SRV records

client.c

@@ -157,7 +157,7 @@ get_addresses(const char *hostnames, int port)
   struct Address *addr;
   ARR_Instance addrs;
   char *hostname, *s1, *s2;
-  IPAddr ip_addrs[DNS_MAX_ADDRESSES];
+  DNS_AddressLookupResult looked_up_addrs[DNS_MAX_ADDRESSES];
   int i;
 
   addrs = ARR_CreateInstance(sizeof (*addr));
@@ -175,17 +175,17 @@ get_addresses(const char *hostnames, int port)
       addr->type = SCK_ADDR_UNIX;
       addr->addr.path = Strdup(hostname);
     } else {
-      if (DNS_Name2IPAddress(hostname, ip_addrs, DNS_MAX_ADDRESSES) != DNS_Success) {
+      if (DNS_Name2IPAddress(hostname, looked_up_addrs, DNS_MAX_ADDRESSES, 0) != DNS_Success) {
         DEBUG_LOG("Could not get IP address for %s", hostname);
         continue;
       }
 
-      for (i = 0; i < DNS_MAX_ADDRESSES && ip_addrs[i].family != IPADDR_UNSPEC; i++) {
+      for (i = 0; i < DNS_MAX_ADDRESSES && looked_up_addrs[i].ip.family != IPADDR_UNSPEC; i++) {
         addr = ARR_GetNewElement(addrs);
         addr->type = SCK_ADDR_IP;
-        addr->addr.ip.ip_addr = ip_addrs[i];
+        addr->addr.ip.ip_addr = looked_up_addrs[i].ip;
         addr->addr.ip.port = port;
-        DEBUG_LOG("Resolved %s to %s", hostname, UTI_IPToString(&ip_addrs[i]));
+        DEBUG_LOG("Resolved %s to %s", hostname, UTI_IPToString(&looked_up_addrs[i].ip));
       }
     }
   }
@@ -449,11 +449,15 @@ bits_to_mask(int bits, int family, IPAddr *mask)
 static int
 parse_source_address(char *word, IPAddr *address)
 {
+  DNS_AddressLookupResult lookup;
+
   if (UTI_StringToIdIP(word, address))
     return 1;
 
-  if (DNS_Name2IPAddress(word, address, 1) == DNS_Success)
+  if (DNS_Name2IPAddress(word, &lookup, 1, 0) == DNS_Success) {
+    *address = lookup.ip;
     return 1;
+  }
 
   return 0;
 }
@@ -944,10 +948,10 @@ process_cmd_allowdeny(CMD_Request *msg, char *line, int cmd, int allcmd)
 static int
 process_cmd_accheck(CMD_Request *msg, char *line)
 {
-  IPAddr ip;
+  DNS_AddressLookupResult lookup;
   msg->command = htons(REQ_ACCHECK);
-  if (DNS_Name2IPAddress(line, &ip, 1) == DNS_Success) {
-    UTI_IPHostToNetwork(&ip, &msg->data.ac_check.ip);
+  if (DNS_Name2IPAddress(line, &lookup, 1, 0) == DNS_Success) {
+    UTI_IPHostToNetwork(&lookup.ip, &msg->data.ac_check.ip);
     return 1;
   } else {    
     LOG(LOGS_ERR, "Could not read address");
@@ -960,10 +964,10 @@ process_cmd_accheck(CMD_Request *msg, char *line)
 static int
 process_cmd_cmdaccheck(CMD_Request *msg, char *line)
 {
-  IPAddr ip;
+  DNS_AddressLookupResult lookup;
   msg->command = htons(REQ_CMDACCHECK);
-  if (DNS_Name2IPAddress(line, &ip, 1) == DNS_Success) {
-    UTI_IPHostToNetwork(&ip, &msg->data.ac_check.ip);
+  if (DNS_Name2IPAddress(line, &lookup, 1, 0) == DNS_Success) {
+    UTI_IPHostToNetwork(&lookup.ip, &msg->data.ac_check.ip);
     return 1;
   } else {    
     LOG(LOGS_ERR, "Could not read address");
@@ -1025,7 +1029,7 @@ process_cmd_add_source(CMD_Request *msg, char *line)
 {
   CPS_NTP_Source data;
   CPS_Status status;
-  IPAddr ip_addr;
+  DNS_AddressLookupResult lookup;
   int result = 0, type;
   const char *opt_name, *word;
 
@@ -1051,7 +1055,7 @@ process_cmd_add_source(CMD_Request *msg, char *line)
       /* Verify that the address is resolvable (chronyc and chronyd are
          assumed to be running on the same host) */
       if (strlen(data.name) >= sizeof (msg->data.ntp_source.name) ||
-          DNS_Name2IPAddress(data.name, &ip_addr, 1) != DNS_Success) {
+          DNS_Name2IPAddress(data.name, &lookup, 1, data.params.nts) != DNS_Success) {
         LOG(LOGS_ERR, "Invalid host/IP address");
         break;
       }
@@ -3730,5 +3734,3 @@ main(int argc, char **argv)
 
   return !ret;
 }
-
-

cmdparse.c

@@ -231,6 +231,7 @@ CPS_ParseAllowDeny(char *line, int *all, IPAddr *ip, int *subnet_bits)
   char *p, *net, *slash;
   uint32_t a, b, c;
   int bits, len, n;
+  DNS_AddressLookupResult lookup_result;
 
   p = CPS_SplitWord(line);
 
@@ -294,7 +295,8 @@ CPS_ParseAllowDeny(char *line, int *all, IPAddr *ip, int *subnet_bits)
   }
 
   /* The last possibility is a hostname */
-  if (bits < 0 && DNS_Name2IPAddress(net, ip, 1) == DNS_Success) {
+  if (bits < 0 && DNS_Name2IPAddress(net, &lookup_result, 1, 0) == DNS_Success) {
+    *ip = lookup_result.ip;
     *subnet_bits = ip->family == IPADDR_INET6 ? 128 : 32;
     return 1;
   }

conf.c

@@ -1164,7 +1164,7 @@ static void
 parse_initstepslew(char *line)
 {
   char *p, *hostname;
-  IPAddr ip_addr;
+  DNS_AddressLookupResult addr;
 
   /* Ignore the line if chronyd was started with -R. */
   if (restarted) {
@@ -1183,8 +1183,8 @@ parse_initstepslew(char *line)
     hostname = p;
     p = CPS_SplitWord(p);
     if (*hostname) {
-      if (DNS_Name2IPAddress(hostname, &ip_addr, 1) == DNS_Success) {
-        ARR_AppendElement(init_sources, &ip_addr);
+      if (DNS_Name2IPAddress(hostname, &addr, 1, 0) == DNS_Success) {
+        ARR_AppendElement(init_sources, &addr.ip);
       } else {
         LOG(LOGS_WARN, "Could not resolve address of initstepslew server %s", hostname);
       }

configure

@@ -110,6 +110,7 @@ For better control, use the options below.
   --disable-readline     Disable line editing support
   --without-editline     Don't use editline even if it is available
   --disable-sechash      Disable support for hashes other than MD5
+  --without-getdns       Don't use getdns
   --without-nettle       Don't use nettle even if it is available
   --without-gnutls       Don't use gnutls even if it is available
   --without-nss          Don't use NSS even if it is available
@@ -122,6 +123,7 @@ For better control, use the options below.
   --disable-ipv6         Disable IPv6 support
   --disable-rtc          Don't include RTC even on Linux
   --disable-privdrop     Disable support for dropping root privileges
+  --disable-srv          Disable support for resolving through SRV records
   --without-libcap       Don't use libcap even if it is available
   --enable-scfilter      Enable support for system call filtering
   --without-seccomp      Don't use seccomp even if it is available
@@ -221,6 +223,8 @@ feat_cmdmon=1
 feat_refclock=1
 feat_readline=1
 try_editline=1
+feat_srv=1
+try_getdns=1
 feat_sechash=1
 try_nettle=1
 try_nss=1
@@ -383,9 +387,15 @@ do
     --without-tomcrypt )
       try_tomcrypt=0
     ;;
+    --disable-srv )
+      feat_srv=0
+    ;;
     --disable-nts )
       feat_nts=0
     ;;
+    --without-getdns )
+      try_getdns=0
+    ;;
     --without-gnutls )
       try_gnutls=0
     ;;
@@ -970,6 +980,17 @@ EXTRA_OBJECTS="$EXTRA_OBJECTS $HASH_OBJ"
 EXTRA_CLI_OBJECTS="$EXTRA_CLI_OBJECTS $HASH_OBJ"
 LIBS="$LIBS $HASH_LINK"
 
+if [ $feat_srv = "1" ] && [ $try_getdns = "1" ]; then
+  if test_code 'getdns' 'getdns/getdns.h' '' '-lgetdns' '
+    getdns_context *context;
+    getdns_context_create(&context, 1);'
+  then
+    EXTRA_LIBS="$EXTRA_LIBS -lgetdns"
+    EXTRA_CLI_LIBS="$EXTRA_CLI_LIBS -lgetdns"
+    add_def FEAT_SRV
+  fi
+fi
+
 if [ $feat_nts = "1" ] && [ $try_gnutls = "1" ]; then
   if [ "$HASH_OBJ" = "hash_gnutls.o" ]; then
     test_cflags=""
@@ -1096,7 +1117,7 @@ add_def MAIL_PROGRAM "\"$mail_program\""
 
 common_features="`get_features SECHASH IPV6 DEBUG`"
 chronyc_features="`get_features READLINE`"
-chronyd_features="`get_features CMDMON REFCLOCK RTC PRIVDROP SCFILTER SIGND NTS`"
+chronyd_features="`get_features CMDMON REFCLOCK RTC PRIVDROP SCFILTER SIGND NTS SRV`"
 add_def CHRONYC_FEATURES "\"$chronyc_features $common_features\""
 add_def CHRONYD_FEATURES "\"$chronyd_features $common_features\""
 echo "Features : $chronyd_features $chronyc_features $common_features"
@@ -1141,4 +1162,3 @@ done
 
 # =======================================================================
 # vim:et:sw=2:ht=2:sts=2:fdm=marker:cms=#%s
-