]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/resolve/resolved-dns-rr.h
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #8575 from keszybz/non-absolute-paths
[thirdparty/systemd.git] / src / resolve / resolved-dns-rr.h
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 #pragma once
3
4 /***
5 This file is part of systemd.
6
7 Copyright 2014 Lennart Poettering
8 ***/
9
10 #include <netinet/in.h>
11
12 #include "bitmap.h"
13 #include "dns-type.h"
14 #include "hashmap.h"
15 #include "in-addr-util.h"
16 #include "list.h"
17 #include "string-util.h"
18
19 typedef struct DnsResourceKey DnsResourceKey;
20 typedef struct DnsResourceRecord DnsResourceRecord;
21 typedef struct DnsTxtItem DnsTxtItem;
22
23 /* DNSKEY RR flags */
24 #define DNSKEY_FLAG_SEP (UINT16_C(1) << 0)
25 #define DNSKEY_FLAG_REVOKE (UINT16_C(1) << 7)
26 #define DNSKEY_FLAG_ZONE_KEY (UINT16_C(1) << 8)
27
28 /* mDNS RR flags */
29 #define MDNS_RR_CACHE_FLUSH (UINT16_C(1) << 15)
30
31 /* DNSSEC algorithm identifiers, see
32 * http://tools.ietf.org/html/rfc4034#appendix-A.1 and
33 * https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml */
34 enum {
35 DNSSEC_ALGORITHM_RSAMD5 = 1,
36 DNSSEC_ALGORITHM_DH,
37 DNSSEC_ALGORITHM_DSA,
38 DNSSEC_ALGORITHM_ECC,
39 DNSSEC_ALGORITHM_RSASHA1,
40 DNSSEC_ALGORITHM_DSA_NSEC3_SHA1,
41 DNSSEC_ALGORITHM_RSASHA1_NSEC3_SHA1,
42 DNSSEC_ALGORITHM_RSASHA256 = 8, /* RFC 5702 */
43 DNSSEC_ALGORITHM_RSASHA512 = 10, /* RFC 5702 */
44 DNSSEC_ALGORITHM_ECC_GOST = 12, /* RFC 5933 */
45 DNSSEC_ALGORITHM_ECDSAP256SHA256 = 13, /* RFC 6605 */
46 DNSSEC_ALGORITHM_ECDSAP384SHA384 = 14, /* RFC 6605 */
47 DNSSEC_ALGORITHM_ED25519 = 15, /* RFC 8080 */
48 DNSSEC_ALGORITHM_ED448 = 16, /* RFC 8080 */
49 DNSSEC_ALGORITHM_INDIRECT = 252,
50 DNSSEC_ALGORITHM_PRIVATEDNS,
51 DNSSEC_ALGORITHM_PRIVATEOID,
52 _DNSSEC_ALGORITHM_MAX_DEFINED
53 };
54
55 /* DNSSEC digest identifiers, see
56 * https://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml */
57 enum {
58 DNSSEC_DIGEST_SHA1 = 1,
59 DNSSEC_DIGEST_SHA256 = 2, /* RFC 4509 */
60 DNSSEC_DIGEST_GOST_R_34_11_94 = 3, /* RFC 5933 */
61 DNSSEC_DIGEST_SHA384 = 4, /* RFC 6605 */
62 _DNSSEC_DIGEST_MAX_DEFINED
63 };
64
65 /* DNSSEC NSEC3 hash algorithms, see
66 * https://www.iana.org/assignments/dnssec-nsec3-parameters/dnssec-nsec3-parameters.xhtml */
67 enum {
68 NSEC3_ALGORITHM_SHA1 = 1,
69 _NSEC3_ALGORITHM_MAX_DEFINED
70 };
71
72 struct DnsResourceKey {
73 unsigned n_ref; /* (unsigned -1) for const keys, see below */
74 uint16_t class, type;
75 char *_name; /* don't access directly, use dns_resource_key_name()! */
76 };
77
78 /* Creates a temporary resource key. This is only useful to quickly
79 * look up something, without allocating a full DnsResourceKey object
80 * for it. Note that it is not OK to take references to this kind of
81 * resource key object. */
82 #define DNS_RESOURCE_KEY_CONST(c, t, n) \
83 ((DnsResourceKey) { \
84 .n_ref = (unsigned) -1, \
85 .class = c, \
86 .type = t, \
87 ._name = (char*) n, \
88 })
89
90
91 struct DnsTxtItem {
92 size_t length;
93 LIST_FIELDS(DnsTxtItem, items);
94 uint8_t data[];
95 };
96
97 struct DnsResourceRecord {
98 unsigned n_ref;
99 DnsResourceKey *key;
100
101 char *to_string;
102
103 uint32_t ttl;
104 usec_t expiry; /* RRSIG signature expiry */
105
106 /* How many labels to strip to determine "signer" of the RRSIG (aka, the zone). -1 if not signed. */
107 unsigned n_skip_labels_signer;
108 /* How many labels to strip to determine "synthesizing source" of this RR, i.e. the wildcard's immediate parent. -1 if not signed. */
109 unsigned n_skip_labels_source;
110
111 bool unparseable:1;
112
113 bool wire_format_canonical:1;
114 void *wire_format;
115 size_t wire_format_size;
116 size_t wire_format_rdata_offset;
117
118 union {
119 struct {
120 void *data;
121 size_t data_size;
122 } generic, opt;
123
124 struct {
125 uint16_t priority;
126 uint16_t weight;
127 uint16_t port;
128 char *name;
129 } srv;
130
131 struct {
132 char *name;
133 } ptr, ns, cname, dname;
134
135 struct {
136 char *cpu;
137 char *os;
138 } hinfo;
139
140 struct {
141 DnsTxtItem *items;
142 } txt, spf;
143
144 struct {
145 struct in_addr in_addr;
146 } a;
147
148 struct {
149 struct in6_addr in6_addr;
150 } aaaa;
151
152 struct {
153 char *mname;
154 char *rname;
155 uint32_t serial;
156 uint32_t refresh;
157 uint32_t retry;
158 uint32_t expire;
159 uint32_t minimum;
160 } soa;
161
162 struct {
163 uint16_t priority;
164 char *exchange;
165 } mx;
166
167 /* https://tools.ietf.org/html/rfc1876 */
168 struct {
169 uint8_t version;
170 uint8_t size;
171 uint8_t horiz_pre;
172 uint8_t vert_pre;
173 uint32_t latitude;
174 uint32_t longitude;
175 uint32_t altitude;
176 } loc;
177
178 /* https://tools.ietf.org/html/rfc4255#section-3.1 */
179 struct {
180 uint8_t algorithm;
181 uint8_t fptype;
182 void *fingerprint;
183 size_t fingerprint_size;
184 } sshfp;
185
186 /* http://tools.ietf.org/html/rfc4034#section-2.1 */
187 struct {
188 uint16_t flags;
189 uint8_t protocol;
190 uint8_t algorithm;
191 void* key;
192 size_t key_size;
193 } dnskey;
194
195 /* http://tools.ietf.org/html/rfc4034#section-3.1 */
196 struct {
197 uint16_t type_covered;
198 uint8_t algorithm;
199 uint8_t labels;
200 uint32_t original_ttl;
201 uint32_t expiration;
202 uint32_t inception;
203 uint16_t key_tag;
204 char *signer;
205 void *signature;
206 size_t signature_size;
207 } rrsig;
208
209 /* https://tools.ietf.org/html/rfc4034#section-4.1 */
210 struct {
211 char *next_domain_name;
212 Bitmap *types;
213 } nsec;
214
215 /* https://tools.ietf.org/html/rfc4034#section-5.1 */
216 struct {
217 uint16_t key_tag;
218 uint8_t algorithm;
219 uint8_t digest_type;
220 void *digest;
221 size_t digest_size;
222 } ds;
223
224 struct {
225 uint8_t algorithm;
226 uint8_t flags;
227 uint16_t iterations;
228 void *salt;
229 size_t salt_size;
230 void *next_hashed_name;
231 size_t next_hashed_name_size;
232 Bitmap *types;
233 } nsec3;
234
235 /* https://tools.ietf.org/html/draft-ietf-dane-protocol-23 */
236 struct {
237 uint8_t cert_usage;
238 uint8_t selector;
239 uint8_t matching_type;
240 void *data;
241 size_t data_size;
242 } tlsa;
243
244 /* https://tools.ietf.org/html/rfc6844 */
245 struct {
246 uint8_t flags;
247 char *tag;
248 void *value;
249 size_t value_size;
250 } caa;
251 };
252 };
253
254 static inline const void* DNS_RESOURCE_RECORD_RDATA(DnsResourceRecord *rr) {
255 if (!rr)
256 return NULL;
257
258 if (!rr->wire_format)
259 return NULL;
260
261 assert(rr->wire_format_rdata_offset <= rr->wire_format_size);
262 return (uint8_t*) rr->wire_format + rr->wire_format_rdata_offset;
263 }
264
265 static inline size_t DNS_RESOURCE_RECORD_RDATA_SIZE(DnsResourceRecord *rr) {
266 if (!rr)
267 return 0;
268 if (!rr->wire_format)
269 return 0;
270
271 assert(rr->wire_format_rdata_offset <= rr->wire_format_size);
272 return rr->wire_format_size - rr->wire_format_rdata_offset;
273 }
274
275 static inline uint8_t DNS_RESOURCE_RECORD_OPT_VERSION_SUPPORTED(DnsResourceRecord *rr) {
276 assert(rr);
277 assert(rr->key->type == DNS_TYPE_OPT);
278
279 return ((rr->ttl >> 16) & 0xFF) == 0;
280 }
281
282 DnsResourceKey* dns_resource_key_new(uint16_t class, uint16_t type, const char *name);
283 DnsResourceKey* dns_resource_key_new_redirect(const DnsResourceKey *key, const DnsResourceRecord *cname);
284 int dns_resource_key_new_append_suffix(DnsResourceKey **ret, DnsResourceKey *key, char *name);
285 DnsResourceKey* dns_resource_key_new_consume(uint16_t class, uint16_t type, char *name);
286 DnsResourceKey* dns_resource_key_ref(DnsResourceKey *key);
287 DnsResourceKey* dns_resource_key_unref(DnsResourceKey *key);
288 const char* dns_resource_key_name(const DnsResourceKey *key);
289 bool dns_resource_key_is_address(const DnsResourceKey *key);
290 bool dns_resource_key_is_dnssd_ptr(const DnsResourceKey *key);
291 int dns_resource_key_equal(const DnsResourceKey *a, const DnsResourceKey *b);
292 int dns_resource_key_match_rr(const DnsResourceKey *key, DnsResourceRecord *rr, const char *search_domain);
293 int dns_resource_key_match_cname_or_dname(const DnsResourceKey *key, const DnsResourceKey *cname, const char *search_domain);
294 int dns_resource_key_match_soa(const DnsResourceKey *key, const DnsResourceKey *soa);
295
296 /* _DNS_{CLASS,TYPE}_STRING_MAX include one byte for NUL, which we use for space instead below.
297 * DNS_HOSTNAME_MAX does not include the NUL byte, so we need to add 1. */
298 #define DNS_RESOURCE_KEY_STRING_MAX (_DNS_CLASS_STRING_MAX + _DNS_TYPE_STRING_MAX + DNS_HOSTNAME_MAX + 1)
299
300 char* dns_resource_key_to_string(const DnsResourceKey *key, char *buf, size_t buf_size);
301 ssize_t dns_resource_record_payload(DnsResourceRecord *rr, void **out);
302
303 DEFINE_TRIVIAL_CLEANUP_FUNC(DnsResourceKey*, dns_resource_key_unref);
304
305 static inline bool dns_key_is_shared(const DnsResourceKey *key) {
306 return IN_SET(key->type, DNS_TYPE_PTR);
307 }
308
309 bool dns_resource_key_reduce(DnsResourceKey **a, DnsResourceKey **b);
310
311 DnsResourceRecord* dns_resource_record_new(DnsResourceKey *key);
312 DnsResourceRecord* dns_resource_record_new_full(uint16_t class, uint16_t type, const char *name);
313 DnsResourceRecord* dns_resource_record_ref(DnsResourceRecord *rr);
314 DnsResourceRecord* dns_resource_record_unref(DnsResourceRecord *rr);
315 int dns_resource_record_new_reverse(DnsResourceRecord **ret, int family, const union in_addr_union *address, const char *name);
316 int dns_resource_record_new_address(DnsResourceRecord **ret, int family, const union in_addr_union *address, const char *name);
317 int dns_resource_record_equal(const DnsResourceRecord *a, const DnsResourceRecord *b);
318 const char* dns_resource_record_to_string(DnsResourceRecord *rr);
319 DnsResourceRecord *dns_resource_record_copy(DnsResourceRecord *rr);
320 DEFINE_TRIVIAL_CLEANUP_FUNC(DnsResourceRecord*, dns_resource_record_unref);
321
322 int dns_resource_record_to_wire_format(DnsResourceRecord *rr, bool canonical);
323
324 int dns_resource_record_signer(DnsResourceRecord *rr, const char **ret);
325 int dns_resource_record_source(DnsResourceRecord *rr, const char **ret);
326 int dns_resource_record_is_signer(DnsResourceRecord *rr, const char *zone);
327 int dns_resource_record_is_synthetic(DnsResourceRecord *rr);
328
329 int dns_resource_record_clamp_ttl(DnsResourceRecord **rr, uint32_t max_ttl);
330
331 DnsTxtItem *dns_txt_item_free_all(DnsTxtItem *i);
332 bool dns_txt_item_equal(DnsTxtItem *a, DnsTxtItem *b);
333 DnsTxtItem *dns_txt_item_copy(DnsTxtItem *i);
334 int dns_txt_item_new_empty(DnsTxtItem **ret);
335
336 void dns_resource_record_hash_func(const void *i, struct siphash *state);
337
338 extern const struct hash_ops dns_resource_key_hash_ops;
339 extern const struct hash_ops dns_resource_record_hash_ops;
340
341 int dnssec_algorithm_to_string_alloc(int i, char **ret);
342 int dnssec_algorithm_from_string(const char *s) _pure_;
343
344 int dnssec_digest_to_string_alloc(int i, char **ret);
345 int dnssec_digest_from_string(const char *s) _pure_;
Unnamed repository; edit this file 'description' to name the repository.