Add AI_FQDN flag to getaddrinfo(3). Prompted by discussions with djm@

about cert checking in OpenSSH.  Man page wording tweaks thanks to
jmc@.

ok henning@, jmc@; positive feedback from djm@, ajacoutat@

Committing now to reuse guenther@'s libc minor bump instead of
cranking it again, as suggested by deraadt@.

2 files changed, 46 insertions, 22 deletions

diff --git a/lib/libc/net/getaddrinfo.3 b/lib/libc/net/getaddrinfo.3
index 7250407d659..da6e64683f9 100644
--- a/lib/libc/net/getaddrinfo.3
+++ b/lib/libc/net/getaddrinfo.3
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: getaddrinfo.3,v 1.47 2009/07/09 10:14:41 eric Exp $
+.\"	$OpenBSD: getaddrinfo.3,v 1.48 2011/04/05 00:46:06 matthew Exp $
 .\"	$KAME: getaddrinfo.3,v 1.36 2005/01/05 03:23:05 itojun Exp $
 .\"
 .\" Copyright (C) 2004  Internet Systems Consortium, Inc. ("ISC")
@@ -16,7 +16,7 @@
 .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 .\" PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: July 9 2009 $
+.Dd $Mdocdate: April 5 2011 $
 .Dt GETADDRINFO 3
 .Os
 .Sh NAME
@@ -126,11 +126,33 @@ If the
 bit is set, a successful call to
 .Fn getaddrinfo
 will return a NUL-terminated string containing the canonical name
-of the specified hostname in the
+of the specified host name in the
 .Fa ai_canonname
 element of the first
 .Li addrinfo
 structure returned.
+.It Dv AI_FQDN
+If the
+.Dv AI_FQDN
+bit is set, a successful call to
+.Fn getaddrinfo
+will return a NUL-terminated string containing the fully qualified domain name
+of the specified host name in the
+.Fa ai_canonname
+element of the first
+.Li addrinfo
+structure returned.
+.Pp
+This is different from the
+.Dv AI_CANONNAME
+bit flag that returns the canonical name registered in DNS,
+which may be different from the fully qualified domain name
+that the host name resolved to.
+Only one of the
+.Dv AI_FQDN
+and
+.Dv AI_CANONNAME
+bits can be set.
 .It Dv AI_NUMERICHOST
 If the
 .Dv AI_NUMERICHOST
@@ -438,6 +460,10 @@ function is defined by the
 draft specification and documented in
 .Dv "RFC 3493" ,
 .Dq Basic Socket Interface Extensions for IPv6 .
+.Pp
+The
+.Dv AI_FQDN
+flag bit first appeared in Windows 7.
 .Sh BUGS
 The implementation of
 .Fn getaddrinfo
diff --git a/lib/libc/net/getaddrinfo.c b/lib/libc/net/getaddrinfo.c
index 7040fa7c37f..29cc1f463e0 100644
--- a/lib/libc/net/getaddrinfo.c
+++ b/lib/libc/net/getaddrinfo.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: getaddrinfo.c,v 1.71 2009/11/18 07:43:22 guenther Exp $	*/
+/*	$OpenBSD: getaddrinfo.c,v 1.72 2011/04/05 00:46:06 matthew Exp $	*/
 /*	$KAME: getaddrinfo.c,v 1.31 2000/08/31 17:36:43 itojun Exp $	*/
 
 /*
@@ -309,7 +309,9 @@ getaddrinfo(const char *hostname, const char *servname,
 		if (hints->ai_addrlen || hints->ai_canonname ||
 		    hints->ai_addr || hints->ai_next)
 			ERR(EAI_BADHINTS); /* xxx */
-		if (hints->ai_flags & ~AI_MASK)
+		if ((hints->ai_flags & ~AI_MASK) != 0 ||
+		    (hints->ai_flags & (AI_CANONNAME | AI_FQDN)) ==
+		    (AI_CANONNAME | AI_FQDN))
 			ERR(EAI_BADFLAGS);
 		switch (hints->ai_family) {
 		case PF_UNSPEC:
@@ -671,14 +673,13 @@ explore_numeric(const struct addrinfo *pai, const char *hostname,
 		    pai->ai_family == PF_UNSPEC /*?*/) {
 			GET_AI(cur->ai_next, afd, pton);
 			GET_PORT(cur->ai_next, servname);
-			if ((pai->ai_flags & AI_CANONNAME)) {
-				/*
-				 * Set the numeric address itself as
-				 * the canonical name, based on a
-				 * clarification in rfc2553bis-03.
-				 */
-				GET_CANONNAME(cur->ai_next, canonname);
-			}
+			/*
+			 * Set the numeric address itself as
+			 * the canonical name, based on a
+			 * clarification in rfc2553bis-03.
+			 */
+			GET_CANONNAME(cur->ai_next, canonname);
+
 			while (cur && cur->ai_next)
 				cur = cur->ai_next;
 		} else
@@ -764,7 +765,7 @@ explore_numeric_scope(const struct addrinfo *pai, const char *hostname,
 static int
 get_canonname(const struct addrinfo *pai, struct addrinfo *ai, const char *str)
 {
-	if ((pai->ai_flags & AI_CANONNAME) != 0) {
+	if ((pai->ai_flags & (AI_CANONNAME | AI_FQDN)) != 0) {
 		ai->ai_canonname = strdup(str);
 		if (ai->ai_canonname == NULL)
 			return EAI_MEMORY;
@@ -1129,7 +1130,7 @@ getanswer(const querybuf *answer, int anslen, const char *qname, int qtype,
 			haveanswer++;
 	}
 	if (haveanswer) {
-		if (!canonname)
+		if (!canonname || (pai->ai_flags & AI_FQDN) != 0)
 			(void)get_canonname(pai, sentinel.ai_next, qname);
 		else
 			(void)get_canonname(pai, sentinel.ai_next, canonname);
@@ -1275,11 +1276,9 @@ found:
 		/* cover it up */
 		res->ai_flags = pai->ai_flags;
 
-		if (pai->ai_flags & AI_CANONNAME) {
-			if (get_canonname(pai, res, cname) != 0) {
-				freeaddrinfo(res0);
-				goto again;
-			}
+		if (get_canonname(pai, res, cname) != 0) {
+			freeaddrinfo(res0);
+			goto again;
 		}
 	}
 	return res0;
@@ -1369,8 +1368,7 @@ nextline:
 			/* cover it up */
 			res->ai_flags = pai->ai_flags;
 
-			if (pai->ai_flags & AI_CANONNAME)
-				(void)get_canonname(pai, res, canonname);
+			(void)get_canonname(pai, res, canonname);
 		}
 	} else
 		res0 = NULL;