1 /*-
2 * SPDX-License-Identifier: ISC
3 *
4 * Copyright (c) 2004 by Internet Systems Consortium, Inc. ("ISC")
5 * Copyright (c) 1995,1999 by Internet Software Consortium.
6 *
7 * Permission to use, copy, modify, and distribute this software for any
8 * purpose with or without fee is hereby granted, provided that the above
9 * copyright notice and this permission notice appear in all copies.
10 *
11 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES
12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR
14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
17 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 */
19
20 #include "port_before.h"
21
22 #include <sys/types.h>
23 #include <arpa/nameser.h>
24 #include <errno.h>
25 #include <string.h>
26
27 #include "port_after.h"
28
29 /*%
30 * Check whether a name belongs to a domain.
31 *
32 * Inputs:
33 *\li a - the domain whose ancestry is being verified
34 *\li b - the potential ancestor we're checking against
35 *
36 * Return:
37 *\li boolean - is a at or below b?
38 *
39 * Notes:
40 *\li Trailing dots are first removed from name and domain.
41 * Always compare complete subdomains, not only whether the
42 * domain name is the trailing string of the given name.
43 *
44 *\li "host.foobar.top" lies in "foobar.top" and in "top" and in ""
45 * but NOT in "bar.top"
46 */
47
48 int
ns_samedomain(const char * a,const char * b)49 ns_samedomain(const char *a, const char *b) {
50 size_t la, lb;
51 int diff, i, escaped;
52 const char *cp;
53
54 la = strlen(a);
55 lb = strlen(b);
56
57 /* Ignore a trailing label separator (i.e. an unescaped dot) in 'a'. */
58 if (la != 0U && a[la - 1] == '.') {
59 escaped = 0;
60 /* Note this loop doesn't get executed if la==1. */
61 for (i = la - 2; i >= 0; i--)
62 if (a[i] == '\\') {
63 if (escaped)
64 escaped = 0;
65 else
66 escaped = 1;
67 } else
68 break;
69 if (!escaped)
70 la--;
71 }
72
73 /* Ignore a trailing label separator (i.e. an unescaped dot) in 'b'. */
74 if (lb != 0U && b[lb - 1] == '.') {
75 escaped = 0;
76 /* note this loop doesn't get executed if lb==1 */
77 for (i = lb - 2; i >= 0; i--)
78 if (b[i] == '\\') {
79 if (escaped)
80 escaped = 0;
81 else
82 escaped = 1;
83 } else
84 break;
85 if (!escaped)
86 lb--;
87 }
88
89 /* lb == 0 means 'b' is the root domain, so 'a' must be in 'b'. */
90 if (lb == 0U)
91 return (1);
92
93 /* 'b' longer than 'a' means 'a' can't be in 'b'. */
94 if (lb > la)
95 return (0);
96
97 /* 'a' and 'b' being equal at this point indicates sameness. */
98 if (lb == la)
99 return (strncasecmp(a, b, lb) == 0);
100
101 /* Ok, we know la > lb. */
102
103 diff = la - lb;
104
105 /*
106 * If 'a' is only 1 character longer than 'b', then it can't be
107 * a subdomain of 'b' (because of the need for the '.' label
108 * separator).
109 */
110 if (diff < 2)
111 return (0);
112
113 /*
114 * If the character before the last 'lb' characters of 'b'
115 * isn't '.', then it can't be a match (this lets us avoid
116 * having "foobar.com" match "bar.com").
117 */
118 if (a[diff - 1] != '.')
119 return (0);
120
121 /*
122 * We're not sure about that '.', however. It could be escaped
123 * and thus not a really a label separator.
124 */
125 escaped = 0;
126 for (i = diff - 2; i >= 0; i--)
127 if (a[i] == '\\') {
128 if (escaped)
129 escaped = 0;
130 else
131 escaped = 1;
132 } else
133 break;
134 if (escaped)
135 return (0);
136
137 /* Now compare aligned trailing substring. */
138 cp = a + diff;
139 return (strncasecmp(cp, b, lb) == 0);
140 }
141
142 #ifndef _LIBC
143 /*%
144 * is "a" a subdomain of "b"?
145 */
146 int
ns_subdomain(const char * a,const char * b)147 ns_subdomain(const char *a, const char *b) {
148 return (ns_samename(a, b) != 1 && ns_samedomain(a, b));
149 }
150 #endif
151
152 /*%
153 * make a canonical copy of domain name "src"
154 *
155 * notes:
156 * \code
157 * foo -> foo.
158 * foo. -> foo.
159 * foo.. -> foo.
160 * foo\. -> foo\..
161 * foo\\. -> foo\\.
162 * \endcode
163 */
164
165 int
ns_makecanon(const char * src,char * dst,size_t dstsize)166 ns_makecanon(const char *src, char *dst, size_t dstsize) {
167 size_t n = strlen(src);
168
169 if (n + sizeof "." > dstsize) { /*%< Note: sizeof == 2 */
170 errno = EMSGSIZE;
171 return (-1);
172 }
173 strcpy(dst, src);
174 while (n >= 1U && dst[n - 1] == '.') /*%< Ends in "." */
175 if (n >= 2U && dst[n - 2] == '\\' && /*%< Ends in "\." */
176 (n < 3U || dst[n - 3] != '\\')) /*%< But not "\\." */
177 break;
178 else
179 dst[--n] = '\0';
180 dst[n++] = '.';
181 dst[n] = '\0';
182 return (0);
183 }
184
185 /*%
186 * determine whether domain name "a" is the same as domain name "b"
187 *
188 * return:
189 *\li -1 on error
190 *\li 0 if names differ
191 *\li 1 if names are the same
192 */
193
194 int
ns_samename(const char * a,const char * b)195 ns_samename(const char *a, const char *b) {
196 char ta[NS_MAXDNAME], tb[NS_MAXDNAME];
197
198 if (ns_makecanon(a, ta, sizeof ta) < 0 ||
199 ns_makecanon(b, tb, sizeof tb) < 0)
200 return (-1);
201 if (strcasecmp(ta, tb) == 0)
202 return (1);
203 else
204 return (0);
205 }
206
207 /*! \file */
208