glibc/resolv/ns_samedomain.c
Ulrich Drepper e685e07dfa Update.
2000-07-18  Mark Kettenis  <kettenis@gnu.org>

	Update resolver code to BIND 8.2.3-T5B.

	* resolv/Versions [GLIBC_2.2] (libc): Add __res_init and
	__res_nclose.
	[GLIBC_2.2] (libresolv): Add __dn_expand, __ns_samename,
	__res_mkquery, __res_nsend, __res_query, __res_querydomain and
	__res_search.
	* resolv/Banner: BIND-8.2.3-T5B.

	* resolv/base64.c: Update from BIND 8.2.3-T5B.
	* resolv/herror.c: Likewise.
	* resolv/inet_addr.c: Likewise.
	* resolv/inet_net_ntop.c: Likewise.
	* resolv/inet_net_pton.c: Likewise.
	* resolv/inet_neta.c: Likewise.
	* resolv/inet_ntop.c: Likewise.
	* resolv/nsap_addr.c: Likewise.
	* resolv/inet_pton.c: Likewise.  Reject a few more more invalid
	IPv6 addresses (ISC bug #520).

	* resolv/ns_name.c: Avoid emitting RCS ID in object file.
	* resolv/ns_parse.c: Likewise.
	* resolv/ns_netint.c: Likewise.
	* resolv/ns_samedomain.c: Likewise.
	* resolv/ns_ttl.c: Likewise.
	* resolv/ns_print.c: Update from BIND 8.2.3-T5B.  Avoid emitting
	RCS ID in object file.

	* resolv/res_debug.c: Update from BIND 8.2.3-T5B.
	* resolv/res_mkquery.c: Likewise.
	* resolv/res_query.c: Likewise.
	* resolv/res_init.c: Likewise.
	(res_setoptions): Mark internal.
	* resolv/res_send.c: Likewise.
	[_LIBC]: Fully reinstate the code that avoids the FD_SETSIZE limit
	by using poll instead.
	* resolv/res_comp.c: Likewise.
	[SHLIB_COMPAT (libresolv, GLIBC_2_0, GLIBC_2_2)]: Make dn_expand a
	weak alias for __dn_expand.
	* resolv/res_data.c: Likewise.
	(res_close) [_LIBC]: Don't call res_nclose if RES_INIT isn't set
	in _res.options.  Avoids a potential security risk by avoiding a
	close (0).
	[SHLIB_COMPAT (libresolv, GLIBC_2_0, GLIBC_2_2)]: Make
	res_mkquery, res_query, res_querydomain adn res_search weak
	aliases for __res_mkquery, __res_query, __res_querydomain and
	__res_search.
	* resolv/res_libc.c: (_res): Don't initialize.  Fix res_close
	instead to avoid close(0).
	(res_init): Always use the static resolver context.
	[SHLIB_COMPAT (libc, GLIBC_2.0, GLIBC_2_2)]: Make res_init a weak
	alias for __res_init.

	* resolv/resolv.h: Update from BIND 8.2.3-T5B.  Move definition of
	RES_SET_H_ERRNO and accompanying comment to...
	* include/resolv.h: ... here.

	* resolv/arpa/namser.h: Update from BIND 8.2.3-T5B.
	* resolv/arpa/nameser_compat.h: Likewise.
2000-07-19 22:03:58 +00:00

203 lines
4.7 KiB
C

/*
* Copyright (c) 1995,1999 by Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
* CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
* DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
* ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
* SOFTWARE.
*/
#if !defined(_LIBC) && !defined(lint)
static const char rcsid[] = "$BINDId: ns_samedomain.c,v 8.9 1999/10/15 21:06:51 vixie Exp $";
#endif
#include <sys/types.h>
#include <arpa/nameser.h>
#include <errno.h>
#include <string.h>
/*
* int
* ns_samedomain(a, b)
* Check whether a name belongs to a domain.
* Inputs:
* a - the domain whose ancestory is being verified
* b - the potential ancestor we're checking against
* Return:
* boolean - is a at or below b?
* Notes:
* Trailing dots are first removed from name and domain.
* Always compare complete subdomains, not only whether the
* domain name is the trailing string of the given name.
*
* "host.foobar.top" lies in "foobar.top" and in "top" and in ""
* but NOT in "bar.top"
*/
int
ns_samedomain(const char *a, const char *b) {
size_t la, lb;
int diff, i, escaped;
const char *cp;
la = strlen(a);
lb = strlen(b);
/* Ignore a trailing label separator (i.e. an unescaped dot) in 'a'. */
if (la != 0 && a[la - 1] == '.') {
escaped = 0;
/* Note this loop doesn't get executed if la==1. */
for (i = la - 2; i >= 0; i--)
if (a[i] == '\\') {
if (escaped)
escaped = 0;
else
escaped = 1;
} else
break;
if (!escaped)
la--;
}
/* Ignore a trailing label separator (i.e. an unescaped dot) in 'b'. */
if (lb != 0 && b[lb - 1] == '.') {
escaped = 0;
/* note this loop doesn't get executed if lb==1 */
for (i = lb - 2; i >= 0; i--)
if (b[i] == '\\') {
if (escaped)
escaped = 0;
else
escaped = 1;
} else
break;
if (!escaped)
lb--;
}
/* lb == 0 means 'b' is the root domain, so 'a' must be in 'b'. */
if (lb == 0)
return (1);
/* 'b' longer than 'a' means 'a' can't be in 'b'. */
if (lb > la)
return (0);
/* 'a' and 'b' being equal at this point indicates sameness. */
if (lb == la)
return (strncasecmp(a, b, lb) == 0);
/* Ok, we know la > lb. */
diff = la - lb;
/*
* If 'a' is only 1 character longer than 'b', then it can't be
* a subdomain of 'b' (because of the need for the '.' label
* separator).
*/
if (diff < 2)
return (0);
/*
* If the character before the last 'lb' characters of 'b'
* isn't '.', then it can't be a match (this lets us avoid
* having "foobar.com" match "bar.com").
*/
if (a[diff - 1] != '.')
return (0);
/*
* We're not sure about that '.', however. It could be escaped
* and thus not a really a label separator.
*/
escaped = 0;
for (i = diff - 2; i >= 0; i--)
if (a[i] == '\\')
if (escaped)
escaped = 0;
else
escaped = 1;
else
break;
if (escaped)
return (0);
/* Now compare aligned trailing substring. */
cp = a + diff;
return (strncasecmp(cp, b, lb) == 0);
}
/*
* int
* ns_subdomain(a, b)
* is "a" a subdomain of "b"?
*/
int
ns_subdomain(const char *a, const char *b) {
return (ns_samename(a, b) != 1 && ns_samedomain(a, b));
}
/*
* int
* ns_makecanon(src, dst, dstsize)
* make a canonical copy of domain name "src"
* notes:
* foo -> foo.
* foo. -> foo.
* foo.. -> foo.
* foo\. -> foo\..
* foo\\. -> foo\\.
*/
int
ns_makecanon(const char *src, char *dst, size_t dstsize) {
size_t n = strlen(src);
if (n + sizeof "." > dstsize) {
__set_errno (EMSGSIZE);
return (-1);
}
strcpy(dst, src);
while (n > 0 && dst[n - 1] == '.') /* Ends in "." */
if (n > 1 && dst[n - 2] == '\\' && /* Ends in "\." */
(n < 2 || dst[n - 3] != '\\')) /* But not "\\." */
break;
else
dst[--n] = '\0';
dst[n++] = '.';
dst[n] = '\0';
return (0);
}
/*
* int
* ns_samename(a, b)
* determine whether domain name "a" is the same as domain name "b"
* return:
* -1 on error
* 0 if names differ
* 1 if names are the same
*/
int
ns_samename(const char *a, const char *b) {
char ta[NS_MAXDNAME], tb[NS_MAXDNAME];
if (ns_makecanon(a, ta, sizeof ta) < 0 ||
ns_makecanon(b, tb, sizeof tb) < 0)
return (-1);
if (strcasecmp(ta, tb) == 0)
return (1);
else
return (0);
}