diff options
| author | djm <> | 2008-08-15 14:57:20 +0000 |
|---|---|---|
| committer | djm <> | 2008-08-15 14:57:20 +0000 |
| commit | e72de9455c1c4ac62f67569f4309a7875d9ca4fa (patch) | |
| tree | 103ee43182b01b663852ffec95f127eb03d8ab7c | |
| parent | fa6a8862d748e6cec964da061b6daa4995b3a4fd (diff) | |
| download | openbsd-e72de9455c1c4ac62f67569f4309a7875d9ca4fa.tar.gz openbsd-e72de9455c1c4ac62f67569f4309a7875d9ca4fa.tar.bz2 openbsd-e72de9455c1c4ac62f67569f4309a7875d9ca4fa.zip | |
Add resolv.conf(5) option to force lookups by TCP: "options tcp"
Also Extend "nameserver" declaration syntax to support port
numbers. To avoid ambiguity these are only parsed when the address
is enclosed in square brackets, e.g. "nameserver [127.0.0.1]:5353"
Together these changes make forwarding DNS over a SSH tunnel very
easy, but unfortunately some programs in ports/ implement their
own resolvers (e.g. firefox). These will need to be modified to
support these options separately.
fixes jsing@ reyk@
ok deraadt@ millert@ krw@ + "I like it" from lots
| -rw-r--r-- | src/lib/libc/net/res_init.c | 38 |
1 files changed, 20 insertions, 18 deletions
diff --git a/src/lib/libc/net/res_init.c b/src/lib/libc/net/res_init.c index ebfc5f3db2..42d3b3ca1e 100644 --- a/src/lib/libc/net/res_init.c +++ b/src/lib/libc/net/res_init.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: res_init.c,v 1.36 2007/08/05 16:11:09 ray Exp $ */ | 1 | /* $OpenBSD: res_init.c,v 1.37 2008/08/15 14:57:20 djm Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * ++Copyright++ 1985, 1989, 1993 | 4 | * ++Copyright++ 1985, 1989, 1993 |
| @@ -376,18 +376,13 @@ _res_init(int usercall) | |||
| 376 | } | 376 | } |
| 377 | /* read nameservers to query */ | 377 | /* read nameservers to query */ |
| 378 | if (MATCH(buf, "nameserver") && nserv < MAXNS) { | 378 | if (MATCH(buf, "nameserver") && nserv < MAXNS) { |
| 379 | #ifdef INET6 | ||
| 380 | char *q; | 379 | char *q; |
| 381 | struct addrinfo hints, *res; | 380 | struct addrinfo hints, *res; |
| 382 | char pbuf[NI_MAXSERV]; | 381 | char pbuf[NI_MAXSERV]; |
| 383 | #else | ||
| 384 | struct in_addr a; | ||
| 385 | #endif /* INET6 */ | ||
| 386 | 382 | ||
| 387 | cp = buf + sizeof("nameserver") - 1; | 383 | cp = buf + sizeof("nameserver") - 1; |
| 388 | while (*cp == ' ' || *cp == '\t') | 384 | while (*cp == ' ' || *cp == '\t') |
| 389 | cp++; | 385 | cp++; |
| 390 | #ifdef INET6 | ||
| 391 | if ((*cp == '\0') || (*cp == '\n')) | 386 | if ((*cp == '\0') || (*cp == '\n')) |
| 392 | continue; | 387 | continue; |
| 393 | for (q = cp; *q; q++) { | 388 | for (q = cp; *q; q++) { |
| @@ -396,10 +391,26 @@ _res_init(int usercall) | |||
| 396 | break; | 391 | break; |
| 397 | } | 392 | } |
| 398 | } | 393 | } |
| 394 | |||
| 395 | /* Handle addresses enclosed in [] */ | ||
| 396 | *pbuf = '\0'; | ||
| 397 | if (*cp == '[') { | ||
| 398 | cp++; | ||
| 399 | if ((q = strchr(cp, ']')) == NULL) | ||
| 400 | continue; | ||
| 401 | *q++ = '\0'; | ||
| 402 | /* Extract port, if specified */ | ||
| 403 | if (*q++ == ':') { | ||
| 404 | if (strlcpy(pbuf, q, sizeof(pbuf)) >= sizeof(pbuf)) | ||
| 405 | continue; | ||
| 406 | } | ||
| 407 | } | ||
| 408 | if (*pbuf == '\0') | ||
| 409 | snprintf(pbuf, sizeof(pbuf), "%u", NAMESERVER_PORT); | ||
| 410 | |||
| 399 | memset(&hints, 0, sizeof(hints)); | 411 | memset(&hints, 0, sizeof(hints)); |
| 400 | hints.ai_flags = AI_NUMERICHOST; | 412 | hints.ai_flags = AI_NUMERICHOST; |
| 401 | hints.ai_socktype = SOCK_DGRAM; | 413 | hints.ai_socktype = SOCK_DGRAM; |
| 402 | snprintf(pbuf, sizeof(pbuf), "%u", NAMESERVER_PORT); | ||
| 403 | res = NULL; | 414 | res = NULL; |
| 404 | if (getaddrinfo(cp, pbuf, &hints, &res) == 0 && | 415 | if (getaddrinfo(cp, pbuf, &hints, &res) == 0 && |
| 405 | res->ai_next == NULL) { | 416 | res->ai_next == NULL) { |
| @@ -421,17 +432,6 @@ _res_init(int usercall) | |||
| 421 | } | 432 | } |
| 422 | if (res) | 433 | if (res) |
| 423 | freeaddrinfo(res); | 434 | freeaddrinfo(res); |
| 424 | #else /* INET6 */ | ||
| 425 | if ((*cp != '\0') && (*cp != '\n') && inet_aton(cp, &a)) { | ||
| 426 | _resp->nsaddr_list[nserv].sin_addr = a; | ||
| 427 | _resp->nsaddr_list[nserv].sin_family = AF_INET; | ||
| 428 | _resp->nsaddr_list[nserv].sin_port = | ||
| 429 | htons(NAMESERVER_PORT); | ||
| 430 | _resp->nsaddr_list[nserv].sin_len = | ||
| 431 | sizeof(struct sockaddr_in); | ||
| 432 | nserv++; | ||
| 433 | } | ||
| 434 | #endif /* INET6 */ | ||
| 435 | continue; | 435 | continue; |
| 436 | } | 436 | } |
| 437 | #ifdef RESOLVSORT | 437 | #ifdef RESOLVSORT |
| @@ -641,6 +641,8 @@ res_setoptions(char *options, char *source) | |||
| 641 | _resp->options |= RES_INSECURE2; | 641 | _resp->options |= RES_INSECURE2; |
| 642 | } else if (!strncmp(cp, "edns0", sizeof("edns0") - 1)) { | 642 | } else if (!strncmp(cp, "edns0", sizeof("edns0") - 1)) { |
| 643 | _resp->options |= RES_USE_EDNS0; | 643 | _resp->options |= RES_USE_EDNS0; |
| 644 | } else if (!strncmp(cp, "tcp", sizeof("tcp") - 1)) { | ||
| 645 | _resp->options |= RES_USEVC; | ||
| 644 | } else { | 646 | } else { |
| 645 | /* XXX - print a warning here? */ | 647 | /* XXX - print a warning here? */ |
| 646 | } | 648 | } |