glibc/resolv/ns_samedomain.c

203 lines
4.7 KiB
C
Raw Normal View History

Update. 1999-12-03 Andreas Jaeger <aj@suse.de> * nss/getXXbyYY.c: Include <resolv.h> (FUNCTION_NAME): Use res_ninit instead of res_init. * nss/getXXbyYY_r.c [NEED__RES]: Include <resolv.h> for _res declaration and prototypes. Remove extra _res declaration. (INTERNAL): Use thread aware res_ninit function. * inet/gethstbyad_r.c: Include <resolv.h>. * resolv/res_data.c: Update from Bind 8.2.2-P5. Moved res_init to res_libc.c. Disabled unneeded functions. * resolv/res_libc.c: New file. * Versions.def: Add version GLIBC_2.2 for libpthread. Add versions GLIBC_2.1 and GLIBC_2.2 for libresolv. * include/resolv.h: Add internal interfaces. * resolv/Makefile (routines): Add new files. (libresolv-routines): Likewise. (distribute): Likewise. * resolv/gethnamaddr.c: Use thread safe resolver functions. * resolv/nss_dns/dns-host.c: Likewise. * resolv/nss_dns/dns-network.c: Likewise. * resolv/arpa/nameser.h: Update from Bind 8.2.2-P5. * resolv/nsap_addr.c: Likewise. * resolv/res_comp.c: Likewise. * resolv/res_debug.c: Likewise. * resolv/res_init.c: Likewise. * resolv/res_mkquery.c: Likewise. * resolv/res_query.c: Likewise. * resolv/res_send.c: Likewise. * resolv/resolv.h: Likewise. * resolv/Versions: Add __res_state and __res_ninit with version GLIBC_2.2 to libc. Add new interfaces with version GLIBC_2.2 to libresolv. * resolv/Banner: Update. * include/arpa/nameser_compat.h: New file. * resolv/ns_name.c: New file from Bind 8.2.2-P5. * resolv/ns_netint.c: Likewise. * resolv/ns_parse.c: Likewise. * resolv/ns_print.c: Likewise. * resolv/ns_samedomain.c: Likewise. * resolv/ns_ttl.c: Likewise. * resolv/arpa/nameser_compat.h: Likewise. * resolv/res_debug.h: Likewise. Some patches are based on work done by Adam D. Bradley <artdodge@cs.bu.edu>. * sysdeps/unix/sysv/linux/configure.in: Remove check for ldconfig, set always use_ldconfig instead.
1999-12-04 19:05:55 +01:00
/*
* Copyright (c) 1995,1999 by Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
* CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
* DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
* ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
* SOFTWARE.
*/
Update. 2000-07-18 Mark Kettenis <kettenis@gnu.org> Update resolver code to BIND 8.2.3-T5B. * resolv/Versions [GLIBC_2.2] (libc): Add __res_init and __res_nclose. [GLIBC_2.2] (libresolv): Add __dn_expand, __ns_samename, __res_mkquery, __res_nsend, __res_query, __res_querydomain and __res_search. * resolv/Banner: BIND-8.2.3-T5B. * resolv/base64.c: Update from BIND 8.2.3-T5B. * resolv/herror.c: Likewise. * resolv/inet_addr.c: Likewise. * resolv/inet_net_ntop.c: Likewise. * resolv/inet_net_pton.c: Likewise. * resolv/inet_neta.c: Likewise. * resolv/inet_ntop.c: Likewise. * resolv/nsap_addr.c: Likewise. * resolv/inet_pton.c: Likewise. Reject a few more more invalid IPv6 addresses (ISC bug #520). * resolv/ns_name.c: Avoid emitting RCS ID in object file. * resolv/ns_parse.c: Likewise. * resolv/ns_netint.c: Likewise. * resolv/ns_samedomain.c: Likewise. * resolv/ns_ttl.c: Likewise. * resolv/ns_print.c: Update from BIND 8.2.3-T5B. Avoid emitting RCS ID in object file. * resolv/res_debug.c: Update from BIND 8.2.3-T5B. * resolv/res_mkquery.c: Likewise. * resolv/res_query.c: Likewise. * resolv/res_init.c: Likewise. (res_setoptions): Mark internal. * resolv/res_send.c: Likewise. [_LIBC]: Fully reinstate the code that avoids the FD_SETSIZE limit by using poll instead. * resolv/res_comp.c: Likewise. [SHLIB_COMPAT (libresolv, GLIBC_2_0, GLIBC_2_2)]: Make dn_expand a weak alias for __dn_expand. * resolv/res_data.c: Likewise. (res_close) [_LIBC]: Don't call res_nclose if RES_INIT isn't set in _res.options. Avoids a potential security risk by avoiding a close (0). [SHLIB_COMPAT (libresolv, GLIBC_2_0, GLIBC_2_2)]: Make res_mkquery, res_query, res_querydomain adn res_search weak aliases for __res_mkquery, __res_query, __res_querydomain and __res_search. * resolv/res_libc.c: (_res): Don't initialize. Fix res_close instead to avoid close(0). (res_init): Always use the static resolver context. [SHLIB_COMPAT (libc, GLIBC_2.0, GLIBC_2_2)]: Make res_init a weak alias for __res_init. * resolv/resolv.h: Update from BIND 8.2.3-T5B. Move definition of RES_SET_H_ERRNO and accompanying comment to... * include/resolv.h: ... here. * resolv/arpa/namser.h: Update from BIND 8.2.3-T5B. * resolv/arpa/nameser_compat.h: Likewise.
2000-07-20 00:03:58 +02:00
#if !defined(_LIBC) && !defined(lint)
static const char rcsid[] = "$BINDId: ns_samedomain.c,v 8.9 1999/10/15 21:06:51 vixie Exp $";
Update. 1999-12-03 Andreas Jaeger <aj@suse.de> * nss/getXXbyYY.c: Include <resolv.h> (FUNCTION_NAME): Use res_ninit instead of res_init. * nss/getXXbyYY_r.c [NEED__RES]: Include <resolv.h> for _res declaration and prototypes. Remove extra _res declaration. (INTERNAL): Use thread aware res_ninit function. * inet/gethstbyad_r.c: Include <resolv.h>. * resolv/res_data.c: Update from Bind 8.2.2-P5. Moved res_init to res_libc.c. Disabled unneeded functions. * resolv/res_libc.c: New file. * Versions.def: Add version GLIBC_2.2 for libpthread. Add versions GLIBC_2.1 and GLIBC_2.2 for libresolv. * include/resolv.h: Add internal interfaces. * resolv/Makefile (routines): Add new files. (libresolv-routines): Likewise. (distribute): Likewise. * resolv/gethnamaddr.c: Use thread safe resolver functions. * resolv/nss_dns/dns-host.c: Likewise. * resolv/nss_dns/dns-network.c: Likewise. * resolv/arpa/nameser.h: Update from Bind 8.2.2-P5. * resolv/nsap_addr.c: Likewise. * resolv/res_comp.c: Likewise. * resolv/res_debug.c: Likewise. * resolv/res_init.c: Likewise. * resolv/res_mkquery.c: Likewise. * resolv/res_query.c: Likewise. * resolv/res_send.c: Likewise. * resolv/resolv.h: Likewise. * resolv/Versions: Add __res_state and __res_ninit with version GLIBC_2.2 to libc. Add new interfaces with version GLIBC_2.2 to libresolv. * resolv/Banner: Update. * include/arpa/nameser_compat.h: New file. * resolv/ns_name.c: New file from Bind 8.2.2-P5. * resolv/ns_netint.c: Likewise. * resolv/ns_parse.c: Likewise. * resolv/ns_print.c: Likewise. * resolv/ns_samedomain.c: Likewise. * resolv/ns_ttl.c: Likewise. * resolv/arpa/nameser_compat.h: Likewise. * resolv/res_debug.h: Likewise. Some patches are based on work done by Adam D. Bradley <artdodge@cs.bu.edu>. * sysdeps/unix/sysv/linux/configure.in: Remove check for ldconfig, set always use_ldconfig instead.
1999-12-04 19:05:55 +01:00
#endif
#include <sys/types.h>
#include <arpa/nameser.h>
#include <errno.h>
#include <string.h>
/*
* int
* ns_samedomain(a, b)
* Check whether a name belongs to a domain.
* Inputs:
* a - the domain whose ancestory is being verified
* b - the potential ancestor we're checking against
* Return:
* boolean - is a at or below b?
* Notes:
* Trailing dots are first removed from name and domain.
* Always compare complete subdomains, not only whether the
* domain name is the trailing string of the given name.
*
* "host.foobar.top" lies in "foobar.top" and in "top" and in ""
* but NOT in "bar.top"
*/
int
ns_samedomain(const char *a, const char *b) {
size_t la, lb;
int diff, i, escaped;
const char *cp;
la = strlen(a);
lb = strlen(b);
/* Ignore a trailing label separator (i.e. an unescaped dot) in 'a'. */
if (la != 0 && a[la - 1] == '.') {
escaped = 0;
/* Note this loop doesn't get executed if la==1. */
for (i = la - 2; i >= 0; i--)
if (a[i] == '\\') {
if (escaped)
escaped = 0;
else
escaped = 1;
} else
break;
if (!escaped)
la--;
}
/* Ignore a trailing label separator (i.e. an unescaped dot) in 'b'. */
if (lb != 0 && b[lb - 1] == '.') {
escaped = 0;
/* note this loop doesn't get executed if lb==1 */
for (i = lb - 2; i >= 0; i--)
if (b[i] == '\\') {
if (escaped)
escaped = 0;
else
escaped = 1;
} else
break;
if (!escaped)
lb--;
}
/* lb == 0 means 'b' is the root domain, so 'a' must be in 'b'. */
if (lb == 0)
return (1);
/* 'b' longer than 'a' means 'a' can't be in 'b'. */
if (lb > la)
return (0);
/* 'a' and 'b' being equal at this point indicates sameness. */
if (lb == la)
return (strncasecmp(a, b, lb) == 0);
/* Ok, we know la > lb. */
diff = la - lb;
/*
* If 'a' is only 1 character longer than 'b', then it can't be
* a subdomain of 'b' (because of the need for the '.' label
* separator).
*/
if (diff < 2)
return (0);
/*
* If the character before the last 'lb' characters of 'b'
* isn't '.', then it can't be a match (this lets us avoid
* having "foobar.com" match "bar.com").
*/
if (a[diff - 1] != '.')
return (0);
/*
* We're not sure about that '.', however. It could be escaped
* and thus not a really a label separator.
*/
escaped = 0;
for (i = diff - 2; i >= 0; i--)
if (a[i] == '\\')
if (escaped)
escaped = 0;
else
escaped = 1;
else
break;
if (escaped)
return (0);
/* Now compare aligned trailing substring. */
cp = a + diff;
return (strncasecmp(cp, b, lb) == 0);
}
/*
* int
* ns_subdomain(a, b)
* is "a" a subdomain of "b"?
*/
int
ns_subdomain(const char *a, const char *b) {
return (ns_samename(a, b) != 1 && ns_samedomain(a, b));
}
/*
* int
* ns_makecanon(src, dst, dstsize)
* make a canonical copy of domain name "src"
* notes:
* foo -> foo.
* foo. -> foo.
* foo.. -> foo.
* foo\. -> foo\..
* foo\\. -> foo\\.
*/
int
ns_makecanon(const char *src, char *dst, size_t dstsize) {
size_t n = strlen(src);
if (n + sizeof "." > dstsize) {
__set_errno (EMSGSIZE);
return (-1);
}
strcpy(dst, src);
while (n > 0 && dst[n - 1] == '.') /* Ends in "." */
if (n > 1 && dst[n - 2] == '\\' && /* Ends in "\." */
(n < 2 || dst[n - 3] != '\\')) /* But not "\\." */
break;
else
dst[--n] = '\0';
dst[n++] = '.';
dst[n] = '\0';
return (0);
}
/*
* int
* ns_samename(a, b)
* determine whether domain name "a" is the same as domain name "b"
* return:
* -1 on error
* 0 if names differ
* 1 if names are the same
*/
int
ns_samename(const char *a, const char *b) {
char ta[NS_MAXDNAME], tb[NS_MAXDNAME];
if (ns_makecanon(a, ta, sizeof ta) < 0 ||
ns_makecanon(b, tb, sizeof tb) < 0)
return (-1);
if (strcasecmp(ta, tb) == 0)
return (1);
else
return (0);
}