1 files changed, 348 insertions, 0 deletions
diff --git a/src/lib/libc/net/getnameinfo.3 b/src/lib/libc/net/getnameinfo.3
new file mode 100644
index 0000000000..3b3a0fd290
--- /dev/null
+++ b/src/lib/libc/net/getnameinfo.3
@@ -0,0 +1,348 @@
+.\"     $OpenBSD: getnameinfo.3,v 1.27 2003/08/28 10:16:38 jmc Exp $
+.\"     $KAME: getnameinfo.3,v 1.20 2001/01/05 13:37:37 itojun Exp $
+.\"
+.\" Copyright (c) 1983, 1987, 1991, 1993
+.\"     The Regents of the University of California.  All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of the University nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\"     From: @(#)gethostbyname.3       8.4 (Berkeley) 5/25/95
+.\"
+.Dd May 25, 1995
+.Dt GETNAMEINFO 3
+.Os
+.\"
+.Sh NAME
+.Nm getnameinfo
+.Nd address-to-nodename translation in protocol-independent manner
+.\"
+.Sh SYNOPSIS
+.Fd #include <sys/types.h>
+.Fd #include <sys/socket.h>
+.Fd #include <netdb.h>
+.Ft int
+.Fn getnameinfo "const struct sockaddr *sa" "socklen_t salen" \
+"char *host" "size_t hostlen" "char *serv" "size_t servlen" "int flags"
+.\"
+.Sh DESCRIPTION
+The
+.Fn getnameinfo
+function is defined for protocol-independent address-to-nodename translation.
+Its functionality is a reverse conversion of
+.Xr getaddrinfo 3 ,
+and implements similar functionality to
+.Xr gethostbyaddr 3
+and
+.Xr getservbyport 3
+in a more sophisticated manner.
+.Pp
+This function looks up an IP address and port number provided by the
+caller in the DNS and system-specific database, and returns text
+strings for both in buffers provided by the caller.
+The function indicates successful completion by a zero return value;
+a non-zero return value indicates failure.
+.Pp
+The first argument,
+.Fa sa ,
+points to either a
+.Li sockaddr_in
+structure (for IPv4) or a
+.Li sockaddr_in6
+structure (for IPv6) that holds the IP address and port number.
+The
+.Fa salen
+argument gives the length of the
+.Li sockaddr_in
+or
+.Li sockaddr_in6
+structure.
+.Pp
+The function returns the nodename associated with the IP address in
+the buffer pointed to by the
+.Fa host
+argument.
+The caller provides the size of this buffer via the
+.Fa hostlen
+argument.
+The service name associated with the port number is returned in the buffer
+pointed to by
+.Fa serv ,
+and the
+.Fa servlen
+argument gives the length of this buffer.
+The caller specifies not to return either string by providing a zero
+value for the
+.Fa hostlen
+or
+.Fa servlen
+arguments.
+Otherwise, the caller must provide buffers large enough to hold the
+nodename and the service name, including the terminating null characters.
+.Pp
+Unfortunately most systems do not provide constants that specify the
+maximum size of either a fully-qualified domain name or a service name.
+Therefore to aid the application in allocating buffers for these two
+returned strings the following constants are defined in
+.Aq Pa netdb.h :
+.Bd -literal -offset
+#define NI_MAXHOST    MAXHOSTNAMELEN
+#define NI_MAXSERV    32
+.Ed
+.Pp
+The first value is actually defined as the constant
+.Dv MAXDNAME
+in recent versions of BIND's
+.Aq Pa arpa/nameser.h
+header (older versions of BIND define this constant to be 256)
+and the second is a guess based on the services listed in the current
+Assigned Numbers RFC.
+.Pp
+The final argument is a
+.Fa flag
+that changes the default actions of this function.
+By default the fully-qualified domain name (FQDN) for the host is
+looked up in the DNS and returned.
+If the flag bit
+.Dv NI_NOFQDN
+is set, only the nodename portion of the FQDN is returned for local hosts.
+.Pp
+If the
+.Fa flag
+bit
+.Dv NI_NUMERICHOST
+is set, or if the host's name cannot be located in the DNS,
+the numeric form of the host's address is returned instead of its name
+.Po
+e.g., by calling
+.Fn inet_ntop
+instead of
+.Fn gethostbyaddr
+.Pc .
+If the
+.Fa flag
+bit
+.Dv NI_NAMEREQD
+is set, an error is returned if the host's name cannot be located in the DNS.
+.Pp
+If the flag bit
+.Dv NI_NUMERICSERV
+is set, the numeric form of the service address is returned
+.Pq e.g., its port number
+instead of its name.
+The two
+.Dv NI_NUMERICxxx
+flags are required to support the
+.Fl n
+flag that many commands provide.
+.Pp
+A fifth flag bit,
+.Dv NI_DGRAM ,
+specifies that the service is a datagram service, and causes
+.Fn getservbyport
+to be called with a second argument of
+.Qq udp
+instead of its default of
+.Qq tcp .
+This is required for the few ports (512-514)
+that have different services for UDP and TCP.
+.Pp
+These
+.Dv NI_xxx
+flags are defined in
+.Aq Pa netdb.h .
+.\"
+.Ss Extension for scoped IPv6 address
+The implementation allows experimental numeric IPv6 address notation with
+scope identifier.
+IPv6 link-local address will appear as a string like
+.Dq Li fe80::1%ne0 .
+Refer to
+.Xr getaddrinfo 3
+for the notation.
+.\"
+.Sh EXAMPLES
+The following code tries to get a numeric hostname, and service name,
+for given socket address.
+Observe that there is no hardcoded reference to a particular address family.
+.Bd -literal -offset indent
+struct sockaddr *sa;    /* input */
+char hbuf[NI_MAXHOST], sbuf[NI_MAXSERV];
+if (getnameinfo(sa, sa->sa_len, hbuf, sizeof(hbuf), sbuf,
+    sizeof(sbuf), NI_NUMERICHOST | NI_NUMERICSERV)) {
+        errx(1, "could not get numeric hostname");
+        /*NOTREACHED*/
+}
+printf("host=%s, serv=%s\en", hbuf, sbuf);
+.Ed
+.Pp
+The following version checks if the socket address has reverse address mapping.
+.Bd -literal -offset indent
+struct sockaddr *sa;    /* input */
+char hbuf[NI_MAXHOST];
+if (getnameinfo(sa, sa->sa_len, hbuf, sizeof(hbuf), NULL, 0,
+    NI_NAMEREQD)) {
+        errx(1, "could not resolve hostname");
+        /*NOTREACHED*/
+}
+printf("host=%s\en", hbuf);
+.Ed
+.\"
+.Sh DIAGNOSTICS
+The function indicates successful completion by a zero return value;
+a non-zero return value indicates failure.
+Error codes are as below:
+.Bl -tag -width Er
+.It Dv EAI_AGAIN
+The name could not be resolved at this time.
+Future attempts may succeed.
+.It Dv EAI_BADFLAGS
+The flags had an invalid value.
+.It Dv EAI_FAIL
+A non-recoverable error occurred.
+.It Dv EAI_FAMILY
+The address family was not recognized or the address length was invalid
+for the specified family.
+.It Dv EAI_MEMORY
+There was a memory allocation failure.
+.It Dv EAI_NONAME
+The name does not resolve for the supplied parameters.
+.Dv NI_NAMEREQD
+is set and the host's name cannot be located,
+or both nodename and servname were null.
+.It Dv EAI_SYSTEM
+A system error occurred.
+The error code can be found in errno.
+.El
+.\"
+.Sh SEE ALSO
+.Xr getaddrinfo 3 ,
+.Xr gethostbyaddr 3 ,
+.Xr getservbyport 3 ,
+.Xr hosts 5 ,
+.Xr resolv.conf 5 ,
+.Xr services 5 ,
+.Xr hostname 7 ,
+.Xr named 8
+.Rs
+.%A R. Gilligan
+.%A S. Thomson
+.%A J. Bound
+.%A W. Stevens
+.%T Basic Socket Interface Extensions for IPv6
+.%R RFC 2553
+.%D March 1999
+.Re
+.Rs
+.%A Tatsuya Jinmei
+.%A Atsushi Onoe
+.%T "An Extension of Format for IPv6 Scoped Addresses"
+.%R internet draft
+.%N draft-ietf-ipngwg-scopedaddr-format-02.txt
+.%O work in progress material
+.Re
+.Rs
+.%A Craig Metz
+.%T Protocol Independence Using the Sockets API
+.%B "Proceedings of the freenix track: 2000 USENIX annual technical conference"
+.%D June 2000
+.Re
+.\"
+.Sh STANDARDS
+The
+.Fn getnameinfo
+function is defined in IEEE POSIX 1003.1g draft specification,
+and documented in
+.Dq Basic Socket Interface Extensions for IPv6
+.Pq RFC 2553 .
+.\"
+.Sh HISTORY
+The implementation first appeared in WIDE Hydrangea IPv6 protocol stack kit.
+.\"
+.Sh CAVEATS
+.Fn getnameinfo
+returns both numeric and FQDN notation of the address specified in
+.Fa sa .
+There is no return value that indicates if the string returned in
+.Fa host
+is a result of binary to numeric-text translation (like
+.Xr inet_ntop 3 ) ,
+or the result of DNS reverse lookup.
+Therefore, malicious parties could set up a PTR record as below:
+.Bd -literal -offset indent
+1.0.0.127.in-addr.arpa. IN PTR  10.1.1.1
+.Ed
+.Pp
+and trick the caller of
+.Fn getnameinfo
+into believing that
+.Fa sa
+is
+.Li 10.1.1.1
+when it actually is
+.Li 127.0.0.1 .
+.Pp
+To prevent such attacks, the use of
+.Dv NI_NAMEREQD
+is recommended when you use the result of
+.Fn getnameinfo
+for access control purposes:
+.Bd -literal -offset indent
+struct sockaddr *sa;
+socklen_t salen;
+char addr[NI_MAXHOST];
+struct addrinfo hints, *res;
+int error;
+error = getnameinfo(sa, salen, addr, sizeof(addr),
+    NULL, 0, NI_NAMEREQD);
+if (error == 0) {
+        memset(&hints, 0, sizeof(hints));
+        hints.ai_socktype = SOCK_DGRAM; /*dummy*/
+        hints.ai_flags = AI_NUMERICHOST;
+        if (getaddrinfo(addr, "0", &hints, &res) == 0) {
+                /* malicious PTR record */
+                freeaddrinfo(res);
+                printf("bogus PTR record\\n");
+                return -1;
+        }
+        /* addr is FQDN as a result of PTR lookup */
+} else {
+        /* addr is numeric string */
+        error = getnameinfo(sa, salen, addr, sizeof(addr),
+            NULL, 0, NI_NUMERICHOST);
+}
+.Ed
+.\"
+.Sh BUGS
+The current implementation is not thread-safe.
+.Pp
+The text was shamelessly copied from RFC 2553.
+.Pp
+.Ox
+intentionally uses a different
+.Dv NI_MAXHOST
+value from what RFC 2553 suggests, to avoid buffer length handling mistakes.

diff --git a/src/lib/libc/net/getnameinfo.3 b/src/lib/libc/net/getnameinfo.3 new file mode 100644 index 0000000000..3b3a0fd290 --- /dev/null +++ b/src/lib/libc/net/getnameinfo.3
@@ -0,0 +1,348 @@
	1	.\" $OpenBSD: getnameinfo.3,v 1.27 2003/08/28 10:16:38 jmc Exp $
	2	.\" $KAME: getnameinfo.3,v 1.20 2001/01/05 13:37:37 itojun Exp $
	3	.\"
	4	.\" Copyright (c) 1983, 1987, 1991, 1993
	5	.\" The Regents of the University of California. All rights reserved.
	6	.\"
	7	.\" Redistribution and use in source and binary forms, with or without
	8	.\" modification, are permitted provided that the following conditions
	9	.\" are met:
	10	.\" 1. Redistributions of source code must retain the above copyright
	11	.\" notice, this list of conditions and the following disclaimer.
	12	.\" 2. Redistributions in binary form must reproduce the above copyright
	13	.\" notice, this list of conditions and the following disclaimer in the
	14	.\" documentation and/or other materials provided with the distribution.
	15	.\" 3. Neither the name of the University nor the names of its contributors
	16	.\" may be used to endorse or promote products derived from this software
	17	.\" without specific prior written permission.
	18	.\"
	19	.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
	20	.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	21	.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	22	.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
	23	.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	24	.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	25	.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	26	.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	27	.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	28	.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	29	.\" SUCH DAMAGE.
	30	.\"
	31	.\" From: @(#)gethostbyname.3 8.4 (Berkeley) 5/25/95
	32	.\"
	33	.Dd May 25, 1995
	34	.Dt GETNAMEINFO 3
	35	.Os
	36	.\"
	37	.Sh NAME
	38	.Nm getnameinfo
	39	.Nd address-to-nodename translation in protocol-independent manner
	40	.\"
	41	.Sh SYNOPSIS
	42	.Fd #include <sys/types.h>
	43	.Fd #include <sys/socket.h>
	44	.Fd #include <netdb.h>
	45	.Ft int
	46	.Fn getnameinfo "const struct sockaddr *sa" "socklen_t salen" \
	47	"char host" "size_t hostlen" "char serv" "size_t servlen" "int flags"
	48	.\"
	49	.Sh DESCRIPTION
	50	The
	51	.Fn getnameinfo
	52	function is defined for protocol-independent address-to-nodename translation.
	53	Its functionality is a reverse conversion of
	54	.Xr getaddrinfo 3 ,
	55	and implements similar functionality to
	56	.Xr gethostbyaddr 3
	57	and
	58	.Xr getservbyport 3
	59	in a more sophisticated manner.
	60	.Pp
	61	This function looks up an IP address and port number provided by the
	62	caller in the DNS and system-specific database, and returns text
	63	strings for both in buffers provided by the caller.
	64	The function indicates successful completion by a zero return value;
	65	a non-zero return value indicates failure.
	66	.Pp
	67	The first argument,
	68	.Fa sa ,
	69	points to either a
	70	.Li sockaddr_in
	71	structure (for IPv4) or a
	72	.Li sockaddr_in6
	73	structure (for IPv6) that holds the IP address and port number.
	74	The
	75	.Fa salen
	76	argument gives the length of the
	77	.Li sockaddr_in
	78	or
	79	.Li sockaddr_in6
	80	structure.
	81	.Pp
	82	The function returns the nodename associated with the IP address in
	83	the buffer pointed to by the
	84	.Fa host
	85	argument.
	86	The caller provides the size of this buffer via the
	87	.Fa hostlen
	88	argument.
	89	The service name associated with the port number is returned in the buffer
	90	pointed to by
	91	.Fa serv ,
	92	and the
	93	.Fa servlen
	94	argument gives the length of this buffer.
	95	The caller specifies not to return either string by providing a zero
	96	value for the
	97	.Fa hostlen
	98	or
	99	.Fa servlen
	100	arguments.
	101	Otherwise, the caller must provide buffers large enough to hold the
	102	nodename and the service name, including the terminating null characters.
	103	.Pp
	104	Unfortunately most systems do not provide constants that specify the
	105	maximum size of either a fully-qualified domain name or a service name.
	106	Therefore to aid the application in allocating buffers for these two
	107	returned strings the following constants are defined in
	108	.Aq Pa netdb.h :
	109	.Bd -literal -offset
	110	#define NI_MAXHOST MAXHOSTNAMELEN
	111	#define NI_MAXSERV 32
	112	.Ed
	113	.Pp
	114	The first value is actually defined as the constant
	115	.Dv MAXDNAME
	116	in recent versions of BIND's
	117	.Aq Pa arpa/nameser.h
	118	header (older versions of BIND define this constant to be 256)
	119	and the second is a guess based on the services listed in the current
	120	Assigned Numbers RFC.
	121	.Pp
	122	The final argument is a
	123	.Fa flag
	124	that changes the default actions of this function.
	125	By default the fully-qualified domain name (FQDN) for the host is
	126	looked up in the DNS and returned.
	127	If the flag bit
	128	.Dv NI_NOFQDN
	129	is set, only the nodename portion of the FQDN is returned for local hosts.
	130	.Pp
	131	If the
	132	.Fa flag
	133	bit
	134	.Dv NI_NUMERICHOST
	135	is set, or if the host's name cannot be located in the DNS,
	136	the numeric form of the host's address is returned instead of its name
	137	.Po
	138	e.g., by calling
	139	.Fn inet_ntop
	140	instead of
	141	.Fn gethostbyaddr
	142	.Pc .
	143	If the
	144	.Fa flag
	145	bit
	146	.Dv NI_NAMEREQD
	147	is set, an error is returned if the host's name cannot be located in the DNS.
	148	.Pp
	149	If the flag bit
	150	.Dv NI_NUMERICSERV
	151	is set, the numeric form of the service address is returned
	152	.Pq e.g., its port number
	153	instead of its name.
	154	The two
	155	.Dv NI_NUMERICxxx
	156	flags are required to support the
	157	.Fl n
	158	flag that many commands provide.
	159	.Pp
	160	A fifth flag bit,
	161	.Dv NI_DGRAM ,
	162	specifies that the service is a datagram service, and causes
	163	.Fn getservbyport
	164	to be called with a second argument of
	165	.Qq udp
	166	instead of its default of
	167	.Qq tcp .
	168	This is required for the few ports (512-514)
	169	that have different services for UDP and TCP.
	170	.Pp
	171	These
	172	.Dv NI_xxx
	173	flags are defined in
	174	.Aq Pa netdb.h .
	175	.\"
	176	.Ss Extension for scoped IPv6 address
	177	The implementation allows experimental numeric IPv6 address notation with
	178	scope identifier.
	179	IPv6 link-local address will appear as a string like
	180	.Dq Li fe80::1%ne0 .
	181	Refer to
	182	.Xr getaddrinfo 3
	183	for the notation.
	184	.\"
	185	.Sh EXAMPLES
	186	The following code tries to get a numeric hostname, and service name,
	187	for given socket address.
	188	Observe that there is no hardcoded reference to a particular address family.
	189	.Bd -literal -offset indent
	190	struct sockaddr sa; / input */
	191	char hbuf[NI_MAXHOST], sbuf[NI_MAXSERV];
	192
	193	if (getnameinfo(sa, sa->sa_len, hbuf, sizeof(hbuf), sbuf,
	194	sizeof(sbuf), NI_NUMERICHOST \| NI_NUMERICSERV)) {
	195	errx(1, "could not get numeric hostname");
	196	/NOTREACHED/
	197	}
	198	printf("host=%s, serv=%s\en", hbuf, sbuf);
	199	.Ed
	200	.Pp
	201	The following version checks if the socket address has reverse address mapping.
	202	.Bd -literal -offset indent
	203	struct sockaddr sa; / input */
	204	char hbuf[NI_MAXHOST];
	205
	206	if (getnameinfo(sa, sa->sa_len, hbuf, sizeof(hbuf), NULL, 0,
	207	NI_NAMEREQD)) {
	208	errx(1, "could not resolve hostname");
	209	/NOTREACHED/
	210	}
	211	printf("host=%s\en", hbuf);
	212	.Ed
	213	.\"
	214	.Sh DIAGNOSTICS
	215	The function indicates successful completion by a zero return value;
	216	a non-zero return value indicates failure.
	217	Error codes are as below:
	218	.Bl -tag -width Er
	219	.It Dv EAI_AGAIN
	220	The name could not be resolved at this time.
	221	Future attempts may succeed.
	222	.It Dv EAI_BADFLAGS
	223	The flags had an invalid value.
	224	.It Dv EAI_FAIL
	225	A non-recoverable error occurred.
	226	.It Dv EAI_FAMILY
	227	The address family was not recognized or the address length was invalid
	228	for the specified family.
	229	.It Dv EAI_MEMORY
	230	There was a memory allocation failure.
	231	.It Dv EAI_NONAME
	232	The name does not resolve for the supplied parameters.
	233	.Dv NI_NAMEREQD
	234	is set and the host's name cannot be located,
	235	or both nodename and servname were null.
	236	.It Dv EAI_SYSTEM
	237	A system error occurred.
	238	The error code can be found in errno.
	239	.El
	240	.\"
	241	.Sh SEE ALSO
	242	.Xr getaddrinfo 3 ,
	243	.Xr gethostbyaddr 3 ,
	244	.Xr getservbyport 3 ,
	245	.Xr hosts 5 ,
	246	.Xr resolv.conf 5 ,
	247	.Xr services 5 ,
	248	.Xr hostname 7 ,
	249	.Xr named 8
	250	.Rs
	251	.%A R. Gilligan
	252	.%A S. Thomson
	253	.%A J. Bound
	254	.%A W. Stevens
	255	.%T Basic Socket Interface Extensions for IPv6
	256	.%R RFC 2553
	257	.%D March 1999
	258	.Re
	259	.Rs
	260	.%A Tatsuya Jinmei
	261	.%A Atsushi Onoe
	262	.%T "An Extension of Format for IPv6 Scoped Addresses"
	263	.%R internet draft
	264	.%N draft-ietf-ipngwg-scopedaddr-format-02.txt
	265	.%O work in progress material
	266	.Re
	267	.Rs
	268	.%A Craig Metz
	269	.%T Protocol Independence Using the Sockets API
	270	.%B "Proceedings of the freenix track: 2000 USENIX annual technical conference"
	271	.%D June 2000
	272	.Re
	273	.\"
	274	.Sh STANDARDS
	275	The
	276	.Fn getnameinfo
	277	function is defined in IEEE POSIX 1003.1g draft specification,
	278	and documented in
	279	.Dq Basic Socket Interface Extensions for IPv6
	280	.Pq RFC 2553 .
	281	.\"
	282	.Sh HISTORY
	283	The implementation first appeared in WIDE Hydrangea IPv6 protocol stack kit.
	284	.\"
	285	.Sh CAVEATS
	286	.Fn getnameinfo
	287	returns both numeric and FQDN notation of the address specified in
	288	.Fa sa .
	289	There is no return value that indicates if the string returned in
	290	.Fa host
	291	is a result of binary to numeric-text translation (like
	292	.Xr inet_ntop 3 ) ,
	293	or the result of DNS reverse lookup.
	294	Therefore, malicious parties could set up a PTR record as below:
	295	.Bd -literal -offset indent
	296	1.0.0.127.in-addr.arpa. IN PTR 10.1.1.1
	297	.Ed
	298	.Pp
	299	and trick the caller of
	300	.Fn getnameinfo
	301	into believing that
	302	.Fa sa
	303	is
	304	.Li 10.1.1.1
	305	when it actually is
	306	.Li 127.0.0.1 .
	307	.Pp
	308	To prevent such attacks, the use of
	309	.Dv NI_NAMEREQD
	310	is recommended when you use the result of
	311	.Fn getnameinfo
	312	for access control purposes:
	313	.Bd -literal -offset indent
	314	struct sockaddr *sa;
	315	socklen_t salen;
	316	char addr[NI_MAXHOST];
	317	struct addrinfo hints, *res;
	318	int error;
	319
	320	error = getnameinfo(sa, salen, addr, sizeof(addr),
	321	NULL, 0, NI_NAMEREQD);
	322	if (error == 0) {
	323	memset(&hints, 0, sizeof(hints));
	324	hints.ai_socktype = SOCK_DGRAM; /dummy/
	325	hints.ai_flags = AI_NUMERICHOST;
	326	if (getaddrinfo(addr, "0", &hints, &res) == 0) {
	327	/* malicious PTR record */
	328	freeaddrinfo(res);
	329	printf("bogus PTR record\\n");
	330	return -1;
	331	}
	332	/* addr is FQDN as a result of PTR lookup */
	333	} else {
	334	/* addr is numeric string */
	335	error = getnameinfo(sa, salen, addr, sizeof(addr),
	336	NULL, 0, NI_NUMERICHOST);
	337	}
	338	.Ed
	339	.\"
	340	.Sh BUGS
	341	The current implementation is not thread-safe.
	342	.Pp
	343	The text was shamelessly copied from RFC 2553.
	344	.Pp
	345	.Ox
	346	intentionally uses a different
	347	.Dv NI_MAXHOST
	348	value from what RFC 2553 suggests, to avoid buffer length handling mistakes.