diff options
author | Christian Grothoff <christian@grothoff.org> | 2018-03-03 22:41:59 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2018-03-03 22:41:59 +0100 |
commit | bee1fc336bad21e456907eb9e6c35dc195b9a7e9 (patch) | |
tree | 00d3455808441b97a9a9a17befac8aaff0534b3a /src/gns/nss | |
parent | 92f24c2f42e84489160d7c8b94eeae9ec98207ed (diff) | |
download | gnunet-bee1fc336bad21e456907eb9e6c35dc195b9a7e9.tar.gz gnunet-bee1fc336bad21e456907eb9e6c35dc195b9a7e9.zip |
update NSS plugin to hijack non-gnu/zkey tlds as well
Diffstat (limited to 'src/gns/nss')
-rw-r--r-- | src/gns/nss/nss_gns.c | 75 | ||||
-rw-r--r-- | src/gns/nss/nss_gns_query.c | 7 |
2 files changed, 28 insertions, 54 deletions
diff --git a/src/gns/nss/nss_gns.c b/src/gns/nss/nss_gns.c index 31435cf95..03ac6e09c 100644 --- a/src/gns/nss/nss_gns.c +++ b/src/gns/nss/nss_gns.c | |||
@@ -42,35 +42,6 @@ | |||
42 | 42 | ||
43 | 43 | ||
44 | /** | 44 | /** |
45 | * function to check if name ends with a specific suffix | ||
46 | * | ||
47 | * @param name the name to check | ||
48 | * @param suffix the suffix to check for | ||
49 | * @return 1 if true | ||
50 | */ | ||
51 | static int ends_with(const char *name, const char* suffix) { | ||
52 | size_t ln, ls; | ||
53 | assert(name); | ||
54 | assert(suffix); | ||
55 | |||
56 | if ((ls = strlen(suffix)) > (ln = strlen(name))) | ||
57 | return 0; | ||
58 | |||
59 | return strcasecmp(name+ln-ls, suffix) == 0; | ||
60 | } | ||
61 | |||
62 | |||
63 | /** | ||
64 | * Check if name is inside .gnu or .zkey TLD | ||
65 | * | ||
66 | * @param name name to check | ||
67 | * @return 1 if true | ||
68 | */ | ||
69 | static int verify_name_allowed (const char *name) { | ||
70 | return ends_with(name, ".gnu") || ends_with(name, ".zkey"); | ||
71 | } | ||
72 | |||
73 | /** | ||
74 | * The gethostbyname hook executed by nsswitch | 45 | * The gethostbyname hook executed by nsswitch |
75 | * | 46 | * |
76 | * @param name the name to resolve | 47 | * @param name the name to resolve |
@@ -82,7 +53,8 @@ static int verify_name_allowed (const char *name) { | |||
82 | * @param h_errnop idk | 53 | * @param h_errnop idk |
83 | * @return a nss_status code | 54 | * @return a nss_status code |
84 | */ | 55 | */ |
85 | enum nss_status _nss_gns_gethostbyname2_r( | 56 | enum nss_status |
57 | _nss_gns_gethostbyname2_r( | ||
86 | const char *name, | 58 | const char *name, |
87 | int af, | 59 | int af, |
88 | struct hostent * result, | 60 | struct hostent * result, |
@@ -95,7 +67,6 @@ enum nss_status _nss_gns_gethostbyname2_r( | |||
95 | enum nss_status status = NSS_STATUS_UNAVAIL; | 67 | enum nss_status status = NSS_STATUS_UNAVAIL; |
96 | int i; | 68 | int i; |
97 | size_t address_length, l, idx, astart; | 69 | size_t address_length, l, idx, astart; |
98 | int name_allowed; | ||
99 | 70 | ||
100 | if (af == AF_UNSPEC) | 71 | if (af == AF_UNSPEC) |
101 | #ifdef NSS_IPV6_ONLY | 72 | #ifdef NSS_IPV6_ONLY |
@@ -133,28 +104,25 @@ enum nss_status _nss_gns_gethostbyname2_r( | |||
133 | u.count = 0; | 104 | u.count = 0; |
134 | u.data_len = 0; | 105 | u.data_len = 0; |
135 | 106 | ||
136 | name_allowed = verify_name_allowed(name); | 107 | i = gns_resolve_name(af, name, &u); |
137 | 108 | if (-3 == i) | |
138 | if (name_allowed) { | 109 | { |
139 | 110 | status = NSS_STATUS_NOTFOUND; | |
140 | if (!gns_resolve_name(af, name, &u) == 0) | 111 | goto finish; |
141 | { | 112 | } |
142 | status = NSS_STATUS_NOTFOUND; | 113 | if (-2 == i) |
143 | goto finish; | 114 | { |
144 | } | 115 | status = NSS_STATUS_UNAVAIL; |
145 | } | 116 | goto finish; |
146 | else | 117 | } |
147 | { | 118 | if ( (-1 == i) || |
148 | status = NSS_STATUS_UNAVAIL; | 119 | (u.count == 0) ) |
149 | goto finish; | 120 | { |
150 | } | ||
151 | |||
152 | if (u.count == 0) { | ||
153 | *errnop = ETIMEDOUT; | 121 | *errnop = ETIMEDOUT; |
154 | *h_errnop = HOST_NOT_FOUND; | 122 | *h_errnop = HOST_NOT_FOUND; |
155 | status = NSS_STATUS_NOTFOUND; | 123 | status = NSS_STATUS_NOTFOUND; |
156 | goto finish; | 124 | goto finish; |
157 | } | 125 | } |
158 | 126 | ||
159 | 127 | ||
160 | /* Alias names */ | 128 | /* Alias names */ |
@@ -212,7 +180,8 @@ finish: | |||
212 | * @param h_errnop idk | 180 | * @param h_errnop idk |
213 | * @return a nss_status code | 181 | * @return a nss_status code |
214 | */ | 182 | */ |
215 | enum nss_status _nss_gns_gethostbyname_r ( | 183 | enum nss_status |
184 | _nss_gns_gethostbyname_r ( | ||
216 | const char *name, | 185 | const char *name, |
217 | struct hostent *result, | 186 | struct hostent *result, |
218 | char *buffer, | 187 | char *buffer, |
@@ -244,7 +213,8 @@ enum nss_status _nss_gns_gethostbyname_r ( | |||
244 | * @param h_errnop idk | 213 | * @param h_errnop idk |
245 | * @return NSS_STATUS_UNAVAIL | 214 | * @return NSS_STATUS_UNAVAIL |
246 | */ | 215 | */ |
247 | enum nss_status _nss_gns_gethostbyaddr_r( | 216 | enum nss_status |
217 | _nss_gns_gethostbyaddr_r( | ||
248 | const void* addr, | 218 | const void* addr, |
249 | int len, | 219 | int len, |
250 | int af, | 220 | int af, |
@@ -253,10 +223,9 @@ enum nss_status _nss_gns_gethostbyaddr_r( | |||
253 | size_t buflen, | 223 | size_t buflen, |
254 | int *errnop, | 224 | int *errnop, |
255 | int *h_errnop) { | 225 | int *h_errnop) { |
256 | 226 | ||
257 | *errnop = EINVAL; | 227 | *errnop = EINVAL; |
258 | *h_errnop = NO_RECOVERY; | 228 | *h_errnop = NO_RECOVERY; |
259 | //NOTE we allow to leak this into DNS so no NOTFOUND | 229 | //NOTE we allow to leak this into DNS so no NOTFOUND |
260 | return NSS_STATUS_UNAVAIL; | 230 | return NSS_STATUS_UNAVAIL; |
261 | } | 231 | } |
262 | |||
diff --git a/src/gns/nss/nss_gns_query.c b/src/gns/nss/nss_gns_query.c index 273eaa619..4700100b5 100644 --- a/src/gns/nss/nss_gns_query.c +++ b/src/gns/nss/nss_gns_query.c | |||
@@ -44,6 +44,7 @@ gns_resolve_name (int af, | |||
44 | FILE *p; | 44 | FILE *p; |
45 | char *cmd; | 45 | char *cmd; |
46 | char line[128]; | 46 | char line[128]; |
47 | int ret; | ||
47 | 48 | ||
48 | if (AF_INET6 == af) | 49 | if (AF_INET6 == af) |
49 | { | 50 | { |
@@ -101,8 +102,12 @@ gns_resolve_name (int af, | |||
101 | } | 102 | } |
102 | } | 103 | } |
103 | } | 104 | } |
104 | pclose (p); | 105 | ret = pclose (p); |
105 | free (cmd); | 106 | free (cmd); |
107 | if (4 == ret) | ||
108 | return -2; /* not for GNS */ | ||
109 | if (3 == ret) | ||
110 | return -3; /* timeout */ | ||
106 | return 0; | 111 | return 0; |
107 | } | 112 | } |
108 | /* end of nss_gns_query.c */ | 113 | /* end of nss_gns_query.c */ |