2017-09-01 Florian Weimer [BZ #21915] [BZ #21922] * sysdeps/posix/getaddrinfo.c (gethosts): Look at NSS function result to determine success or failure, not the errno value. * nss/Makefile (tests): Add tst-nss-files-hosts-erange. (tst-nss-files-hosts-erange): Link with -ldl. * nss/tst-nss-files-hosts-erange.c: New file. * nss/tst-resolv-basic.c (response): Handle nodata.example. (do_test): Add NO_DATA tests. * resolv/tst-resolv-basic.c (test_nodata_nxdomain): New function. (do_test): Call it. 2017-09-01 Florian Weimer [BZ #21922] * sysdeps/posix/getaddrinfo.c (gaih_inet): Report EAI_NODATA error coming from gethostbyname2_r. 2017-09-01 Florian Weimer * sysdeps/posix/getaddrinfo.c (gaih_inet): Only use h_errno if status indicates it is set. 2017-09-01 Florian Weimer * sysdeps/posix/getaddrinfo.c (gaih_inet): Make reporting of NSS function lookup failures more reliable. 2017-09-01 Florian Weimer * sysdeps/posix/getaddrinfo.c (gethosts): Use h_errno directly. (getcanonname): Likewise. (gaih_inet): Likewise. 2017-09-01 Florian Weimer * sysdeps/posix/getaddrinfo.c (gethosts): Use errno directly. (getcanonname): Likewise. (gaih_inet): Likewise. 2017-08-08 Florian Weimer * sysdeps/posix/getaddrinfo.c (gaih_inet): Remove unreachable return statement. Index: glibc-2.26/nss/Makefile =================================================================== --- glibc-2.26.orig/nss/Makefile +++ glibc-2.26/nss/Makefile @@ -58,6 +58,11 @@ tests = test-netdb test-digits-dots ts tst-nss-test5 xtests = bug-erange +# Tests which need libdl +ifeq (yes,$(build-shared)) +tests += tst-nss-files-hosts-erange +endif + # If we have a thread library then we can test cancellation against # some routines like getpwuid_r. ifeq (yes,$(have-thread-library)) @@ -154,3 +159,5 @@ $(patsubst %,$(objpfx)%.out,$(tests)) : ifeq (yes,$(have-thread-library)) $(objpfx)tst-cancel-getpwuid_r: $(shared-thread-library) endif + +$(objpfx)tst-nss-files-hosts-erange: $(libdl) Index: glibc-2.26/nss/tst-nss-files-hosts-erange.c =================================================================== --- /dev/null +++ glibc-2.26/nss/tst-nss-files-hosts-erange.c @@ -0,0 +1,109 @@ +/* Parse /etc/hosts in multi mode with a trailing long line (bug 21915). + Copyright (C) 2017 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +struct support_chroot *chroot_env; + +#define X10 "XXXXXXXXXX" +#define X100 X10 X10 X10 X10 X10 X10 X10 X10 X10 X10 +#define X1000 X100 X100 X100 X100 X100 X100 X100 X100 X100 X100 + +static void +prepare (int argc, char **argv) +{ + chroot_env = support_chroot_create + ((struct support_chroot_configuration) + { + .resolv_conf = "", + .hosts = + "127.0.0.1 localhost localhost.localdomain\n" + "::1 localhost localhost.localdomain\n" + "192.0.2.1 example.com\n" + "#" X1000 X100 "\n", + .host_conf = "multi on\n", + }); +} + +static int +do_test (void) +{ + support_become_root (); + if (!support_can_chroot ()) + return EXIT_UNSUPPORTED; + + __nss_configure_lookup ("hosts", "files"); + if (dlopen (LIBNSS_FILES_SO, RTLD_LAZY) == NULL) + FAIL_EXIT1 ("could not load " LIBNSS_DNS_SO ": %s", dlerror ()); + + xchroot (chroot_env->path_chroot); + + errno = ERANGE; + h_errno = NETDB_INTERNAL; + check_hostent ("gethostbyname example.com", + gethostbyname ("example.com"), + "name: example.com\n" + "address: 192.0.2.1\n"); + errno = ERANGE; + h_errno = NETDB_INTERNAL; + check_hostent ("gethostbyname2 AF_INET example.com", + gethostbyname2 ("example.com", AF_INET), + "name: example.com\n" + "address: 192.0.2.1\n"); + { + struct addrinfo hints = + { + .ai_family = AF_UNSPEC, + .ai_socktype = SOCK_STREAM, + .ai_protocol = IPPROTO_TCP, + }; + errno = ERANGE; + h_errno = NETDB_INTERNAL; + struct addrinfo *ai; + int ret = getaddrinfo ("example.com", "80", &hints, &ai); + check_addrinfo ("example.com AF_UNSPEC", ai, ret, + "address: STREAM/TCP 192.0.2.1 80\n"); + if (ret == 0) + freeaddrinfo (ai); + + hints.ai_family = AF_INET; + errno = ERANGE; + h_errno = NETDB_INTERNAL; + ret = getaddrinfo ("example.com", "80", &hints, &ai); + check_addrinfo ("example.com AF_INET", ai, ret, + "address: STREAM/TCP 192.0.2.1 80\n"); + if (ret == 0) + freeaddrinfo (ai); + } + + support_chroot_free (chroot_env); + return 0; +} + +#define PREPARE prepare +#include Index: glibc-2.26/resolv/tst-resolv-basic.c =================================================================== --- glibc-2.26.orig/resolv/tst-resolv-basic.c +++ glibc-2.26/resolv/tst-resolv-basic.c @@ -50,7 +50,7 @@ response (const struct resolv_response_c qname_compare = qname + 2; else qname_compare = qname; - enum {www, alias, nxdomain, long_name} requested_qname; + enum {www, alias, nxdomain, long_name, nodata} requested_qname; if (strcmp (qname_compare, "www.example") == 0) requested_qname = www; else if (strcmp (qname_compare, "alias.example") == 0) @@ -59,6 +59,8 @@ response (const struct resolv_response_c requested_qname = nxdomain; else if (strcmp (qname_compare, LONG_NAME) == 0) requested_qname = long_name; + else if (strcmp (qname_compare, "nodata.example") == 0) + requested_qname = nodata; else { support_record_failure (); @@ -87,6 +89,8 @@ response (const struct resolv_response_c resolv_response_close_record (b); resolv_response_open_record (b, "www.example", qclass, qtype, 0); break; + case nodata: + return; case nxdomain: FAIL_EXIT1 ("unreachable"); } @@ -267,6 +271,55 @@ test_bug_21295 (void) } } +/* Run tests which do not expect any data. */ +static void +test_nodata_nxdomain (void) +{ + /* Iterate through different address families. */ + int families[] = { AF_UNSPEC, AF_INET, AF_INET6, -1 }; + for (int i = 0; families[i] >= 0; ++i) + /* If do_tcp, prepend "t." to the name to trigger TCP + fallback. */ + for (int do_tcp = 0; do_tcp < 2; ++do_tcp) + /* If do_nxdomain, trigger an NXDOMAIN error (DNS failure), + otherwise use a NODATA response (empty but successful + answer). */ + for (int do_nxdomain = 0; do_nxdomain < 2; ++do_nxdomain) + { + int family = families[i]; + char *name = xasprintf ("%s%s.example", + do_tcp ? "t." : "", + do_nxdomain ? "nxdomain" : "nodata"); + + if (family != AF_UNSPEC) + { + if (do_nxdomain) + check_h (name, family, "error: HOST_NOT_FOUND\n"); + else + check_h (name, family, "error: NO_ADDRESS\n"); + } + + const char *expected; + if (do_nxdomain) + expected = "error: Name or service not known\n"; + else + expected = "error: No address associated with hostname\n"; + + check_ai (name, "80", family, expected); + + struct addrinfo hints = + { + .ai_family = family, + .ai_flags = AI_V4MAPPED | AI_ALL, + }; + check_ai_hints (name, "80", hints, expected); + hints.ai_flags |= AI_CANONNAME; + check_ai_hints (name, "80", hints, expected); + + free (name); + } +} + static int do_test (void) { @@ -439,29 +492,8 @@ do_test (void) "address: DGRAM/UDP 2001:db8::4 80\n" "address: RAW/IP 2001:db8::4 80\n"); - check_h ("nxdomain.example", AF_INET, - "error: HOST_NOT_FOUND\n"); - check_h ("nxdomain.example", AF_INET6, - "error: HOST_NOT_FOUND\n"); - check_ai ("nxdomain.example", "80", AF_UNSPEC, - "error: Name or service not known\n"); - check_ai ("nxdomain.example", "80", AF_INET, - "error: Name or service not known\n"); - check_ai ("nxdomain.example", "80", AF_INET6, - "error: Name or service not known\n"); - - check_h ("t.nxdomain.example", AF_INET, - "error: HOST_NOT_FOUND\n"); - check_h ("t.nxdomain.example", AF_INET6, - "error: HOST_NOT_FOUND\n"); - check_ai ("t.nxdomain.example", "80", AF_UNSPEC, - "error: Name or service not known\n"); - check_ai ("t.nxdomain.example", "80", AF_INET, - "error: Name or service not known\n"); - check_ai ("t.nxdomain.example", "80", AF_INET6, - "error: Name or service not known\n"); - test_bug_21295 (); + test_nodata_nxdomain (); resolv_test_end (aux); Index: glibc-2.26/support/namespace.h =================================================================== --- glibc-2.26.orig/support/namespace.h +++ glibc-2.26/support/namespace.h @@ -66,7 +66,9 @@ struct support_chroot_configuration { /* File contents. The files are not created if the field is NULL. */ - const char *resolv_conf; + const char *resolv_conf; /* /etc/resolv.conf. */ + const char *hosts; /* /etc/hosts. */ + const char *host_conf; /* /etc/host.conf. */ }; /* The result of the creation of a chroot. */ @@ -78,8 +80,11 @@ struct support_chroot /* Path to the chroot directory. */ char *path_chroot; - /* Path to the /etc/resolv.conf file. */ - char *path_resolv_conf; + /* Paths to files in the chroot. These are absolute and outside of + the chroot. */ + char *path_resolv_conf; /* /etc/resolv.conf. */ + char *path_hosts; /* /etc/hosts. */ + char *path_host_conf; /* /etc/host.conf. */ }; /* Create a chroot environment. The returned data should be freed Index: glibc-2.26/support/support_chroot.c =================================================================== --- glibc-2.26.orig/support/support_chroot.c +++ glibc-2.26/support/support_chroot.c @@ -24,6 +24,23 @@ #include #include +/* If CONTENTS is not NULL, write it to the file at DIRECTORY/RELPATH, + and store the name in *ABSPATH. If CONTENTS is NULL, store NULL in + *ABSPATH. */ +static void +write_file (const char *directory, const char *relpath, const char *contents, + char **abspath) +{ + if (contents != NULL) + { + *abspath = xasprintf ("%s/%s", directory, relpath); + add_temp_file (*abspath); + support_write_file_string (*abspath, contents); + } + else + *abspath = NULL; +} + struct support_chroot * support_chroot_create (struct support_chroot_configuration conf) { @@ -39,15 +56,10 @@ support_chroot_create (struct support_ch xmkdir (path_etc, 0777); add_temp_file (path_etc); - if (conf.resolv_conf != NULL) - { - /* Create an empty resolv.conf file. */ - chroot->path_resolv_conf = xasprintf ("%s/resolv.conf", path_etc); - add_temp_file (chroot->path_resolv_conf); - support_write_file_string (chroot->path_resolv_conf, conf.resolv_conf); - } - else - chroot->path_resolv_conf = NULL; + write_file (path_etc, "resolv.conf", conf.resolv_conf, + &chroot->path_resolv_conf); + write_file (path_etc, "hosts", conf.hosts, &chroot->path_hosts); + write_file (path_etc, "host.conf", conf.host_conf, &chroot->path_host_conf); free (path_etc); @@ -67,5 +79,7 @@ support_chroot_free (struct support_chro { free (chroot->path_chroot); free (chroot->path_resolv_conf); + free (chroot->path_hosts); + free (chroot->path_host_conf); free (chroot); } Index: glibc-2.26/sysdeps/posix/getaddrinfo.c =================================================================== --- glibc-2.26.orig/sysdeps/posix/getaddrinfo.c +++ glibc-2.26/sysdeps/posix/getaddrinfo.c @@ -241,48 +241,43 @@ convert_hostent_to_gaih_addrtuple (const #define gethosts(_family, _type) \ { \ - int herrno; \ struct hostent th; \ - struct hostent *h; \ char *localcanon = NULL; \ no_data = 0; \ - while (1) { \ - rc = 0; \ - status = DL_CALL_FCT (fct, (name, _family, &th, \ - tmpbuf->data, tmpbuf->length, \ - &rc, &herrno, NULL, &localcanon)); \ - if (rc != ERANGE || herrno != NETDB_INTERNAL) \ - break; \ - if (!scratch_buffer_grow (tmpbuf)) \ - { \ - __resolv_context_enable_inet6 (res_ctx, res_enable_inet6); \ - __resolv_context_put (res_ctx); \ - result = -EAI_MEMORY; \ - goto free_and_return; \ - } \ - } \ - if (status == NSS_STATUS_SUCCESS && rc == 0) \ - h = &th; \ - else \ - h = NULL; \ - if (rc != 0) \ + while (1) \ { \ - if (herrno == NETDB_INTERNAL) \ + status = DL_CALL_FCT (fct, (name, _family, &th, \ + tmpbuf->data, tmpbuf->length, \ + &errno, &h_errno, NULL, &localcanon)); \ + if (status != NSS_STATUS_TRYAGAIN || h_errno != NETDB_INTERNAL \ + || errno != ERANGE) \ + break; \ + if (!scratch_buffer_grow (tmpbuf)) \ + { \ + __resolv_context_enable_inet6 (res_ctx, res_enable_inet6); \ + __resolv_context_put (res_ctx); \ + result = -EAI_MEMORY; \ + goto free_and_return; \ + } \ + } \ + if (status == NSS_STATUS_NOTFOUND \ + || status == NSS_STATUS_TRYAGAIN || status == NSS_STATUS_UNAVAIL) \ + { \ + if (h_errno == NETDB_INTERNAL) \ { \ - __set_h_errno (herrno); \ __resolv_context_enable_inet6 (res_ctx, res_enable_inet6); \ __resolv_context_put (res_ctx); \ result = -EAI_SYSTEM; \ goto free_and_return; \ } \ - if (herrno == TRY_AGAIN) \ + if (h_errno == TRY_AGAIN) \ no_data = EAI_AGAIN; \ else \ - no_data = herrno == NO_DATA; \ + no_data = h_errno == NO_DATA; \ } \ - else if (h != NULL) \ + else if (status == NSS_STATUS_SUCCESS) \ { \ - if (!convert_hostent_to_gaih_addrtuple (req, _family,h, &addrmem)) \ + if (!convert_hostent_to_gaih_addrtuple (req, _family, &th, &addrmem)) \ { \ __resolv_context_enable_inet6 (res_ctx, res_enable_inet6); \ __resolv_context_put (res_ctx); \ @@ -334,10 +329,8 @@ getcanonname (service_user *nip, struct if (cfct != NULL) { char buf[256]; - int herrno; - int rc; if (DL_CALL_FCT (cfct, (at->name ?: name, buf, sizeof (buf), - &s, &rc, &herrno)) != NSS_STATUS_SUCCESS) + &s, &errno, &h_errno)) != NSS_STATUS_SUCCESS) /* If the canonical name cannot be determined, use the passed string. */ s = (char *) name; @@ -353,7 +346,6 @@ gaih_inet (const char *name, const struc const struct gaih_typeproto *tp = gaih_inet_typeproto; struct gaih_servtuple *st = (struct gaih_servtuple *) &nullserv; struct gaih_addrtuple *at = NULL; - int rc; bool got_ipv6 = false; const char *canon = NULL; const char *orig_name = name; @@ -395,7 +387,8 @@ gaih_inet (const char *name, const struc st = (struct gaih_servtuple *) alloca_account (sizeof (struct gaih_servtuple), alloca_used); - if ((rc = gaih_inet_serv (service->name, tp, req, st, tmpbuf))) + int rc = gaih_inet_serv (service->name, tp, req, st, tmpbuf); + if (__glibc_unlikely (rc != 0)) return rc; } else @@ -420,13 +413,9 @@ gaih_inet (const char *name, const struc alloca_account (sizeof (struct gaih_servtuple), alloca_used); - if ((rc = gaih_inet_serv (service->name, - tp, req, newp, tmpbuf))) - { - if (rc) - continue; - return rc; - } + if (gaih_inet_serv (service->name, + tp, req, newp, tmpbuf) != 0) + continue; *pst = newp; pst = &(newp->next); @@ -499,7 +488,7 @@ gaih_inet (const char *name, const struc idn_flags |= IDNA_USE_STD3_ASCII_RULES; char *p = NULL; - rc = __idna_to_ascii_lz (name, &p, idn_flags); + int rc = __idna_to_ascii_lz (name, &p, idn_flags); if (rc != IDNA_SUCCESS) { /* No need to jump to free_and_return here. */ @@ -600,14 +589,13 @@ gaih_inet (const char *name, const struc int rc; struct hostent th; struct hostent *h; - int herrno; while (1) { rc = __gethostbyname2_r (name, AF_INET, &th, tmpbuf->data, tmpbuf->length, - &h, &herrno); - if (rc != ERANGE || herrno != NETDB_INTERNAL) + &h, &h_errno); + if (rc != ERANGE || h_errno != NETDB_INTERNAL) break; if (!scratch_buffer_grow (tmpbuf)) { @@ -629,15 +617,20 @@ gaih_inet (const char *name, const struc } *pat = addrmem; } + else + { + if (h_errno == NO_DATA) + result = -EAI_NODATA; + else + result = -EAI_NONAME; + goto free_and_return; + } } else { - if (herrno == NETDB_INTERNAL) - { - __set_h_errno (herrno); - result = -EAI_SYSTEM; - } - else if (herrno == TRY_AGAIN) + if (h_errno == NETDB_INTERNAL) + result = -EAI_SYSTEM; + else if (h_errno == TRY_AGAIN) result = -EAI_AGAIN; else /* We made requests but they turned out no data. @@ -660,8 +653,7 @@ gaih_inet (const char *name, const struc { /* Try to use nscd. */ struct nscd_ai_result *air = NULL; - int herrno; - int err = __nscd_getai (name, &air, &herrno); + int err = __nscd_getai (name, &air, &h_errno); if (air != NULL) { /* Transform into gaih_addrtuple list. */ @@ -752,9 +744,9 @@ gaih_inet (const char *name, const struc goto free_and_return; else if (__nss_not_use_nscd_hosts == 0) { - if (herrno == NETDB_INTERNAL && errno == ENOMEM) + if (h_errno == NETDB_INTERNAL && errno == ENOMEM) result = -EAI_MEMORY; - else if (herrno == TRY_AGAIN) + else if (h_errno == TRY_AGAIN) result = -EAI_AGAIN; else result = -EAI_SYSTEM; @@ -793,24 +785,21 @@ gaih_inet (const char *name, const struc if (fct4 != NULL) { - int herrno; - while (1) { - rc = 0; status = DL_CALL_FCT (fct4, (name, pat, tmpbuf->data, tmpbuf->length, - &rc, &herrno, + &errno, &h_errno, NULL)); if (status == NSS_STATUS_SUCCESS) break; if (status != NSS_STATUS_TRYAGAIN - || rc != ERANGE || herrno != NETDB_INTERNAL) + || errno != ERANGE || h_errno != NETDB_INTERNAL) { - if (herrno == TRY_AGAIN) + if (h_errno == TRY_AGAIN) no_data = EAI_AGAIN; else - no_data = herrno == NO_DATA; + no_data = h_errno == NO_DATA; break; } @@ -940,13 +929,17 @@ gaih_inet (const char *name, const struc } else { + /* Could not locate any of the lookup functions. + The NSS lookup code does not consistently set + errno, so we need to supply our own error + code here. The root cause could either be a + resource allocation failure, or a missing + service function in the DSO (so it should not + be listed in /etc/nsswitch.conf). Assume the + former, and return EBUSY. */ status = NSS_STATUS_UNAVAIL; - /* Could not load any of the lookup functions. Indicate - an internal error if the failure was due to a system - error other than the file not being found. We use the - errno from the last failed callback. */ - if (errno != 0 && errno != ENOENT) - __set_h_errno (NETDB_INTERNAL); + __set_h_errno (NETDB_INTERNAL); + __set_errno (EBUSY); } } @@ -962,7 +955,10 @@ gaih_inet (const char *name, const struc __resolv_context_enable_inet6 (res_ctx, res_enable_inet6); __resolv_context_put (res_ctx); - if (h_errno == NETDB_INTERNAL) + /* If we have a failure which sets errno, report it using + EAI_SYSTEM. */ + if ((status == NSS_STATUS_TRYAGAIN || status == NSS_STATUS_UNAVAIL) + && h_errno == NETDB_INTERNAL) { result = -EAI_SYSTEM; goto free_and_return;