[thirdparty/systemd.git] / src / resolve / resolved-dns-server.h

/* SPDX-License-Identifier: LGPL-2.1+ */
#pragma once

/***
  This file is part of systemd.

  Copyright 2014 Lennart Poettering
***/

#include "in-addr-util.h"

#if HAVE_GNUTLS
#include <gnutls/gnutls.h>
#endif

typedef struct DnsServer DnsServer;

typedef enum DnsServerType {
        DNS_SERVER_SYSTEM,
        DNS_SERVER_FALLBACK,
        DNS_SERVER_LINK,
} DnsServerType;
#define _DNS_SERVER_TYPE_MAX (DNS_SERVER_LINK + 1)

const char* dns_server_type_to_string(DnsServerType i) _const_;
DnsServerType dns_server_type_from_string(const char *s) _pure_;

typedef enum DnsServerFeatureLevel {
        DNS_SERVER_FEATURE_LEVEL_TCP,
        DNS_SERVER_FEATURE_LEVEL_UDP,
        DNS_SERVER_FEATURE_LEVEL_EDNS0,
        DNS_SERVER_FEATURE_LEVEL_TLS_PLAIN,
        DNS_SERVER_FEATURE_LEVEL_DO,
        DNS_SERVER_FEATURE_LEVEL_LARGE,
        DNS_SERVER_FEATURE_LEVEL_TLS_DO,
        _DNS_SERVER_FEATURE_LEVEL_MAX,
        _DNS_SERVER_FEATURE_LEVEL_INVALID = -1
} DnsServerFeatureLevel;

#define DNS_SERVER_FEATURE_LEVEL_WORST 0
#define DNS_SERVER_FEATURE_LEVEL_BEST (_DNS_SERVER_FEATURE_LEVEL_MAX - 1)
#define DNS_SERVER_FEATURE_LEVEL_IS_TLS(x) IN_SET(x, DNS_SERVER_FEATURE_LEVEL_TLS_PLAIN, DNS_SERVER_FEATURE_LEVEL_TLS_DO)

const char* dns_server_feature_level_to_string(int i) _const_;
int dns_server_feature_level_from_string(const char *s) _pure_;

#include "resolved-link.h"
#include "resolved-manager.h"

struct DnsServer {
        Manager *manager;

        unsigned n_ref;

        DnsServerType type;
        Link *link;

        int family;
        union in_addr_union address;
        int ifindex; /* for IPv6 link-local DNS servers */

        char *server_string;
        DnsStream *stream;

#if HAVE_GNUTLS
        gnutls_certificate_credentials_t tls_cert_cred;
        gnutls_datum_t tls_session_data;
#endif

        DnsServerFeatureLevel verified_feature_level;
        DnsServerFeatureLevel possible_feature_level;

        size_t received_udp_packet_max;

        unsigned n_failed_udp;
        unsigned n_failed_tcp;
        unsigned n_failed_tls;

        bool packet_truncated:1;
        bool packet_bad_opt:1;
        bool packet_rrsig_missing:1;

        usec_t verified_usec;
        usec_t features_grace_period_usec;

        /* Whether we already warned about downgrading to non-DNSSEC mode for this server */
        bool warned_downgrade:1;

        /* Used when GC'ing old DNS servers when configuration changes. */
        bool marked:1;

        /* If linked is set, then this server appears in the servers linked list */
        bool linked:1;
        LIST_FIELDS(DnsServer, servers);
};

int dns_server_new(
                Manager *m,
                DnsServer **ret,
                DnsServerType type,
                Link *link,
                int family,
                const union in_addr_union *address,
                int ifindex);

DnsServer* dns_server_ref(DnsServer *s);
DnsServer* dns_server_unref(DnsServer *s);

void dns_server_unlink(DnsServer *s);
void dns_server_move_back_and_unmark(DnsServer *s);

void dns_server_packet_received(DnsServer *s, int protocol, DnsServerFeatureLevel level, size_t size);
void dns_server_packet_lost(DnsServer *s, int protocol, DnsServerFeatureLevel level);
void dns_server_packet_truncated(DnsServer *s, DnsServerFeatureLevel level);
void dns_server_packet_rrsig_missing(DnsServer *s, DnsServerFeatureLevel level);
void dns_server_packet_bad_opt(DnsServer *s, DnsServerFeatureLevel level);
void dns_server_packet_rcode_downgrade(DnsServer *s, DnsServerFeatureLevel level);

DnsServerFeatureLevel dns_server_possible_feature_level(DnsServer *s);

int dns_server_adjust_opt(DnsServer *server, DnsPacket *packet, DnsServerFeatureLevel level);

const char *dns_server_string(DnsServer *server);
int dns_server_ifindex(const DnsServer *s);

bool dns_server_dnssec_supported(DnsServer *server);

void dns_server_warn_downgrade(DnsServer *server);

bool dns_server_limited_domains(DnsServer *server);

DnsServer *dns_server_find(DnsServer *first, int family, const union in_addr_union *in_addr, int ifindex);

void dns_server_unlink_all(DnsServer *first);
void dns_server_unlink_marked(DnsServer *first);
void dns_server_mark_all(DnsServer *first);

DnsServer *manager_get_first_dns_server(Manager *m, DnsServerType t);

DnsServer *manager_set_dns_server(Manager *m, DnsServer *s);
DnsServer *manager_get_dns_server(Manager *m);
void manager_next_dns_server(Manager *m);

bool dns_server_address_valid(int family, const union in_addr_union *sa);

DnssecMode dns_server_get_dnssec_mode(DnsServer *s);
DnsOverTlsMode dns_server_get_dns_over_tls_mode(DnsServer *s);

DEFINE_TRIVIAL_CLEANUP_FUNC(DnsServer*, dns_server_unref);

extern const struct hash_ops dns_server_hash_ops;

void dns_server_flush_cache(DnsServer *s);

void dns_server_reset_features(DnsServer *s);
void dns_server_reset_features_all(DnsServer *s);

void dns_server_dump(DnsServer *s, FILE *f);
Commit	Line	Data
53e1b683	1	/* SPDX-License-Identifier: LGPL-2.1+ */
74b2466e LP	2	#pragma once
	3
	4	/***
	5	This file is part of systemd.
	6
	7	Copyright 2014 Lennart Poettering
74b2466e LP	8	***/
74b2466e LP	9
3c0cf502 LP	10	#include "in-addr-util.h"
3c0cf502 LP	11
5d67a7ae IT	12	#if HAVE_GNUTLS
	13	#include <gnutls/gnutls.h>
	14	#endif
	15
74b2466e	16	typedef struct DnsServer DnsServer;
74b2466e	17
4e945a6f LP	18	typedef enum DnsServerType {
	19	DNS_SERVER_SYSTEM,
	20	DNS_SERVER_FALLBACK,
	21	DNS_SERVER_LINK,
	22	} DnsServerType;
e3309036 ZJS	23	#define _DNS_SERVER_TYPE_MAX (DNS_SERVER_LINK + 1)
	24
	25	const char* dns_server_type_to_string(DnsServerType i) _const_;
	26	DnsServerType dns_server_type_from_string(const char *s) _pure_;
4e945a6f	27
be808ea0 TG	28	typedef enum DnsServerFeatureLevel {
	29	DNS_SERVER_FEATURE_LEVEL_TCP,
	30	DNS_SERVER_FEATURE_LEVEL_UDP,
9c5e12a4	31	DNS_SERVER_FEATURE_LEVEL_EDNS0,
5d67a7ae	32	DNS_SERVER_FEATURE_LEVEL_TLS_PLAIN,
7586f4d1	33	DNS_SERVER_FEATURE_LEVEL_DO,
d74fb368	34	DNS_SERVER_FEATURE_LEVEL_LARGE,
5d67a7ae	35	DNS_SERVER_FEATURE_LEVEL_TLS_DO,
be808ea0 TG	36	_DNS_SERVER_FEATURE_LEVEL_MAX,
	37	_DNS_SERVER_FEATURE_LEVEL_INVALID = -1
	38	} DnsServerFeatureLevel;
	39
	40	#define DNS_SERVER_FEATURE_LEVEL_WORST 0
	41	#define DNS_SERVER_FEATURE_LEVEL_BEST (_DNS_SERVER_FEATURE_LEVEL_MAX - 1)
5d67a7ae	42	#define DNS_SERVER_FEATURE_LEVEL_IS_TLS(x) IN_SET(x, DNS_SERVER_FEATURE_LEVEL_TLS_PLAIN, DNS_SERVER_FEATURE_LEVEL_TLS_DO)
be808ea0 TG	43
	44	const char* dns_server_feature_level_to_string(int i) _const_;
	45	int dns_server_feature_level_from_string(const char *s) _pure_;
	46
3e684349	47	#include "resolved-link.h"
be808ea0	48	#include "resolved-manager.h"
3e684349	49
74b2466e LP	50	struct DnsServer {
74b2466e LP	51	Manager *manager;
74b2466e	52
91b14d6f TG	53	unsigned n_ref;
91b14d6f TG	54
4e945a6f	55	DnsServerType type;
3c0cf502 LP	56	Link *link;
3c0cf502 LP	57
0dd25fb9	58	int family;
74b2466e	59	union in_addr_union address;
2817157b	60	int ifindex; /* for IPv6 link-local DNS servers */
74b2466e	61
6cb08a89	62	char *server_string;
98767d75	63	DnsStream *stream;
6cb08a89	64
5d67a7ae IT	65	#if HAVE_GNUTLS
	66	gnutls_certificate_credentials_t tls_cert_cred;
	67	gnutls_datum_t tls_session_data;
	68	#endif
	69
f4461e56 LP	70	DnsServerFeatureLevel verified_feature_level;
f4461e56 LP	71	DnsServerFeatureLevel possible_feature_level;
de54e62b	72
d74fb368	73	size_t received_udp_packet_max;
de54e62b	74
6bb2c085 LP	75	unsigned n_failed_udp;
6bb2c085 LP	76	unsigned n_failed_tcp;
5d67a7ae	77	unsigned n_failed_tls;
de54e62b	78
6bb2c085	79	bool packet_truncated:1;
de54e62b LP	80	bool packet_bad_opt:1;
	81	bool packet_rrsig_missing:1;
	82
be808ea0 TG	83	usec_t verified_usec;
be808ea0 TG	84	usec_t features_grace_period_usec;
74b2466e	85
1e02e182 LP	86	/* Whether we already warned about downgrading to non-DNSSEC mode for this server */
	87	bool warned_downgrade:1;
	88
b652d4a2 LP	89	/* Used when GC'ing old DNS servers when configuration changes. */
	90	bool marked:1;
	91
0eac4623 LP	92	/* If linked is set, then this server appears in the servers linked list */
0eac4623 LP	93	bool linked:1;
74b2466e LP	94	LIST_FIELDS(DnsServer, servers);
	95	};
	96
	97	int dns_server_new(
	98	Manager *m,
0b58db65	99	DnsServer **ret,
4e945a6f	100	DnsServerType type,
0b58db65	101	Link *link,
0dd25fb9	102	int family,
2817157b LP	103	const union in_addr_union *address,
2817157b LP	104	int ifindex);
74b2466e	105
91b14d6f TG	106	DnsServer* dns_server_ref(DnsServer *s);
91b14d6f TG	107	DnsServer* dns_server_unref(DnsServer *s);
87f5a193	108
0eac4623	109	void dns_server_unlink(DnsServer *s);
0b58db65	110	void dns_server_move_back_and_unmark(DnsServer *s);
0eac4623	111
dbc4661a	112	void dns_server_packet_received(DnsServer *s, int protocol, DnsServerFeatureLevel level, size_t size);
3da3cdd5	113	void dns_server_packet_lost(DnsServer *s, int protocol, DnsServerFeatureLevel level);
6bb2c085	114	void dns_server_packet_truncated(DnsServer *s, DnsServerFeatureLevel level);
de54e62b LP	115	void dns_server_packet_rrsig_missing(DnsServer *s, DnsServerFeatureLevel level);
de54e62b LP	116	void dns_server_packet_bad_opt(DnsServer *s, DnsServerFeatureLevel level);
d001e0a3	117	void dns_server_packet_rcode_downgrade(DnsServer *s, DnsServerFeatureLevel level);
9df3ba6c	118
f4461e56 LP	119	DnsServerFeatureLevel dns_server_possible_feature_level(DnsServer *s);
f4461e56 LP	120
519ef046 LP	121	int dns_server_adjust_opt(DnsServer server, DnsPacket packet, DnsServerFeatureLevel level);
519ef046 LP	122
6cb08a89	123	const char dns_server_string(DnsServer server);
2817157b	124	int dns_server_ifindex(const DnsServer *s);
6cb08a89	125
92ec902a LP	126	bool dns_server_dnssec_supported(DnsServer *server);
92ec902a LP	127
1e02e182 LP	128	void dns_server_warn_downgrade(DnsServer *server);
1e02e182 LP	129
b9fe94ca MP	130	bool dns_server_limited_domains(DnsServer *server);
b9fe94ca MP	131
2817157b	132	DnsServer dns_server_find(DnsServer first, int family, const union in_addr_union *in_addr, int ifindex);
4b95f179 LP	133
	134	void dns_server_unlink_all(DnsServer *first);
	135	void dns_server_unlink_marked(DnsServer *first);
	136	void dns_server_mark_all(DnsServer *first);
f2f1dbe5	137
4b95f179	138	DnsServer manager_get_first_dns_server(Manager m, DnsServerType t);
636e813d	139
0eac4623	140	DnsServer manager_set_dns_server(Manager m, DnsServer *s);
0eac4623 LP	141	DnsServer manager_get_dns_server(Manager m);
	142	void manager_next_dns_server(Manager *m);
	143
b30bf55d LP	144	bool dns_server_address_valid(int family, const union in_addr_union *sa);
b30bf55d LP	145
12bf2331	146	DnssecMode dns_server_get_dnssec_mode(DnsServer *s);
c9299be2	147	DnsOverTlsMode dns_server_get_dns_over_tls_mode(DnsServer *s);
12bf2331	148
8300ba21 TG	149	DEFINE_TRIVIAL_CLEANUP_FUNC(DnsServer*, dns_server_unref);
8300ba21 TG	150
d5099efc	151	extern const struct hash_ops dns_server_hash_ops;
ce7c8b20 LP	152
ce7c8b20 LP	153	void dns_server_flush_cache(DnsServer *s);
59c0fd0e LP	154
	155	void dns_server_reset_features(DnsServer *s);
	156	void dns_server_reset_features_all(DnsServer *s);
cf84484a LP	157
cf84484a LP	158	void dns_server_dump(DnsServer s, FILE f);