From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from gandalf.ozlabs.org (gandalf.ozlabs.org [150.107.74.76]) by passt.top (Postfix) with ESMTPS id C69285A026D for ; Thu, 21 Sep 2023 02:01:45 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gibson.dropbear.id.au; s=201602; t=1695254499; bh=Ix0xWoQLEQEpn5rKMG0del9pr2MgFQttgRADOkTygA0=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=l+/z258DJODvTTLRJ36CdEXRVVrbgPSsgufDkxPjEqQHqmPyqfkjoFKjMd2ujm0PI nPINnlDq+uomKUOgP/1J3i8WiTeMiHhXtX8+CcKJOtMkmktgmbbaaDMqf0L74r0erl eZw6XJFrUnpi02HeoI4NfPVTKlBELRRx/+yXslw8= Received: by gandalf.ozlabs.org (Postfix, from userid 1007) id 4RrbD35JWCz4x5m; Thu, 21 Sep 2023 10:01:39 +1000 (AEST) Date: Thu, 21 Sep 2023 09:55:11 +1000 From: David Gibson To: Stefano Brivio Subject: Re: [PATCH] dhcpv6: Properly separate domain names in search list Message-ID: References: <20230920150506.3341961-1-sbrivio@redhat.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="Dy0sQAqk1C4pX8t2" Content-Disposition: inline In-Reply-To: <20230920150506.3341961-1-sbrivio@redhat.com> Message-ID-Hash: Q63QKYOZX6TQP7T4LNPK7XZQUTNTOL3U X-Message-ID-Hash: Q63QKYOZX6TQP7T4LNPK7XZQUTNTOL3U X-MailFrom: dgibson@gandalf.ozlabs.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: passt-dev@passt.top, Sebastian Mitterle X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --Dy0sQAqk1C4pX8t2 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Sep 20, 2023 at 05:05:06PM +0200, Stefano Brivio wrote: > If we go over the flattened list of search domains and just replace > dots and zero bytes with the length of the next label to implement > the encoding specified by section 3.1 of RFC 1035, if there are > multiple domains in the search list, we'll also replace separators > between two domain names with the length of the first label of the > second domain, plus one. That is... an impressively long sentence. Any chance you could reword that in shorter ones that are easier to follow ;). > Those should remain as zero bytes to > separate domains, though. >=20 > To distinguish between label separators and domain names separators, > for simplicity, introduce a dot before the first label of every > domain we copy to form the list. All dots are then replaced by label > lengths, and separators (zero bytes) remain as they are. >=20 > As we do this, we need to make sure we don't replace the trailing > dot, if present: that's already a separator. Skip copying it, and > just add separators as needed. >=20 > Now that we don't copy those, though, we might end up with > zero-length domains: skip them, as they're meaningless anyway. >=20 > And as we might skip domains, we can't use the index 'i' to check if > we're at the beginning of the option -- use 'srch' instead. >=20 > This is very similar to how we prepare the list for NDP option 31, > except that we don't need padding (RFC 8106, 5.2) here, and we should > refactor this into common functions, but it probably makes sense to > rework the NDP responder (https://bugs.passt.top/show_bug.cgi?id=3D21) > first. >=20 > Reported-by: Sebastian Mitterle > Link: https://bugs.passt.top/show_bug.cgi?id=3D75 > Signed-off-by: Stefano Brivio > --- > dhcpv6.c | 24 +++++++++++++++++------- > 1 file changed, 17 insertions(+), 7 deletions(-) >=20 > diff --git a/dhcpv6.c b/dhcpv6.c > index fc42a84..58171bb 100644 > --- a/dhcpv6.c > +++ b/dhcpv6.c > @@ -376,24 +376,34 @@ search: > return offset; > =20 > for (i =3D 0; *c->dns_search[i].n; i++) { > - if (!i) { > + size_t name_len =3D strlen(c->dns_search[i].n); > + > + /* We already append separators, don't duplicate if present */ > + if (c->dns_search[i].n[name_len - 1] =3D=3D '.') > + name_len--; > + > + /* Skip root-only search domains */ > + if (!name_len) > + continue; Should we consider doing this normalisation when we build c->dns_search, rather than here? > + if (!srch) { > srch =3D (struct opt_dns_search *)(buf + offset); > offset +=3D sizeof(struct opt_hdr); > srch->hdr.t =3D OPT_DNS_SEARCH; > srch->hdr.l =3D 0; > p =3D srch->list; > - *p =3D 0; > } > =20 > - p =3D stpcpy(p + 1, c->dns_search[i].n); > - *(p++) =3D 0; > - srch->hdr.l +=3D strlen(c->dns_search[i].n) + 2; > - offset +=3D strlen(c->dns_search[i].n) + 2; > + *p =3D '.'; > + p =3D stpncpy(p + 1, c->dns_search[i].n, name_len); > + p++; > + srch->hdr.l +=3D name_len + 2; > + offset +=3D name_len + 2; > } > =20 > if (srch) { > for (i =3D 0; i < srch->hdr.l; i++) { > - if (srch->list[i] =3D=3D '.' || !srch->list[i]) { > + if (srch->list[i] =3D=3D '.') { > srch->list[i] =3D strcspn(srch->list + i + 1, > "."); > } --=20 David Gibson | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_ | _way_ _around_! http://www.ozlabs.org/~dgibson --Dy0sQAqk1C4pX8t2 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAmULhkgACgkQzQJF27ox 2GfWDg//Wb9ZukDewjylIaHEmMhzOJuyyeGexrJgVE5HxptBt5DL/YTQTgvEt8R9 idORbN6qAofqo0N3gxcRLInmRrp1L+zL4thHqN1wlsp9P9xjPSieCiLeBcK/VY3L T9WFlG1y7t5kTJX0IS2G5ISB7QbaySqR5t0SUPOblU3nIxe+FhCDqXuzDlYBBQg6 3V6Bjs/u554BXJJvIOtomueX9whvNkcYq+GFVD9i8FTM4yst0W1zlmX/EQ8XYc8e omsqqQ8wH1cpKiDzmphIK0+WKgNRLza2fhRn1Jjz+B/FcNA66I34L6K8kfSTqcDl sRzUM9aK5QDXhwSZ++Aj8Eqkd8f6G1GpAYOvlFrSpENruWmb8YIu6dw/KubRGNn2 rp/1+9OHPsdkP5qUdw/dFNIqqH+AmhHCRyNR8llWqUmssGp+OFbBemEs4GUHd2bN n9l2t9S0/air2X2myFiiGrurKyIIFyMn2Gkn0E5pikPQ1T511cSVCGTesT3pB30P 04kCDmhGDIjjDrMzPgNL3/QxjJNKxFOwBlmkPO1OnwAftJOiO/ACxpyc1sBfvvtL sJuYcU1P65M2NCQ1JRpVZFbUDyYq4knUh6ZOCHKbpjmqSBrWyV1V6HExbefvfg1u 6PSBAi2nmK8IjYdSnphLMf4C5OiTppEZEPG26bVuHMx/lGBRcss= =aaBW -----END PGP SIGNATURE----- --Dy0sQAqk1C4pX8t2--