From 49d73f5f56bed366378bb6bd71858e76a96b99bf Mon Sep 17 00:00:00 2001 From: Wouter Wijngaards Date: Mon, 11 Feb 2008 10:27:37 +0000 Subject: [PATCH] etc hosts handling. git-svn-id: file:///svn/unbound/trunk@944 be551aaa-1e26-0410-a405-d3ace91eadb9 --- doc/Changelog | 1 + doc/libunbound.3 | 17 +++++++++ libunbound/libunbound.c | 76 +++++++++++++++++++++++++++++++++++++ libunbound/ubsyms.def | 39 +++++++++---------- libunbound/unbound.h | 15 ++++++++ testcode/asynclook.c | 13 ++++++- testdata/05-asynclook.tpkg | Bin 1873 -> 2138 bytes 7 files changed, 141 insertions(+), 20 deletions(-) diff --git a/doc/Changelog b/doc/Changelog index 422eed290..b30787697 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,6 +1,7 @@ 11 February 2008: Wouter - changed library to use ub_ instead of ub_val_ as prefix. - statistics output text nice. + - etc/hosts handling. 8 February 2008: Wouter - test program for multiple queries over a TCP channel. diff --git a/doc/libunbound.3 b/doc/libunbound.3 index ce34100e5..dd9f97cac 100644 --- a/doc/libunbound.3 +++ b/doc/libunbound.3 @@ -19,6 +19,7 @@ .B ub_ctx_config, .B ub_ctx_set_fwd, .B ub_ctx_resolvconf, +.B ub_ctx_hosts, .B ub_ctx_add_ta, .B ub_ctx_add_ta_file, .B ub_ctx_trustedkeys, @@ -54,6 +55,9 @@ \fBub_ctx_resolvconf\fR(\fIstruct ub_ctx*\fR ctx, \fIchar*\fR fname); .LP \fIint\fR +\fBub_ctx_hosts\fR(\fIstruct ub_ctx*\fR ctx, \fIchar*\fR fname); +.LP +\fIint\fR \fBub_ctx_add_ta\fR(\fIstruct ub_ctx*\fR ctx, \fIchar*\fR ta); .LP \fIint\fR @@ -131,6 +135,12 @@ The functions are discussed in turn below. .TP .B ub_ctx_create Create a new context, initialised with defaults. +The information from /etc/resolv.conf and /etc/hosts is not utilised +by default. Use +.B ub_ctx_resolvconf +and +.B ub_ctx_hosts +to read them. .TP .B ub_ctx_delete Delete validation context and free associated resources. @@ -161,6 +171,13 @@ If fname NULL is passed, "/etc/resolv.conf" is used. At this time it is only possible to set configuration before the first resolve is done. .TP +.B ub_ctx_hosts +Read list of hosts from the filename given. +Usually "/etc/hosts". When queried for, these addresses are not marked +DNSSEC secure. If fname NULL is passed, "/etc/hosts" is used. +At this time it is only possible to set configuration before the +first resolve is done. +.TP .B ub_ctx_add_ta Add a trust anchor to the given context. diff --git a/libunbound/libunbound.c b/libunbound/libunbound.c index 295b52884..0533fca5b 100644 --- a/libunbound/libunbound.c +++ b/libunbound/libunbound.c @@ -819,3 +819,79 @@ ub_ctx_resolvconf(struct ub_ctx* ctx, char* fname) } return UB_NOERROR; } + +int +ub_ctx_hosts(struct ub_ctx* ctx, char* fname) +{ + FILE* in; + char buf[1024], ldata[1024]; + char* parse, *addr, *name, *ins; + lock_basic_lock(&ctx->cfglock); + if(ctx->finalized) { + lock_basic_unlock(&ctx->cfglock); + errno=EINVAL; + return UB_AFTERFINAL; + } + lock_basic_unlock(&ctx->cfglock); + if(fname == NULL) + fname = "/etc/hosts"; + in = fopen(fname, "r"); + if(!in) { + /* error in errno! perror(fname) */ + return UB_READFILE; + } + while(fgets(buf, (int)sizeof(buf), in)) { + buf[sizeof(buf)-1] = 0; + parse=buf; + while(*parse == ' ' || *parse == '\t') + parse++; + if(*parse == '#') + continue; /* skip comment */ + /* format: spaces spaces ... */ + addr = parse; + /* skip addr */ + while(isxdigit(*parse) || *parse == '.' || *parse == ':') + parse++; + if(*parse != ' ' && *parse != '\t') { + /* must have whitespace after address */ + fclose(in); + errno=EINVAL; + return UB_SYNTAX; + } + *parse++ = 0; /* end delimiter for addr ... */ + /* go to names and add them */ + while(*parse) { + while(*parse == ' ' || *parse == '\t' || *parse=='\n') + parse++; + if(*parse == 0 || *parse == '#') + break; + /* skip name, allows (too) many printable characters */ + name = parse; + while('!' <= *parse && *parse <= '~') + parse++; + if(*parse) + *parse++ = 0; /* end delimiter for name */ + snprintf(ldata, sizeof(ldata), "%s %s %s", + name, str_is_ip6(addr)?"AAAA":"A", addr); + ins = strdup(ldata); + if(!ins) { + /* out of memory */ + fclose(in); + errno=ENOMEM; + return UB_NOMEM; + } + lock_basic_lock(&ctx->cfglock); + if(!cfg_strlist_insert(&ctx->env->cfg->local_data, + ins)) { + lock_basic_unlock(&ctx->cfglock); + fclose(in); + free(ins); + errno=ENOMEM; + return UB_NOMEM; + } + lock_basic_unlock(&ctx->cfglock); + } + } + fclose(in); + return UB_NOERROR; +} diff --git a/libunbound/ubsyms.def b/libunbound/ubsyms.def index 94776a02e..2b7b174fc 100644 --- a/libunbound/ubsyms.def +++ b/libunbound/ubsyms.def @@ -1,19 +1,20 @@ -ub_val_ctx_create -ub_val_ctx_delete -ub_val_ctx_config -ub_val_ctx_set_fwd -ub_val_ctx_resolvconf -ub_val_ctx_add_ta -ub_val_ctx_add_ta_file -ub_val_ctx_trustedkeys -ub_val_ctx_debuglevel -ub_val_ctx_async -ub_val_poll -ub_val_wait -ub_val_fd -ub_val_process -ub_val_resolve -ub_val_resolve_async -ub_val_cancel -ub_val_resolve_free -ub_val_strerror +ub_ctx_create +ub_ctx_delete +ub_ctx_config +ub_ctx_set_fwd +ub_ctx_resolvconf +ub_ctx_hosts +ub_ctx_add_ta +ub_ctx_add_ta_file +ub_ctx_trustedkeys +ub_ctx_debuglevel +ub_ctx_async +ub_poll +ub_wait +ub_fd +ub_process +ub_resolve +ub_resolve_async +ub_cancel +ub_resolve_free +ub_strerror diff --git a/libunbound/unbound.h b/libunbound/unbound.h index e1303eeae..f5f8248ff 100644 --- a/libunbound/unbound.h +++ b/libunbound/unbound.h @@ -193,6 +193,8 @@ typedef void (*ub_callback_t)(void*, int, struct ub_result*); /** * Create a resolving and validation context. + * The information from /etc/resolv.conf and /etc/hosts is not utilised by + * default. Use ub_ctx_resolvconf and ub_ctx_hosts to read them. * @return a new context. default initialisation. * returns NULL on error. */ @@ -252,6 +254,19 @@ int ub_ctx_set_fwd(struct ub_ctx* ctx, char* addr); */ int ub_ctx_resolvconf(struct ub_ctx* ctx, char* fname); +/** + * Read list of hosts from the filename given. + * Usually "/etc/hosts". + * These addresses are not flagged as DNSSEC secure when queried for. + * + * @param ctx: context. + * At this time it is only possible to set configuration before the + * first resolve is done. + * @param fname: file name string. If NULL "/etc/hosts" is used. + * @return 0 if OK, else error. + */ +int ub_ctx_hosts(struct ub_ctx* ctx, char* fname); + /** * Add a trust anchor to the given context. * The trust anchor is a string, on one line, that holds a valid DNSKEY or diff --git a/testcode/asynclook.c b/testcode/asynclook.c index b7925900a..d119192df 100644 --- a/testcode/asynclook.c +++ b/testcode/asynclook.c @@ -72,6 +72,7 @@ void usage(char* argv[]) printf(" -d : enable debug output\n"); printf(" -f addr : use addr, forward to that server\n"); printf(" -h : this help message\n"); + printf(" -H fname : read hosts from fname\n"); printf(" -r fname : read resolv.conf from fname\n"); printf(" -t : use a resolver thread instead of forking a process\n"); printf(" -x : perform extended threaded test\n"); @@ -351,7 +352,7 @@ int main(int argc, char** argv) if(argc == 1) { usage(argv); } - while( (c=getopt(argc, argv, "bcdf:hr:tx")) != -1) { + while( (c=getopt(argc, argv, "bcdf:hH:r:tx")) != -1) { switch(c) { case 'd': r = ub_ctx_debuglevel(ctx, 3); @@ -377,6 +378,16 @@ int main(int argc, char** argv) return 1; } break; + case 'H': + r = ub_ctx_hosts(ctx, optarg); + if(r != 0) { + printf("ub_ctx_hosts " + "error: %s : %s\n", + ub_strerror(r), + strerror(errno)); + return 1; + } + break; case 'f': r = ub_ctx_set_fwd(ctx, optarg); checkerr("ub_ctx_set_fwd", r); diff --git a/testdata/05-asynclook.tpkg b/testdata/05-asynclook.tpkg index 1fd0e332f66be0ff6d493a4c4d286e831e5a07e1..128328d657f4a945bcdce7aa26b11e4f75a39561 100644 GIT binary patch literal 2138 zc-jG42&MNQiwFRtAh1UO1MOOIciK1-&%fwXOdVd6To1=Kf!vakEt}9yc3YAq^m_a5 z-OCDFfH%f+WxIrTx8MCnvH?R9l5QZo-T2qnV5HHEG@}`5#u$|n4adIiaek#cuGrmJ zJq*PDekJ*=?#+Fs*f5R#%AR2vRvFvPa>cSXpt6R!+&~;gQ~+#@cpNctH{E^xUnz`5 z`_DB5f~`UZqPk%BjQuUMY)Sj?Rm+xHH7vA$b+2k{fUyGE_u`q`e-k!KC0I0iskBKp zA>^^J8AJmHLmJ}h;WMhL=XwlA1LlJpZH2N|F!FCG^+4Bm^(eUN>qw@jBmM&~Urrd^ z(vMQ&5PPQ05ep;eaRIIm>KPkd+C`B84MW%Or=sQu%t@K+BBb3qzC1r`ck0FMZ78-I zt>d%z@CqvB${y_OkhdRa-Ngwl_M6zp>;VUDMlpHP;PCK<9Ml)?BsKXF6%MWq$(!xE z=lEeslK3HUd�+$Teucj0UbffTE)NMLUqX^hqHZwmaZMwwvs_-LC8JX8H77l8k~< z0MlvBn=v7U!`{fzJ>CcF@TCball7h+*NZQ*%aaZ1!>x<6X>`kiN7PM>6*BP|jU935 zbBKe#D`UZH6f1X&PlxOfUWbuD`$?h^jqJf8>BYVsx!hNLE)yP?aj?Au|0RX@jelK! zIKS+)f3BOBK?)xmr=82rNxOMbFXLA!73~>`aovCe`3bM6H62diHaQVGr)ODDMkFF$*!(o^y&bg&=@n` zvKvb5Q+6tg>@E^*;SNWsj_ZKWqeO8p6lbaIqN(VwQNiXNLi!AfGp)>ogdW3Hndu-o zck=b~r&@)4IDa1m|EsiG})GH)oDY%T4^5RH&OI z2<|!mc^Iug#`5#us91Z`^ItyW`CqM8^7H>GaNGIMWsH2n8$d?NVi3kSZaF1U;oA7BBHwcVPwo(p zmT`~&@9$^)-<1BpZ&}sc|DOT}Aa7@r`#W&spS4Nj_=gV{9lVJI<4e~e7tN#2=~)YY`p~?P59CeZv{h(bOgkE_i;vCr zq`6>P`?`Vu%yb6L)-hS%WJaTrl-pRG&7{3x8oFiZWkcUHo@zqYT{E&4r(|WPB<+8{ z|37|@E%$%ZM6b`(e^mZo-OJDaC&4Y}f085pg(?8&?Pgt*qIFH4{E8k^DRuaR8_Mh_ zNz4v08|%ZHX+W9JuF;?LOgx1DAty`=<4Ed5Bfop7tO_KFXeM-Mlio>Qm&`CTXN@o~ zWJG0)X(BdHC9_INmS&N%Xds4Dp{NKOGuVj1)bbdYer(p|ZAVTiDNgj&)rTC`o1lb~Li2Gg}?GRz$ng&Ur1^)R&9v#;)hg7$k!O!TW*^ z=azj#sK@QA5}tT&Z@i;4F<|zU+UBw+)Mup$`Cal&iW1WbLOQ<;A1G0|E#s~lA*juC zW15rSAkLEgEt}bY3nia{u~;(5j%7k{q0PzzX`+w+f17Ua0p8(5K>IrKeBQ>u&g_Vx zvLd-6>H&?T0eV=Er&X@4!v&2)>0~}EBrHF>B8sV}FMcLmRgGzGb8nHgu$}qL(vdZ| z-=)reoOn|5y@fkVwq^FuWD_j-kJ7YS3CN|yK{&7J4Y^wWOAMK=mO1M;(~&}{yS~iU9%xq z%m0~0(IpPJZo92q#4|Hp>V)h%V!ng-bNLMuy-Cu#sP5||Pma)D< z!KuZj$}k~K?HtZRmA8+$Nb=EW#AQlrvoORij&vj8MoCE~q(i2PF?z}-DRQkCz2jB@__uP4DK zoXFR`$26i{iViKSzMX*^CPm(Gz+=w=oBI)!wamw9{yBR3i-2}!ej9|F9m-rlNru=c?9 zWuzmunhCdI8oFjr`cw*;Rc60r)Fzw`Y2Wp!7=zCu8J2Zo8j6#(z-c&^bDj-O8z$uC z8{|FV;#o8|AZa3*1GrFFTH$(Z%v|pOPH3-SkKO10d)4an{cpLtpZxx_ocsS%;5&5R z7Vgs8Tve9*lZnvfKHkoBgB-Ka7H$x!hR$Nq6Jq&N20XVL`&}O6?md$46_6N%3i5p` zT=;?dU{%2QrdBa(YYab1MOP>d)hV=&#&mOxH>#d@^%`rt-;p%~?q`~rmm=z39)f~%p9WO_Q|S9tn#%IJ=9 zloE$HGV6|L7{P#XaD9+%>~yV56d71y==#G{)Z&B%DGNh{^t#6vXQ#b>GrzwN`Chww zeEJ5SK^0>R92}6B@8-k#DJ_ndaE#g`2HKor+R~uax+Mqgg*!3-7=g)M!OOQsb^Y)p&Et}9-;elg2u;F4q(6atv3 zwdlr#6k3CcqkC)!X6tDQo+j%(Id0~kWS1v8(#D;Ov#sck1y3wDaaKtA2XuDCV8|d2 zzL3s>=O|X}7T+4v7Ca9lj{Xxw6DzVuEi#CGJ93#X`CKGCF5+PS0RAAkH|?J;-kx3b zdp|czra^M=+9&;s{;OW+yjjMtLMr+*;x|nL4#g)tZ$f@PE9rdp41J7Ehml-vYJIeQ zz9e?cV903zTHe$|N2}=24@E!rys0O0xx_>c^C_U7LP{QgX=3P-Q|sywTj-2AZ!ru7 z`aY}5GQ0D{TDZees^dD~vnVm#6UkW^J71FY*J$9<3L!%Z`MFi*LPC$?s!Hi3p*#6& z!CSK(Dtuw%HbcpB`%3@py>{_r`l5+T4j7O2gsSLEoh&*Erdvz9HAN%j-;QhwAA@`D ze-=g?kg@*$H>zf3cK?eu-v6~)Ro(v&fxGU1CSv3Rz5p^(rdR$t86SQ1ixoHwZg3D8 zW5i<HAGSzVYOd{Ausx+mkNPYik^MRL56>PV)W!Ybe(Y zgOEe{kO;Ut7MK3}nDQIa>Ec`G;+qc6BX8RMqgTKJn>iHTM>hff7J^8xbN2dY_@M{w zHgr!rz20e$w2!}gd)~*FNN{uEI^?`_)IT}x!Vhmd=b}Mg-93NT=}o(H zC9|#@_^*^|(CHqN?I|;vOoZI_vNqHHT*=T)LoXY8#ds)%%vBnh%PN^!m4yHAKmVV; z$JU?!l2NIYXZ4?2)sXjpUFH7|f;;a2BuDxWRRGRzcUvB|WB6^702a6xmOb zn6)q)8^ViOKv~SL@jU67cnE(YCrk_DNZ3Oo|Myf;6-W}%Oz6<2qtm=D(J-U4MyMB3 zBD2Lb5nH4ZS*0LLvq(`i;NzK4G=z;AY(!z^d5lZncbek0BUDO?6GQp41n0Ds{$y~sJM%D~wt0UKvs5l#3w1REp61<$>e~uA-Bd0 z%f2PlWA;@6Z#;K!b094-qV|>C=3*q&=cNhpUGPnc60-_Is$Yf=6fChV<4ZY%TQ=2= zSx$b7I7{}wY-ay86nqNCa>*b&mvYXyHZKpPi9Y`PHQV0OC?Kp72O;cZV5fFO(O3~A zZ@RR&wbxoQv@A@`cJT{s^&Xb>q=k*VM>fZ6ekhh`8*u+AIsJak;ppPd5d@k2F?I67 z`S?`(i0gN22Kxx+4{E`zEOV7G^WSh+v}KQNmj5GjS{kh|p4-&(ED>>6I?~>a+_b2Fdh)jIvyF>*L~cvZo_vUiBz}y^=t^H+ZrPEW<^RZ{=$Zq#ZNF_? z#3OTEdI;%tM12R}=i(ctAJbH7+1%G6AF;d<3nT58FEWE9lTS3~*~GHqD|OwKc@Lxs zhr?(nv&jkLNtP5%m`Jp28iqK;kZ!`=C@B<#)|ko?fu6ESlJHeaitbrew9$p#)<-xm z{eS9EBNzgb3%I)GVZDWS8BCc{l8qRCx8D_R`tJ!z&BP%yLe(73pGIU zBjq7J#xV}+205mo&D|i99sT9<0>q*y2cCNw`C9dab^1==dD-N3mW8%FD*y>NfSB4@Uh%2B8pg0<8}p)^7C@3f>C@3f>C@3f>C@3f>C@3f>C@3f>C@3f>C@3f>C@3f>d