struct hostent * netsnmp_gethostbyname(const char *name) { #if HAVE_GETHOSTBYNAME #ifdef DNSSEC_LOCAL_VALIDATION val_status_t val_status; #endif struct hostent *hp = NULL; if (NULL == name) return NULL; DEBUGMSGTL(("dns:gethostbyname", "looking up %s\n", name)); #ifdef DNSSEC_LOCAL_VALIDATION hp = val_gethostbyname(netsnmp_validator_context(), name, &val_status); DEBUGMSGTL(("dns:sec:val", "val_status %d / %s; trusted: %d\n", val_status, p_val_status(val_status), val_istrusted(val_status))); if (!val_istrusted(val_status)) { snmp_log(LOG_WARNING, "The authenticity of DNS response is not trusted (%s)\n", p_val_status(val_status)); /** continue anyways if DNSSEC_WARN_ONLY is set */ if (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_DNSSEC_WARN_ONLY)) hp = NULL; } else if (val_does_not_exist(val_status) && hp) hp = NULL; #else hp = gethostbyname(name); #endif if (hp == NULL) { DEBUGMSGTL(("dns:gethostbyname", "couldn't resolve %s\n", name)); } else if (hp->h_addrtype != AF_INET) { DEBUGMSGTL(("dns:gethostbyname", "warning: response for %s not AF_INET!\n", name)); } else { DEBUGMSGTL(("dns:gethostbyname", "%s resolved okay\n", name)); } return hp; #else NETSNMP_LOGONCE((LOG_ERR, "gethostbyname not available")); return NULL; #endif /* HAVE_GETHOSTBYNAME */ }
struct hostent * netsnmp_gethostbyaddr(const void *addr, socklen_t len, int type) { #if HAVE_GETHOSTBYADDR struct hostent *hp = NULL; struct sockaddr_in *saddr_in = NETSNMP_REMOVE_CONST(struct sockaddr_in *,addr); DEBUGMSGTL(("dns:gethostbyaddr", "resolving { AF_INET, %s:%hu }\n", inet_ntoa(saddr_in->sin_addr), ntohs(saddr_in->sin_port))); #ifdef DNSSEC_LOCAL_VALIDATION val_status_t val_status; hp = val_gethostbyaddr(netsnmp_validator_context(), (const void*)&saddr_in->sin_addr, sizeof(struct in_addr), AF_INET, &val_status); DEBUGMSGTL(("dns:sec:val", "val_status %d / %s; trusted: %d\n", val_status, p_val_status(val_status), val_istrusted(val_status))); if (!val_istrusted(val_status)) { snmp_log(LOG_WARNING, "The authenticity of DNS response is not trusted (%s)\n", p_val_status(val_status)); /** continue anyways if DNSSEC_WARN_ONLY is set */ if (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_DNSSEC_WARN_ONLY)) hp = NULL; } else if (val_does_not_exist(val_status) && hp) hp = NULL; #else hp = gethostbyaddr((const void*) &saddr_in->sin_addr, sizeof(struct in_addr), AF_INET); #endif if (hp == NULL) { DEBUGMSGTL(("dns:gethostbyaddr", "couldn't resolve addr\n")); } else if (hp->h_addrtype != AF_INET) { DEBUGMSGTL(("dns:gethostbyaddr", "warning: response for addr not AF_INET!\n")); } else { DEBUGMSGTL(("dns:gethostbyaddr", "addr resolved okay\n")); } return hp; #else NETSNMP_LOGONCE((LOG_ERR, "gethostbyaddr not available")); return NULL; #endif }
int netsnmp_getaddrinfo(const char *name, const char *service, const struct addrinfo *hints, struct addrinfo **res) { #if HAVE_GETADDRINFO struct addrinfo *addrs = NULL; struct addrinfo hint; int err; #ifdef DNSSEC_LOCAL_VALIDATION val_status_t val_status; #endif DEBUGMSGTL(("dns:getaddrinfo", "looking up ")); if (name) DEBUGMSG(("dns:getaddrinfo", "\"%s\"", name)); else DEBUGMSG(("dns:getaddrinfo", "<NULL>")); if (service) DEBUGMSG(("dns:getaddrinfo", ":\"%s\"", service)); if (hints) DEBUGMSG(("dns:getaddrinfo", " with hint ({ ... })")); else DEBUGMSG(("dns:getaddrinfo", " with no hint")); DEBUGMSG(("dns:getaddrinfo", "\n")); if (NULL == hints) { memset(&hint, 0, sizeof hint); hint.ai_flags = 0; hint.ai_family = PF_INET; hint.ai_socktype = SOCK_DGRAM; hint.ai_protocol = 0; hints = &hint; } else { memcpy(&hint, hints, sizeof hint); } #ifndef DNSSEC_LOCAL_VALIDATION err = getaddrinfo(name, NULL, &hint, &addrs); #else /* DNSSEC_LOCAL_VALIDATION */ err = val_getaddrinfo(netsnmp_validator_context(), name, NULL, &hint, &addrs, &val_status); DEBUGMSGTL(("dns:sec:val", "err %d, val_status %d / %s; trusted: %d\n", err, val_status, p_val_status(val_status), val_istrusted(val_status))); if (! val_istrusted(val_status)) { int rc; if ((err != 0) && VAL_GETADDRINFO_HAS_STATUS(err)) { snmp_log(LOG_WARNING, "WARNING: UNTRUSTED error in DNS resolution for %s!\n", name); rc = EAI_FAIL; } else { snmp_log(LOG_WARNING, "The authenticity of DNS response is not trusted (%s)\n", p_val_status(val_status)); rc = EAI_NONAME; } /** continue anyways if DNSSEC_WARN_ONLY is set */ if (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_DNSSEC_WARN_ONLY)) return rc; } #endif /* DNSSEC_LOCAL_VALIDATION */ *res = addrs; if ((0 == err) && addrs && addrs->ai_addr) { DEBUGMSGTL(("dns:getaddrinfo", "answer { AF_INET, %s:%hu }\n", inet_ntoa(((struct sockaddr_in*)addrs->ai_addr)->sin_addr), ntohs(((struct sockaddr_in*)addrs->ai_addr)->sin_port))); } return err; #else NETSNMP_LOGONCE((LOG_ERR, "getaddrinfo not available")); return EAI_FAIL; #endif /* getaddrinfo */ }