tname[MAXDNAME+1];
b43b13ac 269 int n, ttype, tclass;
28f540f4
RM		 270
271 n = dn_expand(buf, eom, cp, tname, sizeof tname);
272 if (n < 0)
273 return (-1);
274 cp += n;
66715f83
UD		 275 if (cp + 2 * INT16SZ > eom)
276 return (-1);
697e1628
UD		 277 NS_GET16(ttype, cp);
278 NS_GET16(tclass, cp);
b43b13ac
UD		 279 if (ttype == type && tclass == class &&
280 ns_samename(tname, name) == 1)
28f540f4
RM		 281 return (1);
282 }
283 return (0);
284}
6f9d8e68 285libresolv_hidden_def (res_nameinquery)
28f540f4 286
5b757a51
FW		 287/* Returns a shift value for the name server index. Used to implement
288 RES_ROTATE. */
289static unsigned int
290nameserver_offset (struct __res_state *statp)
291{
292 /* If we only have one name server or rotation is disabled, return
293 offset 0 (no rotation). */
294 unsigned int nscount = statp->nscount;
295 if (nscount <= 1 || !(statp->options & RES_ROTATE))
296 return 0;
297
298 /* Global offset. The lowest bit indicates whether the offset has
299 been initialized with a random value. Use relaxed MO to access
300 global_offset because all we need is a sequence of roughly
301 sequential value. */
302 static unsigned int global_offset;
303 unsigned int offset = atomic_fetch_add_relaxed (&global_offset, 2);
304 if ((offset & 1) == 0)
305 {
306 /* Initialization is required. */
359653aa 307 offset = random_bits ();
5b757a51
FW		 308 /* The lowest bit is the most random. Preserve it. */
309 offset <<= 1;
310
311 /* Store the new starting value. atomic_fetch_add_relaxed
312 returns the old value, so emulate that by storing the new
313 (incremented) value. Concurrent initialization with
314 different random values is harmless. */
315 atomic_store_relaxed (&global_offset, (offset | 1) + 2);
316 }
317
318 /* Remove the initialization bit. */
319 offset >>= 1;
320
321 /* Avoid the division in the most common cases. */
322 switch (nscount)
323 {
324 case 2:
325 return offset & 1;
326 case 3:
327 return offset % 3;
328 case 4:
329 return offset & 3;
330 default:
331 return offset % nscount;
332 }
333}
334
446997ff
FW		 335/* Clear the AD bit unless the trust-ad option was specified in the
336 resolver configuration. */
337static void
338mask_ad_bit (struct resolv_context *ctx, void *buf)
339{
340 if (!(ctx->resp->options & RES_TRUSTAD))
341 ((HEADER *) buf)->ad = 0;
342}
343
28f540f4
RM		 344/* int
345 * res_queriesmatch(buf1, eom1, buf2, eom2)
346 * is there a 1:1 mapping of (name,type,class)
347 * in (buf1,eom1) and (buf2,eom2)?
348 * returns:
349 * -1 : format error
350 * 0 : not a 1:1 mapping
351 * >0 : is a 1:1 mapping
352 * author:
353 * paul vixie, 29may94
354 */
355int
b43b13ac
UD		 356res_queriesmatch(const u_char *buf1, const u_char *eom1,
357 const u_char *buf2, const u_char *eom2)
28f540f4 358{
66715f83
UD		 359 if (buf1 + HFIXEDSZ > eom1 || buf2 + HFIXEDSZ > eom2)
360 return (-1);
361
b43b13ac
UD		 362 /*
363 * Only header section present in replies to
364 * dynamic update packets.
365 */
e685e07d
UD		 366 if ((((HEADER *)buf1)->opcode == ns_o_update) &&
367 (((HEADER *)buf2)->opcode == ns_o_update))
b43b13ac
UD		 368 return (1);
369
697e1628 370 /* Note that we initially do not convert QDCOUNT to the host byte
8e45b1ac 371 order. We can compare it with the second buffer's QDCOUNT
697e1628
UD		 372 value without doing this. */
373 int qdcount = ((HEADER*)buf1)->qdcount;
374 if (qdcount != ((HEADER*)buf2)->qdcount)
28f540f4 375 return (0);
697e1628
UD		 376
377 qdcount = htons (qdcount);
378 const u_char *cp = buf1 + HFIXEDSZ;
379
28f540f4
RM		 380 while (qdcount-- > 0) {
381 char tname[MAXDNAME+1];
b43b13ac 382 int n, ttype, tclass;
28f540f4
RM		 383
384 n = dn_expand(buf1, eom1, cp, tname, sizeof tname);
385 if (n < 0)
386 return (-1);
387 cp += n;
66715f83
UD		 388 if (cp + 2 * INT16SZ > eom1)
389 return (-1);
697e1628
UD		 390 NS_GET16(ttype, cp);
391 NS_GET16(tclass, cp);
28f540f4
RM		 392 if (!res_nameinquery(tname, ttype, tclass, buf2, eom2))
393 return (0);
394 }
395 return (1);
396}
6f9d8e68 397libresolv_hidden_def (res_queriesmatch)
28f540f4
RM		 398
399int
352f4ff9
FW		 400__res_context_send (struct resolv_context *ctx,
401 const unsigned char *buf, int buflen,
402 const unsigned char *buf2, int buflen2,
403 unsigned char *ans, int anssiz,
404 unsigned char **ansp, unsigned char **ansp2,
405 int *nansp2, int *resplen2, int *ansp2_malloced)
28f540f4 406{
352f4ff9 407 struct __res_state *statp = ctx->resp;
d1bc2cbb
SL		 408 int gotsomewhere, terrno, try, v_circuit, resplen;
409 /* On some architectures send_vc is inlined and the compiler might emit
410 a warning indicating 'resplen' may be used uninitialized. Note that
411 the warning belongs to resplen in send_vc which is used as return
412 value! There the maybe-uninitialized warning is already ignored as
413 it is a false-positive - see comment in send_vc.
414 Here the variable n is set to the return value of send_vc.
415 See below. */
416 DIAG_PUSH_NEEDS_COMMENT;
417 DIAG_IGNORE_NEEDS_COMMENT (9, "-Wmaybe-uninitialized");
418 int n;
419 DIAG_POP_NEEDS_COMMENT;
28f540f4 420
e685e07d
UD		 421 if (statp->nscount == 0) {
422 __set_errno (ESRCH);
423 return (-1);
424 }
0420d888 425
1eb946b9 426 if (anssiz < (buf2 == NULL ? 1 : 2) * HFIXEDSZ) {
66715f83
UD		 427 __set_errno (EINVAL);
428 return (-1);
429 }
0420d888 430
1eb946b9
UD		 431 v_circuit = ((statp->options & RES_USEVC)
432 || buflen > PACKETSZ
433 || buflen2 > PACKETSZ);
28f540f4 434 gotsomewhere = 0;
28f540f4 435 terrno = ETIMEDOUT;
28f540f4 436
b43b13ac 437 /*
e685e07d
UD		 438 * If the ns_addr_list in the resolver context has changed, then
439 * invalidate our cached copy and the associated timing data.
b43b13ac 440 */
2212c142 441 if (EXT(statp).nscount != 0) {
e685e07d
UD		 442 int needclose = 0;
443
444 if (EXT(statp).nscount != statp->nscount)
445 needclose++;
446 else
5b757a51 447 for (unsigned int ns = 0; ns < statp->nscount; ns++) {
2212c142 448 if (statp->nsaddr_list[ns].sin_family != 0
b64e1566 449 && !sock_eq((struct sockaddr_in6 *)
2212c142 450 &statp->nsaddr_list[ns],
b64e1566 451 EXT(statp).nsaddrs[ns]))
438e8239 452 {
e685e07d
UD		 453 needclose++;
454 break;
455 }
b64e1566 456 }
2212c142 457 if (needclose) {
cb07f6f6 458 __res_iclose(statp, false);
2212c142
AS		 459 EXT(statp).nscount = 0;
460 }
e685e07d
UD		 461 }
462
463 /*
464 * Maybe initialize our private copy of the ns_addr_list.
465 */
2212c142 466 if (EXT(statp).nscount == 0) {
5b757a51 467 for (unsigned int ns = 0; ns < statp->nscount; ns++) {
2212c142
AS		 468 EXT(statp).nssocks[ns] = -1;
469 if (statp->nsaddr_list[ns].sin_family == 0)
470 continue;
471 if (EXT(statp).nsaddrs[ns] == NULL)
472 EXT(statp).nsaddrs[ns] =
438e8239 473 malloc(sizeof (struct sockaddr_in6));
2212c142
AS		 474 if (EXT(statp).nsaddrs[ns] != NULL)
475 memset (mempcpy(EXT(statp).nsaddrs[ns],
cabba934 476 &statp->nsaddr_list[ns],
0f8f993c
UD		 477 sizeof (struct sockaddr_in)),
478 '\0',
479 sizeof (struct sockaddr_in6)
480 - sizeof (struct sockaddr_in));
f178e59f 481 else
dae6c43c 482 return -1;
b64e1566 483 }
2212c142 484 EXT(statp).nscount = statp->nscount;
e685e07d
UD		 485 }
486
5b757a51
FW		 487 /* Name server index offset. Used to implement
488 RES_ROTATE. */
489 unsigned int ns_offset = nameserver_offset (statp);
30f9ca19 490
28f540f4 491 /*
e685e07d 492 * Send request, RETRY times, or until successful.
28f540f4 493 */
b43b13ac 494 for (try = 0; try < statp->retry; try++) {
5b757a51 495 for (unsigned ns_shift = 0; ns_shift < statp->nscount; ns_shift++)
438e8239 496 {
5b757a51
FW		 497 /* The actual name server index. This implements
498 RES_ROTATE. */
499 unsigned int ns = ns_shift + ns_offset;
500 if (ns >= statp->nscount)
501 ns -= statp->nscount;
438e8239 502
1eb946b9 503 same_ns:
a1ffb40e 504 if (__glibc_unlikely (v_circuit)) {
b43b13ac
UD		 505 /* Use VC; at most one attempt per server. */
506 try = statp->retry;
1eb946b9
UD		 507 n = send_vc(statp, buf, buflen, buf2, buflen2,
508 &ans, &anssiz, &terrno,
ab09bf61
AS		 509 ns, ansp, ansp2, nansp2, resplen2,
510 ansp2_malloced);
e685e07d
UD		 511 if (n < 0)
512 return (-1);
d1bc2cbb
SL		 513 /* See comment at the declaration of n. */
514 DIAG_PUSH_NEEDS_COMMENT;
515 DIAG_IGNORE_NEEDS_COMMENT (9, "-Wmaybe-uninitialized");
57912a71 516 if (n == 0 && (buf2 == NULL || *resplen2 == 0))
28f540f4 517 goto next_ns;
d1bc2cbb 518 DIAG_POP_NEEDS_COMMENT;
28f540f4 519 } else {
e685e07d 520 /* Use datagrams. */
1eb946b9
UD		 521 n = send_dg(statp, buf, buflen, buf2, buflen2,
522 &ans, &anssiz, &terrno,
523 ns, &v_circuit, &gotsomewhere, ansp,
ab09bf61 524 ansp2, nansp2, resplen2, ansp2_malloced);
e685e07d
UD		 525 if (n < 0)
526 return (-1);
57912a71 527 if (n == 0 && (buf2 == NULL || *resplen2 == 0))
b43b13ac 528 goto next_ns;
e685e07d 529 if (v_circuit)
1eb946b9 530 // XXX Check whether both requests failed or
b7da31a1 531 // XXX whether one has been answered successfully
28f540f4 532 goto same_ns;
e685e07d
UD		 533 }
534
1eb946b9
UD		 535 resplen = n;
536
446997ff
FW		 537 /* Mask the AD bit in both responses unless it is
538 marked trusted. */
539 if (resplen > HFIXEDSZ)
540 {
541 if (ansp != NULL)
542 mask_ad_bit (ctx, *ansp);
543 else
544 mask_ad_bit (ctx, ans);
545 }
546 if (resplen2 != NULL && *resplen2 > HFIXEDSZ)
547 mask_ad_bit (ctx, *ansp2);
548
28f540f4 549 /*
28f540f4
RM		 550 * If we have temporarily opened a virtual circuit,
551 * or if we haven't been asked to keep a socket open,
552 * close the socket.
553 */
e685e07d
UD		 554 if ((v_circuit && (statp->options & RES_USEVC) == 0) ||
555 (statp->options & RES_STAYOPEN) == 0) {
cb07f6f6 556 __res_iclose(statp, false);
28f540f4 557 }
b43b13ac
UD		 558 return (resplen);
559 next_ns: ;
28f540f4
RM		 560 } /*foreach ns*/
561 } /*foreach retry*/
cb07f6f6 562 __res_iclose(statp, false);
7ef90c15 563 if (!v_circuit) {
28f540f4 564 if (!gotsomewhere)
b43b13ac 565 __set_errno (ECONNREFUSED); /* no nameservers found */
28f540f4 566 else
b43b13ac 567 __set_errno (ETIMEDOUT); /* no answer obtained */
7ef90c15 568 } else
c4029823 569 __set_errno (terrno);
b43b13ac 570 return (-1);
28f540f4
RM		 571}
572
352f4ff9
FW		 573/* Common part of res_nsend and res_send. */
574static int
575context_send_common (struct resolv_context *ctx,
576 const unsigned char *buf, int buflen,
577 unsigned char *ans, int anssiz)
578{
579 if (ctx == NULL)
580 {
581 RES_SET_H_ERRNO (&_res, NETDB_INTERNAL);
582 return -1;
583 }
584 int result = __res_context_send (ctx, buf, buflen, NULL, 0, ans, anssiz,
585 NULL, NULL, NULL, NULL, NULL);
586 __resolv_context_put (ctx);
587 return result;
588}
589
0420d888 590int
352f4ff9
FW		 591res_nsend (res_state statp, const unsigned char *buf, int buflen,
592 unsigned char *ans, int anssiz)
0420d888 593{
352f4ff9
FW		 594 return context_send_common
595 (__resolv_context_get_override (statp), buf, buflen, ans, anssiz);
0420d888
UD		 596}
597
ded60354
FW		 598int
599res_send (const unsigned char *buf, int buflen, unsigned char *ans, int anssiz)
600{
352f4ff9
FW		 601 return context_send_common
602 (__resolv_context_get (), buf, buflen, ans, anssiz);
ded60354
FW		 603}
604
e685e07d
UD		 605/* Private */
606
2212c142 607static struct sockaddr *
5b757a51 608get_nsaddr (res_state statp, unsigned int n)
2212c142 609{
5b757a51 610 assert (n < statp->nscount);
2212c142
AS		 611
612 if (statp->nsaddr_list[n].sin_family == 0 && EXT(statp).nsaddrs[n] != NULL)
613 /* EXT(statp).nsaddrs[n] holds an address that is larger than
614 struct sockaddr, and user code did not update
615 statp->nsaddr_list[n]. */
616 return (struct sockaddr *) EXT(statp).nsaddrs[n];
617 else
618 /* User code updated statp->nsaddr_list[n], or statp->nsaddr_list[n]
619 has the same content as EXT(statp).nsaddrs[n]. */
620 return (struct sockaddr *) (void *) &statp->nsaddr_list[n];
621}
622
b66d837b
FW		 623/* Close the resolver structure, assign zero to *RESPLEN2 if RESPLEN2
624 is not NULL, and return zero. */
625static int
626__attribute__ ((warn_unused_result))
627close_and_return_error (res_state statp, int *resplen2)
628{
629 __res_iclose(statp, false);
630 if (resplen2 != NULL)
631 *resplen2 = 0;
632 return 0;
633}
634
e9db92d3
CD		 635/* The send_vc function is responsible for sending a DNS query over TCP
636 to the nameserver numbered NS from the res_state STATP i.e.
637 EXT(statp).nssocks[ns]. The function supports sending both IPv4 and
638 IPv6 queries at the same serially on the same socket.
639
640 Please note that for TCP there is no way to disable sending both
641 queries, unlike UDP, which honours RES_SNGLKUP and RES_SNGLKUPREOP
642 and sends the queries serially and waits for the result after each
12f1ae05 643 sent query. This implementation should be corrected to honour these
e9db92d3
CD		 644 options.
645
646 Please also note that for TCP we send both queries over the same
647 socket one after another. This technically violates best practice
648 since the server is allowed to read the first query, respond, and
649 then close the socket (to service another client). If the server
650 does this, then the remaining second query in the socket data buffer
651 will cause the server to send the client an RST which will arrive
652 asynchronously and the client's OS will likely tear down the socket
653 receive buffer resulting in a potentially short read and lost
654 response data. This will force the client to retry the query again,
655 and this process may repeat until all servers and connection resets
656 are exhausted and then the query will fail. It's not known if this
657 happens with any frequency in real DNS server implementations. This
658 implementation should be corrected to use two sockets by default for
659 parallel queries.
660
661 The query stored in BUF of BUFLEN length is sent first followed by
662 the query stored in BUF2 of BUFLEN2 length. Queries are sent
663 serially on the same socket.
664
665 Answers to the query are stored firstly in *ANSP up to a max of
666 *ANSSIZP bytes. If more than *ANSSIZP bytes are needed and ANSCP
667 is non-NULL (to indicate that modifying the answer buffer is allowed)
668 then malloc is used to allocate a new response buffer and ANSCP and
669 ANSP will both point to the new buffer. If more than *ANSSIZP bytes
670 are needed but ANSCP is NULL, then as much of the response as
671 possible is read into the buffer, but the results will be truncated.
672 When truncation happens because of a small answer buffer the DNS
673 packets header field TC will bet set to 1, indicating a truncated
674 message and the rest of the socket data will be read and discarded.
675
676 Answers to the query are stored secondly in *ANSP2 up to a max of
677 *ANSSIZP2 bytes, with the actual response length stored in
678 *RESPLEN2. If more than *ANSSIZP bytes are needed and ANSP2
679 is non-NULL (required for a second query) then malloc is used to
680 allocate a new response buffer, *ANSSIZP2 is set to the new buffer
681 size and *ANSP2_MALLOCED is set to 1.
682
683 The ANSP2_MALLOCED argument will eventually be removed as the
684 change in buffer pointer can be used to detect the buffer has
685 changed and that the caller should use free on the new buffer.
686
687 Note that the answers may arrive in any order from the server and
688 therefore the first and second answer buffers may not correspond to
689 the first and second queries.
690
691 It is not supported to call this function with a non-NULL ANSP2
692 but a NULL ANSCP. Put another way, you can call send_vc with a
693 single unmodifiable buffer or two modifiable buffers, but no other
694 combination is supported.
695
696 It is the caller's responsibility to free the malloc allocated
697 buffers by detecting that the pointers have changed from their
698 original values i.e. *ANSCP or *ANSP2 has changed.
699
700 If errors are encountered then *TERRNO is set to an appropriate
701 errno value and a zero result is returned for a recoverable error,
702 and a less-than zero result is returned for a non-recoverable error.
703
704 If no errors are encountered then *TERRNO is left unmodified and
705 a the length of the first response in bytes is returned. */
e685e07d
UD		 706static int
707send_vc(res_state statp,
1eb946b9
UD		 708 const u_char *buf, int buflen, const u_char *buf2, int buflen2,
709 u_char **ansp, int *anssizp,
710 int *terrno, int ns, u_char **anscp, u_char **ansp2, int *anssizp2,
ab09bf61 711 int *resplen2, int *ansp2_malloced)
e685e07d
UD		 712{
713 const HEADER *hp = (HEADER *) buf;
1eb946b9 714 const HEADER *hp2 = (HEADER *) buf2;
e9db92d3 715 HEADER *anhp = (HEADER *) *ansp;
2212c142 716 struct sockaddr *nsap = get_nsaddr (statp, ns);
48e435cd
SL		 717 int truncating, connreset, n;
718 /* On some architectures compiler might emit a warning indicating
719 'resplen' may be used uninitialized. However if buf2 == NULL
720 then this code won't be executed; if buf2 != NULL, then first
721 time round the loop recvresp1 and recvresp2 will be 0 so this
722 code won't be executed but "thisresplenp = &resplen;" followed
723 by "*thisresplenp = rlen;" will be executed so that subsequent
724 times round the loop resplen has been initialized. So this is
725 a false-positive.
726 */
48e435cd 727 DIAG_PUSH_NEEDS_COMMENT;
0cb9dcc8 728 DIAG_IGNORE_NEEDS_COMMENT (5, "-Wmaybe-uninitialized");
48e435cd 729 int resplen;
48e435cd 730 DIAG_POP_NEEDS_COMMENT;
1eb946b9 731 struct iovec iov[4];
e685e07d 732 u_short len;
1eb946b9 733 u_short len2;
e685e07d
UD		 734 u_char *cp;
735
736 connreset = 0;
737 same_ns:
738 truncating = 0;
739
740 /* Are we still talking to whom we want to talk to? */
741 if (statp->_vcsock >= 0 && (statp->_flags & RES_F_VC) != 0) {
438e8239 742 struct sockaddr_in6 peer;
9cfe5381 743 socklen_t size = sizeof peer;
e685e07d
UD		 744
745 if (getpeername(statp->_vcsock,
746 (struct sockaddr *)&peer, &size) < 0 ||
2212c142
AS		 747 !sock_eq(&peer, (struct sockaddr_in6 *) nsap)) {
748 __res_iclose(statp, false);
e685e07d
UD		 749 statp->_flags &= ~RES_F_VC;
750 }
751 }
752
753 if (statp->_vcsock < 0 || (statp->_flags & RES_F_VC) == 0) {
754 if (statp->_vcsock >= 0)
cb07f6f6 755 __res_iclose(statp, false);
e685e07d 756
2f83a729
FW		 757 statp->_vcsock = socket
758 (nsap->sa_family, SOCK_STREAM | SOCK_CLOEXEC, 0);
e685e07d
UD		 759 if (statp->_vcsock < 0) {
760 *terrno = errno;
b9bdfa7c
FW		 761 if (resplen2 != NULL)
762 *resplen2 = 0;
e685e07d
UD		 763 return (-1);
764 }
765 __set_errno (0);
2212c142
AS		 766 if (connect(statp->_vcsock, nsap,
767 nsap->sa_family == AF_INET
9fc42dfd
UD		 768 ? sizeof (struct sockaddr_in)
769 : sizeof (struct sockaddr_in6)) < 0) {
e685e07d 770 *terrno = errno;
b9bdfa7c 771 return close_and_return_error (statp, resplen2);
e685e07d
UD		 772 }
773 statp->_flags |= RES_F_VC;
28f540f4 774 }
e685e07d
UD		 775
776 /*
777 * Send length & message
778 */
1eb946b9 779 len = htons ((u_short) buflen);
25337753
UD		 780 evConsIovec(&len, INT16SZ, &iov[0]);
781 evConsIovec((void*)buf, buflen, &iov[1]);
1eb946b9
UD		 782 int niov = 2;
783 ssize_t explen = INT16SZ + buflen;
784 if (buf2 != NULL) {
785 len2 = htons ((u_short) buflen2);
786 evConsIovec(&len2, INT16SZ, &iov[2]);
787 evConsIovec((void*)buf2, buflen2, &iov[3]);
788 niov = 4;
789 explen += INT16SZ + buflen2;
790 }
791 if (TEMP_FAILURE_RETRY (writev(statp->_vcsock, iov, niov)) != explen) {
e685e07d 792 *terrno = errno;
b9bdfa7c 793 return close_and_return_error (statp, resplen2);
e685e07d
UD		 794 }
795 /*
796 * Receive length & response
797 */
1eb946b9 798 int recvresp1 = 0;
e9db92d3
CD		 799 /* Skip the second response if there is no second query.
800 To do that we mark the second response as received. */
1eb946b9 801 int recvresp2 = buf2 == NULL;
b7da31a1 802 uint16_t rlen16;
e39e6946
UD		 803 read_len:
804 cp = (u_char *)&rlen16;
b7da31a1 805 len = sizeof(rlen16);
e39e6946 806 while ((n = TEMP_FAILURE_RETRY (read(statp->_vcsock, cp,
25337753 807 (int)len))) > 0) {
e685e07d
UD		 808 cp += n;
809 if ((len -= n) <= 0)
810 break;
811 }
812 if (n <= 0) {
813 *terrno = errno;
e685e07d
UD		 814 /*
815 * A long running process might get its TCP
816 * connection reset if the remote server was
817 * restarted. Requery the server instead of
818 * trying a new one. When there is only one
819 * server, this means that a query might work
820 * instead of failing. We only allow one reset
821 * per query to prevent looping.
822 */
b9bdfa7c
FW		 823 if (*terrno == ECONNRESET && !connreset)
824 {
825 __res_iclose (statp, false);
826 connreset = 1;
827 goto same_ns;
828 }
829 return close_and_return_error (statp, resplen2);
e685e07d 830 }
b7da31a1 831 int rlen = ntohs (rlen16);
1eb946b9
UD		 832
833 int *thisanssizp;
834 u_char **thisansp;
835 int *thisresplenp;
836 if ((recvresp1 | recvresp2) == 0 || buf2 == NULL) {
e9db92d3
CD		 837 /* We have not received any responses
838 yet or we only have one response to
839 receive. */
1eb946b9
UD		 840 thisanssizp = anssizp;
841 thisansp = anscp ?: ansp;
842 assert (anscp != NULL || ansp2 == NULL);
843 thisresplenp = &resplen;
844 } else {
1eb946b9
UD		 845 thisanssizp = anssizp2;
846 thisansp = ansp2;
847 thisresplenp = resplen2;
848 }
849 anhp = (HEADER *) *thisansp;
850
b7da31a1 851 *thisresplenp = rlen;
e9db92d3
CD		 852 /* Is the answer buffer too small? */
853 if (*thisanssizp < rlen) {
854 /* If the current buffer is not the the static
855 user-supplied buffer then we can reallocate
856 it. */
857 if (thisansp != NULL && thisansp != ansp) {
858 /* Always allocate MAXPACKET, callers expect
859 this specific size. */
1eb946b9 860 u_char *newp = malloc (MAXPACKET);
b9bdfa7c
FW		 861 if (newp == NULL)
862 {
863 *terrno = ENOMEM;
864 return close_and_return_error (statp, resplen2);
865 }
1eb946b9
UD		 866 *thisanssizp = MAXPACKET;
867 *thisansp = newp;
ab09bf61
AS		 868 if (thisansp == ansp2)
869 *ansp2_malloced = 1;
1eb946b9 870 anhp = (HEADER *) newp;
e9db92d3
CD		 871 /* A uint16_t can't be larger than MAXPACKET
872 thus it's safe to allocate MAXPACKET but
873 read RLEN bytes instead. */
b7da31a1 874 len = rlen;
0420d888 875 } else {
0420d888 876 truncating = 1;
1eb946b9 877 len = *thisanssizp;
0420d888 878 }
e685e07d 879 } else
b7da31a1 880 len = rlen;
1eb946b9 881
a1ffb40e 882 if (__glibc_unlikely (len < HFIXEDSZ)) {
e685e07d
UD		 883 /*
884 * Undersized message.
885 */
e685e07d 886 *terrno = EMSGSIZE;
b9bdfa7c 887 return close_and_return_error (statp, resplen2);
e685e07d 888 }
1eb946b9
UD		 889
890 cp = *thisansp;
e685e07d
UD		 891 while (len != 0 && (n = read(statp->_vcsock, (char *)cp, (int)len)) > 0){
892 cp += n;
893 len -= n;
894 }
a1ffb40e 895 if (__glibc_unlikely (n <= 0)) {
e685e07d 896 *terrno = errno;
b9bdfa7c 897 return close_and_return_error (statp, resplen2);
e685e07d 898 }
a1ffb40e 899 if (__glibc_unlikely (truncating)) {
e685e07d
UD		 900 /*
901 * Flush rest of answer so connection stays in synch.
902 */
903 anhp->tc = 1;
b7da31a1 904 len = rlen - *thisanssizp;
e685e07d
UD		 905 while (len != 0) {
906 char junk[PACKETSZ];
907
908 n = read(statp->_vcsock, junk,
909 (len > sizeof junk) ? sizeof junk : len);
910 if (n > 0)
911 len -= n;
912 else
913 break;
914 }
915 }
916 /*
c0c3f78a 917 * If the calling application has bailed out of
e685e07d
UD		 918 * a previous call and failed to arrange to have
919 * the circuit closed or the server has got
920 * itself confused, then drop the packet and
921 * wait for the correct one.
922 */
1eb946b9 923 if ((recvresp1 || hp->id != anhp->id)
09fbb56a 924 && (recvresp2 || hp2->id != anhp->id))
e685e07d 925 goto read_len;
e685e07d 926
1eb946b9
UD		 927 /* Mark which reply we received. */
928 if (recvresp1 == 0 && hp->id == anhp->id)
929 recvresp1 = 1;
930 else
931 recvresp2 = 1;
932 /* Repeat waiting if we have a second answer to arrive. */
933 if ((recvresp1 & recvresp2) == 0)
934 goto read_len;
935
e685e07d
UD		 936 /*
937 * All is well, or the error is fatal. Signal that the
938 * next nameserver ought not be tried.
939 */
b7da31a1 940 return resplen;
28f540f4 941}
845dcb57 942
b43b13ac 943static int
44d20bca 944reopen (res_state statp, int *terrno, int ns)
e685e07d 945{
e685e07d 946 if (EXT(statp).nssocks[ns] == -1) {
2212c142 947 struct sockaddr *nsap = get_nsaddr (statp, ns);
ace4e23f 948 socklen_t slen;
44d20bca 949
438e8239 950 /* only try IPv6 if IPv6 NS and if not failed before */
ace4e23f 951 if (nsap->sa_family == AF_INET6 && !statp->ipv6_unavail) {
2f83a729
FW		 952 EXT(statp).nssocks[ns] = socket
953 (PF_INET6,
954 SOCK_DGRAM | SOCK_NONBLOCK | SOCK_CLOEXEC, 0);
ae1ad3ae
UD		 955 if (EXT(statp).nssocks[ns] < 0)
956 statp->ipv6_unavail = errno == EAFNOSUPPORT;
ace4e23f
UD		 957 slen = sizeof (struct sockaddr_in6);
958 } else if (nsap->sa_family == AF_INET) {
2f83a729
FW		 959 EXT(statp).nssocks[ns] = socket
960 (PF_INET,
961 SOCK_DGRAM | SOCK_NONBLOCK | SOCK_CLOEXEC, 0);
ace4e23f 962 slen = sizeof (struct sockaddr_in);
9744268c 963 }
e685e07d
UD		 964 if (EXT(statp).nssocks[ns] < 0) {
965 *terrno = errno;
e685e07d
UD		 966 return (-1);
967 }
ae1ad3ae 968
08504de7
FW		 969 /* Enable full ICMP error reporting for this
970 socket. */
971 if (__res_enable_icmp (nsap->sa_family,
972 EXT (statp).nssocks[ns]) < 0)
973 {
974 int saved_errno = errno;
975 __res_iclose (statp, false);
976 __set_errno (saved_errno);
977 *terrno = saved_errno;
978 return -1;
979 }
980
e685e07d
UD		 981 /*
982 * On a 4.3BSD+ machine (client and server,
983 * actually), sending to a nameserver datagram
984 * port with no nameserver will cause an
985 * ICMP port unreachable message to be returned.
986 * If our datagram socket is "connected" to the
987 * server, we get an ECONNREFUSED error on the next
988 * socket operation, and select returns if the
989 * error message is received. We can thus detect
990 * the absence of a nameserver without timing out.
991 */
93fe09cb
CD		 992 /* With GCC 5.3 when compiling with -Os the compiler
993 emits a warning that slen may be used uninitialized,
994 but that is never true. Both slen and
995 EXT(statp).nssocks[ns] are initialized together or
996 the function return -1 before control flow reaches
997 the call to connect with slen. */
998 DIAG_PUSH_NEEDS_COMMENT;
0cb9dcc8 999 DIAG_IGNORE_Os_NEEDS_COMMENT (5, "-Wmaybe-uninitialized");
ace4e23f 1000 if (connect(EXT(statp).nssocks[ns], nsap, slen) < 0) {
93fe09cb 1001 DIAG_POP_NEEDS_COMMENT;
cb07f6f6 1002 __res_iclose(statp, false);
e685e07d
UD		 1003 return (0);
1004 }
e685e07d 1005 }
17a10319 1006
44d20bca
UD		 1007 return 1;
1008}
1009
e9db92d3
CD		 1010/* The send_dg function is responsible for sending a DNS query over UDP
1011 to the nameserver numbered NS from the res_state STATP i.e.
1012 EXT(statp).nssocks[ns]. The function supports IPv4 and IPv6 queries
1013 along with the ability to send the query in parallel for both stacks
1014 (default) or serially (RES_SINGLKUP). It also supports serial lookup
1015 with a close and reopen of the socket used to talk to the server
1016 (RES_SNGLKUPREOP) to work around broken name servers.
1017
1018 The query stored in BUF of BUFLEN length is sent first followed by
1019 the query stored in BUF2 of BUFLEN2 length. Queries are sent
1020 in parallel (default) or serially (RES_SINGLKUP or RES_SNGLKUPREOP).
1021
1022 Answers to the query are stored firstly in *ANSP up to a max of
1023 *ANSSIZP bytes. If more than *ANSSIZP bytes are needed and ANSCP
1024 is non-NULL (to indicate that modifying the answer buffer is allowed)
1025 then malloc is used to allocate a new response buffer and ANSCP and
1026 ANSP will both point to the new buffer. If more than *ANSSIZP bytes
1027 are needed but ANSCP is NULL, then as much of the response as
1028 possible is read into the buffer, but the results will be truncated.
1029 When truncation happens because of a small answer buffer the DNS
1030 packets header field TC will bet set to 1, indicating a truncated
1031 message, while the rest of the UDP packet is discarded.
1032
1033 Answers to the query are stored secondly in *ANSP2 up to a max of
1034 *ANSSIZP2 bytes, with the actual response length stored in
1035 *RESPLEN2. If more than *ANSSIZP bytes are needed and ANSP2
1036 is non-NULL (required for a second query) then malloc is used to
1037 allocate a new response buffer, *ANSSIZP2 is set to the new buffer
1038 size and *ANSP2_MALLOCED is set to 1.
1039
1040 The ANSP2_MALLOCED argument will eventually be removed as the
1041 change in buffer pointer can be used to detect the buffer has
1042 changed and that the caller should use free on the new buffer.
1043
1044 Note that the answers may arrive in any order from the server and
1045 therefore the first and second answer buffers may not correspond to
1046 the first and second queries.
1047
1048 It is not supported to call this function with a non-NULL ANSP2
1049 but a NULL ANSCP. Put another way, you can call send_vc with a
1050 single unmodifiable buffer or two modifiable buffers, but no other
1051 combination is supported.
1052
1053 It is the caller's responsibility to free the malloc allocated
1054 buffers by detecting that the pointers have changed from their
1055 original values i.e. *ANSCP or *ANSP2 has changed.
1056
1057 If an answer is truncated because of UDP datagram DNS limits then
1058 *V_CIRCUIT is set to 1 and the return value non-zero to indicate to
1059 the caller to retry with TCP. The value *GOTSOMEWHERE is set to 1
1060 if any progress was made reading a response from the nameserver and
1061 is used by the caller to distinguish between ECONNREFUSED and
1062 ETIMEDOUT (the latter if *GOTSOMEWHERE is 1).
1063
1064 If errors are encountered then *TERRNO is set to an appropriate
1065 errno value and a zero result is returned for a recoverable error,
1066 and a less-than zero result is returned for a non-recoverable error.
1067
1068 If no errors are encountered then *TERRNO is left unmodified and
1069 a the length of the first response in bytes is returned. */
44d20bca
UD		 1070static int
1071send_dg(res_state statp,
1072 const u_char *buf, int buflen, const u_char *buf2, int buflen2,
1073 u_char **ansp, int *anssizp,
1074 int *terrno, int ns, int *v_circuit, int *gotsomewhere, u_char **anscp,
ab09bf61 1075 u_char **ansp2, int *anssizp2, int *resplen2, int *ansp2_malloced)
44d20bca
UD		 1076{
1077 const HEADER *hp = (HEADER *) buf;
1078 const HEADER *hp2 = (HEADER *) buf2;
44d20bca
UD		 1079 struct timespec now, timeout, finish;
1080 struct pollfd pfd[1];
3a85895f 1081 int ptimeout;
44d20bca 1082 struct sockaddr_in6 from;
75ded9bc
UD		 1083 int resplen = 0;
1084 int n;
44d20bca 1085
f433b06b
UD		 1086 /*
1087 * Compute time for the total operation.
1088 */
ae061910 1089 int seconds = (statp->retrans << ns);
f433b06b
UD		 1090 if (ns > 0)
1091 seconds /= statp->nscount;
1092 if (seconds <= 0)
1093 seconds = 1;
44d20bca 1094 bool single_request_reopen = (statp->options & RES_SNGLKUPREOP) != 0;
c030f70c
UD		 1095 bool single_request = (((statp->options & RES_SNGLKUP) != 0)
1096 | single_request_reopen);
ae061910 1097 int save_gotsomewhere = *gotsomewhere;
44d20bca
UD		 1098
1099 int retval;
1100 retry_reopen:
1101 retval = reopen (statp, terrno, ns);
1102 if (retval <= 0)
b66d837b
FW		 1103 {
1104 if (resplen2 != NULL)
1105 *resplen2 = 0;
1106 return retval;
1107 }
ae061910 1108 retry:
f433b06b
UD		 1109 evNowTime(&now);
1110 evConsTime(&timeout, seconds, 0);
1111 evAddTime(&finish, &now, &timeout);
1112 int need_recompute = 0;
17a10319 1113 int nwritten = 0;
1eb946b9 1114 int recvresp1 = 0;
e9db92d3
CD		 1115 /* Skip the second response if there is no second query.
1116 To do that we mark the second response as received. */
1eb946b9 1117 int recvresp2 = buf2 == NULL;
17a10319
UD		 1118 pfd[0].fd = EXT(statp).nssocks[ns];
1119 pfd[0].events = POLLOUT;
1120 wait:
1121 if (need_recompute) {
8e45b1ac 1122 recompute_resend:
17a10319
UD		 1123 evNowTime(&now);
1124 if (evCmpTime(finish, now) <= 0) {
8e45b1ac 1125 poll_err_out:
b66d837b 1126 return close_and_return_error (statp, resplen2);
17a10319
UD		 1127 }
1128 evSubTime(&timeout, &finish, &now);
ae061910 1129 need_recompute = 0;
17a10319 1130 }
3a85895f 1131 /* Convert struct timespec in milliseconds. */
f433b06b
UD		 1132 ptimeout = timeout.tv_sec * 1000 + timeout.tv_nsec / 1000000;
1133
17a10319
UD		 1134 n = 0;
1135 if (nwritten == 0)
1136 n = __poll (pfd, 1, 0);
a1ffb40e 1137 if (__glibc_unlikely (n == 0)) {
f433b06b
UD		 1138 n = __poll (pfd, 1, ptimeout);
1139 need_recompute = 1;
1140 }
f433b06b 1141 if (n == 0) {
74b3cf22 1142 if (resplen > 1 && (recvresp1 || (buf2 != NULL && recvresp2)))
e2003883 1143 {
ae061910
UD		 1144 /* There are quite a few broken name servers out
1145 there which don't handle two outstanding
1146 requests from the same source. There are also
1147 broken firewall settings. If we time out after
1148 having received one answer switch to the mode
1149 where we send the second request only once we
1150 have received the first answer. */
74b3cf22
UD		 1151 if (!single_request)
1152 {
310647e9 1153 statp->options |= RES_SNGLKUP;
74b3cf22
UD		 1154 single_request = true;
1155 *gotsomewhere = save_gotsomewhere;
1156 goto retry;
1157 }
44d20bca
UD		 1158 else if (!single_request_reopen)
1159 {
1160 statp->options |= RES_SNGLKUPREOP;
1161 single_request_reopen = true;
1162 *gotsomewhere = save_gotsomewhere;
1163 __res_iclose (statp, false);
1164 goto retry_reopen;
1165 }
74b3cf22
UD		 1166
1167 *resplen2 = 1;
1168 return resplen;
e2003883 1169 }
5908f779 1170
f433b06b 1171 *gotsomewhere = 1;
b66d837b
FW		 1172 if (resplen2 != NULL)
1173 *resplen2 = 0;
1174 return 0;
f433b06b
UD		 1175 }
1176 if (n < 0) {
8e45b1ac
UD		 1177 if (errno == EINTR)
1178 goto recompute_resend;
1179
1180 goto poll_err_out;
f433b06b
UD		 1181 }
1182 __set_errno (0);
17a10319 1183 if (pfd[0].revents & POLLOUT) {
c030f70c
UD		 1184#ifndef __ASSUME_SENDMMSG
1185 static int have_sendmmsg;
1186#else
1187# define have_sendmmsg 1
1188#endif
1189 if (have_sendmmsg >= 0 && nwritten == 0 && buf2 != NULL
1190 && !single_request)
1191 {
583a27d5
FW		 1192 struct iovec iov =
1193 { .iov_base = (void *) buf, .iov_len = buflen };
1194 struct iovec iov2 =
1195 { .iov_base = (void *) buf2, .iov_len = buflen2 };
1196 struct mmsghdr reqs[2] =
1197 {
1198 {
1199 .msg_hdr =
1200 {
1201 .msg_iov = &iov,
1202 .msg_iovlen = 1,
1203 },
1204 },
1205 {
1206 .msg_hdr =
1207 {
1208 .msg_iov = &iov2,
1209 .msg_iovlen = 1,
1210 }
1211 },
1212 };
c030f70c 1213
123be9de 1214 int ndg = __sendmmsg (pfd[0].fd, reqs, 2, MSG_NOSIGNAL);
a1ffb40e 1215 if (__glibc_likely (ndg == 2))
c030f70c 1216 {
966977f1
UD		 1217 if (reqs[0].msg_len != buflen
1218 || reqs[1].msg_len != buflen2)
1219 goto fail_sendmmsg;
1eb946b9 1220
c030f70c
UD		 1221 pfd[0].events = POLLIN;
1222 nwritten += 2;
1223 }
1224 else if (ndg == 1 && reqs[0].msg_len == buflen)
1225 goto just_one;
966977f1 1226 else if (ndg < 0 && (errno == EINTR || errno == EAGAIN))
c030f70c
UD		 1227 goto recompute_resend;
1228 else
1229 {
1230#ifndef __ASSUME_SENDMMSG
a1ffb40e 1231 if (__glibc_unlikely (have_sendmmsg == 0))
c030f70c 1232 {
966977f1 1233 if (ndg < 0 && errno == ENOSYS)
c030f70c
UD		 1234 {
1235 have_sendmmsg = -1;
1236 goto try_send;
1237 }
1238 have_sendmmsg = 1;
1239 }
1240#endif
1241
966977f1 1242 fail_sendmmsg:
b66d837b 1243 return close_and_return_error (statp, resplen2);
c030f70c
UD		 1244 }
1245 }
1eb946b9 1246 else
c030f70c
UD		 1247 {
1248 ssize_t sr;
1249#ifndef __ASSUME_SENDMMSG
1250 try_send:
1251#endif
1252 if (nwritten != 0)
1253 sr = send (pfd[0].fd, buf2, buflen2, MSG_NOSIGNAL);
1254 else
1255 sr = send (pfd[0].fd, buf, buflen, MSG_NOSIGNAL);
1256
8e6d1083 1257 if (sr != (nwritten != 0 ? buflen2 : buflen)) {
c030f70c
UD		 1258 if (errno == EINTR || errno == EAGAIN)
1259 goto recompute_resend;
b66d837b 1260 return close_and_return_error (statp, resplen2);
c030f70c
UD		 1261 }
1262 just_one:
1263 if (nwritten != 0 || buf2 == NULL || single_request)
1264 pfd[0].events = POLLIN;
1265 else
1266 pfd[0].events = POLLIN | POLLOUT;
1267 ++nwritten;
1268 }
17a10319 1269 goto wait;
8aeb5058 1270 } else if (pfd[0].revents & POLLIN) {
1eb946b9
UD		 1271 int *thisanssizp;
1272 u_char **thisansp;
1273 int *thisresplenp;
1274
1275 if ((recvresp1 | recvresp2) == 0 || buf2 == NULL) {
e9db92d3
CD		 1276 /* We have not received any responses
1277 yet or we only have one response to
1278 receive. */
1eb946b9
UD		 1279 thisanssizp = anssizp;
1280 thisansp = anscp ?: ansp;
1281 assert (anscp != NULL || ansp2 == NULL);
1282 thisresplenp = &resplen;
1283 } else {
1eb946b9
UD		 1284 thisanssizp = anssizp2;
1285 thisansp = ansp2;
1286 thisresplenp = resplen2;
1287 }
1288
1289 if (*thisanssizp < MAXPACKET
e9db92d3
CD		 1290 /* If the current buffer is not the the static
1291 user-supplied buffer then we can reallocate
1292 it. */
1293 && (thisansp != NULL && thisansp != ansp)
c4e42566 1294#ifdef FIONREAD
e9db92d3 1295 /* Is the size too small? */
1eb946b9 1296 && (ioctl (pfd[0].fd, FIONREAD, thisresplenp) < 0
c4e42566
RM		 1297 || *thisanssizp < *thisresplenp)
1298#endif
1299 ) {
e9db92d3
CD		 1300 /* Always allocate MAXPACKET, callers expect
1301 this specific size. */
1eb946b9
UD		 1302 u_char *newp = malloc (MAXPACKET);
1303 if (newp != NULL) {
e9db92d3
CD		 1304 *thisanssizp = MAXPACKET;
1305 *thisansp = newp;
ab09bf61
AS		 1306 if (thisansp == ansp2)
1307 *ansp2_malloced = 1;
17a10319
UD		 1308 }
1309 }
e9db92d3
CD		 1310 /* We could end up with truncation if anscp was NULL
1311 (not allowed to change caller's buffer) and the
1312 response buffer size is too small. This isn't a
1313 reliable way to detect truncation because the ioctl
1314 may be an inaccurate report of the UDP message size.
1315 Therefore we use this only to issue debug output.
1316 To do truncation accurately with UDP we need
1317 MSG_TRUNC which is only available on Linux. We
1318 can abstract out the Linux-specific feature in the
1319 future to detect truncation. */
1eb946b9
UD		 1320 HEADER *anhp = (HEADER *) *thisansp;
1321 socklen_t fromlen = sizeof(struct sockaddr_in6);
1322 assert (sizeof(from) <= fromlen);
1323 *thisresplenp = recvfrom(pfd[0].fd, (char*)*thisansp,
1324 *thisanssizp, 0,
1325 (struct sockaddr *)&from, &fromlen);
a1ffb40e 1326 if (__glibc_unlikely (*thisresplenp <= 0)) {
17a10319
UD		 1327 if (errno == EINTR || errno == EAGAIN) {
1328 need_recompute = 1;
1329 goto wait;
1330 }
b66d837b 1331 return close_and_return_error (statp, resplen2);
17a10319 1332 }
e685e07d 1333 *gotsomewhere = 1;
a1ffb40e 1334 if (__glibc_unlikely (*thisresplenp < HFIXEDSZ)) {
17a10319
UD		 1335 /*
1336 * Undersized message.
1337 */
17a10319 1338 *terrno = EMSGSIZE;
b66d837b 1339 return close_and_return_error (statp, resplen2);
17a10319 1340 }
1eb946b9
UD		 1341 if ((recvresp1 || hp->id != anhp->id)
1342 && (recvresp2 || hp2->id != anhp->id)) {
17a10319
UD		 1343 /*
1344 * response from old query, ignore it.
1345 * XXX - potential security hazard could
1346 * be detected here.
1347 */
f433b06b 1348 goto wait;
e685e07d 1349 }
33322186
FW		 1350
1351 /* Paranoia check. Due to the connected UDP socket,
1352 the kernel has already filtered invalid addresses
1353 for us. */
1354 if (!res_ourserver_p(statp, &from))
1355 goto wait;
1356
1357 /* Check for the correct header layout and a matching
1358 question. */
1359 if ((recvresp1 || !res_queriesmatch(buf, buf + buflen,
1eb946b9
UD		 1360 *thisansp,
1361 *thisansp
1362 + *thisanssizp))
1363 && (recvresp2 || !res_queriesmatch(buf2, buf2 + buflen2,
1364 *thisansp,
1365 *thisansp
33322186
FW		 1366 + *thisanssizp)))
1367 goto wait;
1368
17a10319
UD		 1369 if (anhp->rcode == SERVFAIL ||
1370 anhp->rcode == NOTIMP ||
1371 anhp->rcode == REFUSED) {
16b293a7 1372 next_ns:
4769ae77
UD		 1373 if (recvresp1 || (buf2 != NULL && recvresp2)) {
1374 *resplen2 = 0;
e28b969b 1375 return resplen;
4769ae77 1376 }
e2003883
UD		 1377 if (buf2 != NULL)
1378 {
4769ae77
UD		 1379 /* No data from the first reply. */
1380 resplen = 0;
e2003883 1381 /* We are waiting for a possible second reply. */
e2003883
UD		 1382 if (hp->id == anhp->id)
1383 recvresp1 = 1;
1384 else
1385 recvresp2 = 1;
1386
1387 goto wait;
1388 }
1389
17a10319
UD		 1390 /* don't retry if called from dig */
1391 if (!statp->pfcode)
b66d837b
FW		 1392 return close_and_return_error (statp, resplen2);
1393 __res_iclose(statp, false);
17a10319 1394 }
359bb2ef
UD		 1395 if (anhp->rcode == NOERROR && anhp->ancount == 0
1396 && anhp->aa == 0 && anhp->ra == 0 && anhp->arcount == 0) {
359bb2ef
UD		 1397 goto next_ns;
1398 }
17a10319
UD		 1399 if (!(statp->options & RES_IGNTC) && anhp->tc) {
1400 /*
1401 * To get the rest of answer,
1402 * use TCP with same server.
1403 */
17a10319 1404 *v_circuit = 1;
cb07f6f6 1405 __res_iclose(statp, false);
1eb946b9
UD		 1406 // XXX if we have received one reply we could
1407 // XXX use it and not repeat it over TCP...
b66d837b
FW		 1408 if (resplen2 != NULL)
1409 *resplen2 = 0;
17a10319
UD		 1410 return (1);
1411 }
1eb946b9
UD		 1412 /* Mark which reply we received. */
1413 if (recvresp1 == 0 && hp->id == anhp->id)
1414 recvresp1 = 1;
1415 else
1416 recvresp2 = 1;
1417 /* Repeat waiting if we have a second answer to arrive. */
ae061910 1418 if ((recvresp1 & recvresp2) == 0) {
c030f70c 1419 if (single_request) {
ae061910 1420 pfd[0].events = POLLOUT;
44d20bca
UD		 1421 if (single_request_reopen) {
1422 __res_iclose (statp, false);
1423 retval = reopen (statp, terrno, ns);
1424 if (retval <= 0)
b66d837b
FW		 1425 {
1426 if (resplen2 != NULL)
1427 *resplen2 = 0;
1428 return retval;
1429 }
f9d2d032 1430 pfd[0].fd = EXT(statp).nssocks[ns];
44d20bca
UD		 1431 }
1432 }
1eb946b9 1433 goto wait;
ae061910 1434 }
b66d837b
FW		 1435 /* All is well. We have received both responses (if
1436 two responses were requested). */
17a10319 1437 return (resplen);
b66d837b
FW		 1438 } else if (pfd[0].revents & (POLLERR | POLLHUP | POLLNVAL))
1439 /* Something went wrong. We can stop trying. */
1440 return close_and_return_error (statp, resplen2);
9cfe5381 1441 else {
4769ae77 1442 /* poll should not have returned > 0 in this case. */
9cfe5381
RM		 1443 abort ();
1444 }
e685e07d
UD		 1445}
1446
e685e07d 1447static int
438e8239
UD		 1448sock_eq(struct sockaddr_in6 *a1, struct sockaddr_in6 *a2) {
1449 if (a1->sin6_family == a2->sin6_family) {
1450 if (a1->sin6_family == AF_INET)
1451 return ((((struct sockaddr_in *)a1)->sin_port ==
1452 ((struct sockaddr_in *)a2)->sin_port) &&
1453 (((struct sockaddr_in *)a1)->sin_addr.s_addr ==
1454 ((struct sockaddr_in *)a2)->sin_addr.s_addr));
1455 else
1456 return ((a1->sin6_port == a2->sin6_port) &&
1457 !memcmp(&a1->sin6_addr, &a2->sin6_addr,
1458 sizeof (struct in6_addr)));
1459 }
1460 if (a1->sin6_family == AF_INET) {
1461 struct sockaddr_in6 *sap = a1;
1462 a1 = a2;
1463 a2 = sap;
1464 } /* assumes that AF_INET and AF_INET6 are the only possibilities */
1465 return ((a1->sin6_port == ((struct sockaddr_in *)a2)->sin_port) &&
1466 IN6_IS_ADDR_V4MAPPED(&a1->sin6_addr) &&
1467 (a1->sin6_addr.s6_addr32[3] ==
1468 ((struct sockaddr_in *)a2)->sin_addr.s_addr));
1469}
A mirror of the official glibc repository