|
Packit Service |
82fcde |
The resolver in the GNU C Library
|
|
Packit Service |
82fcde |
*********************************
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
Starting with version 2.2, the resolver in the GNU C Library comes
|
|
Packit Service |
82fcde |
from BIND 8. Only a subset of the src/lib/resolv part of libbind is
|
|
Packit Service |
82fcde |
included here; basically the parts that are needed to provide the
|
|
Packit Service |
82fcde |
functionality present in the resolver from BIND 4.9.7 that was
|
|
Packit Service |
82fcde |
included in the previous release of the GNU C Library, augmented by
|
|
Packit Service |
82fcde |
the parts needed to provide thread-safety. This means that support
|
|
Packit Service |
82fcde |
for things as dynamic DNS updates and TSIG keys isn't included. If
|
|
Packit Service |
82fcde |
you need those facilities, please take a look at the full BIND
|
|
Packit Service |
82fcde |
distribution.
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
Differences
|
|
Packit Service |
82fcde |
===========
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
The resolver in the GNU C Library still differs from what's in BIND
|
|
Packit Service |
82fcde |
8.2.3-T5B:
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
* The RES_DEBUG option (`options debug' in /etc/resolv.conf) has been
|
|
Packit Service |
82fcde |
disabled.
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
* The resolver in glibc allows underscores in domain names.
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
* The <resolv.h> header in glibc includes <netinet/in.h> and
|
|
Packit Service |
82fcde |
<arpa/nameser.h> to make it self-contained.
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
* The `res_close' function in glibc only tries to close open files
|
|
Packit Service |
82fcde |
referenced through `_res' if the RES_INIT bit is set in
|
|
Packit Service |
82fcde |
`_res.options'. This fixes a potential security bug with programs
|
|
Packit Service |
82fcde |
that bogusly call `res_close' without initialising the resolver
|
|
Packit Service |
82fcde |
state first. Note that the thread-safe `res_nclose' still doesn't
|
|
Packit Service |
82fcde |
check the RES_INIT bit. By the way, you're not really supposed to
|
|
Packit Service |
82fcde |
call `res_close/res_nclose' directly.
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
* The resolver in glibc can connect to a nameserver over IPv6. Just
|
|
Packit Service |
82fcde |
specify the IPv6 address in /etc/resolv.conf. You cannot change the
|
|
Packit Service |
82fcde |
address of an IPv6 nameserver dynamically in your program though.
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
Using the resolver in multi-threaded code
|
|
Packit Service |
82fcde |
=========================================
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
The traditional resolver interfaces `res_query', `res_search',
|
|
Packit Service |
82fcde |
`res_mkquery', `res_send' and `res_init', used a static (global)
|
|
Packit Service |
82fcde |
resolver state stored in the `_res' structure. Therefore, these
|
|
Packit Service |
82fcde |
interfaces are not thread-safe. Therefore, BIND 8.2 introduced a set
|
|
Packit Service |
82fcde |
of "new" interfaces `res_nquery', `res_nsearch', `res_nmkquery',
|
|
Packit Service |
82fcde |
`res_nsend' and `res_ninit' that take a `res_state' as their first
|
|
Packit Service |
82fcde |
argument, so you can use a per-thread resolver state. In glibc, when
|
|
Packit Service |
82fcde |
you link with -lpthread, such a per-thread resolver state is already
|
|
Packit Service |
82fcde |
present. It can be accessed using `_res', which has been redefined as
|
|
Packit Service |
82fcde |
a macro, in a similar way to what has been done for the `errno' and
|
|
Packit Service |
82fcde |
`h_errno' variables. This per-thread resolver state is also used for
|
|
Packit Service |
82fcde |
the `gethostby*' family of functions, which means that for example
|
|
Packit Service |
82fcde |
`gethostbyname_r' is now fully thread-safe and re-entrant. The
|
|
Packit Service |
82fcde |
traditional resolver interfaces however, continue to use a single
|
|
Packit Service |
82fcde |
resolver state and are therefore still thread-unsafe. The resolver
|
|
Packit Service |
82fcde |
state is the same resolver state that is used for the initial ("main")
|
|
Packit Service |
82fcde |
thread.
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
This has the following consequences for existing binaries and source
|
|
Packit Service |
82fcde |
code:
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
* Single-threaded programs will continue to work. There should be no
|
|
Packit Service |
82fcde |
user-visible changes when you recompile them.
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
* Multi-threaded programs that use the traditional resolver interfaces
|
|
Packit Service |
82fcde |
in the "main" thread should continue to work, except that they no
|
|
Packit Service |
82fcde |
longer see any changes in the global resolver state caused by calls
|
|
Packit Service |
82fcde |
to, for example, `gethostbyname' in other threads. Again there
|
|
Packit Service |
82fcde |
should be no user-visible changes when you recompile these programs.
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
* Multi-threaded programs that use the traditional resolver interfaces
|
|
Packit Service |
82fcde |
in more than one thread should be just as buggy as before (there are
|
|
Packit Service |
82fcde |
no problems if you use proper locking of course). If you recompile
|
|
Packit Service |
82fcde |
these programs, manipulating the _res structure in threads other
|
|
Packit Service |
82fcde |
than the "main" thread will seem to have no effect though.
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
* In Multi-threaded that manipulate the _res structure, calls to
|
|
Packit Service |
82fcde |
functions like `gethostbyname' in threads other than the "main"
|
|
Packit Service |
82fcde |
thread won't be influenced by the those changes anymore.
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
We recommend to use the new thread-safe interfaces in new code, since
|
|
Packit Service |
82fcde |
the traditional interfaces have been deprecated by the BIND folks.
|
|
Packit Service |
82fcde |
For compatibility with other (older) systems you might want to
|
|
Packit Service |
82fcde |
continue to use those interfaces though.
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
Using the resolver in C++ code
|
|
Packit Service |
82fcde |
==============================
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
There resolver contains some hooks which will allow the user to
|
|
Packit Service |
82fcde |
install some callback functions that make it possible to filter DNS
|
|
Packit Service |
82fcde |
requests and responses. Although we do not encourage you to make use
|
|
Packit Service |
82fcde |
of this facility at all, C++ developers should realise that it isn't
|
|
Packit Service |
82fcde |
safe to throw exceptions from such callback functions.
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
Source code
|
|
Packit Service |
82fcde |
===========
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
The following files come from the BIND distribution (currently version
|
|
Packit Service |
82fcde |
8.2.3-T5B):
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
src/include/
|
|
Packit Service |
82fcde |
arpa/nameser.h
|
|
Packit Service |
82fcde |
arpa/nameser_compat.h
|
|
Packit Service |
82fcde |
resolv.h
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
src/lib/resolv/
|
|
Packit Service |
82fcde |
herror.c
|
|
Packit Service |
82fcde |
res_comp.c
|
|
Packit Service |
82fcde |
res_data.c
|
|
Packit Service |
82fcde |
res_debug.c
|
|
Packit Service |
82fcde |
res_init.c
|
|
Packit Service |
82fcde |
res_mkquery.c
|
|
Packit Service |
82fcde |
res_query.c
|
|
Packit Service |
82fcde |
res_send.c
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
src/lib/nameser/
|
|
Packit Service |
82fcde |
ns_name.c
|
|
Packit Service |
82fcde |
ns_netint.c
|
|
Packit Service |
82fcde |
ns_parse.c
|
|
Packit Service |
82fcde |
ns_print.c
|
|
Packit Service |
82fcde |
ns_samedomain.c
|
|
Packit Service |
82fcde |
ns_ttl.c
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
src/lib/inet/
|
|
Packit Service |
82fcde |
inet_addr.c
|
|
Packit Service |
82fcde |
inet_net_ntop.c
|
|
Packit Service |
82fcde |
inet_net_pton.c
|
|
Packit Service |
82fcde |
inet_neta.c
|
|
Packit Service |
82fcde |
inet_ntop.c
|
|
Packit Service |
82fcde |
inet_pton.c
|
|
Packit Service |
82fcde |
nsap_addr.c
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
src/lib/isc/
|
|
Packit Service |
82fcde |
base64.c
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
Some of these files have been optimised a bit, and adaptations have
|
|
Packit Service |
82fcde |
been made to make them fit in with the rest of glibc.
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
res_libc.c is home-brewn, although parts of it are taken from res_data.c.
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
res_hconf.c and res_hconf.h were contributed by David Mosberger, and
|
|
Packit Service |
82fcde |
do not come from BIND.
|
|
Packit Service |
82fcde |
|
|
Packit Service |
82fcde |
The files gethnamaddr.c, mapv4v6addr.h and mapv4v6hostent.h are
|
|
Packit Service |
82fcde |
leftovers from BIND 4.9.7.
|