Lines Matching +full:ipv4 +full:- +full:multi +full:- +full:target
21 * SPDX-License-Identifier: curl
96 * the QNAME-encoding of the hostname. in doh_req_encode()
98 * A valid DNS name may not contain a zero-length label, except at in doh_req_encode()
104 * QNAME-encoding is one byte longer than the hostname. If (as is in doh_req_encode()
106 * trailing dot, then its QNAME-encoding will be two bytes longer in doh_req_encode()
113 * representing the zero-length root label, again increasing in doh_req_encode()
120 if(host[hostlen-1]!='.') in doh_req_encode()
147 labellen = dot - hostp; in doh_req_encode()
155 /* label is non-empty, process it */ in doh_req_encode()
165 *dnsp++ = 0; /* append zero-length label for root */ in doh_req_encode()
172 *dnsp++ = DNS_CLASS_IN; /* IN - "the Internet" */ in doh_req_encode()
174 *olen = dnsp - orig; in doh_req_encode()
214 /* called from multi.c when this DoH transfer is complete */
219 data = Curl_multi_get_handle(doh->multi, doh->set.dohfor_mid); in doh_done()
222 " not found", doh->set.dohfor_mid)); in doh_done()
226 struct doh_probes *dohp = data->req.doh; in doh_done()
228 dohp->pending--; in doh_done()
229 infof(doh, "a DoH request is completed, %u to go", dohp->pending); in doh_done()
233 if(!dohp->pending) { in doh_done()
253 const char *url, CURLM *multi, in doh_run_probe() argument
259 DOHcode d = doh_req_encode(host, dnstype, p->req_body, sizeof(p->req_body), in doh_run_probe()
260 &p->req_body_len); in doh_run_probe()
266 p->dnstype = dnstype; in doh_run_probe()
267 Curl_dyn_init(&p->resp_body, DYN_DOH_RESPONSE); in doh_run_probe()
281 doh->state.internal = TRUE; in doh_run_probe()
283 doh->state.feat = &Curl_doh_trc; in doh_run_probe()
288 ERROR_CHECK_SETOPT(CURLOPT_WRITEDATA, &p->resp_body); in doh_run_probe()
289 ERROR_CHECK_SETOPT(CURLOPT_POSTFIELDS, p->req_body); in doh_run_probe()
290 ERROR_CHECK_SETOPT(CURLOPT_POSTFIELDSIZE, (long)p->req_body_len); in doh_run_probe()
304 ERROR_CHECK_SETOPT(CURLOPT_SHARE, (CURLSH *)data->share); in doh_run_probe()
305 if(data->set.err && data->set.err != stderr) in doh_run_probe()
306 ERROR_CHECK_SETOPT(CURLOPT_STDERR, data->set.err); in doh_run_probe()
309 if(data->set.no_signal) in doh_run_probe()
313 data->set.doh_verifyhost ? 2L : 0L); in doh_run_probe()
315 data->set.doh_verifypeer ? 1L : 0L); in doh_run_probe()
317 data->set.doh_verifystatus ? 1L : 0L); in doh_run_probe()
320 best-guess as to which options are needed for compatibility. #3661 in doh_run_probe()
327 if(data->set.ssl.falsestart) in doh_run_probe()
329 if(data->set.str[STRING_SSL_CAFILE]) { in doh_run_probe()
331 data->set.str[STRING_SSL_CAFILE]); in doh_run_probe()
333 if(data->set.blobs[BLOB_CAINFO]) { in doh_run_probe()
335 data->set.blobs[BLOB_CAINFO]); in doh_run_probe()
337 if(data->set.str[STRING_SSL_CAPATH]) { in doh_run_probe()
339 data->set.str[STRING_SSL_CAPATH]); in doh_run_probe()
341 if(data->set.str[STRING_SSL_CRLFILE]) { in doh_run_probe()
343 data->set.str[STRING_SSL_CRLFILE]); in doh_run_probe()
345 if(data->set.ssl.certinfo) in doh_run_probe()
347 if(data->set.ssl.fsslctx) in doh_run_probe()
348 ERROR_CHECK_SETOPT(CURLOPT_SSL_CTX_FUNCTION, data->set.ssl.fsslctx); in doh_run_probe()
349 if(data->set.ssl.fsslctxp) in doh_run_probe()
350 ERROR_CHECK_SETOPT(CURLOPT_SSL_CTX_DATA, data->set.ssl.fsslctxp); in doh_run_probe()
351 if(data->set.fdebug) in doh_run_probe()
352 ERROR_CHECK_SETOPT(CURLOPT_DEBUGFUNCTION, data->set.fdebug); in doh_run_probe()
353 if(data->set.debugdata) in doh_run_probe()
354 ERROR_CHECK_SETOPT(CURLOPT_DEBUGDATA, data->set.debugdata); in doh_run_probe()
355 if(data->set.str[STRING_SSL_EC_CURVES]) { in doh_run_probe()
357 data->set.str[STRING_SSL_EC_CURVES]); in doh_run_probe()
362 (data->set.ssl.enable_beast ? in doh_run_probe()
364 (data->set.ssl.no_revoke ? in doh_run_probe()
366 (data->set.ssl.no_partialchain ? in doh_run_probe()
368 (data->set.ssl.revoke_best_effort ? in doh_run_probe()
370 (data->set.ssl.native_ca_store ? in doh_run_probe()
372 (data->set.ssl.auto_client_cert ? in doh_run_probe()
378 doh->set.fmultidone = doh_done; in doh_run_probe()
379 doh->set.dohfor_mid = data->mid; /* for which transfer this is done */ in doh_run_probe()
385 DEBUGASSERT(!doh->set.private_data); in doh_run_probe()
387 if(curl_multi_add_handle(multi, doh)) in doh_run_probe()
390 p->easy_mid = doh->mid; in doh_run_probe()
395 p->easy_mid = -1; in doh_run_probe()
411 struct connectdata *conn = data->conn; in Curl_doh()
423 DEBUGASSERT(!data->req.doh); in Curl_doh()
427 dohp = data->req.doh = calloc(1, sizeof(struct doh_probes)); in Curl_doh()
432 dohp->probe[i].easy_mid = -1; in Curl_doh()
435 conn->bits.doh = TRUE; in Curl_doh()
436 dohp->host = hostname; in Curl_doh()
437 dohp->port = port; in Curl_doh()
438 dohp->req_hds = in Curl_doh()
440 "Content-Type: application/dns-message"); in Curl_doh()
441 if(!dohp->req_hds) in Curl_doh()
444 /* create IPv4 DoH request */ in Curl_doh()
445 result = doh_run_probe(data, &dohp->probe[DOH_SLOT_IPV4], in Curl_doh()
446 DNS_TYPE_A, hostname, data->set.str[STRING_DOH], in Curl_doh()
447 data->multi, dohp->req_hds); in Curl_doh()
450 dohp->pending++; in Curl_doh()
453 if((conn->ip_version != CURL_IPRESOLVE_V4) && Curl_ipv6works(data)) { in Curl_doh()
455 result = doh_run_probe(data, &dohp->probe[DOH_SLOT_IPV6], in Curl_doh()
456 DNS_TYPE_AAAA, hostname, data->set.str[STRING_DOH], in Curl_doh()
457 data->multi, dohp->req_hds); in Curl_doh()
460 dohp->pending++; in Curl_doh()
469 * where the additional request does not match the pre-cooked data in Curl_doh()
471 * in a non-ECH use-case. For the present, we will only make the in Curl_doh()
476 if(data->set.tls_ech & CURLECH_ENABLE in Curl_doh()
477 || data->set.tls_ech & CURLECH_HARD) { in Curl_doh()
484 result = doh_run_probe(data, &dohp->probe[DOH_SLOT_HTTPS_RR], in Curl_doh()
485 DNS_TYPE_HTTPS, qname, data->set.str[STRING_DOH], in Curl_doh()
486 data->multi, dohp->req_hds); in Curl_doh()
490 dohp->pending++; in Curl_doh()
549 if(d->numaddr < DOH_MAX_ADDR) { in doh_store_a()
550 struct dohaddr *a = &d->addr[d->numaddr]; in doh_store_a()
551 a->type = DNS_TYPE_A; in doh_store_a()
552 memcpy(&a->ip.v4, &doh[index], 4); in doh_store_a()
553 d->numaddr++; in doh_store_a()
561 if(d->numaddr < DOH_MAX_ADDR) { in doh_store_aaaa()
562 struct dohaddr *a = &d->addr[d->numaddr]; in doh_store_aaaa()
563 a->type = DNS_TYPE_AAAA; in doh_store_aaaa()
564 memcpy(&a->ip.v6, &doh[index], 16); in doh_store_aaaa()
565 d->numaddr++; in doh_store_aaaa()
574 if(d->numhttps_rrs < DOH_MAX_HTTPS) { in doh_store_https()
575 struct dohhttps_rr *h = &d->https_rrs[d->numhttps_rrs]; in doh_store_https()
576 h->val = Curl_memdup(&doh[index], len); in doh_store_https()
577 if(!h->val) in doh_store_https()
579 h->len = len; in doh_store_https()
580 d->numhttps_rrs++; in doh_store_https()
593 if(d->numcname == DOH_MAX_CNAME) in doh_store_cname()
596 c = &d->cname[d->numcname++]; in doh_store_cname()
629 } while(length && --loop); in doh_store_cname()
644 - A (TYPE 1): 4 bytes in doh_rdata()
645 - AAAA (TYPE 28): 16 bytes in doh_rdata()
646 - NS (TYPE 2): N bytes in doh_rdata()
647 - HTTPS (TYPE 65): N bytes */ in doh_rdata()
687 de->ttl = INT_MAX; in de_init()
689 Curl_dyn_init(&de->cname[i], DYN_DOH_CNAME); in de_init()
724 qdcount--; in doh_resp_decode()
758 if(ttl < d->ttl) in doh_resp_decode()
759 d->ttl = ttl; in doh_resp_decode()
774 ancount--; in doh_resp_decode()
796 nscount--; in doh_resp_decode()
818 arcount--; in doh_resp_decode()
825 if((type != DNS_TYPE_NS) && !d->numcname && !d->numaddr && !d->numhttps_rrs) in doh_resp_decode()
827 if((type != DNS_TYPE_NS) && !d->numcname && !d->numaddr) in doh_resp_decode()
840 infof(data, "[DoH] TTL: %u seconds", d->ttl); in doh_show()
841 for(i = 0; i < d->numaddr; i++) { in doh_show()
842 const struct dohaddr *a = &d->addr[i]; in doh_show()
843 if(a->type == DNS_TYPE_A) { in doh_show()
845 a->ip.v4[0], a->ip.v4[1], in doh_show()
846 a->ip.v4[2], a->ip.v4[3]); in doh_show()
848 else if(a->type == DNS_TYPE_AAAA) { in doh_show()
853 len = sizeof(buffer) - len; in doh_show()
856 msnprintf(ptr, len, "%s%02x%02x", j ? ":" : "", d->addr[i].ip.v6[j], in doh_show()
857 d->addr[i].ip.v6[j + 1]); in doh_show()
859 len -= l; in doh_show()
866 for(i = 0; i < d->numhttps_rrs; i++) { in doh_show()
869 d->https_rrs[i].val, d->https_rrs[i].len); in doh_show()
871 infof(data, "DoH HTTPS RR: length %d", d->https_rrs[i].len); in doh_show()
875 for(i = 0; i < d->numcname; i++) { in doh_show()
876 infof(data, "CNAME: %s", Curl_dyn_ptr(&d->cname[i])); in doh_show()
889 * a IPv6 stack, but usable also for IPv4, all hosts and environments.
908 size_t hostlen = strlen(hostname) + 1; /* include null-terminator */ in doh2ai()
912 if(!de->numaddr) in doh2ai()
915 for(i = 0; i < de->numaddr; i++) { in doh2ai()
918 if(de->addr[i].type == DNS_TYPE_AAAA) { in doh2ai()
937 ai->ai_addr = (void *)((char *)ai + sizeof(struct Curl_addrinfo)); in doh2ai()
938 ai->ai_canonname = (void *)((char *)ai->ai_addr + ss_size); in doh2ai()
939 memcpy(ai->ai_canonname, hostname, hostlen); in doh2ai()
947 prevai->ai_next = ai; in doh2ai()
949 ai->ai_family = addrtype; in doh2ai()
952 the type must be ignored and conn->socktype be used instead! */ in doh2ai()
953 ai->ai_socktype = SOCK_STREAM; in doh2ai()
955 ai->ai_addrlen = (curl_socklen_t)ss_size; in doh2ai()
959 switch(ai->ai_family) { in doh2ai()
961 addr = (void *)ai->ai_addr; /* storage area for this info */ in doh2ai()
962 DEBUGASSERT(sizeof(struct in_addr) == sizeof(de->addr[i].ip.v4)); in doh2ai()
963 memcpy(&addr->sin_addr, &de->addr[i].ip.v4, sizeof(struct in_addr)); in doh2ai()
965 addr->sin_family = (short)addrtype; in doh2ai()
967 addr->sin_family = addrtype; in doh2ai()
969 addr->sin_port = htons((unsigned short)port); in doh2ai()
974 addr6 = (void *)ai->ai_addr; /* storage area for this info */ in doh2ai()
975 DEBUGASSERT(sizeof(struct in6_addr) == sizeof(de->addr[i].ip.v6)); in doh2ai()
976 memcpy(&addr6->sin6_addr, &de->addr[i].ip.v6, sizeof(struct in6_addr)); in doh2ai()
978 addr6->sin6_family = (short)addrtype; in doh2ai()
980 addr6->sin6_family = addrtype; in doh2ai()
982 addr6->sin6_port = htons((unsigned short)port); in doh2ai()
1020 for(i = 0; i < d->numcname; i++) { in de_cleanup()
1021 Curl_dyn_free(&d->cname[i]); in de_cleanup()
1024 for(i = 0; i < d->numhttps_rrs; i++) in de_cleanup()
1025 Curl_safefree(d->https_rrs[i].val); in de_cleanup()
1039 * https://tools.ietf.org/html/rfc1035#section-3.1
1043 * that is why it is an "unsigned char **" :-)
1065 /* special case - return "." as name */ in doh_decode_rdata_name()
1079 rem -= (clen + 1); in doh_decode_rdata_name()
1087 *remaining = rem - 1; in doh_decode_rdata_name()
1096 * spec here is as per draft-ietf-dnsop-svcb-https, section-7.1.1 in doh_decode_rdata_alpn()
1099 * output is comma-sep list of the strings in doh_decode_rdata_alpn()
1103 * backslash - same goes for a backslash character, and of course in doh_decode_rdata_alpn()
1104 * we need to use two backslashes in strings when we mean one;-) in doh_decode_rdata_alpn()
1123 remaining--; in doh_decode_rdata_alpn()
1135 remaining -= (int)tlen; in doh_decode_rdata_alpn()
1151 /* we will use an example from draft-ietf-dnsop-svcb, figure 10 */ in doh_test_alpn_escapes()
1189 lhrr->val = Curl_memdup(rrval, len); in doh_resp_decode_httpsrr()
1190 if(!lhrr->val) in doh_resp_decode_httpsrr()
1192 lhrr->len = len; in doh_resp_decode_httpsrr()
1195 lhrr->priority = (uint16_t)((cp[0] << 8) + cp[1]); in doh_resp_decode_httpsrr()
1197 remaining -= (uint16_t)2; in doh_resp_decode_httpsrr()
1200 lhrr->target = dnsname; in doh_resp_decode_httpsrr()
1206 remaining -= 4; in doh_resp_decode_httpsrr()
1208 if(doh_decode_rdata_alpn(cp, plen, &lhrr->alpns) != CURLE_OK) in doh_resp_decode_httpsrr()
1212 lhrr->no_def_alpn = TRUE; in doh_resp_decode_httpsrr()
1216 lhrr->ipv4hints = Curl_memdup(cp, plen); in doh_resp_decode_httpsrr()
1217 if(!lhrr->ipv4hints) in doh_resp_decode_httpsrr()
1219 lhrr->ipv4hints_len = (size_t)plen; in doh_resp_decode_httpsrr()
1224 lhrr->echconfiglist = Curl_memdup(cp, plen); in doh_resp_decode_httpsrr()
1225 if(!lhrr->echconfiglist) in doh_resp_decode_httpsrr()
1227 lhrr->echconfiglist_len = (size_t)plen; in doh_resp_decode_httpsrr()
1232 lhrr->ipv6hints = Curl_memdup(cp, plen); in doh_resp_decode_httpsrr()
1233 if(!lhrr->ipv6hints) in doh_resp_decode_httpsrr()
1235 lhrr->ipv6hints_len = (size_t)plen; in doh_resp_decode_httpsrr()
1239 remaining -= plen; in doh_resp_decode_httpsrr()
1247 Curl_safefree(lhrr->target); in doh_resp_decode_httpsrr()
1248 Curl_safefree(lhrr->echconfiglist); in doh_resp_decode_httpsrr()
1249 Curl_safefree(lhrr->val); in doh_resp_decode_httpsrr()
1250 Curl_safefree(lhrr->alpns); in doh_resp_decode_httpsrr()
1261 infof(data, "HTTPS RR: priority %d, target: %s", in doh_print_httpsrr()
1262 hrr->priority, hrr->target); in doh_print_httpsrr()
1263 if(hrr->alpns) in doh_print_httpsrr()
1264 infof(data, "HTTPS RR: alpns %s", hrr->alpns); in doh_print_httpsrr()
1267 if(hrr->no_def_alpn) in doh_print_httpsrr()
1271 if(hrr->ipv4hints) { in doh_print_httpsrr()
1273 hrr->ipv4hints, hrr->ipv4hints_len); in doh_print_httpsrr()
1277 if(hrr->echconfiglist) { in doh_print_httpsrr()
1279 hrr->echconfiglist, hrr->echconfiglist_len); in doh_print_httpsrr()
1283 if(hrr->ipv6hints) { in doh_print_httpsrr()
1285 hrr->ipv6hints, hrr->ipv6hints_len); in doh_print_httpsrr()
1298 struct doh_probes *dohp = data->req.doh; in Curl_doh_is_resolved()
1303 if(dohp->probe[DOH_SLOT_IPV4].easy_mid < 0 && in Curl_doh_is_resolved()
1304 dohp->probe[DOH_SLOT_IPV6].easy_mid < 0) { in Curl_doh_is_resolved()
1305 failf(data, "Could not DoH-resolve: %s", data->state.async.hostname); in Curl_doh_is_resolved()
1306 return CONN_IS_PROXIED(data->conn) ? CURLE_COULDNT_RESOLVE_PROXY : in Curl_doh_is_resolved()
1309 else if(!dohp->pending) { in Curl_doh_is_resolved()
1315 /* remove DoH handles from multi handle and close them */ in Curl_doh_is_resolved()
1320 struct doh_probe *p = &dohp->probe[slot]; in Curl_doh_is_resolved()
1321 if(!p->dnstype) in Curl_doh_is_resolved()
1323 rc[slot] = doh_resp_decode(Curl_dyn_uptr(&p->resp_body), in Curl_doh_is_resolved()
1324 Curl_dyn_len(&p->resp_body), in Curl_doh_is_resolved()
1325 p->dnstype, &de); in Curl_doh_is_resolved()
1326 Curl_dyn_free(&p->resp_body); in Curl_doh_is_resolved()
1330 doh_type2name(p->dnstype), dohp->host); in Curl_doh_is_resolved()
1343 infof(data, "[DoH] hostname: %s", dohp->host); in Curl_doh_is_resolved()
1347 result = doh2ai(&de, dohp->host, dohp->port, &ai); in Curl_doh_is_resolved()
1353 if(data->share) in Curl_doh_is_resolved()
1357 dns = Curl_cache_addr(data, ai, dohp->host, 0, dohp->port, FALSE); in Curl_doh_is_resolved()
1359 if(data->share) in Curl_doh_is_resolved()
1367 data->state.async.dns = dns; in Curl_doh_is_resolved()
1373 /* Now process any build-specific attributes retrieved from DNS */ in Curl_doh_is_resolved()
1377 result = doh_resp_decode_httpsrr(de.https_rrs->val, de.https_rrs->len, in Curl_doh_is_resolved()
1387 (*dnsp)->hinfo = hrr; in Curl_doh_is_resolved()
1396 } /* !dohp->pending */ in Curl_doh_is_resolved()
1404 struct doh_probes *doh = data->req.doh; in Curl_doh_close()
1405 if(doh && data->multi) { in Curl_doh_close()
1410 mid = doh->probe[slot].easy_mid; in Curl_doh_close()
1413 doh->probe[slot].easy_mid = -1; in Curl_doh_close()
1414 /* should have been called before data is removed from multi handle */ in Curl_doh_close()
1415 DEBUGASSERT(data->multi); in Curl_doh_close()
1416 probe_data = data->multi ? Curl_multi_get_handle(data->multi, mid) : in Curl_doh_close()
1421 doh->probe[slot].easy_mid)); in Curl_doh_close()
1424 /* data->multi might already be reset at this time */ in Curl_doh_close()
1425 curl_multi_remove_handle(data->multi, probe_data); in Curl_doh_close()
1433 struct doh_probes *doh = data->req.doh; in Curl_doh_cleanup()
1436 curl_slist_free_all(doh->req_hds); in Curl_doh_cleanup()
1437 data->req.doh->req_hds = NULL; in Curl_doh_cleanup()
1438 Curl_safefree(data->req.doh); in Curl_doh_cleanup()