net ads dns gethostbyname seems to fail in the self-test environment

Richard Sharpe realrichardsharpe at gmail.com
Thu Apr 28 15:36:27 UTC 2016


Hi folks,

I am seeing net ads dns gethostbyname <server> <name> fail in the
selftest environment.

That code does:

DNS_ERROR do_gethostbyname(const char *server, const char *host)
{
        struct dns_connection *conn = NULL;
        struct dns_request *req, *resp;
        DNS_ERROR err;

        err = dns_open_connection(server, DNS_UDP, NULL, &conn);
        if (!ERR_DNS_IS_OK(err)) goto error;

        err = dns_create_query(conn, host, QTYPE_A, DNS_CLASS_IN, &req);
        if (!ERR_DNS_IS_OK(err)) goto error;

        err = dns_transaction(conn, conn, req, &resp);

 error:
        TALLOC_FREE(conn);
        return err;
}

After opening the 'connection', the UDP version does this:

        RecvAddrLen = sizeof(RecvAddr);
        if (getpeername(conn->s,
                        (struct sockaddr *)&RecvAddr,
                        &RecvAddrLen) == -1) {
                return ERROR_DNS_CONNECTION_FAILED;
        }

        conn->hType = DNS_UDP;
        memcpy(&conn->RecvAddr, &RecvAddr, sizeof(struct sockaddr_storage));

which saves the recipient sockaddr structure.

Then dns_transaction is called which calls dns_send which calls
dns_send_udp which does the following:

        do {
                ret = sendto(conn->s, buf->data, buf->offset, 0,
                     (struct sockaddr *)&conn->RecvAddr,
                     sizeof(conn->RecvAddr));
        } while ((ret == -1) && (errno == EINTR));

Now, in the socket wrapper environment, if we get a sendto on a UDP
socket that is connected and we have a dest address, we return
EISCONN, which is almost correct, and causes the net ads dns
gethostbyname code to fail.

What I think we should do is to compare the destination address to the
one passed in and if they are the same, then don't reject the request.
If they are different, maybe still return EISCONN.

However, our next problem will be that sendto on a UNIX socket with a
dest address will also fail with EINVAL, so we need to further simply
not supply the dest address in that case.

Does this sound like a reasonable analysis of what the problem is and
the solution?

I would really like to create some tests for the net ads dns code so I
want to get this resolved.


-- 
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)



More information about the samba-technical mailing list