1/*-
2 * SPDX-License-Identifier: ISC
3 *
4 * Copyright (c) 2004 by Internet Systems Consortium, Inc. ("ISC")
5 * Copyright (c) 1995,1999 by Internet Software Consortium.
6 *
7 * Permission to use, copy, modify, and distribute this software for any
8 * purpose with or without fee is hereby granted, provided that the above
9 * copyright notice and this permission notice appear in all copies.
10 *
11 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES
12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13 * MERCHANTABILITY AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR
14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
17 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 */
19
20#include "port_before.h"
21
22#include <sys/types.h>
23#include <arpa/nameser.h>
24#include <errno.h>
25#include <string.h>
26
27#include "port_after.h"
28
29/*%
30 *	Check whether a name belongs to a domain.
31 *
32 * Inputs:
33 *\li	a - the domain whose ancestry is being verified
34 *\li	b - the potential ancestor we're checking against
35 *
36 * Return:
37 *\li	boolean - is a at or below b?
38 *
39 * Notes:
40 *\li	Trailing dots are first removed from name and domain.
41 *	Always compare complete subdomains, not only whether the
42 *	domain name is the trailing string of the given name.
43 *
44 *\li	"host.foobar.top" lies in "foobar.top" and in "top" and in ""
45 *	but NOT in "bar.top"
46 */
47
48int
49ns_samedomain(const char *a, const char *b) {
50	size_t la, lb;
51	int diff, i, escaped;
52	const char *cp;
53
54	la = strlen(a);
55	lb = strlen(b);
56
57	/* Ignore a trailing label separator (i.e. an unescaped dot) in 'a'. */
58	if (la != 0U && a[la - 1] == '.') {
59		escaped = 0;
60		/* Note this loop doesn't get executed if la==1. */
61		for (i = la - 2; i >= 0; i--)
62			if (a[i] == '\\') {
63				if (escaped)
64					escaped = 0;
65				else
66					escaped = 1;
67			} else
68				break;
69		if (!escaped)
70			la--;
71	}
72
73	/* Ignore a trailing label separator (i.e. an unescaped dot) in 'b'. */
74	if (lb != 0U && b[lb - 1] == '.') {
75		escaped = 0;
76		/* note this loop doesn't get executed if lb==1 */
77		for (i = lb - 2; i >= 0; i--)
78			if (b[i] == '\\') {
79				if (escaped)
80					escaped = 0;
81				else
82					escaped = 1;
83			} else
84				break;
85		if (!escaped)
86			lb--;
87	}
88
89	/* lb == 0 means 'b' is the root domain, so 'a' must be in 'b'. */
90	if (lb == 0U)
91		return (1);
92
93	/* 'b' longer than 'a' means 'a' can't be in 'b'. */
94	if (lb > la)
95		return (0);
96
97	/* 'a' and 'b' being equal at this point indicates sameness. */
98	if (lb == la)
99		return (strncasecmp(a, b, lb) == 0);
100
101	/* Ok, we know la > lb. */
102
103	diff = la - lb;
104
105	/*
106	 * If 'a' is only 1 character longer than 'b', then it can't be
107	 * a subdomain of 'b' (because of the need for the '.' label
108	 * separator).
109	 */
110	if (diff < 2)
111		return (0);
112
113	/*
114	 * If the character before the last 'lb' characters of 'b'
115	 * isn't '.', then it can't be a match (this lets us avoid
116	 * having "foobar.com" match "bar.com").
117	 */
118	if (a[diff - 1] != '.')
119		return (0);
120
121	/*
122	 * We're not sure about that '.', however.  It could be escaped
123         * and thus not a really a label separator.
124	 */
125	escaped = 0;
126	for (i = diff - 2; i >= 0; i--)
127		if (a[i] == '\\') {
128			if (escaped)
129				escaped = 0;
130			else
131				escaped = 1;
132		} else
133			break;
134	if (escaped)
135		return (0);
136
137	/* Now compare aligned trailing substring. */
138	cp = a + diff;
139	return (strncasecmp(cp, b, lb) == 0);
140}
141
142#ifndef _LIBC
143/*%
144 *	is "a" a subdomain of "b"?
145 */
146int
147ns_subdomain(const char *a, const char *b) {
148	return (ns_samename(a, b) != 1 && ns_samedomain(a, b));
149}
150#endif
151
152/*%
153 *	make a canonical copy of domain name "src"
154 *
155 * notes:
156 * \code
157 *	foo -> foo.
158 *	foo. -> foo.
159 *	foo.. -> foo.
160 *	foo\. -> foo\..
161 *	foo\\. -> foo\\.
162 * \endcode
163 */
164
165int
166ns_makecanon(const char *src, char *dst, size_t dstsize) {
167	size_t n = strlen(src);
168
169	if (n + sizeof "." > dstsize) {			/*%< Note: sizeof == 2 */
170		errno = EMSGSIZE;
171		return (-1);
172	}
173	strcpy(dst, src);
174	while (n >= 1U && dst[n - 1] == '.')		/*%< Ends in "." */
175		if (n >= 2U && dst[n - 2] == '\\' &&	/*%< Ends in "\." */
176		    (n < 3U || dst[n - 3] != '\\'))	/*%< But not "\\." */
177			break;
178		else
179			dst[--n] = '\0';
180	dst[n++] = '.';
181	dst[n] = '\0';
182	return (0);
183}
184
185/*%
186 *	determine whether domain name "a" is the same as domain name "b"
187 *
188 * return:
189 *\li	-1 on error
190 *\li	0 if names differ
191 *\li	1 if names are the same
192 */
193
194int
195ns_samename(const char *a, const char *b) {
196	char ta[NS_MAXDNAME], tb[NS_MAXDNAME];
197
198	if (ns_makecanon(a, ta, sizeof ta) < 0 ||
199	    ns_makecanon(b, tb, sizeof tb) < 0)
200		return (-1);
201	if (strcasecmp(ta, tb) == 0)
202		return (1);
203	else
204		return (0);
205}
206
207/*! \file */
208