]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/resolve/resolved-dns-rr.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Replace DNS_RESOURCE_KEY_NAME with a version which always returns "." for root
[thirdparty/systemd.git] / src / resolve / resolved-dns-rr.c
CommitLineData
74b2466e
LP		 1/***
2 This file is part of systemd.
3
4 Copyright 2014 Lennart Poettering
5
6 systemd is free software; you can redistribute it and/or modify it
7 under the terms of the GNU Lesser General Public License as published by
8 the Free Software Foundation; either version 2.1 of the License, or
9 (at your option) any later version.
10
11 systemd is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
15
16 You should have received a copy of the GNU Lesser General Public License
17 along with systemd; If not, see <http://www.gnu.org/licenses/>.
18***/
19
0dae31d4
ZJS		 20#include <math.h>
21
b5efdb8a 22#include "alloc-util.h"
4ad7f276 23#include "dns-domain.h"
7263f724 24#include "dns-type.h"
95052df3 25#include "escape.h"
e4e73a63 26#include "hexdecoct.h"
fc8eec10 27#include "resolved-dns-dnssec.h"
07630cea 28#include "resolved-dns-packet.h"
e4e73a63 29#include "resolved-dns-rr.h"
8730bccf 30#include "string-table.h"
07630cea
LP		 31#include "string-util.h"
32#include "strv.h"
d7671a3e 33#include "terminal-util.h"
74b2466e 34
faa133f3
LP		 35DnsResourceKey* dns_resource_key_new(uint16_t class, uint16_t type, const char *name) {
36 DnsResourceKey *k;
37 size_t l;
74b2466e 38
faa133f3
LP		 39 assert(name);
40
41 l = strlen(name);
42 k = malloc0(sizeof(DnsResourceKey) + l + 1);
43 if (!k)
44 return NULL;
45
46 k->n_ref = 1;
47 k->class = class;
48 k->type = type;
49
50 strcpy((char*) k + sizeof(DnsResourceKey), name);
51
52 return k;
53}
54
36d9205d 55DnsResourceKey* dns_resource_key_new_redirect(const DnsResourceKey *key, const DnsResourceRecord *cname) {
58db254a
LP		 56 int r;
57
36d9205d
TG		 58 assert(key);
59 assert(cname);
60
58db254a
LP		 61 assert(IN_SET(cname->key->type, DNS_TYPE_CNAME, DNS_TYPE_DNAME));
62
63 if (cname->key->type == DNS_TYPE_CNAME)
64 return dns_resource_key_new(key->class, key->type, cname->cname.name);
65 else {
66 DnsResourceKey *k;
67 char *destination = NULL;
68
1c02e7ba 69 r = dns_name_change_suffix(dns_resource_key_name(key), dns_resource_key_name(cname->key), cname->dname.name, &destination);
58db254a
LP		 70 if (r < 0)
71 return NULL;
72 if (r == 0)
73 return dns_resource_key_ref((DnsResourceKey*) key);
74
75 k = dns_resource_key_new_consume(key->class, key->type, destination);
76 if (!k) {
77 free(destination);
78 return NULL;
79 }
80
81 return k;
82 }
36d9205d
TG		 83}
84
801ad6a6
LP		 85int dns_resource_key_new_append_suffix(DnsResourceKey **ret, DnsResourceKey *key, char *name) {
86 DnsResourceKey *new_key;
87 char *joined;
88 int r;
89
90 assert(ret);
91 assert(key);
92 assert(name);
93
dc477e73 94 if (dns_name_is_root(name)) {
801ad6a6
LP		 95 *ret = dns_resource_key_ref(key);
96 return 0;
97 }
98
1c02e7ba 99 r = dns_name_concat(dns_resource_key_name(key), name, &joined);
801ad6a6
LP		 100 if (r < 0)
101 return r;
102
103 new_key = dns_resource_key_new_consume(key->class, key->type, joined);
104 if (!new_key) {
105 free(joined);
106 return -ENOMEM;
107 }
108
109 *ret = new_key;
110 return 0;
111}
112
faa133f3
LP		 113DnsResourceKey* dns_resource_key_new_consume(uint16_t class, uint16_t type, char *name) {
114 DnsResourceKey *k;
115
116 assert(name);
117
118 k = new0(DnsResourceKey, 1);
119 if (!k)
120 return NULL;
121
122 k->n_ref = 1;
123 k->class = class;
124 k->type = type;
125 k->_name = name;
126
127 return k;
128}
129
130DnsResourceKey* dns_resource_key_ref(DnsResourceKey *k) {
131
132 if (!k)
133 return NULL;
134
1b4f6e79
LP		 135 /* Static/const keys created with DNS_RESOURCE_KEY_CONST will
136 * set this to -1, they should not be reffed/unreffed */
137 assert(k->n_ref != (unsigned) -1);
138
faa133f3
LP		 139 assert(k->n_ref > 0);
140 k->n_ref++;
141
142 return k;
143}
144
145DnsResourceKey* dns_resource_key_unref(DnsResourceKey *k) {
146 if (!k)
147 return NULL;
148
1b4f6e79 149 assert(k->n_ref != (unsigned) -1);
faa133f3
LP		 150 assert(k->n_ref > 0);
151
152 if (k->n_ref == 1) {
153 free(k->_name);
154 free(k);
155 } else
156 k->n_ref--;
157
158 return NULL;
159}
160
1c02e7ba
ZJS		 161const char* dns_resource_key_name(const DnsResourceKey *key) {
162 const char *name;
163
164 if (!key)
165 return NULL;
166
167 if (key->_name)
168 name = key->_name;
169 else
170 name = (char*) key + sizeof(DnsResourceKey);
171
172 if (dns_name_is_root(name))
173 return ".";
174 else
175 return name;
176}
177
28b9b764
LP		 178bool dns_resource_key_is_address(const DnsResourceKey *key) {
179 assert(key);
180
181 /* Check if this is an A or AAAA resource key */
182
183 return key->class == DNS_CLASS_IN && IN_SET(key->type, DNS_TYPE_A, DNS_TYPE_AAAA);
184}
185
faa133f3
LP		 186int dns_resource_key_equal(const DnsResourceKey *a, const DnsResourceKey *b) {
187 int r;
188
4d247a6c
LP		 189 if (a == b)
190 return 1;
191
1c02e7ba 192 r = dns_name_equal(dns_resource_key_name(a), dns_resource_key_name(b));
faa133f3
LP		 193 if (r <= 0)
194 return r;
195
196 if (a->class != b->class)
197 return 0;
198
199 if (a->type != b->type)
200 return 0;
201
202 return 1;
203}
204
105e1512 205int dns_resource_key_match_rr(const DnsResourceKey *key, DnsResourceRecord *rr, const char *search_domain) {
801ad6a6
LP		 206 int r;
207
faa133f3
LP		 208 assert(key);
209 assert(rr);
210
4d247a6c
LP		 211 if (key == rr->key)
212 return 1;
213
801ad6a6
LP		 214 /* Checks if an rr matches the specified key. If a search
215 * domain is specified, it will also be checked if the key
216 * with the search domain suffixed might match the RR. */
217
faa133f3
LP		 218 if (rr->key->class != key->class && key->class != DNS_CLASS_ANY)
219 return 0;
220
221 if (rr->key->type != key->type && key->type != DNS_TYPE_ANY)
222 return 0;
223
1c02e7ba 224 r = dns_name_equal(dns_resource_key_name(rr->key), dns_resource_key_name(key));
801ad6a6
LP		 225 if (r != 0)
226 return r;
227
228 if (search_domain) {
229 _cleanup_free_ char *joined = NULL;
230
1c02e7ba 231 r = dns_name_concat(dns_resource_key_name(key), search_domain, &joined);
801ad6a6
LP		 232 if (r < 0)
233 return r;
234
1c02e7ba 235 return dns_name_equal(dns_resource_key_name(rr->key), joined);
801ad6a6
LP		 236 }
237
238 return 0;
faa133f3
LP		 239}
240
5d27351f 241int dns_resource_key_match_cname_or_dname(const DnsResourceKey *key, const DnsResourceKey *cname, const char *search_domain) {
801ad6a6
LP		 242 int r;
243
faa133f3 244 assert(key);
5d27351f 245 assert(cname);
faa133f3 246
5d27351f 247 if (cname->class != key->class && key->class != DNS_CLASS_ANY)
faa133f3
LP		 248 return 0;
249
5d27351f 250 if (cname->type == DNS_TYPE_CNAME)
1c02e7ba 251 r = dns_name_equal(dns_resource_key_name(key), dns_resource_key_name(cname));
5d27351f 252 else if (cname->type == DNS_TYPE_DNAME)
1c02e7ba 253 r = dns_name_endswith(dns_resource_key_name(key), dns_resource_key_name(cname));
58db254a 254 else
faa133f3 255 return 0;
801ad6a6
LP		 256
257 if (r != 0)
258 return r;
259
260 if (search_domain) {
261 _cleanup_free_ char *joined = NULL;
262
1c02e7ba 263 r = dns_name_concat(dns_resource_key_name(key), search_domain, &joined);
801ad6a6
LP		 264 if (r < 0)
265 return r;
266
5d27351f 267 if (cname->type == DNS_TYPE_CNAME)
1c02e7ba 268 return dns_name_equal(joined, dns_resource_key_name(cname));
5d27351f 269 else if (cname->type == DNS_TYPE_DNAME)
1c02e7ba 270 return dns_name_endswith(joined, dns_resource_key_name(cname));
801ad6a6
LP		 271 }
272
273 return 0;
547973de
LP		 274}
275
276int dns_resource_key_match_soa(const DnsResourceKey *key, const DnsResourceKey *soa) {
277 assert(soa);
278 assert(key);
279
280 /* Checks whether 'soa' is a SOA record for the specified key. */
281
65b200e7 282 if (soa->class != key->class)
547973de 283 return 0;
801ad6a6 284
547973de
LP		 285 if (soa->type != DNS_TYPE_SOA)
286 return 0;
287
1c02e7ba 288 return dns_name_endswith(dns_resource_key_name(key), dns_resource_key_name(soa));
74b2466e
LP		 289}
290
b826ab58 291static void dns_resource_key_hash_func(const void *i, struct siphash *state) {
322345fd 292 const DnsResourceKey *k = i;
322345fd 293
b826ab58 294 assert(k);
322345fd 295
1c02e7ba 296 dns_name_hash_func(dns_resource_key_name(k), state);
b826ab58
TG		 297 siphash24_compress(&k->class, sizeof(k->class), state);
298 siphash24_compress(&k->type, sizeof(k->type), state);
322345fd
LP		 299}
300
d5099efc 301static int dns_resource_key_compare_func(const void *a, const void *b) {
322345fd
LP		 302 const DnsResourceKey *x = a, *y = b;
303 int ret;
304
1c02e7ba 305 ret = dns_name_compare_func(dns_resource_key_name(x), dns_resource_key_name(y));
322345fd
LP		 306 if (ret != 0)
307 return ret;
308
309 if (x->type < y->type)
310 return -1;
311 if (x->type > y->type)
312 return 1;
313
314 if (x->class < y->class)
315 return -1;
316 if (x->class > y->class)
317 return 1;
318
319 return 0;
320}
321
d5099efc
MS		 322const struct hash_ops dns_resource_key_hash_ops = {
323 .hash = dns_resource_key_hash_func,
324 .compare = dns_resource_key_compare_func
325};
326
2d4c5cbc 327int dns_resource_key_to_string(const DnsResourceKey *key, char **ret) {
d23a27a9 328 char cbuf[strlen("CLASS") + DECIMAL_STR_MAX(uint16_t)], tbuf[strlen("TYPE") + DECIMAL_STR_MAX(uint16_t)];
1c02e7ba 329 const char *c, *t;
2d4c5cbc
LP		 330 char *s;
331
6af47493
LP		 332 /* If we cannot convert the CLASS/TYPE into a known string,
333 use the format recommended by RFC 3597, Section 5. */
334
2d4c5cbc
LP		 335 c = dns_class_to_string(key->class);
336 if (!c) {
d23a27a9 337 sprintf(cbuf, "CLASS%u", key->class);
2d4c5cbc
LP		 338 c = cbuf;
339 }
340
341 t = dns_type_to_string(key->type);
342 if (!t){
d23a27a9 343 sprintf(tbuf, "TYPE%u", key->type);
2d4c5cbc
LP		 344 t = tbuf;
345 }
346
1c02e7ba 347 if (asprintf(&s, "%s %s %-5s", dns_resource_key_name(key), c, t) < 0)
2d4c5cbc
LP		 348 return -ENOMEM;
349
350 *ret = s;
351 return 0;
352}
353
f57e3cd5
LP		 354bool dns_resource_key_reduce(DnsResourceKey **a, DnsResourceKey **b) {
355 assert(a);
356 assert(b);
357
358 /* Try to replace one RR key by another if they are identical, thus saving a bit of memory. Note that we do
359 * this only for RR keys, not for RRs themselves, as they carry a lot of additional metadata (where they come
360 * from, validity data, and suchlike), and cannot be replaced so easily by other RRs that have the same
361 * superficial data. */
362
363 if (!*a)
364 return false;
365 if (!*b)
366 return false;
367
368 /* We refuse merging const keys */
369 if ((*a)->n_ref == (unsigned) -1)
370 return false;
371 if ((*b)->n_ref == (unsigned) -1)
372 return false;
373
374 /* Already the same? */
375 if (*a == *b)
376 return true;
377
378 /* Are they really identical? */
379 if (dns_resource_key_equal(*a, *b) <= 0)
380 return false;
381
382 /* Keep the one which already has more references. */
383 if ((*a)->n_ref > (*b)->n_ref) {
384 dns_resource_key_unref(*b);
385 *b = dns_resource_key_ref(*a);
386 } else {
387 dns_resource_key_unref(*a);
388 *a = dns_resource_key_ref(*b);
389 }
390
391 return true;
392}
393
faa133f3 394DnsResourceRecord* dns_resource_record_new(DnsResourceKey *key) {
74b2466e
LP		 395 DnsResourceRecord *rr;
396
397 rr = new0(DnsResourceRecord, 1);
398 if (!rr)
399 return NULL;
400
401 rr->n_ref = 1;
faa133f3 402 rr->key = dns_resource_key_ref(key);
ee3d6aff 403 rr->expiry = USEC_INFINITY;
97c67192 404 rr->n_skip_labels_signer = rr->n_skip_labels_source = (unsigned) -1;
faa133f3 405
74b2466e
LP		 406 return rr;
407}
408
8bf52d3d
LP		 409DnsResourceRecord* dns_resource_record_new_full(uint16_t class, uint16_t type, const char *name) {
410 _cleanup_(dns_resource_key_unrefp) DnsResourceKey *key = NULL;
411
412 key = dns_resource_key_new(class, type, name);
413 if (!key)
414 return NULL;
415
416 return dns_resource_record_new(key);
417}
418
74b2466e
LP		 419DnsResourceRecord* dns_resource_record_ref(DnsResourceRecord *rr) {
420 if (!rr)
421 return NULL;
422
423 assert(rr->n_ref > 0);
424 rr->n_ref++;
425
426 return rr;
427}
428
429DnsResourceRecord* dns_resource_record_unref(DnsResourceRecord *rr) {
430 if (!rr)
431 return NULL;
432
433 assert(rr->n_ref > 0);
434
435 if (rr->n_ref > 1) {
436 rr->n_ref--;
437 return NULL;
438 }
439
faa133f3 440 if (rr->key) {
9de3e329 441 switch(rr->key->type) {
9c92ce6d
LP		 442
443 case DNS_TYPE_SRV:
444 free(rr->srv.name);
445 break;
446
9de3e329
ZJS		 447 case DNS_TYPE_PTR:
448 case DNS_TYPE_NS:
449 case DNS_TYPE_CNAME:
8ac4e9e1 450 case DNS_TYPE_DNAME:
faa133f3 451 free(rr->ptr.name);
9de3e329 452 break;
9c92ce6d 453
9de3e329 454 case DNS_TYPE_HINFO:
faa133f3
LP		 455 free(rr->hinfo.cpu);
456 free(rr->hinfo.os);
9de3e329 457 break;
9c92ce6d 458
9de3e329 459 case DNS_TYPE_TXT:
9c92ce6d 460 case DNS_TYPE_SPF:
2001c805 461 dns_txt_item_free_all(rr->txt.items);
9de3e329 462 break;
9c92ce6d 463
9de3e329 464 case DNS_TYPE_SOA:
7e8e0422
LP		 465 free(rr->soa.mname);
466 free(rr->soa.rname);
9de3e329 467 break;
9c92ce6d 468
9de3e329 469 case DNS_TYPE_MX:
946c7094 470 free(rr->mx.exchange);
9de3e329 471 break;
9c92ce6d 472
abf126a3
TG		 473 case DNS_TYPE_DS:
474 free(rr->ds.digest);
475 break;
476
42cc2eeb 477 case DNS_TYPE_SSHFP:
549c1a25 478 free(rr->sshfp.fingerprint);
42cc2eeb
LP		 479 break;
480
8db0d2f5
ZJS		 481 case DNS_TYPE_DNSKEY:
482 free(rr->dnskey.key);
483 break;
484
151226ab
ZJS		 485 case DNS_TYPE_RRSIG:
486 free(rr->rrsig.signer);
487 free(rr->rrsig.signature);
488 break;
489
50f1e641
TG		 490 case DNS_TYPE_NSEC:
491 free(rr->nsec.next_domain_name);
492 bitmap_free(rr->nsec.types);
493 break;
494
5d45a880
TG		 495 case DNS_TYPE_NSEC3:
496 free(rr->nsec3.next_hashed_name);
497 free(rr->nsec3.salt);
498 bitmap_free(rr->nsec3.types);
499 break;
500
0dae31d4 501 case DNS_TYPE_LOC:
9de3e329
ZJS		 502 case DNS_TYPE_A:
503 case DNS_TYPE_AAAA:
504 break;
9c92ce6d 505
48d45d2b
ZJS		 506 case DNS_TYPE_TLSA:
507 free(rr->tlsa.data);
508 break;
509
95052df3
ZJS		 510 case DNS_TYPE_CAA:
511 free(rr->caa.tag);
512 free(rr->caa.value);
513 break;
514
d93a16b8 515 case DNS_TYPE_OPENPGPKEY:
9de3e329 516 default:
faa133f3 517 free(rr->generic.data);
9de3e329 518 }
322345fd 519
a8812dd7 520 free(rr->wire_format);
faa133f3
LP		 521 dns_resource_key_unref(rr->key);
522 }
322345fd 523
7b50eb2e 524 free(rr->to_string);
faa133f3 525 free(rr);
322345fd 526
322345fd
LP		 527 return NULL;
528}
529
623a4c97
LP		 530int dns_resource_record_new_reverse(DnsResourceRecord **ret, int family, const union in_addr_union *address, const char *hostname) {
531 _cleanup_(dns_resource_key_unrefp) DnsResourceKey *key = NULL;
532 _cleanup_(dns_resource_record_unrefp) DnsResourceRecord *rr = NULL;
533 _cleanup_free_ char *ptr = NULL;
534 int r;
535
536 assert(ret);
537 assert(address);
538 assert(hostname);
539
540 r = dns_name_reverse(family, address, &ptr);
541 if (r < 0)
542 return r;
543
544 key = dns_resource_key_new_consume(DNS_CLASS_IN, DNS_TYPE_PTR, ptr);
545 if (!key)
546 return -ENOMEM;
547
548 ptr = NULL;
549
550 rr = dns_resource_record_new(key);
551 if (!rr)
552 return -ENOMEM;
553
554 rr->ptr.name = strdup(hostname);
555 if (!rr->ptr.name)
556 return -ENOMEM;
557
558 *ret = rr;
559 rr = NULL;
560
561 return 0;
562}
563
78c6a153
LP		 564int dns_resource_record_new_address(DnsResourceRecord **ret, int family, const union in_addr_union *address, const char *name) {
565 DnsResourceRecord *rr;
566
567 assert(ret);
568 assert(address);
569 assert(family);
570
571 if (family == AF_INET) {
572
573 rr = dns_resource_record_new_full(DNS_CLASS_IN, DNS_TYPE_A, name);
574 if (!rr)
575 return -ENOMEM;
576
577 rr->a.in_addr = address->in;
578
579 } else if (family == AF_INET6) {
580
581 rr = dns_resource_record_new_full(DNS_CLASS_IN, DNS_TYPE_AAAA, name);
582 if (!rr)
583 return -ENOMEM;
584
585 rr->aaaa.in6_addr = address->in6;
586 } else
587 return -EAFNOSUPPORT;
588
589 *ret = rr;
590
591 return 0;
592}
593
a43a068a
ZJS		 594#define FIELD_EQUAL(a, b, field) \
595 ((a).field ## _size == (b).field ## _size && \
596 memcmp((a).field, (b).field, (a).field ## _size) == 0)
597
322345fd
LP		 598int dns_resource_record_equal(const DnsResourceRecord *a, const DnsResourceRecord *b) {
599 int r;
600
601 assert(a);
602 assert(b);
603
4d247a6c
LP		 604 if (a == b)
605 return 1;
606
faa133f3 607 r = dns_resource_key_equal(a->key, b->key);
322345fd
LP		 608 if (r <= 0)
609 return r;
610
fd0b4602
LP		 611 if (a->unparseable != b->unparseable)
612 return 0;
613
614 switch (a->unparseable ? _DNS_TYPE_INVALID : a->key->type) {
2d4c5cbc 615
9c92ce6d
LP		 616 case DNS_TYPE_SRV:
617 r = dns_name_equal(a->srv.name, b->srv.name);
618 if (r <= 0)
619 return r;
620
621 return a->srv.priority == b->srv.priority &&
622 a->srv.weight == b->srv.weight &&
623 a->srv.port == b->srv.port;
624
2d4c5cbc
LP		 625 case DNS_TYPE_PTR:
626 case DNS_TYPE_NS:
627 case DNS_TYPE_CNAME:
8ac4e9e1 628 case DNS_TYPE_DNAME:
322345fd 629 return dns_name_equal(a->ptr.name, b->ptr.name);
2d4c5cbc
LP		 630
631 case DNS_TYPE_HINFO:
632 return strcaseeq(a->hinfo.cpu, b->hinfo.cpu) &&
633 strcaseeq(a->hinfo.os, b->hinfo.os);
634
9de3e329 635 case DNS_TYPE_SPF: /* exactly the same as TXT */
0f84a72e 636 case DNS_TYPE_TXT:
2001c805 637 return dns_txt_item_equal(a->txt.items, b->txt.items);
2e276efc 638
2d4c5cbc 639 case DNS_TYPE_A:
322345fd 640 return memcmp(&a->a.in_addr, &b->a.in_addr, sizeof(struct in_addr)) == 0;
2d4c5cbc
LP		 641
642 case DNS_TYPE_AAAA:
322345fd 643 return memcmp(&a->aaaa.in6_addr, &b->aaaa.in6_addr, sizeof(struct in6_addr)) == 0;
2d4c5cbc
LP		 644
645 case DNS_TYPE_SOA:
7e8e0422
LP		 646 r = dns_name_equal(a->soa.mname, b->soa.mname);
647 if (r <= 0)
648 return r;
649 r = dns_name_equal(a->soa.rname, b->soa.rname);
650 if (r <= 0)
651 return r;
652
653 return a->soa.serial == b->soa.serial &&
654 a->soa.refresh == b->soa.refresh &&
655 a->soa.retry == b->soa.retry &&
656 a->soa.expire == b->soa.expire &&
657 a->soa.minimum == b->soa.minimum;
9c92ce6d 658
946c7094
ZJS		 659 case DNS_TYPE_MX:
660 if (a->mx.priority != b->mx.priority)
661 return 0;
662
663 return dns_name_equal(a->mx.exchange, b->mx.exchange);
664
0dae31d4
ZJS		 665 case DNS_TYPE_LOC:
666 assert(a->loc.version == b->loc.version);
667
668 return a->loc.size == b->loc.size &&
669 a->loc.horiz_pre == b->loc.horiz_pre &&
670 a->loc.vert_pre == b->loc.vert_pre &&
671 a->loc.latitude == b->loc.latitude &&
672 a->loc.longitude == b->loc.longitude &&
673 a->loc.altitude == b->loc.altitude;
674
abf126a3
TG		 675 case DNS_TYPE_DS:
676 return a->ds.key_tag == b->ds.key_tag &&
677 a->ds.algorithm == b->ds.algorithm &&
678 a->ds.digest_type == b->ds.digest_type &&
a43a068a 679 FIELD_EQUAL(a->ds, b->ds, digest);
abf126a3 680
42cc2eeb
LP		 681 case DNS_TYPE_SSHFP:
682 return a->sshfp.algorithm == b->sshfp.algorithm &&
683 a->sshfp.fptype == b->sshfp.fptype &&
a43a068a 684 FIELD_EQUAL(a->sshfp, b->sshfp, fingerprint);
42cc2eeb 685
8db0d2f5 686 case DNS_TYPE_DNSKEY:
f91dc240
LP		 687 return a->dnskey.flags == b->dnskey.flags &&
688 a->dnskey.protocol == b->dnskey.protocol &&
8db0d2f5 689 a->dnskey.algorithm == b->dnskey.algorithm &&
a43a068a 690 FIELD_EQUAL(a->dnskey, b->dnskey, key);
8db0d2f5 691
151226ab
ZJS		 692 case DNS_TYPE_RRSIG:
693 /* do the fast comparisons first */
a43a068a
ZJS		 694 return a->rrsig.type_covered == b->rrsig.type_covered &&
695 a->rrsig.algorithm == b->rrsig.algorithm &&
696 a->rrsig.labels == b->rrsig.labels &&
697 a->rrsig.original_ttl == b->rrsig.original_ttl &&
698 a->rrsig.expiration == b->rrsig.expiration &&
699 a->rrsig.inception == b->rrsig.inception &&
700 a->rrsig.key_tag == b->rrsig.key_tag &&
701 FIELD_EQUAL(a->rrsig, b->rrsig, signature) &&
702 dns_name_equal(a->rrsig.signer, b->rrsig.signer);
151226ab 703
50f1e641
TG		 704 case DNS_TYPE_NSEC:
705 return dns_name_equal(a->nsec.next_domain_name, b->nsec.next_domain_name) &&
706 bitmap_equal(a->nsec.types, b->nsec.types);
707
5d45a880
TG		 708 case DNS_TYPE_NSEC3:
709 return a->nsec3.algorithm == b->nsec3.algorithm &&
a43a068a
ZJS		 710 a->nsec3.flags == b->nsec3.flags &&
711 a->nsec3.iterations == b->nsec3.iterations &&
712 FIELD_EQUAL(a->nsec3, b->nsec3, salt) &&
713 FIELD_EQUAL(a->nsec3, b->nsec3, next_hashed_name) &&
714 bitmap_equal(a->nsec3.types, b->nsec3.types);
5d45a880 715
48d45d2b
ZJS		 716 case DNS_TYPE_TLSA:
717 return a->tlsa.cert_usage == b->tlsa.cert_usage &&
718 a->tlsa.selector == b->tlsa.selector &&
719 a->tlsa.matching_type == b->tlsa.matching_type &&
a43a068a 720 FIELD_EQUAL(a->tlsa, b->tlsa, data);
48d45d2b 721
95052df3
ZJS		 722 case DNS_TYPE_CAA:
723 return a->caa.flags == b->caa.flags &&
724 streq(a->caa.tag, b->caa.tag) &&
725 FIELD_EQUAL(a->caa, b->caa, value);
726
727 case DNS_TYPE_OPENPGPKEY:
2d4c5cbc 728 default:
a43a068a 729 return FIELD_EQUAL(a->generic, b->generic, data);
2d4c5cbc 730 }
322345fd
LP		 731}
732
0dae31d4
ZJS		 733static char* format_location(uint32_t latitude, uint32_t longitude, uint32_t altitude,
734 uint8_t size, uint8_t horiz_pre, uint8_t vert_pre) {
735 char *s;
736 char NS = latitude >= 1U<<31 ? 'N' : 'S';
737 char EW = longitude >= 1U<<31 ? 'E' : 'W';
738
739 int lat = latitude >= 1U<<31 ? (int) (latitude - (1U<<31)) : (int) ((1U<<31) - latitude);
740 int lon = longitude >= 1U<<31 ? (int) (longitude - (1U<<31)) : (int) ((1U<<31) - longitude);
741 double alt = altitude >= 10000000u ? altitude - 10000000u : -(double)(10000000u - altitude);
742 double siz = (size >> 4) * exp10((double) (size & 0xF));
743 double hor = (horiz_pre >> 4) * exp10((double) (horiz_pre & 0xF));
744 double ver = (vert_pre >> 4) * exp10((double) (vert_pre & 0xF));
745
746 if (asprintf(&s, "%d %d %.3f %c %d %d %.3f %c %.2fm %.2fm %.2fm %.2fm",
747 (lat / 60000 / 60),
748 (lat / 60000) % 60,
749 (lat % 60000) / 1000.,
750 NS,
751 (lon / 60000 / 60),
752 (lon / 60000) % 60,
753 (lon % 60000) / 1000.,
754 EW,
755 alt / 100.,
756 siz / 100.,
757 hor / 100.,
758 ver / 100.) < 0)
759 return NULL;
760
761 return s;
762}
763
7c6423e1
TG		 764static int format_timestamp_dns(char *buf, size_t l, time_t sec) {
765 struct tm tm;
766
767 assert(buf);
768 assert(l > strlen("YYYYMMDDHHmmSS"));
769
770 if (!gmtime_r(&sec, &tm))
771 return -EINVAL;
772
773 if (strftime(buf, l, "%Y%m%d%H%M%S", &tm) <= 0)
774 return -EINVAL;
775
776 return 0;
777}
778
50f1e641
TG		 779static char *format_types(Bitmap *types) {
780 _cleanup_strv_free_ char **strv = NULL;
781 _cleanup_free_ char *str = NULL;
cb57dd41 782 Iterator i;
50f1e641
TG		 783 unsigned type;
784 int r;
785
cb57dd41 786 BITMAP_FOREACH(type, types, i) {
50f1e641 787 if (dns_type_to_string(type)) {
2c1fb4f7 788 r = strv_extend(&strv, dns_type_to_string(type));
50f1e641
TG		 789 if (r < 0)
790 return NULL;
791 } else {
792 char *t;
793
794 r = asprintf(&t, "TYPE%u", type);
795 if (r < 0)
796 return NULL;
797
2c1fb4f7 798 r = strv_consume(&strv, t);
50f1e641
TG		 799 if (r < 0)
800 return NULL;
801 }
802 }
803
804 str = strv_join(strv, " ");
805 if (!str)
806 return NULL;
807
808 return strjoin("( ", str, " )", NULL);
809}
810
2001c805
LP		 811static char *format_txt(DnsTxtItem *first) {
812 DnsTxtItem *i;
813 size_t c = 1;
814 char *p, *s;
815
816 LIST_FOREACH(items, i, first)
817 c += i->length * 4 + 3;
818
819 p = s = new(char, c);
820 if (!s)
821 return NULL;
822
823 LIST_FOREACH(items, i, first) {
824 size_t j;
825
826 if (i != first)
827 *(p++) = ' ';
828
829 *(p++) = '"';
830
831 for (j = 0; j < i->length; j++) {
832 if (i->data[j] < ' ' || i->data[j] == '"' || i->data[j] >= 127) {
833 *(p++) = '\\';
834 *(p++) = '0' + (i->data[j] / 100);
835 *(p++) = '0' + ((i->data[j] / 10) % 10);
836 *(p++) = '0' + (i->data[j] % 10);
837 } else
838 *(p++) = i->data[j];
839 }
840
841 *(p++) = '"';
842 }
843
844 *p = 0;
845 return s;
846}
847
7b50eb2e 848const char *dns_resource_record_to_string(DnsResourceRecord *rr) {
8db0d2f5 849 _cleanup_free_ char *k = NULL, *t = NULL;
2d4c5cbc
LP		 850 char *s;
851 int r;
322345fd 852
2d4c5cbc 853 assert(rr);
322345fd 854
7b50eb2e
LP		 855 if (rr->to_string)
856 return rr->to_string;
857
2d4c5cbc
LP		 858 r = dns_resource_key_to_string(rr->key, &k);
859 if (r < 0)
7b50eb2e 860 return NULL;
322345fd 861
0dae31d4 862 switch (rr->unparseable ? _DNS_TYPE_INVALID : rr->key->type) {
322345fd 863
9c92ce6d
LP		 864 case DNS_TYPE_SRV:
865 r = asprintf(&s, "%s %u %u %u %s",
866 k,
867 rr->srv.priority,
868 rr->srv.weight,
869 rr->srv.port,
870 strna(rr->srv.name));
871 if (r < 0)
7b50eb2e 872 return NULL;
9c92ce6d
LP		 873 break;
874
2d4c5cbc
LP		 875 case DNS_TYPE_PTR:
876 case DNS_TYPE_NS:
877 case DNS_TYPE_CNAME:
8ac4e9e1 878 case DNS_TYPE_DNAME:
2d4c5cbc
LP		 879 s = strjoin(k, " ", rr->ptr.name, NULL);
880 if (!s)
7b50eb2e 881 return NULL;
322345fd 882
2d4c5cbc 883 break;
322345fd 884
2d4c5cbc
LP		 885 case DNS_TYPE_HINFO:
886 s = strjoin(k, " ", rr->hinfo.cpu, " ", rr->hinfo.os, NULL);
887 if (!s)
7b50eb2e 888 return NULL;
2d4c5cbc 889 break;
322345fd 890
9de3e329 891 case DNS_TYPE_SPF: /* exactly the same as TXT */
8db0d2f5 892 case DNS_TYPE_TXT:
2001c805 893 t = format_txt(rr->txt.items);
2e276efc 894 if (!t)
7b50eb2e 895 return NULL;
2e276efc
ZJS		 896
897 s = strjoin(k, " ", t, NULL);
898 if (!s)
7b50eb2e 899 return NULL;
2e276efc 900 break;
2e276efc 901
2d4c5cbc
LP		 902 case DNS_TYPE_A: {
903 _cleanup_free_ char *x = NULL;
322345fd 904
2d4c5cbc
LP		 905 r = in_addr_to_string(AF_INET, (const union in_addr_union*) &rr->a.in_addr, &x);
906 if (r < 0)
7b50eb2e 907 return NULL;
322345fd 908
2d4c5cbc
LP		 909 s = strjoin(k, " ", x, NULL);
910 if (!s)
7b50eb2e 911 return NULL;
2d4c5cbc
LP		 912 break;
913 }
322345fd 914
8db0d2f5
ZJS		 915 case DNS_TYPE_AAAA:
916 r = in_addr_to_string(AF_INET6, (const union in_addr_union*) &rr->aaaa.in6_addr, &t);
2d4c5cbc 917 if (r < 0)
7b50eb2e 918 return NULL;
322345fd 919
8db0d2f5 920 s = strjoin(k, " ", t, NULL);
2d4c5cbc 921 if (!s)
7b50eb2e 922 return NULL;
2d4c5cbc 923 break;
322345fd 924
2d4c5cbc
LP		 925 case DNS_TYPE_SOA:
926 r = asprintf(&s, "%s %s %s %u %u %u %u %u",
927 k,
928 strna(rr->soa.mname),
929 strna(rr->soa.rname),
930 rr->soa.serial,
931 rr->soa.refresh,
932 rr->soa.retry,
933 rr->soa.expire,
934 rr->soa.minimum);
935 if (r < 0)
7b50eb2e 936 return NULL;
2d4c5cbc
LP		 937 break;
938
946c7094
ZJS		 939 case DNS_TYPE_MX:
940 r = asprintf(&s, "%s %u %s",
941 k,
942 rr->mx.priority,
943 rr->mx.exchange);
944 if (r < 0)
7b50eb2e 945 return NULL;
946c7094
ZJS		 946 break;
947
8db0d2f5 948 case DNS_TYPE_LOC:
0dae31d4
ZJS		 949 assert(rr->loc.version == 0);
950
8db0d2f5
ZJS		 951 t = format_location(rr->loc.latitude,
952 rr->loc.longitude,
953 rr->loc.altitude,
954 rr->loc.size,
955 rr->loc.horiz_pre,
956 rr->loc.vert_pre);
957 if (!t)
7b50eb2e 958 return NULL;
0dae31d4 959
8db0d2f5 960 s = strjoin(k, " ", t, NULL);
0dae31d4 961 if (!s)
7b50eb2e 962 return NULL;
0dae31d4 963 break;
0dae31d4 964
abf126a3
TG		 965 case DNS_TYPE_DS:
966 t = hexmem(rr->ds.digest, rr->ds.digest_size);
967 if (!t)
7b50eb2e 968 return NULL;
abf126a3
TG		 969
970 r = asprintf(&s, "%s %u %u %u %s",
971 k,
972 rr->ds.key_tag,
973 rr->ds.algorithm,
974 rr->ds.digest_type,
975 t);
976 if (r < 0)
7b50eb2e 977 return NULL;
abf126a3
TG		 978 break;
979
8db0d2f5 980 case DNS_TYPE_SSHFP:
549c1a25 981 t = hexmem(rr->sshfp.fingerprint, rr->sshfp.fingerprint_size);
8db0d2f5 982 if (!t)
7b50eb2e 983 return NULL;
42cc2eeb
LP		 984
985 r = asprintf(&s, "%s %u %u %s",
986 k,
987 rr->sshfp.algorithm,
988 rr->sshfp.fptype,
8db0d2f5 989 t);
42cc2eeb 990 if (r < 0)
7b50eb2e 991 return NULL;
42cc2eeb 992 break;
42cc2eeb 993
ff3d6560 994 case DNS_TYPE_DNSKEY: {
8e54f5d9 995 _cleanup_free_ char *alg = NULL;
99e5ca6d 996 char *ss;
718af59e 997 int n;
fc8eec10
ZJS		 998 uint16_t key_tag;
999
1000 key_tag = dnssec_keytag(rr, true);
ff3d6560 1001
8e54f5d9
LP		 1002 r = dnssec_algorithm_to_string_alloc(rr->dnskey.algorithm, &alg);
1003 if (r < 0)
1004 return NULL;
ff3d6560 1005
718af59e 1006 r = asprintf(&s, "%s %u %u %s %n",
8db0d2f5 1007 k,
f91dc240
LP		 1008 rr->dnskey.flags,
1009 rr->dnskey.protocol,
8e54f5d9 1010 alg,
d7671a3e 1011 &n);
8db0d2f5 1012 if (r < 0)
7b50eb2e 1013 return NULL;
d7671a3e
ZJS		 1014
1015 r = base64_append(&s, n,
1016 rr->dnskey.key, rr->dnskey.key_size,
1017 8, columns());
1018 if (r < 0)
1019 return NULL;
1020
99e5ca6d 1021 r = asprintf(&ss, "%s\n"
718af59e
ZJS		 1022 " -- Flags:%s%s%s\n"
1023 " -- Key tag: %u",
99e5ca6d 1024 s,
99e5ca6d
ZJS		 1025 rr->dnskey.flags & DNSKEY_FLAG_SEP ? " SEP" : "",
1026 rr->dnskey.flags & DNSKEY_FLAG_REVOKE ? " REVOKE" : "",
fc8eec10 1027 rr->dnskey.flags & DNSKEY_FLAG_ZONE_KEY ? " ZONE_KEY" : "",
fc8eec10 1028 key_tag);
99e5ca6d
ZJS		 1029 if (r < 0)
1030 return NULL;
1031 free(s);
1032 s = ss;
1033
8db0d2f5 1034 break;
ff3d6560 1035 }
2d4c5cbc 1036
151226ab 1037 case DNS_TYPE_RRSIG: {
8e54f5d9 1038 _cleanup_free_ char *alg = NULL;
7c6423e1 1039 char expiration[strlen("YYYYMMDDHHmmSS") + 1], inception[strlen("YYYYMMDDHHmmSS") + 1];
8e54f5d9 1040 const char *type;
d7671a3e 1041 int n;
151226ab
ZJS		 1042
1043 type = dns_type_to_string(rr->rrsig.type_covered);
8e54f5d9
LP		 1044
1045 r = dnssec_algorithm_to_string_alloc(rr->rrsig.algorithm, &alg);
1046 if (r < 0)
1047 return NULL;
151226ab 1048
7c6423e1
TG		 1049 r = format_timestamp_dns(expiration, sizeof(expiration), rr->rrsig.expiration);
1050 if (r < 0)
7b50eb2e 1051 return NULL;
7c6423e1
TG		 1052
1053 r = format_timestamp_dns(inception, sizeof(inception), rr->rrsig.inception);
1054 if (r < 0)
7b50eb2e 1055 return NULL;
7c6423e1 1056
151226ab
ZJS		 1057 /* TYPE?? follows
1058 * http://tools.ietf.org/html/rfc3597#section-5 */
1059
d7671a3e 1060 r = asprintf(&s, "%s %s%.*u %s %u %u %s %s %u %s %n",
151226ab
ZJS		 1061 k,
1062 type ?: "TYPE",
1063 type ? 0 : 1, type ? 0u : (unsigned) rr->rrsig.type_covered,
8e54f5d9 1064 alg,
151226ab
ZJS		 1065 rr->rrsig.labels,
1066 rr->rrsig.original_ttl,
7c6423e1
TG		 1067 expiration,
1068 inception,
151226ab
ZJS		 1069 rr->rrsig.key_tag,
1070 rr->rrsig.signer,
d7671a3e 1071 &n);
151226ab 1072 if (r < 0)
7b50eb2e 1073 return NULL;
d7671a3e
ZJS		 1074
1075 r = base64_append(&s, n,
1076 rr->rrsig.signature, rr->rrsig.signature_size,
1077 8, columns());
1078 if (r < 0)
1079 return NULL;
1080
151226ab
ZJS		 1081 break;
1082 }
1083
50f1e641
TG		 1084 case DNS_TYPE_NSEC:
1085 t = format_types(rr->nsec.types);
1086 if (!t)
7b50eb2e 1087 return NULL;
50f1e641
TG		 1088
1089 r = asprintf(&s, "%s %s %s",
1090 k,
1091 rr->nsec.next_domain_name,
1092 t);
1093 if (r < 0)
7b50eb2e 1094 return NULL;
50f1e641
TG		 1095 break;
1096
5d45a880
TG		 1097 case DNS_TYPE_NSEC3: {
1098 _cleanup_free_ char *salt = NULL, *hash = NULL;
1099
f5430a3e 1100 if (rr->nsec3.salt_size > 0) {
5d45a880
TG		 1101 salt = hexmem(rr->nsec3.salt, rr->nsec3.salt_size);
1102 if (!salt)
7b50eb2e 1103 return NULL;
5d45a880
TG		 1104 }
1105
1106 hash = base32hexmem(rr->nsec3.next_hashed_name, rr->nsec3.next_hashed_name_size, false);
1107 if (!hash)
7b50eb2e 1108 return NULL;
5d45a880
TG		 1109
1110 t = format_types(rr->nsec3.types);
1111 if (!t)
7b50eb2e 1112 return NULL;
5d45a880
TG		 1113
1114 r = asprintf(&s, "%s %"PRIu8" %"PRIu8" %"PRIu16" %s %s %s",
1115 k,
1116 rr->nsec3.algorithm,
1117 rr->nsec3.flags,
1118 rr->nsec3.iterations,
f5430a3e 1119 rr->nsec3.salt_size > 0 ? salt : "-",
5d45a880
TG		 1120 hash,
1121 t);
1122 if (r < 0)
7b50eb2e 1123 return NULL;
5d45a880
TG		 1124
1125 break;
1126 }
1127
48d45d2b 1128 case DNS_TYPE_TLSA: {
cfb90da3
ZJS		 1129 const char *cert_usage, *selector, *matching_type;
1130 char *ss;
48d45d2b
ZJS		 1131 int n;
1132
cfb90da3
ZJS		 1133 cert_usage = tlsa_cert_usage_to_string(rr->tlsa.cert_usage);
1134 selector = tlsa_selector_to_string(rr->tlsa.selector);
1135 matching_type = tlsa_matching_type_to_string(rr->tlsa.matching_type);
1136
48d45d2b
ZJS		 1137 r = asprintf(&s, "%s %u %u %u %n",
1138 k,
1139 rr->tlsa.cert_usage,
1140 rr->tlsa.selector,
1141 rr->tlsa.matching_type,
1142 &n);
1143 if (r < 0)
1144 return NULL;
1145
1146 r = base64_append(&s, n,
1147 rr->tlsa.data, rr->tlsa.data_size,
1148 8, columns());
1149 if (r < 0)
1150 return NULL;
cfb90da3
ZJS		 1151
1152 r = asprintf(&ss, "%s\n"
718af59e
ZJS		 1153 " -- Cert. usage: %s\n"
1154 " -- Selector: %s\n"
1155 " -- Matching type: %s",
cfb90da3 1156 s,
718af59e
ZJS		 1157 cert_usage,
1158 selector,
1159 matching_type);
cfb90da3
ZJS		 1160 if (r < 0)
1161 return NULL;
1162 free(s);
1163 s = ss;
1164
48d45d2b
ZJS		 1165 break;
1166 }
1167
95052df3
ZJS		 1168 case DNS_TYPE_CAA: {
1169 _cleanup_free_ char *value;
1170
1171 value = octescape(rr->caa.value, rr->caa.value_size);
1172 if (!value)
1173 return NULL;
1174
718af59e 1175 r = asprintf(&s, "%s %u %s \"%s\"%s%s%s%.0u",
95052df3
ZJS		 1176 k,
1177 rr->caa.flags,
1178 rr->caa.tag,
718af59e
ZJS		 1179 value,
1180 rr->caa.flags ? "\n -- Flags:" : "",
1181 rr->caa.flags & CAA_FLAG_CRITICAL ? " critical" : "",
1182 rr->caa.flags & ~CAA_FLAG_CRITICAL ? " " : "",
1183 rr->caa.flags & ~CAA_FLAG_CRITICAL);
95052df3
ZJS		 1184 if (r < 0)
1185 return NULL;
1186
1187 break;
1188 }
1189
d93a16b8
ZJS		 1190 case DNS_TYPE_OPENPGPKEY: {
1191 int n;
1192
1193 r = asprintf(&s, "%s %n",
1194 k,
1195 &n);
1196 if (r < 0)
1197 return NULL;
1198
1199 r = base64_append(&s, n,
a43a068a 1200 rr->generic.data, rr->generic.data_size,
d93a16b8
ZJS		 1201 8, columns());
1202 if (r < 0)
1203 return NULL;
1204 break;
1205 }
1206
8db0d2f5 1207 default:
a43a068a 1208 t = hexmem(rr->generic.data, rr->generic.data_size);
8db0d2f5 1209 if (!t)
7b50eb2e 1210 return NULL;
8db0d2f5 1211
6af47493 1212 /* Format as documented in RFC 3597, Section 5 */
a43a068a 1213 r = asprintf(&s, "%s \\# %zu %s", k, rr->generic.data_size, t);
d23a27a9 1214 if (r < 0)
7b50eb2e 1215 return NULL;
2d4c5cbc 1216 break;
8db0d2f5 1217 }
2d4c5cbc 1218
7b50eb2e
LP		 1219 rr->to_string = s;
1220 return s;
2d4c5cbc 1221}
322345fd 1222
2e74028a
ZJS		 1223ssize_t dns_resource_record_payload(DnsResourceRecord *rr, void **out) {
1224 assert(rr);
1225 assert(out);
1226
1227 switch(rr->unparseable ? _DNS_TYPE_INVALID : rr->key->type) {
1228 case DNS_TYPE_SRV:
1229 case DNS_TYPE_PTR:
1230 case DNS_TYPE_NS:
1231 case DNS_TYPE_CNAME:
1232 case DNS_TYPE_DNAME:
1233 case DNS_TYPE_HINFO:
1234 case DNS_TYPE_SPF:
1235 case DNS_TYPE_TXT:
1236 case DNS_TYPE_A:
1237 case DNS_TYPE_AAAA:
1238 case DNS_TYPE_SOA:
1239 case DNS_TYPE_MX:
1240 case DNS_TYPE_LOC:
1241 case DNS_TYPE_DS:
1242 case DNS_TYPE_SSHFP:
1243 case DNS_TYPE_DNSKEY:
1244 case DNS_TYPE_RRSIG:
1245 case DNS_TYPE_NSEC:
1246 case DNS_TYPE_NSEC3:
1247 return -EINVAL;
1248
1249 case DNS_TYPE_TLSA:
1250 *out = rr->tlsa.data;
1251 return rr->tlsa.data_size;
1252
1253
1254 case DNS_TYPE_OPENPGPKEY:
1255 default:
1256 *out = rr->generic.data;
1257 return rr->generic.data_size;
1258 }
1259}
1260
a8812dd7
LP		 1261int dns_resource_record_to_wire_format(DnsResourceRecord *rr, bool canonical) {
1262
1263 DnsPacket packet = {
1264 .n_ref = 1,
1265 .protocol = DNS_PROTOCOL_DNS,
1266 .on_stack = true,
1267 .refuse_compression = true,
1268 .canonical_form = canonical,
1269 };
1270
1271 size_t start, rds;
1272 int r;
1273
1274 assert(rr);
1275
1276 /* Generates the RR in wire-format, optionally in the
1277 * canonical form as discussed in the DNSSEC RFC 4034, Section
1278 * 6.2. We allocate a throw-away DnsPacket object on the stack
1279 * here, because we need some book-keeping for memory
1280 * management, and can reuse the DnsPacket serializer, that
1281 * can generate the canonical form, too, but also knows label
1282 * compression and suchlike. */
1283
1284 if (rr->wire_format && rr->wire_format_canonical == canonical)
1285 return 0;
1286
1287 r = dns_packet_append_rr(&packet, rr, &start, &rds);
1288 if (r < 0)
1289 return r;
1290
1291 assert(start == 0);
1292 assert(packet._data);
1293
1294 free(rr->wire_format);
1295 rr->wire_format = packet._data;
1296 rr->wire_format_size = packet.size;
1297 rr->wire_format_rdata_offset = rds;
1298 rr->wire_format_canonical = canonical;
1299
1300 packet._data = NULL;
1301 dns_packet_unref(&packet);
1302
1303 return 0;
1304}
1305
97c67192
LP		 1306int dns_resource_record_signer(DnsResourceRecord *rr, const char **ret) {
1307 const char *n;
1308 int r;
1309
1310 assert(rr);
1311 assert(ret);
1312
1313 /* Returns the RRset's signer, if it is known. */
1314
1315 if (rr->n_skip_labels_signer == (unsigned) -1)
1316 return -ENODATA;
1317
1c02e7ba 1318 n = dns_resource_key_name(rr->key);
97c67192
LP		 1319 r = dns_name_skip(n, rr->n_skip_labels_signer, &n);
1320 if (r < 0)
1321 return r;
1322 if (r == 0)
1323 return -EINVAL;
1324
1325 *ret = n;
1326 return 0;
1327}
1328
1329int dns_resource_record_source(DnsResourceRecord *rr, const char **ret) {
1330 const char *n;
1331 int r;
1332
1333 assert(rr);
1334 assert(ret);
1335
1336 /* Returns the RRset's synthesizing source, if it is known. */
1337
1338 if (rr->n_skip_labels_source == (unsigned) -1)
1339 return -ENODATA;
1340
1c02e7ba 1341 n = dns_resource_key_name(rr->key);
97c67192
LP		 1342 r = dns_name_skip(n, rr->n_skip_labels_source, &n);
1343 if (r < 0)
1344 return r;
1345 if (r == 0)
1346 return -EINVAL;
1347
1348 *ret = n;
1349 return 0;
1350}
1351
1352int dns_resource_record_is_signer(DnsResourceRecord *rr, const char *zone) {
1353 const char *signer;
1354 int r;
1355
ab481675
LP		 1356 assert(rr);
1357
97c67192
LP		 1358 r = dns_resource_record_signer(rr, &signer);
1359 if (r < 0)
1360 return r;
1361
1362 return dns_name_equal(zone, signer);
1363}
1364
ab481675
LP		 1365int dns_resource_record_is_synthetic(DnsResourceRecord *rr) {
1366 int r;
1367
1368 assert(rr);
1369
1370 /* Returns > 0 if the RR is generated from a wildcard, and is not the asterisk name itself */
1371
1372 if (rr->n_skip_labels_source == (unsigned) -1)
1373 return -ENODATA;
1374
1375 if (rr->n_skip_labels_source == 0)
1376 return 0;
1377
1378 if (rr->n_skip_labels_source > 1)
1379 return 1;
1380
1c02e7ba 1381 r = dns_name_startswith(dns_resource_key_name(rr->key), "*");
ab481675
LP		 1382 if (r < 0)
1383 return r;
1384
1385 return !r;
1386}
1387
6d99904f 1388void dns_resource_record_hash_func(const void *i, struct siphash *state) {
c9c72065
LP		 1389 const DnsResourceRecord *rr = i;
1390
1391 assert(rr);
1392
1393 dns_resource_key_hash_func(rr->key, state);
1394
1395 switch (rr->unparseable ? _DNS_TYPE_INVALID : rr->key->type) {
1396
1397 case DNS_TYPE_SRV:
1398 siphash24_compress(&rr->srv.priority, sizeof(rr->srv.priority), state);
1399 siphash24_compress(&rr->srv.weight, sizeof(rr->srv.weight), state);
1400 siphash24_compress(&rr->srv.port, sizeof(rr->srv.port), state);
1401 dns_name_hash_func(rr->srv.name, state);
1402 break;
1403
1404 case DNS_TYPE_PTR:
1405 case DNS_TYPE_NS:
1406 case DNS_TYPE_CNAME:
1407 case DNS_TYPE_DNAME:
1408 dns_name_hash_func(rr->ptr.name, state);
1409 break;
1410
1411 case DNS_TYPE_HINFO:
1412 string_hash_func(rr->hinfo.cpu, state);
1413 string_hash_func(rr->hinfo.os, state);
1414 break;
1415
1416 case DNS_TYPE_TXT:
1417 case DNS_TYPE_SPF: {
1418 DnsTxtItem *j;
1419
1420 LIST_FOREACH(items, j, rr->txt.items) {
1421 siphash24_compress(j->data, j->length, state);
1422
d5115566
LP		 1423 /* Add an extra NUL byte, so that "a" followed by "b" doesn't result in the same hash as "ab"
1424 * followed by "". */
1425 siphash24_compress_byte(0, state);
c9c72065
LP		 1426 }
1427 break;
1428 }
1429
1430 case DNS_TYPE_A:
1431 siphash24_compress(&rr->a.in_addr, sizeof(rr->a.in_addr), state);
1432 break;
1433
1434 case DNS_TYPE_AAAA:
1435 siphash24_compress(&rr->aaaa.in6_addr, sizeof(rr->aaaa.in6_addr), state);
1436 break;
1437
1438 case DNS_TYPE_SOA:
1439 dns_name_hash_func(rr->soa.mname, state);
1440 dns_name_hash_func(rr->soa.rname, state);
1441 siphash24_compress(&rr->soa.serial, sizeof(rr->soa.serial), state);
1442 siphash24_compress(&rr->soa.refresh, sizeof(rr->soa.refresh), state);
1443 siphash24_compress(&rr->soa.retry, sizeof(rr->soa.retry), state);
1444 siphash24_compress(&rr->soa.expire, sizeof(rr->soa.expire), state);
1445 siphash24_compress(&rr->soa.minimum, sizeof(rr->soa.minimum), state);
1446 break;
1447
1448 case DNS_TYPE_MX:
1449 siphash24_compress(&rr->mx.priority, sizeof(rr->mx.priority), state);
1450 dns_name_hash_func(rr->mx.exchange, state);
1451 break;
1452
1453 case DNS_TYPE_LOC:
1454 siphash24_compress(&rr->loc.version, sizeof(rr->loc.version), state);
1455 siphash24_compress(&rr->loc.size, sizeof(rr->loc.size), state);
1456 siphash24_compress(&rr->loc.horiz_pre, sizeof(rr->loc.horiz_pre), state);
1457 siphash24_compress(&rr->loc.vert_pre, sizeof(rr->loc.vert_pre), state);
1458 siphash24_compress(&rr->loc.latitude, sizeof(rr->loc.latitude), state);
1459 siphash24_compress(&rr->loc.longitude, sizeof(rr->loc.longitude), state);
1460 siphash24_compress(&rr->loc.altitude, sizeof(rr->loc.altitude), state);
1461 break;
1462
1463 case DNS_TYPE_SSHFP:
1464 siphash24_compress(&rr->sshfp.algorithm, sizeof(rr->sshfp.algorithm), state);
1465 siphash24_compress(&rr->sshfp.fptype, sizeof(rr->sshfp.fptype), state);
1466 siphash24_compress(rr->sshfp.fingerprint, rr->sshfp.fingerprint_size, state);
1467 break;
1468
1469 case DNS_TYPE_DNSKEY:
1470 siphash24_compress(&rr->dnskey.flags, sizeof(rr->dnskey.flags), state);
1471 siphash24_compress(&rr->dnskey.protocol, sizeof(rr->dnskey.protocol), state);
1472 siphash24_compress(&rr->dnskey.algorithm, sizeof(rr->dnskey.algorithm), state);
1473 siphash24_compress(rr->dnskey.key, rr->dnskey.key_size, state);
1474 break;
1475
1476 case DNS_TYPE_RRSIG:
1477 siphash24_compress(&rr->rrsig.type_covered, sizeof(rr->rrsig.type_covered), state);
1478 siphash24_compress(&rr->rrsig.algorithm, sizeof(rr->rrsig.algorithm), state);
1479 siphash24_compress(&rr->rrsig.labels, sizeof(rr->rrsig.labels), state);
1480 siphash24_compress(&rr->rrsig.original_ttl, sizeof(rr->rrsig.original_ttl), state);
1481 siphash24_compress(&rr->rrsig.expiration, sizeof(rr->rrsig.expiration), state);
1482 siphash24_compress(&rr->rrsig.inception, sizeof(rr->rrsig.inception), state);
1483 siphash24_compress(&rr->rrsig.key_tag, sizeof(rr->rrsig.key_tag), state);
1484 dns_name_hash_func(rr->rrsig.signer, state);
1485 siphash24_compress(rr->rrsig.signature, rr->rrsig.signature_size, state);
1486 break;
1487
1488 case DNS_TYPE_NSEC:
1489 dns_name_hash_func(rr->nsec.next_domain_name, state);
1490 /* FIXME: we leave out the type bitmap here. Hash
1491 * would be better if we'd take it into account
1492 * too. */
1493 break;
1494
1495 case DNS_TYPE_DS:
1496 siphash24_compress(&rr->ds.key_tag, sizeof(rr->ds.key_tag), state);
1497 siphash24_compress(&rr->ds.algorithm, sizeof(rr->ds.algorithm), state);
1498 siphash24_compress(&rr->ds.digest_type, sizeof(rr->ds.digest_type), state);
1499 siphash24_compress(rr->ds.digest, rr->ds.digest_size, state);
1500 break;
1501
1502 case DNS_TYPE_NSEC3:
1503 siphash24_compress(&rr->nsec3.algorithm, sizeof(rr->nsec3.algorithm), state);
1504 siphash24_compress(&rr->nsec3.flags, sizeof(rr->nsec3.flags), state);
1505 siphash24_compress(&rr->nsec3.iterations, sizeof(rr->nsec3.iterations), state);
1506 siphash24_compress(rr->nsec3.salt, rr->nsec3.salt_size, state);
1507 siphash24_compress(rr->nsec3.next_hashed_name, rr->nsec3.next_hashed_name_size, state);
1508 /* FIXME: We leave the bitmaps out */
1509 break;
48d45d2b
ZJS		 1510
1511 case DNS_TYPE_TLSA:
1512 siphash24_compress(&rr->tlsa.cert_usage, sizeof(rr->tlsa.cert_usage), state);
1513 siphash24_compress(&rr->tlsa.selector, sizeof(rr->tlsa.selector), state);
1514 siphash24_compress(&rr->tlsa.matching_type, sizeof(rr->tlsa.matching_type), state);
fa45182e 1515 siphash24_compress(rr->tlsa.data, rr->tlsa.data_size, state);
48d45d2b 1516 break;
c9c72065 1517
95052df3
ZJS		 1518 case DNS_TYPE_CAA:
1519 siphash24_compress(&rr->caa.flags, sizeof(rr->caa.flags), state);
1520 string_hash_func(rr->caa.tag, state);
1521 siphash24_compress(rr->caa.value, rr->caa.value_size, state);
48d45d2b 1522 break;
c9c72065 1523
d93a16b8 1524 case DNS_TYPE_OPENPGPKEY:
c9c72065 1525 default:
a43a068a 1526 siphash24_compress(rr->generic.data, rr->generic.data_size, state);
c9c72065
LP		 1527 break;
1528 }
1529}
1530
1531static int dns_resource_record_compare_func(const void *a, const void *b) {
1532 const DnsResourceRecord *x = a, *y = b;
1533 int ret;
1534
1535 ret = dns_resource_key_compare_func(x->key, y->key);
1536 if (ret != 0)
1537 return ret;
1538
1539 if (dns_resource_record_equal(x, y))
1540 return 0;
1541
1f133e0d 1542 /* This is a bit dirty, we don't implement proper ordering, but
c9c72065
LP		 1543 * the hashtable doesn't need ordering anyway, hence we don't
1544 * care. */
1545 return x < y ? -1 : 1;
1546}
1547
1548const struct hash_ops dns_resource_record_hash_ops = {
1549 .hash = dns_resource_record_hash_func,
1550 .compare = dns_resource_record_compare_func,
1551};
1552
2001c805
LP		 1553DnsTxtItem *dns_txt_item_free_all(DnsTxtItem *i) {
1554 DnsTxtItem *n;
1555
1556 if (!i)
1557 return NULL;
1558
1559 n = i->items_next;
1560
1561 free(i);
1562 return dns_txt_item_free_all(n);
1563}
1564
1565bool dns_txt_item_equal(DnsTxtItem *a, DnsTxtItem *b) {
1566
4d247a6c
LP		 1567 if (a == b)
1568 return true;
1569
2001c805
LP		 1570 if (!a != !b)
1571 return false;
1572
1573 if (!a)
1574 return true;
1575
1576 if (a->length != b->length)
1577 return false;
1578
1579 if (memcmp(a->data, b->data, a->length) != 0)
1580 return false;
1581
1582 return dns_txt_item_equal(a->items_next, b->items_next);
1583}
8730bccf
LP		 1584
1585static const char* const dnssec_algorithm_table[_DNSSEC_ALGORITHM_MAX_DEFINED] = {
6f717d08 1586 /* Mnemonics as listed on https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml */
8730bccf
LP		 1587 [DNSSEC_ALGORITHM_RSAMD5] = "RSAMD5",
1588 [DNSSEC_ALGORITHM_DH] = "DH",
1589 [DNSSEC_ALGORITHM_DSA] = "DSA",
1590 [DNSSEC_ALGORITHM_ECC] = "ECC",
1591 [DNSSEC_ALGORITHM_RSASHA1] = "RSASHA1",
1592 [DNSSEC_ALGORITHM_DSA_NSEC3_SHA1] = "DSA-NSEC3-SHA1",
1593 [DNSSEC_ALGORITHM_RSASHA1_NSEC3_SHA1] = "RSASHA1-NSEC3-SHA1",
1594 [DNSSEC_ALGORITHM_RSASHA256] = "RSASHA256",
1595 [DNSSEC_ALGORITHM_RSASHA512] = "RSASHA512",
6f717d08
LP		 1596 [DNSSEC_ALGORITHM_ECC_GOST] = "ECC-GOST",
1597 [DNSSEC_ALGORITHM_ECDSAP256SHA256] = "ECDSAP256SHA256",
1598 [DNSSEC_ALGORITHM_ECDSAP384SHA384] = "ECDSAP384SHA384",
8730bccf
LP		 1599 [DNSSEC_ALGORITHM_INDIRECT] = "INDIRECT",
1600 [DNSSEC_ALGORITHM_PRIVATEDNS] = "PRIVATEDNS",
1601 [DNSSEC_ALGORITHM_PRIVATEOID] = "PRIVATEOID",
1602};
8e54f5d9 1603DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(dnssec_algorithm, int, 255);
8730bccf
LP		 1604
1605static const char* const dnssec_digest_table[_DNSSEC_DIGEST_MAX_DEFINED] = {
6f717d08
LP		 1606 /* Names as listed on https://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml */
1607 [DNSSEC_DIGEST_SHA1] = "SHA-1",
1608 [DNSSEC_DIGEST_SHA256] = "SHA-256",
1609 [DNSSEC_DIGEST_GOST_R_34_11_94] = "GOST_R_34.11-94",
1610 [DNSSEC_DIGEST_SHA384] = "SHA-384",
8730bccf 1611};
8e54f5d9 1612DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(dnssec_digest, int, 255);
Unnamed repository; edit this file 'description' to name the repository.