]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/resolve/resolved-dns-rr.h
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tree-wide: drop 'This file is part of systemd' blurb
[thirdparty/systemd.git] / src / resolve / resolved-dns-rr.h
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 #pragma once
3
4 /***
5 Copyright 2014 Lennart Poettering
6 ***/
7
8 #include <netinet/in.h>
9
10 #include "bitmap.h"
11 #include "dns-type.h"
12 #include "hashmap.h"
13 #include "in-addr-util.h"
14 #include "list.h"
15 #include "string-util.h"
16
17 typedef struct DnsResourceKey DnsResourceKey;
18 typedef struct DnsResourceRecord DnsResourceRecord;
19 typedef struct DnsTxtItem DnsTxtItem;
20
21 /* DNSKEY RR flags */
22 #define DNSKEY_FLAG_SEP (UINT16_C(1) << 0)
23 #define DNSKEY_FLAG_REVOKE (UINT16_C(1) << 7)
24 #define DNSKEY_FLAG_ZONE_KEY (UINT16_C(1) << 8)
25
26 /* mDNS RR flags */
27 #define MDNS_RR_CACHE_FLUSH (UINT16_C(1) << 15)
28
29 /* DNSSEC algorithm identifiers, see
30 * http://tools.ietf.org/html/rfc4034#appendix-A.1 and
31 * https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml */
32 enum {
33 DNSSEC_ALGORITHM_RSAMD5 = 1,
34 DNSSEC_ALGORITHM_DH,
35 DNSSEC_ALGORITHM_DSA,
36 DNSSEC_ALGORITHM_ECC,
37 DNSSEC_ALGORITHM_RSASHA1,
38 DNSSEC_ALGORITHM_DSA_NSEC3_SHA1,
39 DNSSEC_ALGORITHM_RSASHA1_NSEC3_SHA1,
40 DNSSEC_ALGORITHM_RSASHA256 = 8, /* RFC 5702 */
41 DNSSEC_ALGORITHM_RSASHA512 = 10, /* RFC 5702 */
42 DNSSEC_ALGORITHM_ECC_GOST = 12, /* RFC 5933 */
43 DNSSEC_ALGORITHM_ECDSAP256SHA256 = 13, /* RFC 6605 */
44 DNSSEC_ALGORITHM_ECDSAP384SHA384 = 14, /* RFC 6605 */
45 DNSSEC_ALGORITHM_ED25519 = 15, /* RFC 8080 */
46 DNSSEC_ALGORITHM_ED448 = 16, /* RFC 8080 */
47 DNSSEC_ALGORITHM_INDIRECT = 252,
48 DNSSEC_ALGORITHM_PRIVATEDNS,
49 DNSSEC_ALGORITHM_PRIVATEOID,
50 _DNSSEC_ALGORITHM_MAX_DEFINED
51 };
52
53 /* DNSSEC digest identifiers, see
54 * https://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml */
55 enum {
56 DNSSEC_DIGEST_SHA1 = 1,
57 DNSSEC_DIGEST_SHA256 = 2, /* RFC 4509 */
58 DNSSEC_DIGEST_GOST_R_34_11_94 = 3, /* RFC 5933 */
59 DNSSEC_DIGEST_SHA384 = 4, /* RFC 6605 */
60 _DNSSEC_DIGEST_MAX_DEFINED
61 };
62
63 /* DNSSEC NSEC3 hash algorithms, see
64 * https://www.iana.org/assignments/dnssec-nsec3-parameters/dnssec-nsec3-parameters.xhtml */
65 enum {
66 NSEC3_ALGORITHM_SHA1 = 1,
67 _NSEC3_ALGORITHM_MAX_DEFINED
68 };
69
70 struct DnsResourceKey {
71 unsigned n_ref; /* (unsigned -1) for const keys, see below */
72 uint16_t class, type;
73 char *_name; /* don't access directly, use dns_resource_key_name()! */
74 };
75
76 /* Creates a temporary resource key. This is only useful to quickly
77 * look up something, without allocating a full DnsResourceKey object
78 * for it. Note that it is not OK to take references to this kind of
79 * resource key object. */
80 #define DNS_RESOURCE_KEY_CONST(c, t, n) \
81 ((DnsResourceKey) { \
82 .n_ref = (unsigned) -1, \
83 .class = c, \
84 .type = t, \
85 ._name = (char*) n, \
86 })
87
88 struct DnsTxtItem {
89 size_t length;
90 LIST_FIELDS(DnsTxtItem, items);
91 uint8_t data[];
92 };
93
94 struct DnsResourceRecord {
95 unsigned n_ref;
96 DnsResourceKey *key;
97
98 char *to_string;
99
100 uint32_t ttl;
101 usec_t expiry; /* RRSIG signature expiry */
102
103 /* How many labels to strip to determine "signer" of the RRSIG (aka, the zone). -1 if not signed. */
104 unsigned n_skip_labels_signer;
105 /* How many labels to strip to determine "synthesizing source" of this RR, i.e. the wildcard's immediate parent. -1 if not signed. */
106 unsigned n_skip_labels_source;
107
108 bool unparseable:1;
109
110 bool wire_format_canonical:1;
111 void *wire_format;
112 size_t wire_format_size;
113 size_t wire_format_rdata_offset;
114
115 union {
116 struct {
117 void *data;
118 size_t data_size;
119 } generic, opt;
120
121 struct {
122 uint16_t priority;
123 uint16_t weight;
124 uint16_t port;
125 char *name;
126 } srv;
127
128 struct {
129 char *name;
130 } ptr, ns, cname, dname;
131
132 struct {
133 char *cpu;
134 char *os;
135 } hinfo;
136
137 struct {
138 DnsTxtItem *items;
139 } txt, spf;
140
141 struct {
142 struct in_addr in_addr;
143 } a;
144
145 struct {
146 struct in6_addr in6_addr;
147 } aaaa;
148
149 struct {
150 char *mname;
151 char *rname;
152 uint32_t serial;
153 uint32_t refresh;
154 uint32_t retry;
155 uint32_t expire;
156 uint32_t minimum;
157 } soa;
158
159 struct {
160 uint16_t priority;
161 char *exchange;
162 } mx;
163
164 /* https://tools.ietf.org/html/rfc1876 */
165 struct {
166 uint8_t version;
167 uint8_t size;
168 uint8_t horiz_pre;
169 uint8_t vert_pre;
170 uint32_t latitude;
171 uint32_t longitude;
172 uint32_t altitude;
173 } loc;
174
175 /* https://tools.ietf.org/html/rfc4255#section-3.1 */
176 struct {
177 uint8_t algorithm;
178 uint8_t fptype;
179 void *fingerprint;
180 size_t fingerprint_size;
181 } sshfp;
182
183 /* http://tools.ietf.org/html/rfc4034#section-2.1 */
184 struct {
185 uint16_t flags;
186 uint8_t protocol;
187 uint8_t algorithm;
188 void* key;
189 size_t key_size;
190 } dnskey;
191
192 /* http://tools.ietf.org/html/rfc4034#section-3.1 */
193 struct {
194 uint16_t type_covered;
195 uint8_t algorithm;
196 uint8_t labels;
197 uint32_t original_ttl;
198 uint32_t expiration;
199 uint32_t inception;
200 uint16_t key_tag;
201 char *signer;
202 void *signature;
203 size_t signature_size;
204 } rrsig;
205
206 /* https://tools.ietf.org/html/rfc4034#section-4.1 */
207 struct {
208 char *next_domain_name;
209 Bitmap *types;
210 } nsec;
211
212 /* https://tools.ietf.org/html/rfc4034#section-5.1 */
213 struct {
214 uint16_t key_tag;
215 uint8_t algorithm;
216 uint8_t digest_type;
217 void *digest;
218 size_t digest_size;
219 } ds;
220
221 struct {
222 uint8_t algorithm;
223 uint8_t flags;
224 uint16_t iterations;
225 void *salt;
226 size_t salt_size;
227 void *next_hashed_name;
228 size_t next_hashed_name_size;
229 Bitmap *types;
230 } nsec3;
231
232 /* https://tools.ietf.org/html/draft-ietf-dane-protocol-23 */
233 struct {
234 uint8_t cert_usage;
235 uint8_t selector;
236 uint8_t matching_type;
237 void *data;
238 size_t data_size;
239 } tlsa;
240
241 /* https://tools.ietf.org/html/rfc6844 */
242 struct {
243 uint8_t flags;
244 char *tag;
245 void *value;
246 size_t value_size;
247 } caa;
248 };
249 };
250
251 static inline const void* DNS_RESOURCE_RECORD_RDATA(DnsResourceRecord *rr) {
252 if (!rr)
253 return NULL;
254
255 if (!rr->wire_format)
256 return NULL;
257
258 assert(rr->wire_format_rdata_offset <= rr->wire_format_size);
259 return (uint8_t*) rr->wire_format + rr->wire_format_rdata_offset;
260 }
261
262 static inline size_t DNS_RESOURCE_RECORD_RDATA_SIZE(DnsResourceRecord *rr) {
263 if (!rr)
264 return 0;
265 if (!rr->wire_format)
266 return 0;
267
268 assert(rr->wire_format_rdata_offset <= rr->wire_format_size);
269 return rr->wire_format_size - rr->wire_format_rdata_offset;
270 }
271
272 static inline uint8_t DNS_RESOURCE_RECORD_OPT_VERSION_SUPPORTED(DnsResourceRecord *rr) {
273 assert(rr);
274 assert(rr->key->type == DNS_TYPE_OPT);
275
276 return ((rr->ttl >> 16) & 0xFF) == 0;
277 }
278
279 DnsResourceKey* dns_resource_key_new(uint16_t class, uint16_t type, const char *name);
280 DnsResourceKey* dns_resource_key_new_redirect(const DnsResourceKey *key, const DnsResourceRecord *cname);
281 int dns_resource_key_new_append_suffix(DnsResourceKey **ret, DnsResourceKey *key, char *name);
282 DnsResourceKey* dns_resource_key_new_consume(uint16_t class, uint16_t type, char *name);
283 DnsResourceKey* dns_resource_key_ref(DnsResourceKey *key);
284 DnsResourceKey* dns_resource_key_unref(DnsResourceKey *key);
285 const char* dns_resource_key_name(const DnsResourceKey *key);
286 bool dns_resource_key_is_address(const DnsResourceKey *key);
287 bool dns_resource_key_is_dnssd_ptr(const DnsResourceKey *key);
288 int dns_resource_key_equal(const DnsResourceKey *a, const DnsResourceKey *b);
289 int dns_resource_key_match_rr(const DnsResourceKey *key, DnsResourceRecord *rr, const char *search_domain);
290 int dns_resource_key_match_cname_or_dname(const DnsResourceKey *key, const DnsResourceKey *cname, const char *search_domain);
291 int dns_resource_key_match_soa(const DnsResourceKey *key, const DnsResourceKey *soa);
292
293 /* _DNS_{CLASS,TYPE}_STRING_MAX include one byte for NUL, which we use for space instead below.
294 * DNS_HOSTNAME_MAX does not include the NUL byte, so we need to add 1. */
295 #define DNS_RESOURCE_KEY_STRING_MAX (_DNS_CLASS_STRING_MAX + _DNS_TYPE_STRING_MAX + DNS_HOSTNAME_MAX + 1)
296
297 char* dns_resource_key_to_string(const DnsResourceKey *key, char *buf, size_t buf_size);
298 ssize_t dns_resource_record_payload(DnsResourceRecord *rr, void **out);
299
300 DEFINE_TRIVIAL_CLEANUP_FUNC(DnsResourceKey*, dns_resource_key_unref);
301
302 static inline bool dns_key_is_shared(const DnsResourceKey *key) {
303 return IN_SET(key->type, DNS_TYPE_PTR);
304 }
305
306 bool dns_resource_key_reduce(DnsResourceKey **a, DnsResourceKey **b);
307
308 DnsResourceRecord* dns_resource_record_new(DnsResourceKey *key);
309 DnsResourceRecord* dns_resource_record_new_full(uint16_t class, uint16_t type, const char *name);
310 DnsResourceRecord* dns_resource_record_ref(DnsResourceRecord *rr);
311 DnsResourceRecord* dns_resource_record_unref(DnsResourceRecord *rr);
312 int dns_resource_record_new_reverse(DnsResourceRecord **ret, int family, const union in_addr_union *address, const char *name);
313 int dns_resource_record_new_address(DnsResourceRecord **ret, int family, const union in_addr_union *address, const char *name);
314 int dns_resource_record_equal(const DnsResourceRecord *a, const DnsResourceRecord *b);
315 const char* dns_resource_record_to_string(DnsResourceRecord *rr);
316 DnsResourceRecord *dns_resource_record_copy(DnsResourceRecord *rr);
317 DEFINE_TRIVIAL_CLEANUP_FUNC(DnsResourceRecord*, dns_resource_record_unref);
318
319 int dns_resource_record_to_wire_format(DnsResourceRecord *rr, bool canonical);
320
321 int dns_resource_record_signer(DnsResourceRecord *rr, const char **ret);
322 int dns_resource_record_source(DnsResourceRecord *rr, const char **ret);
323 int dns_resource_record_is_signer(DnsResourceRecord *rr, const char *zone);
324 int dns_resource_record_is_synthetic(DnsResourceRecord *rr);
325
326 int dns_resource_record_clamp_ttl(DnsResourceRecord **rr, uint32_t max_ttl);
327
328 DnsTxtItem *dns_txt_item_free_all(DnsTxtItem *i);
329 bool dns_txt_item_equal(DnsTxtItem *a, DnsTxtItem *b);
330 DnsTxtItem *dns_txt_item_copy(DnsTxtItem *i);
331 int dns_txt_item_new_empty(DnsTxtItem **ret);
332
333 void dns_resource_record_hash_func(const void *i, struct siphash *state);
334
335 extern const struct hash_ops dns_resource_key_hash_ops;
336 extern const struct hash_ops dns_resource_record_hash_ops;
337
338 int dnssec_algorithm_to_string_alloc(int i, char **ret);
339 int dnssec_algorithm_from_string(const char *s) _pure_;
340
341 int dnssec_digest_to_string_alloc(int i, char **ret);
342 int dnssec_digest_from_string(const char *s) _pure_;
Unnamed repository; edit this file 'description' to name the repository.