1 /* Copyright (C) 1998-2023 Free Software Foundation, Inc.
2 This file is part of the GNU C Library.
3
4 The GNU C Library is free software; you can redistribute it and/or
5 modify it under the terms of the GNU Lesser General Public
6 License as published by the Free Software Foundation; either
7 version 2.1 of the License, or (at your option) any later version.
8
9 The GNU C Library is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 Lesser General Public License for more details.
13
14 You should have received a copy of the GNU Lesser General Public
15 License along with the GNU C Library; if not, see
16 <https://www.gnu.org/licenses/>. */
17
18 #include <errno.h>
19 #include <resolv/resolv-internal.h>
20 #include <stdio.h>
21 #include <string.h>
22 #include <stdint.h>
23 #include <arpa/nameser.h>
24 #include <not-cancel.h>
25
26 #include "nscd-client.h"
27 #include "nscd_proto.h"
28
29 int __nss_not_use_nscd_hosts;
30
31 static int nscd_gethst_r (const char *key, size_t keylen, request_type type,
32 struct hostent *resultbuf, char *buffer,
33 size_t buflen, struct hostent **result,
34 int *h_errnop);
35
36
37 int
38 __nscd_gethostbyname_r (const char *name, struct hostent *resultbuf,
39 char *buffer, size_t buflen, struct hostent **result,
40 int *h_errnop)
41 {
42 return nscd_gethst_r (name, strlen (name) + 1, GETHOSTBYNAME, resultbuf,
43 buffer, buflen, result, h_errnop);
44 }
45
46
47 int
48 __nscd_gethostbyname2_r (const char *name, int af, struct hostent *resultbuf,
49 char *buffer, size_t buflen, struct hostent **result,
50 int *h_errnop)
51 {
52 request_type reqtype;
53
54 reqtype = af == AF_INET6 ? GETHOSTBYNAMEv6 : GETHOSTBYNAME;
55
56 return nscd_gethst_r (name, strlen (name) + 1, reqtype, resultbuf,
57 buffer, buflen, result, h_errnop);
58 }
59
60
61 int
62 __nscd_gethostbyaddr_r (const void *addr, socklen_t len, int type,
63 struct hostent *resultbuf, char *buffer, size_t buflen,
64 struct hostent **result, int *h_errnop)
65 {
66 request_type reqtype;
67
68 if (!((len == INADDRSZ && type == AF_INET)
69 || (len == IN6ADDRSZ && type == AF_INET6)))
70 /* LEN and TYPE do not match. */
71 return -1;
72
73 reqtype = type == AF_INET6 ? GETHOSTBYADDRv6 : GETHOSTBYADDR;
74
75 return nscd_gethst_r (addr, len, reqtype, resultbuf, buffer, buflen, result,
76 h_errnop);
77 }
78
79
80 libc_locked_map_ptr (, __hst_map_handle) attribute_hidden;
81 /* Note that we only free the structure if necessary. The memory
82 mapping is not removed since it is not visible to the malloc
83 handling. */
84 void
85 __nscd_hst_map_freemem (void)
86 {
87 if (__hst_map_handle.mapped != NO_MAPPING)
88 {
89 void *p = __hst_map_handle.mapped;
90 __hst_map_handle.mapped = NO_MAPPING;
91 free (p);
92 }
93 }
94
95
96 uint32_t
97 __nscd_get_nl_timestamp (void)
98 {
99 uint32_t retval;
100 if (__nss_not_use_nscd_hosts != 0)
101 return 0;
102
103 /* __nscd_get_mapping can change hst_map_handle.mapped to NO_MAPPING.
104 However, __nscd_get_mapping assumes the prior value was not NO_MAPPING.
105 Thus we have to acquire the lock to prevent this thread from changing
106 hst_map_handle.mapped to NO_MAPPING while another thread is inside
107 __nscd_get_mapping. */
108 if (!__nscd_acquire_maplock (&__hst_map_handle))
109 return 0;
110
111 struct mapped_database *map = __hst_map_handle.mapped;
112
113 if (map == NULL
114 || (map != NO_MAPPING
115 && map->head->nscd_certainly_running == 0
116 && map->head->timestamp + MAPPING_TIMEOUT < time64_now ()))
117 map = __nscd_get_mapping (GETFDHST, "hosts", &__hst_map_handle.mapped);
118
119 if (map == NO_MAPPING)
120 retval = 0;
121 else
122 retval = map->head->extra_data[NSCD_HST_IDX_CONF_TIMESTAMP];
123
124 /* Release the lock. */
125 __hst_map_handle.lock = 0;
126
127 return retval;
128 }
129
130
131 int __nss_have_localdomain attribute_hidden;
132
133 static int
134 nscd_gethst_r (const char *key, size_t keylen, request_type type,
135 struct hostent *resultbuf, char *buffer, size_t buflen,
136 struct hostent **result, int *h_errnop)
137 {
138 if (__glibc_unlikely (__nss_have_localdomain >= 0))
139 {
140 if (__nss_have_localdomain == 0)
141 __nss_have_localdomain = getenv ("LOCALDOMAIN") != NULL ? 1 : -1;
142 if (__nss_have_localdomain > 0)
143 {
144 __nss_not_use_nscd_hosts = 1;
145 return -1;
146 }
147 }
148
149 int gc_cycle;
150 int nretries = 0;
151
152 /* If the mapping is available, try to search there instead of
153 communicating with the nscd. */
154 struct mapped_database *mapped;
155 mapped = __nscd_get_map_ref (GETFDHST, "hosts", &__hst_map_handle,
156 &gc_cycle);
157
158 retry:;
159 const char *h_name = NULL;
160 const uint32_t *aliases_len = NULL;
161 const char *addr_list = NULL;
162 size_t addr_list_len = 0;
163 int retval = -1;
164 const char *recend = (const char *) ~UINTMAX_C (0);
165 int sock = -1;
166 hst_response_header hst_resp;
167 if (mapped != NO_MAPPING)
168 {
169 /* No const qualifier, as it can change during garbage collection. */
170 struct datahead *found = __nscd_cache_search (type, key, keylen, mapped,
171 sizeof hst_resp);
172 if (found != NULL)
173 {
174 h_name = (char *) (&found->data[0].hstdata + 1);
175 hst_resp = found->data[0].hstdata;
176 aliases_len = (uint32_t *) (h_name + hst_resp.h_name_len);
177 addr_list = ((char *) aliases_len
178 + hst_resp.h_aliases_cnt * sizeof (uint32_t));
179 addr_list_len = hst_resp.h_addr_list_cnt * INADDRSZ;
180 recend = (const char *) found->data + found->recsize;
181 /* Now check if we can trust hst_resp fields. If GC is
182 in progress, it can contain anything. */
183 if (mapped->head->gc_cycle != gc_cycle)
184 {
185 retval = -2;
186 goto out;
187 }
188
189 /* The aliases_len array in the mapped database might very
190 well be unaligned. We will access it word-wise so on
191 platforms which do not tolerate unaligned accesses we
192 need to make an aligned copy. */
193 if (((uintptr_t) aliases_len & (__alignof__ (*aliases_len) - 1))
194 != 0)
195 {
196 uint32_t *tmp = alloca (hst_resp.h_aliases_cnt
197 * sizeof (uint32_t));
198 aliases_len = memcpy (tmp, aliases_len,
199 hst_resp.h_aliases_cnt
200 * sizeof (uint32_t));
201 }
202 if (type != GETHOSTBYADDR && type != GETHOSTBYNAME)
203 {
204 if (hst_resp.h_length == INADDRSZ)
205 addr_list += addr_list_len;
206 addr_list_len = hst_resp.h_addr_list_cnt * IN6ADDRSZ;
207 }
208 if (__builtin_expect ((const char *) addr_list + addr_list_len
209 > recend, 0))
210 goto out;
211 }
212 }
213
214 if (h_name == NULL)
215 {
216 sock = __nscd_open_socket (key, keylen, type, &hst_resp,
217 sizeof (hst_resp));
218 if (sock == -1)
219 {
220 __nss_not_use_nscd_hosts = 1;
221 goto out;
222 }
223 }
224
225 /* No value found so far. */
226 *result = NULL;
227
228 if (__glibc_unlikely (hst_resp.found == -1))
229 {
230 /* The daemon does not cache this database. */
231 __nss_not_use_nscd_hosts = 1;
232 goto out_close;
233 }
234
235 if (hst_resp.found == 1)
236 {
237 char *cp = buffer;
238 uintptr_t align1;
239 uintptr_t align2;
240 size_t total_len;
241 ssize_t cnt;
242 char *ignore;
243 int n;
244
245 /* A first check whether the buffer is sufficiently large is possible. */
246 /* Now allocate the buffer the array for the group members. We must
247 align the pointer and the base of the h_addr_list pointers. */
248 align1 = ((__alignof__ (char *) - ((uintptr_t) cp))
249 & (__alignof__ (char *) - 1));
250 align2 = ((__alignof__ (char *) - ((uintptr_t) (cp + align1 + hst_resp.h_name_len)))
251 & (__alignof__ (char *) - 1));
252 if (buflen < (align1 + hst_resp.h_name_len + align2
253 + ((hst_resp.h_aliases_cnt + hst_resp.h_addr_list_cnt
254 + 2)
255 * sizeof (char *))
256 + hst_resp.h_addr_list_cnt * (type == AF_INET
257 ? INADDRSZ : IN6ADDRSZ)))
258 {
259 no_room:
260 *h_errnop = NETDB_INTERNAL;
261 __set_errno (ERANGE);
262 retval = ERANGE;
263 goto out_close;
264 }
265 cp += align1;
266
267 /* Prepare the result as far as we can. */
268 resultbuf->h_aliases = (char **) cp;
269 cp += (hst_resp.h_aliases_cnt + 1) * sizeof (char *);
270 resultbuf->h_addr_list = (char **) cp;
271 cp += (hst_resp.h_addr_list_cnt + 1) * sizeof (char *);
272
273 resultbuf->h_name = cp;
274 cp += hst_resp.h_name_len + align2;
275
276 if (type == GETHOSTBYADDR || type == GETHOSTBYNAME)
277 {
278 resultbuf->h_addrtype = AF_INET;
279 resultbuf->h_length = INADDRSZ;
280 }
281 else
282 {
283 resultbuf->h_addrtype = AF_INET6;
284 resultbuf->h_length = IN6ADDRSZ;
285 }
286 for (cnt = 0; cnt < hst_resp.h_addr_list_cnt; ++cnt)
287 {
288 resultbuf->h_addr_list[cnt] = cp;
289 cp += resultbuf->h_length;
290 }
291 resultbuf->h_addr_list[cnt] = NULL;
292
293 if (h_name == NULL)
294 {
295 struct iovec vec[4];
296
297 vec[0].iov_base = resultbuf->h_name;
298 vec[0].iov_len = hst_resp.h_name_len;
299 total_len = hst_resp.h_name_len;
300 n = 1;
301
302 if (hst_resp.h_aliases_cnt > 0)
303 {
304 aliases_len = alloca (hst_resp.h_aliases_cnt
305 * sizeof (uint32_t));
306 vec[n].iov_base = (void *) aliases_len;
307 vec[n].iov_len = hst_resp.h_aliases_cnt * sizeof (uint32_t);
308
309 total_len += hst_resp.h_aliases_cnt * sizeof (uint32_t);
310 ++n;
311 }
312
313 if (type == GETHOSTBYADDR || type == GETHOSTBYNAME)
314 {
315 vec[n].iov_base = resultbuf->h_addr_list[0];
316 vec[n].iov_len = hst_resp.h_addr_list_cnt * INADDRSZ;
317
318 total_len += hst_resp.h_addr_list_cnt * INADDRSZ;
319
320 ++n;
321 }
322 else
323 {
324 if (hst_resp.h_length == INADDRSZ)
325 {
326 ignore = alloca (hst_resp.h_addr_list_cnt * INADDRSZ);
327 vec[n].iov_base = ignore;
328 vec[n].iov_len = hst_resp.h_addr_list_cnt * INADDRSZ;
329
330 total_len += hst_resp.h_addr_list_cnt * INADDRSZ;
331
332 ++n;
333 }
334
335 vec[n].iov_base = resultbuf->h_addr_list[0];
336 vec[n].iov_len = hst_resp.h_addr_list_cnt * IN6ADDRSZ;
337
338 total_len += hst_resp.h_addr_list_cnt * IN6ADDRSZ;
339
340 ++n;
341 }
342
343 if ((size_t) __readvall (sock, vec, n) != total_len)
344 goto out_close;
345 }
346 else
347 {
348 memcpy (resultbuf->h_name, h_name, hst_resp.h_name_len);
349 memcpy (resultbuf->h_addr_list[0], addr_list, addr_list_len);
350 }
351
352 /* Now we also can read the aliases. */
353 total_len = 0;
354 for (cnt = 0; cnt < hst_resp.h_aliases_cnt; ++cnt)
355 {
356 resultbuf->h_aliases[cnt] = cp;
357 cp += aliases_len[cnt];
358 total_len += aliases_len[cnt];
359 }
360 resultbuf->h_aliases[cnt] = NULL;
361
362 if (__builtin_expect ((const char *) addr_list + addr_list_len
363 + total_len > recend, 0))
364 {
365 /* aliases_len array might contain garbage during nscd GC cycle,
366 retry rather than fail in that case. */
367 if (addr_list != NULL && mapped->head->gc_cycle != gc_cycle)
368 retval = -2;
369 goto out_close;
370 }
371 /* See whether this would exceed the buffer capacity. */
372 if (__glibc_unlikely (cp > buffer + buflen))
373 {
374 /* aliases_len array might contain garbage during nscd GC cycle,
375 retry rather than fail in that case. */
376 if (addr_list != NULL && mapped->head->gc_cycle != gc_cycle)
377 {
378 retval = -2;
379 goto out_close;
380 }
381 goto no_room;
382 }
383
384 /* And finally read the aliases. */
385 if (addr_list == NULL)
386 {
387 if (total_len == 0
388 || ((size_t) __readall (sock, resultbuf->h_aliases[0], total_len)
389 == total_len))
390 {
391 retval = 0;
392 *result = resultbuf;
393 }
394 }
395 else
396 {
397 memcpy (resultbuf->h_aliases[0],
398 (const char *) addr_list + addr_list_len, total_len);
399
400 /* Try to detect corrupt databases. */
401 if (resultbuf->h_name[hst_resp.h_name_len - 1] != '\0'
402 || ({for (cnt = 0; cnt < hst_resp.h_aliases_cnt; ++cnt)
403 if (resultbuf->h_aliases[cnt][aliases_len[cnt] - 1]
404 != '\0')
405 break;
406 cnt < hst_resp.h_aliases_cnt; }))
407 {
408 /* We cannot use the database. */
409 if (mapped->head->gc_cycle != gc_cycle)
410 retval = -2;
411 goto out_close;
412 }
413
414 retval = 0;
415 *result = resultbuf;
416 }
417 }
418 else
419 {
420 /* Store the error number. */
421 *h_errnop = hst_resp.error;
422
423 /* Set errno to 0 to indicate no error, just no found record. */
424 __set_errno (0);
425 /* Even though we have not found anything, the result is zero. */
426 retval = 0;
427 }
428
429 out_close:
430 if (sock != -1)
431 __close_nocancel_nostatus (sock);
432 out:
433 if (__nscd_drop_map_ref (mapped, &gc_cycle) != 0)
434 {
435 /* When we come here this means there has been a GC cycle while we
436 were looking for the data. This means the data might have been
437 inconsistent. Retry if possible. */
438 if ((gc_cycle & 1) != 0 || ++nretries == 5 || retval == -1)
439 {
440 /* nscd is just running gc now. Disable using the mapping. */
441 if (atomic_fetch_add_relaxed (&mapped->counter, -1) == 1)
442 __nscd_unmap (mapped);
443 mapped = NO_MAPPING;
444 }
445
446 if (retval != -1)
447 goto retry;
448 }
449
450 return retval;
451 }