Re: netsec 682578f 4/6: Add option to bypass NSM TLS checks on local networks

[Robert Pluim]

Jimmy Yuen Ho Wong <address@hidden> writes:

>> On 15 Jul 2018, at 12:46 pm, Robert Pluim <address@hidden> wrote:
>> 
>> address@hidden (Jimmy Yuen Ho Wong) writes:
>> 
>>> branch: netsec
>>> commit 682578fcf74d4598e39eca81e09d81810d3fc28d
>>> Author: Jimmy Yuen Ho Wong <address@hidden>
>>> Commit: Jimmy Yuen Ho Wong <address@hidden>
>>> 
>>>    Add option to bypass NSM TLS checks on local networks
>>> 
>>>    * lisp/net/net-utils.el (nslookup-host-ipv4, nslookup-host-ipv6,
>>>      ipv6-expand): New functions to lookup IPv4 and IPv6 addresses from
>>>      DNS.
>> 
>> So this only works for people who have nslookup installed? Emacs
>> already uses getaddrinfo internally, would it help you if there was a
>> lisp-level interface to it?
>> 
>
> Yes it would. I was asking for that exact same thing :) lend me a hand on 
> this?

Iʼm terrible at choosing names, please suggest better ones
(hostname-lookup, gethostbyname,....?). Output currently looks like
this, including a port number, but thatʼs easily changed:

(get-address-info "www.slashdot.org" 'ipv4)
([216 105 38 15 0] [216 105 38 15 0] [216 105 38 15 0])

(get-address-info "google.com")
([172 217 19 238 0] [172 217 19 238 0] [172 217 19 238 0] [10752 5200 16391 
2060 0 0 0 8206 0] [10752 5200 16391 2060 0 0 0 8206 0] [10752 5200 16391 2060 
0 0 0 8206 0])

Eli, I see thereʼs a sys_getaddrinfo in w32.c, is something needed to get emacs
to use that on MS-Windows?

diff --git i/src/process.c w/src/process.c
index 279b74bc66..7d0bf74cbe 100644
--- i/src/process.c
+++ w/src/process.c
@@ -4531,6 +4531,55 @@ Data that is unavailable is returned as nil.  */)
 #endif
 }
 
+DEFUN ("get-address-info", Fget_address_info, Sget_address_info, 1, 2, 0,
+       doc: /* Look up ip address info of NAME.
+Optional parameter FAMILY controls whether to look up IPv4 or IPv6
+addresses.  The default of nil means look up both, symbol `ipv4' means
+IPv4 only, symbol `ipv6' mean IPv6 only.  Returns a list of addresses,
+or nil if none were found.  */)
+     (Lisp_Object name, Lisp_Object family)
+{
+  Lisp_Object addresses = Qnil;
+  struct addrinfo *res, *lres;
+  int ret;
+
+  struct addrinfo hints;
+  memset (&hints, 0, sizeof hints);
+  if (EQ (family, Qnil))
+    hints.ai_family = AF_UNSPEC;
+  if (EQ (family, Qipv4))
+    hints.ai_family = AF_INET;
+#ifdef AF_INET6
+  if (EQ (family, Qipv6))
+    hints.ai_family = AF_INET6;
+#endif
+  hints.ai_socktype = 0;
+
+  ret = getaddrinfo (SSDATA (name), NULL, &hints, &res);
+  if (ret)
+#ifdef HAVE_GAI_STRERROR
+    {
+      synchronize_system_messages_locale ();
+      char const *str = gai_strerror (ret);
+      if (! NILP (Vlocale_coding_system))
+        str = SSDATA (code_convert_string_norecord
+                      (build_string (str), Vlocale_coding_system, 0));
+      message ("\"%s\" \"%s\"", SSDATA (name), str);
+    }
+#else
+      message ("%s get-address-info error %d", SSDATA (name), ret);
+#endif
+  else
+    {
+      for (lres = res; lres; lres = lres->ai_next)
+        addresses = Fcons (conv_sockaddr_to_lisp (lres->ai_addr, 
lres->ai_addrlen), addresses);
+      addresses = Fnreverse (addresses);
+
+      freeaddrinfo (res);
+    }
+  return addresses;
+}
+
 /* Turn off input and output for process PROC.  */
 
 static void
@@ -8274,6 +8323,7 @@ returns non-`nil'.  */);
   defsubr (&Sset_network_process_option);
   defsubr (&Smake_network_process);
   defsubr (&Sformat_network_address);
+  defsubr (&Sget_address_info);
   defsubr (&Snetwork_interface_list);
   defsubr (&Snetwork_interface_info);
 #ifdef DATAGRAM_SOCKETS