mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-07-26 04:20:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Use DNS implementation from Musl Libc

Browse source 
Now that our socket system call polyfills are good enough to support
Musl's DNS library we should be using that rather than the barebones
domain name system implementation we rolled on our own. There's many
benefits to making this change. So many, that I myself wouldn't feel
qualified to enumerate them all. The Musl DNS code had to be changed
in order to support Windows of course, which looks very solid so far
This commit is contained in:
Justine Tunney 2023-12-28 22:58:17 -08:00
parent 1a28e35c62
commit 43fe5956ad
No known key found for this signature in database
GPG key ID: BE714B4575D6E328
146 changed files with 2646 additions and 7190 deletions
Download patch file Download diff file Expand all files Collapse all files

1
tool/build/BUILD.mk
View file

@ -26,7 +26,6 @@ TOOL_BUILD_DIRECTDEPS = \
DSP_SCALE \
DSP_TTY \
LIBC_CALLS \
LIBC_DNS \
LIBC_ELF \
LIBC_FMT \
LIBC_INTRIN \

14
tool/build/runit.c
View file

@ -23,10 +23,8 @@
#include "libc/calls/struct/sigaction.h"
#include "libc/calls/struct/stat.h"
#include "libc/calls/struct/timespec.h"
#include "libc/dns/dns.h"
#include "libc/errno.h"
#include "libc/fmt/libgen.h"
#include "libc/serialize.h"
#include "libc/intrin/kprintf.h"
#include "libc/intrin/safemacros.internal.h"
#include "libc/limits.h"
@ -35,6 +33,7 @@
#include "libc/mem/gc.h"
#include "libc/mem/mem.h"
#include "libc/runtime/runtime.h"
#include "libc/serialize.h"
#include "libc/sock/ipclassify.internal.h"
#include "libc/stdio/stdio.h"
#include "libc/str/str.h"
@ -53,6 +52,7 @@
#include "net/https/https.h"
#include "third_party/mbedtls/net_sockets.h"
#include "third_party/mbedtls/ssl.h"
#include "third_party/musl/netdb.h"
#include "third_party/zlib/zlib.h"
#include "tool/build/lib/eztls.h"
#include "tool/build/lib/psk.h"
@ -154,15 +154,16 @@ void Connect(void) {
FATALF("%s:%hu: EAI_%s %m", g_hostname, g_runitdport, gai_strerror(rc));
__builtin_unreachable();
}
ip4 = (const char *)&ai->ai_addr4->sin_addr;
if (ispublicip(ai->ai_family, &ai->ai_addr4->sin_addr)) {
ip4 = (const char *)&((struct sockaddr_in *)ai->ai_addr)->sin_addr;
if (ispublicip(ai->ai_family,
&((struct sockaddr_in *)ai->ai_addr)->sin_addr)) {
FATALF("%s points to %hhu.%hhu.%hhu.%hhu"
" which isn't part of a local/private/testing subnet",
g_hostname, ip4[0], ip4[1], ip4[2], ip4[3]);
__builtin_unreachable();
}
DEBUGF("connecting to %d.%d.%d.%d port %d", ip4[0], ip4[1], ip4[2], ip4[3],
ntohs(ai->ai_addr4->sin_port));
ntohs(((struct sockaddr_in *)ai->ai_addr)->sin_port));
CHECK_NE(-1,
(g_sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol)));
expo = INITIAL_CONNECT_TIMEOUT;
@ -185,7 +186,8 @@ TryAgain:
expo *= 1.5;
if (timespec_cmp(timespec_real(), deadline) >= 0) {
FATALF("timeout connecting to %s (%hhu.%hhu.%hhu.%hhu:%d)", g_hostname,
ip4[0], ip4[1], ip4[2], ip4[3], ntohs(ai->ai_addr4->sin_port));
ip4[0], ip4[1], ip4[2], ip4[3],
ntohs(((struct sockaddr_in *)ai->ai_addr)->sin_port));
__builtin_unreachable();
}
goto TryAgain;

4
tool/curl/BUILD.mk
View file

@ -14,7 +14,6 @@ TOOL_CURL_OBJS = $(TOOL_CURL_SRCS:%.c=o/$(MODE)/%.o)
TOOL_CURL_DIRECTDEPS = \
LIBC_CALLS \
LIBC_DNS \
LIBC_FMT \
LIBC_INTRIN \
LIBC_LOG \
@ -29,7 +28,8 @@ TOOL_CURL_DIRECTDEPS = \
NET_HTTP \
NET_HTTPS \
THIRD_PARTY_GETOPT \
THIRD_PARTY_MBEDTLS
THIRD_PARTY_MBEDTLS \
THIRD_PARTY_MUSL
TOOL_CURL_DEPS := \
$(call uniq,$(foreach x,$(TOOL_CURL_DIRECTDEPS),$($(x))))

4
tool/curl/curl.c
View file

@ -11,7 +11,6 @@
#include "libc/calls/calls.h"
#include "libc/calls/struct/iovec.h"
#include "libc/calls/struct/timeval.h"
#include "libc/dns/dns.h"
#include "libc/errno.h"
#include "libc/fmt/itoa.h"
#include "libc/fmt/magnumstrs.internal.h"
@ -41,6 +40,7 @@
#include "third_party/mbedtls/net_sockets.h"
#include "third_party/mbedtls/ssl.h"
#include "third_party/mbedtls/x509.h"
#include "third_party/musl/netdb.h"
/**
* @fileoverview Downloads HTTP URL to stdout.
@ -332,7 +332,7 @@ int _curl(int argc, char *argv[]) {
.ai_socktype = SOCK_STREAM,
.ai_protocol = IPPROTO_TCP,
.ai_flags = AI_NUMERICSERV};
if (getaddrinfo(host, port, &hints, &addr) != EAI_SUCCESS) {
if (getaddrinfo(host, port, &hints, &addr) != 0) {
tinyprint(2, prog, ": could not resolve host: ", host, "\n", NULL);
exit(1);
}

4
tool/decode/lib/bitabuilder.h
View file

@ -1,12 +1,12 @@
#ifndef COSMOPOLITAN_TOOL_DECODE_LIB_BITABUILDER_H_
#define COSMOPOLITAN_TOOL_DECODE_LIB_BITABUILDER_H_
#include "libc/stdio/stdio.h"
COSMOPOLITAN_C_START_
struct FILE;
struct BitaBuilder;
struct BitaBuilder *bitabuilder_new(void);
bool bitabuilder_setbit(struct BitaBuilder *, size_t);
bool bitabuilder_fwrite(const struct BitaBuilder *, struct FILE *);
bool bitabuilder_fwrite(const struct BitaBuilder *, FILE *);
void bitabuilder_free(struct BitaBuilder **);
COSMOPOLITAN_C_END_

4
tool/decode/lib/socknames.c
View file

@ -16,12 +16,12 @@
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/dns/dns.h"
#include "tool/decode/lib/socknames.h"
#include "libc/sock/sock.h"
#include "libc/sysv/consts/af.h"
#include "libc/sysv/consts/ipproto.h"
#include "libc/sysv/consts/sock.h"
#include "tool/decode/lib/socknames.h"
#include "third_party/musl/netdb.h"
const struct IdName kAddressFamilyNames[] = {
{AF_UNSPEC, "AF_UNSPEC"},

2
tool/hello/BUILD.mk
View file

@ -19,7 +19,7 @@ TOOL_HELLO_COMS = \
TOOL_HELLO_DIRECTDEPS = \
LIBC_CALLS \
LIBC_RUNTIME \
LIBC_RUNTIME
TOOL_HELLO_DEPS := \
$(call uniq,$(foreach x,$(TOOL_HELLO_DIRECTDEPS),$($(x))))

1
tool/net/BUILD.mk
View file

@ -32,7 +32,6 @@ TOOL_NET_CHECKS = \
TOOL_NET_DIRECTDEPS = \
DSP_SCALE \
LIBC_CALLS \
LIBC_DNS \
LIBC_FMT \
LIBC_INTRIN \
LIBC_LOG \

4
tool/net/dig.c
View file

@ -16,7 +16,6 @@
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/dns/dns.h"
#include "libc/log/log.h"
#include "libc/runtime/runtime.h"
#include "libc/sock/sock.h"
@ -25,6 +24,7 @@
#include "libc/sysv/consts/af.h"
#include "libc/sysv/consts/ipproto.h"
#include "libc/sysv/consts/sock.h"
#include "third_party/musl/netdb.h"
#include "tool/decode/lib/flagger.h"
#include "tool/decode/lib/idname.h"
#include "tool/decode/lib/socknames.h"
@ -34,7 +34,7 @@ void lookup(const char *name) {
struct addrinfo *ai = NULL;
struct addrinfo hint = {AI_NUMERICSERV, AF_INET, SOCK_STREAM, IPPROTO_TCP};
switch ((rc = getaddrinfo(name, "80", &hint, &ai))) {
case EAI_SUCCESS:
case 0:
break;
case EAI_SYSTEM:
perror("getaddrinfo");

2
tool/net/fetch.inc
View file

@ -238,7 +238,7 @@ static int LuaFetch(lua_State *L) {
* Perform DNS lookup.
*/
DEBUGF("(ftch) client resolving %s", host);
if ((rc = getaddrinfo(host, port, &hints, &addr)) != EAI_SUCCESS) {
if ((rc = getaddrinfo(host, port, &hints, &addr)) != 0) {
return LuaNilError(L, "getaddrinfo(%s:%s) error: EAI_%s %s", host, port,
gai_strerror(rc), strerror(errno));
}

9
tool/net/lfuncs.c
View file

@ -22,11 +22,9 @@
#include "libc/calls/struct/rusage.h"
#include "libc/calls/struct/stat.h"
#include "libc/calls/struct/timespec.h"
#include "libc/dns/dns.h"
#include "libc/errno.h"
#include "libc/fmt/itoa.h"
#include "libc/fmt/leb128.h"
#include "libc/serialize.h"
#include "libc/intrin/bsf.h"
#include "libc/intrin/bsr.h"
#include "libc/intrin/popcnt.h"
@ -41,6 +39,7 @@
#include "libc/nexgen32e/rdtsc.h"
#include "libc/nexgen32e/rdtscp.h"
#include "libc/runtime/runtime.h"
#include "libc/serialize.h"
#include "libc/sock/sock.h"
#include "libc/stdio/rand.h"
#include "libc/str/highwayhash64.h"
@ -70,6 +69,7 @@
#include "third_party/mbedtls/sha1.h"
#include "third_party/mbedtls/sha256.h"
#include "third_party/mbedtls/sha512.h"
#include "third_party/musl/netdb.h"
#include "third_party/zlib/zlib.h"
static int Rdpid(void) {
@ -558,8 +558,9 @@ int LuaResolveIp(lua_State *L) {
if ((ip = ParseIp(host, -1)) != -1) {
lua_pushinteger(L, ip);
return 1;
} else if ((rc = getaddrinfo(host, "0", &hint, &ai)) == EAI_SUCCESS) {
lua_pushinteger(L, ntohl(ai->ai_addr4->sin_addr.s_addr));
} else if ((rc = getaddrinfo(host, "0", &hint, &ai)) == 0) {
lua_pushinteger(
L, ntohl(((struct sockaddr_in *)ai->ai_addr)->sin_addr.s_addr));
freeaddrinfo(ai);
return 1;
} else {

102
tool/net/redbean.c
View file

@ -32,15 +32,12 @@
#include "libc/calls/struct/timespec.h"
#include "libc/calls/termios.h"
#include "libc/dce.h"
#include "libc/dns/dns.h"
#include "libc/dns/hoststxt.h"
#include "libc/dos.internal.h"
#include "libc/errno.h"
#include "libc/fmt/conv.h"
#include "libc/fmt/itoa.h"
#include "libc/fmt/wintime.internal.h"
#include "libc/intrin/atomic.h"
#include "libc/serialize.h"
#include "libc/intrin/bsr.h"
#include "libc/intrin/likely.h"
#include "libc/intrin/nomultics.internal.h"
@ -64,6 +61,7 @@
#include "libc/runtime/memtrack.internal.h"
#include "libc/runtime/runtime.h"
#include "libc/runtime/stack.h"
#include "libc/serialize.h"
#include "libc/sock/goodsocket.internal.h"
#include "libc/sock/sock.h"
#include "libc/sock/struct/pollfd.h"
@ -128,6 +126,7 @@
#include "third_party/mbedtls/ssl_ticket.h"
#include "third_party/mbedtls/x509.h"
#include "third_party/mbedtls/x509_crt.h"
#include "third_party/musl/netdb.h"
#include "third_party/zlib/zlib.h"
#include "tool/args/args.h"
#include "tool/build/lib/case.h"
@ -835,10 +834,10 @@ static void ProgramAddr(const char *addr) {
struct addrinfo *ai = NULL;
struct addrinfo hint = {AI_NUMERICSERV, AF_INET, SOCK_STREAM,
IPPROTO_TCP};
if ((rc = getaddrinfo(addr, "0", &hint, &ai)) != EAI_SUCCESS) {
if ((rc = getaddrinfo(addr, "0", &hint, &ai)) != 0) {
FATALF("(cfg) error: bad addr: %s (EAI_%s)", addr, gai_strerror(rc));
}
ip = ntohl(ai->ai_addr4->sin_addr.s_addr);
ip = ntohl(((struct sockaddr_in *)ai->ai_addr)->sin_addr.s_addr);
freeaddrinfo(ai);
} else {
FATALF("(cfg) error: ProgramAddr() needs an IP in MODE=tiny: %s", addr);
@ -1888,57 +1887,74 @@ static bool TlsSetup(void) {
static void ConfigureCertificate(mbedtls_x509write_cert *cw, struct Cert *ca,
int usage, int type) {
int r;
const char *s;
bool isduplicate;
size_t i, j, k, nsan;
struct mbedtls_san *san;
const struct HostsTxt *htxt;
char *name, *subject, *issuer, notbefore[16], notafter[16], hbuf[256];
san = 0;
nsan = 0;
name = 0;
htxt = GetHostsTxt();
strcpy(hbuf, "localhost");
gethostname(hbuf, sizeof(hbuf));
for (i = 0; i < htxt->entries.i; ++i) {
for (j = 0; j < ips.n; ++j) {
if (IsLoopbackIp(ips.p[j])) continue;
if (ips.p[j] == READ32BE(htxt->entries.p[i].ip)) {
isduplicate = false;
s = htxt->strings.p + htxt->entries.p[i].name;
if (!name) name = (void *)s;
for (k = 0; k < nsan; ++k) {
if (san[k].tag == MBEDTLS_X509_SAN_DNS_NAME &&
!strcasecmp(s, san[k].val)) {
isduplicate = true;
break;
}
}
if (!isduplicate) {
san = realloc(san, (nsan += 2) * sizeof(*san));
san[nsan - 2].tag = MBEDTLS_X509_SAN_DNS_NAME;
san[nsan - 2].val = s;
san[nsan - 1].tag = MBEDTLS_X509_SAN_DNS_NAME;
san[nsan - 1].val = _gc(xasprintf("*.%s", s));
int nsan = 0;
char *name = 0;
struct mbedtls_san *san = 0;
// for each ip address owned by this system
//
// 1. determine its full-qualified domain name
// 2. add subject alt name (san) entry to cert for hostname
// 3. add subject alt name (san) entry to cert for *.hostname
//
for (int i = 0; i < ips.n; ++i) {
uint32_t ip = ips.p[i];
if (IsLoopbackIp(ip)) continue;
char rname[NI_MAXHOST];
struct sockaddr_in addr4 = {AF_INET, 0, {htonl(ip)}};
if (getnameinfo((struct sockaddr *)&addr4, sizeof(addr4), rname,
sizeof(rname), 0, 0, NI_NAMEREQD) == 0) {
char *s = _gc(strdup(rname));
if (!name) name = s;
bool isduplicate = false;
for (int j = 0; j < nsan; ++j) {
if (san[j].tag == MBEDTLS_X509_SAN_DNS_NAME &&
!strcasecmp(s, san[j].val)) {
isduplicate = true;
break;
}
}
if (!isduplicate) {
san = realloc(san, (nsan += 2) * sizeof(*san));
san[nsan - 2].tag = MBEDTLS_X509_SAN_DNS_NAME;
san[nsan - 2].val = s;
san[nsan - 1].tag = MBEDTLS_X509_SAN_DNS_NAME;
san[nsan - 1].val = _gc(xasprintf("*.%s", s));
}
}
}
for (i = 0; i < ips.n; ++i) {
if (IsLoopbackIp(ips.p[i])) continue;
// add san entry to cert for each ip address owned by system
for (int i = 0; i < ips.n; ++i) {
uint32_t ip = ips.p[i];
if (IsLoopbackIp(ip)) continue;
san = realloc(san, ++nsan * sizeof(*san));
san[nsan - 1].tag = MBEDTLS_X509_SAN_IP_ADDRESS;
san[nsan - 1].ip4 = ips.p[i];
san[nsan - 1].ip4 = ip;
}
char notbefore[16], notafter[16];
ChooseCertificateLifetime(notbefore, notafter);
subject = xasprintf("CN=%s", name ? name : hbuf);
// pick common name for certificate
char hbuf[256];
if (!name) {
strcpy(hbuf, "localhost");
gethostname(hbuf, sizeof(hbuf));
name = hbuf;
}
char *subject = xasprintf("CN=%s", name);
// pick issuer name for certificate
char *issuer;
if (ca) {
issuer = calloc(1, 1000);
CHECK_GT(mbedtls_x509_dn_gets(issuer, 1000, &ca->cert->subject), 0);
} else {
issuer = strdup(subject);
}
// call the mbedtls apis
int r;
if ((r = mbedtls_x509write_crt_set_subject_alternative_name(cw, san, nsan)) ||
(r = mbedtls_x509write_crt_set_validity(cw, notbefore, notafter)) ||
(r = mbedtls_x509write_crt_set_basic_constraints(cw, false, -1)) ||
@ -7444,8 +7460,6 @@ void RedBean(int argc, char *argv[]) {
#ifdef STATIC
EventLoop(timespec_tomillis(heartbeatinterval));
#else
GetHostsTxt(); // for effect
GetResolvConf(); // for effect
if (daemonize || uniprocess || !linenoiseIsTerminal()) {
EventLoop(timespec_tomillis(heartbeatinterval));
} else {

1
tool/net/winbench.c
View file

@ -13,7 +13,6 @@
#include "libc/calls/struct/sigaction.h"
#include "libc/calls/struct/timespec.h"
#include "libc/dce.h"
#include "libc/dns/dns.h"
#include "libc/errno.h"
#include "libc/fmt/conv.h"
#include "libc/intrin/kprintf.h"

1
tool/viz/BUILD.mk
View file

@ -21,7 +21,6 @@ TOOL_VIZ_DIRECTDEPS = \
DSP_SCALE \
DSP_TTY \
LIBC_CALLS \
LIBC_DNS \
LIBC_FMT \
LIBC_INTRIN \
LIBC_LOG \

1
tool/viz/printvideo.c
View file

@ -38,7 +38,6 @@
#include "libc/calls/termios.h"
#include "libc/calls/ucontext.h"
#include "libc/cxxabi.h"
#include "libc/dns/dns.h"
#include "libc/errno.h"
#include "libc/fmt/conv.h"
#include "libc/fmt/itoa.h"