The dns_unpack_answer() did not check the length of the message
properly which can cause out of bounds read.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If the packet parsing fails in dns_unpack_response_query(), then
do not continue further but bail out early.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The network interface name that is copied to if_req struct might
be missing terminating null for IPv4.
This is fixing the IPv4 issue which was missed in previous fix attempt.
Fixes#74795
Coverity-CID: 368797
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
This addresses the following warning building with `CONFIG_64BIT=y`:
error: field precision specifier '.*' expects argument of type 'int',
but argument X has type 'size_t' {aka 'long unsigned int'}
Signed-off-by: Chen Xingyu <hi@xingrz.me>
Allow user to specify a network interface in the DNS server
list. User can append "%" and network interface name to the
DNS server to use this. If the network interface is mentioned
in the server list, then the DNS queries are sent via this network
interface.
For example setting the interfaces like this:
192.0.2.2%eth1
[2001:db8::2]:5353%ppp0
would cause the DNS queries to sent to 192.0.2.1 via eth1 in the first
example, and to 2001:db8::2 via ppp0 in the second example.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Because we might get answers in capital letters, convert the answer
to small case letters and also make sure we send query in small case
latters. This makes sure that our query_hash is properly calculated
regardless of how the resolver gets the data.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
remove k_work related code and change
the argument of the callback to `struct net_socket_service_event`.
Signed-off-by: Fin Maaß <f.maass@vogl-electronic.com>
Seen when having multiple network interfaces that the sock_error
was 0 even if the socket was serviced properly. So if SO_ERROR
returns 0, just ignore it.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
We must register all listening sockets under one file descriptor
array when calling dns_dispatcher_register() which then calls
net_socket_service_register(). The socket services expects all
the registered sockets under one service context to be in one
array. If this is not done, the latest socket array wins and
the earlier registrations are forgotten.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
As the DNS might listen to multicast addresses (like in mDNS) in
different network interfaces, make sure to check the network
interface index when registering the dispatcher context. This
allows two mDNS registrations to more than one network interface.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Remove the `work_q` parameter from `NET_SOCKET_SERVICE_SYNC_DEFINE` and
`NET_SOCKET_SERVICE_SYNC_DEFINE_STATIC` as this feature was dropped
during review but the removal was not 100% complete.
Signed-off-by: Jordan Yates <jordan@embeint.com>
IPv6 MLD API was so far defined in an internal header. This does not
seem correct though, as application code should be able to join/leave
multicast groups, hence the API should be exposed in a public header,
just as it is done for its IPv4 countepart - IGMP.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
In case CONFIG_DNS_RESOLVER_MAX_SERVERS is larger than the actual number
of DNS servers configured, some server entries may be left
uninitialized. The dispatcher needs to take this into account, otherwise
it may cause memory corruptions.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The size of the output array for the find call in resolver
is invalid: expected array size while overall memory size
provided. As the latter is bigger there is a high probability
of memory overwrite occurring on the stack.
Signed-off-by: Krzysztof Bartnicki <krzysztof.bartnicki@embevity.com>
The dispatcher table needs to be large enough to have support
for all file descriptor values.
Fixes#79042
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If DNS statistics is enabled in Kconfig, then start to collect it.
This is useful in order to see how many DNS requests/responses
received or sent, and also see the amount of dropped DNS packets.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
In order to reduce confusion regarding interface count
the respective warning was adjusted to better reflect
the actual state of the system.
Signed-off-by: Carlo Kirchmeier <carlo.kirchmeier@zuehlke.com>
GCC complains about struct sockaddr accesses due to the various
address-family-specific variants being of differing sizes. Let's not
mess with code (which looks correct), just silence the compiler.
Signed-off-by: Keith Packard <keithp@keithp.com>
If the dispatcher is muxing the connection i.e., so there are two
services for the same port, then mark service socket descriptor
of the service with the socket number so that "net sockets" shell
command can show a proper value for it.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The socket services API has a limitation where the user data is shared
between file descriptors described in the same service.
This can cause problem in DNS dispatcher where each listened socket
needs to have their own dispatcher struct set as user data so that we
can map between dispatcher context and socket. Solve this by always
have a dispatcher table as user data, and then have the actual mapping
done via the dispatcher table when receiving data to the dispatcher socket.
Fixes#78146
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Move the network buffer header file from zephyr/net/buf.h to
zephyr/net_buf.h as the implementation now lives outside of the networking
subsystem.
Add (deprecated) zephyr/net/buf.h header to maintain compatibility with old
file path.
Signed-off-by: Henrik Brix Andersen <henrik@brixandersen.dk>
Utilize a code spell-checking tool to scan for and correct spelling errors
in all files within the `subsys/net/lib` directory.
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
If we have configured the DNS dispatcher to be only as a
responder but receive a query response, or if we are only
as a resolver but receive a query, then the dispatcher just
ignores the packet and returns -ENOENT.
Unfortunately we print an error message in this case
[00:10:18.818,000] <err> net_dns_dispatcher: DNS recv error (-2)
which is totally unnecessary and causes confusion so do not
print an error message in this case.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Mask the DNS_CLASS_FLUSH value when checking if the DNS_CLASS_IN
is set when unpacking a query.
Fixes#74829
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The network interface name that is copied to if_req struct might
be missing terminating null.
Fixes#74795
Coverity-CID: 368797
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
A few issues were identified with DNS_SD segment buffers, making it work
"by chance" (depending on memory layout):
- size check in dns_sd_query_extract() did not take NULL termination
into account, and in result could overflow provided buffer
- the proto_buf in send_sd_response() can either be used to parse
protocol or domain, depending on number of segments in the query.
It should therefore be large enough to hold either.
- Similarily, instance_buf should be able to hold
DNS_SD_INSTANCE_MAX_SIZE, not DNS_SD_SERVICE_MAX_SIZE.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The family variable was not initialized and could potentially
be left like that. This could only affect error printout.
Fixes#74796
Coverity-CID: 368799
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
We should return the errno value in such case, as ret will always be -1
on failure, which might misleading, as it does not give any hint on what
failed.
Also bump the log level of the error message, so the failure is visible
w/o needing to enable debug logs. Such a failure is fatal for the DNS
subsystem, so error level is justified here.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The `dns_data` buffer, allocated by the DNS dispatcher was dereferenced
twice - once in registered DNS handler, second time in the dispatcher
itself.
Since the buffer was allocated by the dispatcher, and it's not really
guaranteed that the buffer will be freed in the registered handler (this
depends on the processing outcome, the function may return early w/o
freeing the net buf in case of errors), it makes most sense for the
dispatcher to keep ownership of the buffer. Hence, the registered
handlers will no longer release the buffer provided in any case, and the
dispatcher will free it on exit.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Instead of printing either A or AAAA resource query type,
print the correct query type value.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Allow mDNS resolver and responder to to be used at the same
time so that both can use the port 5353. This requires
a DNS traffic dispatcher which affects also the normal DNS
resolver.
Fixes#72553
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The socket allocation count was incorrectly calculated as
we have only one socket per listened port.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If DNS_EAI_ALLDONE is returned, it indicates that the request
was done and should not be considered an error.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Instead of using net_context API directly, the LLMNR responder is
changed to use the socket service API. This allows DNS access
for offloaded sockets and can lower overall memory consumption.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Instead of using net_context API directly, the mDNS responder is
changed to use the socket service API. This allows DNS access
for offloaded sockets and can lower overall memory consumption.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Instead of using net_context API directly, the DNS resolver is
changed to use the socket service API. This allows DNS access
for offloaded sockets and can lower overall memory consumption.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The size field in net_buf should not be used directly as then
the optional headroom will not be taken into account.
There is the net_buf_max_len() API that should be used instead.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The "struct sockaddr" should only be used in casts and never
as a standalone variable because it might not have enough
space allocated for all the protocol specific fields.
So refactor the port_in_use() function to reflect that.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
