Age | Commit message (Collapse) | Author |
|
During buildroot compilation with latest uClibc
I've encoutered linking error due to multiple definition
of some symbols from DNS code.
The error happens because the same file resolv.c
is included inside many other .c files:
res_comp.c:(.text+0x0): multiple definition of `__GI___dn_expand'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x8a0): first defined here
res_comp.c:(.text+0x0): multiple definition of `__dn_expand'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x8a0): first defined here
res_comp.c:(.text+0x34): multiple definition of `__GI___dn_comp'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0xc68): first defined here
res_comp.c:(.text+0x34): multiple definition of `__dn_comp'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0xc68): first defined here
ns_name.c:(.text+0x4c): multiple definition of `__GI___ns_name_ntop'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x4c): first defined here
ns_name.c:(.text+0x4c): multiple definition of `__ns_name_ntop'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x4c): first defined here
ns_name.c:(.text+0x1f8): multiple definition of `__GI___ns_name_pton'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x1f8): first defined here
ns_name.c:(.text+0x1f8): multiple definition of `__ns_name_pton'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x1f8): first defined here
ns_name.c:(.text+0x624): multiple definition of `__hnbad'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x624): first defined here
ns_name.c:(.text+0x718): multiple definition of `__GI___ns_name_unpack'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x718): first defined here
ns_name.c:(.text+0x718): multiple definition of `__ns_name_unpack'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x718): first defined here
ns_name.c:(.text+0x84c): multiple definition of `__GI___ns_name_uncompress'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x84c): first defined here
ns_name.c:(.text+0x84c): multiple definition of `__ns_name_uncompress'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x84c): first defined here
ns_name.c:(.text+0x8a0): multiple definition of `__GI___ns_name_pack'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x8d4): first defined here
ns_name.c:(.text+0x8a0): multiple definition of `__ns_name_pack'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x8d4): first defined here
ns_name.c:(.text+0xbe4): multiple definition of `__GI___ns_name_compress'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0xc18): first defined here
ns_name.c:(.text+0xbe4): multiple definition of `__ns_name_compress'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0xc18): first defined here
ns_name.c:(.text+0xc34): multiple definition of `__GI___ns_name_skip'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0xcdc): first defined here
ns_name.c:(.text+0xc34): multiple definition of `__ns_name_skip'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0xcdc): first defined here
ns_name.c:(.text+0xcd4): multiple definition of `__GI___dn_skipname'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0xd7c): first defined here
ns_name.c:(.text+0xcd4): multiple definition of `__dn_skipname'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0xd7c): first defined here
My previous commit that fixes build error of DNS code is okay,
but there are some 'bottlenecks' in uClibc-ng code, so if
we don't want to completely rewrite resolv.c we need to make some
symbols weak to prevent linking errors.
|
|
- The first observed issue is linking failure:
`
/usr/bin/ld: libc/libc_so.a(encodeq.os): in function `__encode_question':
encodeq.c:(.text+0x16): undefined reference to `__GI___dn_comp'
/usr/bin/ld: libc/libc_so.a(dnslookup.os): in function `__dns_lookup':
dnslookup.c:(.text+0x6fb): undefined reference to `__GI___dn_expand'
/usr/bin/ld: dnslookup.c:(.text+0x7ab): undefined reference to `__hnbad'
collect2: error: ld returned 1 exit status
`
The root cause is that the resolv.c file contains
some functions (dn_comp, dn_expand, __hnbad)
under `#ifdef L_ns_name` and `#ifdef L_ns_comp`
which wasn't defined, so we had undefined refs to such functions.
- The second issue is misleading indentation inside `ns_name_pack`.
`
libc/inet/resolv.c: In function '__ns_name_pack':
libc/inet/resolv.c:3519:17: warning: this 'if' clause does not guard...
3519 | if (msg != NULL)
...
./include/errno.h:73:18: note: ...this statement, but the latter
is misleadingly indented as if it were guarded by the 'if'
73 | # define errno errno /* For #ifndef errno tests. */
| ^~~~~
libc/inet/resolv.c:3522:25: note: in expansion of macro 'errno'
3522 | errno = EMSGSIZE;
`
Signed-off-by: Dmitry Chestnykh <dm.chestnykh@gmail.com>
|
|
Clang warns that the NULL character literal '\0' is used as a pointer
value. Change this to 0 in order to avoid the warning.
|
|
When compiling getaddrinfo.c with clang the -Wmisleading-indentation
option will cause a warning due to the indentation lining up with the
previous statement in the if block above.
For gcc the warning is blinded by the commented line. See also:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107162
Move the comment behind the function call to make both compilers happy.
|
|
getaddrinfo() returns addresses from, at least, ip(7) and ipv6(7),
but _addr() always uses sin_addr from struct sockaddr_in;
we're saved from wild unsoundness (or incompatibility)
by virtue of struct sockaddr_in6 having an always-0 u32 sin6_flowinfo
at the same offset, so we end up returning 0 anyway,
but in a round-about and definitely unintended way
Instead, limit the request to AF_INET, and fall through to the end
early, returning the default id=0
Signed-off-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz>
|
|
Explicitly include stdint header as logic uses INT[64]_MAX, just
in case for future, even though the chain of headers from existing
includes brings in the definition indirectly as of now.
Cross check for time gap between prngplus reseeding, periodically,
has the internal state is being consumed, so that if there is too
much time gap, then prng reseeding can be forced, before the normal
reseed window is reached. This is useful for long running programs
which trigger dns queries only intermittently.
If clock_gettime is not available, then reseed more frequently, by
default. A platform developer may change the reseed frequence, to
be bit more less often in this case, if needed, by tweaking the
defines in the source.
Signed-off-by: hanishkvc <hanishkvc@gmail.com>
|
|
Dns lookup logic has been updated to provide a configurable compile
time selection of dns query id generation logics, including random,
where possible, instead of the previous simple counter mode.
This should make dns poison attempts more difficult. The uclibc
developers wish to thank the white hat teams which alerted the
community about the possible weakness in the dns path, given the
increased resources with adversaries today.
Given that embedded systems may or may not have sources for trying
to generate random numbers, and also to try and keep the load on
the system low, by default it uses the standard random prng based
logic to indirectly generate the ids.
However if either urandom or else if realtime clock is available on
the target, then the same is used to reseed the prng periodically
in a slightly non deterministic manner. Also additional transform
(one way where possible) is used to avoid directly exposing the
internal random sequence.
The dns lookup logic maintains its own state wrt the random prng
functions, so that other users of the library's random prng are
not affected wrt their operations with the prng.
Note to Platform developers:
If you want to change from the default prngplus based logic, to one
of the other logics provided, then during compile/config time you can
switch to one of these additional choices wrt dns query id generation,
by using make config and companions.
If your platform doesnt support urandom nor a realtime clock backed
by a source with sufficient resolution, and or for some reason if you
want to revert to previous simple counter, rather than the transformed
random prng plus logic, you can force the same at compile time by
selecting SimpleCounter mode.
If you want to increase the randomness of the generated ids, and dont
mind the increased system load and latency then you could select the
Urandom mode during config. Do note that it will be dipping into the
entropy pool maintained by ur system.
If your target has a system realtime clock available and exposed to
user space, and inturn if you want to keep the underlying logic simple,
you could try using the clock option from the config. However do note
that the clock should have nanosecond resolution to help generate ids
which are plausibly random. Also improvements to processor and or io
performance can affect this.
Wrt the URandom and Clock modes, if there is a failure with generation
of the next random value, the logic tries to fallback to simple counter
mode.
If you want to change the underlying logic to make it more random
and or more simple, look at dnsrand_setup and dnsrand_next.
Signed-off-by: hanishkvc <hanishkvc@gmail.com>
|
|
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
|
|
- use the provided __res_state() method instead of direct access
to struct __res_state pointer &_res/*__resp
- change the __UCLIBC_HAS_TLS__ protected __res_state() implementation
to the one where the comment 'When threaded, _res may be a per-thread
variable.' indicates this should be used with threads/TLS enabled
Fixes the following segfaults with buildroot raspberrypi3_64_defconfig
(uclibc, -Os, Note: runs fine using the raspberrypi3_defconfig):
$ /usr/sbin/ntpd -n -d
1970-01-01T00:01:49 ntpd[249]: INIT: ntpd ntpsec-1.2.0 2021-11-03T20:39:50Z: Starting
1970-01-01T00:01:49 ntpd[249]: INIT: Command line: /usr/sbin/ntpd -n -d
1970-01-01T00:01:49 ntpd[249]: INIT: precision = 7.240 usec (-17)
1970-01-01T00:01:49 ntpd[249]: INIT: successfully locked into RAM
1970-01-01T00:01:49 ntpd[249]: CONFIG: readconfig: parsing file: /etc/ntp.conf
1970-01-01T00:01:49 ntpd[249]: CONFIG: restrict nopeer ignored
1970-01-01T00:01:49 ntpd[249]: INIT: Using SO_TIMESTAMPNS
1970-01-01T00:01:49 ntpd[249]: IO: Listen and drop on 0 v6wildcard [::]:123
1970-01-01T00:01:49 ntpd[249]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
1970-01-01T00:01:49 ntpd[249]: IO: Listen normally on 2 lo 127.0.0.1:123
1970-01-01T00:01:49 ntpd[249]: IO: Listen normally on 3 eth0 172.16.0.30:123
1970-01-01T00:01:49 ntpd[249]: IO: Listen normally on 4 lo [::1]:123
1970-01-01T00:01:49 ntpd[249]: IO: Listen normally on 5 eth0 [fe80::ba27:ebff:fea6:340%2]:123
1970-01-01T00:01:49 ntpd[249]: IO: Listening on routing socket on fd #22 for interface updates
1970-01-01T00:01:50 ntpd[249]: SYNC: Found 10 servers, suggest minsane at least 3
1970-01-01T00:01:50 ntpd[249]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
1970-01-01T00:01:50 ntpd[249]: statistics directory /var/NTP/ does not exist or is unwriteable, error No such file or directory
1970-01-01T00:01:51 ntpd[249]: DNS: dns_probe: 0.pool.ntp.org, cast_flags:8, flags:101
Segmentation fault (core dumped)
$ ./host/bin/aarch64-buildroot-linux-uclibc-gdb ./build/ntpsec-1_2_0/build/main/ntpd/ntpd core
Core was generated by `/usr/sbin/ntpd -n -d'.
Program terminated with signal SIGSEGV, Segmentation fault.
(gdb) where
#0 0x0000007f8ff1f150 in res_sync_func () at libc/inet/resolv.c:3356
#1 0x0000007f8ff1c468 in __open_nameservers () at libc/inet/resolv.c:949
#2 0x0000007f8ff1b498 in __dns_lookup (name=0x55943c67f0 "0.pool.ntp.org",
type=1, outpacket=0x7f8fe91c48, a=0x7f8fe91c08) at libc/inet/resolv.c:1134
#3 0x0000007f8ff1d744 in __GI_gethostbyname_r (
name=0x55943c67f0 "0.pool.ntp.org", result_buf=0x7f8fe92628,
buf=0x7f8fe91d90 "", buflen=992, result=0x7f8fe92670,
h_errnop=0x7f8fe92668) at libc/inet/resolv.c:1966
#4 0x0000007f8ff1d9a0 in __GI_gethostbyname2_r (
name=0x55943c67f0 "0.pool.ntp.org", family=2, result_buf=0x7f8fe92628,
buf=0x7f8fe91d70 "0.pool.ntp.org", buflen=1024, result=0x7f8fe92670,
h_errnop=0x7f8fe92668) at libc/inet/resolv.c:2065
#5 0x0000007f8ff16924 in gaih_inet (name=0x55943c67f0 "0.pool.ntp.org",
service=0x7f8fe92828, req=0x7f8fe92890, pai=0x7f8fe92838)
at libc/inet/getaddrinfo.c:596
#6 0x0000007f8ff17624 in __GI_getaddrinfo (
name=0x55943c67f0 "0.pool.ntp.org",
service=0x5582eb8acd "\377H\213D$\bL\211\367H\213\260\270",
hints=0x7f8fe92890, pai=0x5582ee1bf8) at libc/inet/getaddrinfo.c:957
#7 0x0000005582ea60f4 in _start ()
(gdb) p _res
$1 = {options = 0, nsaddr_list = {{sin_family = 0, sin_port = 0, sin_addr = {
s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, {
sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}, {sin_family = 0,
sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}}, dnsrch = {0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0}, nscount = 0 '\000', ndots = 0 '\000',
retrans = 0 '\000', retry = 0 '\000', defdname = '\000' <repeats 255 times>,
nsort = 0 '\000', pfcode = 0, id = 0, res_h_errno = 0, sort_list = {{addr = {
s_addr = 0}, mask = 0}, {addr = {s_addr = 0}, mask = 0}, {addr = {
s_addr = 0}, mask = 0}, {addr = {s_addr = 0}, mask = 0}, {addr = {
s_addr = 0}, mask = 0}, {addr = {s_addr = 0}, mask = 0}, {addr = {
s_addr = 0}, mask = 0}, {addr = {s_addr = 0}, mask = 0}, {addr = {
s_addr = 0}, mask = 0}, {addr = {s_addr = 0}, mask = 0}}, _u = {
_ext = {nsaddrs = {0x0, 0x0, 0x0}, nscount = 0 '\000', nstimes = {0, 0,
0}, nssocks = {0, 0, 0}, nscount6 = 0, nsinit = 0}}}
(gdb) p &_res
$2 = (struct __res_state *) 0x7f8ff8fd98 <_res>
(gdb) p rp
$3 = (struct __res_state *) 0x7fffffffff
And the following uclibc code at libc/inet/resolv.c:3356:
3345 static void res_sync_func(void)
3346 {
3347 struct __res_state *rp = &(_res);
3348 int n;
3349
3350 /* If we didn't get malloc failure earlier... */
3351 if (__nameserver != (void*) &__local_nameserver) {
3352 /* TODO:
3353 * if (__nameservers < rp->nscount) - try to grow __nameserver[]?
3354 */
3355 #ifdef __UCLIBC_HAS_IPV6__
3356 if (__nameservers > rp->_u._ext.nscount)
3357 __nameservers = rp->_u._ext.nscount;
3358 n = __nameservers;
The special thing about ntpsec is the DNS lookup in an extra thread
and/or the call to res_init(), see ntpsec-1_2_0/ntpd/ntp_dns.c:
69 msyslog(LOG_INFO, "DNS: dns_probe: %s, cast_flags:%x, flags:%x%s",
70 hostname, pp->cast_flags, pp->cfg.flags, busy);
71 if (NULL != active) /* normally redundant */
72 return false;
73
74 active = pp;
75
76 sigfillset(&block_mask);
77 pthread_sigmask(SIG_BLOCK, &block_mask, &saved_sig_mask);
78 rc = pthread_create(&worker, NULL, dns_lookup, pp);
and
165 static void* dns_lookup(void* arg)
166 {
167 struct peer *pp = (struct peer *) arg;
168 struct addrinfo hints;
169
170 #ifdef HAVE_SECCOMP_H
171 setup_SIGSYS_trap(); /* enable trap for this thread */
172 #endif
173
174 #ifdef HAVE_RES_INIT
175 /* Reload DNS servers from /etc/resolv.conf in case DHCP has updated it.
176 * We only need to do this occasionally, but it's not expensive
177 * and simpler to do it every time than it is to figure out when
178 * to do it.
179 * This res_init() covers NTS too.
180 */
181 res_init();
182 #endif
183
184 if (pp->cfg.flags & FLAG_NTS) {
185 #ifndef DISABLE_NTS
186 nts_probe(pp);
187 #endif
188 } else {
189 ZERO(hints);
190 hints.ai_protocol = IPPROTO_UDP;
191 hints.ai_socktype = SOCK_DGRAM;
192 hints.ai_family = AF(&pp->srcadr);
193 gai_rc = getaddrinfo(pp->hostname, NTP_PORTA, &hints, &answer);
194 }
$ /usr/lib/uclibc-ng-test/test/inet/tst-res
Segmentation fault (core dumped)
$ ./host/bin/aarch64-buildroot-linux-uclibc-gdb ./build/uclibc-ng-test-0844445e7358eb10e716155b55b0fb23e88d644a/test/inet/tst-res core
Core was generated by `/usr/lib/uclibc-ng-test/test/inet/tst-res'.
Program terminated with signal SIGSEGV, Segmentation fault.
(gdb) where
#0 __GI___res_init () at libc/inet/resolv.c:3514
#1 0x0000005591e507e4 in main (argc=<optimized out>, argv=<optimized out>)
at tst-res.c:20
First reported here:
https://lore.kernel.org/buildroot/20211028230131.5f50d6e7@gmx.net/
https://www.mail-archive.com/devel@uclibc-ng.org/msg01085.html
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
|
|
… using the same rules glibc does
also call __hnbad in some places to check answers
|
|
they merely call dn_{comp,expand} slightly rearranging the arguments
Signed-off-by: mirabilos <mirabilos@evolvis.org>
|
|
Signed-off-by: mirabilos <mirabilos@evolvis.org>
|
|
Minimal-invasive change: just ifdeffing away the older code.
There is no reason to have two different sets of functions doing
the same thing, one used in half the code and another, doing less
escaping, in the other half; just use one.
Signed-off-by: mirabilos <mirabilos@evolvis.org>
|
|
Signed-off-by: akater <nuclearspace@gmail.com>
|
|
Import musl C sockatmark implementation into uClibc-ng.
Signed-off-by: Clement Leger <cleger@kalray.eu>
Acked-by: Yann Sionneau <ysionneau@kalray.eu>
|
|
map_newlink() may abort when interface list changed between netlink
request for getting interfaces and getting addresses. This commit is
ported from the same change from glibc commit.
Signed-off-by: Vincent Hou <vincent.houyi@gmail.com>
|
|
Old version manages strings the regular way (i.e. counting on zero-ended
sequences). In fact strings captured from the /etc/ethers file are
'\n'-ended. So, for example, using strchr function could lead to buffer
overflow.
Reported-by: "Andrey V. Zhmurin" <zhmurin_a@mcst.ru
|
|
|
|
|
|
|
|
The recvmmsg and sendmmsg is very important for UDP stream application.
If we only use recvmsg for UDP stream, it will only copy one mtu size
of data in a syscall. And recvmmsg copy as many as you want in a syscall.
So recvmmsg is more efficient,and some applications will depends on the
recvmmsg and sendmmsg, eg: UDP media stream player.
Signed-off-by: Guo Ren <ren_guo@c-sky.com>
|
|
|
|
|
|
The included RPC implementation is ipv4 only.
Other C library projects have either deprecated the internal
RPC implementation (GNU C Library) or never implemented such
functionality (musl C Library). The latest rpcbind release (0.2.4)
checks for libtirpc and does not allow to be build with uClibc-ng
RPC without patching. The common use case for RPC nowadays is to
use rpcbind together with nfs-utils to provide NFS server or client
support to a system.
The included RPC implementation does create issues with duplicate
symbol failures when statically compiling with RPC enabled.
|
|
Follow documented behaviour:
http://man7.org/linux/man-pages/man3/getnameinfo.3.html
Sync with GNU libc behaviour.
|
|
|
|
As __UCLIBC_HAS_GETTEXT_AWARENESS__ is never defined, this is
mostly dead code. It is planned to integrate libiconv-tiny
and gettext-tiny into uClibc-ng after the next release, so
that more software packages can be used without modification.
Remove any _/_N macro usage.
|
|
CVE-2016-4429:
The call is technically in a loop, and under certain circumstances
(which are quite difficult to reproduce in a test case), alloca
can be invoked repeatedly during a single call to clntudp_call.
As a result, the available stack space can be exhausted (even
though individual alloca sizes are bounded implicitly by what
can fit into a UDP packet, as a side effect of the earlier
successful send operation).
From GNU libc:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=bc779a1a5b3035133024b21e2f339fe4219fb11c
|
|
When resolving an unqualified host name, the resolver tries the original
name first before appending the domains from the search list. If a TLD
with the same name exists, the query will succeed (but yield no A record)
and the resolver will return HOST_NOT_FOUND without trying the search
domains.
This patch changes the lookup order for unqualified host names (without
dots) to try the search domains first and the original name last.
Signed-off-by: Ingo van Lil <inguin@gmx.de>
|
|
When trying to resolve a hostname by getaddrinfo() using some specific
settings, it will always return -EAI_NONAME (Name or service not known).
To reproduce this behavior, you need to request an IPv6 address with the
additional AF_V4MAPPED flag set from an non IPv6 capable hostname. If
you choose a IPv4/IPv6 capable hostname like google.com, everything
works fine.
This patch is more or less a port [1][2] from the glibc and their behavior
for the AF_V4MAPPED flag. To test the bug you can use the following snippet.
---- 8< ----
int ret;
struct addrinfo* result;
struct addrinfo hints;
memset(&hints, 0, sizeof(struct addrinfo));
hints.ai_family = AF_INET6;
hints.ai_flags = AI_V4MAPPED;
ret = getaddrinfo("test.com", NULL, &hints, &result);
printf("getaddrinfo(): %i", ret);
---- 8< ----
[1] https://sourceware.org/git/?p=glibc.git;a=commit;f=sysdeps/posix/getaddrinfo.c;h=925c3c5c71596c02f7e58a0ffcdcaae44eb065c1
[2] https://sourceware.org/git/?p=glibc.git;a=commit;f=sysdeps/posix/getaddrinfo.c;h=28977c2c1acb789660ad47e0d88e42486059c916
Signed-off-by: Alexander Wenzel <alexander.wenzel@qsc.de>
|
|
|
|
As recently reported on the Buildroot list:
http://lists.busybox.net/pipermail/buildroot/2016-March/155325.html
DNS lookups with Node.js currently fails on uClibc-ng. The reason for this
is the way AI_V4MAPPED is handled. According to POSIX, AI_V4MAPPED should
be ignored unless ai_family is AF_INET6:
http://pubs.opengroup.org/onlinepubs/9699919799/functions/freeaddrinfo.html
If the AI_V4MAPPED flag is specified along with an ai_family of AF_INET6,
then getaddrinfo() shall return IPv4-mapped IPv6 addresses on finding no
matching IPv6 addresses (ai_addrlen shall be 16). The AI_V4MAPPED flag
shall be ignored unless ai_family equals AF_INET6.
uClibc-ng was also handling AI_V4MAPPED for AF_UNSPEC, fix that.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
This lessens the load on upstream DNS servers (and it was just nonsensical).
Signed-off-by: Tim Hockin <thockin@google.com>
|
|
Currently a miss on a search-path entry is counted as a retry. This means that
users with more than (num_nameservers * retries) entries in their search path
list fail before trying all search paths. Concretely, a single nameserver with
4 search paths will never try the 4th search because the default retry is 3.
The code doesn't currently retry a given nameserver in case of an error, so
retries is sort of meaningless (though there are some comments indicating it
might come). This change only treats total failure of a nameserver (try next
server) as a retry.
Signed-off-by: Tim Hockin <thockin@google.com>
|
|
on system where resolv.conf is not in /etc .
Signed-off-by: Ubaldo Porcheddu <ubaldo@eja.it>
|
|
Write a terminating '\0' to dest when the first byte of the encoded data
is 0. This corner case was previously missed.
Signed-off-by: Daniel Fahlgren <daniel@fahlgren.se>
Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org>
|
|
It is possible to get stuck in an infinite loop when receiving a
specially crafted DNS reply. Exit the loop after a number of iteration
and consider the packet invalid.
Signed-off-by: Daniel Fahlgren <daniel@fahlgren.se>
Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org>
|
|
Although gethostent() is obsoleted, there is no reason to keep it broken.
Fix two problems:
* commit f65e66078b "resolver: switch to config parser" leave an extra break
statement in case of GETHOSTENT in __read_etc_hosts_r. In result,
output buffer wasn't initialized at all.
* gethostent static buffer has insufficient size to store aliases,
so __read_etc_hosts_r always returns ERANGE. Restore ALIAS_DIM define.
Add test-case.
Signed-off-by: Leonid Lisovskiy <lly.dev@gmail.com>
|
|
Save ~1k static space (.bss)
text data bss dec hex filename
- 68 0 126 194 c2 libc/inet/gethostent.os
- 79 0 460 539 21b libc/inet/gethostbyname2.os
- 83 0 460 543 21f libc/inet/gethostbyaddr.os
+ 98 0 24 122 7a libc/inet/gethostent.os
+ 110 0 24 134 86 libc/inet/gethostbyname2.os
+ 113 0 24 137 89 libc/inet/gethostbyaddr.os
==================================================================
+91 -974
Signed-off-by: Leonid Lisovskiy <lly.dev@gmail.com>
|
|
order
Implement simplest variant of /etc/gai.conf to control getaddrinfo
IPv6/IPv4 addresses sorting. Keep the default sort order - IPv6 first,
IPv4 second. To invert it, create /etc/gai.conf containing single line:
precedence ::ffff:0:0/96 100
Example before:
$ nslookup security.debian.org 8.8.8.8
Server: 8.8.8.8
Address 1: 8.8.8.8 google-public-dns-a.google.com
Name: security.debian.org
Address 1: 2001:a78:5:0:216:35ff:fe7f:be4f villa.debian.org
Address 2: 2001:a78:5:1:216:35ff:fe7f:6ceb lobos.debian.org
Address 3: 195.20.242.89 wieck.debian.org
Address 4: 212.211.132.250 lobos.debian.org
Address 5: 212.211.132.32 villa.debian.org
After patch & precedence set in /etc/gai.conf:
$ nslookup security.debian.org 8.8.8.8
Server: 8.8.8.8
Address 1: 8.8.8.8 google-public-dns-a.google.com
Name: security.debian.org
Address 1: 195.20.242.89 wieck.debian.org
Address 2: 212.211.132.250 lobos.debian.org
Address 3: 212.211.132.32 villa.debian.org
Address 4: 2001:a78:5:0:216:35ff:fe7f:be4f villa.debian.org
Address 5: 2001:a78:5:1:216:35ff:fe7f:6ceb lobos.debian.org
bloat-o-meter report:
function old new delta
getaddrinfo 726 1138 +412
gaih_inet 2660 2692 +32
.rodata 16618 16643 +25
__gai_precedence - 1 +1
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 4/0 up/down: 882/0) Total: 470 bytes
Signed-off-by: Leonid Lisovskiy <lly.dev@gmail.com>
|
|
lookups
The latter half of gethostbyname2_r (doing AAAA queries) is rather dramatically different
from the corresponding portion of gethostbyname_r (doing A queries). This leads to problems
like calls to getaddrinfo only returning one IPv6 address, even when multiple exist.
Seems to be entirely a case of divergent evolution -- a half-decade of fixes for the IPv4
code but no love for IPv6. Until now. ;)
DNS behaviour for IPv6 is really no different than for IPv4 -- beyond the difference in
address sizes, there's no need for the functions to be so different.
Consequently, this patch really is almost just a cut-and-paste of gethostbyname_r, with
the appropriate substitutions of in6_addr, AF_INET6, etc; while holding on to the few
extra bits that actually belong in there (eg #ifdef __UCLIBC_HAS_IPV6__).
Signed-off-by: Wes Campaigne <westacular@gmail.com>
|
|
Commit 2dab3f5a "resolv: tiny shrinkage in /etc/hosts handling" leads to
that read_etc_hosts_r() provide garbage pointer at the end of h_aliases
list if more than four hostnames follow a dotted quad in /etc/hosts
Test-case:
Add following line to /etc/hosts
63.63.0.2 host1 alias2 alias3 alias4 alias5
#include <stdio.h>
#include <errno.h>
#include <netdb.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
int main (void)
{
int i;
char *a;
struct hostent *he;
struct in_addr ipv4addr;
inet_pton(AF_INET, "63.63.0.2", &ipv4addr);
he = gethostbyaddr(&ipv4addr, sizeof ipv4addr, AF_INET);
if (he == NULL)
exit(1);
printf("Host name: '%s'\n", he->h_name);
i = 0;
while ((a = he->h_aliases[i]) != NULL) {
printf("Host alias: '%s'\n", a);
++i;
}
return 0;
}
Wrong output:
Host name: 'host1'
Host alias: 'alias2'
Host alias: 'alias3'
Host alias: 'alias4'
Host alias: 'alias5'
Host alias: '??'
Signed-off-by: Leonid Lisovskiy <lly.dev@gmail.com>
Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org>
|
|
set error events
https://bugs.busybox.net/show_bug.cgi?id=3211
Signed-off-by: Leonid Lisovskiy <lly.dev@gmail.com>
Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org>
|
|
Free 1k of static data (.bss)
Signed-off-by: Leonid Lisovskiy <lly.dev@gmail.com>
Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org>
|
|
http://bugs.busybox.net/show_bug.cgi?id=5588
Signed-off-by: Leonid Lisovskiy <lly.dev@gmail.com>
Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org>
|
|
I mailed with Jan-Benedict Glaw, it seems VAX on Linux
is really a lot of work todo and uClibc support didn't work ever.
|
|
The changeset 9dea5dc921b5f4045a18c63eb92e84dc274d17eb in the Linux kernel
expose the direct syscalls for sockets. For example udhcpc then will use sendto
syscall directly and get an EINVAL error. Disable direct syscalls as it was done
for SPARC in the past. Musl and GNU libc are not affected, as they already
disable direct socket syscalls on i386.
Reported-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
|
|
TODO: this could need a cleanup..
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
|
|
As recently discussed on the pgsql mailinglist, this
warnings are more or less useless and some configure scripts
are failing when these warnings are enabled.
http://www.postgresql.org/message-id/20150320132351.GS3636@alvh.no-ip.org
|
|
|