GETNAMEINFO(3) | NetBSD Library Functions Manual | GETNAMEINFO(3) |
int
getnameinfo(const struct sockaddr * restrict sa, socklen_t salen, char * restrict host, size_t hostlen, char * restrict serv, size_t servlen, int flags);
The sockaddr structure sa should point to either a sockaddr_in or sockaddr_in6 structure (for IPv4 or IPv6 respectively) that is salen bytes long.
The host and service names associated with sa are stored in host and serv which have length parameters hostlen and servlen. The maximum value for hostlen is NI_MAXHOST and the maximum value for servlen is NI_MAXSERV, as defined by <netdb.h>. If a length parameter is zero, no string will be stored. Otherwise, enough space must be provided to store the host name or service string plus a byte for the NUL terminator.
The flags argument is formed by OR'ing the following values:
This implementation allows numeric IPv6 address notation with scope identifier, as documented in chapter 11 of draft-ietf-ipv6-scoping-arch-02.txt. IPv6 link-local address will appear as a string like “fe80::1%ne0”. Refer to getaddrinfo(3) for more information.
struct sockaddr *sa; /* input */ char hbuf[NI_MAXHOST], sbuf[NI_MAXSERV]; if (getnameinfo(sa, sa->sa_len, hbuf, sizeof(hbuf), sbuf, sizeof(sbuf), NI_NUMERICHOST | NI_NUMERICSERV)) { errx(1, "could not get numeric hostname"); /*NOTREACHED*/ } printf("host=%s, serv=%s\n", hbuf, sbuf);
The following version checks if the socket address has a reverse address mapping:
struct sockaddr *sa; /* input */ char hbuf[NI_MAXHOST]; if (getnameinfo(sa, sa->sa_len, hbuf, sizeof(hbuf), NULL, 0, NI_NAMEREQD)) { errx(1, "could not resolve hostname"); /*NOTREACHED*/ } printf("host=%s\n", hbuf);
R. Gilligan, S. Thomson, J. Bound, and W. Stevens, Basic Socket Interface Extensions for IPv6, RFC 2553, March 1999.
S. Deering, B. Haberman, T. Jinmei, E. Nordmark, and B. Zill, IPv6 Scoped Address Architecture, internet draft, draft-ietf-ipv6-scoping-arch-02.txt, work in progress material.
Craig Metz, Protocol Independence Using the Sockets API, Proceedings of the FREENIX track: 2000 USENIX annual technical conference, June 2000.
1.0.0.127.in-addr.arpa. IN PTR 10.1.1.1
and trick the caller of getnameinfo() into believing that sa is 10.1.1.1 when it is actually 127.0.0.1.
To prevent such attacks, the use of NI_NAMEREQD is recommended when the result of getnameinfo() is used for access control purposes:
struct sockaddr *sa; socklen_t salen; char addr[NI_MAXHOST]; struct addrinfo hints, *res; int error; error = getnameinfo(sa, salen, addr, sizeof(addr), NULL, 0, NI_NAMEREQD); if (error == 0) { memset(&hints, 0, sizeof(hints)); hints.ai_socktype = SOCK_DGRAM; /*dummy*/ hints.ai_flags = AI_NUMERICHOST; if (getaddrinfo(addr, "0", &hints, &res) == 0) { /* malicious PTR record */ freeaddrinfo(res); printf("bogus PTR record\n"); return -1; } /* addr is FQDN as a result of PTR lookup */ } else { /* addr is numeric string */ error = getnameinfo(sa, salen, addr, sizeof(addr), NULL, 0, NI_NUMERICHOST); }
March 21, 2005 | NetBSD 5.99 |