move dns lookups to its own (privilege revoking, not chrooting) process.

reason: the parent process must never ever block, but the dns routines can.
last not least this fixes ntpd -s 'hanging' for a long time.
tested by a couple of people

4 files changed, 245 insertions, 13 deletions

diff --git a/usr.sbin/ntpd/Makefile b/usr.sbin/ntpd/Makefile
index 95265504726..10467c5184c 100644
--- a/usr.sbin/ntpd/Makefile
+++ b/usr.sbin/ntpd/Makefile
@@ -1,10 +1,10 @@
-#	$OpenBSD: Makefile,v 1.8 2006/05/26 00:33:16 henning Exp $
+#	$OpenBSD: Makefile,v 1.9 2008/09/12 10:46:09 henning Exp $
 
 .PATH:		${.CURDIR}/..
 
 PROG=	ntpd
 SRCS=	ntpd.c buffer.c log.c imsg.c ntp.c ntp_msg.c parse.y config.c \
-	server.c client.c sensors.c util.c
+	server.c client.c sensors.c util.c ntp_dns.c
 CFLAGS+= -Wall -I${.CURDIR}
 CFLAGS+= -Wstrict-prototypes -Wmissing-prototypes
 CFLAGS+= -Wmissing-declarations
diff --git a/usr.sbin/ntpd/ntp.c b/usr.sbin/ntpd/ntp.c
index 46593c1727b..a3a6be89166 100644
--- a/usr.sbin/ntpd/ntp.c
+++ b/usr.sbin/ntpd/ntp.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ntp.c,v 1.106 2008/06/10 03:46:09 naddy Exp $ */
+/*	$OpenBSD: ntp.c,v 1.107 2008/09/12 10:46:09 henning Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -35,11 +35,13 @@
 
 #define	PFD_PIPE_MAIN	0
 #define	PFD_HOTPLUG	1
-#define	PFD_MAX		2
+#define	PFD_PIPE_DNS	2
+#define	PFD_MAX		3
 
 volatile sig_atomic_t	 ntp_quit = 0;
 volatile sig_atomic_t	 ntp_report = 0;
 struct imsgbuf		*ibuf_main;
+struct imsgbuf		*ibuf_dns;
 struct ntpd_conf	*conf;
 u_int			 peer_cnt;
 u_int			 sensors_cnt;
@@ -47,6 +49,7 @@ time_t			 lastreport;
 
 void	ntp_sighdlr(int);
 int	ntp_dispatch_imsg(void);
+int	ntp_dispatch_imsg_dns(void);
 void	peer_add(struct ntp_peer *);
 void	peer_remove(struct ntp_peer *);
 void	report_peers(int);
@@ -69,10 +72,10 @@ pid_t
 ntp_main(int pipe_prnt[2], struct ntpd_conf *nconf, struct passwd *pw)
 {
 	int			 a, b, nfds, i, j, idx_peers, timeout;
-	int			 hotplugfd, nullfd;
+	int			 hotplugfd, nullfd, pipe_dns[2];
 	u_int			 pfd_elms = 0, idx2peer_elms = 0;
 	u_int			 listener_cnt, new_cnt, sent_cnt, trial_cnt;
-	pid_t			 pid;
+	pid_t			 pid, dns_pid;
 	struct pollfd		*pfd = NULL;
 	struct servent		*se;
 	struct listen_addr	*la;
@@ -107,6 +110,11 @@ ntp_main(int pipe_prnt[2], struct ntpd_conf *nconf, struct passwd *pw)
 		fatal(NULL);
 	hotplugfd = sensor_hotplugfd();
 
+	if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pipe_dns) == -1)
+		fatal("socketpair");
+	dns_pid = ntp_dns(pipe_dns, nconf, pw);
+	close(pipe_dns[1]);
+
 	if (stat(pw->pw_dir, &stb) == -1)
 		fatal("stat");
 	if (stb.st_uid != 0 || (stb.st_mode & (S_IWGRP|S_IWOTH)) != 0)
@@ -146,6 +154,9 @@ ntp_main(int pipe_prnt[2], struct ntpd_conf *nconf, struct passwd *pw)
 	if ((ibuf_main = malloc(sizeof(struct imsgbuf))) == NULL)
 		fatal(NULL);
 	imsg_init(ibuf_main, pipe_prnt[1]);
+	if ((ibuf_dns = malloc(sizeof(struct imsgbuf))) == NULL)
+		fatal(NULL);
+	imsg_init(ibuf_dns, pipe_dns[0]);
 
 	TAILQ_FOREACH(p, &conf->ntp_peers, entry)
 		client_peer_init(p);
@@ -212,6 +223,8 @@ ntp_main(int pipe_prnt[2], struct ntpd_conf *nconf, struct passwd *pw)
 		pfd[PFD_PIPE_MAIN].events = POLLIN;
 		pfd[PFD_HOTPLUG].fd = hotplugfd;
 		pfd[PFD_HOTPLUG].events = POLLIN;
+		pfd[PFD_PIPE_DNS].fd = ibuf_dns->fd;
+		pfd[PFD_PIPE_DNS].events = POLLIN;
 
 		i = PFD_MAX;
 		TAILQ_FOREACH(la, &conf->listen_addrs, entry) {
@@ -289,6 +302,8 @@ ntp_main(int pipe_prnt[2], struct ntpd_conf *nconf, struct passwd *pw)
 
 		if (ibuf_main->w.queued > 0)
 			pfd[PFD_PIPE_MAIN].events |= POLLOUT;
+		if (ibuf_dns->w.queued > 0)
+			pfd[PFD_PIPE_DNS].events |= POLLOUT;
 
 		timeout = nextaction - getmonotime();
 		if (timeout < 0)
@@ -312,6 +327,18 @@ ntp_main(int pipe_prnt[2], struct ntpd_conf *nconf, struct passwd *pw)
 				ntp_quit = 1;
 		}
 
+		if (nfds > 0 && (pfd[PFD_PIPE_DNS].revents & POLLOUT))
+			if (msgbuf_write(&ibuf_dns->w) < 0) {
+				log_warn("pipe write error (to dns engine)");
+				ntp_quit = 1;
+			}
+
+		if (nfds > 0 && pfd[PFD_PIPE_DNS].revents & (POLLIN|POLLERR)) {
+			nfds--;
+			if (ntp_dispatch_imsg_dns() == -1)
+				ntp_quit = 1;
+		}
+
 		if (nfds > 0 && pfd[PFD_HOTPLUG].revents & (POLLIN|POLLERR)) {
 			nfds--;
 			sensor_hotplugevent(hotplugfd);
@@ -345,6 +372,9 @@ ntp_main(int pipe_prnt[2], struct ntpd_conf *nconf, struct passwd *pw)
 	msgbuf_write(&ibuf_main->w);
 	msgbuf_clear(&ibuf_main->w);
 	free(ibuf_main);
+	msgbuf_write(&ibuf_dns->w);
+	msgbuf_clear(&ibuf_dns->w);
+	free(ibuf_dns);
 
 	log_info("ntp engine exiting");
 	_exit(0);
@@ -355,10 +385,6 @@ ntp_dispatch_imsg(void)
 {
 	struct imsg		 imsg;
 	int			 n;
-	struct ntp_peer		*peer, *npeer;
-	u_int16_t		 dlen;
-	u_char			*p;
-	struct ntp_addr		*h;
 
 	if ((n = imsg_read(ibuf_main)) == -1)
 		return (-1);
@@ -386,6 +412,40 @@ ntp_dispatch_imsg(void)
 				conf->status.synced = 0;
 			}
 			break;
+		default:
+			break;
+		}
+		imsg_free(&imsg);
+	}
+	return (0);
+}
+
+int
+ntp_dispatch_imsg_dns(void)
+{
+	struct imsg		 imsg;
+	struct ntp_peer		*peer, *npeer;
+	u_int16_t		 dlen;
+	u_char			*p;
+	struct ntp_addr		*h;
+	int			 n;
+
+	if ((n = imsg_read(ibuf_dns)) == -1)
+		return (-1);
+
+	if (n == 0) {	/* connection closed */
+		log_warnx("ntp_dispatch_imsg_dns in ntp engine: pipe closed");
+		return (-1);
+	}
+
+	for (;;) {
+		if ((n = imsg_get(ibuf_dns, &imsg)) == -1)
+			return (-1);
+
+		if (n == 0)
+			break;
+
+		switch (imsg.hdr.type) {
 		case IMSG_HOST_DNS:
 			TAILQ_FOREACH(peer, &conf->ntp_peers, entry)
 				if (peer->id == imsg.hdr.peerid)
@@ -633,7 +693,7 @@ priv_host_dns(char *name, u_int32_t peerid)
 	u_int16_t	dlen;
 
 	dlen = strlen(name) + 1;
-	imsg_compose(ibuf_main, IMSG_HOST_DNS, peerid, 0, name, dlen);
+	imsg_compose(ibuf_dns, IMSG_HOST_DNS, peerid, 0, name, dlen);
 }
 
 void
@@ -727,4 +787,3 @@ report_peers(int always)
 		}
 	}
 }
-
diff --git a/usr.sbin/ntpd/ntp_dns.c b/usr.sbin/ntpd/ntp_dns.c
new file mode 100644
index 00000000000..1243f205f0d
--- /dev/null
+++ b/usr.sbin/ntpd/ntp_dns.c
@@ -0,0 +1,170 @@
+/*	$OpenBSD: ntp_dns.c,v 1.1 2008/09/12 10:46:09 henning Exp $ */
+
+/*
+ * Copyright (c) 2003-2008 Henning Brauer <henning@openbsd.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER
+ * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <errno.h>
+#include <poll.h>
+#include <signal.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#include "ntpd.h"
+
+volatile sig_atomic_t	 quit_dns = 0;
+struct imsgbuf		*ibuf_dns;
+
+void	sighdlr_dns(int);
+int	dns_dispatch_imsg(void);
+
+void
+sighdlr_dns(int sig)
+{
+	switch (sig) {
+	case SIGTERM:
+	case SIGINT:
+		quit_dns = 1;
+		break;
+	}
+}
+
+pid_t
+ntp_dns(int pipe_ntp[2], struct ntpd_conf *nconf, struct passwd *pw)
+{
+	pid_t			 pid;
+	struct pollfd		 pfd[1];
+	int			 nfds;
+
+	switch (pid = fork()) {
+	case -1:
+		fatal("cannot fork");
+		break;
+	case 0:
+		break;
+	default:
+		return (pid);
+	}
+
+	/* in this case the parent didn't init logging and didn't daemonize */
+	if (nconf->settime && !nconf->debug) {
+		log_init(nconf->debug);
+		if (setsid() == -1)
+			fatal("setsid");
+	}
+
+	setproctitle("dns engine");
+	close(pipe_ntp[0]);
+
+	if (setgroups(1, &pw->pw_gid) ||
+	    setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
+	    setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
+		fatal("can't drop privileges");
+	endservent();
+
+	signal(SIGTERM, sighdlr_dns);
+	signal(SIGINT, sighdlr_dns);
+	signal(SIGHUP, sighdlr_dns);
+
+	if ((ibuf_dns = malloc(sizeof(struct imsgbuf))) == NULL)
+		fatal(NULL);
+	imsg_init(ibuf_dns, pipe_ntp[1]);
+
+	while (quit_dns == 0) {
+		pfd[0].fd = ibuf_dns->fd;
+		pfd[0].events = POLLIN;
+		if (ibuf_dns->w.queued)
+			pfd[0].events |= POLLOUT;
+
+		if ((nfds = poll(pfd, 1, INFTIM)) == -1)
+			if (errno != EINTR) {
+				log_warn("poll error");
+				quit_dns = 1;
+			}
+
+		if (nfds > 0 && (pfd[0].revents & POLLOUT))
+			if (msgbuf_write(&ibuf_dns->w) < 0) {
+				log_warn("pipe write error (to ntp engine)");
+				quit_dns = 1;
+			}
+
+		if (nfds > 0 && pfd[0].revents & POLLIN) {
+			nfds--;
+			if (dns_dispatch_imsg() == -1)
+				quit_dns = 1;
+		}
+	}
+
+	msgbuf_clear(&ibuf_dns->w);
+	free(ibuf_dns);
+	_exit(0);
+}
+
+int
+dns_dispatch_imsg(void)
+{
+	struct imsg		 imsg;
+	int			 n, cnt;
+	char			*name;
+	struct ntp_addr		*h, *hn;
+	struct buf		*buf;
+
+	if ((n = imsg_read(ibuf_dns)) == -1)
+		return (-1);
+
+	if (n == 0) {	/* connection closed */
+		log_warnx("dispatch_imsg in main: pipe closed");
+		return (-1);
+	}
+
+	for (;;) {
+		if ((n = imsg_get(ibuf_dns, &imsg)) == -1)
+			return (-1);
+
+		if (n == 0)
+			break;
+
+		switch (imsg.hdr.type) {
+		case IMSG_HOST_DNS:
+			name = imsg.data;
+			if (imsg.hdr.len < 1 + IMSG_HEADER_SIZE)
+				fatalx("invalid IMSG_HOST_DNS received");
+			imsg.hdr.len -= 1 + IMSG_HEADER_SIZE;
+			if (name[imsg.hdr.len] != '\0' ||
+			    strlen(name) != imsg.hdr.len)
+				fatalx("invalid IMSG_HOST_DNS received");
+			if ((cnt = host_dns(name, &hn)) == -1)
+				break;
+			buf = imsg_create(ibuf_dns, IMSG_HOST_DNS,
+			    imsg.hdr.peerid, 0,
+			    cnt * sizeof(struct sockaddr_storage));
+			if (buf == NULL)
+				break;
+			if (cnt > 0)
+				for (h = hn; h != NULL; h = h->next)
+					imsg_add(buf, &h->ss, sizeof(h->ss));
+
+			imsg_close(ibuf_dns, buf);
+			break;
+		default:
+			break;
+		}
+		imsg_free(&imsg);
+	}
+	return (0);
+}
diff --git a/usr.sbin/ntpd/ntpd.h b/usr.sbin/ntpd/ntpd.h
index 71f7544302a..b47857709be 100644
--- a/usr.sbin/ntpd/ntpd.h
+++ b/usr.sbin/ntpd/ntpd.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ntpd.h,v 1.95 2008/06/10 03:46:09 naddy Exp $ */
+/*	$OpenBSD: ntpd.h,v 1.96 2008/09/12 10:46:09 henning Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -316,3 +316,6 @@ int			sensor_scan(void);
 void			sensor_query(struct ntp_sensor *);
 int			sensor_hotplugfd(void);
 void			sensor_hotplugevent(int);
+
+/* ntp_dns.c */
+pid_t	ntp_dns(int[2], struct ntpd_conf *, struct passwd *);