| Age | Commit message (Collapse) | Author | 
|---|
|  | If gethostent_r fails, the h_errnop error code should be set.
Signed-off-by: Marcus Haehnel <marcus.haehnel@kernkonzept.com> | 
|  | For BE architectures there is one significant difference
in comparison with time64 support for little-endian
architectures like ARMv7.
The difference is that we strictly need to pass two 64bit
values to system calls because Linux Kernel internally uses
`struct __kernel_timespec` and similar, which consists of two
64bit fields.
For this reason many files have been changed to convert
pointers to timespec-family structures (mixed of 64bit and 32bit values)
to the pointer of the similar but 64bit-only structures
for using as system calls args.
This is general prerequisite for any BE architecture.
Signed-off-by: Dmitry Chestnykh <dm.chestnykh@gmail.com> | 
|  | This patch introduces *time64 syscalls support for uClibc-ng.
Currently the redirection of syscalls to their *time64
analogs is fully supported for 32bit ARM (ARMv5, ARMv6, ARMv7).
The main changes that take effect when time64 feature is enabled are:
- sizeof(time_t) is 8.
- There is a possibility os setting date beyond year 2038.
- some syscalls are redirected:
clock_adjtime -> clock_adjtime64
clock_getres -> clock_getres_time64
clock_gettime -> clock_gettime64
clock_nanosleep -> clock_nanosleep_time64
clock_settime -> clock_settime64
futex -> futex_time64
mq_timedreceive -> mq_timedreceive_time64
mq_timedsend -> mq_timedsend_time64
ppoll -> ppoll_time64
pselect6 -> pselect6_time64
recvmmsg -> recvmmsg_time64
rt_sigtimedwait -> rt_sigtimedwait_time64
sched_rr_get_interval -> sched_rr_get_interval_time64
semtimedop -> semtimedop_time64
timer_gettime -> timer_gettime64
timer_settime -> timer_settime64
timerfd_gettime -> timerfd_gettime64
timerfd_settime -> timerfd_settime64
utimensat -> utimensat_time64.
- settimeofday uses clock_settime (like in glibc/musl).
- gettimeofday uses clock_gettime (like in glibc/musl).
- nanosleep uses clock_nanosleep (like in glibc/musl).
- There are some fixes in data structures used by libc and kernel
for correct data handling both with and without enabled time64 support.
Signed-off-by: Dmitry Chestnykh <dm.chestnykh@gmail.com> | 
|  |  | 
|  | During buildroot compilation with latest uClibc
I've encoutered linking error due to multiple definition
of some symbols from DNS code.
The error happens because the same file resolv.c
is included inside many other .c files:
res_comp.c:(.text+0x0): multiple definition of `__GI___dn_expand'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x8a0): first defined here
res_comp.c:(.text+0x0): multiple definition of `__dn_expand'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x8a0): first defined here
res_comp.c:(.text+0x34): multiple definition of `__GI___dn_comp'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0xc68): first defined here
res_comp.c:(.text+0x34): multiple definition of `__dn_comp'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0xc68): first defined here
ns_name.c:(.text+0x4c): multiple definition of `__GI___ns_name_ntop'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x4c): first defined here
ns_name.c:(.text+0x4c): multiple definition of `__ns_name_ntop'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x4c): first defined here
ns_name.c:(.text+0x1f8): multiple definition of `__GI___ns_name_pton'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x1f8): first defined here
ns_name.c:(.text+0x1f8): multiple definition of `__ns_name_pton'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x1f8): first defined here
ns_name.c:(.text+0x624): multiple definition of `__hnbad'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x624): first defined here
ns_name.c:(.text+0x718): multiple definition of `__GI___ns_name_unpack'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x718): first defined here
ns_name.c:(.text+0x718): multiple definition of `__ns_name_unpack'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x718): first defined here
ns_name.c:(.text+0x84c): multiple definition of `__GI___ns_name_uncompress'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x84c): first defined here
ns_name.c:(.text+0x84c): multiple definition of `__ns_name_uncompress'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x84c): first defined here
ns_name.c:(.text+0x8a0): multiple definition of `__GI___ns_name_pack'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x8d4): first defined here
ns_name.c:(.text+0x8a0): multiple definition of `__ns_name_pack'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0x8d4): first defined here
ns_name.c:(.text+0xbe4): multiple definition of `__GI___ns_name_compress'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0xc18): first defined here
ns_name.c:(.text+0xbe4): multiple definition of `__ns_name_compress'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0xc18): first defined here
ns_name.c:(.text+0xc34): multiple definition of `__GI___ns_name_skip'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0xcdc): first defined here
ns_name.c:(.text+0xc34): multiple definition of `__ns_name_skip'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0xcdc): first defined here
ns_name.c:(.text+0xcd4): multiple definition of `__GI___dn_skipname'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0xd7c): first defined here
ns_name.c:(.text+0xcd4): multiple definition of `__dn_skipname'; libc/libc_so.a(encodeq.os):encodeq.c:(.text+0xd7c): first defined here
My previous commit that fixes build error of DNS code is okay,
but there are some 'bottlenecks' in uClibc-ng code, so if
we don't want to completely rewrite resolv.c we need to make some
symbols weak to prevent linking errors. | 
|  | - The first observed issue is linking failure:
`
/usr/bin/ld: libc/libc_so.a(encodeq.os): in function `__encode_question':
encodeq.c:(.text+0x16): undefined reference to `__GI___dn_comp'
/usr/bin/ld: libc/libc_so.a(dnslookup.os): in function `__dns_lookup':
dnslookup.c:(.text+0x6fb): undefined reference to `__GI___dn_expand'
/usr/bin/ld: dnslookup.c:(.text+0x7ab): undefined reference to `__hnbad'
collect2: error: ld returned 1 exit status
`
The root cause is that the resolv.c file contains
some functions (dn_comp, dn_expand, __hnbad)
under `#ifdef L_ns_name` and `#ifdef L_ns_comp`
which wasn't defined, so we had undefined refs to such functions.
- The second issue is misleading indentation inside `ns_name_pack`.
`
libc/inet/resolv.c: In function '__ns_name_pack':
libc/inet/resolv.c:3519:17: warning: this 'if' clause does not guard...
 3519 |                 if (msg != NULL)
...
./include/errno.h:73:18: note: ...this statement, but the latter
is misleadingly indented as if it were guarded by the 'if'
   73 | #   define errno errno             /* For #ifndef errno tests.  */
      |                  ^~~~~
libc/inet/resolv.c:3522:25: note: in expansion of macro 'errno'
 3522 |                         errno = EMSGSIZE;
`
Signed-off-by: Dmitry Chestnykh <dm.chestnykh@gmail.com> | 
|  | Clang warns that the NULL character literal '\0' is used as a pointer
value. Change this to 0 in order to avoid the warning. | 
|  | When compiling getaddrinfo.c with clang the -Wmisleading-indentation
option will cause a warning due to the indentation lining up with the
previous statement in the if block above.
For gcc the warning is blinded by the commented line. See also:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107162
Move the comment behind the function call to make both compilers happy. | 
|  | getaddrinfo() returns addresses from, at least, ip(7) and ipv6(7),
but _addr() always uses sin_addr from struct sockaddr_in;
we're saved from wild unsoundness (or incompatibility)
by virtue of struct sockaddr_in6 having an always-0 u32 sin6_flowinfo
at the same offset, so we end up returning 0 anyway,
but in a round-about and definitely unintended way
Instead, limit the request to AF_INET, and fall through to the end
early, returning the default id=0
Signed-off-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz> | 
|  | Explicitly include stdint header as logic uses INT[64]_MAX, just
in case for future, even though the chain of headers from existing
includes brings in the definition indirectly as of now.
Cross check for time gap between prngplus reseeding, periodically,
has the internal state is being consumed, so that if there is too
much time gap, then prng reseeding can be forced, before the normal
reseed window is reached. This is useful for long running programs
which trigger dns queries only intermittently.
If clock_gettime is not available, then reseed more frequently, by
default. A platform developer may change the reseed frequence, to
be bit more less often in this case, if needed, by tweaking the
defines in the source.
Signed-off-by: hanishkvc <hanishkvc@gmail.com> | 
|  | Dns lookup logic has been updated to provide a configurable compile
time selection of dns query id generation logics, including random,
where possible, instead of the previous simple counter mode.
This should make dns poison attempts more difficult. The uclibc
developers wish to thank the white hat teams which alerted the
community about the possible weakness in the dns path, given the
increased resources with adversaries today.
Given that embedded systems may or may not have sources for trying
to generate random numbers, and also to try and keep the load on
the system low, by default it uses the standard random prng based
logic to indirectly generate the ids.
However if either urandom or else if realtime clock is available on
the target, then the same is used to reseed the prng periodically
in a slightly non deterministic manner. Also additional transform
(one way where possible) is used to avoid directly exposing the
internal random sequence.
The dns lookup logic maintains its own state wrt the random prng
functions, so that other users of the library's random prng are
not affected wrt their operations with the prng.
Note to Platform developers:
If you want to change from the default prngplus based logic, to one
of the other logics provided, then during compile/config time you can
switch to one of these additional choices wrt dns query id generation,
by using make config and companions.
If your platform doesnt support urandom nor a realtime clock backed
by a source with sufficient resolution, and or for some reason if you
want to revert to previous simple counter, rather than the transformed
random prng plus logic, you can force the same at compile time by
selecting SimpleCounter mode.
If you want to increase the randomness of the generated ids, and dont
mind the increased system load and latency then you could select the
Urandom mode during config. Do note that it will be dipping into the
entropy pool maintained by ur system.
If your target has a system realtime clock available and exposed to
user space, and inturn if you want to keep the underlying logic simple,
you could try using the clock option from the config. However do note
that the clock should have nanosecond resolution to help generate ids
which are plausibly random. Also improvements to processor and or io
performance can affect this.
Wrt the URandom and Clock modes, if there is a failure with generation
of the next random value, the logic tries to fallback to simple counter
mode.
If you want to change the underlying logic to make it more random
and or more simple, look at dnsrand_setup and dnsrand_next.
Signed-off-by: hanishkvc <hanishkvc@gmail.com> | 
|  | Signed-off-by: Peter Seiderer <ps.report@gmx.net> | 
|  | - use the provided __res_state() method instead of direct access
  to struct __res_state pointer &_res/*__resp
- change the __UCLIBC_HAS_TLS__ protected __res_state() implementation
  to the one where the comment 'When threaded, _res may be a per-thread
  variable.' indicates this should be used with threads/TLS enabled
Fixes the following segfaults with buildroot raspberrypi3_64_defconfig
(uclibc, -Os, Note: runs fine using the raspberrypi3_defconfig):
  $ /usr/sbin/ntpd -n -d
  1970-01-01T00:01:49 ntpd[249]: INIT: ntpd ntpsec-1.2.0 2021-11-03T20:39:50Z: Starting
  1970-01-01T00:01:49 ntpd[249]: INIT: Command line: /usr/sbin/ntpd -n -d
  1970-01-01T00:01:49 ntpd[249]: INIT: precision = 7.240 usec (-17)
  1970-01-01T00:01:49 ntpd[249]: INIT: successfully locked into RAM
  1970-01-01T00:01:49 ntpd[249]: CONFIG: readconfig: parsing file: /etc/ntp.conf
  1970-01-01T00:01:49 ntpd[249]: CONFIG: restrict nopeer ignored
  1970-01-01T00:01:49 ntpd[249]: INIT: Using SO_TIMESTAMPNS
  1970-01-01T00:01:49 ntpd[249]: IO: Listen and drop on 0 v6wildcard [::]:123
  1970-01-01T00:01:49 ntpd[249]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
  1970-01-01T00:01:49 ntpd[249]: IO: Listen normally on 2 lo 127.0.0.1:123
  1970-01-01T00:01:49 ntpd[249]: IO: Listen normally on 3 eth0 172.16.0.30:123
  1970-01-01T00:01:49 ntpd[249]: IO: Listen normally on 4 lo [::1]:123
  1970-01-01T00:01:49 ntpd[249]: IO: Listen normally on 5 eth0 [fe80::ba27:ebff:fea6:340%2]:123
  1970-01-01T00:01:49 ntpd[249]: IO: Listening on routing socket on fd #22 for interface updates
  1970-01-01T00:01:50 ntpd[249]: SYNC: Found 10 servers, suggest minsane at least 3
  1970-01-01T00:01:50 ntpd[249]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
  1970-01-01T00:01:50 ntpd[249]: statistics directory /var/NTP/ does not exist or is unwriteable, error No such file or directory
  1970-01-01T00:01:51 ntpd[249]: DNS: dns_probe: 0.pool.ntp.org, cast_flags:8, flags:101
  Segmentation fault (core dumped)
  $ ./host/bin/aarch64-buildroot-linux-uclibc-gdb ./build/ntpsec-1_2_0/build/main/ntpd/ntpd core
  Core was generated by `/usr/sbin/ntpd -n -d'.
  Program terminated with signal SIGSEGV, Segmentation fault.
  (gdb) where
  #0  0x0000007f8ff1f150 in res_sync_func () at libc/inet/resolv.c:3356
  #1  0x0000007f8ff1c468 in __open_nameservers () at libc/inet/resolv.c:949
  #2  0x0000007f8ff1b498 in __dns_lookup (name=0x55943c67f0 "0.pool.ntp.org",
      type=1, outpacket=0x7f8fe91c48, a=0x7f8fe91c08) at libc/inet/resolv.c:1134
  #3  0x0000007f8ff1d744 in __GI_gethostbyname_r (
      name=0x55943c67f0 "0.pool.ntp.org", result_buf=0x7f8fe92628,
      buf=0x7f8fe91d90 "", buflen=992, result=0x7f8fe92670,
      h_errnop=0x7f8fe92668) at libc/inet/resolv.c:1966
  #4  0x0000007f8ff1d9a0 in __GI_gethostbyname2_r (
      name=0x55943c67f0 "0.pool.ntp.org", family=2, result_buf=0x7f8fe92628,
      buf=0x7f8fe91d70 "0.pool.ntp.org", buflen=1024, result=0x7f8fe92670,
      h_errnop=0x7f8fe92668) at libc/inet/resolv.c:2065
  #5  0x0000007f8ff16924 in gaih_inet (name=0x55943c67f0 "0.pool.ntp.org",
      service=0x7f8fe92828, req=0x7f8fe92890, pai=0x7f8fe92838)
      at libc/inet/getaddrinfo.c:596
  #6  0x0000007f8ff17624 in __GI_getaddrinfo (
      name=0x55943c67f0 "0.pool.ntp.org",
      service=0x5582eb8acd "\377H\213D$\bL\211\367H\213\260\270",
      hints=0x7f8fe92890, pai=0x5582ee1bf8) at libc/inet/getaddrinfo.c:957
  #7  0x0000005582ea60f4 in _start ()
  (gdb) p _res
  $1 = {options = 0, nsaddr_list = {{sin_family = 0, sin_port = 0, sin_addr = {
          s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, {
        sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0},
        sin_zero = "\000\000\000\000\000\000\000"}, {sin_family = 0,
        sin_port = 0, sin_addr = {s_addr = 0},
        sin_zero = "\000\000\000\000\000\000\000"}}, dnsrch = {0x0, 0x0, 0x0,
      0x0, 0x0, 0x0, 0x0}, nscount = 0 '\000', ndots = 0 '\000',
    retrans = 0 '\000', retry = 0 '\000', defdname = '\000' <repeats 255 times>,
    nsort = 0 '\000', pfcode = 0, id = 0, res_h_errno = 0, sort_list = {{addr = {
          s_addr = 0}, mask = 0}, {addr = {s_addr = 0}, mask = 0}, {addr = {
          s_addr = 0}, mask = 0}, {addr = {s_addr = 0}, mask = 0}, {addr = {
          s_addr = 0}, mask = 0}, {addr = {s_addr = 0}, mask = 0}, {addr = {
          s_addr = 0}, mask = 0}, {addr = {s_addr = 0}, mask = 0}, {addr = {
          s_addr = 0}, mask = 0}, {addr = {s_addr = 0}, mask = 0}}, _u = {
      _ext = {nsaddrs = {0x0, 0x0, 0x0}, nscount = 0 '\000', nstimes = {0, 0,
          0}, nssocks = {0, 0, 0}, nscount6 = 0, nsinit = 0}}}
  (gdb) p &_res
  $2 = (struct __res_state *) 0x7f8ff8fd98 <_res>
  (gdb) p rp
  $3 = (struct __res_state *) 0x7fffffffff
  And the following uclibc code at libc/inet/resolv.c:3356:
  3345 static void res_sync_func(void)
  3346 {
  3347         struct __res_state *rp = &(_res);
  3348         int n;
  3349
  3350         /* If we didn't get malloc failure earlier... */
  3351         if (__nameserver != (void*) &__local_nameserver) {
  3352                 /* TODO:
  3353                  * if (__nameservers < rp->nscount) - try to grow __nameserver[]?
  3354                  */
  3355 #ifdef __UCLIBC_HAS_IPV6__
  3356                 if (__nameservers > rp->_u._ext.nscount)
  3357                         __nameservers = rp->_u._ext.nscount;
  3358                 n = __nameservers;
  The special thing about ntpsec is the DNS lookup in an extra thread
  and/or the call to res_init(), see ntpsec-1_2_0/ntpd/ntp_dns.c:
   69         msyslog(LOG_INFO, "DNS: dns_probe: %s, cast_flags:%x, flags:%x%s",
   70                 hostname, pp->cast_flags, pp->cfg.flags, busy);
   71         if (NULL != active)     /* normally redundant */
   72                 return false;
   73
   74         active = pp;
   75
   76         sigfillset(&block_mask);
   77         pthread_sigmask(SIG_BLOCK, &block_mask, &saved_sig_mask);
   78         rc = pthread_create(&worker, NULL, dns_lookup, pp);
  and
  165 static void* dns_lookup(void* arg)
  166 {
  167         struct peer *pp = (struct peer *) arg;
  168         struct addrinfo hints;
  169
  170 #ifdef HAVE_SECCOMP_H
  171         setup_SIGSYS_trap();      /* enable trap for this thread */
  172 #endif
  173
  174 #ifdef HAVE_RES_INIT
  175         /* Reload DNS servers from /etc/resolv.conf in case DHCP has updated it.
  176          * We only need to do this occasionally, but it's not expensive
  177          * and simpler to do it every time than it is to figure out when
  178          * to do it.
  179          * This res_init() covers NTS too.
  180          */
  181         res_init();
  182 #endif
  183
  184         if (pp->cfg.flags & FLAG_NTS) {
  185 #ifndef DISABLE_NTS
  186                 nts_probe(pp);
  187 #endif
  188         } else {
  189                 ZERO(hints);
  190                 hints.ai_protocol = IPPROTO_UDP;
  191                 hints.ai_socktype = SOCK_DGRAM;
  192                 hints.ai_family = AF(&pp->srcadr);
  193                 gai_rc = getaddrinfo(pp->hostname, NTP_PORTA, &hints, &answer);
  194         }
  $ /usr/lib/uclibc-ng-test/test/inet/tst-res
  Segmentation fault (core dumped)
  $ ./host/bin/aarch64-buildroot-linux-uclibc-gdb ./build/uclibc-ng-test-0844445e7358eb10e716155b55b0fb23e88d644a/test/inet/tst-res core
  Core was generated by `/usr/lib/uclibc-ng-test/test/inet/tst-res'.
  Program terminated with signal SIGSEGV, Segmentation fault.
  (gdb) where
  #0  __GI___res_init () at libc/inet/resolv.c:3514
  #1  0x0000005591e507e4 in main (argc=<optimized out>, argv=<optimized out>)
      at tst-res.c:20
First reported here:
https://lore.kernel.org/buildroot/20211028230131.5f50d6e7@gmx.net/
https://www.mail-archive.com/devel@uclibc-ng.org/msg01085.html
Signed-off-by: Peter Seiderer <ps.report@gmx.net> | 
|  | … using the same rules glibc does
also call __hnbad in some places to check answers | 
|  | they merely call dn_{comp,expand} slightly rearranging the arguments
Signed-off-by: mirabilos <mirabilos@evolvis.org> | 
|  | Signed-off-by: mirabilos <mirabilos@evolvis.org> | 
|  | Minimal-invasive change: just ifdeffing away the older code.
There is no reason to have two different sets of functions doing
the same thing, one used in half the code and another, doing less
escaping, in the other half; just use one.
Signed-off-by: mirabilos <mirabilos@evolvis.org> | 
|  | Signed-off-by: akater <nuclearspace@gmail.com> | 
|  | Import musl C sockatmark implementation into uClibc-ng.
Signed-off-by: Clement Leger <cleger@kalray.eu>
Acked-by: Yann Sionneau <ysionneau@kalray.eu> | 
|  | map_newlink() may abort when interface list changed between netlink
request for getting interfaces and getting addresses. This commit is
ported from the same change from glibc commit.
Signed-off-by: Vincent Hou <vincent.houyi@gmail.com> | 
|  | Old version manages strings the regular way (i.e. counting on zero-ended
sequences). In fact strings captured from the /etc/ethers file are
'\n'-ended. So, for example, using strchr function could lead to buffer
overflow.
Reported-by: "Andrey V. Zhmurin" <zhmurin_a@mcst.ru | 
|  |  | 
|  |  | 
|  |  | 
|  | The recvmmsg and sendmmsg is very important for UDP stream application.
If we only use recvmsg for UDP stream, it will only copy one mtu size
of data in a syscall. And recvmmsg copy as many as you want in a syscall.
So recvmmsg is more efficient,and some applications will depends on the
recvmmsg and sendmmsg, eg: UDP media stream player.
Signed-off-by: Guo Ren <ren_guo@c-sky.com> | 
|  |  | 
|  |  | 
|  | The included RPC implementation is ipv4 only.
Other C library projects have either deprecated the internal
RPC implementation (GNU C Library) or never implemented such
functionality (musl C Library). The latest rpcbind release (0.2.4)
checks for libtirpc and does not allow to be build with uClibc-ng
RPC without patching. The common use case for RPC nowadays is to
use rpcbind together with nfs-utils to provide NFS server or client
support to a system.
The included RPC implementation does create issues with duplicate
symbol failures when statically compiling with RPC enabled. | 
|  | Follow documented behaviour:
http://man7.org/linux/man-pages/man3/getnameinfo.3.html
Sync with GNU libc behaviour. | 
|  |  | 
|  | As __UCLIBC_HAS_GETTEXT_AWARENESS__ is never defined, this is
mostly dead code. It is planned to integrate libiconv-tiny
and gettext-tiny into uClibc-ng after the next release, so
that more software packages can be used without modification.
Remove any _/_N macro usage. | 
|  | CVE-2016-4429:
The call is technically in a loop, and under certain circumstances
(which are quite difficult to reproduce in a test case), alloca
can be invoked repeatedly during a single call to clntudp_call.
As a result, the available stack space can be exhausted (even
though individual alloca sizes are bounded implicitly by what
can fit into a UDP packet, as a side effect of the earlier
successful send operation).
From GNU libc:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=bc779a1a5b3035133024b21e2f339fe4219fb11c | 
|  | When resolving an unqualified host name, the resolver tries the original
name first before appending the domains from the search list. If a TLD
with the same name exists, the query will succeed (but yield no A record)
and the resolver will return HOST_NOT_FOUND without trying the search
domains.
This patch changes the lookup order for unqualified host names (without
dots) to try the search domains first and the original name last.
Signed-off-by: Ingo van Lil <inguin@gmx.de> | 
|  | When trying to resolve a hostname by getaddrinfo() using some specific
settings, it will always return -EAI_NONAME (Name or service not known).
To reproduce this behavior, you need to request an IPv6 address with the
additional AF_V4MAPPED flag set from an non IPv6 capable hostname. If
you choose a IPv4/IPv6 capable hostname like google.com, everything
works fine.
This patch is more or less a port [1][2] from the glibc and their behavior
for the AF_V4MAPPED flag. To test the bug you can use the following snippet.
---- 8< ----
int ret;
struct addrinfo* result;
struct addrinfo hints;
memset(&hints, 0, sizeof(struct addrinfo));
hints.ai_family = AF_INET6;
hints.ai_flags = AI_V4MAPPED;
ret = getaddrinfo("test.com", NULL, &hints, &result);
printf("getaddrinfo(): %i", ret);
---- 8< ----
[1] https://sourceware.org/git/?p=glibc.git;a=commit;f=sysdeps/posix/getaddrinfo.c;h=925c3c5c71596c02f7e58a0ffcdcaae44eb065c1
[2] https://sourceware.org/git/?p=glibc.git;a=commit;f=sysdeps/posix/getaddrinfo.c;h=28977c2c1acb789660ad47e0d88e42486059c916
Signed-off-by: Alexander Wenzel <alexander.wenzel@qsc.de> | 
|  |  | 
|  | As recently reported on the Buildroot list:
http://lists.busybox.net/pipermail/buildroot/2016-March/155325.html
DNS lookups with Node.js currently fails on uClibc-ng. The reason for this
is the way AI_V4MAPPED is handled.  According to POSIX, AI_V4MAPPED should
be ignored unless ai_family is AF_INET6:
http://pubs.opengroup.org/onlinepubs/9699919799/functions/freeaddrinfo.html
If the AI_V4MAPPED flag is specified along with an ai_family of AF_INET6,
then getaddrinfo() shall return IPv4-mapped IPv6 addresses on finding no
matching IPv6 addresses (ai_addrlen shall be 16).  The AI_V4MAPPED flag
shall be ignored unless ai_family equals AF_INET6.
uClibc-ng was also handling AI_V4MAPPED for AF_UNSPEC, fix that.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com> | 
|  | This lessens the load on upstream DNS servers (and it was just nonsensical).
Signed-off-by: Tim Hockin <thockin@google.com> | 
|  | Currently a miss on a search-path entry is counted as a retry.  This means that
users with more than (num_nameservers * retries) entries in their search path
list fail before trying all search paths.  Concretely, a single nameserver with
4 search paths will never try the 4th search because the default retry is 3.
The code doesn't currently retry a given nameserver in case of an error, so
retries is sort of meaningless (though there are some comments indicating it
might come).  This change only treats total failure of a nameserver (try next
server) as a retry.
Signed-off-by: Tim Hockin <thockin@google.com> | 
|  | on system where resolv.conf is not in /etc .
Signed-off-by: Ubaldo Porcheddu <ubaldo@eja.it> | 
|  | Write a terminating '\0' to dest when the first byte of the encoded data
is 0. This corner case was previously missed.
Signed-off-by: Daniel Fahlgren <daniel@fahlgren.se>
Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org> | 
|  | It is possible to get stuck in an infinite loop when receiving a
specially crafted DNS reply. Exit the loop after a number of iteration
and consider the packet invalid.
Signed-off-by: Daniel Fahlgren <daniel@fahlgren.se>
Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org> | 
|  | Although gethostent() is obsoleted, there is no reason to keep it broken.
Fix two problems:
* commit f65e66078b "resolver: switch to config parser" leave an extra break
  statement in case of GETHOSTENT in __read_etc_hosts_r. In result,
  output buffer wasn't initialized at all.
* gethostent static buffer has insufficient size to store aliases,
  so __read_etc_hosts_r always returns ERANGE. Restore ALIAS_DIM define.
Add test-case.
Signed-off-by: Leonid Lisovskiy <lly.dev@gmail.com> | 
|  | Save ~1k static space (.bss)
   text    data     bss     dec     hex filename
-    68       0     126     194      c2 libc/inet/gethostent.os
-    79       0     460     539     21b libc/inet/gethostbyname2.os
-    83       0     460     543     21f libc/inet/gethostbyaddr.os
+    98       0      24     122      7a libc/inet/gethostent.os
+   110       0      24     134      86 libc/inet/gethostbyname2.os
+   113       0      24     137      89 libc/inet/gethostbyaddr.os
==================================================================
    +91            -974
Signed-off-by: Leonid Lisovskiy <lly.dev@gmail.com> | 
|  | order
Implement simplest variant of /etc/gai.conf to control getaddrinfo
IPv6/IPv4 addresses sorting. Keep the default sort order - IPv6 first,
IPv4 second. To invert it, create /etc/gai.conf containing single line:
 precedence ::ffff:0:0/96  100
Example before:
$ nslookup security.debian.org 8.8.8.8
Server:    8.8.8.8
Address 1: 8.8.8.8 google-public-dns-a.google.com
Name:      security.debian.org
Address 1: 2001:a78:5:0:216:35ff:fe7f:be4f villa.debian.org
Address 2: 2001:a78:5:1:216:35ff:fe7f:6ceb lobos.debian.org
Address 3: 195.20.242.89 wieck.debian.org
Address 4: 212.211.132.250 lobos.debian.org
Address 5: 212.211.132.32 villa.debian.org
After patch & precedence set in /etc/gai.conf:
$ nslookup security.debian.org 8.8.8.8
Server:    8.8.8.8
Address 1: 8.8.8.8 google-public-dns-a.google.com
Name:      security.debian.org
Address 1: 195.20.242.89 wieck.debian.org
Address 2: 212.211.132.250 lobos.debian.org
Address 3: 212.211.132.32 villa.debian.org
Address 4: 2001:a78:5:0:216:35ff:fe7f:be4f villa.debian.org
Address 5: 2001:a78:5:1:216:35ff:fe7f:6ceb lobos.debian.org
 bloat-o-meter report:
function                                             old     new   delta
getaddrinfo                                          726    1138    +412
gaih_inet                                           2660    2692     +32
.rodata                                            16618   16643     +25
__gai_precedence                                       -       1      +1
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 4/0 up/down: 882/0)             Total: 470 bytes
Signed-off-by: Leonid Lisovskiy <lly.dev@gmail.com> | 
|  | lookups
The latter half of gethostbyname2_r (doing AAAA queries) is rather dramatically different
from the corresponding portion of gethostbyname_r (doing A queries). This leads to problems
like calls to getaddrinfo only returning one IPv6 address, even when multiple exist.
Seems to be entirely a case of divergent evolution -- a half-decade of fixes for the IPv4
code but no love for IPv6. Until now. ;)
DNS behaviour for IPv6 is really no different than for IPv4 -- beyond the difference in
address sizes, there's no need for the functions to be so different.
Consequently, this patch really is almost just a cut-and-paste of gethostbyname_r, with
the appropriate substitutions of in6_addr, AF_INET6, etc; while holding on to the few
extra bits that actually belong in there (eg #ifdef __UCLIBC_HAS_IPV6__).
Signed-off-by: Wes Campaigne <westacular@gmail.com> | 
|  | Commit 2dab3f5a "resolv: tiny shrinkage in /etc/hosts handling" leads to
that read_etc_hosts_r() provide garbage pointer at the end of h_aliases
list if more than four hostnames follow a dotted quad in /etc/hosts
Test-case:
Add following line to /etc/hosts
63.63.0.2    host1 alias2 alias3 alias4 alias5
	#include <stdio.h>
	#include <errno.h>
	#include <netdb.h>
	#include <sys/types.h>
	#include <sys/socket.h>
	#include <netinet/in.h>
	#include <arpa/inet.h>
	int main (void)
	{
		int i;
		char *a;
		struct hostent *he;
		struct in_addr ipv4addr;
		inet_pton(AF_INET, "63.63.0.2", &ipv4addr);
		he = gethostbyaddr(&ipv4addr, sizeof ipv4addr, AF_INET);
		if (he == NULL)
			exit(1);
		printf("Host name: '%s'\n", he->h_name);
		i = 0;
		while ((a = he->h_aliases[i]) != NULL) {
			printf("Host alias: '%s'\n", a);
			++i;
		}
		return 0;
	}
 Wrong output:
 Host name: 'host1'
 Host alias: 'alias2'
 Host alias: 'alias3'
 Host alias: 'alias4'
 Host alias: 'alias5'
 Host alias: '??'
Signed-off-by: Leonid Lisovskiy <lly.dev@gmail.com>
Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org> | 
|  | set error events
https://bugs.busybox.net/show_bug.cgi?id=3211
Signed-off-by: Leonid Lisovskiy <lly.dev@gmail.com>
Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org> | 
|  | Free 1k of static data (.bss)
Signed-off-by: Leonid Lisovskiy <lly.dev@gmail.com>
Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org> | 
|  | http://bugs.busybox.net/show_bug.cgi?id=5588
Signed-off-by: Leonid Lisovskiy <lly.dev@gmail.com>
Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org> | 
|  | I mailed with Jan-Benedict Glaw, it seems VAX on Linux
is really a lot of work todo and uClibc support didn't work ever. |