From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/11284
Path: news.gmane.org!.POSTED!not-for-mail
From: Rich Felker <dalias@libc.org>
Newsgroups: gmane.linux.lib.musl.general
Subject: Re: [PATCH] Add RES_OPTIONS support for resolv.conf options
 overriding
Date: Mon, 24 Apr 2017 22:39:34 -0400
Message-ID: <20170425023934.GT17319@brightrain.aerifal.cx>
References: <20170425022122.27281-1-stefan.sedich@gmail.com>
Reply-To: musl@lists.openwall.com
NNTP-Posting-Host: blaine.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: blaine.gmane.org 1493087987 374 195.159.176.226 (25 Apr 2017 02:39:47 GMT)
X-Complaints-To: usenet@blaine.gmane.org
NNTP-Posting-Date: Tue, 25 Apr 2017 02:39:47 +0000 (UTC)
User-Agent: Mutt/1.5.21 (2010-09-15)
To: musl@lists.openwall.com
Original-X-From: musl-return-11299-gllmg-musl=m.gmane.org@lists.openwall.com Tue Apr 25 04:39:43 2017
Return-path: <musl-return-11299-gllmg-musl=m.gmane.org@lists.openwall.com>
Envelope-to: gllmg-musl@m.gmane.org
Original-Received: from mother.openwall.net ([195.42.179.200])
	by blaine.gmane.org with smtp (Exim 4.84_2)
	(envelope-from <musl-return-11299-gllmg-musl=m.gmane.org@lists.openwall.com>)
	id 1d2qOF-0008SU-7t
	for gllmg-musl@m.gmane.org; Tue, 25 Apr 2017 04:39:43 +0200
Original-Received: (qmail 21985 invoked by uid 550); 25 Apr 2017 02:39:47 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
List-ID: <musl.lists.openwall.com>
Original-Received: (qmail 21959 invoked from network); 25 Apr 2017 02:39:46 -0000
Content-Disposition: inline
In-Reply-To: <20170425022122.27281-1-stefan.sedich@gmail.com>
Original-Sender: Rich Felker <dalias@aerifal.cx>
Xref: news.gmane.org gmane.linux.lib.musl.general:11284
Archived-At: <http://permalink.gmane.org/gmane.linux.lib.musl.general/11284>

On Mon, Apr 24, 2017 at 07:21:22PM -0700, Stefan Sedich wrote:
> Currently glibc supports using the RES_OPTIONS environment variable
> to customize the resolv.conf options on a per-process basis, this
> adds the same support to musl
> ---
>  src/network/resolvconf.c | 48 ++++++++++++++++++++++++++++++------------------
>  1 file changed, 30 insertions(+), 18 deletions(-)
> 
> diff --git a/src/network/resolvconf.c b/src/network/resolvconf.c
> index 4c3e4c4b..c759ff61 100644
> --- a/src/network/resolvconf.c
> +++ b/src/network/resolvconf.c
> @@ -5,6 +5,30 @@
>  #include <string.h>
>  #include <netinet/in.h>
>  
> +void __parse_resolv_opts(struct resolvconf *conf, char *opts)
> +{
> +	char *p, *z;
> +
> +	p = strstr(opts, "ndots:");
> +	if (p && isdigit(p[6])) {
> +		p += 6;
> +		unsigned long x = strtoul(p, &z, 10);
> +		if (z != p) conf->ndots = x > 15 ? 15 : x;
> +	}
> +	p = strstr(opts, "attempts:");
> +	if (p && isdigit(p[9])) {
> +		p += 9;
> +		unsigned long x = strtoul(p, &z, 10);
> +		if (z != p) conf->attempts = x > 10 ? 10 : x;
> +	}
> +	p = strstr(opts, "timeout:");
> +	if (p && (isdigit(p[8]) || p[8]=='.')) {
> +		p += 8;
> +		unsigned long x = strtoul(p, &z, 10);
> +		if (z != p) conf->timeout = x > 60 ? 60 : x;
> +	}
> +}
> +
>  int __get_resolv_conf(struct resolvconf *conf, char *search, size_t search_sz)
>  {
>  	char line[256];
> @@ -38,24 +62,7 @@ int __get_resolv_conf(struct resolvconf *conf, char *search, size_t search_sz)
>  			continue;
>  		}
>  		if (!strncmp(line, "options", 7) && isspace(line[7])) {
> -			p = strstr(line, "ndots:");
> -			if (p && isdigit(p[6])) {
> -				p += 6;
> -				unsigned long x = strtoul(p, &z, 10);
> -				if (z != p) conf->ndots = x > 15 ? 15 : x;
> -			}
> -			p = strstr(line, "attempts:");
> -			if (p && isdigit(p[9])) {
> -				p += 9;
> -				unsigned long x = strtoul(p, &z, 10);
> -				if (z != p) conf->attempts = x > 10 ? 10 : x;
> -			}
> -			p = strstr(line, "timeout:");
> -			if (p && (isdigit(p[8]) || p[8]=='.')) {
> -				p += 8;
> -				unsigned long x = strtoul(p, &z, 10);
> -				if (z != p) conf->timeout = x > 60 ? 60 : x;
> -			}
> +			__parse_resolv_opts(conf, line);
>  			continue;
>  		}
>  		if (!strncmp(line, "nameserver", 10) && isspace(line[10])) {
> @@ -79,6 +86,11 @@ int __get_resolv_conf(struct resolvconf *conf, char *search, size_t search_sz)
>  		memcpy(search, p, l+1);
>  	}
>  
> +	char *res_opts_env;
> +	if ((res_opts_env = getenv("RES_OPTIONS")) != NULL) {
> +		__parse_resolv_opts(conf, res_opts_env);
> +	}
> +
>  	__fclose_ca(f);
>  
>  no_resolv_conf:
> -- 
> 2.11.0

At the very least, this needs to be suppressed for suid and suid-like
processes. But otherwise it's probably okay.

What I'd really like is a way for users to override nameserver and
search directives (so pretty much, all of resolv.conf) in a way that
doesn't need root; this would be really valuable for testing. But
sadly there's no precedent for an interface to do so. Maybe it's
something we could work on a unified solution to with other
implementations (glibc, bsds?).

Rich