Back to index...

	/*
	* Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
	*
	* This code is free software; you can redistribute it and/or modify it
	* under the terms of the GNU General Public License version 2 only, as
	* published by the Free Software Foundation. Oracle designates this
	* particular file as subject to the "Classpath" exception as provided
	* by Oracle in the LICENSE file that accompanied this code.
	*
	* This code is distributed in the hope that it will be useful, but WITHOUT
	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	* version 2 for more details (a copy is included in the LICENSE file that
	* accompanied this code).
	*
	* You should have received a copy of the GNU General Public License version
	* 2 along with this work; if not, write to the Free Software Foundation,
	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
	*
	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
	* or visit www.oracle.com if you need additional information or have any
	* questions.
	*/

	package sun.net.spi.nameservice.dns;

	import java.lang.ref.SoftReference;
	import java.net.InetAddress;
	import java.net.UnknownHostException;
	import javax.naming.*;
	import javax.naming.directory.*;
	import javax.naming.spi.NamingManager;
	import java.util.*;
	import sun.net.util.IPAddressUtil;
	import sun.net.dns.ResolverConfiguration;
	import sun.net.spi.nameservice.*;
	import java.security.AccessController;
	import sun.security.action.*;

	/*
	* A name service provider based on JNDI-DNS.
	*/

	public final class DNSNameService implements NameService {

	// List of domains specified by property
	private LinkedList<String> domainList = null;

	// JNDI-DNS URL for name servers specified via property
	private String nameProviderUrl = null;

	// Per-thread soft cache of the last temporary context
	private static ThreadLocal<SoftReference<ThreadContext>> contextRef =
	new ThreadLocal<>();

	// Simple class to encapsulate the temporary context
	private static class ThreadContext {
	private DirContext dirCtxt;
	private List<String> nsList;

	public ThreadContext(DirContext dirCtxt, List<String> nsList) {
	this.dirCtxt = dirCtxt;
	this.nsList = nsList;
	}

	public DirContext dirContext() {
	return dirCtxt;
	}

	public List<String> nameservers() {
	return nsList;
	}
	}

	// Returns a per-thread DirContext
	private DirContext getTemporaryContext() throws NamingException {
	SoftReference<ThreadContext> ref = contextRef.get();
	ThreadContext thrCtxt = null;
	List<String> nsList = null;

	// if no property specified we need to obtain the list of servers
	//
	if (nameProviderUrl == null)
	nsList = ResolverConfiguration.open().nameservers();

	// if soft reference hasn't been gc'ed no property has been
	// specified then we need to check if the DNS configuration
	// has changed.
	//
	if ((ref != null) && ((thrCtxt = ref.get()) != null)) {
	if (nameProviderUrl == null) {
	if (!thrCtxt.nameservers().equals(nsList)) {
	// DNS configuration has changed
	thrCtxt = null;
	}
	}
	}

	// new thread context needs to be created
	if (thrCtxt == null) {
	final Hashtable<String,Object> env = new Hashtable<>();
	env.put("java.naming.factory.initial",
	"com.sun.jndi.dns.DnsContextFactory");

	// If no nameservers property specified we create provider URL
	// based on system configured name servers
	//
	String provUrl = nameProviderUrl;
	if (provUrl == null) {
	provUrl = createProviderURL(nsList);
	if (provUrl.length() == 0) {
	throw new RuntimeException("bad nameserver configuration");
	}
	}
	env.put("java.naming.provider.url", provUrl);

	// Need to create directory context in privileged block
	// as JNDI-DNS needs to resolve the name servers.
	//
	DirContext dirCtxt;
	try {
	dirCtxt = java.security.AccessController.doPrivileged(
	new java.security.PrivilegedExceptionAction<DirContext>() {
	public DirContext run() throws NamingException {
	// Create the DNS context using NamingManager rather than using
	// the initial context constructor. This avoids having the initial
	// context constructor call itself.
	Context ctx = NamingManager.getInitialContext(env);
	if (!(ctx instanceof DirContext)) {
	return null; // cannot create a DNS context
	}
	return (DirContext)ctx;
	}
	});
	} catch (java.security.PrivilegedActionException pae) {
	throw (NamingException)pae.getException();
	}

	// create new soft reference to our thread context
	//
	thrCtxt = new ThreadContext(dirCtxt, nsList);
	contextRef.set(new SoftReference<ThreadContext>(thrCtxt));
	}

	return thrCtxt.dirContext();
	}

	/**
	* Resolves the specified entry in DNS.
	*
	* Canonical name records are recursively resolved (to a maximum
	* of 5 to avoid performance hit and potential CNAME loops).
	*
	* @param ctx JNDI directory context
	* @param name name to resolve
	* @param ids record types to search
	* @param depth call depth - pass as 0.
	*
	* @return array list with results (will have at least on entry)
	*
	* @throws UnknownHostException if lookup fails or other error.
	*/
	private ArrayList<String> resolve(final DirContext ctx, final String name,
	final String[] ids, int depth)
	throws UnknownHostException
	{
	ArrayList<String> results = new ArrayList<>();
	Attributes attrs;

	// do the query
	try {
	attrs = java.security.AccessController.doPrivileged(
	new java.security.PrivilegedExceptionAction<Attributes>() {
	public Attributes run() throws NamingException {
	return ctx.getAttributes(name, ids);
	}
	});
	} catch (java.security.PrivilegedActionException pae) {
	throw new UnknownHostException(pae.getException().getMessage());
	}

	// non-requested type returned so enumeration is empty
	NamingEnumeration<? extends Attribute> ne = attrs.getAll();
	if (!ne.hasMoreElements()) {
	throw new UnknownHostException("DNS record not found");
	}

	// iterate through the returned attributes
	UnknownHostException uhe = null;
	try {
	while (ne.hasMoreElements()) {
	Attribute attr = ne.next();
	String attrID = attr.getID();

	for (NamingEnumeration<?> e = attr.getAll(); e.hasMoreElements();) {
	String addr = (String)e.next();

	// for canoncical name records do recursive lookup
	// - also check for CNAME loops to avoid stack overflow

	if (attrID.equals("CNAME")) {
	if (depth > 4) {
	throw new UnknownHostException(name + ": possible CNAME loop");
	}
	try {
	results.addAll(resolve(ctx, addr, ids, depth+1));
	} catch (UnknownHostException x) {
	// canonical name can't be resolved.
	if (uhe == null)
	uhe = x;
	}
	} else {
	results.add(addr);
	}
	}
	}
	} catch (NamingException nx) {
	throw new UnknownHostException(nx.getMessage());
	}

	// pending exception as canonical name could not be resolved.
	if (results.isEmpty() && uhe != null) {
	throw uhe;
	}

	return results;
	}

	public DNSNameService() throws Exception {

	// default domain
	String domain = AccessController.doPrivileged(
	new GetPropertyAction("sun.net.spi.nameservice.domain"));
	if (domain != null && domain.length() > 0) {
	domainList = new LinkedList<String>();
	domainList.add(domain);
	}

	// name servers
	String nameservers = AccessController.doPrivileged(
	new GetPropertyAction("sun.net.spi.nameservice.nameservers"));
	if (nameservers != null && nameservers.length() > 0) {
	nameProviderUrl = createProviderURL(nameservers);
	if (nameProviderUrl.length() == 0) {
	throw new RuntimeException("malformed nameservers property");
	}

	} else {

	// no property specified so check host DNS resolver configured
	// with at least one nameserver in dotted notation.
	//
	List<String> nsList = ResolverConfiguration.open().nameservers();
	if (nsList.isEmpty()) {
	throw new RuntimeException("no nameservers provided");
	}
	boolean found = false;
	for (String addr: nsList) {
	if (IPAddressUtil.isIPv4LiteralAddress(addr) \|\|
	IPAddressUtil.isIPv6LiteralAddress(addr)) {
	found = true;
	break;
	}
	}
	if (!found) {
	throw new RuntimeException("bad nameserver configuration");
	}
	}
	}

	public InetAddress[] lookupAllHostAddr(String host) throws UnknownHostException {

	// DNS records that we search for
	String[] ids = {"A", "AAAA", "CNAME"};

	// first get directory context
	DirContext ctx;
	try {
	ctx = getTemporaryContext();
	} catch (NamingException nx) {
	throw new Error(nx);
	}

	ArrayList<String> results = null;
	UnknownHostException uhe = null;

	// If host already contains a domain name then just look it up
	if (host.indexOf('.') >= 0) {
	try {
	results = resolve(ctx, host, ids, 0);
	} catch (UnknownHostException x) {
	uhe = x;
	}
	}

	// Here we try to resolve the host using the domain suffix or
	// the domain suffix search list. If the host cannot be resolved
	// using the domain suffix then we attempt devolution of
	// the suffix - eg: if we are searching for "foo" and our
	// domain suffix is "eng.sun.com" we will try to resolve
	// "foo.eng.sun.com" and "foo.sun.com".
	// It's not normal to attempt devolation with domains on the
	// domain suffix search list - however as ResolverConfiguration
	// doesn't distinguish domain or search list in the list it
	// returns we approximate by doing devolution on the domain
	// suffix if the list has one entry.

	if (results == null) {
	List<String> searchList = null;
	Iterator<String> i;
	boolean usingSearchList = false;

	if (domainList != null) {
	i = domainList.iterator();
	} else {
	searchList = ResolverConfiguration.open().searchlist();
	if (searchList.size() > 1) {
	usingSearchList = true;
	}
	i = searchList.iterator();
	}

	// iterator through each domain suffix
	while (i.hasNext()) {
	String parentDomain = i.next();
	int start = 0;
	while ((start = parentDomain.indexOf(".")) != -1
	&& start < parentDomain.length() -1) {
	try {
	results = resolve(ctx, host+"."+parentDomain, ids, 0);
	break;
	} catch (UnknownHostException x) {
	uhe = x;
	if (usingSearchList) {
	break;
	}

	// devolve
	parentDomain = parentDomain.substring(start+1);
	}
	}
	if (results != null) {
	break;
	}
	}
	}

	// finally try the host if it doesn't have a domain name
	if (results == null && (host.indexOf('.') < 0)) {
	results = resolve(ctx, host, ids, 0);
	}

	// if not found then throw the (last) exception thrown.
	if (results == null) {
	assert uhe != null;
	throw uhe;
	}

	/**
	* Convert the array list into a byte aray list - this
	* filters out any invalid IPv4/IPv6 addresses.
	*/
	assert results.size() > 0;
	InetAddress[] addrs = new InetAddress[results.size()];
	int count = 0;
	for (int i=0; i<results.size(); i++) {
	String addrString = results.get(i);
	byte addr[] = IPAddressUtil.textToNumericFormatV4(addrString);
	if (addr == null) {
	addr = IPAddressUtil.textToNumericFormatV6(addrString);
	}
	if (addr != null) {
	addrs[count++] = InetAddress.getByAddress(host, addr);
	}
	}

	/**
	* If addresses are filtered then we need to resize the
	* array. Additionally if all addresses are filtered then
	* we throw an exception.
	*/
	if (count == 0) {
	throw new UnknownHostException(host + ": no valid DNS records");
	}
	if (count < results.size()) {
	InetAddress[] tmp = new InetAddress[count];
	for (int i=0; i<count; i++) {
	tmp[i] = addrs[i];
	}
	addrs = tmp;
	}

	return addrs;
	}

	/**
	* Reverse lookup code. I.E: find a host name from an IP address.
	* IPv4 addresses are mapped in the IN-ADDR.ARPA. top domain, while
	* IPv6 addresses can be in IP6.ARPA or IP6.INT.
	* In both cases the address has to be converted into a dotted form.
	*/
	public String getHostByAddr(byte[] addr) throws UnknownHostException {
	String host = null;
	try {
	String literalip = "";
	String[] ids = { "PTR" };
	DirContext ctx;
	ArrayList<String> results = null;
	try {
	ctx = getTemporaryContext();
	} catch (NamingException nx) {
	throw new Error(nx);
	}
	if (addr.length == 4) { // IPv4 Address
	for (int i = addr.length-1; i >= 0; i--) {
	literalip += (addr[i] & 0xff) +".";
	}
	literalip += "IN-ADDR.ARPA.";

	results = resolve(ctx, literalip, ids, 0);
	host = results.get(0);
	} else if (addr.length == 16) { // IPv6 Address
	/**
	* Because RFC 3152 changed the root domain name for reverse
	* lookups from IP6.INT. to IP6.ARPA., we need to check
	* both. I.E. first the new one, IP6.ARPA, then if it fails
	* the older one, IP6.INT
	*/

	for (int i = addr.length-1; i >= 0; i--) {
	literalip += Integer.toHexString((addr[i] & 0x0f)) +"."
	+Integer.toHexString((addr[i] & 0xf0) >> 4) +".";
	}
	String ip6lit = literalip + "IP6.ARPA.";

	try {
	results = resolve(ctx, ip6lit, ids, 0);
	host = results.get(0);
	} catch (UnknownHostException e) {
	host = null;
	}
	if (host == null) {
	// IP6.ARPA lookup failed, let's try the older IP6.INT
	ip6lit = literalip + "IP6.INT.";
	results = resolve(ctx, ip6lit, ids, 0);
	host = results.get(0);
	}
	}
	} catch (Exception e) {
	throw new UnknownHostException(e.getMessage());
	}
	// Either we couldn't find it or the address was neither IPv4 or IPv6
	if (host == null)
	throw new UnknownHostException();
	// remove trailing dot
	if (host.endsWith(".")) {
	host = host.substring(0, host.length() - 1);
	}
	return host;
	}


	// ---------

	private static void appendIfLiteralAddress(String addr, StringBuffer sb) {
	if (IPAddressUtil.isIPv4LiteralAddress(addr)) {
	sb.append("dns://" + addr + " ");
	} else {
	if (IPAddressUtil.isIPv6LiteralAddress(addr)) {
	sb.append("dns://[" + addr + "] ");
	}
	}
	}

	/*
	* @return String containing the JNDI-DNS provider URL
	* corresponding to the supplied List of nameservers.
	*/
	private static String createProviderURL(List<String> nsList) {
	StringBuffer sb = new StringBuffer();
	for (String s: nsList) {
	appendIfLiteralAddress(s, sb);
	}
	return sb.toString();
	}

	/*
	* @return String containing the JNDI-DNS provider URL
	* corresponding to the list of nameservers
	* contained in the provided str.
	*/
	private static String createProviderURL(String str) {
	StringBuffer sb = new StringBuffer();
	StringTokenizer st = new StringTokenizer(str, ",");
	while (st.hasMoreTokens()) {
	appendIfLiteralAddress(st.nextToken(), sb);
	}
	return sb.toString();
	}
	}

Back to index...