[thirdparty/systemd.git] / src / resolve / dns-type.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2014 Zbigniew Jędrzejewski-Szmek

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include "dns-type.h"
#include "string-util.h"

typedef const struct {
        uint16_t type;
        const char *name;
} dns_type;

static const struct dns_type_name *
lookup_dns_type (register const char *str, register unsigned int len);

#include "dns_type-from-name.h"
#include "dns_type-to-name.h"

int dns_type_from_string(const char *s) {
        const struct dns_type_name *sc;

        assert(s);

        sc = lookup_dns_type(s, strlen(s));
        if (!sc)
                return _DNS_TYPE_INVALID;

        return sc->id;
}

bool dns_type_is_pseudo(uint16_t type) {

        /* Checks whether the specified type is a "pseudo-type". What
         * a "pseudo-type" precisely is, is defined only very weakly,
         * but apparently entails all RR types that are not actually
         * stored as RRs on the server and should hence also not be
         * cached. We use this list primarily to validate NSEC type
         * bitfields, and to verify what to cache. */

        return IN_SET(type,
                      0, /* A Pseudo RR type, according to RFC 2931 */
                      DNS_TYPE_ANY,
                      DNS_TYPE_AXFR,
                      DNS_TYPE_IXFR,
                      DNS_TYPE_OPT,
                      DNS_TYPE_TSIG,
                      DNS_TYPE_TKEY
        );
}

bool dns_class_is_pseudo(uint16_t class) {
        return class == DNS_TYPE_ANY;
}

bool dns_type_is_valid_query(uint16_t type) {

        /* The types valid as questions in packets */

        return !IN_SET(type,
                       0,
                       DNS_TYPE_OPT,
                       DNS_TYPE_TSIG,
                       DNS_TYPE_TKEY,

                       /* RRSIG are technically valid as questions, but we refuse doing explicit queries for them, as
                        * they aren't really payload, but signatures for payload, and cannot be validated on their
                        * own. After all they are the signatures, and have no signatures of their own validating
                        * them. */
                       DNS_TYPE_RRSIG);
}

bool dns_type_is_valid_rr(uint16_t type) {

        /* The types valid as RR in packets (but not necessarily
         * stored on servers). */

        return !IN_SET(type,
                       DNS_TYPE_ANY,
                       DNS_TYPE_AXFR,
                       DNS_TYPE_IXFR);
}

bool dns_class_is_valid_rr(uint16_t class) {
        return class != DNS_CLASS_ANY;
}

bool dns_type_may_redirect(uint16_t type) {
        /* The following record types should never be redirected using
         * CNAME/DNAME RRs. See
         * <https://tools.ietf.org/html/rfc4035#section-2.5>. */

        if (dns_type_is_pseudo(type))
                return false;

        return !IN_SET(type,
                       DNS_TYPE_CNAME,
                       DNS_TYPE_DNAME,
                       DNS_TYPE_NSEC3,
                       DNS_TYPE_NSEC,
                       DNS_TYPE_RRSIG,
                       DNS_TYPE_NXT,
                       DNS_TYPE_SIG,
                       DNS_TYPE_KEY);
}

bool dns_type_may_wildcard(uint16_t type) {

        /* The following records may not be expanded from wildcard RRsets */

        if (dns_type_is_pseudo(type))
                return false;

        return !IN_SET(type,
                       DNS_TYPE_NSEC3,
                       DNS_TYPE_SOA,

                       /* Prohibited by https://tools.ietf.org/html/rfc4592#section-4.4 */
                       DNS_TYPE_DNAME);
}

bool dns_type_apex_only(uint16_t type) {

        /* Returns true for all RR types that may only appear signed in a zone apex */

        return IN_SET(type,
                      DNS_TYPE_SOA,
                      DNS_TYPE_NS,            /* this one can appear elsewhere, too, but not signed */
                      DNS_TYPE_DNSKEY,
                      DNS_TYPE_NSEC3PARAM);
}

bool dns_type_is_dnssec(uint16_t type) {
        return IN_SET(type,
                      DNS_TYPE_DS,
                      DNS_TYPE_DNSKEY,
                      DNS_TYPE_RRSIG,
                      DNS_TYPE_NSEC,
                      DNS_TYPE_NSEC3,
                      DNS_TYPE_NSEC3PARAM);
}

bool dns_type_is_obsolete(uint16_t type) {
        return IN_SET(type,
                      /* Obsoleted by RFC 973 */
                      DNS_TYPE_MD,
                      DNS_TYPE_MF,
                      DNS_TYPE_MAILA,

                      /* Kinda obsoleted by RFC 2505 */
                      DNS_TYPE_MB,
                      DNS_TYPE_MG,
                      DNS_TYPE_MR,
                      DNS_TYPE_MINFO,
                      DNS_TYPE_MAILB,

                      /* RFC1127 kinda obsoleted this by recommending against its use */
                      DNS_TYPE_WKS,

                      /* Declared historical by RFC 6563 */
                      DNS_TYPE_A6,

                      /* Obsoleted by DNSSEC-bis */
                      DNS_TYPE_NXT,

                      /* RFC 1035 removed support for concepts that needed this from RFC 883 */
                      DNS_TYPE_NULL);
}

const char *dns_class_to_string(uint16_t class) {

        switch (class) {

        case DNS_CLASS_IN:
                return "IN";

        case DNS_CLASS_ANY:
                return "ANY";
        }

        return NULL;
}

int dns_class_from_string(const char *s) {

        if (!s)
                return _DNS_CLASS_INVALID;

        if (strcaseeq(s, "IN"))
                return DNS_CLASS_IN;
        else if (strcaseeq(s, "ANY"))
                return DNS_CLASS_ANY;

        return _DNS_CLASS_INVALID;
}
Commit	Line	Data
7263f724 ZJS	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2014 Zbigniew Jędrzejewski-Szmek
	7
	8	systemd is free software; you can redistribute it and/or modify it
	9	under the terms of the GNU Lesser General Public License as published by
	10	the Free Software Foundation; either version 2.1 of the License, or
	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	16	Lesser General Public License for more details.
	17
	18	You should have received a copy of the GNU Lesser General Public License
	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
	22	#include "dns-type.h"
4b548ef3	23	#include "string-util.h"
7263f724 ZJS	24
	25	typedef const struct {
	26	uint16_t type;
	27	const char *name;
	28	} dns_type;
	29
	30	static const struct dns_type_name *
	31	lookup_dns_type (register const char *str, register unsigned int len);
	32
	33	#include "dns_type-from-name.h"
	34	#include "dns_type-to-name.h"
	35
de292aa1	36	int dns_type_from_string(const char *s) {
7263f724 ZJS	37	const struct dns_type_name *sc;
	38
	39	assert(s);
7263f724 ZJS	40
	41	sc = lookup_dns_type(s, strlen(s));
	42	if (!sc)
de292aa1	43	return _DNS_TYPE_INVALID;
7263f724	44
de292aa1	45	return sc->id;
7263f724	46	}
8e6edc49	47
bea4c76f LP	48	bool dns_type_is_pseudo(uint16_t type) {
	49
	50	/* Checks whether the specified type is a "pseudo-type". What
	51	* a "pseudo-type" precisely is, is defined only very weakly,
	52	* but apparently entails all RR types that are not actually
	53	* stored as RRs on the server and should hence also not be
	54	* cached. We use this list primarily to validate NSEC type
c33be4a6	55	* bitfields, and to verify what to cache. */
bea4c76f LP	56
	57	return IN_SET(type,
	58	0, /* A Pseudo RR type, according to RFC 2931 */
	59	DNS_TYPE_ANY,
	60	DNS_TYPE_AXFR,
	61	DNS_TYPE_IXFR,
	62	DNS_TYPE_OPT,
	63	DNS_TYPE_TSIG,
	64	DNS_TYPE_TKEY
	65	);
8e6edc49	66	}
c463eb78	67
4b548ef3 LP	68	bool dns_class_is_pseudo(uint16_t class) {
	69	return class == DNS_TYPE_ANY;
	70	}
	71
c463eb78 LP	72	bool dns_type_is_valid_query(uint16_t type) {
	73
	74	/* The types valid as questions in packets */
	75
	76	return !IN_SET(type,
	77	0,
	78	DNS_TYPE_OPT,
	79	DNS_TYPE_TSIG,
04680e36 LP	80	DNS_TYPE_TKEY,
	81
	82	/* RRSIG are technically valid as questions, but we refuse doing explicit queries for them, as
	83	* they aren't really payload, but signatures for payload, and cannot be validated on their
	84	* own. After all they are the signatures, and have no signatures of their own validating
	85	* them. */
	86	DNS_TYPE_RRSIG);
c463eb78 LP	87	}
	88
	89	bool dns_type_is_valid_rr(uint16_t type) {
	90
	91	/* The types valid as RR in packets (but not necessarily
	92	* stored on servers). */
	93
	94	return !IN_SET(type,
	95	DNS_TYPE_ANY,
	96	DNS_TYPE_AXFR,
	97	DNS_TYPE_IXFR);
	98	}
4b548ef3 LP	99
	100	bool dns_class_is_valid_rr(uint16_t class) {
	101	return class != DNS_CLASS_ANY;
	102	}
	103
d3c7e913 LP	104	bool dns_type_may_redirect(uint16_t type) {
	105	/* The following record types should never be redirected using
	106	* CNAME/DNAME RRs. See
	107	* <https://tools.ietf.org/html/rfc4035#section-2.5>. */
	108
	109	if (dns_type_is_pseudo(type))
	110	return false;
	111
	112	return !IN_SET(type,
	113	DNS_TYPE_CNAME,
	114	DNS_TYPE_DNAME,
	115	DNS_TYPE_NSEC3,
	116	DNS_TYPE_NSEC,
	117	DNS_TYPE_RRSIG,
	118	DNS_TYPE_NXT,
	119	DNS_TYPE_SIG,
	120	DNS_TYPE_KEY);
	121	}
	122
e8233bce LP	123	bool dns_type_may_wildcard(uint16_t type) {
	124
	125	/* The following records may not be expanded from wildcard RRsets */
	126
	127	if (dns_type_is_pseudo(type))
	128	return false;
	129
	130	return !IN_SET(type,
	131	DNS_TYPE_NSEC3,
	132	DNS_TYPE_SOA,
	133
	134	/* Prohibited by https://tools.ietf.org/html/rfc4592#section-4.4 */
	135	DNS_TYPE_DNAME);
	136	}
	137
588c53d0 LP	138	bool dns_type_apex_only(uint16_t type) {
	139
	140	/* Returns true for all RR types that may only appear signed in a zone apex */
	141
	142	return IN_SET(type,
	143	DNS_TYPE_SOA,
	144	DNS_TYPE_NS, /* this one can appear elsewhere, too, but not signed */
	145	DNS_TYPE_DNSKEY,
	146	DNS_TYPE_NSEC3PARAM);
	147	}
	148
91adc4db LP	149	bool dns_type_is_dnssec(uint16_t type) {
	150	return IN_SET(type,
	151	DNS_TYPE_DS,
	152	DNS_TYPE_DNSKEY,
	153	DNS_TYPE_RRSIG,
	154	DNS_TYPE_NSEC,
	155	DNS_TYPE_NSEC3,
	156	DNS_TYPE_NSEC3PARAM);
	157	}
	158
d0129ddb LP	159	bool dns_type_is_obsolete(uint16_t type) {
	160	return IN_SET(type,
	161	/* Obsoleted by RFC 973 */
	162	DNS_TYPE_MD,
	163	DNS_TYPE_MF,
	164	DNS_TYPE_MAILA,
	165
	166	/* Kinda obsoleted by RFC 2505 */
	167	DNS_TYPE_MB,
	168	DNS_TYPE_MG,
	169	DNS_TYPE_MR,
	170	DNS_TYPE_MINFO,
	171	DNS_TYPE_MAILB,
	172
	173	/* RFC1127 kinda obsoleted this by recommending against its use */
	174	DNS_TYPE_WKS,
	175
	176	/* Declared historical by RFC 6563 */
	177	DNS_TYPE_A6,
	178
	179	/* Obsoleted by DNSSEC-bis */
	180	DNS_TYPE_NXT,
	181
	182	/* RFC 1035 removed support for concepts that needed this from RFC 883 */
	183	DNS_TYPE_NULL);
	184	}
	185
4b548ef3 LP	186	const char *dns_class_to_string(uint16_t class) {
	187
	188	switch (class) {
	189
	190	case DNS_CLASS_IN:
	191	return "IN";
	192
	193	case DNS_CLASS_ANY:
	194	return "ANY";
	195	}
	196
	197	return NULL;
	198	}
	199
	200	int dns_class_from_string(const char *s) {
	201
	202	if (!s)
	203	return _DNS_CLASS_INVALID;
	204
	205	if (strcaseeq(s, "IN"))
	206	return DNS_CLASS_IN;
	207	else if (strcaseeq(s, "ANY"))
	208	return DNS_CLASS_ANY;
	209
	210	return _DNS_CLASS_INVALID;
	211	}