Simplify logic for utilizing DNS.

Rely more on XrdNetAddr routines where at all possible. We now call a hostname non-qualified if it contains no '.' characters. While the previous algorithm potentially handled more side cases, it had the strong downside of always relying on DNS security. Since that's precisely what we want to avoid, we only consider the case where the user specifies `foo` and wants the search name to expand it to `foo.example.com`.
xrootd · Jun 8, 2018 · 2831c4e · 2831c4e
1 parent 5e58673
commit 2831c4e
Showing 1 changed file with 14 additions and 21 deletions.
diff --git a/src/XrdSecgsi/XrdSecProtocolgsi.cc b/src/XrdSecgsi/XrdSecProtocolgsi.cc
@@ -43,6 +43,7 @@
 
 #include "XrdVersion.hh"
 
+#include "XrdNet/XrdNetAddr.hh"
 #include "XrdSys/XrdSysHeaders.hh"
 #include "XrdSys/XrdSysLogger.hh"
 #include "XrdSys/XrdSysError.hh"
@@ -309,33 +310,25 @@ XrdSecProtocolgsi::XrdSecProtocolgsi(int opts, const char *hname,
    if (trust_dns == NULL || !strcmp(trust_dns, "1")) {
       if (!hname || !XrdNetAddrInfo::isHostName(hname)) {
          Entity.host = strdup(endPoint.Name(""));
-      } else if (hname && (hname[0] != '\0') && (hname[strlen(hname)-1] == '.')) {
-         Entity.host = strdup(hname);
       } else {
          // At this point, hname still may possibly be a non-qualified domain name.
-         // We append a '.' to the name, which prevents getaddrinfo from doing any
-         // appending of search domains (i.e., expanding "www" to "wwww.unl.edu").
-         // If getaddrinfo succeeds, then we know this was a valid FQDN and we use that.
-         // If it doesn't succeed, then we do a full lookup.
-         struct addrinfo hints;
-         struct addrinfo *results;
-         std::string hname_with_dot(hname);
-         hname_with_dot += ".";
-         memset(&hints, '\0', sizeof(struct addrinfo));
-         hints.ai_family = AF_UNSPEC;
-         int retval = getaddrinfo(hname_with_dot.c_str(), NULL, &hints, &results);
-         if (retval == 0) {
-             freeaddrinfo(results);
+         // If there is a '.' character, then we assume it is a qualified domain name --
+         // otherwise, we use DNS.
+         //
+         // NOTE: We can definitively test whether this is a qualified domain name by
+         // simply appending a '.' to `hname` and performing a lookup.  However, this
+         // causes DNS to be used by every lookup - meaning we rely on the security
+         // of DNS for all cases; we want to avoid this.
+         if (strchr(hname, '.')) {
              // We have a valid hostname; proceed.
              Entity.host = strdup(hname);
          } else {
-             hints.ai_flags = AI_CANONNAME;
-             int retval = getaddrinfo(hname, NULL, &hints, &results);
-             if (retval == 0 && results && results->ai_canonname) {
-                 Entity.host = strdup(results->ai_canonname);
-                 freeaddrinfo(results);
-             } else { // Lookups aren't working; trust user has done something reasonable.
+             XrdNetAddr xrd_addr;
+             char canonname[256];
+             if (!xrd_addr.Set(hname) || (xrd_addr.Format(canonname, 256, XrdNetAddrInfo::fmtName, XrdNetAddrInfo::noPort) <= 0)) {
                  Entity.host = strdup(hname);
+             } else {
+                 Entity.host = strdup(canonname);
              }
          }
       }