[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: netsec 682578f 4/6: Add option to bypass NSM TLS checks on local net
From: |
Robert Pluim |
Subject: |
Re: netsec 682578f 4/6: Add option to bypass NSM TLS checks on local networks |
Date: |
Mon, 16 Jul 2018 15:34:35 +0200 |
Jimmy Yuen Ho Wong <address@hidden> writes:
>> On 15 Jul 2018, at 12:46 pm, Robert Pluim <address@hidden> wrote:
>>
>> address@hidden (Jimmy Yuen Ho Wong) writes:
>>
>>> branch: netsec
>>> commit 682578fcf74d4598e39eca81e09d81810d3fc28d
>>> Author: Jimmy Yuen Ho Wong <address@hidden>
>>> Commit: Jimmy Yuen Ho Wong <address@hidden>
>>>
>>> Add option to bypass NSM TLS checks on local networks
>>>
>>> * lisp/net/net-utils.el (nslookup-host-ipv4, nslookup-host-ipv6,
>>> ipv6-expand): New functions to lookup IPv4 and IPv6 addresses from
>>> DNS.
>>
>> So this only works for people who have nslookup installed? Emacs
>> already uses getaddrinfo internally, would it help you if there was a
>> lisp-level interface to it?
>>
>
> Yes it would. I was asking for that exact same thing :) lend me a hand on
> this?
Iʼm terrible at choosing names, please suggest better ones
(hostname-lookup, gethostbyname,....?). Output currently looks like
this, including a port number, but thatʼs easily changed:
(get-address-info "www.slashdot.org" 'ipv4)
([216 105 38 15 0] [216 105 38 15 0] [216 105 38 15 0])
(get-address-info "google.com")
([172 217 19 238 0] [172 217 19 238 0] [172 217 19 238 0] [10752 5200 16391
2060 0 0 0 8206 0] [10752 5200 16391 2060 0 0 0 8206 0] [10752 5200 16391 2060
0 0 0 8206 0])
Eli, I see thereʼs a sys_getaddrinfo in w32.c, is something needed to get emacs
to use that on MS-Windows?
diff --git i/src/process.c w/src/process.c
index 279b74bc66..7d0bf74cbe 100644
--- i/src/process.c
+++ w/src/process.c
@@ -4531,6 +4531,55 @@ Data that is unavailable is returned as nil. */)
#endif
}
+DEFUN ("get-address-info", Fget_address_info, Sget_address_info, 1, 2, 0,
+ doc: /* Look up ip address info of NAME.
+Optional parameter FAMILY controls whether to look up IPv4 or IPv6
+addresses. The default of nil means look up both, symbol `ipv4' means
+IPv4 only, symbol `ipv6' mean IPv6 only. Returns a list of addresses,
+or nil if none were found. */)
+ (Lisp_Object name, Lisp_Object family)
+{
+ Lisp_Object addresses = Qnil;
+ struct addrinfo *res, *lres;
+ int ret;
+
+ struct addrinfo hints;
+ memset (&hints, 0, sizeof hints);
+ if (EQ (family, Qnil))
+ hints.ai_family = AF_UNSPEC;
+ if (EQ (family, Qipv4))
+ hints.ai_family = AF_INET;
+#ifdef AF_INET6
+ if (EQ (family, Qipv6))
+ hints.ai_family = AF_INET6;
+#endif
+ hints.ai_socktype = 0;
+
+ ret = getaddrinfo (SSDATA (name), NULL, &hints, &res);
+ if (ret)
+#ifdef HAVE_GAI_STRERROR
+ {
+ synchronize_system_messages_locale ();
+ char const *str = gai_strerror (ret);
+ if (! NILP (Vlocale_coding_system))
+ str = SSDATA (code_convert_string_norecord
+ (build_string (str), Vlocale_coding_system, 0));
+ message ("\"%s\" \"%s\"", SSDATA (name), str);
+ }
+#else
+ message ("%s get-address-info error %d", SSDATA (name), ret);
+#endif
+ else
+ {
+ for (lres = res; lres; lres = lres->ai_next)
+ addresses = Fcons (conv_sockaddr_to_lisp (lres->ai_addr,
lres->ai_addrlen), addresses);
+ addresses = Fnreverse (addresses);
+
+ freeaddrinfo (res);
+ }
+ return addresses;
+}
+
/* Turn off input and output for process PROC. */
static void
@@ -8274,6 +8323,7 @@ returns non-`nil'. */);
defsubr (&Sset_network_process_option);
defsubr (&Smake_network_process);
defsubr (&Sformat_network_address);
+ defsubr (&Sget_address_info);
defsubr (&Snetwork_interface_list);
defsubr (&Snetwork_interface_info);
#ifdef DATAGRAM_SOCKETS
- Re: netsec 682578f 4/6: Add option to bypass NSM TLS checks on local networks, Robert Pluim, 2018/07/15
- Re: netsec 682578f 4/6: Add option to bypass NSM TLS checks on local networks, Jimmy Yuen Ho Wong, 2018/07/15
- Re: netsec 682578f 4/6: Add option to bypass NSM TLS checks on local networks, Eli Zaretskii, 2018/07/16
- Re: netsec 682578f 4/6: Add option to bypass NSM TLS checks on local networks, Robert Pluim, 2018/07/17
- Re: netsec 682578f 4/6: Add option to bypass NSM TLS checks on local networks, Eli Zaretskii, 2018/07/17
- Re: netsec 682578f 4/6: Add option to bypass NSM TLS checks on local networks, Robert Pluim, 2018/07/17