8487
|
1 /**
|
|
2 * @file mdns.c Multicast DNS connection code used by rendezvous.
|
|
3 *
|
|
4 * gaim
|
|
5 *
|
|
6 * Gaim is the legal property of its developers, whose names are too numerous
|
|
7 * to list here. Please refer to the COPYRIGHT file distributed with this
|
|
8 * source distribution.
|
|
9 *
|
|
10 * This program is free software; you can redistribute it and/or modify
|
|
11 * it under the terms of the GNU General Public License as published by
|
|
12 * the Free Software Foundation; either version 2 of the License, or
|
|
13 * (at your option) any later version.
|
|
14 *
|
|
15 * This program is distributed in the hope that it will be useful,
|
|
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
18 * GNU General Public License for more details.
|
|
19 *
|
|
20 * You should have received a copy of the GNU General Public License
|
|
21 * along with this program; if not, write to the Free Software
|
|
22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
23 *
|
|
24 */
|
|
25
|
|
26 /*
|
|
27 * If you want to understand this, read RFC1035 and
|
|
28 * draft-cheshire-dnsext-multicastdns.txt
|
|
29 */
|
|
30
|
|
31 /*
|
|
32 * XXX - THIS DOESN'T DO BOUNDS CHECKING!!! DON'T USE IT ON AN UNTRUSTED
|
|
33 * NETWORK UNTIL IT DOES!!! THERE ARE POSSIBLE REMOTE ACCESS VIA BUFFER
|
|
34 * OVERFLOW SECURITY HOLES!!!
|
|
35 */
|
|
36
|
8546
|
37 #include "internal.h"
|
8487
|
38 #include "debug.h"
|
|
39
|
|
40 #include "mdns.h"
|
|
41 #include "util.h"
|
|
42
|
|
43 int
|
|
44 mdns_establish_socket()
|
|
45 {
|
|
46 int fd = -1;
|
|
47 struct sockaddr_in addr;
|
|
48 struct ip_mreq mreq;
|
|
49 unsigned char loop;
|
|
50 unsigned char ttl;
|
|
51 int reuseaddr;
|
|
52
|
|
53 gaim_debug_info("mdns", "Establishing multicast socket\n");
|
|
54
|
|
55 /* What's the difference between AF_INET and PF_INET? */
|
|
56 if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
|
|
57 gaim_debug_error("mdns", "Unable to create socket: %s\n", strerror(errno));
|
|
58 return -1;
|
|
59 }
|
|
60
|
|
61 /* Make the socket non-blocking (although it shouldn't matter) */
|
|
62 fcntl(fd, F_SETFL, O_NONBLOCK);
|
|
63
|
|
64 /* Bind the socket to a local IP and port */
|
|
65 addr.sin_family = AF_INET;
|
|
66 addr.sin_port = htons(5353);
|
|
67 addr.sin_addr.s_addr = INADDR_ANY;
|
|
68 if (bind(fd, (struct sockaddr *)&addr, sizeof(struct sockaddr_in)) < 0) {
|
|
69 gaim_debug_error("mdns", "Unable to bind socket to interface.\n");
|
|
70 close(fd);
|
|
71 return -1;
|
|
72 }
|
|
73
|
|
74 /* Ensure loopback is enabled (it should be enabled by default, by let's be sure) */
|
|
75 loop = 1;
|
|
76 if (setsockopt(fd, IPPROTO_IP, IP_MULTICAST_LOOP, &loop, sizeof(unsigned char)) == -1) {
|
|
77 gaim_debug_error("mdns", "Error calling setsockopt for IP_MULTICAST_LOOP\n");
|
|
78 }
|
|
79
|
|
80 /* Set TTL to 255--required by mDNS */
|
|
81 ttl = 255;
|
|
82 if (setsockopt(fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(unsigned char)) == -1) {
|
|
83 gaim_debug_error("mdns", "Error calling setsockopt for IP_MULTICAST_TTL\n");
|
|
84 close(fd);
|
|
85 return -1;
|
|
86 }
|
|
87
|
|
88 /* Join the .local multicast group */
|
|
89 mreq.imr_multiaddr.s_addr = inet_addr("224.0.0.251");
|
|
90 mreq.imr_interface.s_addr = htonl(INADDR_ANY);
|
|
91 if (setsockopt(fd, IPPROTO_IP, IP_ADD_MEMBERSHIP, &mreq, sizeof(struct ip_mreq)) == -1) {
|
|
92 gaim_debug_error("mdns", "Error calling setsockopt for IP_ADD_MEMBERSHIP\n");
|
|
93 close(fd);
|
|
94 return -1;
|
|
95 }
|
|
96
|
|
97 /* Make the local IP re-usable */
|
|
98 reuseaddr = 1;
|
|
99 if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &reuseaddr, sizeof(int)) == -1) {
|
|
100 gaim_debug_error("mdns", "Error calling setsockopt for SO_REUSEADDR: %s\n", strerror(errno));
|
|
101 }
|
|
102
|
|
103 return fd;
|
|
104 }
|
|
105
|
|
106 int
|
|
107 mdns_query(int fd, const char *domain)
|
|
108 {
|
|
109 struct sockaddr_in addr;
|
|
110 unsigned int querylen;
|
|
111 unsigned char *query;
|
|
112 char *b, *c;
|
|
113 int i, n;
|
|
114
|
|
115 if (strlen(domain) > 255) {
|
|
116 return -EINVAL;
|
|
117 }
|
|
118
|
|
119 /*
|
|
120 * Build the outgoing query packet. It is made of the header with a
|
|
121 * query made up of the given domain. The header is 12 bytes.
|
|
122 */
|
|
123 querylen = 12 + strlen(domain) + 2 + 4;
|
|
124 if (!(query = (unsigned char *)g_malloc(querylen))) {
|
|
125 return -ENOMEM;
|
|
126 }
|
|
127
|
|
128 /* The header section */
|
|
129 util_put32(&query[0], 0); /* The first 32 bits of the header are all 0's in mDNS */
|
|
130 util_put16(&query[4], 1); /* QDCOUNT */
|
|
131 util_put16(&query[6], 0); /* ANCOUNT */
|
|
132 util_put16(&query[8], 0); /* NSCOUNT */
|
|
133 util_put16(&query[10], 0); /* ARCOUNT */
|
|
134
|
|
135 /* The question section */
|
|
136 i = 12; /* Destination in query */
|
|
137 b = (char *)domain;
|
|
138 while ((c = strchr(b, '.'))) {
|
|
139 i += util_put8(&query[i], c - b); /* Length of domain-name segment */
|
|
140 memcpy(&query[i], b, c - b); /* Domain-name segment */
|
|
141 i += c - b; /* Increment the destination pointer */
|
|
142 b = c + 1;
|
|
143 }
|
|
144 i += util_put8(&query[i], strlen(b)); /* Length of domain-name segment */
|
|
145 strcpy(&query[i], b); /* Domain-name segment */
|
|
146 i += strlen(b) + 1; /* Increment the destination pointer */
|
|
147 i += util_put16(&query[i], 0x000c); /* QTYPE */
|
|
148 i += util_put16(&query[i], 0x8001); /* QCLASS */
|
|
149
|
|
150 /* Actually send the DNS query */
|
|
151 addr.sin_family = AF_INET;
|
|
152 addr.sin_port = htons(5353);
|
|
153 addr.sin_addr.s_addr = inet_addr("224.0.0.251");
|
|
154 n = sendto(fd, query, querylen, 0, (struct sockaddr *)&addr, sizeof(struct sockaddr_in));
|
|
155 g_free(query);
|
|
156
|
|
157 if (n == -1) {
|
|
158 gaim_debug_error("mdns", "Error sending packet: %d\n", errno);
|
|
159 return -1;
|
|
160 } else if (n != querylen) {
|
|
161 gaim_debug_error("mdns", "Only sent %d of %d bytes of query.\n", n, querylen);
|
|
162 return -1;
|
|
163 }
|
|
164
|
|
165 return 0;
|
|
166 }
|
|
167
|
|
168 /*
|
|
169 * XXX - Needs bounds checking!
|
|
170 *
|
|
171 * Read in a domain name from the given buffer starting at the given
|
|
172 * offset. This handles using domain name compression to jump around
|
|
173 * the data buffer, if needed.
|
|
174 *
|
|
175 * @return A null-terminated string representation of the domain name.
|
|
176 * This should be g_free'd when no longer needed.
|
|
177 */
|
|
178 static gchar *
|
|
179 mdns_read_name(const char *data, int datalen, int dataoffset)
|
|
180 {
|
|
181 GString *ret = g_string_new("");
|
|
182 unsigned char tmp;
|
|
183
|
|
184 while ((tmp = util_get8(&data[dataoffset])) != 0) {
|
|
185 dataoffset++;
|
|
186
|
|
187 if ((tmp & 0xc0) == 0) { /* First two bits are 00 */
|
|
188 if (*ret->str)
|
|
189 g_string_append_c(ret, '.');
|
|
190 g_string_append_len(ret, &data[dataoffset], tmp);
|
|
191 dataoffset += tmp;
|
|
192
|
|
193 } else if ((tmp & 0x40) == 0) { /* First two bits are 10 */
|
|
194 /* Reserved for future use */
|
|
195
|
|
196 } else if ((tmp & 0x80) == 1) { /* First two bits are 01 */
|
|
197 /* Reserved for future use */
|
|
198
|
|
199 } else { /* First two bits are 11 */
|
|
200 /* Jump to another position in the data */
|
|
201 dataoffset = util_get8(&data[dataoffset]);
|
|
202
|
|
203 }
|
|
204 }
|
|
205
|
|
206 return g_string_free(ret, FALSE);
|
|
207 }
|
|
208
|
|
209 /*
|
|
210 * XXX - Needs bounds checking!
|
|
211 *
|
|
212 * Determine how many bytes long a portion of the domain name is
|
|
213 * at the given offset. This does NOT jump around the data array
|
|
214 * in the case of domain name compression.
|
|
215 *
|
|
216 * @return The length of the portion of the domain name.
|
|
217 */
|
|
218 static int
|
|
219 mdns_read_name_len(const char *data, int datalen, int dataoffset)
|
|
220 {
|
|
221 int startoffset = dataoffset;
|
|
222 unsigned char tmp;
|
|
223
|
|
224 while ((tmp = util_get8(&data[dataoffset++])) != 0) {
|
|
225
|
|
226 if ((tmp & 0xc0) == 0) { /* First two bits are 00 */
|
|
227 dataoffset += tmp;
|
|
228
|
|
229 } else if ((tmp & 0x40) == 0) { /* First two bits are 10 */
|
|
230 /* Reserved for future use */
|
|
231
|
|
232 } else if ((tmp & 0x80) == 1) { /* First two bits are 01 */
|
|
233 /* Reserved for future use */
|
|
234
|
|
235 } else { /* First two bits are 11 */
|
|
236 /* End of this portion of the domain name */
|
|
237 dataoffset++;
|
|
238 break;
|
|
239
|
|
240 }
|
|
241 }
|
|
242
|
|
243 return dataoffset - startoffset;
|
|
244 }
|
|
245
|
|
246 /*
|
|
247 * XXX - Needs bounds checking!
|
|
248 *
|
|
249 */
|
|
250 static Question *
|
|
251 mdns_read_questions(int numquestions, const char *data, int datalen, int *offset)
|
|
252 {
|
|
253 Question *ret;
|
|
254 int i;
|
|
255
|
|
256 ret = (Question *)g_malloc0(numquestions * sizeof(Question));
|
|
257 for (i = 0; i < numquestions; i++) {
|
|
258 ret[i].name = mdns_read_name(data, 0, *offset);
|
|
259 *offset += mdns_read_name_len(data, 0, *offset);
|
|
260 ret[i].type = util_get16(&data[*offset]); /* QTYPE */
|
|
261 *offset += 2;
|
|
262 ret[i].class = util_get16(&data[*offset]); /* QCLASS */
|
|
263 *offset += 2;
|
|
264 }
|
|
265
|
|
266 return ret;
|
|
267 }
|
|
268
|
|
269 /*
|
|
270 * Read in a chunk of data, probably a buddy icon.
|
|
271 *
|
|
272 */
|
|
273 static unsigned char *
|
|
274 mdns_read_rr_rdata_null(const char *data, int datalen, int offset, unsigned short rdlength)
|
|
275 {
|
|
276 unsigned char *ret = NULL;
|
|
277
|
|
278 if (offset + rdlength > datalen)
|
|
279 return NULL;
|
|
280
|
|
281 ret = (unsigned char *)g_malloc(rdlength);
|
|
282 memcpy(ret, &data[offset], rdlength);
|
|
283
|
|
284 return ret;
|
|
285 }
|
|
286
|
|
287 /*
|
|
288 * XXX - Needs bounds checking!
|
|
289 *
|
|
290 */
|
|
291 static char *
|
|
292 mdns_read_rr_rdata_ptr(const char *data, int datalen, int offset)
|
|
293 {
|
|
294 char *ret = NULL;
|
|
295
|
|
296 ret = mdns_read_name(data, datalen, offset);
|
|
297
|
|
298 return ret;
|
|
299 }
|
|
300
|
|
301 /*
|
|
302 *
|
|
303 *
|
|
304 */
|
|
305 static GHashTable *
|
|
306 mdns_read_rr_rdata_txt(const char *data, int datalen, int offset, unsigned short rdlength)
|
|
307 {
|
|
308 GHashTable *ret = g_hash_table_new_full(g_str_hash, g_str_equal, g_free, g_free);
|
|
309 int endoffset = offset + rdlength;
|
|
310 unsigned char tmp;
|
|
311 char buf[256], *key, *value;
|
|
312
|
|
313 while (offset < endoffset) {
|
|
314 /* Read in the length of the next name/value pair */
|
|
315 tmp = util_get8(&data[offset]);
|
|
316 offset++;
|
|
317
|
|
318 /* Ensure packet is valid */
|
|
319 if (offset + tmp > endoffset)
|
|
320 break;
|
|
321
|
|
322 /* Read in the next name/value pair */
|
|
323 strncpy(buf, &data[offset], tmp);
|
|
324 offset += tmp;
|
|
325
|
|
326 if (buf[0] == '=') {
|
|
327 /* Name/value pairs beginning with = are silently ignored */
|
|
328 continue;
|
|
329 }
|
|
330
|
|
331 /* The value is a substring of buf, starting just after the = */
|
|
332 buf[tmp] = '\0';
|
|
333 value = strchr(buf, '=');
|
|
334 if (value != NULL) {
|
|
335 value[0] = '\0';
|
|
336 value++;
|
|
337 }
|
|
338
|
|
339 /* Make the key all lowercase */
|
|
340 key = g_utf8_strdown(buf, -1);
|
|
341 if (!g_hash_table_lookup(ret, key))
|
|
342 g_hash_table_insert(ret, key, g_strdup(value));
|
|
343 else
|
|
344 g_free(key);
|
|
345 }
|
|
346
|
|
347 return ret;
|
|
348 }
|
|
349
|
|
350 /*
|
|
351 * XXX - Needs bounds checking!
|
|
352 *
|
|
353 */
|
|
354 static ResourceRecord *
|
|
355 mdns_read_rr(int numrecords, const char *data, int datalen, int *offset)
|
|
356 {
|
|
357 ResourceRecord *ret;
|
|
358 int i;
|
|
359
|
|
360 ret = (ResourceRecord *)g_malloc0(numrecords * sizeof(ResourceRecord));
|
|
361 for (i = 0; i < numrecords; i++) {
|
|
362 ret[i].name = mdns_read_name(data, 0, *offset); /* NAME */
|
|
363 *offset += mdns_read_name_len(data, 0, *offset);
|
|
364 ret[i].type = util_get16(&data[*offset]); /* TYPE */
|
|
365 *offset += 2;
|
|
366 ret[i].class = util_get16(&data[*offset]); /* CLASS */
|
|
367 *offset += 2;
|
|
368 ret[i].ttl = util_get32(&data[*offset]); /* TTL */
|
|
369 *offset += 4;
|
|
370 ret[i].rdlength = util_get16(&data[*offset]); /* RDLENGTH */
|
|
371 *offset += 2;
|
|
372
|
|
373 /* RDATA */
|
|
374 switch (ret[i].type) {
|
|
375 case RENDEZVOUS_RRTYPE_NULL:
|
|
376 ret[i].rdata = mdns_read_rr_rdata_null(data, datalen, *offset, ret[i].rdlength);
|
|
377 break;
|
|
378
|
|
379 case RENDEZVOUS_RRTYPE_PTR:
|
|
380 ret[i].rdata = mdns_read_rr_rdata_ptr(data, datalen, *offset);
|
|
381 break;
|
|
382
|
|
383 case RENDEZVOUS_RRTYPE_TXT:
|
|
384 ret[i].rdata = mdns_read_rr_rdata_txt(data, datalen, *offset, ret[i].rdlength);
|
|
385 break;
|
|
386
|
|
387 default:
|
|
388 ret[i].rdata = NULL;
|
|
389 break;
|
|
390 }
|
|
391 *offset += ret[i].rdlength;
|
|
392 }
|
|
393
|
|
394 return ret;
|
|
395 }
|
|
396
|
|
397 /*
|
|
398 * XXX - Needs bounds checking!
|
|
399 *
|
|
400 */
|
|
401 DNSPacket *
|
|
402 mdns_read(int fd)
|
|
403 {
|
|
404 DNSPacket *ret = NULL;
|
|
405 int i; /* Current position in datagram */
|
|
406 //char data[512];
|
|
407 char data[10096];
|
|
408 int datalen;
|
|
409 struct sockaddr_in addr;
|
|
410 socklen_t addrlen;
|
|
411
|
|
412 /* Read in an mDNS packet */
|
|
413 addrlen = sizeof(struct sockaddr_in);
|
|
414 if ((datalen = recvfrom(fd, data, sizeof(data), 0, (struct sockaddr *)&addr, &addrlen)) == -1) {
|
|
415 gaim_debug_error("mdns", "Error reading packet: %d\n", errno);
|
|
416 return NULL;
|
|
417 }
|
|
418
|
|
419 ret = (DNSPacket *)g_malloc0(sizeof(DNSPacket));
|
|
420
|
|
421 /* Parse the incoming packet, starting from 0 */
|
|
422 i = 0;
|
|
423
|
|
424 /* The header section */
|
|
425 ret->header.id = util_get16(&data[i]); /* ID */
|
|
426 i += 2;
|
|
427
|
|
428 /* For the flags, some bits must be 0 and some must be 1, the rest are ignored */
|
|
429 ret->header.flags = util_get16(&data[i]); /* Flags (QR, OPCODE, AA, TC, RD, RA, Z, AD, CD, and RCODE */
|
|
430 i += 2;
|
|
431 if ((ret->header.flags & 0x8000) == 0) {
|
|
432 /* QR should be 1 */
|
|
433 g_free(ret);
|
|
434 return NULL;
|
|
435 }
|
|
436 if ((ret->header.flags & 0x7800) != 0) {
|
|
437 /* OPCODE should be all 0's */
|
|
438 g_free(ret);
|
|
439 return NULL;
|
|
440 }
|
|
441
|
|
442 /* Read in the number of other things in the packet */
|
|
443 ret->header.numquestions = util_get16(&data[i]);
|
|
444 i += 2;
|
|
445 ret->header.numanswers = util_get16(&data[i]);
|
|
446 i += 2;
|
|
447 ret->header.numauthority = util_get16(&data[i]);
|
|
448 i += 2;
|
|
449 ret->header.numadditional = util_get16(&data[i]);
|
|
450 i += 2;
|
|
451
|
|
452 /* Read in all the questions */
|
|
453 ret->questions = mdns_read_questions(ret->header.numquestions, data, datalen, &i);
|
|
454
|
|
455 /* Read in all resource records */
|
|
456 ret->answers = mdns_read_rr(ret->header.numanswers, data, datalen, &i);
|
|
457
|
|
458 /* Read in all authority records */
|
|
459 ret->authority = mdns_read_rr(ret->header.numauthority, data, datalen, &i);
|
|
460
|
|
461 /* Read in all additional records */
|
|
462 ret->additional = mdns_read_rr(ret->header.numadditional, data, datalen, &i);
|
|
463
|
|
464 /* We should be at the end of the packet */
|
|
465 if (i != datalen) {
|
|
466 gaim_debug_error("mdns", "Finished parsing before end of DNS packet! Only parsed %d of %d bytes.", i, datalen);
|
|
467 g_free(ret);
|
|
468 return NULL;
|
|
469 }
|
|
470
|
|
471 return ret;
|
|
472 }
|
|
473
|
|
474 /**
|
|
475 * Free the rdata associated with a given resource record.
|
|
476 */
|
|
477 static void
|
|
478 mdns_free_rr_rdata(unsigned short type, void *rdata)
|
|
479 {
|
|
480 switch (type) {
|
|
481 case RENDEZVOUS_RRTYPE_NULL:
|
|
482 case RENDEZVOUS_RRTYPE_PTR:
|
|
483 g_free(rdata);
|
|
484 break;
|
|
485
|
|
486 case RENDEZVOUS_RRTYPE_TXT:
|
|
487 g_hash_table_destroy(rdata);
|
|
488 break;
|
|
489 }
|
|
490 }
|
|
491
|
|
492 /**
|
|
493 * Free a given question
|
|
494 */
|
|
495 static void
|
|
496 mdns_free_q(Question *q)
|
|
497 {
|
|
498 g_free(q->name);
|
|
499 }
|
|
500
|
|
501 /**
|
|
502 * Free a given resource record.
|
|
503 */
|
|
504 static void
|
|
505 mdns_free_rr(ResourceRecord *rr)
|
|
506 {
|
|
507 g_free(rr->name);
|
|
508 mdns_free_rr_rdata(rr->type, rr->rdata);
|
|
509 }
|
|
510
|
|
511 void
|
|
512 mdns_free(DNSPacket *dns)
|
|
513 {
|
|
514 int i;
|
|
515
|
|
516 for (i = 0; i < dns->header.numquestions; i++)
|
|
517 mdns_free_q(&dns->questions[i]);
|
|
518 for (i = 0; i < dns->header.numanswers; i++)
|
|
519 mdns_free_rr(&dns->answers[i]);
|
|
520 for (i = 0; i < dns->header.numauthority; i++)
|
|
521 mdns_free_rr(&dns->authority[i]);
|
|
522 for (i = 0; i < dns->header.numadditional; i++)
|
|
523 mdns_free_rr(&dns->additional[i]);
|
|
524
|
|
525 g_free(dns->questions);
|
|
526 g_free(dns->answers);
|
|
527 g_free(dns->authority);
|
|
528 g_free(dns->additional);
|
|
529 g_free(dns);
|
|
530 }
|