From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Robert Pluim Newsgroups: gmane.emacs.devel Subject: Re: netsec 682578f 4/6: Add option to bypass NSM TLS checks on local networks Date: Mon, 16 Jul 2018 15:34:35 +0200 Message-ID: <87va9fs3ro.fsf@gmail.com> References: <20180714170806.8972.58581@vcs0.savannah.gnu.org> <20180714170809.C3A3920456@vcs0.savannah.gnu.org> <87o9f84t89.fsf@gmail.com> <4C758D1D-7C3A-425A-852F-75E03C779E01@gmail.com> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Trace: blaine.gmane.org 1531747973 26121 195.159.176.226 (16 Jul 2018 13:32:53 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Mon, 16 Jul 2018 13:32:53 +0000 (UTC) Cc: emacs-devel@gnu.org To: Jimmy Yuen Ho Wong Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Jul 16 15:32:48 2018 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ff3cL-0006cz-8O for ged-emacs-devel@m.gmane.org; Mon, 16 Jul 2018 15:32:45 +0200 Original-Received: from localhost ([::1]:51796 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff3eS-00078y-8b for ged-emacs-devel@m.gmane.org; Mon, 16 Jul 2018 09:34:56 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:55361) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff3eF-00077E-6G for emacs-devel@gnu.org; Mon, 16 Jul 2018 09:34:44 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ff3eC-0002mO-0W for emacs-devel@gnu.org; Mon, 16 Jul 2018 09:34:43 -0400 Original-Received: from mail-wr1-x434.google.com ([2a00:1450:4864:20::434]:36303) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1ff3eB-0002k5-Og for emacs-devel@gnu.org; Mon, 16 Jul 2018 09:34:39 -0400 Original-Received: by mail-wr1-x434.google.com with SMTP id h9-v6so31958469wro.3 for ; Mon, 16 Jul 2018 06:34:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:references:mail-followup-to:mail-copies-to :gmane-reply-to-list:date:in-reply-to:message-id:mime-version :content-transfer-encoding; bh=8gZWFwwQ64r3ebza1COtDvZ0MaUrUe36xMPx9PDZ54U=; b=IXWzcACm+CSr9Ck4/RShx5q0PjLa/hhcYqOwre7JuENLinZFDb5ZOissvs3MnDtplY OD3+OqULRn98Tt8/qfg451hm4CFb6cpe8J/0bFJP1pu/w2p/SwdNEwiudqvjv6tQgfFi 6KjzCArjyc8r3AFPWlTGufTq0e4LdMDMaDmt4LSFy4lhUmxOXUVfq3gMYmzbWFDMZioJ ElVM3mzSN/Z53eI7XQSWqVX1MkgOSYXru0KaDYKE+I9yJCu9dT1vRPX8zphXYEku0Peg QpsOo/jA4eT4Z+xK2ru/+k5IN0JHWygsuwZH1UnJTUdsmbqiNnvZz/iEvy7ZQNN5a3Fa Vi0Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:references:mail-followup-to :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id :mime-version:content-transfer-encoding; bh=8gZWFwwQ64r3ebza1COtDvZ0MaUrUe36xMPx9PDZ54U=; b=W+bvQQKIoG8ATxBvYXdEpze9hcozpK7tUhXz/nL8vVIkktoXWsP8rnftB7cR1keg/K sYUh1qljJ6RNkFh9/lLhl5oVRVltwuZhz2dS3QQy2nIDNfeGfzLCvEMZve9AC1YaOdOI GowxytYCNgmLrODqyuFRx9tip4ZcoVrK7i4caLqYbUJQ+lHyoNV8JkB2AUE1Wxc4/dwR Y0bF5SF76zM8l2/DQa7xMIzSvIPqly8qXt5p/qe3x1hCVstfZpeRRHSmzW5tZUiLktJi f8twvhGExBydmjsGwf2LUtTgwSEevJtFUMQv+uUYutYapavjQ3DStse90oZy4kuY5r5H VL/g== X-Gm-Message-State: AOUpUlFJ4Cut9Gjv5+j9CPy+Y8a8Rr8BVZFor8QySwH9IhvvpkxamZMa QFe/XgvQ7dsWfitFD5JapH51HLHC X-Google-Smtp-Source: AAOMgpe0juQOakIHGYfeapoZAnl+qPq/n673dvEXMO0Y9VJSy+WuNs6A8WN7j4ze4IV2Fd0xnJN+Iw== X-Received: by 2002:adf:cd0e:: with SMTP id w14-v6mr11452791wrm.226.1531748077615; Mon, 16 Jul 2018 06:34:37 -0700 (PDT) Original-Received: from rpluim (vav06-1-78-207-202-134.fbx.proxad.net. [78.207.202.134]) by smtp.gmail.com with ESMTPSA id w8-v6sm9747088wrp.72.2018.07.16.06.34.35 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 16 Jul 2018 06:34:36 -0700 (PDT) Mail-Followup-To: emacs-devel@gnu.org Mail-Copies-To: never Gmane-Reply-To-List: yes In-Reply-To: <4C758D1D-7C3A-425A-852F-75E03C779E01@gmail.com> (Jimmy Yuen Ho Wong's message of "Sun, 15 Jul 2018 16:34:47 +0100") X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4864:20::434 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.org gmane.emacs.devel:227449 Archived-At: Jimmy Yuen Ho Wong writes: >> On 15 Jul 2018, at 12:46 pm, Robert Pluim wrote: >>=20 >> wyuenho@gmail.com (Jimmy Yuen Ho Wong) writes: >>=20 >>> branch: netsec >>> commit 682578fcf74d4598e39eca81e09d81810d3fc28d >>> Author: Jimmy Yuen Ho Wong >>> Commit: Jimmy Yuen Ho Wong >>>=20 >>> Add option to bypass NSM TLS checks on local networks >>>=20 >>> * lisp/net/net-utils.el (nslookup-host-ipv4, nslookup-host-ipv6, >>> ipv6-expand): New functions to lookup IPv4 and IPv6 addresses from >>> DNS. >>=20 >> So this only works for people who have nslookup installed? Emacs >> already uses getaddrinfo internally, would it help you if there was a >> lisp-level interface to it? >>=20 > > Yes it would. I was asking for that exact same thing :) lend me a hand on= this? I=CA=BCm terrible at choosing names, please suggest better ones (hostname-lookup, gethostbyname,....?). Output currently looks like this, including a port number, but that=CA=BCs easily changed: (get-address-info "www.slashdot.org" 'ipv4) ([216 105 38 15 0] [216 105 38 15 0] [216 105 38 15 0]) (get-address-info "google.com") ([172 217 19 238 0] [172 217 19 238 0] [172 217 19 238 0] [10752 5200 16391= 2060 0 0 0 8206 0] [10752 5200 16391 2060 0 0 0 8206 0] [10752 5200 16391 = 2060 0 0 0 8206 0]) Eli, I see there=CA=BCs a sys_getaddrinfo in w32.c, is something needed to = get emacs to use that on MS-Windows? diff --git i/src/process.c w/src/process.c index 279b74bc66..7d0bf74cbe 100644 --- i/src/process.c +++ w/src/process.c @@ -4531,6 +4531,55 @@ Data that is unavailable is returned as nil. */) #endif } =20 +DEFUN ("get-address-info", Fget_address_info, Sget_address_info, 1, 2, 0, + doc: /* Look up ip address info of NAME. +Optional parameter FAMILY controls whether to look up IPv4 or IPv6 +addresses. The default of nil means look up both, symbol `ipv4' means +IPv4 only, symbol `ipv6' mean IPv6 only. Returns a list of addresses, +or nil if none were found. */) + (Lisp_Object name, Lisp_Object family) +{ + Lisp_Object addresses =3D Qnil; + struct addrinfo *res, *lres; + int ret; + + struct addrinfo hints; + memset (&hints, 0, sizeof hints); + if (EQ (family, Qnil)) + hints.ai_family =3D AF_UNSPEC; + if (EQ (family, Qipv4)) + hints.ai_family =3D AF_INET; +#ifdef AF_INET6 + if (EQ (family, Qipv6)) + hints.ai_family =3D AF_INET6; +#endif + hints.ai_socktype =3D 0; + + ret =3D getaddrinfo (SSDATA (name), NULL, &hints, &res); + if (ret) +#ifdef HAVE_GAI_STRERROR + { + synchronize_system_messages_locale (); + char const *str =3D gai_strerror (ret); + if (! NILP (Vlocale_coding_system)) + str =3D SSDATA (code_convert_string_norecord + (build_string (str), Vlocale_coding_system, 0)); + message ("\"%s\" \"%s\"", SSDATA (name), str); + } +#else + message ("%s get-address-info error %d", SSDATA (name), ret); +#endif + else + { + for (lres =3D res; lres; lres =3D lres->ai_next) + addresses =3D Fcons (conv_sockaddr_to_lisp (lres->ai_addr, lres->a= i_addrlen), addresses); + addresses =3D Fnreverse (addresses); + + freeaddrinfo (res); + } + return addresses; +} + /* Turn off input and output for process PROC. */ =20 static void @@ -8274,6 +8323,7 @@ returns non-`nil'. */); defsubr (&Sset_network_process_option); defsubr (&Smake_network_process); defsubr (&Sformat_network_address); + defsubr (&Sget_address_info); defsubr (&Snetwork_interface_list); defsubr (&Snetwork_interface_info); #ifdef DATAGRAM_SOCKETS