From owner-freebsd-net@FreeBSD.ORG Sat Nov 8 16:29:25 2008 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 562ED106567A for ; Sat, 8 Nov 2008 16:29:25 +0000 (UTC) (envelope-from ume@mahoroba.org) Received: from asuka.mahoroba.org (unknown [IPv6:2001:2f0:104:8010::1]) by mx1.freebsd.org (Postfix) with ESMTP id DD7508FC12 for ; Sat, 8 Nov 2008 16:29:24 +0000 (UTC) (envelope-from ume@mahoroba.org) Received: from kasuga.mahoroba.org (IDENT:uo7fobof0bKF250tFLCQcke7FGiwukNwBYa1Jw1+TFFFA47ZhHVJ6g4PIgfdP8Ac@kasuga.mahoroba.org [IPv6:2001:2f0:104:8010:20b:97ff:fe2e:b521]) (user=ume mech=CRAM-MD5 bits=0) by asuka.mahoroba.org (8.14.3/8.14.3) with ESMTP/inet6 id mA8GTGE5018336 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 9 Nov 2008 01:29:18 +0900 (JST) (envelope-from ume@mahoroba.org) Date: Sun, 09 Nov 2008 01:29:15 +0900 Message-ID: From: Hajimu UMEMOTO To: Luigi Rizzo In-Reply-To: <20081108151023.GA72747@onelab2.iet.unipi.it> References: <20081106192103.GA46651@onelab2.iet.unipi.it> <20081108151023.GA72747@onelab2.iet.unipi.it> User-Agent: xcite1.57> Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.8 (=?ISO-8859-4?Q?Shij=F2?=) APEL/10.7 Emacs/22.2 (i386-pc-freebsd) MULE/5.0 (SAKAKI) X-Operating-System: FreeBSD 7.1-PRERELEASE X-PGP-Key: http://www.imasy.or.jp/~ume/publickey.asc X-PGP-Fingerprint: 1F00 0B9E 2164 70FC 6DC5 BF5F 04E9 F086 BF90 71FE Organization: Internet Mutual Aid Society, YOKOHAMA MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0.1 (asuka.mahoroba.org [IPv6:2001:2f0:104:8010::1]); Sun, 09 Nov 2008 01:29:18 +0900 (JST) X-Virus-Scanned: by amavisd-new X-Virus-Status: Clean X-Spam-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on asuka.mahoroba.org Cc: net@freebsd.org Subject: Re: Two copies of resolver routines in libc ? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Nov 2008 16:29:25 -0000 Hi, >>>>> On Sat, 8 Nov 2008 16:10:23 +0100 >>>>> Luigi Rizzo said: rizzo> thanks for the answer and the effort for merging back the two copies. rizzo> I am looking at your proposed patch but i am not sure i understand it fully, rizzo> so i would be grateful if you could explain me a few things (btw i rizzo> am attaching a version of your patch constructed with 'diff -ubwp' rizzo> and couple of formatting changes to remove whitespace differences; rizzo> this should make the actual changes more evident): Yes, I did 'diff -ubwp' to check during making this patch. :-) rizzo> 1. i apologize for my ignorance, but i suppose there is a binding rizzo> between __res_nsearchN() and res_nsearchN(), and the same rizzo> for all function with and without the two leading __ . Where rizzo> is this binding established, as i don't see anything in the rizzo> diff that you sent. The function with leading `__' is libc internal function. Since, we need to call res_searchN() from getaddrinfo.c, I couldn't make it static. So, I renamed res_searchN() to __res_nsearchN(). The rest (res_queryN() and res_nquerydomainN()) are not called from outside of res_query.c. So, I made them static without leading `__'. rizzo> 2. res_*() now become wrappers around the newly introduced res_*N() rizzo> functions. While this approach removes the duplication, it does rizzo> not address the "ease further merge from ISC BIND" case, which rizzo> definitely sounded as a valid concern. Yes, it is annoying thing. The differences in res_nsearch() and res_nquerydomain() are trivial. But, res_nquery() is bit complicate. However, the diff is trivial with `diff -bw', as you did. I think it confuses us that there are two copies of the resolver functions, too. However, I'm not sure which is better merging the two or leaving it as it is. rizzo> So i wonder, what is it that prevents you from acting the other rizzo> way around, i.e. build the res_*N() around the existing res_*() rizzo> functions ? This way the original ISC code would really be rizzo> unmodified and perhaps the change would be even more confined. Unfortunately, it is impossible. We need to have `for loop' in res_nquery() to solve the query order problem. It is the reason to have a copy in getaddrinfo.c. rizzo> Does this constraint apply to all three functions (res_query, res_search, rizzo> res_nquerydomain) or only for a subset of them ? Yes, this constraint apply to all three functions. Since, the res_nquerydomain() and res_nsearch() call res_nquery(), we need to have the modified version of them to change to call res_nqueryN(). rizzo> From what i can tell, at least in res_nquery() rizzo> the only significant change seems to be the following rizzo> + if (n > anslen) rizzo> + hp->rcode = FORMERR; /* XXX not very informative */ rizzo> other than that it seems perfectly fine to implement res_nqueryN() rizzo> as a wrapper around the original res_nquery(). It is a check for buffer overflow vulnerability. At a later time, we enlarged the buffers for answer in netdb functions. So, perhaps, this check became useless. But, I leaved it as it is for safety. rizzo> For the other two functions rizzo> and the other one (trspping TRYAGAIN) seems perfectly suitable to rizzo> be implemented in rizzo> 2. i don't completely understand what is the additional functionality rizzo> in the resolver functions. You mention a 'query order problem' rizzo> but i don't exactly understand what it is and how the functional rizzo> change is implemented. As basic use of the resolver to query AAAA RR and A RR, the query order is: 1) Call res_nquery(hostname, T_A) for A RR 2) Call res_nquery(hostname, T_AAAA) for AAAA RR With regard of domain name completion and sort_list. Imagine querying hosta with example.org and example.com in search list. The query order will be: 1) Call res_nquery(hosta, T_A) Query T_A RR for hosta 2) Call res_nquery(hosta.example.org, T_A) Query T_A RR for hosta.example.org 3) Call res_nquery(hosta.example.com, T_A) Query T_A RR for hosta.example.com 4) Call res_nquery(hosta, T_AAAA) Query AAAA RR for hosta 5) Call res_nquery(hosta.example.org, T_AAAA) Query T_AAAA RR for hosta.example.org 6) Call res_nquery(hosta.example.com, T_AAAA) Query T_AAAA RR for hosta.example.com It may cause the problem where either example.org or example.com cannot reply correctly. With the change, the query order will be: 1) Call res_nqueryN(hosta, T_A and T_AAAA) Query T_A RR for hosta Query AAAA RR for hosta Query T_A RR for hosta.example.org Query T_AAAA RR for hosta.example.org Query T_A RR for hosta.example.com Query T_AAAA RR for hosta.example.com Sincerely, -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan ume@mahoroba.org ume@{,jp.}FreeBSD.org http://www.imasy.org/~ume/