syd 3.41.7

rock-solid application kernel
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127

//
// Syd: rock-solid application kernel
// src/proc.rs: DNS utilities
//
// Copyright (c) 2024, 2025 Ali Polatel <alip@chesswob.org>
//
// SPDX-License-Identifier: GPL-3.0

use std::{
    ffi::CStr,
    net::{IpAddr, SocketAddr, SocketAddrV4, SocketAddrV6, ToSocketAddrs},
    ptr,
};

use libc::{
    c_char, getnameinfo, socklen_t, AF_INET, AF_INET6, AF_UNSPEC, EAI_AGAIN, EAI_BADFLAGS,
    EAI_FAIL, EAI_FAMILY, EAI_MEMORY, EAI_NONAME, EAI_SERVICE, EAI_SOCKTYPE, EAI_SYSTEM,
    NI_MAXHOST, NI_NAMEREQD, NI_NUMERICSERV,
};
use nix::{
    errno::Errno,
    sys::socket::{SockaddrLike, SockaddrStorage},
};

use crate::{err::err2no, hash::SydIndexSet, rng::fillrandom};

/// Resolves a hostname to a single IP address.
/// In case of multiple responses, an IP is selected randomly.
/// Randomness is provided by getrandom(2).
pub fn resolve_rand(name: &str, family: Option<i32>) -> Result<IpAddr, Errno> {
    // Read random bytes with getrandom(2) and convert to usize.
    // Note, getrandom(2) is soon to be in the VDSO!
    let mut buf = [0u8; 4];
    if fillrandom(&mut buf).is_err() {
        return Err(Errno::EIO); // Input/output error.
    }
    // Convert bytes to a usize.
    let cookie = usize::try_from(u32::from_ne_bytes(buf)).unwrap_or(usize::MAX);

    // Resolve hostname.
    let addrs = resolve_host(name, family)?;

    // Select a random IP address from the list.
    // Calculate random index within the bounds of the addresses vector.
    #[expect(clippy::arithmetic_side_effects)]
    Ok(addrs[cookie.wrapping_rem(addrs.len())])
}

/// Resolves a hostname using the system DNS resolver.
pub fn resolve_host(name: &str, family: Option<i32>) -> Result<Vec<IpAddr>, Errno> {
    let ai_family = match family {
        Some(AF_INET) => AF_INET,
        Some(AF_INET6) => AF_INET6,
        Some(_) => return Err(Errno::EINVAL),
        None => AF_UNSPEC, // Allow IPv4 or IPv6.
    };

    // Create an SydIndexSet to store unique IPs
    // while preserving insertion order.
    let addrs: SydIndexSet<IpAddr> = SydIndexSet::from_iter(
        (name, 22)
            .to_socket_addrs()
            .map_err(|err| err2no(&err))?
            .filter(|addr| {
                matches!(
                    (ai_family, addr),
                    (AF_UNSPEC, _) | (AF_INET, SocketAddr::V4(_)) | (AF_INET6, SocketAddr::V6(_))
                )
            })
            .map(|addr| addr.ip()),
    );

    if addrs.is_empty() {
        // No addresses were found.
        Err(Errno::ENOENT)
    } else {
        Ok(addrs.iter().copied().collect())
    }
}

/// Performs a reverse DNS lookup for the given IP address, returning a hostname or an error.
#[expect(clippy::cast_possible_truncation)]
pub fn lookup_addr(addr: IpAddr) -> Result<String, Errno> {
    let addr = match addr {
        IpAddr::V4(v4) => SockaddrStorage::from(SocketAddrV4::new(v4, 0)),
        IpAddr::V6(v6) => SockaddrStorage::from(SocketAddrV6::new(v6, 0, 0, 0)),
    };
    let mut host_buf = [0 as c_char; NI_MAXHOST as usize];

    // SAFETY: We call a system function (getnameinfo) with valid pointers for the address
    // and buffer, and we check the return value to ensure success before using `host_buf`.
    let ret = unsafe {
        getnameinfo(
            addr.as_ptr(),
            addr.len(),
            host_buf.as_mut_ptr(),
            host_buf.len() as socklen_t,
            ptr::null_mut(),
            0,
            NI_NAMEREQD | NI_NUMERICSERV,
        )
    };

    if ret != 0 {
        if ret == EAI_SYSTEM {
            return Err(Errno::last());
        } else {
            let e = match ret {
                EAI_AGAIN => Errno::EAGAIN,
                EAI_BADFLAGS => Errno::EINVAL,
                EAI_FAIL => Errno::EIO,
                EAI_FAMILY => Errno::EAFNOSUPPORT,
                EAI_MEMORY => Errno::ENOMEM,
                EAI_NONAME => Errno::ENOENT,
                EAI_SERVICE => Errno::EPROTONOSUPPORT,
                EAI_SOCKTYPE => Errno::ESOCKTNOSUPPORT,
                _ => Errno::EIO,
            };
            return Err(e);
        }
    }

    // SAFETY: On success, `host_buf` contains a valid null-terminated string.
    let cstr = unsafe { CStr::from_ptr(host_buf.as_ptr()) };
    let name = cstr.to_string_lossy().into_owned();
    Ok(name)
}