Add marking of DNS sockets for mark based routing
Adds an extra mark parameter to android_getaddrinfoforiface,
android_gethostbyaddrforiface and android_gethostbynameforiface that if set
will cause all packets sent by DNS requests to have that mark
Change-Id: I6f72390e4ce5bfc3cc73183f9b2fb3705a11685f
diff --git a/libc/include/netdb.h b/libc/include/netdb.h
index 3ea512c..62a7a3c 100644
--- a/libc/include/netdb.h
+++ b/libc/include/netdb.h
@@ -207,13 +207,13 @@
void endservent(void);
void freehostent(struct hostent *);
struct hostent *gethostbyaddr(const void *, socklen_t, int);
-struct hostent *android_gethostbyaddrforiface(const void *, socklen_t, int, const char*);
+struct hostent *android_gethostbyaddrforiface(const void *, socklen_t, int, const char*, int);
int gethostbyaddr_r(const void *, int, int, struct hostent *, char *, size_t, struct hostent **, int *);
struct hostent *gethostbyname(const char *);
int gethostbyname_r(const char *, struct hostent *, char *, size_t, struct hostent **, int *);
struct hostent *gethostbyname2(const char *, int);
int gethostbyname2_r(const char *, int, struct hostent *, char *, size_t, struct hostent **, int *);
-struct hostent *android_gethostbynameforiface(const char *, int, const char *);
+struct hostent *android_gethostbynameforiface(const char *, int, const char *, int);
struct hostent *gethostent(void);
int gethostent_r(struct hostent *, char *, size_t, struct hostent **, int *);
struct hostent *getipnodebyaddr(const void *, size_t, int, int *);
@@ -241,9 +241,9 @@
void setnetent(int);
void setprotoent(int);
int getaddrinfo(const char *, const char *, const struct addrinfo *, struct addrinfo **);
-int android_getaddrinfoforiface(const char *, const char *, const struct addrinfo *, const char *, struct addrinfo **);
+int android_getaddrinfoforiface(const char *, const char *, const struct addrinfo *, const char *, int, struct addrinfo **);
int getnameinfo(const struct sockaddr *, socklen_t, char *, size_t, char *, size_t, int);
-int android_getnameinfoforiface(const struct sockaddr *, socklen_t, char *, size_t, char *, size_t, int, const char *);
+int android_getnameinfoforiface(const struct sockaddr *, socklen_t, char *, size_t, char *, size_t, int, const char *, int);
void freeaddrinfo(struct addrinfo *);
const char *gai_strerror(int);
void setnetgrent(const char *);
diff --git a/libc/netbsd/gethnamaddr.c b/libc/netbsd/gethnamaddr.c
index ee5052e..5b2f987 100644
--- a/libc/netbsd/gethnamaddr.c
+++ b/libc/netbsd/gethnamaddr.c
@@ -126,7 +126,7 @@
static int _dns_gethtbyaddr(void *, void *, va_list);
static int _dns_gethtbyname(void *, void *, va_list);
-static struct hostent *gethostbyname_internal(const char *, int, res_state, const char *);
+static struct hostent *gethostbyname_internal(const char *, int, res_state, const char *, int);
static const ns_src default_dns_files[] = {
{ NSSRC_FILES, NS_SUCCESS },
@@ -497,13 +497,13 @@
/* try IPv6 first - if that fails do IPv4 */
if (res->options & RES_USE_INET6) {
- hp = gethostbyname_internal(name, AF_INET6, res, NULL);
+ hp = gethostbyname_internal(name, AF_INET6, res, NULL, 0);
if (hp) {
__res_put_state(res);
return hp;
}
}
- hp = gethostbyname_internal(name, AF_INET, res, NULL);
+ hp = gethostbyname_internal(name, AF_INET, res, NULL, 0);
__res_put_state(res);
return hp;
}
@@ -511,18 +511,18 @@
struct hostent *
gethostbyname2(const char *name, int af)
{
- return android_gethostbynameforiface(name, af, NULL);
+ return android_gethostbynameforiface(name, af, NULL, 0);
}
struct hostent *
-android_gethostbynameforiface(const char *name, int af, const char *iface)
+android_gethostbynameforiface(const char *name, int af, const char *iface, int mark)
{
struct hostent *hp;
res_state res = __res_get_state();
if (res == NULL)
return NULL;
- hp = gethostbyname_internal(name, af, res, iface);
+ hp = gethostbyname_internal(name, af, res, iface, mark);
__res_put_state(res);
return hp;
}
@@ -741,7 +741,7 @@
// very similar in proxy-ness to android_getaddrinfo_proxy
static struct hostent *
-gethostbyname_internal(const char *name, int af, res_state res, const char *iface)
+gethostbyname_internal(const char *name, int af, res_state res, const char *iface, int mark)
{
const char *cache_mode = getenv("ANDROID_DNS_MODE");
FILE* proxy = NULL;
@@ -749,6 +749,7 @@
if (cache_mode != NULL && strcmp(cache_mode, "local") == 0) {
res_setiface(res, iface);
+ res_setmark(res, mark);
return gethostbyname_internal_real(name, af, res);
}
@@ -780,7 +781,7 @@
struct hostent *
android_gethostbyaddrforiface_proxy(const void *addr,
- socklen_t len, int af, const char* iface)
+ socklen_t len, int af, const char* iface, int mark)
{
struct hostent *result = NULL;
FILE* proxy = android_open_proxy();
@@ -810,7 +811,7 @@
struct hostent *
android_gethostbyaddrforiface_real(const void *addr,
- socklen_t len, int af, const char* iface)
+ socklen_t len, int af, const char* iface, int mark)
{
const u_char *uaddr = (const u_char *)addr;
socklen_t size;
@@ -858,28 +859,28 @@
hp = NULL;
h_errno = NETDB_INTERNAL;
if (nsdispatch(&hp, dtab, NSDB_HOSTS, "gethostbyaddr",
- default_dns_files, uaddr, len, af, iface) != NS_SUCCESS)
+ default_dns_files, uaddr, len, af, iface, mark) != NS_SUCCESS)
return NULL;
h_errno = NETDB_SUCCESS;
return hp;
}
struct hostent *
-android_gethostbyaddrforiface(const void *addr, socklen_t len, int af, const char* iface)
+android_gethostbyaddrforiface(const void *addr, socklen_t len, int af, const char* iface, int mark)
{
const char *cache_mode = getenv("ANDROID_DNS_MODE");
if (cache_mode == NULL || strcmp(cache_mode, "local") != 0) {
- return android_gethostbyaddrforiface_proxy(addr, len, af, iface);
+ return android_gethostbyaddrforiface_proxy(addr, len, af, iface, mark);
} else {
- return android_gethostbyaddrforiface_real(addr,len, af,iface);
+ return android_gethostbyaddrforiface_real(addr,len, af, iface, mark);
}
}
struct hostent *
gethostbyaddr(const void *addr, socklen_t len, int af)
{
- return android_gethostbyaddrforiface(addr, len, af, NULL);
+ return android_gethostbyaddrforiface(addr, len, af, NULL, 0);
}
@@ -1315,6 +1316,7 @@
int len, af, advance;
res_state res;
const char* iface;
+ int mark;
res_static rs = __res_get_static();
assert(rv != NULL);
@@ -1323,6 +1325,7 @@
len = va_arg(ap, int);
af = va_arg(ap, int);
iface = va_arg(ap, char *);
+ mark = va_arg(ap, int);
switch (af) {
case AF_INET:
@@ -1365,6 +1368,7 @@
return NS_NOTFOUND;
}
res_setiface(res, iface);
+ res_setmark(res, mark);
n = res_nquery(res, qbuf, C_IN, T_PTR, buf->buf, sizeof(buf->buf));
if (n < 0) {
free(buf);
diff --git a/libc/netbsd/net/getaddrinfo.c b/libc/netbsd/net/getaddrinfo.c
index 401bc6e..0a5e436 100644
--- a/libc/netbsd/net/getaddrinfo.c
+++ b/libc/netbsd/net/getaddrinfo.c
@@ -214,7 +214,7 @@
static int str2number(const char *);
static int explore_fqdn(const struct addrinfo *, const char *,
- const char *, struct addrinfo **, const char *iface);
+ const char *, struct addrinfo **, const char *iface, int mark);
static int explore_null(const struct addrinfo *,
const char *, struct addrinfo **);
static int explore_numeric(const struct addrinfo *, const char *,
@@ -577,12 +577,12 @@
getaddrinfo(const char *hostname, const char *servname,
const struct addrinfo *hints, struct addrinfo **res)
{
- return android_getaddrinfoforiface(hostname, servname, hints, NULL, res);
+ return android_getaddrinfoforiface(hostname, servname, hints, NULL, 0, res);
}
int
android_getaddrinfoforiface(const char *hostname, const char *servname,
- const struct addrinfo *hints, const char *iface, struct addrinfo **res)
+ const struct addrinfo *hints, const char *iface, int mark, struct addrinfo **res)
{
struct addrinfo sentinel;
struct addrinfo *cur;
@@ -761,7 +761,7 @@
pai->ai_protocol = ex->e_protocol;
error = explore_fqdn(pai, hostname, servname,
- &cur->ai_next, iface);
+ &cur->ai_next, iface, mark);
while (cur && cur->ai_next)
cur = cur->ai_next;
@@ -794,7 +794,7 @@
*/
static int
explore_fqdn(const struct addrinfo *pai, const char *hostname,
- const char *servname, struct addrinfo **res, const char *iface)
+ const char *servname, struct addrinfo **res, const char *iface, int mark)
{
struct addrinfo *result;
struct addrinfo *cur;
@@ -820,7 +820,7 @@
return 0;
switch (nsdispatch(&result, dtab, NSDB_HOSTS, "getaddrinfo",
- default_dns_files, hostname, pai, iface)) {
+ default_dns_files, hostname, pai, iface, mark)) {
case NS_TRYAGAIN:
error = EAI_AGAIN;
goto free;
@@ -1889,10 +1889,12 @@
struct res_target q, q2;
res_state res;
const char* iface;
+ int mark;
name = va_arg(ap, char *);
pai = va_arg(ap, const struct addrinfo *);
iface = va_arg(ap, char *);
+ mark = va_arg(ap, int);
//fprintf(stderr, "_dns_getaddrinfo() name = '%s'\n", name);
memset(&q, 0, sizeof(q));
@@ -1980,6 +1982,7 @@
* and have a cache hit that would be wasted, so we do the rest there on miss
*/
res_setiface(res, iface);
+ res_setmark(res, mark);
if (res_searchN(name, &q, res) < 0) {
__res_put_state(res);
free(buf);
diff --git a/libc/netbsd/net/getnameinfo.c b/libc/netbsd/net/getnameinfo.c
index ade5240..15d2675 100644
--- a/libc/netbsd/net/getnameinfo.c
+++ b/libc/netbsd/net/getnameinfo.c
@@ -93,7 +93,7 @@
};
static int getnameinfo_inet(const struct sockaddr *, socklen_t, char *,
- socklen_t, char *, socklen_t, int, const char*);
+ socklen_t, char *, socklen_t, int, const char*, int);
#ifdef INET6
static int ip6_parsenumeric(const struct sockaddr *, const char *, char *,
socklen_t, int);
@@ -108,16 +108,16 @@
*/
int getnameinfo(const struct sockaddr* sa, socklen_t salen, char* host, size_t hostlen, char* serv, size_t servlen, int flags)
{
- return android_getnameinfoforiface(sa, salen, host, hostlen, serv, servlen, flags, NULL);
+ return android_getnameinfoforiface(sa, salen, host, hostlen, serv, servlen, flags, NULL, 0);
}
-int android_getnameinfoforiface(const struct sockaddr* sa, socklen_t salen, char* host, size_t hostlen, char* serv, size_t servlen, int flags, const char* iface)
+int android_getnameinfoforiface(const struct sockaddr* sa, socklen_t salen, char* host, size_t hostlen, char* serv, size_t servlen, int flags, const char* iface, int mark)
{
switch (sa->sa_family) {
case AF_INET:
case AF_INET6:
return getnameinfo_inet(sa, salen, host, hostlen,
- serv, servlen, flags, iface);
+ serv, servlen, flags, iface, mark);
case AF_LOCAL:
return getnameinfo_local(sa, salen, host, hostlen,
serv, servlen, flags);
@@ -158,10 +158,10 @@
* the address. On failure -1 is returned in which case
* normal execution flow shall continue. */
static int
-android_gethostbyaddr_proxy(char* nameBuf, size_t nameBufLen, const void *addr, socklen_t addrLen, int addrFamily, const char* iface)
+android_gethostbyaddr_proxy(char* nameBuf, size_t nameBufLen, const void *addr, socklen_t addrLen, int addrFamily, const char* iface, int mark)
{
struct hostent *hostResult =
- android_gethostbyaddrforiface_proxy(addr, addrLen, addrFamily, iface);
+ android_gethostbyaddrforiface_proxy(addr, addrLen, addrFamily, iface, mark);
if (hostResult == NULL) return 0;
@@ -179,7 +179,7 @@
getnameinfo_inet(const struct sockaddr* sa, socklen_t salen,
char *host, socklen_t hostlen,
char *serv, socklen_t servlen,
- int flags, const char* iface)
+ int flags, const char* iface, int mark)
{
const struct afd *afd;
struct servent *sp;
@@ -321,14 +321,15 @@
char android_proxy_buf[MAXDNAME];
int hostnamelen = android_gethostbyaddr_proxy(android_proxy_buf,
- MAXDNAME, addr, afd->a_addrlen, afd->a_af, iface);
+ MAXDNAME, addr, afd->a_addrlen, afd->a_af, iface, mark);
if (hostnamelen > 0) {
hp = &android_proxy_hostent;
hp->h_name = android_proxy_buf;
} else if (!hostnamelen) {
hp = NULL;
} else {
- hp = android_gethostbyaddrforiface(addr, afd->a_addrlen, afd->a_af, iface);
+ hp = android_gethostbyaddrforiface(addr, afd->a_addrlen, afd->a_af,
+ iface, mark);
}
if (hp) {
diff --git a/libc/netbsd/resolv/res_init.c b/libc/netbsd/resolv/res_init.c
index ff65299..ceb412b 100644
--- a/libc/netbsd/resolv/res_init.c
+++ b/libc/netbsd/resolv/res_init.c
@@ -806,4 +806,11 @@
}
}
}
+
+void res_setmark(res_state statp, int mark)
+{
+ if (statp != NULL) {
+ statp->_mark = mark;
+ }
+}
#endif /* ANDROID_CHANGES */
diff --git a/libc/netbsd/resolv/res_send.c b/libc/netbsd/resolv/res_send.c
index 0bb5b6b..f65b015 100644
--- a/libc/netbsd/resolv/res_send.c
+++ b/libc/netbsd/resolv/res_send.c
@@ -762,10 +762,13 @@
if (statp->_vcsock >= 0 && (statp->_flags & RES_F_VC) != 0) {
struct sockaddr_storage peer;
socklen_t size = sizeof peer;
-
+ int old_mark;
+ int mark_size = sizeof(old_mark);
if (getpeername(statp->_vcsock,
(struct sockaddr *)(void *)&peer, &size) < 0 ||
- !sock_eq((struct sockaddr *)(void *)&peer, nsap)) {
+ !sock_eq((struct sockaddr *)(void *)&peer, nsap) ||
+ getsockopt(statp->_vcsock, SOL_SOCKET, SO_MARK, &old_mark, &mark_size) < 0 ||
+ old_mark != statp->_mark) {
res_nclose(statp);
statp->_flags &= ~RES_F_VC;
}
@@ -795,6 +798,14 @@
return (-1);
}
}
+ if (statp->_mark != 0) {
+ if (setsockopt(statp->_vcsock, SOL_SOCKET,
+ SO_MARK, &statp->_mark, sizeof(statp->_mark)) < 0) {
+ *terrno = errno;
+ Perror(statp, stderr, "setsockopt", errno);
+ return -1;
+ }
+ }
errno = 0;
if (random_bind(statp->_vcsock,nsap->sa_family) < 0) {
*terrno = errno;
@@ -1070,6 +1081,14 @@
return (-1);
}
}
+
+ if (statp->_mark != 0) {
+ if (setsockopt(EXT(statp).nssocks[ns], SOL_SOCKET,
+ SO_MARK, &(statp->_mark), sizeof(statp->_mark)) < 0) {
+ res_nclose(statp);
+ return -1;
+ }
+ }
#ifndef CANNOT_CONNECT_DGRAM
/*
* On a 4.3BSD+ machine (client and server,
@@ -1097,6 +1116,7 @@
#endif /* !CANNOT_CONNECT_DGRAM */
Dprint(statp->options & RES_DEBUG,
(stdout, ";; new DG socket\n"))
+
}
s = EXT(statp).nssocks[ns];
#ifndef CANNOT_CONNECT_DGRAM
diff --git a/libc/private/resolv_private.h b/libc/private/resolv_private.h
index 0e799ca..61db8c8 100644
--- a/libc/private/resolv_private.h
+++ b/libc/private/resolv_private.h
@@ -175,6 +175,7 @@
res_send_qhook qhook; /* query hook */
res_send_rhook rhook; /* response hook */
int res_h_errno; /* last one set for this context */
+ int _mark; /* If non-0 SET_MARK to _mark on all request sockets */
int _vcsock; /* PRIVATE: for res_send VC i/o */
u_int _flags; /* PRIVATE: see below */
u_int _pad; /* make _u 64 bit aligned */
@@ -496,6 +497,7 @@
union res_sockaddr_union *, int);
void res_setiface();
+void res_setmark();
u_int res_randomid(void);
__END_DECLS
