]>
git.ipfire.org Git - thirdparty/squid.git/blob - helpers/external_acl/kerberos_ldap_group/support_resolv.cc
2 * -----------------------------------------------------------------------------
4 * Author: Markus Moeller (markus_moeller at compuserve.com)
6 * Copyright (C) 2007 Markus Moeller. All rights reserved.
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
22 * -----------------------------------------------------------------------------
37 #ifdef HAVE_NETINET_IN_H
38 #include <netinet/in.h>
43 #ifdef HAVE_ARPA_NAMESER_H
44 #include <arpa/nameser.h>
47 void nsError(int nserror
, char *server
);
48 static int compare_hosts(struct hstruct
*h1
, struct hstruct
*h2
);
49 static void swap(struct hstruct
*a
, struct hstruct
*b
);
50 static void sort(struct hstruct
*array
, int nitems
, int (*cmp
) (struct hstruct
*, struct hstruct
*), int begin
, int end
);
51 static void msort(struct hstruct
*array
, size_t nitems
, int (*cmp
) (struct hstruct
*, struct hstruct
*));
54 * See http://www.ietf.org/rfc/rfc1035.txt
57 * See http://www.ietf.org/rfc/rfc2782.txt
61 nsError(int nserror
, char *service
)
65 error((char *) "%s| %s: ERROR: res_search: Unknown service record: %s\n", LogTime(), PROGRAM
, service
);
68 error((char *) "%s| %s: ERROR: res_search: No SRV record for %s\n", LogTime(), PROGRAM
, service
);
71 error((char *) "%s| %s: ERROR: res_search: No response for SRV query\n", LogTime(), PROGRAM
);
74 error((char *) "%s| %s: ERROR: res_search: Unexpected error: %s\n", LogTime(), PROGRAM
, strerror(nserror
));
79 swap(struct hstruct
*a
, struct hstruct
*b
)
84 c
.priority
= a
->priority
;
86 a
->priority
= b
->priority
;
87 a
->weight
= b
->weight
;
89 b
->priority
= c
.priority
;
94 sort(struct hstruct
*array
, int nitems
, int (*cmp
) (struct hstruct
*, struct hstruct
*), int begin
, int end
)
101 if (cmp(&array
[l
], &array
[pivot
]) <= 0) {
105 swap(&array
[l
], &array
[r
]);
109 swap(&array
[begin
], &array
[l
]);
110 sort(array
, nitems
, cmp
, begin
, l
);
111 sort(array
, nitems
, cmp
, r
, end
);
116 msort(struct hstruct
*array
, size_t nitems
, int (*cmp
) (struct hstruct
*, struct hstruct
*))
118 sort(array
, nitems
, cmp
, 0, nitems
- 1);
122 compare_hosts(struct hstruct
*host1
, struct hstruct
*host2
)
126 * The comparison function must return an integer less than, equal to,
127 * or greater than zero if the first argument is considered to be
128 * respectively less than, equal to, or greater than the second.
130 if ((host1
->priority
< host2
->priority
) && (host1
->priority
!= -1))
132 if ((host1
->priority
< host2
->priority
) && (host1
->priority
== -1))
134 if ((host1
->priority
> host2
->priority
) && (host2
->priority
!= -1))
136 if ((host1
->priority
> host2
->priority
) && (host2
->priority
== -1))
138 if (host1
->priority
== host2
->priority
) {
139 if (host1
->weight
> host2
->weight
)
141 if (host1
->weight
< host2
->weight
)
148 free_hostname_list(struct hstruct
**hlist
, int nhosts
)
150 struct hstruct
*hp
= NULL
;
154 for (i
= 0; i
< nhosts
; i
++) {
169 get_hostname_list(struct main_args
*margs
, struct hstruct
**hlist
, int nhosts
, char *name
)
172 * char host[sysconf(_SC_HOST_NAME_MAX)];
175 struct addrinfo
*hres
= NULL
, *hres_list
;
177 struct hstruct
*hp
= NULL
;
183 rc
= getaddrinfo((const char *) name
, NULL
, NULL
, &hres
);
185 error((char *) "%s| %s: ERROR: Error while resolving hostname with getaddrinfo: %s\n", LogTime(), PROGRAM
, gai_strerror(rc
));
192 hres_list
= hres_list
->ai_next
;
197 rc
= getnameinfo(hres_list
->ai_addr
, hres_list
->ai_addrlen
, host
, sizeof(host
), NULL
, 0, 0);
199 error((char *) "%s| %s: ERROR: Error while resolving ip address with getnameinfo: %s\n", LogTime(), PROGRAM
, gai_strerror(rc
));
205 debug((char *) "%s| %s: DEBUG: Resolved address %d of %s to %s\n", LogTime(), PROGRAM
, count
, name
, host
);
207 hp
= (struct hstruct
*) xrealloc(hp
, sizeof(struct hstruct
) * (nhosts
+ 1));
208 hp
[nhosts
].host
= xstrdup(host
);
209 hp
[nhosts
].port
= -1;
210 hp
[nhosts
].priority
= -1;
211 hp
[nhosts
].weight
= -1;
214 hres_list
= hres_list
->ai_next
;
223 get_ldap_hostname_list(struct main_args
*margs
, struct hstruct
**hlist
, int nh
, char *domain
)
227 * char name[sysconf(_SC_HOST_NAME_MAX)];
230 char host
[NS_MAXDNAME
];
232 struct hstruct
*hp
= NULL
;
236 int priority
, weight
, port
;
243 service
= (char *) xmalloc(strlen("_ldaps._tcp.") + strlen(domain
) + 1);
244 strcpy(service
, "_ldaps._tcp.");
246 service
= (char *) xmalloc(strlen("_ldap._tcp.") + strlen(domain
) + 1);
247 strcpy(service
, "_ldap._tcp.");
249 strcat(service
, domain
);
251 #ifndef PACKETSZ_MULT
253 * It seems Solaris doesn't give back the real length back when res_search uses a to small buffer
254 * Set a bigger one here
256 #define PACKETSZ_MULT 10
260 buffer
= (u_char
*) xmalloc(PACKETSZ_MULT
* NS_PACKETSZ
);
261 if ((len
= res_search(service
, ns_c_in
, ns_t_srv
, (u_char
*) buffer
, PACKETSZ_MULT
* NS_PACKETSZ
)) < 0) {
262 error((char *) "%s| %s: ERROR: Error while resolving service record %s with res_search\n", LogTime(), PROGRAM
, service
);
263 nsError(h_errno
, service
);
266 service
= (char *) xmalloc(strlen("_ldap._tcp.") + strlen(domain
) + 1);
267 strcpy(service
, "_ldap._tcp.");
268 strcat(service
, domain
);
269 if ((len
= res_search(service
, ns_c_in
, ns_t_srv
, (u_char
*) buffer
, PACKETSZ_MULT
* NS_PACKETSZ
)) < 0) {
270 error((char *) "%s| %s: ERROR: Error while resolving service record %s with res_search\n", LogTime(), PROGRAM
, service
);
271 nsError(h_errno
, service
);
278 if (len
> PACKETSZ_MULT
* NS_PACKETSZ
) {
280 buffer
= (u_char
*) xrealloc(buffer
, len
);
281 if ((len
= res_search(service
, ns_c_in
, ns_t_srv
, (u_char
*) buffer
, len
)) < 0) {
282 error((char *) "%s| %s: ERROR: Error while resolving service record %s with res_search\n", LogTime(), PROGRAM
, service
);
283 nsError(h_errno
, service
);
287 error((char *) "%s| %s: ERROR: Reply to big: buffer: %d reply length: %d\n", LogTime(), PROGRAM
, olen
, len
);
292 p
+= 6 * NS_INT16SZ
; /* Header(6*16bit) = id + flags + 4*section count */
293 if (p
> buffer
+ len
) {
294 error((char *) "%s| %s: ERROR: Message to small: %d < header size\n", LogTime(), PROGRAM
, len
);
297 if ((size
= dn_expand(buffer
, buffer
+ len
, p
, name
, sysconf(_SC_HOST_NAME_MAX
))) < 0) {
298 error((char *) "%s| %s: ERROR: Error while expanding query name with dn_expand: %s\n", LogTime(), PROGRAM
, strerror(errno
));
301 p
+= size
; /* Query name */
302 p
+= 2 * NS_INT16SZ
; /* Query type + class (2*16bit) */
303 if (p
> buffer
+ len
) {
304 error((char *) "%s| %s: ERROR: Message to small: %d < header + query name,type,class \n", LogTime(), PROGRAM
, len
);
307 while (p
< buffer
+ len
) {
308 if ((size
= dn_expand(buffer
, buffer
+ len
, p
, name
, sysconf(_SC_HOST_NAME_MAX
))) < 0) {
309 error((char *) "%s| %s: ERROR: Error while expanding answer name with dn_expand: %s\n", LogTime(), PROGRAM
, strerror(errno
));
312 p
+= size
; /* Resource Record name */
313 if (p
> buffer
+ len
) {
314 error((char *) "%s| %s: ERROR: Message to small: %d < header + query name,type,class + answer name\n", LogTime(), PROGRAM
, len
);
317 NS_GET16(type
, p
); /* RR type (16bit) */
318 p
+= NS_INT16SZ
+ NS_INT32SZ
; /* RR class + ttl (16bit+32bit) */
319 if (p
> buffer
+ len
) {
320 error((char *) "%s| %s: ERROR: Message to small: %d < header + query name,type,class + answer name + RR type,class,ttl\n", LogTime(), PROGRAM
, len
);
323 NS_GET16(rdlength
, p
); /* RR data length (16bit) */
325 if (type
== ns_t_srv
) { /* SRV record */
326 if (p
> buffer
+ len
) {
327 error((char *) "%s| %s: ERROR: Message to small: %d < header + query name,type,class + answer name + RR type,class,ttl + RR data length\n", LogTime(), PROGRAM
, len
);
330 NS_GET16(priority
, p
); /* Priority (16bit) */
331 if (p
> buffer
+ len
) {
332 error((char *) "%s| %s: ERROR: Message to small: %d < SRV RR + priority\n", LogTime(), PROGRAM
, len
);
335 NS_GET16(weight
, p
); /* Weight (16bit) */
336 if (p
> buffer
+ len
) {
337 error((char *) "%s| %s: ERROR: Message to small: %d < SRV RR + priority + weight\n", LogTime(), PROGRAM
, len
);
340 NS_GET16(port
, p
); /* Port (16bit) */
341 if (p
> buffer
+ len
) {
342 error((char *) "%s| %s: ERROR: Message to small: %d < SRV RR + priority + weight + port\n", LogTime(), PROGRAM
, len
);
345 if ((size
= dn_expand(buffer
, buffer
+ len
, p
, host
, NS_MAXDNAME
)) < 0) {
346 error((char *) "%s| %s: ERROR: Error while expanding SRV RR name with dn_expand: %s\n", LogTime(), PROGRAM
, strerror(errno
));
349 debug((char *) "%s| %s: DEBUG: Resolved SRV %s record to %s\n", LogTime(), PROGRAM
, service
, host
);
350 hp
= (struct hstruct
*) xrealloc(hp
, sizeof(struct hstruct
) * (nh
+ 1));
351 hp
[nh
].host
= xstrdup(host
);
353 hp
[nh
].priority
= priority
;
354 hp
[nh
].weight
= weight
;
360 if (p
> buffer
+ len
) {
361 error((char *) "%s| %s: ERROR: Message to small: %d < SRV RR + priority + weight + port + name\n", LogTime(), PROGRAM
, len
);
365 if (p
!= buffer
+ len
) {
366 #if (SIZEOF_LONG == 8)
367 error("%s| %s: ERROR: Inconsistence message length: %ld!=0\n", LogTime(), PROGRAM
, buffer
+ len
- p
);
369 error((char *) "%s| %s: ERROR: Inconsistence message length: %d!=0\n", LogTime(), PROGRAM
, buffer
+ len
- p
);
373 nhosts
= get_hostname_list(margs
, &hp
, nh
, domain
);
375 /* Remove duplicates */
376 for (i
= 0; i
< nhosts
; i
++) {
377 for (j
= i
+ 1; j
< nhosts
; j
++) {
378 if (!strcasecmp(hp
[i
].host
, hp
[j
].host
)) {
379 if (hp
[i
].port
== hp
[j
].port
||
380 (hp
[i
].port
== -1 && hp
[j
].port
== 389) ||
381 (hp
[i
].port
== 389 && hp
[j
].port
== -1)) {
383 for (k
= j
+ 1; k
< nhosts
; k
++) {
384 hp
[k
- 1].host
= hp
[k
].host
;
385 hp
[k
- 1].port
= hp
[k
].port
;
386 hp
[k
- 1].priority
= hp
[k
].priority
;
387 hp
[k
- 1].weight
= hp
[k
].weight
;
391 hp
= (struct hstruct
*) xrealloc(hp
, sizeof(struct hstruct
) * (nhosts
+ 1));
397 /* Sort by Priority / Weight */
398 msort(hp
, nhosts
, compare_hosts
);
401 debug((char *) "%s| %s: DEBUG: Sorted ldap server names for domain %s:\n", LogTime(), PROGRAM
, domain
);
402 for (i
= 0; i
< nhosts
; i
++) {
403 debug((char *) "%s| %s: DEBUG: Host: %s Port: %d Priority: %d Weight: %d\n", LogTime(), PROGRAM
, hp
[i
].host
, hp
[i
].port
, hp
[i
].priority
, hp
[i
].weight
);