[thirdparty/systemd.git] / src / resolve / resolved-dns-rr.h

#pragma once

/***
  This file is part of systemd.

  Copyright 2014 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
 ***/

#include <netinet/in.h>

#include "bitmap.h"
#include "dns-type.h"
#include "hashmap.h"
#include "in-addr-util.h"
#include "list.h"
#include "string-util.h"

typedef struct DnsResourceKey DnsResourceKey;
typedef struct DnsResourceRecord DnsResourceRecord;
typedef struct DnsTxtItem DnsTxtItem;

/* DNSKEY RR flags */
#define DNSKEY_FLAG_SEP      (UINT16_C(1) << 0)
#define DNSKEY_FLAG_REVOKE   (UINT16_C(1) << 7)
#define DNSKEY_FLAG_ZONE_KEY (UINT16_C(1) << 8)

/* mDNS RR flags */
#define MDNS_RR_CACHE_FLUSH  (UINT16_C(1) << 15)

/* DNSSEC algorithm identifiers, see
 * http://tools.ietf.org/html/rfc4034#appendix-A.1 and
 * https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml */
enum {
        DNSSEC_ALGORITHM_RSAMD5 = 1,
        DNSSEC_ALGORITHM_DH,
        DNSSEC_ALGORITHM_DSA,
        DNSSEC_ALGORITHM_ECC,
        DNSSEC_ALGORITHM_RSASHA1,
        DNSSEC_ALGORITHM_DSA_NSEC3_SHA1,
        DNSSEC_ALGORITHM_RSASHA1_NSEC3_SHA1,
        DNSSEC_ALGORITHM_RSASHA256 = 8,        /* RFC 5702 */
        DNSSEC_ALGORITHM_RSASHA512 = 10,       /* RFC 5702 */
        DNSSEC_ALGORITHM_ECC_GOST = 12,        /* RFC 5933 */
        DNSSEC_ALGORITHM_ECDSAP256SHA256 = 13, /* RFC 6605 */
        DNSSEC_ALGORITHM_ECDSAP384SHA384 = 14, /* RFC 6605 */
        DNSSEC_ALGORITHM_INDIRECT = 252,
        DNSSEC_ALGORITHM_PRIVATEDNS,
        DNSSEC_ALGORITHM_PRIVATEOID,
        _DNSSEC_ALGORITHM_MAX_DEFINED
};

/* DNSSEC digest identifiers, see
 * https://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml */
enum {
        DNSSEC_DIGEST_SHA1 = 1,
        DNSSEC_DIGEST_SHA256 = 2,              /* RFC 4509 */
        DNSSEC_DIGEST_GOST_R_34_11_94 = 3,     /* RFC 5933 */
        DNSSEC_DIGEST_SHA384 = 4,              /* RFC 6605 */
        _DNSSEC_DIGEST_MAX_DEFINED
};

/* DNSSEC NSEC3 hash algorithms, see
 * https://www.iana.org/assignments/dnssec-nsec3-parameters/dnssec-nsec3-parameters.xhtml */
enum {
        NSEC3_ALGORITHM_SHA1 = 1,
        _NSEC3_ALGORITHM_MAX_DEFINED
};

struct DnsResourceKey {
        unsigned n_ref; /* (unsigned -1) for const keys, see below */
        uint16_t class, type;
        char *_name; /* don't access directly, use dns_resource_key_name()! */
};

/* Creates a temporary resource key. This is only useful to quickly
 * look up something, without allocating a full DnsResourceKey object
 * for it. Note that it is not OK to take references to this kind of
 * resource key object. */
#define DNS_RESOURCE_KEY_CONST(c, t, n)                 \
        ((DnsResourceKey) {                             \
                .n_ref = (unsigned) -1,                 \
                .class = c,                             \
                .type = t,                              \
                ._name = (char*) n,                     \
        })


struct DnsTxtItem {
        size_t length;
        LIST_FIELDS(DnsTxtItem, items);
        uint8_t data[];
};

struct DnsResourceRecord {
        unsigned n_ref;
        DnsResourceKey *key;

        char *to_string;

        uint32_t ttl;
        usec_t expiry; /* RRSIG signature expiry */

        /* How many labels to strip to determine "signer" of the RRSIG (aka, the zone). -1 if not signed. */
        unsigned n_skip_labels_signer;
        /* How many labels to strip to determine "synthesizing source" of this RR, i.e. the wildcard's immediate parent. -1 if not signed. */
        unsigned n_skip_labels_source;

        bool unparseable:1;

        bool wire_format_canonical:1;
        void *wire_format;
        size_t wire_format_size;
        size_t wire_format_rdata_offset;

        union {
                struct {
                        void *data;
                        size_t data_size;
                } generic, opt;

                struct {
                        uint16_t priority;
                        uint16_t weight;
                        uint16_t port;
                        char *name;
                } srv;

                struct {
                        char *name;
                } ptr, ns, cname, dname;

                struct {
                        char *cpu;
                        char *os;
                } hinfo;

                struct {
                        DnsTxtItem *items;
                } txt, spf;

                struct {
                        struct in_addr in_addr;
                } a;

                struct {
                        struct in6_addr in6_addr;
                } aaaa;

                struct {
                        char *mname;
                        char *rname;
                        uint32_t serial;
                        uint32_t refresh;
                        uint32_t retry;
                        uint32_t expire;
                        uint32_t minimum;
                } soa;

                struct {
                        uint16_t priority;
                        char *exchange;
                } mx;

                /* https://tools.ietf.org/html/rfc1876 */
                struct {
                        uint8_t version;
                        uint8_t size;
                        uint8_t horiz_pre;
                        uint8_t vert_pre;
                        uint32_t latitude;
                        uint32_t longitude;
                        uint32_t altitude;
                } loc;

                /* https://tools.ietf.org/html/rfc4255#section-3.1 */
                struct {
                        uint8_t algorithm;
                        uint8_t fptype;
                        void *fingerprint;
                        size_t fingerprint_size;
                } sshfp;

                /* http://tools.ietf.org/html/rfc4034#section-2.1 */
                struct {
                        uint16_t flags;
                        uint8_t protocol;
                        uint8_t algorithm;
                        void* key;
                        size_t key_size;
                } dnskey;

                /* http://tools.ietf.org/html/rfc4034#section-3.1 */
                struct {
                        uint16_t type_covered;
                        uint8_t algorithm;
                        uint8_t labels;
                        uint32_t original_ttl;
                        uint32_t expiration;
                        uint32_t inception;
                        uint16_t key_tag;
                        char *signer;
                        void *signature;
                        size_t signature_size;
                } rrsig;

                /* https://tools.ietf.org/html/rfc4034#section-4.1 */
                struct {
                        char *next_domain_name;
                        Bitmap *types;
                } nsec;

                /* https://tools.ietf.org/html/rfc4034#section-5.1 */
                struct {
                        uint16_t key_tag;
                        uint8_t algorithm;
                        uint8_t digest_type;
                        void *digest;
                        size_t digest_size;
                } ds;

                struct {
                        uint8_t algorithm;
                        uint8_t flags;
                        uint16_t iterations;
                        void *salt;
                        size_t salt_size;
                        void *next_hashed_name;
                        size_t next_hashed_name_size;
                        Bitmap *types;
                } nsec3;

                /* https://tools.ietf.org/html/draft-ietf-dane-protocol-23 */
                struct {
                        uint8_t cert_usage;
                        uint8_t selector;
                        uint8_t matching_type;
                        void *data;
                        size_t data_size;
                } tlsa;

                /* https://tools.ietf.org/html/rfc6844 */
                struct {
                        uint8_t flags;
                        char *tag;
                        void *value;
                        size_t value_size;
                } caa;
        };
};

static inline const void* DNS_RESOURCE_RECORD_RDATA(DnsResourceRecord *rr) {
        if (!rr)
                return NULL;

        if (!rr->wire_format)
                return NULL;

        assert(rr->wire_format_rdata_offset <= rr->wire_format_size);
        return (uint8_t*) rr->wire_format + rr->wire_format_rdata_offset;
}

static inline size_t DNS_RESOURCE_RECORD_RDATA_SIZE(DnsResourceRecord *rr) {
        if (!rr)
                return 0;
        if (!rr->wire_format)
                return 0;

        assert(rr->wire_format_rdata_offset <= rr->wire_format_size);
        return rr->wire_format_size - rr->wire_format_rdata_offset;
}

static inline uint8_t DNS_RESOURCE_RECORD_OPT_VERSION_SUPPORTED(DnsResourceRecord *rr) {
        assert(rr);
        assert(rr->key->type == DNS_TYPE_OPT);

        return ((rr->ttl >> 16) & 0xFF) == 0;
}

DnsResourceKey* dns_resource_key_new(uint16_t class, uint16_t type, const char *name);
DnsResourceKey* dns_resource_key_new_redirect(const DnsResourceKey *key, const DnsResourceRecord *cname);
int dns_resource_key_new_append_suffix(DnsResourceKey **ret, DnsResourceKey *key, char *name);
DnsResourceKey* dns_resource_key_new_consume(uint16_t class, uint16_t type, char *name);
DnsResourceKey* dns_resource_key_ref(DnsResourceKey *key);
DnsResourceKey* dns_resource_key_unref(DnsResourceKey *key);
const char* dns_resource_key_name(const DnsResourceKey *key);
bool dns_resource_key_is_address(const DnsResourceKey *key);
int dns_resource_key_equal(const DnsResourceKey *a, const DnsResourceKey *b);
int dns_resource_key_match_rr(const DnsResourceKey *key, DnsResourceRecord *rr, const char *search_domain);
int dns_resource_key_match_cname_or_dname(const DnsResourceKey *key, const DnsResourceKey *cname, const char *search_domain);
int dns_resource_key_match_soa(const DnsResourceKey *key, const DnsResourceKey *soa);

/* _DNS_{CLASS,TYPE}_STRING_MAX include one byte for NUL, which we use for space instead below.
 * DNS_HOSTNAME_MAX does not include the NUL byte, so we need to add 1. */
#define DNS_RESOURCE_KEY_STRING_MAX (_DNS_CLASS_STRING_MAX + _DNS_TYPE_STRING_MAX + DNS_HOSTNAME_MAX + 1)

char* dns_resource_key_to_string(const DnsResourceKey *key, char *buf, size_t buf_size);
ssize_t dns_resource_record_payload(DnsResourceRecord *rr, void **out);

DEFINE_TRIVIAL_CLEANUP_FUNC(DnsResourceKey*, dns_resource_key_unref);

static inline bool dns_key_is_shared(const DnsResourceKey *key) {
        return IN_SET(key->type, DNS_TYPE_PTR);
}

bool dns_resource_key_reduce(DnsResourceKey **a, DnsResourceKey **b);

DnsResourceRecord* dns_resource_record_new(DnsResourceKey *key);
DnsResourceRecord* dns_resource_record_new_full(uint16_t class, uint16_t type, const char *name);
DnsResourceRecord* dns_resource_record_ref(DnsResourceRecord *rr);
DnsResourceRecord* dns_resource_record_unref(DnsResourceRecord *rr);
int dns_resource_record_new_reverse(DnsResourceRecord **ret, int family, const union in_addr_union *address, const char *name);
int dns_resource_record_new_address(DnsResourceRecord **ret, int family, const union in_addr_union *address, const char *name);
int dns_resource_record_equal(const DnsResourceRecord *a, const DnsResourceRecord *b);
const char* dns_resource_record_to_string(DnsResourceRecord *rr);
DnsResourceRecord *dns_resource_record_copy(DnsResourceRecord *rr);
DEFINE_TRIVIAL_CLEANUP_FUNC(DnsResourceRecord*, dns_resource_record_unref);

int dns_resource_record_to_wire_format(DnsResourceRecord *rr, bool canonical);

int dns_resource_record_signer(DnsResourceRecord *rr, const char **ret);
int dns_resource_record_source(DnsResourceRecord *rr, const char **ret);
int dns_resource_record_is_signer(DnsResourceRecord *rr, const char *zone);
int dns_resource_record_is_synthetic(DnsResourceRecord *rr);

int dns_resource_record_clamp_ttl(DnsResourceRecord **rr, uint32_t max_ttl);

DnsTxtItem *dns_txt_item_free_all(DnsTxtItem *i);
bool dns_txt_item_equal(DnsTxtItem *a, DnsTxtItem *b);
DnsTxtItem *dns_txt_item_copy(DnsTxtItem *i);

void dns_resource_record_hash_func(const void *i, struct siphash *state);

extern const struct hash_ops dns_resource_key_hash_ops;
extern const struct hash_ops dns_resource_record_hash_ops;

int dnssec_algorithm_to_string_alloc(int i, char **ret);
int dnssec_algorithm_from_string(const char *s) _pure_;

int dnssec_digest_to_string_alloc(int i, char **ret);
int dnssec_digest_from_string(const char *s) _pure_;
Commit	Line	Data
74b2466e LP	1	#pragma once
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2014 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
	9	under the terms of the GNU Lesser General Public License as published by
	10	the Free Software Foundation; either version 2.1 of the License, or
	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	16	Lesser General Public License for more details.
	17
	18	You should have received a copy of the GNU Lesser General Public License
	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
74b2466e LP	22	#include <netinet/in.h>
74b2466e LP	23
50f1e641	24	#include "bitmap.h"
71d35b6b	25	#include "dns-type.h"
322345fd	26	#include "hashmap.h"
623a4c97	27	#include "in-addr-util.h"
2001c805	28	#include "list.h"
1c02e7ba	29	#include "string-util.h"
74b2466e LP	30
	31	typedef struct DnsResourceKey DnsResourceKey;
	32	typedef struct DnsResourceRecord DnsResourceRecord;
2001c805	33	typedef struct DnsTxtItem DnsTxtItem;
74b2466e	34
8730bccf	35	/* DNSKEY RR flags */
8730bccf	36	#define DNSKEY_FLAG_SEP (UINT16_C(1) << 0)
28b8191e LP	37	#define DNSKEY_FLAG_REVOKE (UINT16_C(1) << 7)
28b8191e LP	38	#define DNSKEY_FLAG_ZONE_KEY (UINT16_C(1) << 8)
8730bccf	39
23502de3 DM	40	/* mDNS RR flags */
	41	#define MDNS_RR_CACHE_FLUSH (UINT16_C(1) << 15)
	42
8730bccf LP	43	/* DNSSEC algorithm identifiers, see
	44	* http://tools.ietf.org/html/rfc4034#appendix-A.1 and
	45	* https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml */
	46	enum {
	47	DNSSEC_ALGORITHM_RSAMD5 = 1,
	48	DNSSEC_ALGORITHM_DH,
	49	DNSSEC_ALGORITHM_DSA,
	50	DNSSEC_ALGORITHM_ECC,
	51	DNSSEC_ALGORITHM_RSASHA1,
	52	DNSSEC_ALGORITHM_DSA_NSEC3_SHA1,
	53	DNSSEC_ALGORITHM_RSASHA1_NSEC3_SHA1,
6f717d08 LP	54	DNSSEC_ALGORITHM_RSASHA256 = 8, /* RFC 5702 */
	55	DNSSEC_ALGORITHM_RSASHA512 = 10, /* RFC 5702 */
	56	DNSSEC_ALGORITHM_ECC_GOST = 12, /* RFC 5933 */
e0240c64 LP	57	DNSSEC_ALGORITHM_ECDSAP256SHA256 = 13, /* RFC 6605 */
e0240c64 LP	58	DNSSEC_ALGORITHM_ECDSAP384SHA384 = 14, /* RFC 6605 */
8730bccf LP	59	DNSSEC_ALGORITHM_INDIRECT = 252,
	60	DNSSEC_ALGORITHM_PRIVATEDNS,
	61	DNSSEC_ALGORITHM_PRIVATEOID,
	62	_DNSSEC_ALGORITHM_MAX_DEFINED
	63	};
	64
	65	/* DNSSEC digest identifiers, see
	66	* https://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml */
	67	enum {
	68	DNSSEC_DIGEST_SHA1 = 1,
6f717d08 LP	69	DNSSEC_DIGEST_SHA256 = 2, /* RFC 4509 */
	70	DNSSEC_DIGEST_GOST_R_34_11_94 = 3, /* RFC 5933 */
	71	DNSSEC_DIGEST_SHA384 = 4, /* RFC 6605 */
8730bccf LP	72	_DNSSEC_DIGEST_MAX_DEFINED
	73	};
	74
d15ad742 LP	75	/* DNSSEC NSEC3 hash algorithms, see
	76	* https://www.iana.org/assignments/dnssec-nsec3-parameters/dnssec-nsec3-parameters.xhtml */
	77	enum {
	78	NSEC3_ALGORITHM_SHA1 = 1,
	79	_NSEC3_ALGORITHM_MAX_DEFINED
	80	};
	81
74b2466e	82	struct DnsResourceKey {
f57e3cd5	83	unsigned n_ref; /* (unsigned -1) for const keys, see below */
faa133f3	84	uint16_t class, type;
96d49011	85	char _name; / don't access directly, use dns_resource_key_name()! */
74b2466e LP	86	};
74b2466e LP	87
1b4f6e79 LP	88	/* Creates a temporary resource key. This is only useful to quickly
	89	* look up something, without allocating a full DnsResourceKey object
	90	* for it. Note that it is not OK to take references to this kind of
	91	* resource key object. */
	92	#define DNS_RESOURCE_KEY_CONST(c, t, n) \
	93	((DnsResourceKey) { \
	94	.n_ref = (unsigned) -1, \
	95	.class = c, \
	96	.type = t, \
	97	._name = (char*) n, \
	98	})
	99
	100
2001c805 LP	101	struct DnsTxtItem {
	102	size_t length;
	103	LIST_FIELDS(DnsTxtItem, items);
	104	uint8_t data[];
	105	};
	106
74b2466e LP	107	struct DnsResourceRecord {
74b2466e LP	108	unsigned n_ref;
faa133f3	109	DnsResourceKey *key;
97c67192	110
7b50eb2e	111	char *to_string;
97c67192	112
74b2466e	113	uint32_t ttl;
ee3d6aff	114	usec_t expiry; /* RRSIG signature expiry */
97c67192 LP	115
	116	/* How many labels to strip to determine "signer" of the RRSIG (aka, the zone). -1 if not signed. */
	117	unsigned n_skip_labels_signer;
	118	/* How many labels to strip to determine "synthesizing source" of this RR, i.e. the wildcard's immediate parent. -1 if not signed. */
	119	unsigned n_skip_labels_source;
	120
a8812dd7	121	bool unparseable:1;
97c67192	122
a8812dd7 LP	123	bool wire_format_canonical:1;
	124	void *wire_format;
	125	size_t wire_format_size;
	126	size_t wire_format_rdata_offset;
97c67192	127
74b2466e LP	128	union {
	129	struct {
	130	void *data;
a43a068a	131	size_t data_size;
d75acfb0	132	} generic, opt;
74b2466e	133
9c92ce6d LP	134	struct {
	135	uint16_t priority;
	136	uint16_t weight;
	137	uint16_t port;
	138	char *name;
	139	} srv;
74b2466e LP	140
	141	struct {
	142	char *name;
8ac4e9e1	143	} ptr, ns, cname, dname;
74b2466e LP	144
	145	struct {
	146	char *cpu;
	147	char *os;
	148	} hinfo;
	149
2e276efc	150	struct {
2001c805	151	DnsTxtItem *items;
c0eb11cf	152	} txt, spf;
74b2466e LP	153
	154	struct {
	155	struct in_addr in_addr;
	156	} a;
	157
	158	struct {
	159	struct in6_addr in6_addr;
	160	} aaaa;
7e8e0422 LP	161
	162	struct {
	163	char *mname;
	164	char *rname;
	165	uint32_t serial;
	166	uint32_t refresh;
	167	uint32_t retry;
	168	uint32_t expire;
	169	uint32_t minimum;
	170	} soa;
946c7094 ZJS	171
	172	struct {
	173	uint16_t priority;
	174	char *exchange;
	175	} mx;
0dae31d4	176
6af47493	177	/* https://tools.ietf.org/html/rfc1876 */
0dae31d4 ZJS	178	struct {
	179	uint8_t version;
	180	uint8_t size;
	181	uint8_t horiz_pre;
	182	uint8_t vert_pre;
	183	uint32_t latitude;
	184	uint32_t longitude;
	185	uint32_t altitude;
	186	} loc;
42cc2eeb	187
549c1a25	188	/* https://tools.ietf.org/html/rfc4255#section-3.1 */
42cc2eeb LP	189	struct {
	190	uint8_t algorithm;
	191	uint8_t fptype;
549c1a25 TG	192	void *fingerprint;
549c1a25 TG	193	size_t fingerprint_size;
42cc2eeb	194	} sshfp;
8db0d2f5 ZJS	195
	196	/* http://tools.ietf.org/html/rfc4034#section-2.1 */
	197	struct {
f91dc240 LP	198	uint16_t flags;
f91dc240 LP	199	uint8_t protocol;
8db0d2f5 ZJS	200	uint8_t algorithm;
	201	void* key;
	202	size_t key_size;
	203	} dnskey;
151226ab ZJS	204
	205	/* http://tools.ietf.org/html/rfc4034#section-3.1 */
	206	struct {
	207	uint16_t type_covered;
	208	uint8_t algorithm;
	209	uint8_t labels;
	210	uint32_t original_ttl;
	211	uint32_t expiration;
	212	uint32_t inception;
	213	uint16_t key_tag;
	214	char *signer;
	215	void *signature;
	216	size_t signature_size;
	217	} rrsig;
50f1e641	218
9ead3519	219	/* https://tools.ietf.org/html/rfc4034#section-4.1 */
50f1e641 TG	220	struct {
	221	char *next_domain_name;
	222	Bitmap *types;
	223	} nsec;
5d45a880	224
6af47493 LP	225	/* https://tools.ietf.org/html/rfc4034#section-5.1 */
	226	struct {
	227	uint16_t key_tag;
	228	uint8_t algorithm;
	229	uint8_t digest_type;
	230	void *digest;
	231	size_t digest_size;
	232	} ds;
	233
5d45a880 TG	234	struct {
	235	uint8_t algorithm;
	236	uint8_t flags;
	237	uint16_t iterations;
	238	void *salt;
	239	size_t salt_size;
	240	void *next_hashed_name;
	241	size_t next_hashed_name_size;
	242	Bitmap *types;
	243	} nsec3;
48d45d2b ZJS	244
	245	/* https://tools.ietf.org/html/draft-ietf-dane-protocol-23 */
	246	struct {
	247	uint8_t cert_usage;
	248	uint8_t selector;
	249	uint8_t matching_type;
	250	void *data;
	251	size_t data_size;
	252	} tlsa;
95052df3 ZJS	253
	254	/* https://tools.ietf.org/html/rfc6844 */
	255	struct {
	256	uint8_t flags;
	257	char *tag;
	258	void *value;
	259	size_t value_size;
	260	} caa;
74b2466e LP	261	};
	262	};
	263
85aeaccc LP	264	static inline const void* DNS_RESOURCE_RECORD_RDATA(DnsResourceRecord *rr) {
	265	if (!rr)
	266	return NULL;
	267
	268	if (!rr->wire_format)
	269	return NULL;
	270
	271	assert(rr->wire_format_rdata_offset <= rr->wire_format_size);
	272	return (uint8_t*) rr->wire_format + rr->wire_format_rdata_offset;
	273	}
	274
	275	static inline size_t DNS_RESOURCE_RECORD_RDATA_SIZE(DnsResourceRecord *rr) {
	276	if (!rr)
	277	return 0;
	278	if (!rr->wire_format)
	279	return 0;
	280
	281	assert(rr->wire_format_rdata_offset <= rr->wire_format_size);
	282	return rr->wire_format_size - rr->wire_format_rdata_offset;
	283	}
	284
b30bf55d LP	285	static inline uint8_t DNS_RESOURCE_RECORD_OPT_VERSION_SUPPORTED(DnsResourceRecord *rr) {
	286	assert(rr);
	287	assert(rr->key->type == DNS_TYPE_OPT);
	288
	289	return ((rr->ttl >> 16) & 0xFF) == 0;
	290	}
	291
faa133f3	292	DnsResourceKey* dns_resource_key_new(uint16_t class, uint16_t type, const char *name);
36d9205d	293	DnsResourceKey* dns_resource_key_new_redirect(const DnsResourceKey key, const DnsResourceRecord cname);
801ad6a6	294	int dns_resource_key_new_append_suffix(DnsResourceKey *ret, DnsResourceKey key, char *name);
faa133f3 LP	295	DnsResourceKey* dns_resource_key_new_consume(uint16_t class, uint16_t type, char *name);
	296	DnsResourceKey* dns_resource_key_ref(DnsResourceKey *key);
	297	DnsResourceKey* dns_resource_key_unref(DnsResourceKey *key);
1c02e7ba	298	const char* dns_resource_key_name(const DnsResourceKey *key);
28b9b764	299	bool dns_resource_key_is_address(const DnsResourceKey *key);
faa133f3	300	int dns_resource_key_equal(const DnsResourceKey a, const DnsResourceKey b);
105e1512	301	int dns_resource_key_match_rr(const DnsResourceKey key, DnsResourceRecord rr, const char *search_domain);
5d27351f	302	int dns_resource_key_match_cname_or_dname(const DnsResourceKey key, const DnsResourceKey cname, const char *search_domain);
547973de	303	int dns_resource_key_match_soa(const DnsResourceKey key, const DnsResourceKey soa);
202b76ae ZJS	304
	305	/* _DNS_{CLASS,TYPE}_STRING_MAX include one byte for NUL, which we use for space instead below.
	306	* DNS_HOSTNAME_MAX does not include the NUL byte, so we need to add 1. */
	307	#define DNS_RESOURCE_KEY_STRING_MAX (_DNS_CLASS_STRING_MAX + _DNS_TYPE_STRING_MAX + DNS_HOSTNAME_MAX + 1)
	308
	309	char* dns_resource_key_to_string(const DnsResourceKey key, char buf, size_t buf_size);
2e74028a ZJS	310	ssize_t dns_resource_record_payload(DnsResourceRecord rr, void *out);
2e74028a ZJS	311
faa133f3	312	DEFINE_TRIVIAL_CLEANUP_FUNC(DnsResourceKey*, dns_resource_key_unref);
322345fd	313
7778dfff DM	314	static inline bool dns_key_is_shared(const DnsResourceKey *key) {
	315	return IN_SET(key->type, DNS_TYPE_PTR);
	316	}
	317
f57e3cd5 LP	318	bool dns_resource_key_reduce(DnsResourceKey a, DnsResourceKey b);
f57e3cd5 LP	319
faa133f3	320	DnsResourceRecord* dns_resource_record_new(DnsResourceKey *key);
8bf52d3d	321	DnsResourceRecord* dns_resource_record_new_full(uint16_t class, uint16_t type, const char *name);
74b2466e LP	322	DnsResourceRecord* dns_resource_record_ref(DnsResourceRecord *rr);
74b2466e LP	323	DnsResourceRecord* dns_resource_record_unref(DnsResourceRecord *rr);
623a4c97	324	int dns_resource_record_new_reverse(DnsResourceRecord *ret, int family, const union in_addr_union address, const char *name);
78c6a153	325	int dns_resource_record_new_address(DnsResourceRecord *ret, int family, const union in_addr_union address, const char *name);
322345fd	326	int dns_resource_record_equal(const DnsResourceRecord a, const DnsResourceRecord b);
7b50eb2e	327	const char* dns_resource_record_to_string(DnsResourceRecord *rr);
17c8de63	328	DnsResourceRecord dns_resource_record_copy(DnsResourceRecord rr);
faa133f3	329	DEFINE_TRIVIAL_CLEANUP_FUNC(DnsResourceRecord*, dns_resource_record_unref);
322345fd	330
a8812dd7 LP	331	int dns_resource_record_to_wire_format(DnsResourceRecord *rr, bool canonical);
a8812dd7 LP	332
97c67192 LP	333	int dns_resource_record_signer(DnsResourceRecord rr, const char *ret);
	334	int dns_resource_record_source(DnsResourceRecord rr, const char *ret);
	335	int dns_resource_record_is_signer(DnsResourceRecord rr, const char zone);
ab481675	336	int dns_resource_record_is_synthetic(DnsResourceRecord *rr);
97c67192	337
17c8de63 LP	338	int dns_resource_record_clamp_ttl(DnsResourceRecord **rr, uint32_t max_ttl);
17c8de63 LP	339
2001c805 LP	340	DnsTxtItem dns_txt_item_free_all(DnsTxtItem i);
2001c805 LP	341	bool dns_txt_item_equal(DnsTxtItem a, DnsTxtItem b);
17c8de63	342	DnsTxtItem dns_txt_item_copy(DnsTxtItem i);
2001c805	343
6d99904f ZJS	344	void dns_resource_record_hash_func(const void i, struct siphash state);
6d99904f ZJS	345
d5099efc	346	extern const struct hash_ops dns_resource_key_hash_ops;
c9c72065	347	extern const struct hash_ops dns_resource_record_hash_ops;
8730bccf	348
8e54f5d9	349	int dnssec_algorithm_to_string_alloc(int i, char **ret);
8730bccf LP	350	int dnssec_algorithm_from_string(const char *s) _pure_;
8730bccf LP	351
8e54f5d9	352	int dnssec_digest_to_string_alloc(int i, char **ret);
8730bccf	353	int dnssec_digest_from_string(const char *s) _pure_;