update NSS plugin to hijack non-gnu/zkey tlds as well

diff --git a/src/gns/nss/nss_gns.c b/src/gns/nss/nss_gns.c
index 31435cf9588a45490e6929ef7e12e79d77545ed6..03ac6e09c14b9bea0a627535c8cddfe80f01306c 100644 (file)
--- a/src/gns/nss/nss_gns.c
+++ b/src/gns/nss/nss_gns.c
@@ -41,35 +41,6 @@
 } while(0)
 
 
-/**
- * function to check if name ends with a specific suffix
- *
- * @param name the name to check
- * @param suffix the suffix to check for
- * @return 1 if true
- */
-static int ends_with(const char *name, const char* suffix) {
-    size_t ln, ls;
-    assert(name);
-    assert(suffix);
-
-    if ((ls = strlen(suffix)) > (ln = strlen(name)))
-        return 0;
-
-    return strcasecmp(name+ln-ls, suffix) == 0;
-}
-
-
-/**
- * Check if name is inside .gnu or .zkey TLD
- *
- * @param name name to check
- * @return 1 if true
- */
-static int verify_name_allowed (const char *name) {
-  return ends_with(name, ".gnu") || ends_with(name, ".zkey");
-}
-
 /**
  * The gethostbyname hook executed by nsswitch
  *
@@ -82,7 +53,8 @@ static int verify_name_allowed (const char *name) {
  * @param h_errnop idk
  * @return a nss_status code
  */
-enum nss_status _nss_gns_gethostbyname2_r(
+enum nss_status
+_nss_gns_gethostbyname2_r(
     const char *name,
     int af,
     struct hostent * result,
@@ -95,7 +67,6 @@ enum nss_status _nss_gns_gethostbyname2_r(
     enum nss_status status = NSS_STATUS_UNAVAIL;
     int i;
     size_t address_length, l, idx, astart;
-    int name_allowed;
 
     if (af == AF_UNSPEC)
 #ifdef NSS_IPV6_ONLY
@@ -133,28 +104,25 @@ enum nss_status _nss_gns_gethostbyname2_r(
     u.count = 0;
     u.data_len = 0;
 
-    name_allowed = verify_name_allowed(name);
-
-    if (name_allowed) {
-
-        if (!gns_resolve_name(af, name, &u) == 0)
-        {
-          status = NSS_STATUS_NOTFOUND;
-          goto finish;
-        }
-    }
-    else
-    {
-      status = NSS_STATUS_UNAVAIL;
-      goto finish;
-    }
-
-    if (u.count == 0) {
+    i = gns_resolve_name(af, name, &u);
+    if (-3 == i)
+      {
+        status = NSS_STATUS_NOTFOUND;
+        goto finish;
+      }
+    if (-2 == i)
+      {
+        status = NSS_STATUS_UNAVAIL;
+        goto finish;
+      }
+    if ( (-1 == i) ||
+         (u.count == 0) )
+      {
         *errnop = ETIMEDOUT;
         *h_errnop = HOST_NOT_FOUND;
         status = NSS_STATUS_NOTFOUND;
         goto finish;
-    }
+      }
 
 
     /* Alias names */
@@ -212,7 +180,8 @@ finish:
  * @param h_errnop idk
  * @return a nss_status code
  */
-enum nss_status _nss_gns_gethostbyname_r (
+enum nss_status
+_nss_gns_gethostbyname_r (
     const char *name,
     struct hostent *result,
     char *buffer,
@@ -244,7 +213,8 @@ enum nss_status _nss_gns_gethostbyname_r (
  * @param h_errnop idk
  * @return NSS_STATUS_UNAVAIL
  */
-enum nss_status _nss_gns_gethostbyaddr_r(
+enum nss_status
+_nss_gns_gethostbyaddr_r(
     const void* addr,
     int len,
     int af,
@@ -253,10 +223,9 @@ enum nss_status _nss_gns_gethostbyaddr_r(
     size_t buflen,
     int *errnop,
     int *h_errnop) {
-  
+
     *errnop = EINVAL;
     *h_errnop = NO_RECOVERY;
     //NOTE we allow to leak this into DNS so no NOTFOUND
     return NSS_STATUS_UNAVAIL;
 }
-

diff --git a/src/gns/nss/nss_gns_query.c b/src/gns/nss/nss_gns_query.c
index 273eaa6191297c66364238b6135477133d526407..4700100b59ada7d14a6e58f843c8f9ce7c8a3cf1 100644 (file)
--- a/src/gns/nss/nss_gns_query.c
+++ b/src/gns/nss/nss_gns_query.c
@@ -44,6 +44,7 @@ gns_resolve_name (int af,
   FILE *p;
   char *cmd;
   char line[128];
+  int ret;
 
   if (AF_INET6 == af)
   {
@@ -101,8 +102,12 @@ gns_resolve_name (int af,
       }
     }
   }
-  pclose (p);
+  ret = pclose (p);
   free (cmd);
+  if (4 == ret)
+    return -2; /* not for GNS */
+  if (3 == ret)
+    return -3; /* timeout */
   return 0;
 }
 /* end of nss_gns_query.c */