1 /* $NetBSD: resolv.h,v 1.31 2005/12/26 19:01:47 perry Exp $ */
2
3 /*
4 * Copyright (c) 1983, 1987, 1989
5 * The Regents of the University of California. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the University nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 /*
33 * Copyright (c) 2004 by Internet Systems Consortium, Inc. ("ISC")
34 * Portions Copyright (c) 1996-1999 by Internet Software Consortium.
35 *
36 * Permission to use, copy, modify, and distribute this software for any
37 * purpose with or without fee is hereby granted, provided that the above
38 * copyright notice and this permission notice appear in all copies.
39 *
40 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES
41 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
42 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR
43 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
44 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
45 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
46 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
47 */
48
49 #pragma once
50
51 #include <android-base/logging.h>
52 #include <android-base/unique_fd.h>
53 #include <net/if.h>
54 #include <time.h>
55 #include <string>
56 #include <vector>
57
58 #include "DnsResolver.h"
59 #include "netd_resolv/resolv.h"
60 #include "params.h"
61 #include "stats.pb.h"
62
63 // Linux defines MAXHOSTNAMELEN as 64, while the domain name limit in
64 // RFC 1034 and RFC 1035 is 255 octets.
65 #ifdef MAXHOSTNAMELEN
66 #undef MAXHOSTNAMELEN
67 #endif
68 #define MAXHOSTNAMELEN 256
69
70 /*
71 * Global defines and variables for resolver stub.
72 */
73 #define RES_TIMEOUT 5000 /* min. milliseconds between retries */
74 #define RES_DFLRETRY 2 /* Default #/tries. */
75
76 // Flags for res_state->_flags
77 #define RES_F_VC 0x00000001 // socket is TCP
78 #define RES_F_EDNS0ERR 0x00000004 // EDNS0 caused errors
79
80 // Holds either a sockaddr_in or a sockaddr_in6.
81 union sockaddr_union {
82 struct sockaddr sa;
83 struct sockaddr_in sin;
84 struct sockaddr_in6 sin6;
85 };
86 constexpr int MAXPACKET = 8 * 1024;
87
88 struct ResState {
closeSocketsResState89 void closeSockets() {
90 tcp_nssock.reset();
91 _flags &= ~RES_F_VC;
92
93 for (auto& sock : nssocks) {
94 sock.reset();
95 }
96 }
97
nameserverCountResState98 int nameserverCount() { return nsaddrs.size(); }
99
100 // clang-format off
101 unsigned netid; // NetId: cache key and socket mark
102 uid_t uid; // uid of the app that sent the DNS lookup
103 pid_t pid; // pid of the app that sent the DNS lookup
104 uint16_t id; // current message id
105 std::vector<std::string> search_domains{}; // domains to search
106 std::vector<android::netdutils::IPSockAddr> nsaddrs;
107 android::base::unique_fd nssocks[MAXNS]; // UDP sockets to nameservers
108 unsigned ndots : 4; // threshold for initial abs. query
109 unsigned _mark; // If non-0 SET_MARK to _mark on all request sockets
110 android::base::unique_fd tcp_nssock; // TCP socket (but why not one per nameserver?)
111 uint32_t _flags = 0; // See RES_F_* defines below
112 android::net::NetworkDnsEventReported* event;
113 uint32_t netcontext_flags;
114 int tc_mode = 0;
115 bool enforce_dns_uid = false;
116 bool sort_nameservers = false; // A flag to indicate whether nsaddrs has been
117 // sorted or not.
118 // clang-format on
119 };
120
121 // TODO: remove these legacy aliases
122 typedef ResState* res_state;
123
124 /* End of stats related definitions */
125
126 /*
127 * Error code extending h_errno codes defined in bionic/libc/include/netdb.h.
128 *
129 * This error code, including legacy h_errno, is returned from res_nquery(), res_nsearch(),
130 * res_nquerydomain(), res_queryN(), res_searchN() and res_querydomainN() for DNS metrics.
131 *
132 * TODO: Consider mapping legacy and extended h_errno into a unified resolver error code mapping.
133 */
134 #define NETD_RESOLV_H_ERRNO_EXT_TIMEOUT RCODE_TIMEOUT
135
136 extern const char* const _res_opcodes[];
137
138 int res_nameinquery(const char*, int, int, const uint8_t*, const uint8_t*);
139 int res_queriesmatch(const uint8_t*, const uint8_t*, const uint8_t*, const uint8_t*);
140
141 int res_nquery(res_state, const char*, int, int, uint8_t*, int, int*);
142 int res_nsearch(res_state, const char*, int, int, uint8_t*, int, int*);
143 int res_nquerydomain(res_state, const char*, const char*, int, int, uint8_t*, int, int*);
144 int res_nmkquery(int op, const char* qname, int cl, int type, const uint8_t* data, int datalen,
145 uint8_t* buf, int buflen, int netcontext_flags);
146 int res_nsend(res_state statp, const uint8_t* buf, int buflen, uint8_t* ans, int anssiz, int* rcode,
147 uint32_t flags, std::chrono::milliseconds sleepTimeMs = {});
148 int res_nopt(res_state, int, uint8_t*, int, int);
149
150 int getaddrinfo_numeric(const char* hostname, const char* servname, addrinfo hints,
151 addrinfo** result);
152
153 // Helper function for converting h_errno to the error codes visible to netd
154 int herrnoToAiErrno(int herrno);
155
156 // switch resolver log severity
157 android::base::LogSeverity logSeverityStrToEnum(const std::string& logSeverityStr);
158
159 template <typename Dest>
saturate_cast(int64_t x)160 Dest saturate_cast(int64_t x) {
161 using DestLimits = std::numeric_limits<Dest>;
162 if (x > DestLimits::max()) return DestLimits::max();
163 if (x < DestLimits::min()) return DestLimits::min();
164 return static_cast<Dest>(x);
165 }
166
167 android::net::NsType getQueryType(const uint8_t* msg, size_t msgLen);
168
169 android::net::IpVersion ipFamilyToIPVersion(int ipFamily);
170
resolv_tag_socket(int sock,uid_t uid,pid_t pid)171 inline void resolv_tag_socket(int sock, uid_t uid, pid_t pid) {
172 // This is effectively equivalent to testing for R+
173 if (android::net::gResNetdCallbacks.tagSocket != nullptr) {
174 if (int err = android::net::gResNetdCallbacks.tagSocket(sock, TAG_SYSTEM_DNS, uid, pid)) {
175 LOG(WARNING) << "Failed to tag socket: " << strerror(-err);
176 }
177 }
178
179 // R+, since fchown() incompatible with Q's ebpf vpn isolation feature
180 if (android::net::gApiLevel >= 30) {
181 if (fchown(sock, uid, -1) == -1) {
182 LOG(WARNING) << "Failed to chown socket: " << strerror(errno);
183 }
184 }
185 }
186
addrToString(const sockaddr_storage * addr)187 inline std::string addrToString(const sockaddr_storage* addr) {
188 char out[INET6_ADDRSTRLEN] = {0};
189 getnameinfo((const sockaddr*)addr, sizeof(sockaddr_storage), out, INET6_ADDRSTRLEN, nullptr, 0,
190 NI_NUMERICHOST);
191 return std::string(out);
192 }
193