From 33b9f646559724e35f9b7dc661f3732e412c64a0 Mon Sep 17 00:00:00 2001 From: Marcel Holtmann Date: Tue, 15 Feb 2011 16:14:46 -0800 Subject: gweb: Avoid forward declarations in resolver code --- gweb/gresolv.c | 837 ++++++++++++++++++++++++++++----------------------------- 1 file changed, 417 insertions(+), 420 deletions(-) (limited to 'gweb') diff --git a/gweb/gresolv.c b/gweb/gresolv.c index 15dd0e40..938aa690 100644 --- a/gweb/gresolv.c +++ b/gweb/gresolv.c @@ -112,9 +112,6 @@ struct _GResolv { gpointer debug_data; }; -static void sort_and_return_results(struct resolv_lookup *lookup); -static void rfc3484_sort_results(struct resolv_lookup *lookup); - static inline void debug(GResolv *resolv, const char *format, ...) { char str[256]; @@ -157,117 +154,455 @@ static void destroy_lookup(struct resolv_lookup *lookup) g_free(lookup); } -static gboolean query_timeout(gpointer user_data) +static void find_srcaddr(struct sort_result *res) { - struct resolv_query *query = user_data; - struct resolv_lookup *lookup = query->lookup; - GResolv *resolv = query->resolv; + socklen_t sl = sizeof(res->src); + int fd; - query->timeout = 0; + fd = socket(res->dst.sa.sa_family, SOCK_DGRAM, IPPROTO_IP); + if (fd < 0) + return; - if (query == lookup->ipv4_query) { - lookup->ipv4_status = G_RESOLV_RESULT_STATUS_NO_RESPONSE; - lookup->ipv4_query = NULL; - } else if (query == lookup->ipv6_query) { - lookup->ipv6_status = G_RESOLV_RESULT_STATUS_NO_RESPONSE; - lookup->ipv6_query = NULL; + if (connect(fd, &res->dst.sa, sizeof(res->dst)) < 0) { + close(fd); + return; } - if (lookup->ipv4_query == NULL && lookup->ipv4_query == NULL) - sort_and_return_results(lookup); - - destroy_query(query); - g_queue_remove(resolv->query_queue, query); + if (getsockname(fd, &res->src.sa, &sl) < 0) { + close(fd); + return; + } - return FALSE; + res->reachable = TRUE; + close(fd); } -static void free_nameserver(struct resolv_nameserver *nameserver) +struct gai_table { - if (nameserver == NULL) - return; + unsigned char addr[NS_IN6ADDRSZ]; + int mask; + int value; +}; - if (nameserver->udp_watch > 0) - g_source_remove(nameserver->udp_watch); +static const struct gai_table gai_labels[] = { + { + .addr = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }, + .mask = 128, + .value = 0, + }, { + .addr = { 0x20, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + .mask = 16, + .value = 2, + }, { + .addr = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + .mask = 96, + .value = 3, + }, { + .addr = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00 }, + .mask = 96, + .value = 4, + }, { + /* Variations from RFC 3484, matching glibc behaviour */ + .addr = { 0xfe, 0xc0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + .mask = 10, + .value = 5, + }, { + .addr = { 0xfc, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + .mask = 7, + .value = 6, + }, { + .addr = { 0x20, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + .mask = 32, + .value = 7, + }, { + /* catch-all */ + .addr = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + .mask = 0, + .value = 1, + } +}; - if (nameserver->udp_channel != NULL) - g_io_channel_unref(nameserver->udp_channel); +static const struct gai_table gai_precedences[] = { + { + .addr = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }, + .mask = 128, + .value = 50, + }, { + .addr = { 0x20, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + .mask = 16, + .value = 30, + }, { + .addr = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + .mask = 96, + .value = 20, + }, { + .addr = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00 }, + .mask = 96, + .value = 10, + }, { + .addr = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + .mask = 0, + .value = 40, + } +}; - g_free(nameserver->address); - g_free(nameserver); +static unsigned char v4mapped[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00 }; + +static gboolean mask_compare(const unsigned char *one, + const unsigned char *two, int mask) +{ + if (mask > 8) { + if (memcmp(one, two, mask / 8)) + return FALSE; + one += mask / 8; + two += mask / 8; + mask %= 8; + } + + if (mask && ((*one ^ *two) >> (8 - mask))) + return FALSE; + + return TRUE; } -static void flush_nameservers(GResolv *resolv) +static int match_gai_table(struct sockaddr *sa, const struct gai_table *tbl) { - GList *list; + struct sockaddr_in *sin = (void *)sa; + struct sockaddr_in6 *sin6 = (void *)sa; + void *addr; - for (list = g_list_first(resolv->nameserver_list); - list; list = g_list_next(list)) - free_nameserver(list->data); + if (sa->sa_family == AF_INET) { + addr = v4mapped; + memcpy(v4mapped+12, &sin->sin_addr, NS_INADDRSZ); + } else + addr = &sin6->sin6_addr; - g_list_free(resolv->nameserver_list); - resolv->nameserver_list = NULL; + while (1) { + if (mask_compare(addr, tbl->addr, tbl->mask)) + return tbl->value; + tbl++; + } } -static int send_query(GResolv *resolv, const unsigned char *buf, int len) +#define DQUAD(_a,_b,_c,_d) ( ((_a)<<24) | ((_b)<<16) | ((_c)<<8) | (_d) ) +#define V4MATCH(addr, a,b,c,d, m) ( ((addr) ^ DQUAD(a,b,c,d)) >> (32 - (m)) ) + +#define RFC3484_SCOPE_LINK 2 +#define RFC3484_SCOPE_SITE 5 +#define RFC3484_SCOPE_GLOBAL 14 + +static int addr_scope(struct sockaddr *sa) { - GList *list; + if (sa->sa_family == AF_INET) { + struct sockaddr_in *sin = (void *)sa; + guint32 addr = ntohl(sin->sin_addr.s_addr); - if (resolv->nameserver_list == NULL) - return -ENOENT; + if (V4MATCH(addr, 169,254,0,0, 16) || + V4MATCH(addr, 127,0,0,0, 8)) + return RFC3484_SCOPE_LINK; - for (list = g_list_first(resolv->nameserver_list); - list; list = g_list_next(list)) { - struct resolv_nameserver *nameserver = list->data; - int sk, sent; + /* Site-local */ + if (V4MATCH(addr, 10,0,0,0, 8) || + V4MATCH(addr, 172,16,0,0, 12) || + V4MATCH(addr, 192,168,0,0, 16)) + return RFC3484_SCOPE_SITE; - if (nameserver->udp_channel == NULL) - continue; + /* Global */ + return RFC3484_SCOPE_GLOBAL; + } else { + struct sockaddr_in6 *sin6 = (void *)sa; - sk = g_io_channel_unix_get_fd(nameserver->udp_channel); + /* Multicast addresses have a 4-bit scope field */ + if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) + return sin6->sin6_addr.s6_addr[1] & 0xf; - sent = send(sk, buf, len, 0); - } + if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr) || + IN6_IS_ADDR_LOOPBACK(&sin6->sin6_addr)) + return RFC3484_SCOPE_LINK; - return 0; + if (IN6_IS_ADDR_SITELOCAL(&sin6->sin6_addr)) + return RFC3484_SCOPE_SITE; + + return RFC3484_SCOPE_GLOBAL; + } } -static gint compare_lookup_id(gconstpointer a, gconstpointer b) +static int rfc3484_compare(const void *__one, const void *__two) { - const struct resolv_lookup *lookup = a; - guint id = GPOINTER_TO_UINT(b); + const struct sort_result *one = __one; + const struct sort_result *two = __two; - if (lookup->id < id) + /* Rule 1: Avoid unusable destinations */ + if (one->reachable && !two->reachable) return -1; + else if (two->reachable && !one->reachable) + return 1; - if (lookup->id > id) + /* Rule 2: Prefer matching scope */ + if (one->dst_scope == one->src_scope && + two->dst_scope != two->src_scope) + return -1; + else if (two->dst_scope == two->src_scope && + one->dst_scope != one->src_scope) return 1; - return 0; -} + /* Rule 3: Avoid deprecated addresses */ -static gint compare_query_msgid(gconstpointer a, gconstpointer b) -{ - const struct resolv_query *query = a; - uint16_t msgid = GPOINTER_TO_UINT(b); + /* Rule 4: Prefer home addresses */ - if (query->msgid < msgid) + /* Rule 5: Prefer matching label */ + if (one->dst_label == one->src_label && + two->dst_label != two->src_label) return -1; - - if (query->msgid > msgid) + else if (two->dst_label == two->src_label && + one->dst_label != one->src_label) return 1; - return 0; -} + /* Rule 6: Prefer higher precedence */ + if (one->precedence > two->precedence) + return -1; + else if (two->precedence > one->precedence) + return 1; -static void add_result(struct resolv_lookup *lookup, int family, - const void *data) -{ - int n = lookup->nr_results++; - lookup->results = g_realloc(lookup->results, - sizeof(struct sort_result) * (n + 1)); + /* Rule 7: Prefer native transport */ - memset(&lookup->results[n], 0, sizeof(struct sort_result)); + /* Rule 8: Prefer smaller scope */ + if (one->dst_scope != two->dst_scope) + return one->dst_scope - two->dst_scope; + + /* Rule 9: Use longest matching prefix */ + if (one->dst.sa.sa_family == AF_INET) { + /* + * Rule 9 is meaningless and counterproductive for Legacy IP + * unless perhaps we can tell that it's actually on the local + * subnet. But we don't (yet) have local interface config + * information, so do nothing here for Legacy IP for now. + */ + } else { + int i; + + for (i = 0; i < 4; i++) { + guint32 cmp_one, cmp_two; + + cmp_one = one->src.sin6.sin6_addr.s6_addr32[i] ^ + one->dst.sin6.sin6_addr.s6_addr32[i]; + cmp_two = two->src.sin6.sin6_addr.s6_addr32[i] ^ + two->dst.sin6.sin6_addr.s6_addr32[i]; + + if (!cmp_two && !cmp_one) + continue; + + if (cmp_one && !cmp_two) + return 1; + if (cmp_two && !cmp_one) + return -1; + + /* g_bit_storage() is effectively fls() */ + cmp_one = g_bit_storage(ntohl(cmp_one)); + cmp_two = g_bit_storage(ntohl(cmp_two)); + + if (cmp_one == cmp_two) + break; + + return cmp_one - cmp_two; + } + } + + + /* Rule 10: Otherwise, leave the order unchanged */ + if (one < two) + return -1; + else + return 1; +} + +static void rfc3484_sort_results(struct resolv_lookup *lookup) +{ + int i; + + for (i = 0; i < lookup->nr_results; i++) { + struct sort_result *res = &lookup->results[i]; + find_srcaddr(res); + res->precedence = match_gai_table(&res->dst.sa, + gai_precedences); + res->dst_label = match_gai_table(&res->dst.sa, gai_labels); + res->src_label = match_gai_table(&res->src.sa, gai_labels); + res->dst_scope = addr_scope(&res->dst.sa); + res->src_scope = addr_scope(&res->src.sa); + } + + qsort(lookup->results, lookup->nr_results, + sizeof(struct sort_result), rfc3484_compare); +} + +static void sort_and_return_results(struct resolv_lookup *lookup) +{ + char buf[100]; + GResolvResultStatus status; + char **results = g_try_new0(char *, lookup->nr_results + 1); + int i, n = 0; + + if (!results) + return; + + rfc3484_sort_results(lookup); + + for (i = 0; i < lookup->nr_results; i++) { + if (lookup->results[i].dst.sa.sa_family == AF_INET) { + if (inet_ntop(AF_INET, + &lookup->results[i].dst.sin.sin_addr, + buf, sizeof(buf)) == NULL) + continue; + } else if (lookup->results[i].dst.sa.sa_family == AF_INET6) { + if (inet_ntop(AF_INET6, + &lookup->results[i].dst.sin6.sin6_addr, + buf, sizeof(buf)) == NULL) + continue; + } else + continue; + + results[n++] = strdup(buf); + } + + results[n++] = NULL; + + status = lookup->ipv4_status; + + if (status == G_RESOLV_RESULT_STATUS_SUCCESS) + status = lookup->ipv6_status; + + lookup->result_func(status, results, lookup->result_data); + + g_strfreev(results); + g_queue_remove(lookup->resolv->lookup_queue, lookup); + destroy_lookup(lookup); +} + +static gboolean query_timeout(gpointer user_data) +{ + struct resolv_query *query = user_data; + struct resolv_lookup *lookup = query->lookup; + GResolv *resolv = query->resolv; + + query->timeout = 0; + + if (query == lookup->ipv4_query) { + lookup->ipv4_status = G_RESOLV_RESULT_STATUS_NO_RESPONSE; + lookup->ipv4_query = NULL; + } else if (query == lookup->ipv6_query) { + lookup->ipv6_status = G_RESOLV_RESULT_STATUS_NO_RESPONSE; + lookup->ipv6_query = NULL; + } + + if (lookup->ipv4_query == NULL && lookup->ipv4_query == NULL) + sort_and_return_results(lookup); + + destroy_query(query); + g_queue_remove(resolv->query_queue, query); + + return FALSE; +} + +static void free_nameserver(struct resolv_nameserver *nameserver) +{ + if (nameserver == NULL) + return; + + if (nameserver->udp_watch > 0) + g_source_remove(nameserver->udp_watch); + + if (nameserver->udp_channel != NULL) + g_io_channel_unref(nameserver->udp_channel); + + g_free(nameserver->address); + g_free(nameserver); +} + +static void flush_nameservers(GResolv *resolv) +{ + GList *list; + + for (list = g_list_first(resolv->nameserver_list); + list; list = g_list_next(list)) + free_nameserver(list->data); + + g_list_free(resolv->nameserver_list); + resolv->nameserver_list = NULL; +} + +static int send_query(GResolv *resolv, const unsigned char *buf, int len) +{ + GList *list; + + if (resolv->nameserver_list == NULL) + return -ENOENT; + + for (list = g_list_first(resolv->nameserver_list); + list; list = g_list_next(list)) { + struct resolv_nameserver *nameserver = list->data; + int sk, sent; + + if (nameserver->udp_channel == NULL) + continue; + + sk = g_io_channel_unix_get_fd(nameserver->udp_channel); + + sent = send(sk, buf, len, 0); + } + + return 0; +} + +static gint compare_lookup_id(gconstpointer a, gconstpointer b) +{ + const struct resolv_lookup *lookup = a; + guint id = GPOINTER_TO_UINT(b); + + if (lookup->id < id) + return -1; + + if (lookup->id > id) + return 1; + + return 0; +} + +static gint compare_query_msgid(gconstpointer a, gconstpointer b) +{ + const struct resolv_query *query = a; + uint16_t msgid = GPOINTER_TO_UINT(b); + + if (query->msgid < msgid) + return -1; + + if (query->msgid > msgid) + return 1; + + return 0; +} + +static void add_result(struct resolv_lookup *lookup, int family, + const void *data) +{ + int n = lookup->nr_results++; + lookup->results = g_realloc(lookup->results, + sizeof(struct sort_result) * (n + 1)); + + memset(&lookup->results[n], 0, sizeof(struct sort_result)); lookup->results[n].dst.sa.sa_family = family; if (family == AF_INET) @@ -559,62 +894,19 @@ void g_resolv_flush_nameservers(GResolv *resolv) flush_nameservers(resolv); } -static void sort_and_return_results(struct resolv_lookup *lookup) +static gint add_query(struct resolv_lookup *lookup, const char *hostname, int type) { - char buf[100]; - GResolvResultStatus status; - char **results = g_try_new0(char *, lookup->nr_results + 1); - int i, n = 0; - - if (!results) - return; + struct resolv_query *query = g_try_new0(struct resolv_query, 1); + unsigned char buf[4096]; + int len; - rfc3484_sort_results(lookup); + if (query == NULL) + return -ENOMEM; - for (i = 0; i < lookup->nr_results; i++) { - if (lookup->results[i].dst.sa.sa_family == AF_INET) { - if (inet_ntop(AF_INET, - &lookup->results[i].dst.sin.sin_addr, - buf, sizeof(buf)) == NULL) - continue; - } else if (lookup->results[i].dst.sa.sa_family == AF_INET6) { - if (inet_ntop(AF_INET6, - &lookup->results[i].dst.sin6.sin6_addr, - buf, sizeof(buf)) == NULL) - continue; - } else - continue; + len = res_mkquery(ns_o_query, hostname, ns_c_in, type, + NULL, 0, NULL, buf, sizeof(buf)); - results[n++] = strdup(buf); - } - - results[n++] = NULL; - - status = lookup->ipv4_status; - - if (status == G_RESOLV_RESULT_STATUS_SUCCESS) - status = lookup->ipv6_status; - - lookup->result_func(status, results, lookup->result_data); - - g_strfreev(results); - g_queue_remove(lookup->resolv->lookup_queue, lookup); - destroy_lookup(lookup); -} - -static gint add_query(struct resolv_lookup *lookup, const char *hostname, int type) -{ - struct resolv_query *query = g_try_new0(struct resolv_query, 1); - unsigned char buf[4096]; - int len; - - if (query == NULL) - return -ENOMEM; - - len = res_mkquery(ns_o_query, hostname, ns_c_in, type, - NULL, 0, NULL, buf, sizeof(buf)); - - query->msgid = buf[0] << 8 | buf[1]; + query->msgid = buf[0] << 8 | buf[1]; if (send_query(lookup->resolv, buf, len) < 0) return -EIO; @@ -709,298 +1001,3 @@ gboolean g_resolv_cancel_lookup(GResolv *resolv, guint id) return TRUE; } - -static void find_srcaddr(struct sort_result *res) -{ - socklen_t sl = sizeof(res->src); - int fd; - - fd = socket(res->dst.sa.sa_family, SOCK_DGRAM, IPPROTO_IP); - if (fd < 0) - return; - - if (connect(fd, &res->dst.sa, sizeof(res->dst)) < 0) { - close(fd); - return; - } - - if (getsockname(fd, &res->src.sa, &sl) < 0) { - close(fd); - return; - } - - res->reachable = TRUE; - close(fd); -} - -struct gai_table -{ - unsigned char addr[NS_IN6ADDRSZ]; - int mask; - int value; -}; - -static const struct gai_table gai_labels[] = { - { - .addr = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }, - .mask = 128, - .value = 0, - }, { - .addr = { 0x20, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - .mask = 16, - .value = 2, - }, { - .addr = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - .mask = 96, - .value = 3, - }, { - .addr = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00 }, - .mask = 96, - .value = 4, - }, { - /* Variations from RFC 3484, matching glibc behaviour */ - .addr = { 0xfe, 0xc0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - .mask = 10, - .value = 5, - }, { - .addr = { 0xfc, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - .mask = 7, - .value = 6, - }, { - .addr = { 0x20, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - .mask = 32, - .value = 7, - }, { - /* catch-all */ - .addr = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - .mask = 0, - .value = 1, - } -}; - -static const struct gai_table gai_precedences[] = { - { - .addr = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }, - .mask = 128, - .value = 50, - }, { - .addr = { 0x20, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - .mask = 16, - .value = 30, - }, { - .addr = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - .mask = 96, - .value = 20, - }, { - .addr = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00 }, - .mask = 96, - .value = 10, - }, { - .addr = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - .mask = 0, - .value = 40, - } -}; - -static unsigned char v4mapped[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00 }; - -static gboolean mask_compare(const unsigned char *one, - const unsigned char *two, int mask) -{ - if (mask > 8) { - if (memcmp(one, two, mask / 8)) - return FALSE; - one += mask / 8; - two += mask / 8; - mask %= 8; - } - - if (mask && ((*one ^ *two) >> (8 - mask))) - return FALSE; - - return TRUE; -} - -static int match_gai_table(struct sockaddr *sa, const struct gai_table *tbl) -{ - struct sockaddr_in *sin = (void *)sa; - struct sockaddr_in6 *sin6 = (void *)sa; - void *addr; - - if (sa->sa_family == AF_INET) { - addr = v4mapped; - memcpy(v4mapped+12, &sin->sin_addr, NS_INADDRSZ); - } else - addr = &sin6->sin6_addr; - - while (1) { - if (mask_compare(addr, tbl->addr, tbl->mask)) - return tbl->value; - tbl++; - } -} - -#define DQUAD(_a,_b,_c,_d) ( ((_a)<<24) | ((_b)<<16) | ((_c)<<8) | (_d) ) -#define V4MATCH(addr, a,b,c,d, m) ( ((addr) ^ DQUAD(a,b,c,d)) >> (32 - (m)) ) - -#define RFC3484_SCOPE_LINK 2 -#define RFC3484_SCOPE_SITE 5 -#define RFC3484_SCOPE_GLOBAL 14 - -static int addr_scope(struct sockaddr *sa) -{ - if (sa->sa_family == AF_INET) { - struct sockaddr_in *sin = (void *)sa; - guint32 addr = ntohl(sin->sin_addr.s_addr); - - if (V4MATCH(addr, 169,254,0,0, 16) || - V4MATCH(addr, 127,0,0,0, 8)) - return RFC3484_SCOPE_LINK; - - /* Site-local */ - if (V4MATCH(addr, 10,0,0,0, 8) || - V4MATCH(addr, 172,16,0,0, 12) || - V4MATCH(addr, 192,168,0,0, 16)) - return RFC3484_SCOPE_SITE; - - /* Global */ - return RFC3484_SCOPE_GLOBAL; - } else { - struct sockaddr_in6 *sin6 = (void *)sa; - - /* Multicast addresses have a 4-bit scope field */ - if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) - return sin6->sin6_addr.s6_addr[1] & 0xf; - - if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr) || - IN6_IS_ADDR_LOOPBACK(&sin6->sin6_addr)) - return RFC3484_SCOPE_LINK; - - if (IN6_IS_ADDR_SITELOCAL(&sin6->sin6_addr)) - return RFC3484_SCOPE_SITE; - - return RFC3484_SCOPE_GLOBAL; - } -} - -static int rfc3484_compare(const void *__one, const void *__two) -{ - const struct sort_result *one = __one; - const struct sort_result *two = __two; - - /* Rule 1: Avoid unusable destinations */ - if (one->reachable && !two->reachable) - return -1; - else if (two->reachable && !one->reachable) - return 1; - - /* Rule 2: Prefer matching scope */ - if (one->dst_scope == one->src_scope && - two->dst_scope != two->src_scope) - return -1; - else if (two->dst_scope == two->src_scope && - one->dst_scope != one->src_scope) - return 1; - - /* Rule 3: Avoid deprecated addresses */ - - /* Rule 4: Prefer home addresses */ - - /* Rule 5: Prefer matching label */ - if (one->dst_label == one->src_label && - two->dst_label != two->src_label) - return -1; - else if (two->dst_label == two->src_label && - one->dst_label != one->src_label) - return 1; - - /* Rule 6: Prefer higher precedence */ - if (one->precedence > two->precedence) - return -1; - else if (two->precedence > one->precedence) - return 1; - - /* Rule 7: Prefer native transport */ - - /* Rule 8: Prefer smaller scope */ - if (one->dst_scope != two->dst_scope) - return one->dst_scope - two->dst_scope; - - /* Rule 9: Use longest matching prefix */ - if (one->dst.sa.sa_family == AF_INET) { - /* - * Rule 9 is meaningless and counterproductive for Legacy IP - * unless perhaps we can tell that it's actually on the local - * subnet. But we don't (yet) have local interface config - * information, so do nothing here for Legacy IP for now. - */ - } else { - int i; - - for (i = 0; i < 4; i++) { - guint32 cmp_one, cmp_two; - - cmp_one = one->src.sin6.sin6_addr.s6_addr32[i] ^ - one->dst.sin6.sin6_addr.s6_addr32[i]; - cmp_two = two->src.sin6.sin6_addr.s6_addr32[i] ^ - two->dst.sin6.sin6_addr.s6_addr32[i]; - - if (!cmp_two && !cmp_one) - continue; - - if (cmp_one && !cmp_two) - return 1; - if (cmp_two && !cmp_one) - return -1; - - /* g_bit_storage() is effectively fls() */ - cmp_one = g_bit_storage(ntohl(cmp_one)); - cmp_two = g_bit_storage(ntohl(cmp_two)); - - if (cmp_one == cmp_two) - break; - - return cmp_one - cmp_two; - } - } - - - /* Rule 10: Otherwise, leave the order unchanged */ - if (one < two) - return -1; - else - return 1; -} - -static void rfc3484_sort_results(struct resolv_lookup *lookup) -{ - int i; - - for (i = 0; i < lookup->nr_results; i++) { - struct sort_result *res = &lookup->results[i]; - find_srcaddr(res); - res->precedence = match_gai_table(&res->dst.sa, - gai_precedences); - res->dst_label = match_gai_table(&res->dst.sa, gai_labels); - res->src_label = match_gai_table(&res->src.sa, gai_labels); - res->dst_scope = addr_scope(&res->dst.sa); - res->src_scope = addr_scope(&res->src.sa); - } - - qsort(lookup->results, lookup->nr_results, - sizeof(struct sort_result), rfc3484_compare); -} -- cgit v1.2.3