From a81495004c196cdbf5d1f918eb1510dd325c8283 Mon Sep 17 00:00:00 2001 From: Sebastian Huber Date: Wed, 19 Sep 2018 08:55:35 +0200 Subject: mDNSResponder: Update to v765.50.9 The sources can be obtained via: https://opensource.apple.com/tarballs/mDNSResponder/mDNSResponder-765.50.9.tar.gz Update #3522. --- mDNSResponder/Makefile | 2 +- mDNSResponder/mDNSCore/DNSCommon.c | 2 +- mDNSResponder/mDNSCore/dnsproxy.c | 40 +++++++------- mDNSResponder/mDNSCore/dnsproxy.h | 4 +- mDNSResponder/mDNSCore/mDNS.c | 43 ++++++++------- mDNSResponder/mDNSCore/mDNSEmbeddedAPI.h | 25 +++++---- mDNSResponder/mDNSCore/uDNS.c | 2 +- mDNSResponder/mDNSMacOSX/daemon.c | 19 +++++++ mDNSResponder/mDNSMacOSX/mDNSMacOSX.c | 63 +++++++++------------- .../mDNSMacOSX/mDNSResponder-entitlements.plist | 10 ++++ mDNSResponder/mDNSMacOSX/mDNSResponder.sb | 4 +- mDNSResponder/mDNSShared/dns_sd.h | 2 +- mDNSResponder/mDNSShared/dnsextd.c | 4 +- mDNSResponder/mDNSShared/uds_daemon.c | 22 ++++---- 14 files changed, 133 insertions(+), 109 deletions(-) diff --git a/mDNSResponder/Makefile b/mDNSResponder/Makefile index ddf12f73..2b528d03 100644 --- a/mDNSResponder/Makefile +++ b/mDNSResponder/Makefile @@ -16,7 +16,7 @@ include $(MAKEFILEPATH)/pb_makefiles/platform.make -MVERS = "mDNSResponder-765.30.11" +MVERS = "mDNSResponder-765.50.9" DDNSWRITECONFIG = "$(DSTROOT)/Library/Application Support/Bonjour/ddnswriteconfig" VER = diff --git a/mDNSResponder/mDNSCore/DNSCommon.c b/mDNSResponder/mDNSCore/DNSCommon.c index a2b703f7..3ea9a307 100644 --- a/mDNSResponder/mDNSCore/DNSCommon.c +++ b/mDNSResponder/mDNSCore/DNSCommon.c @@ -513,7 +513,7 @@ mDNSexport char *GetRRDisplayString_rdb(const ResourceRecord *const rr, const RD length += mDNS_snprintf(buffer+length, RemSpc, "\t%s %s %d %d %s %s %d %##s ", DNSTypeName(swap16(rrsig->typeCovered)), DNSSECAlgName(rrsig->alg), rrsig->labels, swap32(rrsig->origTTL), - expTimeBuf, inceptTimeBuf, swap16(rrsig->keyTag), ((domainname *)(&rrsig->signerName))->c); + expTimeBuf, inceptTimeBuf, swap16(rrsig->keyTag), rrsig->signerName); len = DomainNameLength((domainname *)&rrsig->signerName); baseEncode(buffer + length, RemSpc, (const mDNSu8 *)(rd->data + len + RRSIG_FIXED_SIZE), diff --git a/mDNSResponder/mDNSCore/dnsproxy.c b/mDNSResponder/mDNSCore/dnsproxy.c index 5376d3c8..2afb59d1 100644 --- a/mDNSResponder/mDNSCore/dnsproxy.c +++ b/mDNSResponder/mDNSCore/dnsproxy.c @@ -494,11 +494,10 @@ done: FreeDNSProxyClient(pc); } -mDNSlocal void SendError(mDNS *const m, void *socket, void *const pkt, const mDNSu8 *const end, const mDNSAddr *dstaddr, +mDNSlocal void SendError(mDNS *const m, void *socket, DNSMessage *const msg, const mDNSu8 *const end, const mDNSAddr *dstaddr, const mDNSIPPort dstport, const mDNSInterfaceID InterfaceID, mDNSBool tcp, void *context, mDNSu8 rcode) { - int pktlen = (int)(end - (mDNSu8 *)pkt); - DNSMessage *msg = (DNSMessage *)pkt; + int pktlen = (int)(end - (mDNSu8 *)msg); // RFC 1035 requires that we copy the question back and RFC 2136 is okay with sending nothing // in the body or send back whatever we get for updates. It is easy to return whatever we get @@ -571,10 +570,9 @@ mDNSlocal mDNSBool CheckDNSProxyIpIntf(const mDNS *const m, mDNSInterfaceID Inte } -mDNSlocal void ProxyCallbackCommon(mDNS *const m, void *socket, void *const pkt, const mDNSu8 *const end, const mDNSAddr *const srcaddr, +mDNSlocal void ProxyCallbackCommon(mDNS *const m, void *socket, DNSMessage *const msg, const mDNSu8 *const end, const mDNSAddr *const srcaddr, const mDNSIPPort srcport, const mDNSAddr *dstaddr, const mDNSIPPort dstport, const mDNSInterfaceID InterfaceID, mDNSBool tcp, void *context) { - DNSMessage *msg = (DNSMessage *)pkt; mDNSu8 QR_OP; const mDNSu8 *ptr; DNSQuestion q, *qptr; @@ -594,9 +592,9 @@ mDNSlocal void ProxyCallbackCommon(mDNS *const m, void *socket, void *const pkt, return; } - if ((unsigned)(end - (mDNSu8 *)pkt) < sizeof(DNSMessageHeader)) + if ((unsigned)(end - (mDNSu8 *)msg) < sizeof(DNSMessageHeader)) { - debugf("ProxyCallbackCommon: DNS Message from %#a:%d to %#a:%d length %d too short", srcaddr, mDNSVal16(srcport), dstaddr, mDNSVal16(dstport), end - (mDNSu8 *)pkt); + debugf("ProxyCallbackCommon: DNS Message from %#a:%d to %#a:%d length %d too short", srcaddr, mDNSVal16(srcport), dstaddr, mDNSVal16(dstport), (int)(end - (mDNSu8 *)msg)); return; } @@ -604,7 +602,7 @@ mDNSlocal void ProxyCallbackCommon(mDNS *const m, void *socket, void *const pkt, if (QR_OP != kDNSFlag0_QR_Query) { LogInfo("ProxyCallbackCommon: Not a query(%d) for pkt from %#a:%d", QR_OP, srcaddr, mDNSVal16(srcport)); - SendError(m, socket, pkt, end, srcaddr, srcport, InterfaceID, tcp, context, kDNSFlag1_RC_NotImpl); + SendError(m, socket, msg, end, srcaddr, srcport, InterfaceID, tcp, context, kDNSFlag1_RC_NotImpl); return; } @@ -619,7 +617,7 @@ mDNSlocal void ProxyCallbackCommon(mDNS *const m, void *socket, void *const pkt, { LogInfo("ProxyCallbackCommon: Malformed pkt from %#a:%d, Q:%d, An:%d, Au:%d", srcaddr, mDNSVal16(srcport), msg->h.numQuestions, msg->h.numAnswers, msg->h.numAuthorities); - SendError(m, socket, pkt, end, srcaddr, srcport, InterfaceID, tcp, context, kDNSFlag1_RC_FormErr); + SendError(m, socket, msg, end, srcaddr, srcport, InterfaceID, tcp, context, kDNSFlag1_RC_FormErr); return; } ptr = msg->data; @@ -627,7 +625,7 @@ mDNSlocal void ProxyCallbackCommon(mDNS *const m, void *socket, void *const pkt, if (!ptr) { LogInfo("ProxyCallbackCommon: Question cannot be parsed for pkt from %#a:%d", srcaddr, mDNSVal16(srcport)); - SendError(m, socket, pkt, end, srcaddr, srcport, InterfaceID, tcp, context, kDNSFlag1_RC_FormErr); + SendError(m, socket, msg, end, srcaddr, srcport, InterfaceID, tcp, context, kDNSFlag1_RC_FormErr); return; } else @@ -732,21 +730,21 @@ mDNSlocal void ProxyCallbackCommon(mDNS *const m, void *socket, void *const pkt, mDNS_StartQuery(m, &pc->q); } -mDNSexport void ProxyUDPCallback(mDNS *const m, void *socket, void *const pkt, const mDNSu8 *const end, const mDNSAddr *const srcaddr, +mDNSexport void ProxyUDPCallback(mDNS *const m, void *socket, DNSMessage *const msg, const mDNSu8 *const end, const mDNSAddr *const srcaddr, const mDNSIPPort srcport, const mDNSAddr *dstaddr, const mDNSIPPort dstport, const mDNSInterfaceID InterfaceID, void *context) { - LogInfo("ProxyUDPCallback: DNS Message from %#a:%d to %#a:%d length %d", srcaddr, mDNSVal16(srcport), dstaddr, mDNSVal16(dstport), end - (mDNSu8 *)pkt); - ProxyCallbackCommon(m, socket, pkt, end, srcaddr, srcport, dstaddr, dstport, InterfaceID, mDNSfalse, context); + LogInfo("ProxyUDPCallback: DNS Message from %#a:%d to %#a:%d length %d", srcaddr, mDNSVal16(srcport), dstaddr, mDNSVal16(dstport), (int)(end - (mDNSu8 *)msg)); + ProxyCallbackCommon(m, socket, msg, end, srcaddr, srcport, dstaddr, dstport, InterfaceID, mDNSfalse, context); } -mDNSexport void ProxyTCPCallback(mDNS *const m, void *socket, void *const pkt, const mDNSu8 *const end, const mDNSAddr *const srcaddr, +mDNSexport void ProxyTCPCallback(mDNS *const m, void *socket, DNSMessage *const msg, const mDNSu8 *const end, const mDNSAddr *const srcaddr, const mDNSIPPort srcport, const mDNSAddr *dstaddr, const mDNSIPPort dstport, const mDNSInterfaceID InterfaceID, void *context) { - LogInfo("ProxyTCPCallback: DNS Message from %#a:%d to %#a:%d length %d", srcaddr, mDNSVal16(srcport), dstaddr, mDNSVal16(dstport), end - (mDNSu8 *)pkt); + LogInfo("ProxyTCPCallback: DNS Message from %#a:%d to %#a:%d length %d", srcaddr, mDNSVal16(srcport), dstaddr, mDNSVal16(dstport), (int)(end - (mDNSu8 *)msg)); // If the connection was closed from the other side or incoming packet does not match stored input interface list, locate the client // state and free it. - if (((end - (mDNSu8 *)pkt) == 0) || (!CheckDNSProxyIpIntf(m, InterfaceID))) + if (((end - (mDNSu8 *)msg) == 0) || (!CheckDNSProxyIpIntf(m, InterfaceID))) { DNSProxyClient **ppc = &DNSProxyClients; DNSProxyClient **prevpc; @@ -769,7 +767,7 @@ mDNSexport void ProxyTCPCallback(mDNS *const m, void *socket, void *const pkt, c FreeDNSProxyClient(*ppc); return; } - ProxyCallbackCommon(m, socket, pkt, end, srcaddr, srcport, dstaddr, dstport, InterfaceID, mDNStrue, context); + ProxyCallbackCommon(m, socket, msg, end, srcaddr, srcport, dstaddr, dstport, InterfaceID, mDNStrue, context); } mDNSexport void DNSProxyInit(mDNS *const m, mDNSu32 IpIfArr[MaxIp], mDNSu32 OpIf) @@ -799,11 +797,11 @@ mDNSexport void DNSProxyTerminate(mDNS *const m) } #else // UNICAST_DISABLED -mDNSexport void ProxyUDPCallback(mDNS *const m, void *socket, void *const pkt, const mDNSu8 *const end, const mDNSAddr *const srcaddr, const mDNSIPPort srcport, const mDNSAddr *dstaddr, const mDNSIPPort dstport, const mDNSInterfaceID InterfaceID, void *context) +mDNSexport void ProxyUDPCallback(mDNS *const m, void *socket, DNSMessage *const msg, const mDNSu8 *const end, const mDNSAddr *const srcaddr, const mDNSIPPort srcport, const mDNSAddr *dstaddr, const mDNSIPPort dstport, const mDNSInterfaceID InterfaceID, void *context) { (void) m; (void) socket; - (void) pkt; + (void) msg; (void) end; (void) srcaddr; (void) srcport; @@ -813,11 +811,11 @@ mDNSexport void ProxyUDPCallback(mDNS *const m, void *socket, void *const pkt, c (void) context; } -mDNSexport void ProxyTCPCallback(mDNS *const m, void *socket, void *const pkt, const mDNSu8 *const end, const mDNSAddr *const srcaddr, const mDNSIPPort srcport, const mDNSAddr *dstaddr, const mDNSIPPort dstport, const mDNSInterfaceID InterfaceID, void *context) +mDNSexport void ProxyTCPCallback(mDNS *const m, void *socket, DNSMessage *const msg, const mDNSu8 *const end, const mDNSAddr *const srcaddr, const mDNSIPPort srcport, const mDNSAddr *dstaddr, const mDNSIPPort dstport, const mDNSInterfaceID InterfaceID, void *context) { (void) m; (void) socket; - (void) pkt; + (void) msg; (void) end; (void) srcaddr; (void) srcport; diff --git a/mDNSResponder/mDNSCore/dnsproxy.h b/mDNSResponder/mDNSCore/dnsproxy.h index 8aa3d007..a2abdfbf 100644 --- a/mDNSResponder/mDNSCore/dnsproxy.h +++ b/mDNSResponder/mDNSCore/dnsproxy.h @@ -21,9 +21,9 @@ #include "mDNSEmbeddedAPI.h" #include "DNSCommon.h" -extern void ProxyUDPCallback(mDNS *const m, void *socket, void *const pkt, const mDNSu8 *const end, const mDNSAddr *const srcaddr, +extern void ProxyUDPCallback(mDNS *const m, void *socket, DNSMessage *const msg, const mDNSu8 *const end, const mDNSAddr *const srcaddr, const mDNSIPPort srcport, const mDNSAddr *dstaddr, const mDNSIPPort dstport, const mDNSInterfaceID InterfaceID, void *context); -extern void ProxyTCPCallback(mDNS *const m, void *socket, void *const pkt, const mDNSu8 *const end, const mDNSAddr *const srcaddr, +extern void ProxyTCPCallback(mDNS *const m, void *socket, DNSMessage *const msg, const mDNSu8 *const end, const mDNSAddr *const srcaddr, const mDNSIPPort srcport, const mDNSAddr *dstaddr, const mDNSIPPort dstport, const mDNSInterfaceID InterfaceID, void *context); extern void DNSProxyInit(mDNS *const m, mDNSu32 IpIfArr[MaxIp], mDNSu32 OpIf); extern void DNSProxyTerminate(mDNS *const m); diff --git a/mDNSResponder/mDNSCore/mDNS.c b/mDNSResponder/mDNSCore/mDNS.c index d1841a5e..a58a6c1a 100755 --- a/mDNSResponder/mDNSCore/mDNS.c +++ b/mDNSResponder/mDNSCore/mDNS.c @@ -6628,6 +6628,9 @@ mDNSlocal void BeginSleepProcessing(mDNS *const m) // which is okay because with no outstanding resolves, or updates in flight, // mDNSCoreReadyForSleep() will conclude correctly that all the updates have already completed + // Setting this flag activates the SleepLimit which delays sleep by 5 seconds and + // will allow the system to deregister any BTMM records. + m->NextScheduledSPRetry = m->timenow + (5 * mDNSPlatformOneSecond); registeredIntfIDS[registeredCount] = intf->InterfaceID; registeredCount++; } @@ -10524,12 +10527,12 @@ mDNSexport void MakeNegativeCacheRecord(mDNS *const m, CacheRecord *const cr, cr->responseFlags = ResponseFlags; } -mDNSexport void mDNSCoreReceive(mDNS *const m, void *const pkt, const mDNSu8 *const end, +mDNSexport void mDNSCoreReceive(mDNS *const m, DNSMessage *const msg, const mDNSu8 *const end, const mDNSAddr *const srcaddr, const mDNSIPPort srcport, const mDNSAddr *dstaddr, const mDNSIPPort dstport, const mDNSInterfaceID InterfaceID) { mDNSInterfaceID ifid = InterfaceID; - DNSMessage *msg = (DNSMessage *)pkt; + const mDNSu8 *const pkt = (mDNSu8 *)msg; const mDNSu8 StdQ = kDNSFlag0_QR_Query | kDNSFlag0_OP_StdQuery; const mDNSu8 StdR = kDNSFlag0_QR_Response | kDNSFlag0_OP_StdQuery; const mDNSu8 UpdQ = kDNSFlag0_QR_Query | kDNSFlag0_OP_Update; @@ -10546,7 +10549,7 @@ mDNSexport void mDNSCoreReceive(mDNS *const m, void *const pkt, const mDNSu8 *co if (mDNSSameIPPort(srcport, SSDPPort) || (m->SSDPSocket && mDNSSameIPPort(dstport, m->SSDPSocket->port))) { mDNS_Lock(m); - LNT_ConfigureRouterInfo(m, InterfaceID, pkt, (mDNSu16)(end - (mDNSu8 *)pkt)); + LNT_ConfigureRouterInfo(m, InterfaceID, (mDNSu8 *)msg, (mDNSu16)(end - pkt)); mDNS_Unlock(m); return; } @@ -10554,7 +10557,7 @@ mDNSexport void mDNSCoreReceive(mDNS *const m, void *const pkt, const mDNSu8 *co if (mDNSSameIPPort(srcport, NATPMPPort)) { mDNS_Lock(m); - uDNS_ReceiveNATPacket(m, InterfaceID, pkt, (mDNSu16)(end - (mDNSu8 *)pkt)); + uDNS_ReceiveNATPacket(m, InterfaceID, (mDNSu8 *)msg, (mDNSu16)(end - pkt)); mDNS_Unlock(m); return; } @@ -10564,9 +10567,9 @@ mDNSexport void mDNSCoreReceive(mDNS *const m, void *const pkt, const mDNSu8 *co #endif #endif - if ((unsigned)(end - (mDNSu8 *)pkt) < sizeof(DNSMessageHeader)) + if ((unsigned)(end - pkt) < sizeof(DNSMessageHeader)) { - LogMsg("DNS Message from %#a:%d to %#a:%d length %d too short", srcaddr, mDNSVal16(srcport), dstaddr, mDNSVal16(dstport), end - (mDNSu8 *)pkt); + LogMsg("DNS Message from %#a:%d to %#a:%d length %d too short", srcaddr, mDNSVal16(srcport), dstaddr, mDNSVal16(dstport), (int)(end - pkt)); return; } QR_OP = (mDNSu8)(msg->h.flags.b[0] & kDNSFlag0_QROP_Mask); @@ -10624,12 +10627,12 @@ mDNSexport void mDNSCoreReceive(mDNS *const m, void *const pkt, const mDNSu8 *co msgCount++; int i = 0; LogInfo("Unknown DNS packet type %02X%02X from %#-15a:%-5d to %#-15a:%-5d length %d on %p (ignored)", - msg->h.flags.b[0], msg->h.flags.b[1], srcaddr, mDNSVal16(srcport), dstaddr, mDNSVal16(dstport), end - (mDNSu8 *)pkt, InterfaceID); - while (ih.flags.b[0], msg->h.flags.b[1], srcaddr, mDNSVal16(srcport), dstaddr, mDNSVal16(dstport), (int)(end - pkt), InterfaceID); + while (i < (int)(end - pkt)) { char buffer[128]; char *p = buffer + mDNS_snprintf(buffer, sizeof(buffer), "%04X", i); - do if (isha, &rr->WakeUp.IMAC) ? msg1 : (rr->AnnounceCount == InitialAnnounceCount) ? msg2 : mDNSSameEthAddress(&arp->sha, &intf->MAC) ? msg3 : msg4; - LogSPS("%-7s %s %.6a %.4a for %.4a -- H-MAC %.6a I-MAC %.6a %s", - intf->ifname, msg, &arp->sha, &arp->spa, &arp->tpa, &rr->WakeUp.HMAC, &rr->WakeUp.IMAC, ARDisplayString(m, rr)); + LogMsg("Arp %-7s %s %.6a %.4a for %.4a -- H-MAC %.6a I-MAC %.6a %s", + intf->ifname, msg, arp->sha.b, arp->spa.b, arp->tpa.b, + &rr->WakeUp.HMAC, &rr->WakeUp.IMAC, ARDisplayString(m, rr)); if (msg == msg1) { if ( rr->ProbeRestartCount < MAX_PROBE_RESTARTS) @@ -13841,7 +13845,7 @@ mDNSlocal void mDNSCoreReceiveRawARP(mDNS *const m, const ARP_EthIP *const arp, } else if (msg == msg4) { - SendARP(m, 2, rr, &arp->tpa, &arp->sha, &arp->spa, &arp->sha); + SendARP(m, 2, rr, (mDNSv4Addr *)arp->tpa.b, &arp->sha, (mDNSv4Addr *)arp->spa.b, &arp->sha); } } } @@ -13855,7 +13859,7 @@ mDNSlocal void mDNSCoreReceiveRawARP(mDNS *const m, const ARP_EthIP *const arp, // If the sender hardware address is the original owner this is benign, so we just suppress our own proxy answering for a while longer. // If the sender hardware address is *not* the original owner, then this is a conflict, and we need to wake the sleeping machine to handle it. if (mDNSSameEthAddress(&arp->sha, &intf->MAC)) - debugf("ARP from self for %.4a", &arp->tpa); + debugf("ARP from self for %.4a", arp->tpa.b); else { if (!mDNSSameIPv4Address(arp->spa, zerov4Addr)) @@ -13865,22 +13869,22 @@ mDNSlocal void mDNSCoreReceiveRawARP(mDNS *const m, const ARP_EthIP *const arp, { if (mDNSSameEthAddress(&zeroEthAddr, &rr->WakeUp.HMAC)) { - LogSPS("%-7s ARP from %.6a %.4a for %.4a -- Invalid H-MAC %.6a I-MAC %.6a %s", intf->ifname, - &arp->sha, &arp->spa, &arp->tpa, &rr->WakeUp.HMAC, &rr->WakeUp.IMAC, ARDisplayString(m, rr)); + LogMsg("%-7s ARP from %.6a %.4a for %.4a -- Invalid H-MAC %.6a I-MAC %.6a %s", intf->ifname, + arp->sha.b, arp->spa.b, arp->tpa.b, &rr->WakeUp.HMAC, &rr->WakeUp.IMAC, ARDisplayString(m, rr)); } else { RestartARPProbing(m, rr); if (mDNSSameEthAddress(&arp->sha, &rr->WakeUp.IMAC)) { - LogSPS("%-7s ARP %s from owner %.6a %.4a for %-15.4a -- re-starting probing for %s", intf->ifname, + LogMsg("%-7s ARP %s from owner %.6a %.4a for %-15.4a -- re-starting probing for %s", intf->ifname, mDNSSameIPv4Address(arp->spa, arp->tpa) ? "Announcement " : mDNSSameOpaque16(arp->op, ARP_op_request) ? "Request " : "Response ", - &arp->sha, &arp->spa, &arp->tpa, ARDisplayString(m, rr)); + arp->sha.b, arp->spa.b, arp->tpa.b, ARDisplayString(m, rr)); } else { LogMsg("%-7s Conflicting ARP from %.6a %.4a for %.4a -- waking H-MAC %.6a I-MAC %.6a %s", intf->ifname, - &arp->sha, &arp->spa, &arp->tpa, &rr->WakeUp.HMAC, &rr->WakeUp.IMAC, ARDisplayString(m, rr)); + arp->sha.b, arp->spa.b, arp->tpa.b, &rr->WakeUp.HMAC, &rr->WakeUp.IMAC, ARDisplayString(m, rr)); ScheduleWakeup(m, rr->resrec.InterfaceID, &rr->WakeUp.HMAC); } } @@ -14576,7 +14580,8 @@ mDNSlocal void PurgeOrReconfirmCacheRecord(mDNS *const m, CacheRecord *cr, const mDNSBool purge = cr->resrec.RecordType == kDNSRecordTypePacketNegative || cr->resrec.rrtype == kDNSType_A || cr->resrec.rrtype == kDNSType_AAAA || - cr->resrec.rrtype == kDNSType_SRV; + cr->resrec.rrtype == kDNSType_SRV || + cr->resrec.rrtype == kDNSType_CNAME; (void) lameduck; (void) ptr; diff --git a/mDNSResponder/mDNSCore/mDNSEmbeddedAPI.h b/mDNSResponder/mDNSCore/mDNSEmbeddedAPI.h index 248b848f..81ade5c5 100755 --- a/mDNSResponder/mDNSCore/mDNSEmbeddedAPI.h +++ b/mDNSResponder/mDNSCore/mDNSEmbeddedAPI.h @@ -482,7 +482,7 @@ typedef struct UDPSocket_struct UDPSocket; #define mDNS_numPrereqs numAnswers #define mDNS_numUpdates numAuthorities -typedef packedstruct +typedef struct { mDNSOpaque16 id; mDNSOpaque16 flags; @@ -499,7 +499,7 @@ typedef packedstruct #define AbsoluteMaxDNSMessageData 8940 #endif #define NormalMaxDNSMessageData 1440 -typedef packedstruct +typedef struct { DNSMessageHeader h; // Note: Size 12 bytes mDNSu8 data[AbsoluteMaxDNSMessageData]; // 40 (IPv6) + 8 (UDP) + 12 (DNS header) + 8940 (data) = 9000 @@ -617,7 +617,7 @@ typedef packedstruct mDNSu16 checksum; } UDPHeader; // 8 bytes; IP protocol type 0x11 -typedef packedstruct +typedef struct { mDNSu8 type; // 0x87 == Neighbor Solicitation, 0x88 == Neighbor Advertisement mDNSu8 code; @@ -816,7 +816,7 @@ typedef struct TrustAnchor //size of rdataRRSIG excluding signerName and signature (which are variable fields) #define RRSIG_FIXED_SIZE 18 -typedef packedstruct +typedef struct { mDNSu16 typeCovered; mDNSu8 alg; @@ -825,7 +825,7 @@ typedef packedstruct mDNSu32 sigExpireTime; mDNSu32 sigInceptTime; mDNSu16 keyTag; - mDNSu8 *signerName; + mDNSu8 signerName[1]; // signerName is a dynamically-sized array // mDNSu8 *signature } rdataRRSig; @@ -938,7 +938,7 @@ typedef struct } TracerOptData; // Note: rdataOPT format may be repeated an arbitrary number of times in a single resource record -typedef packedstruct +typedef struct { mDNSu16 opt; mDNSu16 optlen; @@ -1182,7 +1182,7 @@ typedef enum PCPResult_ExcesRemotePeer = 13 } PCPResult_t; -typedef packedstruct +typedef struct { mDNSu8 version; mDNSu8 opCode; @@ -1197,7 +1197,7 @@ typedef packedstruct mDNSv6Addr extAddress; } PCPMapRequest; -typedef packedstruct +typedef struct { mDNSu8 version; mDNSu8 opCode; @@ -3296,7 +3296,7 @@ extern void mDNS_DeactivateNetWake_internal(mDNS *const m, NetworkInterfaceI extern mStatus mDNS_RegisterInterface (mDNS *const m, NetworkInterfaceInfo *set, mDNSBool flapping); extern void mDNS_DeregisterInterface(mDNS *const m, NetworkInterfaceInfo *set, mDNSBool flapping); extern void mDNSCoreInitComplete(mDNS *const m, mStatus result); -extern void mDNSCoreReceive(mDNS *const m, void *const msg, const mDNSu8 *const end, +extern void mDNSCoreReceive(mDNS *const m, DNSMessage *const msg, const mDNSu8 *const end, const mDNSAddr *const srcaddr, const mDNSIPPort srcport, const mDNSAddr *dstaddr, const mDNSIPPort dstport, const mDNSInterfaceID InterfaceID); extern void mDNSCoreRestartQueries(mDNS *const m); @@ -3366,7 +3366,7 @@ extern mStatus SymptomReporterDNSServerReachable(mDNS *const m, const mDNSAddr * extern mStatus SymptomReporterDNSServerUnreachable(DNSServer *s); #endif -typedef void ProxyCallback (mDNS *const m, void *socket, void *const msg, const mDNSu8 *const end, const mDNSAddr *const srcaddr, +typedef void ProxyCallback (mDNS *const m, void *socket, DNSMessage *const msg, const mDNSu8 *const end, const mDNSAddr *const srcaddr, const mDNSIPPort srcport, const mDNSAddr *dstaddr, const mDNSIPPort dstport, const mDNSInterfaceID InterfaceID, void *context); extern void mDNSPlatformInitDNSProxySkts(mDNS *const m, ProxyCallback *UDPCallback, ProxyCallback *TCPCallback); extern void mDNSPlatformCloseDNSProxySkts(mDNS *const m); @@ -3586,6 +3586,11 @@ struct CompileTimeAssertionChecks_mDNS char assertK[(sizeof(UDPHeader ) == 8 ) ? 1 : -1]; char assertL[(sizeof(IKEHeader ) == 28 ) ? 1 : -1]; char assertM[(sizeof(TCPHeader ) == 20 ) ? 1 : -1]; + char assertN[(sizeof(rdataOPT) == 24 ) ? 1 : -1]; + char assertO[(sizeof(rdataRRSig) == 20 ) ? 1 : -1]; + char assertP[(sizeof(PCPMapRequest) == 60 ) ? 1 : -1]; + char assertQ[(sizeof(PCPMapReply) == 60 ) ? 1 : -1]; + // Check our structures are reasonable sizes. Including overly-large buffers, or embedding // other overly-large structures instead of having a pointer to them, can inadvertently diff --git a/mDNSResponder/mDNSCore/uDNS.c b/mDNSResponder/mDNSCore/uDNS.c index 5848e1e1..3677b9f7 100755 --- a/mDNSResponder/mDNSCore/uDNS.c +++ b/mDNSResponder/mDNSCore/uDNS.c @@ -4109,13 +4109,13 @@ mDNSexport void DNSPushNotificationGotZoneData(mDNS *const m, mStatus err, const } else { + q->dnsPushState = DNSPUSH_NOSERVER; StartLLQPolling(m,q); if (err == mStatus_NoSuchNameErr) { // this actually failed, so mark it by setting address to all ones q->servAddr.type = mDNSAddrType_IPv4; q->servAddr.ip.v4 = onesIPv4Addr; - q->dnsPushState = DNSPUSH_NOSERVER; } } mDNS_Unlock(m); diff --git a/mDNSResponder/mDNSMacOSX/daemon.c b/mDNSResponder/mDNSMacOSX/daemon.c index f5478b57..f3f00ca7 100644 --- a/mDNSResponder/mDNSMacOSX/daemon.c +++ b/mDNSResponder/mDNSMacOSX/daemon.c @@ -32,6 +32,7 @@ #include #include #include +#include #include "uDNS.h" #include "DNSCommon.h" @@ -1440,6 +1441,18 @@ mDNSlocal void init_logging(void) } #endif +#if TARGET_OS_IPHONE || TARGET_IPHONE_SIMULATOR +mDNSlocal mDNSBool initialize_networkserviceproxy(void) +{ + void *NSPImage = dlopen("/System/Library/PrivateFrameworks/NetworkServiceProxy.framework/NetworkServiceProxy", RTLD_LAZY | RTLD_LOCAL); + if (NSPImage == NULL) { + os_log_error(OS_LOG_DEFAULT, "dlopen NetworkServiceProxy.framework failed"); + return mDNSfalse; + } + return mDNStrue; +} +#endif + mDNSexport int main(int argc, char **argv) { int i; @@ -1611,6 +1624,12 @@ mDNSexport int main(int argc, char **argv) mDNSMacOSXNetworkChanged(&mDNSStorage); UpdateDebugState(); +#if TARGET_OS_IPHONE || TARGET_IPHONE_SIMULATOR + if (initialize_networkserviceproxy() == mDNSfalse) { + LogMsg("Failed to initialize NetworkServiceProxy"); + } +#endif + #ifdef MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM LogInfo("Daemon Start: Using LibDispatch"); // CFRunLoopRun runs both CFRunLoop sources and dispatch sources diff --git a/mDNSResponder/mDNSMacOSX/mDNSMacOSX.c b/mDNSResponder/mDNSMacOSX/mDNSMacOSX.c index d8697fae..84e9de8c 100644 --- a/mDNSResponder/mDNSMacOSX/mDNSMacOSX.c +++ b/mDNSResponder/mDNSMacOSX/mDNSMacOSX.c @@ -1925,51 +1925,40 @@ mDNSexport mStatus mDNSPlatformSendUDP(const mDNS *const m, const void *const ms sin_to->sin_addr.s_addr = dst->ip.v4.NotAnInteger; s = (src ? src->ss : m->p->permanentsockets).sktv4; - if (info) // Specify outgoing interface + if (!mDNSAddrIsDNSMulticast(dst)) { - if (!mDNSAddrIsDNSMulticast(dst)) - { - #ifdef IP_BOUND_IF - if (info->scope_id == 0) - LogInfo("IP_BOUND_IF socket option not set -- info %p (%s) scope_id is zero", info, ifa_name); - else - setsockopt(s, IPPROTO_IP, IP_BOUND_IF, &info->scope_id, sizeof(info->scope_id)); - #else - { - static int displayed = 0; - if (displayed < 1000) - { - displayed++; - LogInfo("IP_BOUND_IF socket option not defined -- cannot specify interface for unicast packets"); - } - } - #endif - } - else - #ifdef IP_MULTICAST_IFINDEX + #ifdef IP_BOUND_IF + const mDNSu32 ifindex = info ? info->scope_id : IFSCOPE_NONE; + setsockopt(s, IPPROTO_IP, IP_BOUND_IF, &ifindex, sizeof(ifindex)); + #else + static int displayed = 0; + if (displayed < 1000) { - err = setsockopt(s, IPPROTO_IP, IP_MULTICAST_IFINDEX, &info->scope_id, sizeof(info->scope_id)); - // We get an error when we compile on a machine that supports this option and run the binary on - // a different machine that does not support it - if (err < 0) - { - if (errno != ENOPROTOOPT) LogInfo("mDNSPlatformSendUDP: setsockopt: IP_MUTLTICAST_IFINDEX returned %d", errno); - err = setsockopt(s, IPPROTO_IP, IP_MULTICAST_IF, &info->ifa_v4addr, sizeof(info->ifa_v4addr)); - if (err < 0 && !m->NetworkChanged) - LogMsg("setsockopt - IP_MULTICAST_IF error %.4a %d errno %d (%s)", &info->ifa_v4addr, err, errno, strerror(errno)); - } + displayed++; + LogInfo("IP_BOUND_IF socket option not defined -- cannot specify interface for unicast packets"); } - #else + #endif + } + else if (info) + { + #ifdef IP_MULTICAST_IFINDEX + err = setsockopt(s, IPPROTO_IP, IP_MULTICAST_IFINDEX, &info->scope_id, sizeof(info->scope_id)); + // We get an error when we compile on a machine that supports this option and run the binary on + // a different machine that does not support it + if (err < 0) { + if (errno != ENOPROTOOPT) LogInfo("mDNSPlatformSendUDP: setsockopt: IP_MUTLTICAST_IFINDEX returned %d", errno); err = setsockopt(s, IPPROTO_IP, IP_MULTICAST_IF, &info->ifa_v4addr, sizeof(info->ifa_v4addr)); if (err < 0 && !m->NetworkChanged) LogMsg("setsockopt - IP_MULTICAST_IF error %.4a %d errno %d (%s)", &info->ifa_v4addr, err, errno, strerror(errno)); - } - #endif + #else + err = setsockopt(s, IPPROTO_IP, IP_MULTICAST_IF, &info->ifa_v4addr, sizeof(info->ifa_v4addr)); + if (err < 0 && !m->NetworkChanged) + LogMsg("setsockopt - IP_MULTICAST_IF error %.4a %d errno %d (%s)", &info->ifa_v4addr, err, errno, strerror(errno)); + #endif } } - else if (dst->type == mDNSAddrType_IPv6) { struct sockaddr_in6 *sin6_to = (struct sockaddr_in6*)&to; @@ -2273,12 +2262,12 @@ mDNSexport void myKQSocketCallBack(int s1, short filter, void *context) if (ss->proxy) { - m->p->UDPProxyCallback(m, &m->p->UDPProxy, (unsigned char *)&m->imsg, (unsigned char*)&m->imsg + err, &senderAddr, + m->p->UDPProxyCallback(m, &m->p->UDPProxy, &m->imsg.m, (unsigned char*)&m->imsg + err, &senderAddr, senderPort, &destAddr, ss->port, InterfaceID, NULL); } else { - mDNSCoreReceive(m, &m->imsg, (unsigned char*)&m->imsg + err, &senderAddr, senderPort, &destAddr, ss->port, InterfaceID); + mDNSCoreReceive(m, &m->imsg.m, (unsigned char*)&m->imsg + err, &senderAddr, senderPort, &destAddr, ss->port, InterfaceID); } // if we didn't close, we can safely dereference the socketset, and should to diff --git a/mDNSResponder/mDNSMacOSX/mDNSResponder-entitlements.plist b/mDNSResponder/mDNSMacOSX/mDNSResponder-entitlements.plist index ef23e4b6..6d0bd675 100644 --- a/mDNSResponder/mDNSMacOSX/mDNSResponder-entitlements.plist +++ b/mDNSResponder/mDNSMacOSX/mDNSResponder-entitlements.plist @@ -20,6 +20,8 @@ com.apple.private.necp.match + com.apple.private.necp.policies + com.apple.security.network.server com.apple.security.network.client @@ -32,5 +34,13 @@ com.apple.BTServer.appleMfgDataScanner + com.apple.developer.networking.networkextension + + app-proxy-provider-system + + com.apple.private.neagent + + com.apple.private.nehelper.privileged + diff --git a/mDNSResponder/mDNSMacOSX/mDNSResponder.sb b/mDNSResponder/mDNSMacOSX/mDNSResponder.sb index 30747491..807217ab 100644 --- a/mDNSResponder/mDNSMacOSX/mDNSResponder.sb +++ b/mDNSResponder/mDNSMacOSX/mDNSResponder.sb @@ -72,7 +72,9 @@ (global-name "com.apple.wifi.manager") (global-name "com.apple.blued") (global-name "com.apple.mobilegestalt.xpc") - (global-name "com.apple.snhelper")) + (global-name "com.apple.snhelper") + (global-name "com.apple.nehelper") + (global-name "com.apple.networkserviceproxy")) (allow mach-register (global-name "com.apple.d2d.ipc")) diff --git a/mDNSResponder/mDNSShared/dns_sd.h b/mDNSResponder/mDNSShared/dns_sd.h index e34c6d91..660b3707 100644 --- a/mDNSResponder/mDNSShared/dns_sd.h +++ b/mDNSResponder/mDNSShared/dns_sd.h @@ -66,7 +66,7 @@ */ #ifndef _DNS_SD_H -#define _DNS_SD_H 7653011 +#define _DNS_SD_H 7655009 #ifdef __cplusplus extern "C" { diff --git a/mDNSResponder/mDNSShared/dnsextd.c b/mDNSResponder/mDNSShared/dnsextd.c index 7b8e67e6..b55d3f42 100644 --- a/mDNSResponder/mDNSShared/dnsextd.c +++ b/mDNSResponder/mDNSShared/dnsextd.c @@ -2355,7 +2355,7 @@ mDNSlocal int RecvLLQ( DaemonInfo *d, PktMsg *pkt, TCPSocket *sock ) { qptr = getQuestion(&pkt->msg, qptr, end, 0, &q); if (!qptr) { Log("Malformatted LLQ from %s: cannot read question %d", addr, i); goto end; } - llq = (LLQOptData *)&opt.r.resrec.rdata->u.opt[0].u.llq + i; // point into OptData at index i + llq = &opt.r.resrec.rdata->u.opt[i].u.llq; // point into OptData at index i if (llq->vers != kLLQ_Vers) { Log("LLQ from %s contains bad version %d (expected %d)", addr, llq->vers, kLLQ_Vers); goto end; } e = LookupLLQ(d, pkt->src, &q.qname, q.qtype, &llq->id); @@ -3094,7 +3094,7 @@ int main(int argc, char *argv[]) void mDNSCoreInitComplete( mDNS * const m, mStatus result) { ( void ) m; ( void ) result; } void mDNS_ConfigChanged(mDNS *const m) { ( void ) m; } void mDNSCoreMachineSleep(mDNS * const m, mDNSBool wake) { ( void ) m; ( void ) wake; } -void mDNSCoreReceive(mDNS *const m, void *const msg, const mDNSu8 *const end, +void mDNSCoreReceive(mDNS *const m, DNSMessage *const msg, const mDNSu8 *const end, const mDNSAddr *const srcaddr, const mDNSIPPort srcport, const mDNSAddr *const dstaddr, const mDNSIPPort dstport, const mDNSInterfaceID iid) { ( void ) m; ( void ) msg; ( void ) end; ( void ) srcaddr; ( void ) srcport; ( void ) dstaddr; ( void ) dstport; ( void ) iid; } diff --git a/mDNSResponder/mDNSShared/uds_daemon.c b/mDNSResponder/mDNSShared/uds_daemon.c index 0102453f..2552c8a7 100644 --- a/mDNSResponder/mDNSShared/uds_daemon.c +++ b/mDNSResponder/mDNSShared/uds_daemon.c @@ -1283,6 +1283,10 @@ mDNSlocal void handle_cancel_request(request_state *request) mDNSlocal mStatus handle_regrecord_request(request_state *request) { mStatus err = mStatus_BadParamErr; + + if (request->terminate != connection_termination) + { LogMsg("%3d: DNSServiceRegisterRecord(not a shared connection ref)", request->sd); return(err); } + AuthRecord *rr = read_rr_from_ipc_msg(request, 1, 1); if (rr) { @@ -4173,6 +4177,10 @@ mDNSlocal void handle_connection_delegate_request(request_state *request) mDNSs32 pid; socklen_t len; + LogOperation("%3d: DNSServiceCreateDelegateConnection START PID[%d](%s)", + request->sd, request->process_id, request->pid_name); + request->terminate = connection_termination; + len = 0; pid = get_uint32(&request->msgptr, request->msgend); #ifdef LOCAL_PEEREPID @@ -4955,13 +4963,6 @@ mDNSlocal void request_callback(int fd, short filter, void *info) AbortUnlinkAndFree(req); return; } - if (req->hdr.version != VERSION) - { - LogMsg("request_callback: ERROR: client IPC version %d incompatible with daemon IPC version %d PID[%d][%s]", - req->hdr.version, VERSION, req->process_id, req->pid_name); - AbortUnlinkAndFree(req); - return; - } switch(req->hdr.op) // Interface + other data { @@ -5062,12 +5063,7 @@ mDNSlocal void request_callback(int fd, short filter, void *info) req->sd, req->process_id, req->pid_name); req->terminate = connection_termination; break; - case connection_delegate_request: - LogOperation("%3d: DNSServiceCreateDelegateConnection START PID[%d](%s)", - req->sd, req->process_id, req->pid_name); - req->terminate = connection_termination; - handle_connection_delegate_request(req); - break; + case connection_delegate_request: handle_connection_delegate_request(req); break; case resolve_request: err = handle_resolve_request (req); break; case query_request: err = handle_queryrecord_request (req); break; case browse_request: err = handle_browse_request (req); break; -- cgit v1.2.3