[thirdparty/systemd.git] / src / resolve / resolved-dns-rr.h

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

#pragma once

/***
  This file is part of systemd.

  Copyright 2014 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
 ***/

#include <netinet/in.h>

#include "bitmap.h"
#include "dns-type.h"
#include "hashmap.h"
#include "in-addr-util.h"
#include "list.h"

typedef struct DnsResourceKey DnsResourceKey;
typedef struct DnsResourceRecord DnsResourceRecord;
typedef struct DnsTxtItem DnsTxtItem;

/* DNSKEY RR flags */
#define DNSKEY_FLAG_SEP      (UINT16_C(1) << 0)
#define DNSKEY_FLAG_REVOKE   (UINT16_C(1) << 7)
#define DNSKEY_FLAG_ZONE_KEY (UINT16_C(1) << 8)

/* mDNS RR flags */
#define MDNS_RR_CACHE_FLUSH  (UINT16_C(1) << 15)

/* DNSSEC algorithm identifiers, see
 * http://tools.ietf.org/html/rfc4034#appendix-A.1 and
 * https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml */
enum {
        DNSSEC_ALGORITHM_RSAMD5 = 1,
        DNSSEC_ALGORITHM_DH,
        DNSSEC_ALGORITHM_DSA,
        DNSSEC_ALGORITHM_ECC,
        DNSSEC_ALGORITHM_RSASHA1,
        DNSSEC_ALGORITHM_DSA_NSEC3_SHA1,
        DNSSEC_ALGORITHM_RSASHA1_NSEC3_SHA1,
        DNSSEC_ALGORITHM_RSASHA256 = 8,        /* RFC 5702 */
        DNSSEC_ALGORITHM_RSASHA512 = 10,       /* RFC 5702 */
        DNSSEC_ALGORITHM_ECC_GOST = 12,        /* RFC 5933 */
        DNSSEC_ALGORITHM_ECDSAP256SHA256 = 13, /* RFC 6605 */
        DNSSEC_ALGORITHM_ECDSAP384SHA384 = 14, /* RFC 6605 */
        DNSSEC_ALGORITHM_INDIRECT = 252,
        DNSSEC_ALGORITHM_PRIVATEDNS,
        DNSSEC_ALGORITHM_PRIVATEOID,
        _DNSSEC_ALGORITHM_MAX_DEFINED
};

/* DNSSEC digest identifiers, see
 * https://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml */
enum {
        DNSSEC_DIGEST_SHA1 = 1,
        DNSSEC_DIGEST_SHA256 = 2,              /* RFC 4509 */
        DNSSEC_DIGEST_GOST_R_34_11_94 = 3,     /* RFC 5933 */
        DNSSEC_DIGEST_SHA384 = 4,              /* RFC 6605 */
        _DNSSEC_DIGEST_MAX_DEFINED
};

/* DNSSEC NSEC3 hash algorithms, see
 * https://www.iana.org/assignments/dnssec-nsec3-parameters/dnssec-nsec3-parameters.xhtml */
enum {
        NSEC3_ALGORITHM_SHA1 = 1,
        _NSEC3_ALGORITHM_MAX_DEFINED
};

struct DnsResourceKey {
        unsigned n_ref; /* (unsigned -1) for const keys, see below */
        uint16_t class, type;
        char *_name; /* don't access directy, use DNS_RESOURCE_KEY_NAME()! */
};

/* Creates a temporary resource key. This is only useful to quickly
 * look up something, without allocating a full DnsResourceKey object
 * for it. Note that it is not OK to take references to this kind of
 * resource key object. */
#define DNS_RESOURCE_KEY_CONST(c, t, n)                 \
        ((DnsResourceKey) {                             \
                .n_ref = (unsigned) -1,                 \
                .class = c,                             \
                .type = t,                              \
                ._name = (char*) n,                     \
        })


struct DnsTxtItem {
        size_t length;
        LIST_FIELDS(DnsTxtItem, items);
        uint8_t data[];
};

struct DnsResourceRecord {
        unsigned n_ref;
        DnsResourceKey *key;

        char *to_string;

        uint32_t ttl;
        usec_t expiry; /* RRSIG signature expiry */

        /* How many labels to strip to determine "signer" of the RRSIG (aka, the zone). -1 if not signed. */
        unsigned n_skip_labels_signer;
        /* How many labels to strip to determine "synthesizing source" of this RR, i.e. the wildcard's immediate parent. -1 if not signed. */
        unsigned n_skip_labels_source;

        bool unparseable:1;

        bool wire_format_canonical:1;
        void *wire_format;
        size_t wire_format_size;
        size_t wire_format_rdata_offset;

        union {
                struct {
                        void *data;
                        size_t size;
                } generic, opt;

                struct {
                        uint16_t priority;
                        uint16_t weight;
                        uint16_t port;
                        char *name;
                } srv;

                struct {
                        char *name;
                } ptr, ns, cname, dname;

                struct {
                        char *cpu;
                        char *os;
                } hinfo;

                struct {
                        DnsTxtItem *items;
                } txt, spf;

                struct {
                        struct in_addr in_addr;
                } a;

                struct {
                        struct in6_addr in6_addr;
                } aaaa;

                struct {
                        char *mname;
                        char *rname;
                        uint32_t serial;
                        uint32_t refresh;
                        uint32_t retry;
                        uint32_t expire;
                        uint32_t minimum;
                } soa;

                struct {
                        uint16_t priority;
                        char *exchange;
                } mx;

                /* https://tools.ietf.org/html/rfc1876 */
                struct {
                        uint8_t version;
                        uint8_t size;
                        uint8_t horiz_pre;
                        uint8_t vert_pre;
                        uint32_t latitude;
                        uint32_t longitude;
                        uint32_t altitude;
                } loc;

                /* https://tools.ietf.org/html/rfc4255#section-3.1 */
                struct {
                        uint8_t algorithm;
                        uint8_t fptype;
                        void *fingerprint;
                        size_t fingerprint_size;
                } sshfp;

                /* http://tools.ietf.org/html/rfc4034#section-2.1 */
                struct {
                        uint16_t flags;
                        uint8_t protocol;
                        uint8_t algorithm;
                        void* key;
                        size_t key_size;
                } dnskey;

                /* http://tools.ietf.org/html/rfc4034#section-3.1 */
                struct {
                        uint16_t type_covered;
                        uint8_t algorithm;
                        uint8_t labels;
                        uint32_t original_ttl;
                        uint32_t expiration;
                        uint32_t inception;
                        uint16_t key_tag;
                        char *signer;
                        void *signature;
                        size_t signature_size;
                } rrsig;

                /* https://tools.ietf.org/html/rfc4034#section-4.1 */
                struct {
                        char *next_domain_name;
                        Bitmap *types;
                } nsec;

                /* https://tools.ietf.org/html/rfc4034#section-5.1 */
                struct {
                        uint16_t key_tag;
                        uint8_t algorithm;
                        uint8_t digest_type;
                        void *digest;
                        size_t digest_size;
                } ds;

                struct {
                        uint8_t algorithm;
                        uint8_t flags;
                        uint16_t iterations;
                        void *salt;
                        size_t salt_size;
                        void *next_hashed_name;
                        size_t next_hashed_name_size;
                        Bitmap *types;
                } nsec3;

                /* https://tools.ietf.org/html/draft-ietf-dane-protocol-23 */
                struct {
                        uint8_t cert_usage;
                        uint8_t selector;
                        uint8_t matching_type;
                        void *data;
                        size_t data_size;
                } tlsa;
        };
};

static inline const char* DNS_RESOURCE_KEY_NAME(const DnsResourceKey *key) {
        if (!key)
                return NULL;

        if (key->_name)
                return key->_name;

        return (char*) key + sizeof(DnsResourceKey);
}

static inline const void* DNS_RESOURCE_RECORD_RDATA(DnsResourceRecord *rr) {
        if (!rr)
                return NULL;

        if (!rr->wire_format)
                return NULL;

        assert(rr->wire_format_rdata_offset <= rr->wire_format_size);
        return (uint8_t*) rr->wire_format + rr->wire_format_rdata_offset;
}

static inline size_t DNS_RESOURCE_RECORD_RDATA_SIZE(DnsResourceRecord *rr) {
        if (!rr)
                return 0;
        if (!rr->wire_format)
                return 0;

        assert(rr->wire_format_rdata_offset <= rr->wire_format_size);
        return rr->wire_format_size - rr->wire_format_rdata_offset;
}

DnsResourceKey* dns_resource_key_new(uint16_t class, uint16_t type, const char *name);
DnsResourceKey* dns_resource_key_new_redirect(const DnsResourceKey *key, const DnsResourceRecord *cname);
int dns_resource_key_new_append_suffix(DnsResourceKey **ret, DnsResourceKey *key, char *name);
DnsResourceKey* dns_resource_key_new_consume(uint16_t class, uint16_t type, char *name);
DnsResourceKey* dns_resource_key_ref(DnsResourceKey *key);
DnsResourceKey* dns_resource_key_unref(DnsResourceKey *key);
bool dns_resource_key_is_address(const DnsResourceKey *key);
int dns_resource_key_equal(const DnsResourceKey *a, const DnsResourceKey *b);
int dns_resource_key_match_rr(const DnsResourceKey *key, DnsResourceRecord *rr, const char *search_domain);
int dns_resource_key_match_cname_or_dname(const DnsResourceKey *key, const DnsResourceKey *cname, const char *search_domain);
int dns_resource_key_match_soa(const DnsResourceKey *key, const DnsResourceKey *soa);
int dns_resource_key_to_string(const DnsResourceKey *key, char **ret);
DEFINE_TRIVIAL_CLEANUP_FUNC(DnsResourceKey*, dns_resource_key_unref);

static inline bool dns_key_is_shared(const DnsResourceKey *key) {
        return IN_SET(key->type, DNS_TYPE_PTR);
}

bool dns_resource_key_reduce(DnsResourceKey **a, DnsResourceKey **b);

DnsResourceRecord* dns_resource_record_new(DnsResourceKey *key);
DnsResourceRecord* dns_resource_record_new_full(uint16_t class, uint16_t type, const char *name);
DnsResourceRecord* dns_resource_record_ref(DnsResourceRecord *rr);
DnsResourceRecord* dns_resource_record_unref(DnsResourceRecord *rr);
int dns_resource_record_new_reverse(DnsResourceRecord **ret, int family, const union in_addr_union *address, const char *name);
int dns_resource_record_new_address(DnsResourceRecord **ret, int family, const union in_addr_union *address, const char *name);
int dns_resource_record_equal(const DnsResourceRecord *a, const DnsResourceRecord *b);
const char* dns_resource_record_to_string(DnsResourceRecord *rr);
DEFINE_TRIVIAL_CLEANUP_FUNC(DnsResourceRecord*, dns_resource_record_unref);

int dns_resource_record_to_wire_format(DnsResourceRecord *rr, bool canonical);

int dns_resource_record_signer(DnsResourceRecord *rr, const char **ret);
int dns_resource_record_source(DnsResourceRecord *rr, const char **ret);
int dns_resource_record_is_signer(DnsResourceRecord *rr, const char *zone);
int dns_resource_record_is_synthetic(DnsResourceRecord *rr);

DnsTxtItem *dns_txt_item_free_all(DnsTxtItem *i);
bool dns_txt_item_equal(DnsTxtItem *a, DnsTxtItem *b);

extern const struct hash_ops dns_resource_key_hash_ops;
extern const struct hash_ops dns_resource_record_hash_ops;

int dnssec_algorithm_to_string_alloc(int i, char **ret);
int dnssec_algorithm_from_string(const char *s) _pure_;

int dnssec_digest_to_string_alloc(int i, char **ret);
int dnssec_digest_from_string(const char *s) _pure_;
Commit	Line	Data
74b2466e LP	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	#pragma once
	4
	5	/***
	6	This file is part of systemd.
	7
	8	Copyright 2014 Lennart Poettering
	9
	10	systemd is free software; you can redistribute it and/or modify it
	11	under the terms of the GNU Lesser General Public License as published by
	12	the Free Software Foundation; either version 2.1 of the License, or
	13	(at your option) any later version.
	14
	15	systemd is distributed in the hope that it will be useful, but
	16	WITHOUT ANY WARRANTY; without even the implied warranty of
	17	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	18	Lesser General Public License for more details.
	19
	20	You should have received a copy of the GNU Lesser General Public License
	21	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	22	***/
	23
74b2466e LP	24	#include <netinet/in.h>
74b2466e LP	25
50f1e641	26	#include "bitmap.h"
71d35b6b	27	#include "dns-type.h"
322345fd	28	#include "hashmap.h"
623a4c97	29	#include "in-addr-util.h"
2001c805	30	#include "list.h"
74b2466e LP	31
	32	typedef struct DnsResourceKey DnsResourceKey;
	33	typedef struct DnsResourceRecord DnsResourceRecord;
2001c805	34	typedef struct DnsTxtItem DnsTxtItem;
74b2466e	35
8730bccf	36	/* DNSKEY RR flags */
8730bccf	37	#define DNSKEY_FLAG_SEP (UINT16_C(1) << 0)
28b8191e LP	38	#define DNSKEY_FLAG_REVOKE (UINT16_C(1) << 7)
28b8191e LP	39	#define DNSKEY_FLAG_ZONE_KEY (UINT16_C(1) << 8)
8730bccf	40
23502de3 DM	41	/* mDNS RR flags */
	42	#define MDNS_RR_CACHE_FLUSH (UINT16_C(1) << 15)
	43
8730bccf LP	44	/* DNSSEC algorithm identifiers, see
	45	* http://tools.ietf.org/html/rfc4034#appendix-A.1 and
	46	* https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml */
	47	enum {
	48	DNSSEC_ALGORITHM_RSAMD5 = 1,
	49	DNSSEC_ALGORITHM_DH,
	50	DNSSEC_ALGORITHM_DSA,
	51	DNSSEC_ALGORITHM_ECC,
	52	DNSSEC_ALGORITHM_RSASHA1,
	53	DNSSEC_ALGORITHM_DSA_NSEC3_SHA1,
	54	DNSSEC_ALGORITHM_RSASHA1_NSEC3_SHA1,
6f717d08 LP	55	DNSSEC_ALGORITHM_RSASHA256 = 8, /* RFC 5702 */
	56	DNSSEC_ALGORITHM_RSASHA512 = 10, /* RFC 5702 */
	57	DNSSEC_ALGORITHM_ECC_GOST = 12, /* RFC 5933 */
e0240c64 LP	58	DNSSEC_ALGORITHM_ECDSAP256SHA256 = 13, /* RFC 6605 */
e0240c64 LP	59	DNSSEC_ALGORITHM_ECDSAP384SHA384 = 14, /* RFC 6605 */
8730bccf LP	60	DNSSEC_ALGORITHM_INDIRECT = 252,
	61	DNSSEC_ALGORITHM_PRIVATEDNS,
	62	DNSSEC_ALGORITHM_PRIVATEOID,
	63	_DNSSEC_ALGORITHM_MAX_DEFINED
	64	};
	65
	66	/* DNSSEC digest identifiers, see
	67	* https://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml */
	68	enum {
	69	DNSSEC_DIGEST_SHA1 = 1,
6f717d08 LP	70	DNSSEC_DIGEST_SHA256 = 2, /* RFC 4509 */
	71	DNSSEC_DIGEST_GOST_R_34_11_94 = 3, /* RFC 5933 */
	72	DNSSEC_DIGEST_SHA384 = 4, /* RFC 6605 */
8730bccf LP	73	_DNSSEC_DIGEST_MAX_DEFINED
	74	};
	75
d15ad742 LP	76	/* DNSSEC NSEC3 hash algorithms, see
	77	* https://www.iana.org/assignments/dnssec-nsec3-parameters/dnssec-nsec3-parameters.xhtml */
	78	enum {
	79	NSEC3_ALGORITHM_SHA1 = 1,
	80	_NSEC3_ALGORITHM_MAX_DEFINED
	81	};
	82
74b2466e	83	struct DnsResourceKey {
f57e3cd5	84	unsigned n_ref; /* (unsigned -1) for const keys, see below */
faa133f3 LP	85	uint16_t class, type;
faa133f3 LP	86	char _name; / don't access directy, use DNS_RESOURCE_KEY_NAME()! */
74b2466e LP	87	};
74b2466e LP	88
1b4f6e79 LP	89	/* Creates a temporary resource key. This is only useful to quickly
	90	* look up something, without allocating a full DnsResourceKey object
	91	* for it. Note that it is not OK to take references to this kind of
	92	* resource key object. */
	93	#define DNS_RESOURCE_KEY_CONST(c, t, n) \
	94	((DnsResourceKey) { \
	95	.n_ref = (unsigned) -1, \
	96	.class = c, \
	97	.type = t, \
	98	._name = (char*) n, \
	99	})
	100
	101
2001c805 LP	102	struct DnsTxtItem {
	103	size_t length;
	104	LIST_FIELDS(DnsTxtItem, items);
	105	uint8_t data[];
	106	};
	107
74b2466e LP	108	struct DnsResourceRecord {
74b2466e LP	109	unsigned n_ref;
faa133f3	110	DnsResourceKey *key;
97c67192	111
7b50eb2e	112	char *to_string;
97c67192	113
74b2466e	114	uint32_t ttl;
ee3d6aff	115	usec_t expiry; /* RRSIG signature expiry */
97c67192 LP	116
	117	/* How many labels to strip to determine "signer" of the RRSIG (aka, the zone). -1 if not signed. */
	118	unsigned n_skip_labels_signer;
	119	/* How many labels to strip to determine "synthesizing source" of this RR, i.e. the wildcard's immediate parent. -1 if not signed. */
	120	unsigned n_skip_labels_source;
	121
a8812dd7	122	bool unparseable:1;
97c67192	123
a8812dd7 LP	124	bool wire_format_canonical:1;
	125	void *wire_format;
	126	size_t wire_format_size;
	127	size_t wire_format_rdata_offset;
97c67192	128
74b2466e LP	129	union {
	130	struct {
	131	void *data;
f5430a3e	132	size_t size;
d75acfb0	133	} generic, opt;
74b2466e	134
9c92ce6d LP	135	struct {
	136	uint16_t priority;
	137	uint16_t weight;
	138	uint16_t port;
	139	char *name;
	140	} srv;
74b2466e LP	141
	142	struct {
	143	char *name;
8ac4e9e1	144	} ptr, ns, cname, dname;
74b2466e LP	145
	146	struct {
	147	char *cpu;
	148	char *os;
	149	} hinfo;
	150
2e276efc	151	struct {
2001c805	152	DnsTxtItem *items;
c0eb11cf	153	} txt, spf;
74b2466e LP	154
	155	struct {
	156	struct in_addr in_addr;
	157	} a;
	158
	159	struct {
	160	struct in6_addr in6_addr;
	161	} aaaa;
7e8e0422 LP	162
	163	struct {
	164	char *mname;
	165	char *rname;
	166	uint32_t serial;
	167	uint32_t refresh;
	168	uint32_t retry;
	169	uint32_t expire;
	170	uint32_t minimum;
	171	} soa;
946c7094 ZJS	172
	173	struct {
	174	uint16_t priority;
	175	char *exchange;
	176	} mx;
0dae31d4	177
6af47493	178	/* https://tools.ietf.org/html/rfc1876 */
0dae31d4 ZJS	179	struct {
	180	uint8_t version;
	181	uint8_t size;
	182	uint8_t horiz_pre;
	183	uint8_t vert_pre;
	184	uint32_t latitude;
	185	uint32_t longitude;
	186	uint32_t altitude;
	187	} loc;
42cc2eeb	188
549c1a25	189	/* https://tools.ietf.org/html/rfc4255#section-3.1 */
42cc2eeb LP	190	struct {
	191	uint8_t algorithm;
	192	uint8_t fptype;
549c1a25 TG	193	void *fingerprint;
549c1a25 TG	194	size_t fingerprint_size;
42cc2eeb	195	} sshfp;
8db0d2f5 ZJS	196
	197	/* http://tools.ietf.org/html/rfc4034#section-2.1 */
	198	struct {
f91dc240 LP	199	uint16_t flags;
f91dc240 LP	200	uint8_t protocol;
8db0d2f5 ZJS	201	uint8_t algorithm;
	202	void* key;
	203	size_t key_size;
	204	} dnskey;
151226ab ZJS	205
	206	/* http://tools.ietf.org/html/rfc4034#section-3.1 */
	207	struct {
	208	uint16_t type_covered;
	209	uint8_t algorithm;
	210	uint8_t labels;
	211	uint32_t original_ttl;
	212	uint32_t expiration;
	213	uint32_t inception;
	214	uint16_t key_tag;
	215	char *signer;
	216	void *signature;
	217	size_t signature_size;
	218	} rrsig;
50f1e641	219
9ead3519	220	/* https://tools.ietf.org/html/rfc4034#section-4.1 */
50f1e641 TG	221	struct {
	222	char *next_domain_name;
	223	Bitmap *types;
	224	} nsec;
5d45a880	225
6af47493 LP	226	/* https://tools.ietf.org/html/rfc4034#section-5.1 */
	227	struct {
	228	uint16_t key_tag;
	229	uint8_t algorithm;
	230	uint8_t digest_type;
	231	void *digest;
	232	size_t digest_size;
	233	} ds;
	234
5d45a880 TG	235	struct {
	236	uint8_t algorithm;
	237	uint8_t flags;
	238	uint16_t iterations;
	239	void *salt;
	240	size_t salt_size;
	241	void *next_hashed_name;
	242	size_t next_hashed_name_size;
	243	Bitmap *types;
	244	} nsec3;
48d45d2b ZJS	245
	246	/* https://tools.ietf.org/html/draft-ietf-dane-protocol-23 */
	247	struct {
	248	uint8_t cert_usage;
	249	uint8_t selector;
	250	uint8_t matching_type;
	251	void *data;
	252	size_t data_size;
	253	} tlsa;
74b2466e LP	254	};
	255	};
	256
faa133f3	257	static inline const char* DNS_RESOURCE_KEY_NAME(const DnsResourceKey *key) {
85aeaccc	258	if (!key)
faa133f3 LP	259	return NULL;
	260
	261	if (key->_name)
	262	return key->_name;
	263
	264	return (char*) key + sizeof(DnsResourceKey);
	265	}
74b2466e	266
85aeaccc LP	267	static inline const void* DNS_RESOURCE_RECORD_RDATA(DnsResourceRecord *rr) {
	268	if (!rr)
	269	return NULL;
	270
	271	if (!rr->wire_format)
	272	return NULL;
	273
	274	assert(rr->wire_format_rdata_offset <= rr->wire_format_size);
	275	return (uint8_t*) rr->wire_format + rr->wire_format_rdata_offset;
	276	}
	277
	278	static inline size_t DNS_RESOURCE_RECORD_RDATA_SIZE(DnsResourceRecord *rr) {
	279	if (!rr)
	280	return 0;
	281	if (!rr->wire_format)
	282	return 0;
	283
	284	assert(rr->wire_format_rdata_offset <= rr->wire_format_size);
	285	return rr->wire_format_size - rr->wire_format_rdata_offset;
	286	}
	287
faa133f3	288	DnsResourceKey* dns_resource_key_new(uint16_t class, uint16_t type, const char *name);
36d9205d	289	DnsResourceKey* dns_resource_key_new_redirect(const DnsResourceKey key, const DnsResourceRecord cname);
801ad6a6	290	int dns_resource_key_new_append_suffix(DnsResourceKey *ret, DnsResourceKey key, char *name);
faa133f3 LP	291	DnsResourceKey* dns_resource_key_new_consume(uint16_t class, uint16_t type, char *name);
	292	DnsResourceKey* dns_resource_key_ref(DnsResourceKey *key);
	293	DnsResourceKey* dns_resource_key_unref(DnsResourceKey *key);
28b9b764	294	bool dns_resource_key_is_address(const DnsResourceKey *key);
faa133f3	295	int dns_resource_key_equal(const DnsResourceKey a, const DnsResourceKey b);
105e1512	296	int dns_resource_key_match_rr(const DnsResourceKey key, DnsResourceRecord rr, const char *search_domain);
5d27351f	297	int dns_resource_key_match_cname_or_dname(const DnsResourceKey key, const DnsResourceKey cname, const char *search_domain);
547973de	298	int dns_resource_key_match_soa(const DnsResourceKey key, const DnsResourceKey soa);
2d4c5cbc	299	int dns_resource_key_to_string(const DnsResourceKey key, char *ret);
faa133f3	300	DEFINE_TRIVIAL_CLEANUP_FUNC(DnsResourceKey*, dns_resource_key_unref);
322345fd	301
7778dfff DM	302	static inline bool dns_key_is_shared(const DnsResourceKey *key) {
	303	return IN_SET(key->type, DNS_TYPE_PTR);
	304	}
	305
f57e3cd5 LP	306	bool dns_resource_key_reduce(DnsResourceKey a, DnsResourceKey b);
f57e3cd5 LP	307
faa133f3	308	DnsResourceRecord* dns_resource_record_new(DnsResourceKey *key);
8bf52d3d	309	DnsResourceRecord* dns_resource_record_new_full(uint16_t class, uint16_t type, const char *name);
74b2466e LP	310	DnsResourceRecord* dns_resource_record_ref(DnsResourceRecord *rr);
74b2466e LP	311	DnsResourceRecord* dns_resource_record_unref(DnsResourceRecord *rr);
623a4c97	312	int dns_resource_record_new_reverse(DnsResourceRecord *ret, int family, const union in_addr_union address, const char *name);
78c6a153	313	int dns_resource_record_new_address(DnsResourceRecord *ret, int family, const union in_addr_union address, const char *name);
322345fd	314	int dns_resource_record_equal(const DnsResourceRecord a, const DnsResourceRecord b);
7b50eb2e	315	const char* dns_resource_record_to_string(DnsResourceRecord *rr);
faa133f3	316	DEFINE_TRIVIAL_CLEANUP_FUNC(DnsResourceRecord*, dns_resource_record_unref);
322345fd	317
a8812dd7 LP	318	int dns_resource_record_to_wire_format(DnsResourceRecord *rr, bool canonical);
a8812dd7 LP	319
97c67192 LP	320	int dns_resource_record_signer(DnsResourceRecord rr, const char *ret);
	321	int dns_resource_record_source(DnsResourceRecord rr, const char *ret);
	322	int dns_resource_record_is_signer(DnsResourceRecord rr, const char zone);
ab481675	323	int dns_resource_record_is_synthetic(DnsResourceRecord *rr);
97c67192	324
2001c805 LP	325	DnsTxtItem dns_txt_item_free_all(DnsTxtItem i);
	326	bool dns_txt_item_equal(DnsTxtItem a, DnsTxtItem b);
	327
d5099efc	328	extern const struct hash_ops dns_resource_key_hash_ops;
c9c72065	329	extern const struct hash_ops dns_resource_record_hash_ops;
8730bccf	330
8e54f5d9	331	int dnssec_algorithm_to_string_alloc(int i, char **ret);
8730bccf LP	332	int dnssec_algorithm_from_string(const char *s) _pure_;
8730bccf LP	333
8e54f5d9	334	int dnssec_digest_to_string_alloc(int i, char **ret);
8730bccf	335	int dnssec_digest_from_string(const char *s) _pure_;