From fdfda2c4a3a790b78f76218ca8a933bfd3944b84 Mon Sep 17 00:00:00 2001 From: matthew <> Date: Tue, 5 Apr 2011 00:46:06 +0000 Subject: Add AI_FQDN flag to getaddrinfo(3). Prompted by discussions with djm@ about cert checking in OpenSSH. Man page wording tweaks thanks to jmc@. ok henning@, jmc@; positive feedback from djm@, ajacoutat@ Committing now to reuse guenther@'s libc minor bump instead of cranking it again, as suggested by deraadt@. --- src/lib/libc/net/getaddrinfo.3 | 32 +++++++++++++++++++++++++++++--- src/lib/libc/net/getaddrinfo.c | 36 +++++++++++++++++------------------- 2 files changed, 46 insertions(+), 22 deletions(-) diff --git a/src/lib/libc/net/getaddrinfo.3 b/src/lib/libc/net/getaddrinfo.3 index 7250407d65..da6e64683f 100644 --- a/src/lib/libc/net/getaddrinfo.3 +++ b/src/lib/libc/net/getaddrinfo.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: getaddrinfo.3,v 1.47 2009/07/09 10:14:41 eric Exp $ +.\" $OpenBSD: getaddrinfo.3,v 1.48 2011/04/05 00:46:06 matthew Exp $ .\" $KAME: getaddrinfo.3,v 1.36 2005/01/05 03:23:05 itojun Exp $ .\" .\" Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") @@ -16,7 +16,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: July 9 2009 $ +.Dd $Mdocdate: April 5 2011 $ .Dt GETADDRINFO 3 .Os .Sh NAME @@ -126,11 +126,33 @@ If the bit is set, a successful call to .Fn getaddrinfo will return a NUL-terminated string containing the canonical name -of the specified hostname in the +of the specified host name in the .Fa ai_canonname element of the first .Li addrinfo structure returned. +.It Dv AI_FQDN +If the +.Dv AI_FQDN +bit is set, a successful call to +.Fn getaddrinfo +will return a NUL-terminated string containing the fully qualified domain name +of the specified host name in the +.Fa ai_canonname +element of the first +.Li addrinfo +structure returned. +.Pp +This is different from the +.Dv AI_CANONNAME +bit flag that returns the canonical name registered in DNS, +which may be different from the fully qualified domain name +that the host name resolved to. +Only one of the +.Dv AI_FQDN +and +.Dv AI_CANONNAME +bits can be set. .It Dv AI_NUMERICHOST If the .Dv AI_NUMERICHOST @@ -438,6 +460,10 @@ function is defined by the draft specification and documented in .Dv "RFC 3493" , .Dq Basic Socket Interface Extensions for IPv6 . +.Pp +The +.Dv AI_FQDN +flag bit first appeared in Windows 7. .Sh BUGS The implementation of .Fn getaddrinfo diff --git a/src/lib/libc/net/getaddrinfo.c b/src/lib/libc/net/getaddrinfo.c index 7040fa7c37..29cc1f463e 100644 --- a/src/lib/libc/net/getaddrinfo.c +++ b/src/lib/libc/net/getaddrinfo.c @@ -1,4 +1,4 @@ -/* $OpenBSD: getaddrinfo.c,v 1.71 2009/11/18 07:43:22 guenther Exp $ */ +/* $OpenBSD: getaddrinfo.c,v 1.72 2011/04/05 00:46:06 matthew Exp $ */ /* $KAME: getaddrinfo.c,v 1.31 2000/08/31 17:36:43 itojun Exp $ */ /* @@ -309,7 +309,9 @@ getaddrinfo(const char *hostname, const char *servname, if (hints->ai_addrlen || hints->ai_canonname || hints->ai_addr || hints->ai_next) ERR(EAI_BADHINTS); /* xxx */ - if (hints->ai_flags & ~AI_MASK) + if ((hints->ai_flags & ~AI_MASK) != 0 || + (hints->ai_flags & (AI_CANONNAME | AI_FQDN)) == + (AI_CANONNAME | AI_FQDN)) ERR(EAI_BADFLAGS); switch (hints->ai_family) { case PF_UNSPEC: @@ -671,14 +673,13 @@ explore_numeric(const struct addrinfo *pai, const char *hostname, pai->ai_family == PF_UNSPEC /*?*/) { GET_AI(cur->ai_next, afd, pton); GET_PORT(cur->ai_next, servname); - if ((pai->ai_flags & AI_CANONNAME)) { - /* - * Set the numeric address itself as - * the canonical name, based on a - * clarification in rfc2553bis-03. - */ - GET_CANONNAME(cur->ai_next, canonname); - } + /* + * Set the numeric address itself as + * the canonical name, based on a + * clarification in rfc2553bis-03. + */ + GET_CANONNAME(cur->ai_next, canonname); + while (cur && cur->ai_next) cur = cur->ai_next; } else @@ -764,7 +765,7 @@ explore_numeric_scope(const struct addrinfo *pai, const char *hostname, static int get_canonname(const struct addrinfo *pai, struct addrinfo *ai, const char *str) { - if ((pai->ai_flags & AI_CANONNAME) != 0) { + if ((pai->ai_flags & (AI_CANONNAME | AI_FQDN)) != 0) { ai->ai_canonname = strdup(str); if (ai->ai_canonname == NULL) return EAI_MEMORY; @@ -1129,7 +1130,7 @@ getanswer(const querybuf *answer, int anslen, const char *qname, int qtype, haveanswer++; } if (haveanswer) { - if (!canonname) + if (!canonname || (pai->ai_flags & AI_FQDN) != 0) (void)get_canonname(pai, sentinel.ai_next, qname); else (void)get_canonname(pai, sentinel.ai_next, canonname); @@ -1275,11 +1276,9 @@ found: /* cover it up */ res->ai_flags = pai->ai_flags; - if (pai->ai_flags & AI_CANONNAME) { - if (get_canonname(pai, res, cname) != 0) { - freeaddrinfo(res0); - goto again; - } + if (get_canonname(pai, res, cname) != 0) { + freeaddrinfo(res0); + goto again; } } return res0; @@ -1369,8 +1368,7 @@ nextline: /* cover it up */ res->ai_flags = pai->ai_flags; - if (pai->ai_flags & AI_CANONNAME) - (void)get_canonname(pai, res, canonname); + (void)get_canonname(pai, res, canonname); } } else res0 = NULL; -- cgit v1.2.3-55-g6feb