4 This file is part of systemd.
6 Copyright 2014 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <netinet/in.h>
27 #include "in-addr-util.h"
30 typedef struct DnsResourceKey DnsResourceKey
;
31 typedef struct DnsResourceRecord DnsResourceRecord
;
32 typedef struct DnsTxtItem DnsTxtItem
;
35 #define DNSKEY_FLAG_SEP (UINT16_C(1) << 0)
36 #define DNSKEY_FLAG_REVOKE (UINT16_C(1) << 7)
37 #define DNSKEY_FLAG_ZONE_KEY (UINT16_C(1) << 8)
40 #define MDNS_RR_CACHE_FLUSH (UINT16_C(1) << 15)
42 /* DNSSEC algorithm identifiers, see
43 * http://tools.ietf.org/html/rfc4034#appendix-A.1 and
44 * https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml */
46 DNSSEC_ALGORITHM_RSAMD5
= 1,
50 DNSSEC_ALGORITHM_RSASHA1
,
51 DNSSEC_ALGORITHM_DSA_NSEC3_SHA1
,
52 DNSSEC_ALGORITHM_RSASHA1_NSEC3_SHA1
,
53 DNSSEC_ALGORITHM_RSASHA256
= 8, /* RFC 5702 */
54 DNSSEC_ALGORITHM_RSASHA512
= 10, /* RFC 5702 */
55 DNSSEC_ALGORITHM_ECC_GOST
= 12, /* RFC 5933 */
56 DNSSEC_ALGORITHM_ECDSAP256SHA256
= 13, /* RFC 6605 */
57 DNSSEC_ALGORITHM_ECDSAP384SHA384
= 14, /* RFC 6605 */
58 DNSSEC_ALGORITHM_INDIRECT
= 252,
59 DNSSEC_ALGORITHM_PRIVATEDNS
,
60 DNSSEC_ALGORITHM_PRIVATEOID
,
61 _DNSSEC_ALGORITHM_MAX_DEFINED
64 /* DNSSEC digest identifiers, see
65 * https://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml */
67 DNSSEC_DIGEST_SHA1
= 1,
68 DNSSEC_DIGEST_SHA256
= 2, /* RFC 4509 */
69 DNSSEC_DIGEST_GOST_R_34_11_94
= 3, /* RFC 5933 */
70 DNSSEC_DIGEST_SHA384
= 4, /* RFC 6605 */
71 _DNSSEC_DIGEST_MAX_DEFINED
74 /* DNSSEC NSEC3 hash algorithms, see
75 * https://www.iana.org/assignments/dnssec-nsec3-parameters/dnssec-nsec3-parameters.xhtml */
77 NSEC3_ALGORITHM_SHA1
= 1,
78 _NSEC3_ALGORITHM_MAX_DEFINED
81 struct DnsResourceKey
{
82 unsigned n_ref
; /* (unsigned -1) for const keys, see below */
84 char *_name
; /* don't access directy, use DNS_RESOURCE_KEY_NAME()! */
87 /* Creates a temporary resource key. This is only useful to quickly
88 * look up something, without allocating a full DnsResourceKey object
89 * for it. Note that it is not OK to take references to this kind of
90 * resource key object. */
91 #define DNS_RESOURCE_KEY_CONST(c, t, n) \
93 .n_ref = (unsigned) -1, \
102 LIST_FIELDS(DnsTxtItem
, items
);
106 struct DnsResourceRecord
{
113 usec_t expiry
; /* RRSIG signature expiry */
115 /* How many labels to strip to determine "signer" of the RRSIG (aka, the zone). -1 if not signed. */
116 unsigned n_skip_labels_signer
;
117 /* How many labels to strip to determine "synthesizing source" of this RR, i.e. the wildcard's immediate parent. -1 if not signed. */
118 unsigned n_skip_labels_source
;
122 bool wire_format_canonical
:1;
124 size_t wire_format_size
;
125 size_t wire_format_rdata_offset
;
142 } ptr
, ns
, cname
, dname
;
154 struct in_addr in_addr
;
158 struct in6_addr in6_addr
;
176 /* https://tools.ietf.org/html/rfc1876 */
187 /* https://tools.ietf.org/html/rfc4255#section-3.1 */
192 size_t fingerprint_size
;
195 /* http://tools.ietf.org/html/rfc4034#section-2.1 */
204 /* http://tools.ietf.org/html/rfc4034#section-3.1 */
206 uint16_t type_covered
;
209 uint32_t original_ttl
;
215 size_t signature_size
;
218 /* https://tools.ietf.org/html/rfc4034#section-4.1 */
220 char *next_domain_name
;
224 /* https://tools.ietf.org/html/rfc4034#section-5.1 */
239 void *next_hashed_name
;
240 size_t next_hashed_name_size
;
244 /* https://tools.ietf.org/html/draft-ietf-dane-protocol-23 */
248 uint8_t matching_type
;
255 static inline const char* DNS_RESOURCE_KEY_NAME(const DnsResourceKey
*key
) {
262 return (char*) key
+ sizeof(DnsResourceKey
);
265 static inline const void* DNS_RESOURCE_RECORD_RDATA(DnsResourceRecord
*rr
) {
269 if (!rr
->wire_format
)
272 assert(rr
->wire_format_rdata_offset
<= rr
->wire_format_size
);
273 return (uint8_t*) rr
->wire_format
+ rr
->wire_format_rdata_offset
;
276 static inline size_t DNS_RESOURCE_RECORD_RDATA_SIZE(DnsResourceRecord
*rr
) {
279 if (!rr
->wire_format
)
282 assert(rr
->wire_format_rdata_offset
<= rr
->wire_format_size
);
283 return rr
->wire_format_size
- rr
->wire_format_rdata_offset
;
286 DnsResourceKey
* dns_resource_key_new(uint16_t class, uint16_t type
, const char *name
);
287 DnsResourceKey
* dns_resource_key_new_redirect(const DnsResourceKey
*key
, const DnsResourceRecord
*cname
);
288 int dns_resource_key_new_append_suffix(DnsResourceKey
**ret
, DnsResourceKey
*key
, char *name
);
289 DnsResourceKey
* dns_resource_key_new_consume(uint16_t class, uint16_t type
, char *name
);
290 DnsResourceKey
* dns_resource_key_ref(DnsResourceKey
*key
);
291 DnsResourceKey
* dns_resource_key_unref(DnsResourceKey
*key
);
292 bool dns_resource_key_is_address(const DnsResourceKey
*key
);
293 int dns_resource_key_equal(const DnsResourceKey
*a
, const DnsResourceKey
*b
);
294 int dns_resource_key_match_rr(const DnsResourceKey
*key
, DnsResourceRecord
*rr
, const char *search_domain
);
295 int dns_resource_key_match_cname_or_dname(const DnsResourceKey
*key
, const DnsResourceKey
*cname
, const char *search_domain
);
296 int dns_resource_key_match_soa(const DnsResourceKey
*key
, const DnsResourceKey
*soa
);
297 int dns_resource_key_to_string(const DnsResourceKey
*key
, char **ret
);
298 DEFINE_TRIVIAL_CLEANUP_FUNC(DnsResourceKey
*, dns_resource_key_unref
);
300 static inline bool dns_key_is_shared(const DnsResourceKey
*key
) {
301 return IN_SET(key
->type
, DNS_TYPE_PTR
);
304 bool dns_resource_key_reduce(DnsResourceKey
**a
, DnsResourceKey
**b
);
306 DnsResourceRecord
* dns_resource_record_new(DnsResourceKey
*key
);
307 DnsResourceRecord
* dns_resource_record_new_full(uint16_t class, uint16_t type
, const char *name
);
308 DnsResourceRecord
* dns_resource_record_ref(DnsResourceRecord
*rr
);
309 DnsResourceRecord
* dns_resource_record_unref(DnsResourceRecord
*rr
);
310 int dns_resource_record_new_reverse(DnsResourceRecord
**ret
, int family
, const union in_addr_union
*address
, const char *name
);
311 int dns_resource_record_new_address(DnsResourceRecord
**ret
, int family
, const union in_addr_union
*address
, const char *name
);
312 int dns_resource_record_equal(const DnsResourceRecord
*a
, const DnsResourceRecord
*b
);
313 const char* dns_resource_record_to_string(DnsResourceRecord
*rr
);
314 DEFINE_TRIVIAL_CLEANUP_FUNC(DnsResourceRecord
*, dns_resource_record_unref
);
316 int dns_resource_record_to_wire_format(DnsResourceRecord
*rr
, bool canonical
);
318 int dns_resource_record_signer(DnsResourceRecord
*rr
, const char **ret
);
319 int dns_resource_record_source(DnsResourceRecord
*rr
, const char **ret
);
320 int dns_resource_record_is_signer(DnsResourceRecord
*rr
, const char *zone
);
321 int dns_resource_record_is_synthetic(DnsResourceRecord
*rr
);
323 DnsTxtItem
*dns_txt_item_free_all(DnsTxtItem
*i
);
324 bool dns_txt_item_equal(DnsTxtItem
*a
, DnsTxtItem
*b
);
326 extern const struct hash_ops dns_resource_key_hash_ops
;
327 extern const struct hash_ops dns_resource_record_hash_ops
;
329 int dnssec_algorithm_to_string_alloc(int i
, char **ret
);
330 int dnssec_algorithm_from_string(const char *s
) _pure_
;
332 int dnssec_digest_to_string_alloc(int i
, char **ret
);
333 int dnssec_digest_from_string(const char *s
) _pure_
;