[thirdparty/openvpn.git] / src / openvpn / dns.h

/*
 *  OpenVPN -- An application to securely tunnel IP networks
 *             over a single UDP port, with support for SSL/TLS-based
 *             session authentication and key exchange,
 *             packet encryption, packet authentication, and
 *             packet compression.
 *
 *  Copyright (C) 2022-2024 OpenVPN Inc <sales@openvpn.net>
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License version 2
 *  as published by the Free Software Foundation.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License along
 *  with this program; if not, write to the Free Software Foundation, Inc.,
 *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */

#ifndef DNS_H
#define DNS_H

#include "buffer.h"
#include "env_set.h"

enum dns_security {
    DNS_SECURITY_UNSET,
    DNS_SECURITY_NO,
    DNS_SECURITY_YES,
    DNS_SECURITY_OPTIONAL
};

enum dns_server_transport {
    DNS_TRANSPORT_UNSET,
    DNS_TRANSPORT_PLAIN,
    DNS_TRANSPORT_HTTPS,
    DNS_TRANSPORT_TLS
};

struct dns_domain {
    struct dns_domain *next;
    const char *name;
};

struct dns_server_addr
{
    union {
        struct in_addr a4;
        struct in6_addr a6;
    } in;
    sa_family_t family;
    in_port_t port;
};

struct dns_server {
    struct dns_server *next;
    long priority;
    size_t addr_count;
    struct dns_server_addr addr[8];
    struct dns_domain *domains;
    enum dns_security dnssec;
    enum dns_server_transport transport;
    const char *sni;
};

struct dns_options {
    struct dns_domain *search_domains;
    struct dns_server *servers_prepull;
    struct dns_server *servers;
    struct gc_arena gc;
};

/**
 * Parses a string DNS server priority and validates it.
 *
 * @param   priority    Pointer to where the priority should be stored
 * @param   str         Priority string to parse
 * @param   pulled      Whether this was pulled from a server
 * @return              True if priority in string is valid
 */
bool dns_server_priority_parse(long *priority, const char *str, bool pulled);

/**
 * Find or create DNS server with priority in a linked list.
 * The list is ordered by priority.
 *
 * @param   entry       Address of the first list entry pointer
 * @param   priority    Priority of the DNS server to find / create
 * @param   gc          The gc new list items should be allocated in
 */
struct dns_server *dns_server_get(struct dns_server **entry, long priority, struct gc_arena *gc);

/**
 * Appends DNS domain parameters to a linked list.
 *
 * @param   entry       Address of the first list entry pointer
 * @param   domains     Address of the first domain parameter
 * @param   gc          The gc the new list items should be allocated in
 */
void dns_domain_list_append(struct dns_domain **entry, char **domains, struct gc_arena *gc);

/**
 * Parses a string IPv4 or IPv6 address and optional colon separated port,
 * into a in_addr or in6_addr respectively plus a in_port_t port.
 *
 * @param   server      Pointer to DNS server the address is parsed for
 * @param   addr        Address as string
 * @return              True if parsing was successful
 */
bool dns_server_addr_parse(struct dns_server *server, const char *addr);

/**
 * Checks validity of DNS options
 *
 * @param   msglevel    The message level to log errors with
 * @param   o           Pointer to the DNS options to validate
 * @return              True if no error was found
 */
bool dns_options_verify(int msglevel, const struct dns_options *o);

/**
 * Makes a deep copy of the passed DNS options.
 *
 * @param   o           Pointer to the DNS options to clone
 * @param   gc          Pointer to the gc_arena to use for the clone
 * @return              The dns_options clone
 */
struct dns_options clone_dns_options(const struct dns_options o, struct gc_arena *gc);

/**
 * Saves and resets the server options, so that pulled ones don't mix in.
 *
 * @param   o           Pointer to the DNS options to modify
 */
void dns_options_preprocess_pull(struct dns_options *o);

/**
 * Merges pulled DNS servers with static ones into an ordered list.
 *
 * @param   o           Pointer to the DNS options to modify
 */
void dns_options_postprocess_pull(struct dns_options *o);

/**
 * Puts the DNS options into an environment set.
 *
 * @param   o           Pointer to the DNS options to set
 * @param   es          Pointer to the env_set to set the options into
 */
void setenv_dns_options(const struct dns_options *o, struct env_set *es);

/**
 * Prints configured DNS options.
 *
 * @param   o           Pointer to the DNS options to print
 */
void show_dns_options(const struct dns_options *o);

#endif /* ifndef DNS_H */
Commit	Line	Data
b3e0d95d HH	1	/*
	2	* OpenVPN -- An application to securely tunnel IP networks
	3	* over a single UDP port, with support for SSL/TLS-based
	4	* session authentication and key exchange,
	5	* packet encryption, packet authentication, and
	6	* packet compression.
	7	*
b25c6d7e	8	* Copyright (C) 2022-2024 OpenVPN Inc <sales@openvpn.net>
b3e0d95d HH	9	*
	10	* This program is free software; you can redistribute it and/or modify
	11	* it under the terms of the GNU General Public License version 2
	12	* as published by the Free Software Foundation.
	13	*
	14	* This program is distributed in the hope that it will be useful,
	15	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	16	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	17	* GNU General Public License for more details.
	18	*
	19	* You should have received a copy of the GNU General Public License along
	20	* with this program; if not, write to the Free Software Foundation, Inc.,
	21	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	22	*/
	23
	24	#ifndef DNS_H
	25	#define DNS_H
	26
	27	#include "buffer.h"
	28	#include "env_set.h"
	29
b3e0d95d HH	30	enum dns_security {
	31	DNS_SECURITY_UNSET,
	32	DNS_SECURITY_NO,
	33	DNS_SECURITY_YES,
	34	DNS_SECURITY_OPTIONAL
	35	};
	36
	37	enum dns_server_transport {
	38	DNS_TRANSPORT_UNSET,
	39	DNS_TRANSPORT_PLAIN,
	40	DNS_TRANSPORT_HTTPS,
	41	DNS_TRANSPORT_TLS
	42	};
	43
	44	struct dns_domain {
	45	struct dns_domain *next;
	46	const char *name;
	47	};
	48
424ae590 HH	49	struct dns_server_addr
	50	{
	51	union {
	52	struct in_addr a4;
	53	struct in6_addr a6;
	54	} in;
	55	sa_family_t family;
	56	in_port_t port;
	57	};
	58
b3e0d95d HH	59	struct dns_server {
	60	struct dns_server *next;
	61	long priority;
424ae590 HH	62	size_t addr_count;
424ae590 HH	63	struct dns_server_addr addr[8];
b3e0d95d	64	struct dns_domain *domains;
b3e0d95d HH	65	enum dns_security dnssec;
	66	enum dns_server_transport transport;
	67	const char *sni;
	68	};
	69
	70	struct dns_options {
	71	struct dns_domain *search_domains;
	72	struct dns_server *servers_prepull;
	73	struct dns_server *servers;
	74	struct gc_arena gc;
	75	};
	76
	77	/**
	78	* Parses a string DNS server priority and validates it.
	79	*
	80	* @param priority Pointer to where the priority should be stored
	81	* @param str Priority string to parse
	82	* @param pulled Whether this was pulled from a server
	83	* @return True if priority in string is valid
	84	*/
	85	bool dns_server_priority_parse(long priority, const char str, bool pulled);
	86
	87	/**
	88	* Find or create DNS server with priority in a linked list.
	89	* The list is ordered by priority.
	90	*
	91	* @param entry Address of the first list entry pointer
	92	* @param priority Priority of the DNS server to find / create
	93	* @param gc The gc new list items should be allocated in
	94	*/
abe49856	95	struct dns_server dns_server_get(struct dns_server entry, long priority, struct gc_arena gc);
b3e0d95d HH	96
	97	/**
	98	* Appends DNS domain parameters to a linked list.
	99	*
	100	* @param entry Address of the first list entry pointer
	101	* @param domains Address of the first domain parameter
	102	* @param gc The gc the new list items should be allocated in
	103	*/
	104	void dns_domain_list_append(struct dns_domain entry, char domains, struct gc_arena *gc);
	105
	106	/**
	107	* Parses a string IPv4 or IPv6 address and optional colon separated port,
	108	* into a in_addr or in6_addr respectively plus a in_port_t port.
	109	*
	110	* @param server Pointer to DNS server the address is parsed for
	111	* @param addr Address as string
	112	* @return True if parsing was successful
	113	*/
	114	bool dns_server_addr_parse(struct dns_server server, const char addr);
	115
	116	/**
	117	* Checks validity of DNS options
	118	*
	119	* @param msglevel The message level to log errors with
	120	* @param o Pointer to the DNS options to validate
	121	* @return True if no error was found
	122	*/
	123	bool dns_options_verify(int msglevel, const struct dns_options *o);
	124
	125	/**
	126	* Makes a deep copy of the passed DNS options.
	127	*
	128	* @param o Pointer to the DNS options to clone
	129	* @param gc Pointer to the gc_arena to use for the clone
	130	* @return The dns_options clone
	131	*/
	132	struct dns_options clone_dns_options(const struct dns_options o, struct gc_arena *gc);
	133
	134	/**
	135	* Saves and resets the server options, so that pulled ones don't mix in.
	136	*
	137	* @param o Pointer to the DNS options to modify
	138	*/
	139	void dns_options_preprocess_pull(struct dns_options *o);
	140
	141	/**
	142	* Merges pulled DNS servers with static ones into an ordered list.
	143	*
	144	* @param o Pointer to the DNS options to modify
	145	*/
	146	void dns_options_postprocess_pull(struct dns_options *o);
	147
	148	/**
	149	* Puts the DNS options into an environment set.
	150	*
	151	* @param o Pointer to the DNS options to set
	152	* @param es Pointer to the env_set to set the options into
	153	*/
	154	void setenv_dns_options(const struct dns_options o, struct env_set es);
	155
	156	/**
	157	* Prints configured DNS options.
	158	*
	159	* @param o Pointer to the DNS options to print
160	*/
161	void show_dns_options(const struct dns_options *o);
162
163	#endif /* ifndef DNS_H */