diff options
| author | manuel <manuel@mausz.at> | 2023-08-10 01:10:02 +0200 |
|---|---|---|
| committer | manuel <manuel@mausz.at> | 2023-08-10 01:10:02 +0200 |
| commit | 29b6e8b053d21f0a1e722e1c3be38371e7efaf10 (patch) | |
| tree | 797c10e213875cc41957d949060150db4a661ad8 /dns.c | |
| parent | c36bd5f683eea9f6de05fcdda6d65505cbe8c316 (diff) | |
| download | qmail-29b6e8b053d21f0a1e722e1c3be38371e7efaf10.tar.gz qmail-29b6e8b053d21f0a1e722e1c3be38371e7efaf10.tar.bz2 qmail-29b6e8b053d21f0a1e722e1c3be38371e7efaf10.zip | |
add support for querying DNSSEC ad (validated) flag
also migrate from deprecated resolver functions
Diffstat (limited to 'dns.c')
| -rw-r--r-- | dns.c | 44 |
1 files changed, 26 insertions, 18 deletions
| @@ -5,8 +5,6 @@ | |||
| 5 | #include <arpa/nameser.h> | 5 | #include <arpa/nameser.h> |
| 6 | #include <resolv.h> | 6 | #include <resolv.h> |
| 7 | #include <errno.h> | 7 | #include <errno.h> |
| 8 | extern int res_query(); | ||
| 9 | extern int res_search(); | ||
| 10 | #include "ip.h" | 8 | #include "ip.h" |
| 11 | #include "ipalloc.h" | 9 | #include "ipalloc.h" |
| 12 | #include "fmt.h" | 10 | #include "fmt.h" |
| @@ -24,7 +22,6 @@ static int responsebuflen = 0; | |||
| 24 | static int responselen; | 22 | static int responselen; |
| 25 | static unsigned char *responseend; | 23 | static unsigned char *responseend; |
| 26 | static unsigned char *responsepos; | 24 | static unsigned char *responsepos; |
| 27 | static u_long saveresoptions; | ||
| 28 | 25 | ||
| 29 | static int numanswers; | 26 | static int numanswers; |
| 30 | static char name[MAXDNAME]; | 27 | static char name[MAXDNAME]; |
| @@ -33,16 +30,21 @@ unsigned short pref; | |||
| 33 | 30 | ||
| 34 | static stralloc glue = {0}; | 31 | static stralloc glue = {0}; |
| 35 | 32 | ||
| 36 | static int (*lookup)() = res_query; | 33 | static struct __res_state dns_res_state; |
| 34 | static unsigned short dns_res_ad_flag = 0; | ||
| 37 | 35 | ||
| 38 | static int resolve(domain,type) | 36 | static int (*lookup)(res_state statep, const char *dname, int class, int type, unsigned char *answer, int anslen) = res_nquery; |
| 39 | stralloc *domain; | 37 | |
| 40 | int type; | 38 | static int resolve(stralloc *domain, int type) |
| 41 | { | 39 | { |
| 42 | int n; | 40 | int n; |
| 43 | int i; | 41 | int i; |
| 44 | 42 | ||
| 45 | errno = 0; | 43 | errno = 0; |
| 44 | |||
| 45 | if ((dns_res_state.options & RES_INIT) == 0 && res_ninit(&dns_res_state) < 0) | ||
| 46 | return DNS_MEM; | ||
| 47 | |||
| 46 | if (!stralloc_copy(&glue,domain)) return DNS_MEM; | 48 | if (!stralloc_copy(&glue,domain)) return DNS_MEM; |
| 47 | if (!stralloc_0(&glue)) return DNS_MEM; | 49 | if (!stralloc_0(&glue)) return DNS_MEM; |
| 48 | if (!responsebuflen) | 50 | if (!responsebuflen) |
| @@ -50,7 +52,8 @@ int type; | |||
| 50 | responsebuflen = PACKETSZ+1; | 52 | responsebuflen = PACKETSZ+1; |
| 51 | else return DNS_MEM; | 53 | else return DNS_MEM; |
| 52 | 54 | ||
| 53 | responselen = lookup(glue.s,C_IN,type,response.buf,responsebuflen); | 55 | dns_res_ad_flag = 0; |
| 56 | responselen = lookup(&dns_res_state, glue.s, C_IN, type, response.buf, responsebuflen); | ||
| 54 | if ((responselen >= responsebuflen) || | 57 | if ((responselen >= responsebuflen) || |
| 55 | (responselen > 0 && (((HEADER *)response.buf)->tc))) | 58 | (responselen > 0 && (((HEADER *)response.buf)->tc))) |
| 56 | { | 59 | { |
| @@ -58,10 +61,10 @@ int type; | |||
| 58 | if (alloc_re(&response.buf, responsebuflen, 65536)) | 61 | if (alloc_re(&response.buf, responsebuflen, 65536)) |
| 59 | responsebuflen = 65536; | 62 | responsebuflen = 65536; |
| 60 | else return DNS_MEM; | 63 | else return DNS_MEM; |
| 61 | saveresoptions = _res.options; | 64 | u_long saveresoptions = dns_res_state.options; |
| 62 | _res.options |= RES_USEVC; | 65 | dns_res_state.options |= RES_USEVC; |
| 63 | responselen = lookup(glue.s,C_IN,type,response.buf,responsebuflen); | 66 | responselen = lookup(&dns_res_state, glue.s, C_IN, type, response.buf, responsebuflen); |
| 64 | _res.options = saveresoptions; | 67 | dns_res_state.options = saveresoptions; |
| 65 | } | 68 | } |
| 66 | if (responselen <= 0) | 69 | if (responselen <= 0) |
| 67 | { | 70 | { |
| @@ -82,9 +85,15 @@ int type; | |||
| 82 | responsepos += QFIXEDSZ; | 85 | responsepos += QFIXEDSZ; |
| 83 | } | 86 | } |
| 84 | numanswers = ntohs(((HEADER *)response.buf)->ancount); | 87 | numanswers = ntohs(((HEADER *)response.buf)->ancount); |
| 88 | dns_res_ad_flag = ((HEADER *)response.buf)->ad; | ||
| 85 | return 0; | 89 | return 0; |
| 86 | } | 90 | } |
| 87 | 91 | ||
| 92 | short dns_last_query_validated() | ||
| 93 | { | ||
| 94 | return dns_res_ad_flag; | ||
| 95 | } | ||
| 96 | |||
| 88 | static int findname(wanttype) | 97 | static int findname(wanttype) |
| 89 | int wanttype; | 98 | int wanttype; |
| 90 | { | 99 | { |
| @@ -194,11 +203,9 @@ int wanttype; | |||
| 194 | return 0; | 203 | return 0; |
| 195 | } | 204 | } |
| 196 | 205 | ||
| 197 | void dns_init(flagsearch) | 206 | void dns_use_search(int use_search) |
| 198 | int flagsearch; | ||
| 199 | { | 207 | { |
| 200 | res_init(); | 208 | lookup = (use_search) ? res_nsearch : res_nquery; |
| 201 | if (flagsearch) lookup = res_search; | ||
| 202 | } | 209 | } |
| 203 | 210 | ||
| 204 | int dns_cname(sa) | 211 | int dns_cname(sa) |
| @@ -308,13 +315,14 @@ int pref; | |||
| 308 | ix.pref = pref; | 315 | ix.pref = pref; |
| 309 | if (r == DNS_SOFT) return DNS_SOFT; | 316 | if (r == DNS_SOFT) return DNS_SOFT; |
| 310 | if (r == 1) { | 317 | if (r == 1) { |
| 311 | #ifdef IX_FQDN | 318 | #ifdef TLS |
| 312 | ix.fqdn = glue.s; | 319 | ix.fqdn = glue.s; |
| 320 | ix.validated = dns_last_query_validated(); | ||
| 313 | #endif | 321 | #endif |
| 314 | if (!ipalloc_append(ia,&ix)) return DNS_MEM; | 322 | if (!ipalloc_append(ia,&ix)) return DNS_MEM; |
| 315 | } | 323 | } |
| 316 | } | 324 | } |
| 317 | #ifdef IX_FQDN | 325 | #ifdef TLS |
| 318 | glue.s = 0; | 326 | glue.s = 0; |
| 319 | #endif | 327 | #endif |
| 320 | return 0; | 328 | return 0; |