From b96778b363c0da9e7dbe164bfb1857f1f56bfd09 Mon Sep 17 00:00:00 2001 From: Sebastian Huber Date: Thu, 18 Jun 2020 13:09:27 +0200 Subject: mDNSResponder: Update to v878.230.2 The sources can be obtained via: https://opensource.apple.com/tarballs/mDNSResponder/mDNSResponder-878.230.2.tar.gz Update #4010. --- mDNSResponder/Makefile | 2 +- mDNSResponder/mDNSCore/mDNS.c | 24 +++++++++++++++++------- mDNSResponder/mDNSCore/mDNSEmbeddedAPI.h | 5 +++-- mDNSResponder/mDNSCore/uDNS.c | 13 ++++++++----- mDNSResponder/mDNSMacOSX/daemon.c | 3 ++- mDNSResponder/mDNSMacOSX/mDNSMacOSX.c | 8 ++++++-- mDNSResponder/mDNSMacOSX/mDNSMacOSX.h | 1 + mDNSResponder/mDNSPosix/mDNSPosix.c | 2 +- mDNSResponder/mDNSShared/dns_sd.h | 2 +- mDNSResponder/mDNSShared/dnsextd.c | 4 ++-- mDNSResponder/mDNSWindows/mDNSWin32.c | 2 +- mDNSResponder/unittests/CNameRecordTests.c | 3 ++- 12 files changed, 45 insertions(+), 24 deletions(-) diff --git a/mDNSResponder/Makefile b/mDNSResponder/Makefile index d50841c2..8b97eacc 100644 --- a/mDNSResponder/Makefile +++ b/mDNSResponder/Makefile @@ -17,7 +17,7 @@ include $(MAKEFILEPATH)/pb_makefiles/platform.make -MVERS = "mDNSResponder-878.200.35" +MVERS = "mDNSResponder-878.230.2" VER = ifneq ($(strip $(GCC_VERSION)),) diff --git a/mDNSResponder/mDNSCore/mDNS.c b/mDNSResponder/mDNSCore/mDNS.c index 8deada2e..10504d09 100755 --- a/mDNSResponder/mDNSCore/mDNS.c +++ b/mDNSResponder/mDNSCore/mDNS.c @@ -9236,6 +9236,7 @@ mDNSlocal void mDNSCoreReceiveResponse(mDNS *const m, { debugf("mDNSCoreReceiveResponse: InterfaceID %p %##s (%s)", q->InterfaceID, q->qname.c, DNSTypeName(q->qtype)); m->rec.r.resrec.rDNSServer = uDNSServer = q->qDNSServer; + if (!unicastQuestion) unicastQuestion = q; // Acceptable responses to unicast questions need to have (unicastQuestion != nil) } else { @@ -11302,6 +11303,8 @@ mDNSlocal mDNSBool IsPrivateDomain(mDNS *const m, DNSQuestion *q) } } +#define TrueFalseStr(X) ((X) ? "true" : "false") + // This function takes the DNSServer as a separate argument because sometimes the // caller has not yet assigned the DNSServer, but wants to evaluate the SuppressQuery // status before switching to it. @@ -11328,13 +11331,20 @@ mDNSlocal mDNSBool ShouldSuppressUnicastQuery(mDNS *const m, DNSQuestion *q, DNS } // Check if the DNS Configuration allows A/AAAA queries to be sent - if ((q->qtype == kDNSType_A) && (d->req_A)) + if ((q->qtype == kDNSType_A) && d->req_A) { - LogDebug("ShouldSuppressUnicastQuery: Query not suppressed for %##s, qtype %s, DNSServer %##s %#a:%d allows A queries", q->qname.c, - DNSTypeName(q->qtype), d->domain.c, &d->addr, mDNSVal16(d->port)); - return mDNSfalse; + // The server's configuration allows A record queries, so don't suppress this query unless + // 1. the interface associated with the server is CLAT46; and + // 2. the query has the kDNSServiceFlagsPathEvaluationDone flag, which indicates that it came from libnetcore. + // See for more info. + if (!(d->isCLAT46 && (q->flags & kDNSServiceFlagsPathEvaluationDone))) + { + LogDebug("ShouldSuppressUnicastQuery: Query not suppressed for %##s, qtype %s, DNSServer %##s %#a:%d allows A queries", q->qname.c, + DNSTypeName(q->qtype), d->domain.c, &d->addr, mDNSVal16(d->port)); + return mDNSfalse; + } } - if ((q->qtype == kDNSType_AAAA) && (d->req_AAAA)) + if ((q->qtype == kDNSType_AAAA) && d->req_AAAA) { LogDebug("ShouldSuppressUnicastQuery: Query not suppressed for %##s, qtype %s, DNSServer %##s %#a:%d allows AAAA queries", q->qname.c, DNSTypeName(q->qtype), d->domain.c, &d->addr, mDNSVal16(d->port)); @@ -11348,8 +11358,8 @@ mDNSlocal mDNSBool ShouldSuppressUnicastQuery(mDNS *const m, DNSQuestion *q, DNS } #endif - LogInfo("ShouldSuppressUnicastQuery: Query suppressed for %##s, qtype %s, since DNS Configuration does not allow (req_A is %s and req_AAAA is %s)", - q->qname.c, DNSTypeName(q->qtype), d->req_A ? "true" : "false", d->req_AAAA ? "true" : "false"); + LogInfo("ShouldSuppressUnicastQuery: Query suppressed for %##s, qtype %s, since DNS Configuration does not allow (req_A %s, req_AAAA %s, CLAT46 %s)", + q->qname.c, DNSTypeName(q->qtype), TrueFalseStr(d->req_A), TrueFalseStr(d->req_AAAA), TrueFalseStr(d->isCLAT46)); return mDNStrue; } diff --git a/mDNSResponder/mDNSCore/mDNSEmbeddedAPI.h b/mDNSResponder/mDNSCore/mDNSEmbeddedAPI.h index 511aa3b6..26c70089 100755 --- a/mDNSResponder/mDNSCore/mDNSEmbeddedAPI.h +++ b/mDNSResponder/mDNSCore/mDNSEmbeddedAPI.h @@ -1383,6 +1383,7 @@ typedef struct DNSServer mDNSBool req_DO; // If set, okay to send DNSSEC queries (EDNS DO bit is supported) mDNSBool DNSSECAware; // Set if we are able to receive a response to a request sent with DO option. mDNSBool isExpensive; // True if the interface to this server is expensive. + mDNSBool isCLAT46; // True if the interface to this server is CLAT46. } DNSServer; typedef struct @@ -3071,8 +3072,8 @@ extern void mDNS_AddDynDNSHostName(mDNS *m, const domainname *fqdn, mDNSRecordCa extern void mDNS_RemoveDynDNSHostName(mDNS *m, const domainname *fqdn); extern void mDNS_SetPrimaryInterfaceInfo(mDNS *m, const mDNSAddr *v4addr, const mDNSAddr *v6addr, const mDNSAddr *router); extern DNSServer *mDNS_AddDNSServer(mDNS *const m, const domainname *d, const mDNSInterfaceID interface, mDNSs32 serviceID, const mDNSAddr *addr, - const mDNSIPPort port, mDNSu32 scoped, mDNSu32 timeout, mDNSBool cellIntf, mDNSBool isExpensive, mDNSu16 resGroupID, - mDNSBool reqA, mDNSBool reqAAAA, mDNSBool reqDO); + const mDNSIPPort port, mDNSu32 scoped, mDNSu32 timeout, mDNSBool cellIntf, mDNSBool isExpensive, mDNSBool isCLAT46, + mDNSu16 resGroupID, mDNSBool reqA, mDNSBool reqAAAA, mDNSBool reqDO); extern void PenalizeDNSServer(mDNS *const m, DNSQuestion *q, mDNSOpaque16 responseFlags); extern void mDNS_AddSearchDomain(const domainname *const domain, mDNSInterfaceID InterfaceID); diff --git a/mDNSResponder/mDNSCore/uDNS.c b/mDNSResponder/mDNSCore/uDNS.c index cd91f4da..2d6d14e9 100755 --- a/mDNSResponder/mDNSCore/uDNS.c +++ b/mDNSResponder/mDNSCore/uDNS.c @@ -115,9 +115,11 @@ mDNSlocal void SetRecordRetry(mDNS *const m, AuthRecord *rr, mDNSu32 random) #pragma mark - Name Server List Management #endif +#define TrueFalseStr(X) ((X) ? "true" : "false") + mDNSexport DNSServer *mDNS_AddDNSServer(mDNS *const m, const domainname *d, const mDNSInterfaceID interface, const mDNSs32 serviceID, const mDNSAddr *addr, - const mDNSIPPort port, mDNSu32 scoped, mDNSu32 timeout, mDNSBool cellIntf, mDNSBool isExpensive, mDNSu16 resGroupID, - mDNSBool reqA, mDNSBool reqAAAA, mDNSBool reqDO) + const mDNSIPPort port, mDNSu32 scoped, mDNSu32 timeout, mDNSBool cellIntf, mDNSBool isExpensive, mDNSBool isCLAT46, + mDNSu16 resGroupID, mDNSBool reqA, mDNSBool reqAAAA, mDNSBool reqDO) { DNSServer **p = &m->DNSServers; DNSServer *tmp = mDNSNULL; @@ -131,9 +133,9 @@ mDNSexport DNSServer *mDNS_AddDNSServer(mDNS *const m, const domainname *d, cons if (!d) d = (const domainname *)""; - LogInfo("mDNS_AddDNSServer(%d): Adding %#a for %##s, InterfaceID %p, serviceID %u, scoped %d, resGroupID %d req_A is %s req_AAAA is %s cell %s isExpensive %s req_DO is %s", - NumUnicastDNSServers, addr, d->c, interface, serviceID, scoped, resGroupID, reqA ? "True" : "False", reqAAAA ? "True" : "False", - cellIntf ? "True" : "False", isExpensive ? "True" : "False", reqDO ? "True" : "False"); + LogInfo("mDNS_AddDNSServer(%d): Adding %#a for %##s, InterfaceID %p, serviceID %u, scoped %d, resGroupID %d req_A %s, req_AAAA %s, cell %s, expensive %s, CLAT46 %s, req_DO %s", + NumUnicastDNSServers, addr, d->c, interface, serviceID, scoped, resGroupID, + TrueFalseStr(reqA), TrueFalseStr(reqAAAA), TrueFalseStr(cellIntf), TrueFalseStr(isExpensive), TrueFalseStr(isCLAT46), TrueFalseStr(reqDO)); mDNS_CheckLock(m); @@ -199,6 +201,7 @@ mDNSexport DNSServer *mDNS_AddDNSServer(mDNS *const m, const domainname *d, cons (*p)->timeout = timeout; (*p)->cellIntf = cellIntf; (*p)->isExpensive = isExpensive; + (*p)->isCLAT46 = isCLAT46; (*p)->req_A = reqA; (*p)->req_AAAA = reqAAAA; (*p)->req_DO = reqDO; diff --git a/mDNSResponder/mDNSMacOSX/daemon.c b/mDNSResponder/mDNSMacOSX/daemon.c index e16f1dbf..695e4114 100644 --- a/mDNSResponder/mDNSMacOSX/daemon.c +++ b/mDNSResponder/mDNSMacOSX/daemon.c @@ -517,7 +517,7 @@ mDNSexport void INFOCallback(void) for (s = mDNSStorage.DNSServers; s; s = s->next) { NetworkInterfaceInfoOSX *ifx = IfindexToInterfaceInfoOSX(s->interface); - LogMsgNoIdent("DNS Server %##s %s%s%#a:%d %d %s %d %d %s %s %s %s %s", + LogMsgNoIdent("DNS Server %##s %s%s%#a:%d %d %s %d %d %s %s %s %s %s %s", s->domain.c, ifx ? ifx->ifinfo.ifname : "", ifx ? " " : "", &s->addr, mDNSVal16(s->port), s->penaltyTime ? s->penaltyTime - mDNS_TimeNow(&mDNSStorage) : 0, DNSScopeToString(s->scoped), s->timeout, s->resGroupID, @@ -525,6 +525,7 @@ mDNSexport void INFOCallback(void) s->req_AAAA ? "v6" : "!v6", s->cellIntf ? "cell" : "!cell", s->isExpensive ? "exp" : "!exp", + s->isCLAT46 ? "clat46" : "!clat46", s->DNSSECAware ? "DNSSECAware" : "!DNSSECAware"); } } diff --git a/mDNSResponder/mDNSMacOSX/mDNSMacOSX.c b/mDNSResponder/mDNSMacOSX/mDNSMacOSX.c index f64e28af..51fc67a8 100644 --- a/mDNSResponder/mDNSMacOSX/mDNSMacOSX.c +++ b/mDNSResponder/mDNSMacOSX/mDNSMacOSX.c @@ -3612,6 +3612,7 @@ mDNSlocal NetworkInterfaceInfoOSX *AddInterfaceToList(struct ifaddrs *ifa, mDNSs i->isExpensive = (eflags & IFEF_EXPENSIVE) ? mDNStrue: mDNSfalse; i->isAWDL = (eflags & IFEF_AWDL) ? mDNStrue: mDNSfalse; + i->isCLAT46 = (eflags & IFEF_CLAT46) ? mDNStrue: mDNSfalse; if (eflags & IFEF_AWDL) { // Set SupportsUnicastMDNSResponse false for the AWDL interface since unicast reserves @@ -5470,6 +5471,7 @@ mDNSlocal void ConfigDNSServers(dns_resolver_t *r, mDNSInterfaceID interface, mD mDNSBool reqA, reqAAAA; NetworkInterfaceInfoOSX *info; mDNSBool isExpensive; + mDNSBool isCLAT46; if (!r->domain || !*r->domain) { @@ -5492,7 +5494,8 @@ mDNSlocal void ConfigDNSServers(dns_resolver_t *r, mDNSInterfaceID interface, mD reqA = (r->flags & DNS_RESOLVER_FLAGS_REQUEST_A_RECORDS ? mDNStrue : mDNSfalse); reqAAAA = (r->flags & DNS_RESOLVER_FLAGS_REQUEST_AAAA_RECORDS ? mDNStrue : mDNSfalse); info = IfindexToInterfaceInfoOSX(interface); - isExpensive = info ? info->isExpensive : mDNSfalse; + isExpensive = (info && info->isExpensive) ? mDNStrue : mDNSfalse; + isCLAT46 = (info && info->isCLAT46) ? mDNStrue : mDNSfalse; for (n = 0; n < r->n_nameserver; n++) { @@ -5516,7 +5519,8 @@ mDNSlocal void ConfigDNSServers(dns_resolver_t *r, mDNSInterfaceID interface, mD // it takes the sum of all the timeout values for all DNS servers. By doing this, it // tries all the DNS servers in a specified timeout s = mDNS_AddDNSServer(&mDNSStorage, &d, interface, serviceID, &saddr, r->port ? mDNSOpaque16fromIntVal(r->port) : UnicastDNSPort, scope, - (n == 0 ? (r->timeout ? r->timeout : DEFAULT_UDNS_TIMEOUT) : 0), cellIntf, isExpensive, resGroupID, reqA, reqAAAA, mDNStrue); + (n == 0 ? (r->timeout ? r->timeout : DEFAULT_UDNS_TIMEOUT) : 0), cellIntf, isExpensive, isCLAT46, + resGroupID, reqA, reqAAAA, mDNStrue); if (s) { LogInfo("ConfigDNSServers(%s): DNS server %#a:%d for domain %##s", DNSScopeToString(scope), &s->addr, mDNSVal16(s->port), d.c); diff --git a/mDNSResponder/mDNSMacOSX/mDNSMacOSX.h b/mDNSResponder/mDNSMacOSX/mDNSMacOSX.h index f189b07f..62309595 100644 --- a/mDNSResponder/mDNSMacOSX/mDNSMacOSX.h +++ b/mDNSResponder/mDNSMacOSX/mDNSMacOSX.h @@ -154,6 +154,7 @@ struct NetworkInterfaceInfoOSX_struct u_int BPF_len; mDNSBool isExpensive; // True if this interface has the IFEF_EXPENSIVE flag set. mDNSBool isAWDL; // True if this interface has the IFEF_AWDL flag set. + mDNSBool isCLAT46; // True if this interface has the IFEF_CLAT46 flag set. #ifdef MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM dispatch_source_t BPF_source; #else diff --git a/mDNSResponder/mDNSPosix/mDNSPosix.c b/mDNSResponder/mDNSPosix/mDNSPosix.c index 0e10bd56..5ed4a045 100755 --- a/mDNSResponder/mDNSPosix/mDNSPosix.c +++ b/mDNSResponder/mDNSPosix/mDNSPosix.c @@ -499,7 +499,7 @@ mDNSexport int ParseDNSServers(mDNS *m, const char *filePath) mDNSAddr DNSAddr; DNSAddr.type = mDNSAddrType_IPv4; DNSAddr.ip.v4.NotAnInteger = ina.s_addr; - mDNS_AddDNSServer(m, NULL, mDNSInterface_Any, 0, &DNSAddr, UnicastDNSPort, kScopeNone, 0, mDNSfalse, mDNSfalse, 0, mDNStrue, mDNStrue, mDNSfalse); + mDNS_AddDNSServer(m, NULL, mDNSInterface_Any, 0, &DNSAddr, UnicastDNSPort, kScopeNone, 0, mDNSfalse, mDNSfalse, mDNSfalse, 0, mDNStrue, mDNStrue, mDNSfalse); numOfServers++; } } diff --git a/mDNSResponder/mDNSShared/dns_sd.h b/mDNSResponder/mDNSShared/dns_sd.h index a1f5a573..2f530917 100644 --- a/mDNSResponder/mDNSShared/dns_sd.h +++ b/mDNSResponder/mDNSShared/dns_sd.h @@ -66,7 +66,7 @@ */ #ifndef _DNS_SD_H -#define _DNS_SD_H 8800035 +#define _DNS_SD_H 8803002 #ifdef __cplusplus extern "C" { diff --git a/mDNSResponder/mDNSShared/dnsextd.c b/mDNSResponder/mDNSShared/dnsextd.c index bc89ef89..96ee520c 100644 --- a/mDNSResponder/mDNSShared/dnsextd.c +++ b/mDNSResponder/mDNSShared/dnsextd.c @@ -3100,8 +3100,8 @@ void mDNSCoreReceive(mDNS *const m, DNSMessage *const msg, const mDNSu8 *const e const mDNSAddr *const dstaddr, const mDNSIPPort dstport, const mDNSInterfaceID iid) { ( void ) m; ( void ) msg; ( void ) end; ( void ) srcaddr; ( void ) srcport; ( void ) dstaddr; ( void ) dstport; ( void ) iid; } DNSServer *mDNS_AddDNSServer(mDNS *const m, const domainname *d, const mDNSInterfaceID interface, const int serviceID, const mDNSAddr *addr, const mDNSIPPort port, - mDNSu32 scoped, mDNSu32 timeout, mDNSBool cellIntf, mDNSBool isExpensive, mDNSu16 resGroupID, mDNSBool reqA, mDNSBool reqAAAA, mDNSBool reqDO) -{ ( void ) m; ( void ) d; ( void ) interface; ( void ) serviceID; ( void ) addr; ( void ) port; ( void ) scoped; ( void ) timeout; (void) cellIntf; (void) isExpensive; + mDNSu32 scoped, mDNSu32 timeout, mDNSBool cellIntf, mDNSBool isExpensive, mDNSBool isCLAT46, mDNSu16 resGroupID, mDNSBool reqA, mDNSBool reqAAAA, mDNSBool reqDO) +{ ( void ) m; ( void ) d; ( void ) interface; ( void ) serviceID; ( void ) addr; ( void ) port; ( void ) scoped; ( void ) timeout; (void) cellIntf; (void) isExpensive; (void) isCLAT46; (void) resGroupID; (void) reqA; (void) reqAAAA; (void) reqDO; return(NULL); } void mDNS_AddSearchDomain(const domainname *const domain, mDNSInterfaceID InterfaceID) { (void)domain; (void) InterfaceID;} void mDNS_AddDynDNSHostName(mDNS *m, const domainname *fqdn, mDNSRecordCallback *StatusCallback, const void *StatusContext) diff --git a/mDNSResponder/mDNSWindows/mDNSWin32.c b/mDNSResponder/mDNSWindows/mDNSWin32.c index fa07af02..6e88056a 100755 --- a/mDNSResponder/mDNSWindows/mDNSWin32.c +++ b/mDNSResponder/mDNSWindows/mDNSWin32.c @@ -1920,7 +1920,7 @@ SetDNSServers( mDNS *const m ) { mDNSAddr addr; err = StringToAddress( &addr, ipAddr->IpAddress.String ); - if ( !err ) mDNS_AddDNSServer(m, mDNSNULL, mDNSInterface_Any, 0, &addr, UnicastDNSPort, kScopeNone, DEFAULT_UDNS_TIMEOUT, mDNSfalse, mDNSfalse, 0, mDNStrue, mDNStrue, mDNSfalse); + if ( !err ) mDNS_AddDNSServer(m, mDNSNULL, mDNSInterface_Any, 0, &addr, UnicastDNSPort, kScopeNone, DEFAULT_UDNS_TIMEOUT, mDNSfalse, mDNSfalse, mDNSfalse, 0, mDNStrue, mDNStrue, mDNSfalse); } exit: diff --git a/mDNSResponder/unittests/CNameRecordTests.c b/mDNSResponder/unittests/CNameRecordTests.c index 9b3fb016..bb23c079 100644 --- a/mDNSResponder/unittests/CNameRecordTests.c +++ b/mDNSResponder/unittests/CNameRecordTests.c @@ -382,6 +382,7 @@ mDNSlocal mStatus AddDNSServer(void) mDNSu32 timeout = dns_server_timeout; mDNSBool cellIntf = 0; mDNSBool isExpensive = 0; + mDNSBool isCLAT46 = mDNSfalse; mDNSu16 resGroupID = dns_server_resGroupID; mDNSBool reqA = mDNStrue; mDNSBool reqAAAA = mDNStrue; @@ -391,7 +392,7 @@ mDNSlocal mStatus AddDNSServer(void) addr.ip.v4.NotAnInteger = dns_server_ipv4.NotAnInteger; port.NotAnInteger = client_resp_src_port; mDNS_AddDNSServer(m, &d, primary_interfaceID, serviceID, &addr, port, scoped, timeout, - cellIntf, isExpensive, resGroupID, + cellIntf, isExpensive, isCLAT46, resGroupID, reqA, reqAAAA, reqDO); mDNS_Unlock(m); return mStatus_NoError; -- cgit v1.2.3