1 files changed, 0 insertions, 343 deletions
diff --git a/src/lib/libc/net/getnameinfo.3 b/src/lib/libc/net/getnameinfo.3
deleted file mode 100644
index c01646c8a7..0000000000
--- a/src/lib/libc/net/getnameinfo.3
+++ /dev/null
@@ -1,343 +0,0 @@
-.\"     $OpenBSD: getnameinfo.3,v 1.28 2004/12/06 10:46:35 jmc Exp $
-.\"     $KAME: getnameinfo.3,v 1.20 2001/01/05 13:37:37 itojun Exp $
-.\"
-.\" Copyright (c) 1983, 1987, 1991, 1993
-.\"     The Regents of the University of California.  All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer.
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in the
-.\"    documentation and/or other materials provided with the distribution.
-.\" 3. Neither the name of the University nor the names of its contributors
-.\"    may be used to endorse or promote products derived from this software
-.\"    without specific prior written permission.
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
-.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
-.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-.\" SUCH DAMAGE.
-.\"
-.\"     From: @(#)gethostbyname.3       8.4 (Berkeley) 5/25/95
-.\"
-.Dd May 25, 1995
-.Dt GETNAMEINFO 3
-.Os
-.\"
-.Sh NAME
-.Nm getnameinfo
-.Nd address-to-nodename translation in protocol-independent manner
-.\"
-.Sh SYNOPSIS
-.Fd #include <sys/types.h>
-.Fd #include <sys/socket.h>
-.Fd #include <netdb.h>
-.Ft int
-.Fn getnameinfo "const struct sockaddr *sa" "socklen_t salen" \
-"char *host" "size_t hostlen" "char *serv" "size_t servlen" "int flags"
-.\"
-.Sh DESCRIPTION
-The
-.Fn getnameinfo
-function is defined for protocol-independent address-to-nodename translation.
-Its functionality is a reverse conversion of
-.Xr getaddrinfo 3 ,
-and implements similar functionality to
-.Xr gethostbyaddr 3
-and
-.Xr getservbyport 3
-in a more sophisticated manner.
-.Pp
-This function looks up an IP address and port number provided by the
-caller in the DNS and system-specific database, and returns text
-strings for both in buffers provided by the caller.
-The function indicates successful completion by a zero return value;
-a non-zero return value indicates failure.
-.Pp
-To aid applications in printing error messages based on the
-.Dv EAI_xxx
-codes returned by
-.Fn getnameinfo ,
-.Fn gai_strerror
-is defined.
-See
-.Xr gai_strerror 3
-for more information.
-.Pp
-The implementation allows experimental numeric IPv6 address notation with
-scope identifier.
-IPv6 link-local address will appear as a string like
-.Dq Li fe80::1%ne0 .
-Refer to
-.Xr getaddrinfo 3
-for the notation.
-.Pp
-The first argument,
-.Fa sa ,
-points to either a
-.Li sockaddr_in
-structure (for IPv4) or a
-.Li sockaddr_in6
-structure (for IPv6) that holds the IP address and port number.
-The
-.Fa salen
-argument gives the length of the
-.Li sockaddr_in
-or
-.Li sockaddr_in6
-structure.
-.Pp
-The function returns the nodename associated with the IP address in
-the buffer pointed to by the
-.Fa host
-argument.
-The caller provides the size of this buffer via the
-.Fa hostlen
-argument.
-The service name associated with the port number is returned in the buffer
-pointed to by
-.Fa serv ,
-and the
-.Fa servlen
-argument gives the length of this buffer.
-The caller specifies not to return either string by providing a zero
-value for the
-.Fa hostlen
-or
-.Fa servlen
-arguments.
-Otherwise, the caller must provide buffers large enough to hold the
-nodename and the service name, including the terminating null characters.
-.Pp
-Unfortunately most systems do not provide constants that specify the
-maximum size of either a fully-qualified domain name or a service name.
-Therefore to aid the application in allocating buffers for these two
-returned strings the following constants are defined in
-.Aq Pa netdb.h :
-.Bd -literal -offset indent
-#define NI_MAXHOST    MAXHOSTNAMELEN
-#define NI_MAXSERV    32
-.Ed
-.Pp
-The first value is actually defined as the constant
-.Dv MAXDNAME
-in recent versions of BIND's
-.Aq Pa arpa/nameser.h
-header (older versions of BIND define this constant to be 256)
-and the second is a guess based on the services listed in the current
-Assigned Numbers RFC.
-.Pp
-The final argument is a
-.Fa flag
-that changes the default actions of this function.
-The flags are defined in
-.Aq Pa netdb.h
-and are as follows:
-.Bl -tag -width "NI_NUMERICHOSTXX"
-.It Dv NI_NOFQDN
-By default the fully-qualified domain name (FQDN) for the host is
-looked up using DNS and returned.
-If the flag bit
-.Dv NI_NOFQDN
-is set, only the nodename portion of the FQDN is returned for local hosts.
-.It Dv NI_NUMERICHOST
-If the
-.Fa flag
-bit
-.Dv NI_NUMERICHOST
-is set, or if the host's name cannot be located using DNS,
-the numeric form of the host's address is returned instead of its name
-.Po
-e.g., by calling
-.Xr inet_ntop 3
-instead of
-.Xr gethostbyaddr 3
-.Pc .
-The two
-.Dv NI_NUMERICxxx
-flags are required to support the
-.Fl n
-flag that many commands provide.
-.It Dv NI_NAMEREQD
-If the
-.Fa flag
-bit
-.Dv NI_NAMEREQD
-is set, an error is returned if the host's name cannot be located using DNS.
-.It Dv NI_NUMERICSERV
-If the flag bit
-.Dv NI_NUMERICSERV
-is set, the numeric form of the service address is returned
-.Pq e.g., its port number
-instead of its name.
-The two
-.Dv NI_NUMERICxxx
-flags are required to support the
-.Fl n
-flag that many commands provide.
-.It Dv NI_DGRAM
-A fifth flag bit,
-.Dv NI_DGRAM ,
-specifies that the service is a datagram service, and causes
-.Xr getservbyport 3
-to be called with a second argument of
-.Qq udp
-instead of its default of
-.Qq tcp .
-This is required for the few ports (512-514)
-that have different services for UDP and TCP.
-.El
-.\"
-.Sh RETURN VALUES
-.Fn getnameinfo
-returns zero on success, and non-zero on errors.
-See
-.Xr gai_strerror 3
-for a description of the non-zero error codes.
-.\"
-.Sh EXAMPLES
-The following code tries to get a numeric hostname, and service name,
-for a given socket address.
-Observe that there is no hardcoded reference to a particular address family.
-.Bd -literal -offset indent
-struct sockaddr *sa;    /* input */
-char hbuf[NI_MAXHOST], sbuf[NI_MAXSERV];
-if (getnameinfo(sa, sa->sa_len, hbuf, sizeof(hbuf), sbuf,
-    sizeof(sbuf), NI_NUMERICHOST | NI_NUMERICSERV)) {
-        errx(1, "could not get numeric hostname");
-        /*NOTREACHED*/
-}
-printf("host=%s, serv=%s\en", hbuf, sbuf);
-.Ed
-.Pp
-The following version checks if the socket address has reverse address mapping:
-.Bd -literal -offset indent
-struct sockaddr *sa;    /* input */
-char hbuf[NI_MAXHOST];
-if (getnameinfo(sa, sa->sa_len, hbuf, sizeof(hbuf), NULL, 0,
-    NI_NAMEREQD)) {
-        errx(1, "could not resolve hostname");
-        /*NOTREACHED*/
-}
-printf("host=%s\en", hbuf);
-.Ed
-.\"
-.Sh SEE ALSO
-.Xr gai_strerror 3 ,
-.Xr getaddrinfo 3 ,
-.Xr gethostbyaddr 3 ,
-.Xr getservbyport 3 ,
-.Xr hosts 5 ,
-.Xr resolv.conf 5 ,
-.Xr services 5 ,
-.Xr hostname 7 ,
-.Xr named 8
-.Rs
-.%A R. Gilligan
-.%A S. Thomson
-.%A J. Bound
-.%A W. Stevens
-.%T Basic Socket Interface Extensions for IPv6
-.%R RFC 2553
-.%D March 1999
-.Re
-.Rs
-.%A Tatsuya Jinmei
-.%A Atsushi Onoe
-.%T "An Extension of Format for IPv6 Scoped Addresses"
-.%R internet draft
-.%N draft-ietf-ipngwg-scopedaddr-format-02.txt
-.%O work in progress material
-.Re
-.Rs
-.%A Craig Metz
-.%T Protocol Independence Using the Sockets API
-.%B "Proceedings of the freenix track: 2000 USENIX annual technical conference"
-.%D June 2000
-.Re
-.\"
-.Sh STANDARDS
-The
-.Fn getnameinfo
-function is defined in IEEE POSIX 1003.1g draft specification,
-and documented in
-.Dq Basic Socket Interface Extensions for IPv6
-.Pq RFC 2553 .
-.\"
-.Sh HISTORY
-The implementation first appeared in WIDE Hydrangea IPv6 protocol stack kit.
-.\"
-.Sh CAVEATS
-.Fn getnameinfo
-returns both numeric and FQDN notation of the address specified in
-.Fa sa .
-There is no return value that indicates if the string returned in
-.Fa host
-is a result of binary to numeric-text translation (like
-.Xr inet_ntop 3 ) ,
-or the result of DNS reverse lookup.
-Therefore, malicious parties could set up a PTR record as below:
-.Bd -literal -offset indent
-1.0.0.127.in-addr.arpa. IN PTR  10.1.1.1
-.Ed
-.Pp
-and trick the caller of
-.Fn getnameinfo
-into believing that
-.Fa sa
-is
-.Li 10.1.1.1
-when it actually is
-.Li 127.0.0.1 .
-.Pp
-To prevent such attacks, the use of
-.Dv NI_NAMEREQD
-is recommended when you use the result of
-.Fn getnameinfo
-for access control purposes:
-.Bd -literal -offset indent
-struct sockaddr *sa;
-socklen_t salen;
-char addr[NI_MAXHOST];
-struct addrinfo hints, *res;
-int error;
-error = getnameinfo(sa, salen, addr, sizeof(addr),
-    NULL, 0, NI_NAMEREQD);
-if (error == 0) {
-        memset(&hints, 0, sizeof(hints));
-        hints.ai_socktype = SOCK_DGRAM; /*dummy*/
-        hints.ai_flags = AI_NUMERICHOST;
-        if (getaddrinfo(addr, "0", &hints, &res) == 0) {
-                /* malicious PTR record */
-                freeaddrinfo(res);
-                printf("bogus PTR record\\n");
-                return -1;
-        }
-        /* addr is FQDN as a result of PTR lookup */
-} else {
-        /* addr is numeric string */
-        error = getnameinfo(sa, salen, addr, sizeof(addr),
-            NULL, 0, NI_NUMERICHOST);
-}
-.Ed
-.\"
-.Sh BUGS
-The current implementation is not thread-safe.
-.Pp
-.Ox
-intentionally uses a different
-.Dv NI_MAXHOST
-value from what RFC 2553 suggests, to avoid buffer length handling mistakes.

diff --git a/src/lib/libc/net/getnameinfo.3 b/src/lib/libc/net/getnameinfo.3 deleted file mode 100644 index c01646c8a7..0000000000 --- a/src/lib/libc/net/getnameinfo.3 +++ /dev/null
@@ -1,343 +0,0 @@
1	.\" $OpenBSD: getnameinfo.3,v 1.28 2004/12/06 10:46:35 jmc Exp $
2	.\" $KAME: getnameinfo.3,v 1.20 2001/01/05 13:37:37 itojun Exp $
3	.\"
4	.\" Copyright (c) 1983, 1987, 1991, 1993
5	.\" The Regents of the University of California. All rights reserved.
6	.\"
7	.\" Redistribution and use in source and binary forms, with or without
8	.\" modification, are permitted provided that the following conditions
9	.\" are met:
10	.\" 1. Redistributions of source code must retain the above copyright
11	.\" notice, this list of conditions and the following disclaimer.
12	.\" 2. Redistributions in binary form must reproduce the above copyright
13	.\" notice, this list of conditions and the following disclaimer in the
14	.\" documentation and/or other materials provided with the distribution.
15	.\" 3. Neither the name of the University nor the names of its contributors
16	.\" may be used to endorse or promote products derived from this software
17	.\" without specific prior written permission.
18	.\"
19	.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20	.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21	.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22	.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23	.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24	.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25	.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26	.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27	.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28	.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29	.\" SUCH DAMAGE.
30	.\"
31	.\" From: @(#)gethostbyname.3 8.4 (Berkeley) 5/25/95
32	.\"
33	.Dd May 25, 1995
34	.Dt GETNAMEINFO 3
35	.Os
36	.\"
37	.Sh NAME
38	.Nm getnameinfo
39	.Nd address-to-nodename translation in protocol-independent manner
40	.\"
41	.Sh SYNOPSIS
42	.Fd #include <sys/types.h>
43	.Fd #include <sys/socket.h>
44	.Fd #include <netdb.h>
45	.Ft int
46	.Fn getnameinfo "const struct sockaddr *sa" "socklen_t salen" \
47	"char host" "size_t hostlen" "char serv" "size_t servlen" "int flags"
48	.\"
49	.Sh DESCRIPTION
50	The
51	.Fn getnameinfo
52	function is defined for protocol-independent address-to-nodename translation.
53	Its functionality is a reverse conversion of
54	.Xr getaddrinfo 3 ,
55	and implements similar functionality to
56	.Xr gethostbyaddr 3
57	and
58	.Xr getservbyport 3
59	in a more sophisticated manner.
60	.Pp
61	This function looks up an IP address and port number provided by the
62	caller in the DNS and system-specific database, and returns text
63	strings for both in buffers provided by the caller.
64	The function indicates successful completion by a zero return value;
65	a non-zero return value indicates failure.
66	.Pp
67	To aid applications in printing error messages based on the
68	.Dv EAI_xxx
69	codes returned by
70	.Fn getnameinfo ,
71	.Fn gai_strerror
72	is defined.
73	See
74	.Xr gai_strerror 3
75	for more information.
76	.Pp
77	The implementation allows experimental numeric IPv6 address notation with
78	scope identifier.
79	IPv6 link-local address will appear as a string like
80	.Dq Li fe80::1%ne0 .
81	Refer to
82	.Xr getaddrinfo 3
83	for the notation.
84	.Pp
85	The first argument,
86	.Fa sa ,
87	points to either a
88	.Li sockaddr_in
89	structure (for IPv4) or a
90	.Li sockaddr_in6
91	structure (for IPv6) that holds the IP address and port number.
92	The
93	.Fa salen
94	argument gives the length of the
95	.Li sockaddr_in
96	or
97	.Li sockaddr_in6
98	structure.
99	.Pp
100	The function returns the nodename associated with the IP address in
101	the buffer pointed to by the
102	.Fa host
103	argument.
104	The caller provides the size of this buffer via the
105	.Fa hostlen
106	argument.
107	The service name associated with the port number is returned in the buffer
108	pointed to by
109	.Fa serv ,
110	and the
111	.Fa servlen
112	argument gives the length of this buffer.
113	The caller specifies not to return either string by providing a zero
114	value for the
115	.Fa hostlen
116	or
117	.Fa servlen
118	arguments.
119	Otherwise, the caller must provide buffers large enough to hold the
120	nodename and the service name, including the terminating null characters.
121	.Pp
122	Unfortunately most systems do not provide constants that specify the
123	maximum size of either a fully-qualified domain name or a service name.
124	Therefore to aid the application in allocating buffers for these two
125	returned strings the following constants are defined in
126	.Aq Pa netdb.h :
127	.Bd -literal -offset indent
128	#define NI_MAXHOST MAXHOSTNAMELEN
129	#define NI_MAXSERV 32
130	.Ed
131	.Pp
132	The first value is actually defined as the constant
133	.Dv MAXDNAME
134	in recent versions of BIND's
135	.Aq Pa arpa/nameser.h
136	header (older versions of BIND define this constant to be 256)
137	and the second is a guess based on the services listed in the current
138	Assigned Numbers RFC.
139	.Pp
140	The final argument is a
141	.Fa flag
142	that changes the default actions of this function.
143	The flags are defined in
144	.Aq Pa netdb.h
145	and are as follows:
146	.Bl -tag -width "NI_NUMERICHOSTXX"
147	.It Dv NI_NOFQDN
148	By default the fully-qualified domain name (FQDN) for the host is
149	looked up using DNS and returned.
150	If the flag bit
151	.Dv NI_NOFQDN
152	is set, only the nodename portion of the FQDN is returned for local hosts.
153	.It Dv NI_NUMERICHOST
154	If the
155	.Fa flag
156	bit
157	.Dv NI_NUMERICHOST
158	is set, or if the host's name cannot be located using DNS,
159	the numeric form of the host's address is returned instead of its name
160	.Po
161	e.g., by calling
162	.Xr inet_ntop 3
163	instead of
164	.Xr gethostbyaddr 3
165	.Pc .
166	The two
167	.Dv NI_NUMERICxxx
168	flags are required to support the
169	.Fl n
170	flag that many commands provide.
171	.It Dv NI_NAMEREQD
172	If the
173	.Fa flag
174	bit
175	.Dv NI_NAMEREQD
176	is set, an error is returned if the host's name cannot be located using DNS.
177	.It Dv NI_NUMERICSERV
178	If the flag bit
179	.Dv NI_NUMERICSERV
180	is set, the numeric form of the service address is returned
181	.Pq e.g., its port number
182	instead of its name.
183	The two
184	.Dv NI_NUMERICxxx
185	flags are required to support the
186	.Fl n
187	flag that many commands provide.
188	.It Dv NI_DGRAM
189	A fifth flag bit,
190	.Dv NI_DGRAM ,
191	specifies that the service is a datagram service, and causes
192	.Xr getservbyport 3
193	to be called with a second argument of
194	.Qq udp
195	instead of its default of
196	.Qq tcp .
197	This is required for the few ports (512-514)
198	that have different services for UDP and TCP.
199	.El
200	.\"
201	.Sh RETURN VALUES
202	.Fn getnameinfo
203	returns zero on success, and non-zero on errors.
204	See
205	.Xr gai_strerror 3
206	for a description of the non-zero error codes.
207	.\"
208	.Sh EXAMPLES
209	The following code tries to get a numeric hostname, and service name,
210	for a given socket address.
211	Observe that there is no hardcoded reference to a particular address family.
212	.Bd -literal -offset indent
213	struct sockaddr sa; / input */
214	char hbuf[NI_MAXHOST], sbuf[NI_MAXSERV];
215
216	if (getnameinfo(sa, sa->sa_len, hbuf, sizeof(hbuf), sbuf,
217	sizeof(sbuf), NI_NUMERICHOST \| NI_NUMERICSERV)) {
218	errx(1, "could not get numeric hostname");
219	/NOTREACHED/
220	}
221	printf("host=%s, serv=%s\en", hbuf, sbuf);
222	.Ed
223	.Pp
224	The following version checks if the socket address has reverse address mapping:
225	.Bd -literal -offset indent
226	struct sockaddr sa; / input */
227	char hbuf[NI_MAXHOST];
228
229	if (getnameinfo(sa, sa->sa_len, hbuf, sizeof(hbuf), NULL, 0,
230	NI_NAMEREQD)) {
231	errx(1, "could not resolve hostname");
232	/NOTREACHED/
233	}
234	printf("host=%s\en", hbuf);
235	.Ed
236	.\"
237	.Sh SEE ALSO
238	.Xr gai_strerror 3 ,
239	.Xr getaddrinfo 3 ,
240	.Xr gethostbyaddr 3 ,
241	.Xr getservbyport 3 ,
242	.Xr hosts 5 ,
243	.Xr resolv.conf 5 ,
244	.Xr services 5 ,
245	.Xr hostname 7 ,
246	.Xr named 8
247	.Rs
248	.%A R. Gilligan
249	.%A S. Thomson
250	.%A J. Bound
251	.%A W. Stevens
252	.%T Basic Socket Interface Extensions for IPv6
253	.%R RFC 2553
254	.%D March 1999
255	.Re
256	.Rs
257	.%A Tatsuya Jinmei
258	.%A Atsushi Onoe
259	.%T "An Extension of Format for IPv6 Scoped Addresses"
260	.%R internet draft
261	.%N draft-ietf-ipngwg-scopedaddr-format-02.txt
262	.%O work in progress material
263	.Re
264	.Rs
265	.%A Craig Metz
266	.%T Protocol Independence Using the Sockets API
267	.%B "Proceedings of the freenix track: 2000 USENIX annual technical conference"
268	.%D June 2000
269	.Re
270	.\"
271	.Sh STANDARDS
272	The
273	.Fn getnameinfo
274	function is defined in IEEE POSIX 1003.1g draft specification,
275	and documented in
276	.Dq Basic Socket Interface Extensions for IPv6
277	.Pq RFC 2553 .
278	.\"
279	.Sh HISTORY
280	The implementation first appeared in WIDE Hydrangea IPv6 protocol stack kit.
281	.\"
282	.Sh CAVEATS
283	.Fn getnameinfo
284	returns both numeric and FQDN notation of the address specified in
285	.Fa sa .
286	There is no return value that indicates if the string returned in
287	.Fa host
288	is a result of binary to numeric-text translation (like
289	.Xr inet_ntop 3 ) ,
290	or the result of DNS reverse lookup.
291	Therefore, malicious parties could set up a PTR record as below:
292	.Bd -literal -offset indent
293	1.0.0.127.in-addr.arpa. IN PTR 10.1.1.1
294	.Ed
295	.Pp
296	and trick the caller of
297	.Fn getnameinfo
298	into believing that
299	.Fa sa
300	is
301	.Li 10.1.1.1
302	when it actually is
303	.Li 127.0.0.1 .
304	.Pp
305	To prevent such attacks, the use of
306	.Dv NI_NAMEREQD
307	is recommended when you use the result of
308	.Fn getnameinfo
309	for access control purposes:
310	.Bd -literal -offset indent
311	struct sockaddr *sa;
312	socklen_t salen;
313	char addr[NI_MAXHOST];
314	struct addrinfo hints, *res;
315	int error;
316
317	error = getnameinfo(sa, salen, addr, sizeof(addr),
318	NULL, 0, NI_NAMEREQD);
319	if (error == 0) {
320	memset(&hints, 0, sizeof(hints));
321	hints.ai_socktype = SOCK_DGRAM; /dummy/
322	hints.ai_flags = AI_NUMERICHOST;
323	if (getaddrinfo(addr, "0", &hints, &res) == 0) {
324	/* malicious PTR record */
325	freeaddrinfo(res);
326	printf("bogus PTR record\\n");
327	return -1;
328	}
329	/* addr is FQDN as a result of PTR lookup */
330	} else {
331	/* addr is numeric string */
332	error = getnameinfo(sa, salen, addr, sizeof(addr),
333	NULL, 0, NI_NUMERICHOST);
334	}
335	.Ed
336	.\"
337	.Sh BUGS
338	The current implementation is not thread-safe.
339	.Pp
340	.Ox
341	intentionally uses a different
342	.Dv NI_MAXHOST
343	value from what RFC 2553 suggests, to avoid buffer length handling mistakes.