struct hostent *
netsnmp_gethostbyname(const char *name)
{
#if HAVE_GETHOSTBYNAME
#ifdef DNSSEC_LOCAL_VALIDATION
val_status_t val_status;
#endif
struct hostent *hp = NULL;
if (NULL == name)
return NULL;
DEBUGMSGTL(("dns:gethostbyname", "looking up %s\n", name));
#ifdef DNSSEC_LOCAL_VALIDATION
hp = val_gethostbyname(netsnmp_validator_context(), name, &val_status);
DEBUGMSGTL(("dns:sec:val", "val_status %d / %s; trusted: %d\n",
val_status, p_val_status(val_status),
val_istrusted(val_status)));
if (!val_istrusted(val_status)) {
snmp_log(LOG_WARNING,
"The authenticity of DNS response is not trusted (%s)\n",
p_val_status(val_status));
/** continue anyways if DNSSEC_WARN_ONLY is set */
if (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID,
NETSNMP_DS_LIB_DNSSEC_WARN_ONLY))
hp = NULL;
}
else if (val_does_not_exist(val_status) && hp)
hp = NULL;
#else
hp = gethostbyname(name);
#endif
if (hp == NULL) {
DEBUGMSGTL(("dns:gethostbyname",
"couldn't resolve %s\n", name));
} else if (hp->h_addrtype != AF_INET) {
DEBUGMSGTL(("dns:gethostbyname",
"warning: response for %s not AF_INET!\n", name));
} else {
DEBUGMSGTL(("dns:gethostbyname",
"%s resolved okay\n", name));
}
return hp;
#else
NETSNMP_LOGONCE((LOG_ERR, "gethostbyname not available"));
return NULL;
#endif /* HAVE_GETHOSTBYNAME */
}
struct hostent *
netsnmp_gethostbyaddr(const void *addr, socklen_t len, int type)
{
#if HAVE_GETHOSTBYADDR
struct hostent *hp = NULL;
struct sockaddr_in *saddr_in =
NETSNMP_REMOVE_CONST(struct sockaddr_in *,addr);
DEBUGMSGTL(("dns:gethostbyaddr", "resolving { AF_INET, %s:%hu }\n",
inet_ntoa(saddr_in->sin_addr), ntohs(saddr_in->sin_port)));
#ifdef DNSSEC_LOCAL_VALIDATION
val_status_t val_status;
hp = val_gethostbyaddr(netsnmp_validator_context(),
(const void*)&saddr_in->sin_addr,
sizeof(struct in_addr), AF_INET, &val_status);
DEBUGMSGTL(("dns:sec:val", "val_status %d / %s; trusted: %d\n",
val_status, p_val_status(val_status),
val_istrusted(val_status)));
if (!val_istrusted(val_status)) {
snmp_log(LOG_WARNING,
"The authenticity of DNS response is not trusted (%s)\n",
p_val_status(val_status));
/** continue anyways if DNSSEC_WARN_ONLY is set */
if (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID,
NETSNMP_DS_LIB_DNSSEC_WARN_ONLY))
hp = NULL;
}
else if (val_does_not_exist(val_status) && hp)
hp = NULL;
#else
hp = gethostbyaddr((const void*) &saddr_in->sin_addr,
sizeof(struct in_addr), AF_INET);
#endif
if (hp == NULL) {
DEBUGMSGTL(("dns:gethostbyaddr", "couldn't resolve addr\n"));
} else if (hp->h_addrtype != AF_INET) {
DEBUGMSGTL(("dns:gethostbyaddr",
"warning: response for addr not AF_INET!\n"));
} else {
DEBUGMSGTL(("dns:gethostbyaddr", "addr resolved okay\n"));
}
return hp;
#else
NETSNMP_LOGONCE((LOG_ERR, "gethostbyaddr not available"));
return NULL;
#endif
}
int
netsnmp_getaddrinfo(const char *name, const char *service,
const struct addrinfo *hints, struct addrinfo **res)
{
#if HAVE_GETADDRINFO
struct addrinfo *addrs = NULL;
struct addrinfo hint;
int err;
#ifdef DNSSEC_LOCAL_VALIDATION
val_status_t val_status;
#endif
DEBUGMSGTL(("dns:getaddrinfo", "looking up "));
if (name)
DEBUGMSG(("dns:getaddrinfo", "\"%s\"", name));
else
DEBUGMSG(("dns:getaddrinfo", "<NULL>"));
if (service)
DEBUGMSG(("dns:getaddrinfo", ":\"%s\"", service));
if (hints)
DEBUGMSG(("dns:getaddrinfo", " with hint ({ ... })"));
else
DEBUGMSG(("dns:getaddrinfo", " with no hint"));
DEBUGMSG(("dns:getaddrinfo", "\n"));
if (NULL == hints) {
memset(&hint, 0, sizeof hint);
hint.ai_flags = 0;
hint.ai_family = PF_INET;
hint.ai_socktype = SOCK_DGRAM;
hint.ai_protocol = 0;
hints = &hint;
} else {
memcpy(&hint, hints, sizeof hint);
}
#ifndef DNSSEC_LOCAL_VALIDATION
err = getaddrinfo(name, NULL, &hint, &addrs);
#else /* DNSSEC_LOCAL_VALIDATION */
err = val_getaddrinfo(netsnmp_validator_context(), name, NULL, &hint,
&addrs, &val_status);
DEBUGMSGTL(("dns:sec:val", "err %d, val_status %d / %s; trusted: %d\n",
err, val_status, p_val_status(val_status),
val_istrusted(val_status)));
if (! val_istrusted(val_status)) {
int rc;
if ((err != 0) && VAL_GETADDRINFO_HAS_STATUS(err)) {
snmp_log(LOG_WARNING,
"WARNING: UNTRUSTED error in DNS resolution for %s!\n",
name);
rc = EAI_FAIL;
} else {
snmp_log(LOG_WARNING,
"The authenticity of DNS response is not trusted (%s)\n",
p_val_status(val_status));
rc = EAI_NONAME;
}
/** continue anyways if DNSSEC_WARN_ONLY is set */
if (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID,
NETSNMP_DS_LIB_DNSSEC_WARN_ONLY))
return rc;
}
#endif /* DNSSEC_LOCAL_VALIDATION */
*res = addrs;
if ((0 == err) && addrs && addrs->ai_addr) {
DEBUGMSGTL(("dns:getaddrinfo", "answer { AF_INET, %s:%hu }\n",
inet_ntoa(((struct sockaddr_in*)addrs->ai_addr)->sin_addr),
ntohs(((struct sockaddr_in*)addrs->ai_addr)->sin_port)));
}
return err;
#else
NETSNMP_LOGONCE((LOG_ERR, "getaddrinfo not available"));
return EAI_FAIL;
#endif /* getaddrinfo */
}
