Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 10:18:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

import of dnsmasq-2.37.tar.gz

Browse Source
This commit is contained in:
Simon Kelley
2007-02-05 14:57:57 +00:00
parent 832af0bafb
commit 1b7ecd111d
25 changed files with 2013 additions and 1640 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
src/cache.c
View File

@@ -1,4 +1,4 @@
/* dnsmasq is Copyright (c) 2000-2005 Simon Kelley
/* dnsmasq is Copyright (c) 2000-2007 Simon Kelley
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -157,9 +157,24 @@ static struct crec **hash_bucket(char *name)
static void cache_hash(struct crec *crecp)
{
struct crec **bucket = hash_bucket(cache_get_name(crecp));
crecp->hash_next = *bucket;
*bucket = crecp;
/* maintain an invariant that all entries with F_REVERSE set
are at the start of the hash-chain and all non-reverse
immortal entries are at the end of the hash-chain.
This allows reverse searches and garbage collection to be optimised */
struct crec **up = hash_bucket(cache_get_name(crecp));
if (!(crecp->flags & F_REVERSE))
{
while (*up && ((*up)->flags & F_REVERSE))
up = &((*up)->hash_next);
if (crecp->flags & F_IMMORTAL)
while (*up && (!(*up)->flags & F_IMMORTAL))
up = &((*up)->hash_next);
}
crecp->hash_next = *up;
*up = crecp;
}
static void cache_free(struct crec *crecp)
@@ -258,13 +273,18 @@ static int cache_scan_free(char *name, struct all_addr *addr, time_t now, unsign
If (flags == 0) remove any expired entries in the whole cache.
In the flags & F_FORWARD case, the return code is valid, and returns zero if the
name exists in the cache as a HOSTS or DHCP entry (these are never deleted) */
struct crec *crecp, **up;
name exists in the cache as a HOSTS or DHCP entry (these are never deleted)
We take advantage of the fact that hash chains have stuff in the order <reverse>,<other>,<immortal>
so that when we hit an entry which isn't reverse and is immortal, we're done. */
struct crec *crecp, **up;
if (flags & F_FORWARD)
{
for (up = hash_bucket(name), crecp = *up; crecp; crecp = crecp->hash_next)
for (up = hash_bucket(name), crecp = *up;
crecp && ((crecp->flags & F_REVERSE) || !(crecp->flags & F_IMMORTAL));
crecp = crecp->hash_next)
if (is_expired(now, crecp) || is_outdated_cname_pointer(crecp))
{
*up = crecp->hash_next;
@@ -296,7 +316,9 @@ static int cache_scan_free(char *name, struct all_addr *addr, time_t now, unsign
int addrlen = INADDRSZ;
#endif
for (i = 0; i < hash_size; i++)
for (crecp = hash_table[i], up = &hash_table[i]; crecp; crecp = crecp->hash_next)
for (crecp = hash_table[i], up = &hash_table[i];
crecp && ((crecp->flags & F_REVERSE) || !(crecp->flags & F_IMMORTAL));
crecp = crecp->hash_next)
if (is_expired(now, crecp))
{
*up = crecp->hash_next;
@@ -567,12 +589,16 @@ struct crec *cache_find_by_addr(struct crec *crecp, struct all_addr *addr,
else
{
/* first search, look for relevant entries and push to top of list
also free anything which has expired */
also free anything which has expired. All the reverse entries are at the
start of the hash chain, so we can give up when we find the first
non-REVERSE one. */
int i;
struct crec **up, **chainp = &ans;
for(i=0; i<hash_size; i++)
for (crecp = hash_table[i], up = &hash_table[i]; crecp; crecp = crecp->hash_next)
for (i=0; i<hash_size; i++)
for (crecp = hash_table[i], up = &hash_table[i];
crecp && (crecp->flags & F_REVERSE);
crecp = crecp->hash_next)
if (!is_expired(now, crecp))
{
if ((crecp->flags & F_REVERSE) &&

2
src/config.h
View File

@@ -10,7 +10,7 @@
GNU General Public License for more details.
*/
#define VERSION "2.36"
#define VERSION "2.37"
#define FTABSIZ 150 /* max number of outstanding requests (default) */
#define MAX_PROCS 20 /* max no children for TCP requests */

8
src/dnsmasq.c
View File

@@ -38,7 +38,11 @@ static char *compile_opts =
#ifdef NO_GETTEXT
"no-"
#endif
"I18N ";
"I18N "
#ifndef HAVE_TFTP
"no-"
#endif
"TFTP";
static pid_t pid;
static int pipewrite;
@@ -368,6 +372,8 @@ int main (int argc, char **argv)
if (daemon->resolv_files && !daemon->resolv_files->is_default)
syslog(LOG_WARNING, _("warning: ignoring resolv-file flag because no-resolv is set"));
daemon->resolv_files = NULL;
if (!daemon->servers)
syslog(LOG_WARNING, _("warning: no upstream servers configured"));
}
if (daemon->dhcp)

5
src/dnsmasq.h
View File

@@ -1,4 +1,4 @@
/* dnsmasq is Copyright (c) 2000-2005 Simon Kelley
/* dnsmasq is Copyright (c) 2000-2007 Simon Kelley
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -10,7 +10,7 @@
GNU General Public License for more details.
*/
#define COPYRIGHT "Copyright (C) 2000-2006 Simon Kelley"
#define COPYRIGHT "Copyright (C) 2000-2007 Simon Kelley"
/* get these before config.h for IPv6 stuff... */
#include <sys/types.h>
@@ -365,6 +365,7 @@ struct dhcp_opt {
#define DHOPT_ADDR 1
#define DHOPT_STRING 2
#define DHOPT_VENDOR_MATCH 4
struct dhcp_boot {
char *file, *sname;

2
src/forward.c
View File

@@ -365,7 +365,7 @@ static size_t process_reply(struct daemon *daemon, HEADER *header, time_t now,
PUTSHORT(daemon->edns_pktsz, psave);
}
if (is_sign || header->opcode != QUERY || (header->rcode != NOERROR && header->rcode != NXDOMAIN))
if (header->opcode != QUERY || (header->rcode != NOERROR && header->rcode != NXDOMAIN))
return n;
/* Complain loudly if the upstream server is non-recursive. */

2
src/lease.c
View File

@@ -312,7 +312,7 @@ struct dhcp_lease *lease_allocate(struct in_addr addr)
memset(lease, 0, sizeof(struct dhcp_lease));
lease->new = 1;
lease->addr = addr;
lease->hwaddr_len = 225; /* illegal value */
lease->hwaddr_len = 256; /* illegal value */
lease->expires = 1;
#ifdef HAVE_BROKEN_RTC
lease->length = 0xffffffff; /* illegal value */

9
src/option.c
View File

@@ -384,7 +384,7 @@ static char *parse_dhcp_opt(struct daemon *daemon, char *arg)
{
struct dhcp_opt *new = safe_malloc(sizeof(struct dhcp_opt));
char lenchar = 0, *cp;
int addrs, digs, is_addr, is_hex, is_dec;
int addrs, digs, is_addr, is_hex, is_dec, is_vend = 0;
char *comma, *problem = NULL;
new->len = 0;
@@ -406,7 +406,10 @@ static char *parse_dhcp_opt(struct daemon *daemon, char *arg)
break;
if (strstr(arg, "vendor:") == arg)
new->vendor_class = (unsigned char *)safe_string_alloc(arg+7);
{
new->vendor_class = (unsigned char *)safe_string_alloc(arg+7);
is_vend = 1;
}
else
{
new->netid = safe_malloc(sizeof (struct dhcp_netid));
@@ -640,7 +643,7 @@ static char *parse_dhcp_opt(struct daemon *daemon, char *arg)
free(new->vendor_class);
free(new);
}
else if (new->vendor_class)
else if (is_vend)
{
new->next = daemon->vendor_opts;
daemon->vendor_opts = new;

27
src/rfc1035.c
View File

@@ -419,19 +419,24 @@ unsigned char *find_pseudoheader(HEADER *header, size_t plen, size_t *len, unsi
unsigned char *ansp = (unsigned char *)(header+1);
unsigned short rdlen, type, class;
unsigned char *ret = NULL;
if (is_sign && header->opcode == QUERY)
if (is_sign)
{
for (i = 0; i < ntohs(header->qdcount); i++)
*is_sign = 0;
if (header->opcode == QUERY)
{
if (!(ansp = skip_name(ansp, header, plen)))
return NULL;
GETSHORT(type, ansp);
GETSHORT(class, ansp);
if (class == C_IN && type == T_TKEY)
*is_sign = 1;
for (i = 0; i < ntohs(header->qdcount); i++)
{
if (!(ansp = skip_name(ansp, header, plen)))
return NULL;
GETSHORT(type, ansp);
GETSHORT(class, ansp);
if (class == C_IN && type == T_TKEY)
*is_sign = 1;
}
}
}
else

769
src/rfc2131.c
View File

File diff suppressed because it is too large Load Diff

248
src/tftp.c
View File

@@ -14,8 +14,10 @@
#ifdef HAVE_TFTP
static struct tftp_file *check_tftp_fileperm(struct daemon *daemon, ssize_t *len);
static void free_transfer(struct tftp_transfer *transfer);
static ssize_t tftp_err(int err, char *packet, char *mess, char *file);
static ssize_t tftp_err_oops(char *packet, char *file);
static ssize_t get_block(char *packet, struct tftp_transfer *transfer);
static char *next(char **p, char *end);
@@ -37,7 +39,6 @@ void tftp_request(struct listener *listen, struct daemon *daemon, time_t now)
ssize_t len;
char *packet = daemon->packet;
char *filename, *mode, *p, *end, *opt;
struct stat statbuf;
struct sockaddr_in addr, peer;
struct msghdr msg;
struct cmsghdr *cmptr;
@@ -46,7 +47,6 @@ void tftp_request(struct listener *listen, struct daemon *daemon, time_t now)
int is_err = 1, if_index = 0;
struct iname *tmp;
struct tftp_transfer *transfer, *t;
struct tftp_file *file;
union {
struct cmsghdr align; /* this ensures alignment */
@@ -74,55 +74,55 @@ void tftp_request(struct listener *listen, struct daemon *daemon, time_t now)
if ((len = recvmsg(listen->tftpfd, &msg, 0)) < 2)
return;
if (daemon->options & OPT_NOWILD)
addr = listen->iface->addr.in;
else
{
addr.sin_addr.s_addr = 0;
if (daemon->options & OPT_NOWILD)
addr = listen->iface->addr.in;
else
{
addr.sin_addr.s_addr = 0;
#if defined(HAVE_LINUX_NETWORK)
for (cmptr = CMSG_FIRSTHDR(&msg); cmptr; cmptr = CMSG_NXTHDR(&msg, cmptr))
if (cmptr->cmsg_level == SOL_IP && cmptr->cmsg_type == IP_PKTINFO)
{
addr.sin_addr = ((struct in_pktinfo *)CMSG_DATA(cmptr))->ipi_spec_dst;
if_index = ((struct in_pktinfo *)CMSG_DATA(cmptr))->ipi_ifindex;
}
if (!(ifr.ifr_ifindex = if_index) ||
ioctl(listen->tftpfd, SIOCGIFNAME, &ifr) == -1)
return;
for (cmptr = CMSG_FIRSTHDR(&msg); cmptr; cmptr = CMSG_NXTHDR(&msg, cmptr))
if (cmptr->cmsg_level == SOL_IP && cmptr->cmsg_type == IP_PKTINFO)
{
addr.sin_addr = ((struct in_pktinfo *)CMSG_DATA(cmptr))->ipi_spec_dst;
if_index = ((struct in_pktinfo *)CMSG_DATA(cmptr))->ipi_ifindex;
}
if (!(ifr.ifr_ifindex = if_index) ||
ioctl(listen->tftpfd, SIOCGIFNAME, &ifr) == -1)
return;
#elif defined(IP_RECVDSTADDR) && defined(IP_RECVIF)
for (cmptr = CMSG_FIRSTHDR(&msg); cmptr; cmptr = CMSG_NXTHDR(&msg, cmptr))
if (cmptr->cmsg_level == IPPROTO_IP && cmptr->cmsg_type == IP_RECVDSTADDR)
addr.sin_addr = *((struct in_addr *)CMSG_DATA(cmptr));
else if (cmptr->cmsg_level == IPPROTO_IP && cmptr->cmsg_type == IP_RECVIF)
if_index = ((struct sockaddr_dl *)CMSG_DATA(cmptr))->sdl_index;
if (if_index == 0 || !if_indextoname(if_index, ifr.ifr_name))
return;
for (cmptr = CMSG_FIRSTHDR(&msg); cmptr; cmptr = CMSG_NXTHDR(&msg, cmptr))
if (cmptr->cmsg_level == IPPROTO_IP && cmptr->cmsg_type == IP_RECVDSTADDR)
addr.sin_addr = *((struct in_addr *)CMSG_DATA(cmptr));
else if (cmptr->cmsg_level == IPPROTO_IP && cmptr->cmsg_type == IP_RECVIF)
if_index = ((struct sockaddr_dl *)CMSG_DATA(cmptr))->sdl_index;
if (if_index == 0 || !if_indextoname(if_index, ifr.ifr_name))
return;
#endif
if (addr.sin_addr.s_addr == 0)
return;
if (!iface_check(daemon, AF_INET, (struct all_addr *)&addr, &ifr, &if_index))
return;
/* allowed interfaces are the same as for DHCP */
for (tmp = daemon->dhcp_except; tmp; tmp = tmp->next)
if (tmp->name && (strcmp(tmp->name, ifr.ifr_name) == 0))
return;
}
if (addr.sin_addr.s_addr == 0)
return;
if (!iface_check(daemon, AF_INET, (struct all_addr *)&addr, &ifr, &if_index))
return;
/* allowed interfaces are the same as for DHCP */
for (tmp = daemon->dhcp_except; tmp; tmp = tmp->next)
if (tmp->name && (strcmp(tmp->name, ifr.ifr_name) == 0))
return;
}
/* tell kernel to use ephemeral port */
addr.sin_port = 0;
addr.sin_family = AF_INET;
#ifdef HAVE_SOCKADDR_SA_LEN
addr.sin_len = sizeof(addr);
#endif
if (!(transfer = malloc(sizeof(struct tftp_transfer))))
return;
@@ -205,81 +205,17 @@ void tftp_request(struct listener *listen, struct daemon *daemon, time_t now)
/* file already open */
transfer->file = t->file;
transfer->file->refcount++;
if ((len = get_block(packet, transfer)) == -1)
goto oops;
is_err = 0;
}
else
else
/* check permissions and open file */
transfer->file = check_tftp_fileperm(daemon, &len);
if (transfer->file)
{
/* check permissions and open file */
/* trick to ban moving out of the subtree */
if (daemon->tftp_prefix && strstr(daemon->namebuff, "/../"))
{
errno = EACCES;
goto perm;
}
if (stat(daemon->namebuff, &statbuf) == -1)
{
if (errno == ENOENT || errno == ENOTDIR)
len = tftp_err(ERR_FNF, packet, _("file %s not found"), daemon->namebuff);
else if (errno == EACCES)
{
perm:
len = tftp_err(ERR_PERM, packet, _("cannot access %s: %s"), daemon->namebuff);
}
else
{
oops:
len = tftp_err(ERR_NOTDEF, packet, _("cannot read %s: %s"), daemon->namebuff);
}
}
else
{
uid_t uid = geteuid();
/* running as root, must be world-readable */
if (uid == 0)
{
if (!(statbuf.st_mode & S_IROTH))
{
errno = EACCES;
goto perm;
}
}
/* in secure mode, must be owned by user running dnsmasq */
else if ((daemon->options & OPT_TFTP_SECURE) && uid != statbuf.st_uid)
{
errno = EACCES;
goto perm;
}
if (!(file = malloc(sizeof(struct tftp_file) + strlen(daemon->namebuff) + 1)))
{
errno = ENOMEM;
goto oops;
}
if ((file->fd = open(daemon->namebuff, O_RDONLY)) == -1)
{
free(file);
if (errno == EACCES || errno == EISDIR)
goto perm;
else
goto oops;
}
else
{
transfer->file = file;
file->refcount = 1;
file->size = statbuf.st_size;
strcpy(file->filename, daemon->namebuff);
if ((len = get_block(packet, transfer)) == -1)
goto oops;
is_err = 0;
}
}
if ((len = get_block(packet, transfer)) == -1)
len = tftp_err_oops(packet, daemon->namebuff);
else
is_err = 0;
}
}
@@ -295,7 +231,80 @@ void tftp_request(struct listener *listen, struct daemon *daemon, time_t now)
daemon->tftp_trans = transfer;
}
}
static struct tftp_file *check_tftp_fileperm(struct daemon *daemon, ssize_t *len)
{
char *packet = daemon->packet, *namebuff = daemon->namebuff;
struct tftp_file *file;
uid_t uid = geteuid();
struct stat statbuf;
/* trick to ban moving out of the subtree */
if (daemon->tftp_prefix && strstr(namebuff, "/../"))
{
errno = EACCES;
goto perm;
}
if (stat(namebuff, &statbuf) == -1)
{
if (errno == ENOENT || errno == ENOTDIR)
goto nofile;
else if (errno == EACCES)
goto perm;
else
goto oops;
}
/* running as root, must be world-readable */
if (uid == 0)
{
if (!(statbuf.st_mode & S_IROTH))
{
errno = EACCES;
goto perm;
}
}
/* in secure mode, must be owned by user running dnsmasq */
else if ((daemon->options & OPT_TFTP_SECURE) && uid != statbuf.st_uid)
{
errno = EACCES;
goto perm;
}
if (!(file = malloc(sizeof(struct tftp_file) + strlen(namebuff) + 1)))
{
errno = ENOMEM;
goto oops;
}
if ((file->fd = open(namebuff, O_RDONLY)) == -1)
{
free(file);
if (errno == EACCES || errno == EISDIR)
goto perm;
else
goto oops;
}
file->size = statbuf.st_size;
file->refcount = 1;
strcpy(file->filename, namebuff);
return file;
nofile:
*len = tftp_err(ERR_FNF, packet, _("file %s not found"), namebuff);
return NULL;
perm:
*len = tftp_err(ERR_PERM, packet, _("cannot access %s: %s"), namebuff);
return NULL;
oops:
*len = tftp_err_oops(packet, namebuff);
return NULL;
}
void check_tftp_listeners(struct daemon *daemon, fd_set *rset, time_t now)
{
struct tftp_transfer *transfer, *tmp, **up;
@@ -363,7 +372,7 @@ void check_tftp_listeners(struct daemon *daemon, fd_set *rset, time_t now)
if ((len = get_block(daemon->packet, transfer)) == -1)
{
len = tftp_err(ERR_NOTDEF, daemon->packet, _("cannot read %s: %s"), transfer->file->filename);
len = tftp_err_oops(daemon->packet, transfer->file->filename);
endcon = 1;
}
else if (++transfer->backoff > 5)
@@ -436,6 +445,11 @@ static ssize_t tftp_err(int err, char *packet, char *message, char *file)
return ret;
}
static ssize_t tftp_err_oops(char *packet, char *file)
{
return tftp_err(ERR_NOTDEF, packet, _("cannot read %s: %s"), file);
}
/* return -1 for error, zero for done. */
static ssize_t get_block(char *packet, struct tftp_transfer *transfer)
{