]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/resolve/resolved-dns-rr.h
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #8025 from sourcejedi/pid1_journal_or2
[thirdparty/systemd.git] / src / resolve / resolved-dns-rr.h
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 #pragma once
3
4 /***
5 This file is part of systemd.
6
7 Copyright 2014 Lennart Poettering
8
9 systemd is free software; you can redistribute it and/or modify it
10 under the terms of the GNU Lesser General Public License as published by
11 the Free Software Foundation; either version 2.1 of the License, or
12 (at your option) any later version.
13
14 systemd is distributed in the hope that it will be useful, but
15 WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 Lesser General Public License for more details.
18
19 You should have received a copy of the GNU Lesser General Public License
20 along with systemd; If not, see <http://www.gnu.org/licenses/>.
21 ***/
22
23 #include <netinet/in.h>
24
25 #include "bitmap.h"
26 #include "dns-type.h"
27 #include "hashmap.h"
28 #include "in-addr-util.h"
29 #include "list.h"
30 #include "string-util.h"
31
32 typedef struct DnsResourceKey DnsResourceKey;
33 typedef struct DnsResourceRecord DnsResourceRecord;
34 typedef struct DnsTxtItem DnsTxtItem;
35
36 /* DNSKEY RR flags */
37 #define DNSKEY_FLAG_SEP (UINT16_C(1) << 0)
38 #define DNSKEY_FLAG_REVOKE (UINT16_C(1) << 7)
39 #define DNSKEY_FLAG_ZONE_KEY (UINT16_C(1) << 8)
40
41 /* mDNS RR flags */
42 #define MDNS_RR_CACHE_FLUSH (UINT16_C(1) << 15)
43
44 /* DNSSEC algorithm identifiers, see
45 * http://tools.ietf.org/html/rfc4034#appendix-A.1 and
46 * https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml */
47 enum {
48 DNSSEC_ALGORITHM_RSAMD5 = 1,
49 DNSSEC_ALGORITHM_DH,
50 DNSSEC_ALGORITHM_DSA,
51 DNSSEC_ALGORITHM_ECC,
52 DNSSEC_ALGORITHM_RSASHA1,
53 DNSSEC_ALGORITHM_DSA_NSEC3_SHA1,
54 DNSSEC_ALGORITHM_RSASHA1_NSEC3_SHA1,
55 DNSSEC_ALGORITHM_RSASHA256 = 8, /* RFC 5702 */
56 DNSSEC_ALGORITHM_RSASHA512 = 10, /* RFC 5702 */
57 DNSSEC_ALGORITHM_ECC_GOST = 12, /* RFC 5933 */
58 DNSSEC_ALGORITHM_ECDSAP256SHA256 = 13, /* RFC 6605 */
59 DNSSEC_ALGORITHM_ECDSAP384SHA384 = 14, /* RFC 6605 */
60 DNSSEC_ALGORITHM_ED25519 = 15, /* RFC 8080 */
61 DNSSEC_ALGORITHM_ED448 = 16, /* RFC 8080 */
62 DNSSEC_ALGORITHM_INDIRECT = 252,
63 DNSSEC_ALGORITHM_PRIVATEDNS,
64 DNSSEC_ALGORITHM_PRIVATEOID,
65 _DNSSEC_ALGORITHM_MAX_DEFINED
66 };
67
68 /* DNSSEC digest identifiers, see
69 * https://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml */
70 enum {
71 DNSSEC_DIGEST_SHA1 = 1,
72 DNSSEC_DIGEST_SHA256 = 2, /* RFC 4509 */
73 DNSSEC_DIGEST_GOST_R_34_11_94 = 3, /* RFC 5933 */
74 DNSSEC_DIGEST_SHA384 = 4, /* RFC 6605 */
75 _DNSSEC_DIGEST_MAX_DEFINED
76 };
77
78 /* DNSSEC NSEC3 hash algorithms, see
79 * https://www.iana.org/assignments/dnssec-nsec3-parameters/dnssec-nsec3-parameters.xhtml */
80 enum {
81 NSEC3_ALGORITHM_SHA1 = 1,
82 _NSEC3_ALGORITHM_MAX_DEFINED
83 };
84
85 struct DnsResourceKey {
86 unsigned n_ref; /* (unsigned -1) for const keys, see below */
87 uint16_t class, type;
88 char *_name; /* don't access directly, use dns_resource_key_name()! */
89 };
90
91 /* Creates a temporary resource key. This is only useful to quickly
92 * look up something, without allocating a full DnsResourceKey object
93 * for it. Note that it is not OK to take references to this kind of
94 * resource key object. */
95 #define DNS_RESOURCE_KEY_CONST(c, t, n) \
96 ((DnsResourceKey) { \
97 .n_ref = (unsigned) -1, \
98 .class = c, \
99 .type = t, \
100 ._name = (char*) n, \
101 })
102
103
104 struct DnsTxtItem {
105 size_t length;
106 LIST_FIELDS(DnsTxtItem, items);
107 uint8_t data[];
108 };
109
110 struct DnsResourceRecord {
111 unsigned n_ref;
112 DnsResourceKey *key;
113
114 char *to_string;
115
116 uint32_t ttl;
117 usec_t expiry; /* RRSIG signature expiry */
118
119 /* How many labels to strip to determine "signer" of the RRSIG (aka, the zone). -1 if not signed. */
120 unsigned n_skip_labels_signer;
121 /* How many labels to strip to determine "synthesizing source" of this RR, i.e. the wildcard's immediate parent. -1 if not signed. */
122 unsigned n_skip_labels_source;
123
124 bool unparseable:1;
125
126 bool wire_format_canonical:1;
127 void *wire_format;
128 size_t wire_format_size;
129 size_t wire_format_rdata_offset;
130
131 union {
132 struct {
133 void *data;
134 size_t data_size;
135 } generic, opt;
136
137 struct {
138 uint16_t priority;
139 uint16_t weight;
140 uint16_t port;
141 char *name;
142 } srv;
143
144 struct {
145 char *name;
146 } ptr, ns, cname, dname;
147
148 struct {
149 char *cpu;
150 char *os;
151 } hinfo;
152
153 struct {
154 DnsTxtItem *items;
155 } txt, spf;
156
157 struct {
158 struct in_addr in_addr;
159 } a;
160
161 struct {
162 struct in6_addr in6_addr;
163 } aaaa;
164
165 struct {
166 char *mname;
167 char *rname;
168 uint32_t serial;
169 uint32_t refresh;
170 uint32_t retry;
171 uint32_t expire;
172 uint32_t minimum;
173 } soa;
174
175 struct {
176 uint16_t priority;
177 char *exchange;
178 } mx;
179
180 /* https://tools.ietf.org/html/rfc1876 */
181 struct {
182 uint8_t version;
183 uint8_t size;
184 uint8_t horiz_pre;
185 uint8_t vert_pre;
186 uint32_t latitude;
187 uint32_t longitude;
188 uint32_t altitude;
189 } loc;
190
191 /* https://tools.ietf.org/html/rfc4255#section-3.1 */
192 struct {
193 uint8_t algorithm;
194 uint8_t fptype;
195 void *fingerprint;
196 size_t fingerprint_size;
197 } sshfp;
198
199 /* http://tools.ietf.org/html/rfc4034#section-2.1 */
200 struct {
201 uint16_t flags;
202 uint8_t protocol;
203 uint8_t algorithm;
204 void* key;
205 size_t key_size;
206 } dnskey;
207
208 /* http://tools.ietf.org/html/rfc4034#section-3.1 */
209 struct {
210 uint16_t type_covered;
211 uint8_t algorithm;
212 uint8_t labels;
213 uint32_t original_ttl;
214 uint32_t expiration;
215 uint32_t inception;
216 uint16_t key_tag;
217 char *signer;
218 void *signature;
219 size_t signature_size;
220 } rrsig;
221
222 /* https://tools.ietf.org/html/rfc4034#section-4.1 */
223 struct {
224 char *next_domain_name;
225 Bitmap *types;
226 } nsec;
227
228 /* https://tools.ietf.org/html/rfc4034#section-5.1 */
229 struct {
230 uint16_t key_tag;
231 uint8_t algorithm;
232 uint8_t digest_type;
233 void *digest;
234 size_t digest_size;
235 } ds;
236
237 struct {
238 uint8_t algorithm;
239 uint8_t flags;
240 uint16_t iterations;
241 void *salt;
242 size_t salt_size;
243 void *next_hashed_name;
244 size_t next_hashed_name_size;
245 Bitmap *types;
246 } nsec3;
247
248 /* https://tools.ietf.org/html/draft-ietf-dane-protocol-23 */
249 struct {
250 uint8_t cert_usage;
251 uint8_t selector;
252 uint8_t matching_type;
253 void *data;
254 size_t data_size;
255 } tlsa;
256
257 /* https://tools.ietf.org/html/rfc6844 */
258 struct {
259 uint8_t flags;
260 char *tag;
261 void *value;
262 size_t value_size;
263 } caa;
264 };
265 };
266
267 static inline const void* DNS_RESOURCE_RECORD_RDATA(DnsResourceRecord *rr) {
268 if (!rr)
269 return NULL;
270
271 if (!rr->wire_format)
272 return NULL;
273
274 assert(rr->wire_format_rdata_offset <= rr->wire_format_size);
275 return (uint8_t*) rr->wire_format + rr->wire_format_rdata_offset;
276 }
277
278 static inline size_t DNS_RESOURCE_RECORD_RDATA_SIZE(DnsResourceRecord *rr) {
279 if (!rr)
280 return 0;
281 if (!rr->wire_format)
282 return 0;
283
284 assert(rr->wire_format_rdata_offset <= rr->wire_format_size);
285 return rr->wire_format_size - rr->wire_format_rdata_offset;
286 }
287
288 static inline uint8_t DNS_RESOURCE_RECORD_OPT_VERSION_SUPPORTED(DnsResourceRecord *rr) {
289 assert(rr);
290 assert(rr->key->type == DNS_TYPE_OPT);
291
292 return ((rr->ttl >> 16) & 0xFF) == 0;
293 }
294
295 DnsResourceKey* dns_resource_key_new(uint16_t class, uint16_t type, const char *name);
296 DnsResourceKey* dns_resource_key_new_redirect(const DnsResourceKey *key, const DnsResourceRecord *cname);
297 int dns_resource_key_new_append_suffix(DnsResourceKey **ret, DnsResourceKey *key, char *name);
298 DnsResourceKey* dns_resource_key_new_consume(uint16_t class, uint16_t type, char *name);
299 DnsResourceKey* dns_resource_key_ref(DnsResourceKey *key);
300 DnsResourceKey* dns_resource_key_unref(DnsResourceKey *key);
301 const char* dns_resource_key_name(const DnsResourceKey *key);
302 bool dns_resource_key_is_address(const DnsResourceKey *key);
303 bool dns_resource_key_is_dnssd_ptr(const DnsResourceKey *key);
304 int dns_resource_key_equal(const DnsResourceKey *a, const DnsResourceKey *b);
305 int dns_resource_key_match_rr(const DnsResourceKey *key, DnsResourceRecord *rr, const char *search_domain);
306 int dns_resource_key_match_cname_or_dname(const DnsResourceKey *key, const DnsResourceKey *cname, const char *search_domain);
307 int dns_resource_key_match_soa(const DnsResourceKey *key, const DnsResourceKey *soa);
308
309 /* _DNS_{CLASS,TYPE}_STRING_MAX include one byte for NUL, which we use for space instead below.
310 * DNS_HOSTNAME_MAX does not include the NUL byte, so we need to add 1. */
311 #define DNS_RESOURCE_KEY_STRING_MAX (_DNS_CLASS_STRING_MAX + _DNS_TYPE_STRING_MAX + DNS_HOSTNAME_MAX + 1)
312
313 char* dns_resource_key_to_string(const DnsResourceKey *key, char *buf, size_t buf_size);
314 ssize_t dns_resource_record_payload(DnsResourceRecord *rr, void **out);
315
316 DEFINE_TRIVIAL_CLEANUP_FUNC(DnsResourceKey*, dns_resource_key_unref);
317
318 static inline bool dns_key_is_shared(const DnsResourceKey *key) {
319 return IN_SET(key->type, DNS_TYPE_PTR);
320 }
321
322 bool dns_resource_key_reduce(DnsResourceKey **a, DnsResourceKey **b);
323
324 DnsResourceRecord* dns_resource_record_new(DnsResourceKey *key);
325 DnsResourceRecord* dns_resource_record_new_full(uint16_t class, uint16_t type, const char *name);
326 DnsResourceRecord* dns_resource_record_ref(DnsResourceRecord *rr);
327 DnsResourceRecord* dns_resource_record_unref(DnsResourceRecord *rr);
328 int dns_resource_record_new_reverse(DnsResourceRecord **ret, int family, const union in_addr_union *address, const char *name);
329 int dns_resource_record_new_address(DnsResourceRecord **ret, int family, const union in_addr_union *address, const char *name);
330 int dns_resource_record_equal(const DnsResourceRecord *a, const DnsResourceRecord *b);
331 const char* dns_resource_record_to_string(DnsResourceRecord *rr);
332 DnsResourceRecord *dns_resource_record_copy(DnsResourceRecord *rr);
333 DEFINE_TRIVIAL_CLEANUP_FUNC(DnsResourceRecord*, dns_resource_record_unref);
334
335 int dns_resource_record_to_wire_format(DnsResourceRecord *rr, bool canonical);
336
337 int dns_resource_record_signer(DnsResourceRecord *rr, const char **ret);
338 int dns_resource_record_source(DnsResourceRecord *rr, const char **ret);
339 int dns_resource_record_is_signer(DnsResourceRecord *rr, const char *zone);
340 int dns_resource_record_is_synthetic(DnsResourceRecord *rr);
341
342 int dns_resource_record_clamp_ttl(DnsResourceRecord **rr, uint32_t max_ttl);
343
344 DnsTxtItem *dns_txt_item_free_all(DnsTxtItem *i);
345 bool dns_txt_item_equal(DnsTxtItem *a, DnsTxtItem *b);
346 DnsTxtItem *dns_txt_item_copy(DnsTxtItem *i);
347 int dns_txt_item_new_empty(DnsTxtItem **ret);
348
349 void dns_resource_record_hash_func(const void *i, struct siphash *state);
350
351 extern const struct hash_ops dns_resource_key_hash_ops;
352 extern const struct hash_ops dns_resource_record_hash_ops;
353
354 int dnssec_algorithm_to_string_alloc(int i, char **ret);
355 int dnssec_algorithm_from_string(const char *s) _pure_;
356
357 int dnssec_digest_to_string_alloc(int i, char **ret);
358 int dnssec_digest_from_string(const char *s) _pure_;
Unnamed repository; edit this file 'description' to name the repository.