aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHajimu UMEMOTO <ume@FreeBSD.org>2001-06-10 20:25:24 +0000
committerHajimu UMEMOTO <ume@FreeBSD.org>2001-06-10 20:25:24 +0000
commitce6282db3bc7b3deae846fd0757214c3814d3041 (patch)
tree262ae419994b75015819bd1f21a102e4d30832d2
parent4fd6d738cbd07b99a7e44d839aee592c9beea91f (diff)
downloadsrc-ce6282db3bc7b3deae846fd0757214c3814d3041.tar.gz
src-ce6282db3bc7b3deae846fd0757214c3814d3041.zip
Implement EDNS0 support, as EDNS0 support will be made mandatory for
IPv6 transport-ready resolvers/DNS servers. Need careful configuration when enable it. (default config is not affected). See manpage for details. XXX visible symbol __res_opt() is added, however, it is not supposed to be called from outside, libc minor is not bumped. Obtained from: KAME/NetBSD
Notes
Notes: svn path=/head/; revision=78012
-rw-r--r--include/arpa/nameser.h1
-rw-r--r--include/arpa/nameser_compat.h1
-rw-r--r--include/resolv.h4
-rw-r--r--lib/libc/net/getaddrinfo.c6
-rw-r--r--lib/libc/net/res_debug.c4
-rw-r--r--lib/libc/net/res_init.c2
-rw-r--r--lib/libc/net/res_mkquery.c37
-rw-r--r--lib/libc/net/res_query.c2
-rw-r--r--lib/libc/net/resolver.315
-rw-r--r--share/examples/IPv6/USAGE34
10 files changed, 104 insertions, 2 deletions
diff --git a/include/arpa/nameser.h b/include/arpa/nameser.h
index 3e09c912ddac..343e6416a402 100644
--- a/include/arpa/nameser.h
+++ b/include/arpa/nameser.h
@@ -273,6 +273,7 @@ typedef enum __ns_type {
ns_t_srv = 33, /* Server Selection. */
ns_t_atma = 34, /* ATM Address */
ns_t_naptr = 35, /* Naming Authority PoinTeR */
+ ns_t_opt = 41, /* OPT pseudo-RR, RFC2761 */
/* Query type values which do not appear in resource records. */
ns_t_ixfr = 251, /* Incremental zone transfer. */
ns_t_axfr = 252, /* Transfer zone of authority. */
diff --git a/include/arpa/nameser_compat.h b/include/arpa/nameser_compat.h
index 850fb8a0890d..232179730fe5 100644
--- a/include/arpa/nameser_compat.h
+++ b/include/arpa/nameser_compat.h
@@ -173,6 +173,7 @@ typedef struct {
#define T_SRV ns_t_srv
#define T_ATMA ns_t_atma
#define T_NAPTR ns_t_naptr
+#define T_OPT ns_t_opt
#define T_IXFR ns_t_ixfr
#define T_AXFR ns_t_axfr
#define T_MAILB ns_t_mailb
diff --git a/include/resolv.h b/include/resolv.h
index 4a0cf7470aba..a076c7e0fdd9 100644
--- a/include/resolv.h
+++ b/include/resolv.h
@@ -150,6 +150,8 @@ struct __res_state_ext {
#define RES_NOALIASES 0x00001000 /* shuts off HOSTALIASES feature */
#define RES_USE_INET6 0x00002000 /* use/map IPv6 in gethostbyname() */
#define RES_NOTLDQUERY 0x00004000 /* Don't query TLD names */
+/* KAME extensions: use higher bit to avoid conflict with ISC use */
+#define RES_USE_EDNS0 0x40000000 /* use EDNS0 */
#define RES_DEFAULT (RES_RECURSE | RES_DEFNAMES | RES_DNSRCH)
@@ -249,6 +251,7 @@ extern const struct res_sym __p_type_syms[];
#define res_nameinquery __res_nameinquery
#define res_queriesmatch __res_queriesmatch
#define res_close __res_close
+#define res_opt __res_opt
#define res_mkupdate __res_mkupdate
#define res_mkupdrec __res_mkupdrec
#define res_freeupdrec __res_freeupdrec
@@ -303,6 +306,7 @@ int res_nameinquery __P((const char *, int, int,
int res_queriesmatch __P((const u_char *, const u_char *,
const u_char *, const u_char *));
void res_close __P((void));
+int res_opt __P((int, u_char *, int, int));
const char * p_section __P((int, int));
/* XXX The following depend on the ns_updrec typedef in arpa/nameser.h */
#ifdef _ARPA_NAMESER_H_
diff --git a/lib/libc/net/getaddrinfo.c b/lib/libc/net/getaddrinfo.c
index c54b2521d4fc..8ff92c2024f1 100644
--- a/lib/libc/net/getaddrinfo.c
+++ b/lib/libc/net/getaddrinfo.c
@@ -79,7 +79,6 @@
* - other KAME platforms already nuked FAITH ($GAI), but as FreeBSD
* 4.0-RELEASE supplies it, we still have the code here.
* - AI_ADDRCONFIG support is supplied
- * - EDNS0 support is not available due to resolver differences
* - some of FreeBSD style (#define tabify and others)
* - classful IPv4 numeric (127.1) is allowed.
*/
@@ -101,6 +100,9 @@
#include <unistd.h>
#include <stdio.h>
#include <errno.h>
+#ifdef DEBUG
+#include <syslog.h>
+#endif
#include <syslog.h>
#include <stdarg.h>
@@ -1718,6 +1720,8 @@ res_queryN(name, target)
n = res_mkquery(QUERY, name, class, type, NULL, 0, NULL,
buf, sizeof(buf));
+ if (n > 0 && (_res.options & RES_USE_EDNS0) != 0)
+ n = res_opt(n, buf, sizeof(buf), anslen);
if (n <= 0) {
#ifdef DEBUG
if (_res.options & RES_DEBUG)
diff --git a/lib/libc/net/res_debug.c b/lib/libc/net/res_debug.c
index 16033f202ce0..b6ed1f539668 100644
--- a/lib/libc/net/res_debug.c
+++ b/lib/libc/net/res_debug.c
@@ -519,6 +519,10 @@ p_option(u_long option) {
case RES_DNSRCH: return "dnsrch";
case RES_INSECURE1: return "insecure1";
case RES_INSECURE2: return "insecure2";
+ case RES_NOALIASES: return "noaliases";
+ case RES_USE_INET6: return "inet6";
+ case RES_NOTLDQUERY: return "no-tld-query";
+ case RES_USE_EDNS0: return "edns0";
default: sprintf(nbuf, "?0x%lx?", (u_long)option);
return (nbuf);
}
diff --git a/lib/libc/net/res_init.c b/lib/libc/net/res_init.c
index 9203b695459a..035dd05b3563 100644
--- a/lib/libc/net/res_init.c
+++ b/lib/libc/net/res_init.c
@@ -532,6 +532,8 @@ res_setoptions(options, source)
_res.options |= RES_USE_INET6;
} else if (!strncmp(cp, "no_tld_query", sizeof("no_tld_query") - 1)) {
_res.options |= RES_NOTLDQUERY;
+ } else if (!strncmp(cp, "edns0", sizeof("edns0") - 1)) {
+ _res.options |= RES_USE_EDNS0;
} else {
/* XXX - print a warning here? */
}
diff --git a/lib/libc/net/res_mkquery.c b/lib/libc/net/res_mkquery.c
index 5ac662bd1432..6cbd37394b92 100644
--- a/lib/libc/net/res_mkquery.c
+++ b/lib/libc/net/res_mkquery.c
@@ -204,3 +204,40 @@ res_mkquery(op, dname, class, type, data, datalen, newrr_in, buf, buflen)
*/
#undef res_mkquery
__weak_reference(__res_mkquery, res_mkquery);
+
+/* attach OPT pseudo-RR, as documented in RFC2671 (EDNS0). */
+int
+res_opt(n0, buf, buflen, anslen)
+ int n0;
+ u_char *buf; /* buffer to put query */
+ int buflen; /* size of buffer */
+ int anslen; /* answer buffer length */
+{
+ register HEADER *hp;
+ register u_char *cp;
+
+ hp = (HEADER *) buf;
+ cp = buf + n0;
+ buflen -= n0;
+
+ if (buflen < 1 + RRFIXEDSZ)
+ return -1;
+
+ *cp++ = 0; /* "." */
+ buflen--;
+
+ __putshort(T_OPT, cp); /* TYPE */
+ cp += INT16SZ;
+ __putshort(anslen & 0xffff, cp); /* CLASS = UDP payload size */
+ cp += INT16SZ;
+ *cp++ = NOERROR; /* extended RCODE */
+ *cp++ = 0; /* EDNS version */
+ __putshort(0, cp); /* MBZ */
+ cp += INT16SZ;
+ __putshort(0, cp); /* RDLEN */
+ cp += INT16SZ;
+ hp->arcount = htons(ntohs(hp->arcount) + 1);
+ buflen -= RRFIXEDSZ;
+
+ return cp - buf;
+}
diff --git a/lib/libc/net/res_query.c b/lib/libc/net/res_query.c
index 0ee2ad2504ab..8a94a4205f72 100644
--- a/lib/libc/net/res_query.c
+++ b/lib/libc/net/res_query.c
@@ -129,6 +129,8 @@ res_query(name, class, type, answer, anslen)
n = res_mkquery(QUERY, name, class, type, NULL, 0, NULL,
buf, sizeof(buf));
+ if (n > 0 && (_res.options & RES_USE_EDNS0) != 0)
+ n = res_opt(n, buf, sizeof(buf), anslen);
if (n <= 0) {
#ifdef DEBUG
if (_res.options & RES_DEBUG)
diff --git a/lib/libc/net/resolver.3 b/lib/libc/net/resolver.3
index 1fb97f568be3..e06a5fd7c6ac 100644
--- a/lib/libc/net/resolver.3
+++ b/lib/libc/net/resolver.3
@@ -119,7 +119,7 @@ are defined in
and are as follows.
Options are stored as a simple bit mask containing the bitwise ``or''
of the options enabled.
-.Bl -tag -width RES_DEFNAMES
+.Bl -tag -width RES_USE_INET6
.It Dv RES_INIT
True if the initial name server address and default domain name are
initialized (i.e.,
@@ -176,6 +176,19 @@ This option is enabled by default.
This option turns off the user level aliasing feature controlled by the
.Dq Ev HOSTALIASES
environment variable. Network daemons should set this option.
+.It Dv RES_USE_INET6
+Enables support for IPv6-only applications.
+This causes IPv4 addresses to be returned as an IPv4 mapped address.
+For example, 10.1.1.1 will be returned as ::ffff:10.1.1.1.
+The option is meaningful with certain kernel configuration only.
+.It Dv RES_USE_EDNS0
+Enables support for OPT pseudo-RR for EDNS0 extension.
+With the option, resolver code will attach OPT pseudo-RR into DNS queries,
+to inform of our receive buffer size.
+The option will allow DNS servers to take advantage of non-default receive
+buffer size, and to send larger replies.
+DNS query packets with EDNS0 extension is not compatible with
+non-EDNS0 DNS servers.
.El
.Pp
The
diff --git a/share/examples/IPv6/USAGE b/share/examples/IPv6/USAGE
index f9122c2725d4..5a02037569f4 100644
--- a/share/examples/IPv6/USAGE
+++ b/share/examples/IPv6/USAGE
@@ -626,4 +626,38 @@ Configuration at Host-A:
-E rc5-cbc "kamekame"
-A hmac-md5 "this is the test" ;
+<<<EDNS0>>>
+
+EDNS0 is defined in RFC2671. With EDNS0, the resolver library can tell DNS
+server of its receiving buffer size, and permit DNS server to transmit large
+reply packet. EDNS0 is necessary to take advantage of larger minimum MTU
+in IPv6. KAME libinet6 includes resolver side support for EDNS0.
+Server side support for EDNS0 is included in ISC BIND9.
+
+ query packet with EDNS0
+ tells receive buffer size
+KAME box -----------------------------> BIND9 DNS server
+KAME box <----------------------------- BIND9 DNS server
+ can transmit jumbo reply, since DNS server
+ knows receive buffer size of KAME box
+
+How to play with it:
+- prepare KAME box and BIND9 DNS server (can be a same node)
+- add the following into /etc/resolv.conf on KAME box:
+ options edns0 <--- enables EDNS0
+ nameserver <IPv4 or v6 address of BIND9 box>
+- run applications compiled with libinet6 (like /usr/local/v6/bin/telnet),
+ see EDNS0 packet fly on the wire by tcpdump or some other method.
+
+Caveats:
+- BIND 4/8 DNS server will choke with EDNS0 packet, so you must not
+ turn the option on if you have BIND 4/8 DNS server. If you enable
+ "options edns0" against BIND 4/8 DNS server, you will never be able
+ to resolve names.
+- If you use IPv6 UDP as DNS transport, path MTU discovery may
+ affect the traffic. KAME box tries to fragment packet to 1280
+ bytes, however, BIND9 may not.
+- Some of our platforms do not use our extended resolver code in libinet6.
+ See COVERAGE for detail.
+
<end of USAGE>