Lines Matching +full:ipv4 +full:- +full:only +full:- +full:multi +full:- +full:target
21 * SPDX-License-Identifier: curl
96 * the QNAME-encoding of the hostname. in doh_req_encode()
98 * A valid DNS name may not contain a zero-length label, except at in doh_req_encode()
104 * QNAME-encoding is one byte longer than the hostname. If (as is in doh_req_encode()
106 * trailing dot, then its QNAME-encoding will be two bytes longer in doh_req_encode()
113 * representing the zero-length root label, again increasing in doh_req_encode()
120 if(host[hostlen-1]!='.') in doh_req_encode()
147 labellen = dot - hostp; in doh_req_encode()
155 /* label is non-empty, process it */ in doh_req_encode()
160 /* advance past dot, but only if there is one */ in doh_req_encode()
165 *dnsp++ = 0; /* append zero-length label for root */ in doh_req_encode()
172 *dnsp++ = DNS_CLASS_IN; /* IN - "the Internet" */ in doh_req_encode()
174 *olen = dnsp - orig; in doh_req_encode()
214 /* called from multi.c when this DoH transfer is complete */
219 data = Curl_multi_get_handle(doh->multi, doh->set.dohfor_mid); in doh_done()
222 " not found", doh->set.dohfor_mid)); in doh_done()
226 struct doh_probes *dohp = data->req.doh; in doh_done()
228 dohp->pending--; in doh_done()
229 infof(doh, "a DoH request is completed, %u to go", dohp->pending); in doh_done()
233 if(!dohp->pending) { in doh_done()
253 const char *url, CURLM *multi, in doh_run_probe() argument
259 DOHcode d = doh_req_encode(host, dnstype, p->req_body, sizeof(p->req_body), in doh_run_probe()
260 &p->req_body_len); in doh_run_probe()
266 p->dnstype = dnstype; in doh_run_probe()
267 Curl_dyn_init(&p->resp_body, DYN_DOH_RESPONSE); in doh_run_probe()
281 doh->state.internal = TRUE; in doh_run_probe()
283 doh->state.feat = &Curl_doh_trc; in doh_run_probe()
288 ERROR_CHECK_SETOPT(CURLOPT_WRITEDATA, &p->resp_body); in doh_run_probe()
289 ERROR_CHECK_SETOPT(CURLOPT_POSTFIELDS, p->req_body); in doh_run_probe()
290 ERROR_CHECK_SETOPT(CURLOPT_POSTFIELDSIZE, (long)p->req_body_len); in doh_run_probe()
304 ERROR_CHECK_SETOPT(CURLOPT_SHARE, (CURLSH *)data->share); in doh_run_probe()
305 if(data->set.err && data->set.err != stderr) in doh_run_probe()
306 ERROR_CHECK_SETOPT(CURLOPT_STDERR, data->set.err); in doh_run_probe()
309 if(data->set.no_signal) in doh_run_probe()
313 data->set.doh_verifyhost ? 2L : 0L); in doh_run_probe()
315 data->set.doh_verifypeer ? 1L : 0L); in doh_run_probe()
317 data->set.doh_verifystatus ? 1L : 0L); in doh_run_probe()
320 best-guess as to which options are needed for compatibility. #3661 in doh_run_probe()
327 if(data->set.ssl.falsestart) in doh_run_probe()
329 if(data->set.str[STRING_SSL_CAFILE]) { in doh_run_probe()
331 data->set.str[STRING_SSL_CAFILE]); in doh_run_probe()
333 if(data->set.blobs[BLOB_CAINFO]) { in doh_run_probe()
335 data->set.blobs[BLOB_CAINFO]); in doh_run_probe()
337 if(data->set.str[STRING_SSL_CAPATH]) { in doh_run_probe()
339 data->set.str[STRING_SSL_CAPATH]); in doh_run_probe()
341 if(data->set.str[STRING_SSL_CRLFILE]) { in doh_run_probe()
343 data->set.str[STRING_SSL_CRLFILE]); in doh_run_probe()
345 if(data->set.ssl.certinfo) in doh_run_probe()
347 if(data->set.ssl.fsslctx) in doh_run_probe()
348 ERROR_CHECK_SETOPT(CURLOPT_SSL_CTX_FUNCTION, data->set.ssl.fsslctx); in doh_run_probe()
349 if(data->set.ssl.fsslctxp) in doh_run_probe()
350 ERROR_CHECK_SETOPT(CURLOPT_SSL_CTX_DATA, data->set.ssl.fsslctxp); in doh_run_probe()
351 if(data->set.fdebug) in doh_run_probe()
352 ERROR_CHECK_SETOPT(CURLOPT_DEBUGFUNCTION, data->set.fdebug); in doh_run_probe()
353 if(data->set.debugdata) in doh_run_probe()
354 ERROR_CHECK_SETOPT(CURLOPT_DEBUGDATA, data->set.debugdata); in doh_run_probe()
355 if(data->set.str[STRING_SSL_EC_CURVES]) { in doh_run_probe()
357 data->set.str[STRING_SSL_EC_CURVES]); in doh_run_probe()
362 (data->set.ssl.enable_beast ? in doh_run_probe()
364 (data->set.ssl.no_revoke ? in doh_run_probe()
366 (data->set.ssl.no_partialchain ? in doh_run_probe()
368 (data->set.ssl.revoke_best_effort ? in doh_run_probe()
370 (data->set.ssl.native_ca_store ? in doh_run_probe()
372 (data->set.ssl.auto_client_cert ? in doh_run_probe()
378 doh->set.fmultidone = doh_done; in doh_run_probe()
379 doh->set.dohfor_mid = data->mid; /* for which transfer this is done */ in doh_run_probe()
385 DEBUGASSERT(!doh->set.private_data); in doh_run_probe()
387 if(curl_multi_add_handle(multi, doh)) in doh_run_probe()
390 p->easy_mid = doh->mid; in doh_run_probe()
395 p->easy_mid = -1; in doh_run_probe()
411 struct connectdata *conn = data->conn; in Curl_doh()
417 DEBUGASSERT(!data->req.doh); in Curl_doh()
421 dohp = data->req.doh = calloc(1, sizeof(struct doh_probes)); in Curl_doh()
426 dohp->probe[i].easy_mid = -1; in Curl_doh()
429 conn->bits.doh = TRUE; in Curl_doh()
430 dohp->host = hostname; in Curl_doh()
431 dohp->port = port; in Curl_doh()
432 dohp->req_hds = in Curl_doh()
434 "Content-Type: application/dns-message"); in Curl_doh()
435 if(!dohp->req_hds) in Curl_doh()
438 /* create IPv4 DoH request */ in Curl_doh()
439 result = doh_run_probe(data, &dohp->probe[DOH_SLOT_IPV4], in Curl_doh()
440 DNS_TYPE_A, hostname, data->set.str[STRING_DOH], in Curl_doh()
441 data->multi, dohp->req_hds); in Curl_doh()
444 dohp->pending++; in Curl_doh()
447 if((conn->ip_version != CURL_IPRESOLVE_V4) && Curl_ipv6works(data)) { in Curl_doh()
449 result = doh_run_probe(data, &dohp->probe[DOH_SLOT_IPV6], in Curl_doh()
450 DNS_TYPE_AAAA, hostname, data->set.str[STRING_DOH], in Curl_doh()
451 data->multi, dohp->req_hds); in Curl_doh()
454 dohp->pending++; in Curl_doh()
459 if(conn->handler->protocol & PROTO_FAMILY_HTTP) { in Curl_doh()
460 /* Only use HTTPS RR for HTTP(S) transfers */ in Curl_doh()
467 result = doh_run_probe(data, &dohp->probe[DOH_SLOT_HTTPS_RR], in Curl_doh()
469 qname ? qname : hostname, data->set.str[STRING_DOH], in Curl_doh()
470 data->multi, dohp->req_hds); in Curl_doh()
474 dohp->pending++; in Curl_doh()
532 if(d->numaddr < DOH_MAX_ADDR) { in doh_store_a()
533 struct dohaddr *a = &d->addr[d->numaddr]; in doh_store_a()
534 a->type = DNS_TYPE_A; in doh_store_a()
535 memcpy(&a->ip.v4, &doh[index], 4); in doh_store_a()
536 d->numaddr++; in doh_store_a()
544 if(d->numaddr < DOH_MAX_ADDR) { in doh_store_aaaa()
545 struct dohaddr *a = &d->addr[d->numaddr]; in doh_store_aaaa()
546 a->type = DNS_TYPE_AAAA; in doh_store_aaaa()
547 memcpy(&a->ip.v6, &doh[index], 16); in doh_store_aaaa()
548 d->numaddr++; in doh_store_aaaa()
557 if(d->numhttps_rrs < DOH_MAX_HTTPS) { in doh_store_https()
558 struct dohhttps_rr *h = &d->https_rrs[d->numhttps_rrs]; in doh_store_https()
559 h->val = Curl_memdup(&doh[index], len); in doh_store_https()
560 if(!h->val) in doh_store_https()
562 h->len = len; in doh_store_https()
563 d->numhttps_rrs++; in doh_store_https()
576 if(d->numcname == DOH_MAX_CNAME) in doh_store_cname()
579 c = &d->cname[d->numcname++]; in doh_store_cname()
612 } while(length && --loop); in doh_store_cname()
627 - A (TYPE 1): 4 bytes in doh_rdata()
628 - AAAA (TYPE 28): 16 bytes in doh_rdata()
629 - NS (TYPE 2): N bytes in doh_rdata()
630 - HTTPS (TYPE 65): N bytes */ in doh_rdata()
670 de->ttl = INT_MAX; in de_init()
672 Curl_dyn_init(&de->cname[i], DYN_DOH_CNAME); in de_init()
707 qdcount--; in doh_resp_decode()
741 if(ttl < d->ttl) in doh_resp_decode()
742 d->ttl = ttl; in doh_resp_decode()
757 ancount--; in doh_resp_decode()
779 nscount--; in doh_resp_decode()
801 arcount--; in doh_resp_decode()
808 if((type != DNS_TYPE_NS) && !d->numcname && !d->numaddr && !d->numhttps_rrs) in doh_resp_decode()
810 if((type != DNS_TYPE_NS) && !d->numcname && !d->numaddr) in doh_resp_decode()
823 infof(data, "[DoH] TTL: %u seconds", d->ttl); in doh_show()
824 for(i = 0; i < d->numaddr; i++) { in doh_show()
825 const struct dohaddr *a = &d->addr[i]; in doh_show()
826 if(a->type == DNS_TYPE_A) { in doh_show()
828 a->ip.v4[0], a->ip.v4[1], in doh_show()
829 a->ip.v4[2], a->ip.v4[3]); in doh_show()
831 else if(a->type == DNS_TYPE_AAAA) { in doh_show()
836 len = sizeof(buffer) - len; in doh_show()
839 msnprintf(ptr, len, "%s%02x%02x", j ? ":" : "", d->addr[i].ip.v6[j], in doh_show()
840 d->addr[i].ip.v6[j + 1]); in doh_show()
842 len -= l; in doh_show()
849 for(i = 0; i < d->numhttps_rrs; i++) { in doh_show()
852 d->https_rrs[i].val, d->https_rrs[i].len); in doh_show()
854 infof(data, "DoH HTTPS RR: length %d", d->https_rrs[i].len); in doh_show()
858 for(i = 0; i < d->numcname; i++) { in doh_show()
859 infof(data, "CNAME: %s", Curl_dyn_ptr(&d->cname[i])); in doh_show()
872 * a IPv6 stack, but usable also for IPv4, all hosts and environments.
891 size_t hostlen = strlen(hostname) + 1; /* include null-terminator */ in doh2ai()
895 if(!de->numaddr) in doh2ai()
898 for(i = 0; i < de->numaddr; i++) { in doh2ai()
901 if(de->addr[i].type == DNS_TYPE_AAAA) { in doh2ai()
920 ai->ai_addr = (void *)((char *)ai + sizeof(struct Curl_addrinfo)); in doh2ai()
921 ai->ai_canonname = (void *)((char *)ai->ai_addr + ss_size); in doh2ai()
922 memcpy(ai->ai_canonname, hostname, hostlen); in doh2ai()
930 prevai->ai_next = ai; in doh2ai()
932 ai->ai_family = addrtype; in doh2ai()
935 the type must be ignored and conn->socktype be used instead! */ in doh2ai()
936 ai->ai_socktype = SOCK_STREAM; in doh2ai()
938 ai->ai_addrlen = (curl_socklen_t)ss_size; in doh2ai()
942 switch(ai->ai_family) { in doh2ai()
944 addr = (void *)ai->ai_addr; /* storage area for this info */ in doh2ai()
945 DEBUGASSERT(sizeof(struct in_addr) == sizeof(de->addr[i].ip.v4)); in doh2ai()
946 memcpy(&addr->sin_addr, &de->addr[i].ip.v4, sizeof(struct in_addr)); in doh2ai()
947 addr->sin_family = (CURL_SA_FAMILY_T)addrtype; in doh2ai()
948 addr->sin_port = htons((unsigned short)port); in doh2ai()
953 addr6 = (void *)ai->ai_addr; /* storage area for this info */ in doh2ai()
954 DEBUGASSERT(sizeof(struct in6_addr) == sizeof(de->addr[i].ip.v6)); in doh2ai()
955 memcpy(&addr6->sin6_addr, &de->addr[i].ip.v6, sizeof(struct in6_addr)); in doh2ai()
956 addr6->sin6_family = (CURL_SA_FAMILY_T)addrtype; in doh2ai()
957 addr6->sin6_port = htons((unsigned short)port); in doh2ai()
995 for(i = 0; i < d->numcname; i++) { in de_cleanup()
996 Curl_dyn_free(&d->cname[i]); in de_cleanup()
999 for(i = 0; i < d->numhttps_rrs; i++) in de_cleanup()
1000 Curl_safefree(d->https_rrs[i].val); in de_cleanup()
1014 * https://tools.ietf.org/html/rfc1035#section-3.1
1018 * that is why it is an "unsigned char **" :-)
1040 /* special case - return "." as name */ in doh_decode_rdata_name()
1054 rem -= (clen + 1); in doh_decode_rdata_name()
1062 *remaining = rem - 1; in doh_decode_rdata_name()
1070 /* we will use an example from draft-ietf-dnsop-svcb, figure 10 */ in doh_test_alpn_escapes()
1106 lhrr->priority = doh_get16bit(cp, 0); in doh_resp_decode_httpsrr()
1108 len -= 2; in doh_resp_decode_httpsrr()
1111 lhrr->target = dnsname; in doh_resp_decode_httpsrr()
1112 lhrr->port = -1; /* until set */ in doh_resp_decode_httpsrr()
1117 len -= 4; in doh_resp_decode_httpsrr()
1120 if(Curl_httpsrr_decode_alpn(cp, plen, lhrr->alpns) != CURLE_OK) in doh_resp_decode_httpsrr()
1124 lhrr->no_def_alpn = TRUE; in doh_resp_decode_httpsrr()
1129 lhrr->ipv4hints = Curl_memdup(cp, plen); in doh_resp_decode_httpsrr()
1130 if(!lhrr->ipv4hints) in doh_resp_decode_httpsrr()
1132 lhrr->ipv4hints_len = (size_t)plen; in doh_resp_decode_httpsrr()
1137 lhrr->echconfiglist = Curl_memdup(cp, plen); in doh_resp_decode_httpsrr()
1138 if(!lhrr->echconfiglist) in doh_resp_decode_httpsrr()
1140 lhrr->echconfiglist_len = (size_t)plen; in doh_resp_decode_httpsrr()
1145 lhrr->ipv6hints = Curl_memdup(cp, plen); in doh_resp_decode_httpsrr()
1146 if(!lhrr->ipv6hints) in doh_resp_decode_httpsrr()
1148 lhrr->ipv6hints_len = (size_t)plen; in doh_resp_decode_httpsrr()
1151 lhrr->port = doh_get16bit(cp, 0); in doh_resp_decode_httpsrr()
1158 len -= plen; in doh_resp_decode_httpsrr()
1165 Curl_safefree(lhrr->target); in doh_resp_decode_httpsrr()
1166 Curl_safefree(lhrr->echconfiglist); in doh_resp_decode_httpsrr()
1176 infof(data, "HTTPS RR: priority %d, target: %s", in doh_print_httpsrr()
1177 hrr->priority, hrr->target); in doh_print_httpsrr()
1178 if(hrr->alpns[0] != ALPN_none) in doh_print_httpsrr()
1180 hrr->alpns[0], hrr->alpns[1], hrr->alpns[2], hrr->alpns[3]); in doh_print_httpsrr()
1183 if(hrr->no_def_alpn) in doh_print_httpsrr()
1187 if(hrr->ipv4hints) { in doh_print_httpsrr()
1189 hrr->ipv4hints, hrr->ipv4hints_len); in doh_print_httpsrr()
1193 if(hrr->echconfiglist) { in doh_print_httpsrr()
1195 hrr->echconfiglist, hrr->echconfiglist_len); in doh_print_httpsrr()
1199 if(hrr->ipv6hints) { in doh_print_httpsrr()
1201 hrr->ipv6hints, hrr->ipv6hints_len); in doh_print_httpsrr()
1214 struct doh_probes *dohp = data->req.doh; in Curl_doh_is_resolved()
1219 if(dohp->probe[DOH_SLOT_IPV4].easy_mid < 0 && in Curl_doh_is_resolved()
1220 dohp->probe[DOH_SLOT_IPV6].easy_mid < 0) { in Curl_doh_is_resolved()
1221 failf(data, "Could not DoH-resolve: %s", data->state.async.hostname); in Curl_doh_is_resolved()
1222 return CONN_IS_PROXIED(data->conn) ? CURLE_COULDNT_RESOLVE_PROXY : in Curl_doh_is_resolved()
1225 else if(!dohp->pending) { in Curl_doh_is_resolved()
1231 /* remove DoH handles from multi handle and close them */ in Curl_doh_is_resolved()
1236 struct doh_probe *p = &dohp->probe[slot]; in Curl_doh_is_resolved()
1237 if(!p->dnstype) in Curl_doh_is_resolved()
1239 rc[slot] = doh_resp_decode(Curl_dyn_uptr(&p->resp_body), in Curl_doh_is_resolved()
1240 Curl_dyn_len(&p->resp_body), in Curl_doh_is_resolved()
1241 p->dnstype, &de); in Curl_doh_is_resolved()
1242 Curl_dyn_free(&p->resp_body); in Curl_doh_is_resolved()
1246 doh_type2name(p->dnstype), dohp->host); in Curl_doh_is_resolved()
1259 infof(data, "[DoH] hostname: %s", dohp->host); in Curl_doh_is_resolved()
1263 result = doh2ai(&de, dohp->host, dohp->port, &ai); in Curl_doh_is_resolved()
1269 if(data->share) in Curl_doh_is_resolved()
1273 dns = Curl_cache_addr(data, ai, dohp->host, 0, dohp->port, FALSE); in Curl_doh_is_resolved()
1275 if(data->share) in Curl_doh_is_resolved()
1283 data->state.async.dns = dns; in Curl_doh_is_resolved()
1289 /* Now process any build-specific attributes retrieved from DNS */ in Curl_doh_is_resolved()
1293 result = doh_resp_decode_httpsrr(de.https_rrs->val, de.https_rrs->len, in Curl_doh_is_resolved()
1303 (*dnsp)->hinfo = hrr; in Curl_doh_is_resolved()
1312 } /* !dohp->pending */ in Curl_doh_is_resolved()
1320 struct doh_probes *doh = data->req.doh; in Curl_doh_close()
1321 if(doh && data->multi) { in Curl_doh_close()
1326 mid = doh->probe[slot].easy_mid; in Curl_doh_close()
1329 doh->probe[slot].easy_mid = -1; in Curl_doh_close()
1330 /* should have been called before data is removed from multi handle */ in Curl_doh_close()
1331 DEBUGASSERT(data->multi); in Curl_doh_close()
1332 probe_data = data->multi ? Curl_multi_get_handle(data->multi, mid) : in Curl_doh_close()
1337 doh->probe[slot].easy_mid)); in Curl_doh_close()
1340 /* data->multi might already be reset at this time */ in Curl_doh_close()
1341 curl_multi_remove_handle(data->multi, probe_data); in Curl_doh_close()
1349 struct doh_probes *doh = data->req.doh; in Curl_doh_cleanup()
1352 curl_slist_free_all(doh->req_hds); in Curl_doh_cleanup()
1353 data->req.doh->req_hds = NULL; in Curl_doh_cleanup()
1354 Curl_safefree(data->req.doh); in Curl_doh_cleanup()