1 /* Copyright (C) 1998-2022 Free Software Foundation, Inc.
2 This file is part of the GNU C Library.
3
4 The GNU C Library is free software; you can redistribute it and/or
5 modify it under the terms of the GNU Lesser General Public
6 License as published by the Free Software Foundation; either
7 version 2.1 of the License, or (at your option) any later version.
8
9 The GNU C Library is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 Lesser General Public License for more details.
13
14 You should have received a copy of the GNU Lesser General Public
15 License along with the GNU C Library; if not, see
16 <https://www.gnu.org/licenses/>. */
17
18 #include <errno.h>
19 #include <resolv/resolv-internal.h>
20 #include <stdio.h>
21 #include <string.h>
22 #include <stdint.h>
23 #include <arpa/nameser.h>
24 #include <not-cancel.h>
25
26 #include "nscd-client.h"
27 #include "nscd_proto.h"
28
29 int __nss_not_use_nscd_hosts;
30
31 static int nscd_gethst_r (const char *key, size_t keylen, request_type type,
32 struct hostent *resultbuf, char *buffer,
33 size_t buflen, struct hostent **result,
34 int *h_errnop);
35
36
37 int
__nscd_gethostbyname_r(const char * name,struct hostent * resultbuf,char * buffer,size_t buflen,struct hostent ** result,int * h_errnop)38 __nscd_gethostbyname_r (const char *name, struct hostent *resultbuf,
39 char *buffer, size_t buflen, struct hostent **result,
40 int *h_errnop)
41 {
42 return nscd_gethst_r (name, strlen (name) + 1, GETHOSTBYNAME, resultbuf,
43 buffer, buflen, result, h_errnop);
44 }
45
46
47 int
__nscd_gethostbyname2_r(const char * name,int af,struct hostent * resultbuf,char * buffer,size_t buflen,struct hostent ** result,int * h_errnop)48 __nscd_gethostbyname2_r (const char *name, int af, struct hostent *resultbuf,
49 char *buffer, size_t buflen, struct hostent **result,
50 int *h_errnop)
51 {
52 request_type reqtype;
53
54 reqtype = af == AF_INET6 ? GETHOSTBYNAMEv6 : GETHOSTBYNAME;
55
56 return nscd_gethst_r (name, strlen (name) + 1, reqtype, resultbuf,
57 buffer, buflen, result, h_errnop);
58 }
59
60
61 int
__nscd_gethostbyaddr_r(const void * addr,socklen_t len,int type,struct hostent * resultbuf,char * buffer,size_t buflen,struct hostent ** result,int * h_errnop)62 __nscd_gethostbyaddr_r (const void *addr, socklen_t len, int type,
63 struct hostent *resultbuf, char *buffer, size_t buflen,
64 struct hostent **result, int *h_errnop)
65 {
66 request_type reqtype;
67
68 if (!((len == INADDRSZ && type == AF_INET)
69 || (len == IN6ADDRSZ && type == AF_INET6)))
70 /* LEN and TYPE do not match. */
71 return -1;
72
73 reqtype = type == AF_INET6 ? GETHOSTBYADDRv6 : GETHOSTBYADDR;
74
75 return nscd_gethst_r (addr, len, reqtype, resultbuf, buffer, buflen, result,
76 h_errnop);
77 }
78
79
80 libc_locked_map_ptr (, __hst_map_handle) attribute_hidden;
81 /* Note that we only free the structure if necessary. The memory
82 mapping is not removed since it is not visible to the malloc
83 handling. */
libc_freeres_fn(hst_map_free)84 libc_freeres_fn (hst_map_free)
85 {
86 if (__hst_map_handle.mapped != NO_MAPPING)
87 {
88 void *p = __hst_map_handle.mapped;
89 __hst_map_handle.mapped = NO_MAPPING;
90 free (p);
91 }
92 }
93
94
95 uint32_t
__nscd_get_nl_timestamp(void)96 __nscd_get_nl_timestamp (void)
97 {
98 uint32_t retval;
99 if (__nss_not_use_nscd_hosts != 0)
100 return 0;
101
102 /* __nscd_get_mapping can change hst_map_handle.mapped to NO_MAPPING.
103 However, __nscd_get_mapping assumes the prior value was not NO_MAPPING.
104 Thus we have to acquire the lock to prevent this thread from changing
105 hst_map_handle.mapped to NO_MAPPING while another thread is inside
106 __nscd_get_mapping. */
107 if (!__nscd_acquire_maplock (&__hst_map_handle))
108 return 0;
109
110 struct mapped_database *map = __hst_map_handle.mapped;
111
112 if (map == NULL
113 || (map != NO_MAPPING
114 && map->head->nscd_certainly_running == 0
115 && map->head->timestamp + MAPPING_TIMEOUT < time_now ()))
116 map = __nscd_get_mapping (GETFDHST, "hosts", &__hst_map_handle.mapped);
117
118 if (map == NO_MAPPING)
119 retval = 0;
120 else
121 retval = map->head->extra_data[NSCD_HST_IDX_CONF_TIMESTAMP];
122
123 /* Release the lock. */
124 __hst_map_handle.lock = 0;
125
126 return retval;
127 }
128
129
130 int __nss_have_localdomain attribute_hidden;
131
132 static int
nscd_gethst_r(const char * key,size_t keylen,request_type type,struct hostent * resultbuf,char * buffer,size_t buflen,struct hostent ** result,int * h_errnop)133 nscd_gethst_r (const char *key, size_t keylen, request_type type,
134 struct hostent *resultbuf, char *buffer, size_t buflen,
135 struct hostent **result, int *h_errnop)
136 {
137 if (__glibc_unlikely (__nss_have_localdomain >= 0))
138 {
139 if (__nss_have_localdomain == 0)
140 __nss_have_localdomain = getenv ("LOCALDOMAIN") != NULL ? 1 : -1;
141 if (__nss_have_localdomain > 0)
142 {
143 __nss_not_use_nscd_hosts = 1;
144 return -1;
145 }
146 }
147
148 int gc_cycle;
149 int nretries = 0;
150
151 /* If the mapping is available, try to search there instead of
152 communicating with the nscd. */
153 struct mapped_database *mapped;
154 mapped = __nscd_get_map_ref (GETFDHST, "hosts", &__hst_map_handle,
155 &gc_cycle);
156
157 retry:;
158 const char *h_name = NULL;
159 const uint32_t *aliases_len = NULL;
160 const char *addr_list = NULL;
161 size_t addr_list_len = 0;
162 int retval = -1;
163 const char *recend = (const char *) ~UINTMAX_C (0);
164 int sock = -1;
165 hst_response_header hst_resp;
166 if (mapped != NO_MAPPING)
167 {
168 /* No const qualifier, as it can change during garbage collection. */
169 struct datahead *found = __nscd_cache_search (type, key, keylen, mapped,
170 sizeof hst_resp);
171 if (found != NULL)
172 {
173 h_name = (char *) (&found->data[0].hstdata + 1);
174 hst_resp = found->data[0].hstdata;
175 aliases_len = (uint32_t *) (h_name + hst_resp.h_name_len);
176 addr_list = ((char *) aliases_len
177 + hst_resp.h_aliases_cnt * sizeof (uint32_t));
178 addr_list_len = hst_resp.h_addr_list_cnt * INADDRSZ;
179 recend = (const char *) found->data + found->recsize;
180 /* Now check if we can trust hst_resp fields. If GC is
181 in progress, it can contain anything. */
182 if (mapped->head->gc_cycle != gc_cycle)
183 {
184 retval = -2;
185 goto out;
186 }
187
188 #if !_STRING_ARCH_unaligned
189 /* The aliases_len array in the mapped database might very
190 well be unaligned. We will access it word-wise so on
191 platforms which do not tolerate unaligned accesses we
192 need to make an aligned copy. */
193 if (((uintptr_t) aliases_len & (__alignof__ (*aliases_len) - 1))
194 != 0)
195 {
196 uint32_t *tmp = alloca (hst_resp.h_aliases_cnt
197 * sizeof (uint32_t));
198 aliases_len = memcpy (tmp, aliases_len,
199 hst_resp.h_aliases_cnt
200 * sizeof (uint32_t));
201 }
202 #endif
203 if (type != GETHOSTBYADDR && type != GETHOSTBYNAME)
204 {
205 if (hst_resp.h_length == INADDRSZ)
206 addr_list += addr_list_len;
207 addr_list_len = hst_resp.h_addr_list_cnt * IN6ADDRSZ;
208 }
209 if (__builtin_expect ((const char *) addr_list + addr_list_len
210 > recend, 0))
211 goto out;
212 }
213 }
214
215 if (h_name == NULL)
216 {
217 sock = __nscd_open_socket (key, keylen, type, &hst_resp,
218 sizeof (hst_resp));
219 if (sock == -1)
220 {
221 __nss_not_use_nscd_hosts = 1;
222 goto out;
223 }
224 }
225
226 /* No value found so far. */
227 *result = NULL;
228
229 if (__glibc_unlikely (hst_resp.found == -1))
230 {
231 /* The daemon does not cache this database. */
232 __nss_not_use_nscd_hosts = 1;
233 goto out_close;
234 }
235
236 if (hst_resp.found == 1)
237 {
238 char *cp = buffer;
239 uintptr_t align1;
240 uintptr_t align2;
241 size_t total_len;
242 ssize_t cnt;
243 char *ignore;
244 int n;
245
246 /* A first check whether the buffer is sufficiently large is possible. */
247 /* Now allocate the buffer the array for the group members. We must
248 align the pointer and the base of the h_addr_list pointers. */
249 align1 = ((__alignof__ (char *) - (cp - ((char *) 0)))
250 & (__alignof__ (char *) - 1));
251 align2 = ((__alignof__ (char *) - ((cp + align1 + hst_resp.h_name_len)
252 - ((char *) 0)))
253 & (__alignof__ (char *) - 1));
254 if (buflen < (align1 + hst_resp.h_name_len + align2
255 + ((hst_resp.h_aliases_cnt + hst_resp.h_addr_list_cnt
256 + 2)
257 * sizeof (char *))
258 + hst_resp.h_addr_list_cnt * (type == AF_INET
259 ? INADDRSZ : IN6ADDRSZ)))
260 {
261 no_room:
262 *h_errnop = NETDB_INTERNAL;
263 __set_errno (ERANGE);
264 retval = ERANGE;
265 goto out_close;
266 }
267 cp += align1;
268
269 /* Prepare the result as far as we can. */
270 resultbuf->h_aliases = (char **) cp;
271 cp += (hst_resp.h_aliases_cnt + 1) * sizeof (char *);
272 resultbuf->h_addr_list = (char **) cp;
273 cp += (hst_resp.h_addr_list_cnt + 1) * sizeof (char *);
274
275 resultbuf->h_name = cp;
276 cp += hst_resp.h_name_len + align2;
277
278 if (type == GETHOSTBYADDR || type == GETHOSTBYNAME)
279 {
280 resultbuf->h_addrtype = AF_INET;
281 resultbuf->h_length = INADDRSZ;
282 }
283 else
284 {
285 resultbuf->h_addrtype = AF_INET6;
286 resultbuf->h_length = IN6ADDRSZ;
287 }
288 for (cnt = 0; cnt < hst_resp.h_addr_list_cnt; ++cnt)
289 {
290 resultbuf->h_addr_list[cnt] = cp;
291 cp += resultbuf->h_length;
292 }
293 resultbuf->h_addr_list[cnt] = NULL;
294
295 if (h_name == NULL)
296 {
297 struct iovec vec[4];
298
299 vec[0].iov_base = resultbuf->h_name;
300 vec[0].iov_len = hst_resp.h_name_len;
301 total_len = hst_resp.h_name_len;
302 n = 1;
303
304 if (hst_resp.h_aliases_cnt > 0)
305 {
306 aliases_len = alloca (hst_resp.h_aliases_cnt
307 * sizeof (uint32_t));
308 vec[n].iov_base = (void *) aliases_len;
309 vec[n].iov_len = hst_resp.h_aliases_cnt * sizeof (uint32_t);
310
311 total_len += hst_resp.h_aliases_cnt * sizeof (uint32_t);
312 ++n;
313 }
314
315 if (type == GETHOSTBYADDR || type == GETHOSTBYNAME)
316 {
317 vec[n].iov_base = resultbuf->h_addr_list[0];
318 vec[n].iov_len = hst_resp.h_addr_list_cnt * INADDRSZ;
319
320 total_len += hst_resp.h_addr_list_cnt * INADDRSZ;
321
322 ++n;
323 }
324 else
325 {
326 if (hst_resp.h_length == INADDRSZ)
327 {
328 ignore = alloca (hst_resp.h_addr_list_cnt * INADDRSZ);
329 vec[n].iov_base = ignore;
330 vec[n].iov_len = hst_resp.h_addr_list_cnt * INADDRSZ;
331
332 total_len += hst_resp.h_addr_list_cnt * INADDRSZ;
333
334 ++n;
335 }
336
337 vec[n].iov_base = resultbuf->h_addr_list[0];
338 vec[n].iov_len = hst_resp.h_addr_list_cnt * IN6ADDRSZ;
339
340 total_len += hst_resp.h_addr_list_cnt * IN6ADDRSZ;
341
342 ++n;
343 }
344
345 if ((size_t) __readvall (sock, vec, n) != total_len)
346 goto out_close;
347 }
348 else
349 {
350 memcpy (resultbuf->h_name, h_name, hst_resp.h_name_len);
351 memcpy (resultbuf->h_addr_list[0], addr_list, addr_list_len);
352 }
353
354 /* Now we also can read the aliases. */
355 total_len = 0;
356 for (cnt = 0; cnt < hst_resp.h_aliases_cnt; ++cnt)
357 {
358 resultbuf->h_aliases[cnt] = cp;
359 cp += aliases_len[cnt];
360 total_len += aliases_len[cnt];
361 }
362 resultbuf->h_aliases[cnt] = NULL;
363
364 if (__builtin_expect ((const char *) addr_list + addr_list_len
365 + total_len > recend, 0))
366 {
367 /* aliases_len array might contain garbage during nscd GC cycle,
368 retry rather than fail in that case. */
369 if (addr_list != NULL && mapped->head->gc_cycle != gc_cycle)
370 retval = -2;
371 goto out_close;
372 }
373 /* See whether this would exceed the buffer capacity. */
374 if (__glibc_unlikely (cp > buffer + buflen))
375 {
376 /* aliases_len array might contain garbage during nscd GC cycle,
377 retry rather than fail in that case. */
378 if (addr_list != NULL && mapped->head->gc_cycle != gc_cycle)
379 {
380 retval = -2;
381 goto out_close;
382 }
383 goto no_room;
384 }
385
386 /* And finally read the aliases. */
387 if (addr_list == NULL)
388 {
389 if (total_len == 0
390 || ((size_t) __readall (sock, resultbuf->h_aliases[0], total_len)
391 == total_len))
392 {
393 retval = 0;
394 *result = resultbuf;
395 }
396 }
397 else
398 {
399 memcpy (resultbuf->h_aliases[0],
400 (const char *) addr_list + addr_list_len, total_len);
401
402 /* Try to detect corrupt databases. */
403 if (resultbuf->h_name[hst_resp.h_name_len - 1] != '\0'
404 || ({for (cnt = 0; cnt < hst_resp.h_aliases_cnt; ++cnt)
405 if (resultbuf->h_aliases[cnt][aliases_len[cnt] - 1]
406 != '\0')
407 break;
408 cnt < hst_resp.h_aliases_cnt; }))
409 {
410 /* We cannot use the database. */
411 if (mapped->head->gc_cycle != gc_cycle)
412 retval = -2;
413 goto out_close;
414 }
415
416 retval = 0;
417 *result = resultbuf;
418 }
419 }
420 else
421 {
422 /* Store the error number. */
423 *h_errnop = hst_resp.error;
424
425 /* Set errno to 0 to indicate no error, just no found record. */
426 __set_errno (0);
427 /* Even though we have not found anything, the result is zero. */
428 retval = 0;
429 }
430
431 out_close:
432 if (sock != -1)
433 __close_nocancel_nostatus (sock);
434 out:
435 if (__nscd_drop_map_ref (mapped, &gc_cycle) != 0)
436 {
437 /* When we come here this means there has been a GC cycle while we
438 were looking for the data. This means the data might have been
439 inconsistent. Retry if possible. */
440 if ((gc_cycle & 1) != 0 || ++nretries == 5 || retval == -1)
441 {
442 /* nscd is just running gc now. Disable using the mapping. */
443 if (atomic_decrement_val (&mapped->counter) == 0)
444 __nscd_unmap (mapped);
445 mapped = NO_MAPPING;
446 }
447
448 if (retval != -1)
449 goto retry;
450 }
451
452 return retval;
453 }
454