OpenBSD CVS Repository (original) (raw)

CVS Repository/src/lib/libc/asr/ asr.c

OpenBSD release(s):
1.70 (79), 1.69 (78), 1.68 (77 76 75 74 73 72 71), 1.65 (70 69), 1.64 (68), 1.62 (67), 1.61 (66 65), 1.60 (64), 1.59 (63), 1.57 (62 61), 1.54 (60), 1.51 (59), 1.38 (58), 1.35 (57), 1.33 (56), 1.31 (55 54), 1.14 (53), 1.3 (52),
Tags:
None

revision 1.70/(Download) -annotate -Tue, 10 Mar 2026 00:06:39 UTC by deraadt
OpenBSD release(s): 79
Changes since 1.69: +2 -2(diff)

Use __pledge_open(2) for files that libc urgently needs even in lower promise levels. You must be running a kernel at least 4 days old. Soon, another commit will happen that breaks compatibility even further, and you'll need new static binaries and new libc.so, along with a new kernel. This removes an old pledge design decision which is weak. Long discussions with david leadbeater and beck

revision 1.69/(Download) -annotate -Wed, 18 Jun 2025 13:50:02 UTC by deraadt
OpenBSD release(s): 78
Changes since 1.68: +17 -8(diff)

Periodic re-check of /etc/resolv.conf was done with stat(), then open(), then parse. This is not a TOCTOU because there is no data dependency problem. However, this is intricately tied into an undocumented secret contract between libc and kernel for pledge("dns"), where a pledge_namei() callback checks which path & system call is doing the operation. I had to add a SYS_stat check rather than relying on just the SYS_open check. I prefer to be reduce the sneakiness. In a year after statically-linked binaries have been replaced everywhere, I can tighten the pledge_namei() check by removing the SYS_stat check. ok dlg guenther florian

revision 1.68/(Download) -annotate -Thu, 20 Jan 2022 14🔞10 UTC by naddy
OpenBSD release(s): 77 76 75 74 73 72 71
Changes since 1.67: +3 -3(diff)

remove unused variable from all copies of _asr_strdname()

... including those inlined into print_dname(). This also fixes -Wunused-but-set-variable warnings warnings in smtpd and smtpctl. The code was imported with asr and then copied around.

ok deraadt@ guenther@

revision 1.67/(Download) -annotate -Mon, 22 Nov 2021 20🔞27 UTC by jca
Changes since 1.66: +28 -3(diff)

Implement rfc6840 (AD flag processing) if using trusted name servers

libc can't do DNSSEC validation but it can ask a "security-aware" resolver to do so. Let's send queries with the AD flag set when appropriate, and let applications look at the AD flag in responses in a safe way, ie clear the AD flag if the resolvers aren't trusted. By default we only trust resolvers if resolv.conf(5) only lists name servers on localhost - the obvious candidates being unwind(8) and unbound(8). For non-localhost resolvers, an admin who trusts all the name servers listed in resolv.conf(5) and the network path leading to them can annotate this with "options trust-ad".

AD flag processing gives ssh -o VerifyHostkeyDNS=Yes a chance to fetch SSHFP records in a secure manner, and tightens the situation for other applications, eg those using RES_USE_DNSSEC for DANE. It should be noted that postfix currently assumes trusted name servers by default and forces RES_TRUSTAD if available.

RES_TRUSTAD and "options trust-ad" were first introduced in glibc by Florian Weimer. Florian Obser (florian@) contributed various improvements, fixed a bug and added automatic trust for name servers on localhost.

ok florian@ phessler@

revision 1.66/(Download) -annotate -Fri, 05 Nov 2021 13:08:58 UTC by kn
Changes since 1.65: +1 -3(diff)

Zap unused variables

OK martijn

revision 1.65/(Download) -annotate -Wed, 06 Jan 2021 19:54:17 UTC by otto
OpenBSD release(s): 70 69
Changes since 1.64: +21 -3(diff)

Fix two issues related to thread private data in asr.

setting up asr in single thread mode and then starting threads using asr would lead to multiple threads sharing the same resolver.
destruction of a thread that has been using asr would leak data. Problem originally reported by Alexey Sokolov and Uli Schlachter. ok kettenis@

revision 1.64/(Download) -annotate -Mon, 06 Jul 2020 13:33:05 UTC by pirofti
OpenBSD release(s): 68
Changes since 1.63: +4 -4(diff)

Add support for timeconting in userland.

This diff exposes parts of clock_gettime(2) and gettimeofday(2) to userland via libc eliberating processes from the need for a context switch everytime they want to count the passage of time.

If a timecounter clock can be exposed to userland than it needs to set its tc_user member to a non-zero value. Tested with one or multiple counters per architecture.

The timing data is shared through a pointer found in the new ELF auxiliary vector AUX_openbsd_timekeep containing timehands information that is frequently updated by the kernel.

Timing differences between the last kernel update and the current time are adjusted in userland by the tc_get_timecount() function inside the MD usertc.c file.

This permits a much more responsive environment, quite visible in browsers, office programs and gaming (apparently one is are able to fly in Minecraft now).

Tested by robert@, sthen@, naddy@, kmos@, phessler@, and many others!

OK from at least kettenis@, cheloha@, naddy@, sthen@

revision 1.63/(Download) -annotate -Sun, 07 Jun 2020 16:16:01 UTC by deraadt
Changes since 1.62: +3 -1(diff)

In the libc resolver function asr_run(), clear the result buffer everytime, because there are callers who were inspecting unrelated fields. discussion with eric, otto, solution from semarie this is errata 6.6/031_asr and 6.7/009_asr

revision 1.62/(Download) -annotate -Thu, 24 Oct 2019 05:57:41 UTC by otto
OpenBSD release(s): 67
Branch point for:1.62.4.1
Changes since 1.61: +38 -5(diff)

Allow the caller of asr functions to create and use a specific context. Diff from eric@ and florian@, commiting on their behalf since they are absent and we want to ride the minor shlib bump.

revision 1.61/(Download) -annotate -Mon, 22 Oct 2018 17:31:24 UTC by krw
OpenBSD release(s): 66 65
Branch point for:1.61.4.1
Changes since 1.60: +2 -2(diff)

More "explicitely" -> "explicitly" in various comments.

ok guenther@ tb@ deraadt@

revision 1.60/(Download) -annotate -Sat, 28 Apr 2018 15:16:49 UTC by schwarze
OpenBSD release(s): 64
Changes since 1.59: +1 -7(diff)

To allow us to get rid of /etc/networks, make getnetby*(3) wrappers around gethostby*_async(3). If you had anything of importance in /etc/networks, specify it in /etc/hosts instead. Feedback and OK eric@, OK deraadt@

revision 1.59/(Download) -annotate -Tue, 13 Mar 2018 12:25:34 UTC by jca
OpenBSD release(s): 63
Changes since 1.58: +5 -6(diff)

Fix comments

ok eric@ a while ago

revision 1.58/(Download) -annotate -Tue, 06 Feb 2018 13:00:48 UTC by eric
Changes since 1.57: +33 -18(diff)

make sure that all error paths are correctly handled in asr_run_sync() and that the result is always properly set when the functions returns. fix issues spotted by claudio@.

ok claudio@

revision 1.57/(Download) -annotate -Mon, 27 Feb 2017 10:44:46 UTC by jca
OpenBSD release(s): 62 61
Changes since 1.56: +2 -2(diff)

Put a common flags field in the query struct, rather than in some elements of the union.

This field is for internal asr flags. The flags in "struct rrset" and "struct ni" are different kinds of flags.

ok eric@

revision 1.56/(Download) -annotate -Thu, 23 Feb 2017 17:04:02 UTC by eric
Changes since 1.55: +5 -13(diff)

Put a common subq pointer in the query struct, rather than one in each element of the union.

ok gilles@ millert@ krw@

revision 1.55/(Download) -annotate -Sat, 18 Feb 2017 19:23:05 UTC by jca
Changes since 1.54: +3 -1(diff)

Add EDNS0 support.

EDNS allows for various DNS extensions, among which UDP DNS packets size bigger than 512 bytes. The default is still to not advertize anything.

ok eric@

revision 1.54/(Download) -annotate -Sat, 18 Jun 2016 15:25:28 UTC by reyk
OpenBSD release(s): 60
Changes since 1.53: +1 -2(diff)

Remove duplicated line.

OK eric@

revision 1.53/(Download) -annotate -Fri, 27 May 2016 11:25:57 UTC by sthen
Changes since 1.52: +2 -2(diff)

typo fixes; Anthony Coulter

revision 1.52/(Download) -annotate -Thu, 26 May 2016 06:59:42 UTC by jmatthew
Changes since 1.51: +19 -4(diff)

Calculate elapsed time in poll() and subtract that from the remaining time when restarting poll() after receiving a signal.

The ruby runtime send signals to threads periodically, so without accounting for elapsed time, the timeout would never expire if we didn't get a response from a nameserver.

ok deraadt@ eric@

revision 1.51/(Download) -annotate -Wed, 24 Feb 2016 20:52:53 UTC by eric
OpenBSD release(s): 59
Changes since 1.50: +4 -2(diff)

Avoid a possible double-free if the "search" keyword is used multiple times.

ok jca@ gilles@

revision 1.50/(Download) -annotate -Wed, 16 Dec 2015 16:32:30 UTC by deraadt
Changes since 1.49: +1 -48(diff)

Remove support for HOSTALIASES from the resolver. This "open and parse any file indicated by an environment variable" feature inside the resolver is incompatible with what pledge "dns" is trying to be. It is a misguided "feature" added way back in history which almost noone uses, but everyone has to assume the risk from. ok eric florian kettenis

revision 1.49/(Download) -annotate -Mon, 23 Nov 2015 18:04:53 UTC by deraadt
Changes since 1.48: +4 -4(diff)

Remove support for "lookup yp" in /etc/resolv.conf. This historical wart is incompatible with pledge, because suddenly a "dns" operation needs "getpw" access to ypbind/ypserv, etc. file + dns access is enough for everyone, sorry if you were using that old SunOS 4.x style mechanism, but it is now gone. ok semarie millert florian

revision 1.48/(Download) -annotate -Wed, 28 Oct 2015 21:38:45 UTC by eric
Changes since 1.47: +4 -14(diff)

We are always using _PATH_RESCONF, so no need to remember the path on the resolver.

ok millert@ deraadt@

revision 1.47/(Download) -annotate -Wed, 28 Oct 2015 11:52:26 UTC by deraadt
Changes since 1.46: +1 -22(diff)

Remove support for [addr]:port syntax from the "nameserver" line. This extension never made it to other systems. (pledge is also happy with this. The idea of DNS @ any port collides with pledge encouraring differentiation between DNS and non-DNS sockets) ok phessler jung sthen kettenis

revision 1.46/(Download) -annotate -Wed, 07 Oct 2015 13:59:34 UTC by deraadt
Changes since 1.45: +7 -1(diff)

getaddrinfo_async() shouldn't unconditionally intialize the resolver via _asr_use_resolver(). If the hint specifies for AI_NUMERICHOST, create a transient lookup context which won't try to open /etc/reslov.conf ok eric guenther

revision 1.45/(Download) -annotate -Sat, 03 Oct 2015 22:35:30 UTC by deraadt
Changes since 1.44: +13 -63(diff)

Initially eric developers asr as a side-load style library for async DNS. When it was integrated as the main resolver, a bunch of strange initialization code remained. Start whittling away at this, piece by piece, to make it more clear. ok eric

revision 1.44/(Download) -annotate -Sat, 03 Oct 2015 09:57:30 UTC by eric
Changes since 1.43: +5 -5(diff)

missing asr* -> _asr* symbol rename for building with debug code

ok jca@

revision 1.43/(Download) -annotate -Sun, 20 Sep 2015 14:19:21 UTC by eric
Changes since 1.42: +1 -2(diff)

remove bogus includes of err.h

revision 1.42/(Download) -annotate -Sun, 20 Sep 2015 12:50:58 UTC by eric
Changes since 1.41: +2 -3(diff)

use _PATH_RESCONF directly

revision 1.41/(Download) -annotate -Mon, 14 Sep 2015 11:52:49 UTC by guenther
Changes since 1.40: +3 -1(diff)

Wrap <asr.h> so internal calls go direct and all the symbols are weak

revision 1.40/(Download) -annotate -Wed, 09 Sep 2015 15:49:34 UTC by deraadt
Changes since 1.39: +26 -26(diff)

Hide all unnecessary asr / resolver related API with _ prefixes. direction & ok guenther

revision 1.39/(Download) -annotate -Wed, 02 Sep 2015 13:47:47 UTC by deraadt
Changes since 1.38: +2 -2(diff)

use _PATH_RESCONF

revision 1.38/(Download) -annotate -Thu, 04 Jun 2015 19:23:17 UTC by eric
OpenBSD release(s): 58
Changes since 1.37: +9 -1(diff)

make sure to check for resolv.conf update the first time the resolver is used after pid has changed.

ok deraadt@

revision 1.37/(Download) -annotate -Fri, 29 May 2015 08:49:37 UTC by eric
Changes since 1.36: +9 -2(diff)

fix a possible off-by-one when reading /etc/hosts if it doesn't end with a newline.

ok jca@

revision 1.36/(Download) -annotate -Tue, 26 May 2015 19:28:57 UTC by eric
Changes since 1.35: +1 -4(diff)

simply use _PATH_HOSTS where appropriate

revision 1.35/(Download) -annotate -Fri, 16 Jan 2015 16:48:51 UTC by deraadt
OpenBSD release(s): 57
Changes since 1.34: +2 -1(diff)

Move to the <limits.h> universe. review by millert, binary checking process with doug, concept with guenther

revision 1.34/(Download) -annotate -Mon, 15 Sep 2014 06:15:48 UTC by guenther
Changes since 1.33: +3 -3(diff)

When fopen()ing internal to libc (the API doesn't support the use of the resulting FILE *), then pass fopen() the 'e' mode letter to mark it close-on-exec.

ok miod@

revision 1.33/(Download) -annotate -Wed, 26 Mar 2014 18:13:15 UTC by eric
OpenBSD release(s): 56
Changes since 1.32: +4 -3(diff)

Make the asr API public. Install asr.h to /usr/include.h and manpages. Include tweaks suggested by mpi@

ok deraadt@

revision 1.32/(Download) -annotate -Tue, 25 Mar 2014 19:48:11 UTC by eric
Changes since 1.31: +20 -18(diff)

Cleanup and simplify the API to be exposed. Use better names for structures, functions and defines.

discussed with and ok deraadt@ guenther@

revision 1.31/(Download) -annotate -Fri, 12 Jul 2013 14:36:21 UTC by eric
OpenBSD release(s): 55 54
Changes since 1.30: +22 -22(diff)

Make some symbols static and prefix all visible symbols with asr_ to prevent collisions with third-party programs.

suggested by sthen@, ok theo@

revision 1.30/(Download) -annotate -Sat, 01 Jun 2013 15:02:01 UTC by eric
Changes since 1.29: +1 -108(diff)

Move search domain iteration code in res_search_async.c where it belongs.

revision 1.29/(Download) -annotate -Sat, 01 Jun 2013 14:34:34 UTC by eric
Changes since 1.28: +1 -20(diff)

Make hostaliases work for gethostbyname() and getaddrinfo() when looking into /etc/hosts. Remove the alias check from the search domain iteration. Instead, take a shortcut to res_query_async_ctx() in res_search_async_ctx().

revision 1.28/(Download) -annotate -Sat, 01 Jun 2013 12:38:29 UTC by eric
Changes since 1.27: +12 -13(diff)

Update asr_hostaliases() to make all necessary checks in the function. Explicitely check for issetguid() before calling getenv(). Also make asr_hostalias() callable from other parts of asr too.

revision 1.27/(Download) -annotate -Sat, 01 Jun 2013 09:21:09 UTC by eric
Changes since 1.26: +1 -32(diff)

iterating over the ns list only matters for res_send_async.c, so move things around.

revision 1.26/(Download) -annotate -Mon, 27 May 2013 17:31:01 UTC by eric
Changes since 1.25: +4 -4(diff)

Add minimal support for _res setup and update.

Change res_init() to initialize the _res structure on first call, and udpate the global async context if changes were made by the user. All resolver functions now call res_init() internally.

fixes issue spotted by otto@

revision 1.25/(Download) -annotate -Tue, 30 Apr 2013 12:02:39 UTC by eric
Changes since 1.24: +2 -2(diff)

Do not take external buffers for storing DNS responses in the internal async API. That is actually useless and it makes the code more complicated. The required buffers are always allocated when needed.

revision 1.24/(Download) -annotate -Wed, 17 Apr 2013 19:13:23 UTC by otto
Changes since 1.23: +17 -10(diff)

check return value of strdup(), fix mem leak in error path and take into account that asr_use_resolver() can return NULL; ok tedu@ eric@

revision 1.23/(Download) -annotate -Wed, 17 Apr 2013 02:09:18 UTC by deraadt
Changes since 1.22: +5 -5(diff)

give a timespec a name that is easier to verify

revision 1.22/(Download) -annotate -Thu, 11 Apr 2013 20:19:16 UTC by otto
Changes since 1.21: +3 -3(diff)

Proper access of _THREAD_PRIVATE storage. Avoids a mem leak and reinit of resolver context for each resolver call for single threaded programs. With and ok tedu@ ok eric@

revision 1.21/(Download) -annotate -Mon, 01 Apr 2013 20:41:12 UTC by eric
Changes since 1.20: +9 -18(diff)

If more than one lookup line is found in resolv.conf, the latest one takes precedence. Simplify code while there.

suggested by deraadt@

revision 1.20/(Download) -annotate -Mon, 01 Apr 2013 20:22:27 UTC by eric
Changes since 1.19: +18 -12(diff)

properly check for domain name truncation at various places and fail if that happens.

prodded by deraadt@

revision 1.19/(Download) -annotate -Mon, 01 Apr 2013 15:49:54 UTC by deraadt
Changes since 1.18: +6 -6(diff)

space cleanup; ok eric

revision 1.18/(Download) -annotate -Sun, 31 Mar 2013 19:42:10 UTC by eric
Changes since 1.17: +9 -3(diff)

Principle of least astonishment: implement nameserver retry/backoff as in the former resolver.

revision 1.17/(Download) -annotate -Sat, 30 Mar 2013 20:00:08 UTC by eric
Changes since 1.16: +2 -2(diff)

Do not assume local nameserver if resolv.conf doesn't exist, just use /etc/hosts.

discussed with deraadt@

revision 1.16/(Download) -annotate -Sat, 30 Mar 2013 08:06:42 UTC by otto
Changes since 1.15: +2 -2(diff)

don't ever skip reload the very first time; detective work by rpe@; ok eric@

revision 1.15/(Download) -annotate -Wed, 27 Mar 2013 07:40:41 UTC by eric
Changes since 1.14: +1 -3(diff)

Only use the search domains for DNS lookups, as the current resolver does. Better not diverge too much in behavior at this point. Typo fix and doc update while there.

revision 1.14/(Download) -annotate -Sat, 24 Nov 2012 15:12:48 UTC by eric
OpenBSD release(s): 53
Changes since 1.13: +24 -24(diff)

knf

revision 1.13/(Download) -annotate -Sun, 09 Sep 2012 16:45:14 UTC by eric
Changes since 1.12: +10 -5(diff)

tweak options

revision 1.12/(Download) -annotate -Sun, 09 Sep 2012 12:46:36 UTC by eric
Changes since 1.11: +48 -5(diff)

allow to disable some features at build time

revision 1.11/(Download) -annotate -Sun, 09 Sep 2012 12:15:32 UTC by eric
Changes since 1.10: +6 -6(diff)

cleanup asr_debug.c

revision 1.10/(Download) -annotate -Sun, 09 Sep 2012 09:42:06 UTC by eric
Changes since 1.9: +38 -91(diff)

use proper macros for debug traces.

revision 1.9/(Download) -annotate -Fri, 07 Sep 2012 13:49:43 UTC by eric
Changes since 1.8: +18 -23(diff)

return value has no use; make it void. fix comment.

revision 1.8/(Download) -annotate -Thu, 06 Sep 2012 19:59:09 UTC by eric
Changes since 1.7: +9 -11(diff)

config parsing is done in one pass now. no need to use callback anymore.

revision 1.7/(Download) -annotate -Thu, 06 Sep 2012 11:26:34 UTC by eric
Changes since 1.6: +24 -28(diff)

add a strsplit() helper to factorize code a bit.

revision 1.6/(Download) -annotate -Wed, 05 Sep 2012 21:49:12 UTC by eric
Changes since 1.5: +3 -10(diff)

Get rid of the hostaddr_async subquery and merge its behaviour directly into getaddrinfo_async_run. Simplifies everything by a great deal.

revision 1.5/(Download) -annotate -Wed, 05 Sep 2012 15:56:13 UTC by eric
Changes since 1.4: +7 -9(diff)

Make hostaddr_async() return a linked list of struct addrinfo. First round of a getaddrinfo_async() simplification. The goal is to make YP support easier to add, and eventually remove the whole hostaddr_async subquery.

revision 1.4/(Download) -annotate -Sat, 18 Aug 2012 16:48:17 UTC by eric
Changes since 1.3: +12 -6(diff)

ensure that async_run() and async_run_sync() always preserve errno.

revision 1.3/(Download) -annotate -Sun, 15 Apr 2012 22:25:14 UTC by eric
OpenBSD release(s): 52
Changes since 1.2: +24 -14(diff)

Create a new resolver for each thread. It will be done differently eventually, but it's enough for now to make the blocking API fully thread-safe without locking.

revision 1.2/(Download) -annotate -Sat, 14 Apr 2012 12:06:13 UTC by eric
Changes since 1.1: +6 -6(diff)

only define DEBUG internally

revision 1.1/(Download) -annotate -Sat, 14 Apr 2012 09:24:18 UTC by eric

Import asr, an experimental async resolver implementation. The idea is to eventually replace the existing resolver with something better. Time to start working on it in tree.

ok deraadt@

revision 1.61.4.1/(Download) -annotate -Sun, 07 Jun 2020 16:16:17 UTC by deraadt
Changes since 1.61: +3 -1(diff)

revision 1.62.4.1/(Download) -annotate -Sun, 07 Jun 2020 16:16:36 UTC by deraadt
Changes since 1.62: +3 -1(diff)