[systemd.git] / src / resolve / resolved-dns-rr.h

/* SPDX-License-Identifier: LGPL-2.1-or-later */
#pragma once

#include <netinet/in.h>

#include "bitmap.h"
#include "dns-def.h"
#include "dns-type.h"
#include "hashmap.h"
#include "in-addr-util.h"
#include "list.h"
#include "string-util.h"
#include "time-util.h"

typedef struct DnsResourceKey DnsResourceKey;
typedef struct DnsResourceRecord DnsResourceRecord;
typedef struct DnsTxtItem DnsTxtItem;

/* DNSKEY RR flags */
#define DNSKEY_FLAG_SEP            (UINT16_C(1) << 0)
#define DNSKEY_FLAG_REVOKE         (UINT16_C(1) << 7)
#define DNSKEY_FLAG_ZONE_KEY       (UINT16_C(1) << 8)

/* mDNS RR flags */
#define MDNS_RR_CACHE_FLUSH_OR_QU  (UINT16_C(1) << 15)

/* DNSSEC algorithm identifiers, see
 * http://tools.ietf.org/html/rfc4034#appendix-A.1 and
 * https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml */
enum {
        DNSSEC_ALGORITHM_RSAMD5 = 1,
        DNSSEC_ALGORITHM_DH,
        DNSSEC_ALGORITHM_DSA,
        DNSSEC_ALGORITHM_ECC,
        DNSSEC_ALGORITHM_RSASHA1,
        DNSSEC_ALGORITHM_DSA_NSEC3_SHA1,
        DNSSEC_ALGORITHM_RSASHA1_NSEC3_SHA1,
        DNSSEC_ALGORITHM_RSASHA256 = 8,        /* RFC 5702 */
        DNSSEC_ALGORITHM_RSASHA512 = 10,       /* RFC 5702 */
        DNSSEC_ALGORITHM_ECC_GOST = 12,        /* RFC 5933 */
        DNSSEC_ALGORITHM_ECDSAP256SHA256 = 13, /* RFC 6605 */
        DNSSEC_ALGORITHM_ECDSAP384SHA384 = 14, /* RFC 6605 */
        DNSSEC_ALGORITHM_ED25519 = 15,         /* RFC 8080 */
        DNSSEC_ALGORITHM_ED448 = 16,           /* RFC 8080 */
        DNSSEC_ALGORITHM_INDIRECT = 252,
        DNSSEC_ALGORITHM_PRIVATEDNS,
        DNSSEC_ALGORITHM_PRIVATEOID,
        _DNSSEC_ALGORITHM_MAX_DEFINED
};

/* DNSSEC digest identifiers, see
 * https://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml */
enum {
        DNSSEC_DIGEST_SHA1 = 1,
        DNSSEC_DIGEST_SHA256 = 2,              /* RFC 4509 */
        DNSSEC_DIGEST_GOST_R_34_11_94 = 3,     /* RFC 5933 */
        DNSSEC_DIGEST_SHA384 = 4,              /* RFC 6605 */
        _DNSSEC_DIGEST_MAX_DEFINED
};

/* DNSSEC NSEC3 hash algorithms, see
 * https://www.iana.org/assignments/dnssec-nsec3-parameters/dnssec-nsec3-parameters.xhtml */
enum {
        NSEC3_ALGORITHM_SHA1 = 1,
        _NSEC3_ALGORITHM_MAX_DEFINED
};

struct DnsResourceKey {
        unsigned n_ref; /* (unsigned -1) for const keys, see below */
        uint16_t class, type;
        char *_name; /* don't access directly, use dns_resource_key_name()! */
};

/* Creates a temporary resource key. This is only useful to quickly
 * look up something, without allocating a full DnsResourceKey object
 * for it. Note that it is not OK to take references to this kind of
 * resource key object. */
#define DNS_RESOURCE_KEY_CONST(c, t, n)                 \
        ((DnsResourceKey) {                             \
                .n_ref = UINT_MAX,                      \
                .class = c,                             \
                .type = t,                              \
                ._name = (char*) n,                     \
        })

struct DnsTxtItem {
        size_t length;
        LIST_FIELDS(DnsTxtItem, items);
        uint8_t data[];
};

struct DnsResourceRecord {
        unsigned n_ref;
        uint32_t ttl;
        usec_t expiry; /* RRSIG signature expiry */

        DnsResourceKey *key;

        char *to_string;

        /* How many labels to strip to determine "signer" of the RRSIG (aka, the zone). -1 if not signed. */
        uint8_t n_skip_labels_signer;
        /* How many labels to strip to determine "synthesizing source" of this RR, i.e. the wildcard's immediate parent. -1 if not signed. */
        uint8_t n_skip_labels_source;

        bool unparsable;
        bool wire_format_canonical;

        void *wire_format;
        size_t wire_format_size;
        size_t wire_format_rdata_offset;

        union {
                struct {
                        void *data;
                        size_t data_size;
                } generic, opt;

                struct {
                        char *name;
                        uint16_t priority;
                        uint16_t weight;
                        uint16_t port;
                } srv;

                struct {
                        char *name;
                } ptr, ns, cname, dname;

                struct {
                        char *cpu;
                        char *os;
                } hinfo;

                struct {
                        DnsTxtItem *items;
                } txt, spf;

                struct {
                        struct in_addr in_addr;
                } a;

                struct {
                        struct in6_addr in6_addr;
                } aaaa;

                struct {
                        char *mname;
                        char *rname;
                        uint32_t serial;
                        uint32_t refresh;
                        uint32_t retry;
                        uint32_t expire;
                        uint32_t minimum;
                } soa;

                struct {
                        char *exchange;
                        uint16_t priority;
                } mx;

                /* https://tools.ietf.org/html/rfc1876 */
                struct {
                        uint8_t version;
                        uint8_t size;
                        uint8_t horiz_pre;
                        uint8_t vert_pre;
                        uint32_t latitude;
                        uint32_t longitude;
                        uint32_t altitude;
                } loc;

                /* https://tools.ietf.org/html/rfc4255#section-3.1 */
                struct {
                        void *fingerprint;
                        size_t fingerprint_size;

                        uint8_t algorithm;
                        uint8_t fptype;
                } sshfp;

                /* http://tools.ietf.org/html/rfc4034#section-2.1 */
                struct {
                        void* key;
                        size_t key_size;

                        uint16_t flags;
                        uint8_t protocol;
                        uint8_t algorithm;
                } dnskey;

                /* http://tools.ietf.org/html/rfc4034#section-3.1 */
                struct {
                        char *signer;
                        void *signature;
                        size_t signature_size;

                        uint16_t type_covered;
                        uint8_t algorithm;
                        uint8_t labels;
                        uint32_t original_ttl;
                        uint32_t expiration;
                        uint32_t inception;
                        uint16_t key_tag;
                } rrsig;

                /* https://tools.ietf.org/html/rfc4034#section-4.1 */
                struct {
                        char *next_domain_name;
                        Bitmap *types;
                } nsec;

                /* https://tools.ietf.org/html/rfc4034#section-5.1 */
                struct {
                        void *digest;
                        size_t digest_size;

                        uint16_t key_tag;
                        uint8_t algorithm;
                        uint8_t digest_type;
                } ds;

                struct {
                        Bitmap *types;
                        void *salt;
                        size_t salt_size;
                        void *next_hashed_name;
                        size_t next_hashed_name_size;

                        uint8_t algorithm;
                        uint8_t flags;
                        uint16_t iterations;
                } nsec3;

                /* https://tools.ietf.org/html/draft-ietf-dane-protocol-23 */
                struct {
                        void *data;
                        size_t data_size;

                        uint8_t cert_usage;
                        uint8_t selector;
                        uint8_t matching_type;
                } tlsa;

                /* https://tools.ietf.org/html/rfc6844 */
                struct {
                        char *tag;
                        void *value;
                        size_t value_size;

                        uint8_t flags;
                } caa;
        };

        /* Note: fields should be ordered to minimize alignment gaps. Use pahole! */
};

/* We use uint8_t for label counts above, and UINT8_MAX/-1 has special meaning. */
assert_cc(DNS_N_LABELS_MAX < UINT8_MAX);

static inline const void* DNS_RESOURCE_RECORD_RDATA(const DnsResourceRecord *rr) {
        if (!rr)
                return NULL;

        if (!rr->wire_format)
                return NULL;

        assert(rr->wire_format_rdata_offset <= rr->wire_format_size);
        return (uint8_t*) rr->wire_format + rr->wire_format_rdata_offset;
}

static inline size_t DNS_RESOURCE_RECORD_RDATA_SIZE(const DnsResourceRecord *rr) {
        if (!rr)
                return 0;
        if (!rr->wire_format)
                return 0;

        assert(rr->wire_format_rdata_offset <= rr->wire_format_size);
        return rr->wire_format_size - rr->wire_format_rdata_offset;
}

static inline uint8_t DNS_RESOURCE_RECORD_OPT_VERSION_SUPPORTED(const DnsResourceRecord *rr) {
        assert(rr);
        assert(rr->key->type == DNS_TYPE_OPT);

        return ((rr->ttl >> 16) & 0xFF) == 0;
}

DnsResourceKey* dns_resource_key_new(uint16_t class, uint16_t type, const char *name);
DnsResourceKey* dns_resource_key_new_redirect(const DnsResourceKey *key, const DnsResourceRecord *cname);
int dns_resource_key_new_append_suffix(DnsResourceKey **ret, DnsResourceKey *key, char *name);
DnsResourceKey* dns_resource_key_new_consume(uint16_t class, uint16_t type, char *name);
DnsResourceKey* dns_resource_key_ref(DnsResourceKey *key);
DnsResourceKey* dns_resource_key_unref(DnsResourceKey *key);
const char* dns_resource_key_name(const DnsResourceKey *key);
bool dns_resource_key_is_address(const DnsResourceKey *key);
bool dns_resource_key_is_dnssd_ptr(const DnsResourceKey *key);
int dns_resource_key_equal(const DnsResourceKey *a, const DnsResourceKey *b);
int dns_resource_key_match_rr(const DnsResourceKey *key, DnsResourceRecord *rr, const char *search_domain);
int dns_resource_key_match_cname_or_dname(const DnsResourceKey *key, const DnsResourceKey *cname, const char *search_domain);
int dns_resource_key_match_soa(const DnsResourceKey *key, const DnsResourceKey *soa);

/* _DNS_{CLASS,TYPE}_STRING_MAX include one byte for NUL, which we use for space instead below.
 * DNS_HOSTNAME_MAX does not include the NUL byte, so we need to add 1. */
#define DNS_RESOURCE_KEY_STRING_MAX (_DNS_CLASS_STRING_MAX + _DNS_TYPE_STRING_MAX + DNS_HOSTNAME_MAX + 1)

char* dns_resource_key_to_string(const DnsResourceKey *key, char *buf, size_t buf_size);
ssize_t dns_resource_record_payload(DnsResourceRecord *rr, void **out);

DEFINE_TRIVIAL_CLEANUP_FUNC(DnsResourceKey*, dns_resource_key_unref);

static inline bool dns_key_is_shared(const DnsResourceKey *key) {
        return IN_SET(key->type, DNS_TYPE_PTR);
}

bool dns_resource_key_reduce(DnsResourceKey **a, DnsResourceKey **b);

DnsResourceRecord* dns_resource_record_new(DnsResourceKey *key);
DnsResourceRecord* dns_resource_record_new_full(uint16_t class, uint16_t type, const char *name);
DnsResourceRecord* dns_resource_record_ref(DnsResourceRecord *rr);
DnsResourceRecord* dns_resource_record_unref(DnsResourceRecord *rr);
int dns_resource_record_new_reverse(DnsResourceRecord **ret, int family, const union in_addr_union *address, const char *name);
int dns_resource_record_new_address(DnsResourceRecord **ret, int family, const union in_addr_union *address, const char *name);
int dns_resource_record_equal(const DnsResourceRecord *a, const DnsResourceRecord *b);
int dns_resource_record_payload_equal(const DnsResourceRecord *a, const DnsResourceRecord *b);

const char* dns_resource_record_to_string(DnsResourceRecord *rr);
DnsResourceRecord *dns_resource_record_copy(DnsResourceRecord *rr);
DEFINE_TRIVIAL_CLEANUP_FUNC(DnsResourceRecord*, dns_resource_record_unref);

int dns_resource_record_to_wire_format(DnsResourceRecord *rr, bool canonical);

int dns_resource_record_signer(DnsResourceRecord *rr, const char **ret);
int dns_resource_record_source(DnsResourceRecord *rr, const char **ret);
int dns_resource_record_is_signer(DnsResourceRecord *rr, const char *zone);
int dns_resource_record_is_synthetic(DnsResourceRecord *rr);

int dns_resource_record_clamp_ttl(DnsResourceRecord **rr, uint32_t max_ttl);

bool dns_resource_record_is_link_local_address(DnsResourceRecord *rr);

int dns_resource_record_get_cname_target(DnsResourceKey *key, DnsResourceRecord *cname, char **ret);

DnsTxtItem *dns_txt_item_free_all(DnsTxtItem *i);
bool dns_txt_item_equal(DnsTxtItem *a, DnsTxtItem *b);
DnsTxtItem *dns_txt_item_copy(DnsTxtItem *i);
int dns_txt_item_new_empty(DnsTxtItem **ret);

void dns_resource_record_hash_func(const DnsResourceRecord *i, struct siphash *state);
int dns_resource_record_compare_func(const DnsResourceRecord *x, const DnsResourceRecord *y);

extern const struct hash_ops dns_resource_key_hash_ops;
extern const struct hash_ops dns_resource_record_hash_ops;

int dnssec_algorithm_to_string_alloc(int i, char **ret);
int dnssec_algorithm_from_string(const char *s) _pure_;

int dnssec_digest_to_string_alloc(int i, char **ret);
int dnssec_digest_from_string(const char *s) _pure_;
Commit	Line	Data
a032b68d	1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
5eef597e MP	2	#pragma once
5eef597e MP	3
5eef597e MP	4	#include <netinet/in.h>
5eef597e MP	5
7035cd9e	6	#include "bitmap.h"
8b3d4ff0	7	#include "dns-def.h"
4c89c718	8	#include "dns-type.h"
5eef597e MP	9	#include "hashmap.h"
5eef597e MP	10	#include "in-addr-util.h"
4c89c718	11	#include "list.h"
aa27b158	12	#include "string-util.h"
bb4f798a	13	#include "time-util.h"
5eef597e MP	14
	15	typedef struct DnsResourceKey DnsResourceKey;
	16	typedef struct DnsResourceRecord DnsResourceRecord;
4c89c718 MP	17	typedef struct DnsTxtItem DnsTxtItem;
	18
	19	/* DNSKEY RR flags */
5b5a102a MB	20	#define DNSKEY_FLAG_SEP (UINT16_C(1) << 0)
	21	#define DNSKEY_FLAG_REVOKE (UINT16_C(1) << 7)
	22	#define DNSKEY_FLAG_ZONE_KEY (UINT16_C(1) << 8)
4c89c718 MP	23
4c89c718 MP	24	/* mDNS RR flags */
5b5a102a	25	#define MDNS_RR_CACHE_FLUSH_OR_QU (UINT16_C(1) << 15)
4c89c718 MP	26
	27	/* DNSSEC algorithm identifiers, see
	28	* http://tools.ietf.org/html/rfc4034#appendix-A.1 and
	29	* https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml */
	30	enum {
	31	DNSSEC_ALGORITHM_RSAMD5 = 1,
	32	DNSSEC_ALGORITHM_DH,
	33	DNSSEC_ALGORITHM_DSA,
	34	DNSSEC_ALGORITHM_ECC,
	35	DNSSEC_ALGORITHM_RSASHA1,
	36	DNSSEC_ALGORITHM_DSA_NSEC3_SHA1,
	37	DNSSEC_ALGORITHM_RSASHA1_NSEC3_SHA1,
	38	DNSSEC_ALGORITHM_RSASHA256 = 8, /* RFC 5702 */
	39	DNSSEC_ALGORITHM_RSASHA512 = 10, /* RFC 5702 */
	40	DNSSEC_ALGORITHM_ECC_GOST = 12, /* RFC 5933 */
	41	DNSSEC_ALGORITHM_ECDSAP256SHA256 = 13, /* RFC 6605 */
	42	DNSSEC_ALGORITHM_ECDSAP384SHA384 = 14, /* RFC 6605 */
52ad194e MB	43	DNSSEC_ALGORITHM_ED25519 = 15, /* RFC 8080 */
52ad194e MB	44	DNSSEC_ALGORITHM_ED448 = 16, /* RFC 8080 */
4c89c718 MP	45	DNSSEC_ALGORITHM_INDIRECT = 252,
	46	DNSSEC_ALGORITHM_PRIVATEDNS,
	47	DNSSEC_ALGORITHM_PRIVATEOID,
	48	_DNSSEC_ALGORITHM_MAX_DEFINED
	49	};
	50
	51	/* DNSSEC digest identifiers, see
	52	* https://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml */
	53	enum {
	54	DNSSEC_DIGEST_SHA1 = 1,
	55	DNSSEC_DIGEST_SHA256 = 2, /* RFC 4509 */
	56	DNSSEC_DIGEST_GOST_R_34_11_94 = 3, /* RFC 5933 */
	57	DNSSEC_DIGEST_SHA384 = 4, /* RFC 6605 */
	58	_DNSSEC_DIGEST_MAX_DEFINED
	59	};
5eef597e	60
4c89c718 MP	61	/* DNSSEC NSEC3 hash algorithms, see
4c89c718 MP	62	* https://www.iana.org/assignments/dnssec-nsec3-parameters/dnssec-nsec3-parameters.xhtml */
5eef597e	63	enum {
4c89c718 MP	64	NSEC3_ALGORITHM_SHA1 = 1,
4c89c718 MP	65	_NSEC3_ALGORITHM_MAX_DEFINED
5eef597e MP	66	};
	67
	68	struct DnsResourceKey {
4c89c718	69	unsigned n_ref; /* (unsigned -1) for const keys, see below */
5eef597e	70	uint16_t class, type;
aa27b158	71	char _name; / don't access directly, use dns_resource_key_name()! */
5eef597e MP	72	};
5eef597e MP	73
4c89c718 MP	74	/* Creates a temporary resource key. This is only useful to quickly
	75	* look up something, without allocating a full DnsResourceKey object
	76	* for it. Note that it is not OK to take references to this kind of
	77	* resource key object. */
	78	#define DNS_RESOURCE_KEY_CONST(c, t, n) \
	79	((DnsResourceKey) { \
3a6ce677	80	.n_ref = UINT_MAX, \
4c89c718 MP	81	.class = c, \
	82	.type = t, \
	83	._name = (char*) n, \
	84	})
	85
4c89c718 MP	86	struct DnsTxtItem {
	87	size_t length;
	88	LIST_FIELDS(DnsTxtItem, items);
	89	uint8_t data[];
	90	};
	91
5eef597e MP	92	struct DnsResourceRecord {
5eef597e MP	93	unsigned n_ref;
8b3d4ff0 MB	94	uint32_t ttl;
	95	usec_t expiry; /* RRSIG signature expiry */
	96
5eef597e	97	DnsResourceKey *key;
4c89c718 MP	98
	99	char *to_string;
	100
4c89c718	101	/* How many labels to strip to determine "signer" of the RRSIG (aka, the zone). -1 if not signed. */
8b3d4ff0	102	uint8_t n_skip_labels_signer;
4c89c718	103	/* How many labels to strip to determine "synthesizing source" of this RR, i.e. the wildcard's immediate parent. -1 if not signed. */
8b3d4ff0	104	uint8_t n_skip_labels_source;
4c89c718	105
8b3d4ff0 MB	106	bool unparsable;
8b3d4ff0 MB	107	bool wire_format_canonical;
4c89c718	108
4c89c718 MP	109	void *wire_format;
	110	size_t wire_format_size;
	111	size_t wire_format_rdata_offset;
	112
5eef597e MP	113	union {
	114	struct {
	115	void *data;
4c89c718 MP	116	size_t data_size;
4c89c718 MP	117	} generic, opt;
5eef597e MP	118
5eef597e MP	119	struct {
8b3d4ff0	120	char *name;
5eef597e MP	121	uint16_t priority;
	122	uint16_t weight;
	123	uint16_t port;
5eef597e MP	124	} srv;
	125
	126	struct {
	127	char *name;
	128	} ptr, ns, cname, dname;
	129
	130	struct {
	131	char *cpu;
	132	char *os;
	133	} hinfo;
	134
	135	struct {
4c89c718	136	DnsTxtItem *items;
5eef597e MP	137	} txt, spf;
	138
	139	struct {
	140	struct in_addr in_addr;
	141	} a;
	142
	143	struct {
	144	struct in6_addr in6_addr;
	145	} aaaa;
	146
	147	struct {
	148	char *mname;
	149	char *rname;
	150	uint32_t serial;
	151	uint32_t refresh;
	152	uint32_t retry;
	153	uint32_t expire;
	154	uint32_t minimum;
	155	} soa;
	156
	157	struct {
5eef597e	158	char *exchange;
8b3d4ff0	159	uint16_t priority;
5eef597e MP	160	} mx;
5eef597e MP	161
4c89c718	162	/* https://tools.ietf.org/html/rfc1876 */
5eef597e MP	163	struct {
	164	uint8_t version;
	165	uint8_t size;
	166	uint8_t horiz_pre;
	167	uint8_t vert_pre;
	168	uint32_t latitude;
	169	uint32_t longitude;
	170	uint32_t altitude;
	171	} loc;
	172
7035cd9e	173	/* https://tools.ietf.org/html/rfc4255#section-3.1 */
5eef597e	174	struct {
7035cd9e MP	175	void *fingerprint;
7035cd9e MP	176	size_t fingerprint_size;
8b3d4ff0 MB	177
	178	uint8_t algorithm;
	179	uint8_t fptype;
5eef597e MP	180	} sshfp;
	181
	182	/* http://tools.ietf.org/html/rfc4034#section-2.1 */
	183	struct {
8b3d4ff0 MB	184	void* key;
	185	size_t key_size;
	186
4c89c718 MP	187	uint16_t flags;
4c89c718 MP	188	uint8_t protocol;
5eef597e	189	uint8_t algorithm;
5eef597e MP	190	} dnskey;
	191
	192	/* http://tools.ietf.org/html/rfc4034#section-3.1 */
	193	struct {
8b3d4ff0 MB	194	char *signer;
	195	void *signature;
	196	size_t signature_size;
	197
5eef597e MP	198	uint16_t type_covered;
	199	uint8_t algorithm;
	200	uint8_t labels;
	201	uint32_t original_ttl;
	202	uint32_t expiration;
	203	uint32_t inception;
	204	uint16_t key_tag;
5eef597e	205	} rrsig;
7035cd9e	206
4c89c718	207	/* https://tools.ietf.org/html/rfc4034#section-4.1 */
7035cd9e MP	208	struct {
	209	char *next_domain_name;
	210	Bitmap *types;
	211	} nsec;
	212
4c89c718 MP	213	/* https://tools.ietf.org/html/rfc4034#section-5.1 */
4c89c718 MP	214	struct {
8b3d4ff0 MB	215	void *digest;
	216	size_t digest_size;
	217
4c89c718 MP	218	uint16_t key_tag;
	219	uint8_t algorithm;
	220	uint8_t digest_type;
4c89c718 MP	221	} ds;
4c89c718 MP	222
7035cd9e	223	struct {
8b3d4ff0	224	Bitmap *types;
7035cd9e MP	225	void *salt;
	226	size_t salt_size;
	227	void *next_hashed_name;
	228	size_t next_hashed_name_size;
8b3d4ff0 MB	229
	230	uint8_t algorithm;
	231	uint8_t flags;
	232	uint16_t iterations;
7035cd9e	233	} nsec3;
4c89c718 MP	234
	235	/* https://tools.ietf.org/html/draft-ietf-dane-protocol-23 */
	236	struct {
8b3d4ff0 MB	237	void *data;
	238	size_t data_size;
	239
4c89c718 MP	240	uint8_t cert_usage;
	241	uint8_t selector;
	242	uint8_t matching_type;
4c89c718	243	} tlsa;
aa27b158 MP	244
	245	/* https://tools.ietf.org/html/rfc6844 */
	246	struct {
aa27b158 MP	247	char *tag;
	248	void *value;
	249	size_t value_size;
8b3d4ff0 MB	250
8b3d4ff0 MB	251	uint8_t flags;
aa27b158	252	} caa;
5eef597e	253	};
8b3d4ff0 MB	254
8b3d4ff0 MB	255	/* Note: fields should be ordered to minimize alignment gaps. Use pahole! */
5eef597e MP	256	};
5eef597e MP	257
8b3d4ff0 MB	258	/* We use uint8_t for label counts above, and UINT8_MAX/-1 has special meaning. */
	259	assert_cc(DNS_N_LABELS_MAX < UINT8_MAX);
	260
6e866b33	261	static inline const void* DNS_RESOURCE_RECORD_RDATA(const DnsResourceRecord *rr) {
4c89c718 MP	262	if (!rr)
	263	return NULL;
	264
	265	if (!rr->wire_format)
	266	return NULL;
	267
	268	assert(rr->wire_format_rdata_offset <= rr->wire_format_size);
	269	return (uint8_t*) rr->wire_format + rr->wire_format_rdata_offset;
	270	}
	271
6e866b33	272	static inline size_t DNS_RESOURCE_RECORD_RDATA_SIZE(const DnsResourceRecord *rr) {
4c89c718 MP	273	if (!rr)
	274	return 0;
	275	if (!rr->wire_format)
	276	return 0;
	277
	278	assert(rr->wire_format_rdata_offset <= rr->wire_format_size);
	279	return rr->wire_format_size - rr->wire_format_rdata_offset;
	280	}
	281
6e866b33	282	static inline uint8_t DNS_RESOURCE_RECORD_OPT_VERSION_SUPPORTED(const DnsResourceRecord *rr) {
5a920b42 MP	283	assert(rr);
	284	assert(rr->key->type == DNS_TYPE_OPT);
	285
	286	return ((rr->ttl >> 16) & 0xFF) == 0;
	287	}
	288
5eef597e	289	DnsResourceKey* dns_resource_key_new(uint16_t class, uint16_t type, const char *name);
6300502b	290	DnsResourceKey* dns_resource_key_new_redirect(const DnsResourceKey key, const DnsResourceRecord cname);
4c89c718	291	int dns_resource_key_new_append_suffix(DnsResourceKey *ret, DnsResourceKey key, char *name);
5eef597e MP	292	DnsResourceKey* dns_resource_key_new_consume(uint16_t class, uint16_t type, char *name);
	293	DnsResourceKey* dns_resource_key_ref(DnsResourceKey *key);
	294	DnsResourceKey* dns_resource_key_unref(DnsResourceKey *key);
aa27b158	295	const char* dns_resource_key_name(const DnsResourceKey *key);
4c89c718	296	bool dns_resource_key_is_address(const DnsResourceKey *key);
52ad194e	297	bool dns_resource_key_is_dnssd_ptr(const DnsResourceKey *key);
5eef597e	298	int dns_resource_key_equal(const DnsResourceKey a, const DnsResourceKey b);
4c89c718 MP	299	int dns_resource_key_match_rr(const DnsResourceKey key, DnsResourceRecord rr, const char *search_domain);
	300	int dns_resource_key_match_cname_or_dname(const DnsResourceKey key, const DnsResourceKey cname, const char *search_domain);
	301	int dns_resource_key_match_soa(const DnsResourceKey key, const DnsResourceKey soa);
aa27b158 MP	302
	303	/* _DNS_{CLASS,TYPE}_STRING_MAX include one byte for NUL, which we use for space instead below.
	304	* DNS_HOSTNAME_MAX does not include the NUL byte, so we need to add 1. */
	305	#define DNS_RESOURCE_KEY_STRING_MAX (_DNS_CLASS_STRING_MAX + _DNS_TYPE_STRING_MAX + DNS_HOSTNAME_MAX + 1)
	306
	307	char* dns_resource_key_to_string(const DnsResourceKey key, char buf, size_t buf_size);
	308	ssize_t dns_resource_record_payload(DnsResourceRecord rr, void *out);
	309
5eef597e MP	310	DEFINE_TRIVIAL_CLEANUP_FUNC(DnsResourceKey*, dns_resource_key_unref);
5eef597e MP	311
4c89c718 MP	312	static inline bool dns_key_is_shared(const DnsResourceKey *key) {
	313	return IN_SET(key->type, DNS_TYPE_PTR);
	314	}
	315
	316	bool dns_resource_key_reduce(DnsResourceKey a, DnsResourceKey b);
	317
5eef597e MP	318	DnsResourceRecord* dns_resource_record_new(DnsResourceKey *key);
	319	DnsResourceRecord* dns_resource_record_new_full(uint16_t class, uint16_t type, const char *name);
	320	DnsResourceRecord* dns_resource_record_ref(DnsResourceRecord *rr);
	321	DnsResourceRecord* dns_resource_record_unref(DnsResourceRecord *rr);
	322	int dns_resource_record_new_reverse(DnsResourceRecord *ret, int family, const union in_addr_union address, const char *name);
13d276d0	323	int dns_resource_record_new_address(DnsResourceRecord *ret, int family, const union in_addr_union address, const char *name);
5eef597e	324	int dns_resource_record_equal(const DnsResourceRecord a, const DnsResourceRecord b);
bb4f798a MB	325	int dns_resource_record_payload_equal(const DnsResourceRecord a, const DnsResourceRecord b);
bb4f798a MB	326
4c89c718	327	const char* dns_resource_record_to_string(DnsResourceRecord *rr);
5a920b42	328	DnsResourceRecord dns_resource_record_copy(DnsResourceRecord rr);
5eef597e MP	329	DEFINE_TRIVIAL_CLEANUP_FUNC(DnsResourceRecord*, dns_resource_record_unref);
5eef597e MP	330
4c89c718 MP	331	int dns_resource_record_to_wire_format(DnsResourceRecord *rr, bool canonical);
	332
	333	int dns_resource_record_signer(DnsResourceRecord rr, const char *ret);
	334	int dns_resource_record_source(DnsResourceRecord rr, const char *ret);
	335	int dns_resource_record_is_signer(DnsResourceRecord rr, const char zone);
	336	int dns_resource_record_is_synthetic(DnsResourceRecord *rr);
	337
5a920b42 MP	338	int dns_resource_record_clamp_ttl(DnsResourceRecord **rr, uint32_t max_ttl);
5a920b42 MP	339
3a6ce677 BR	340	bool dns_resource_record_is_link_local_address(DnsResourceRecord *rr);
	341
	342	int dns_resource_record_get_cname_target(DnsResourceKey key, DnsResourceRecord cname, char **ret);
	343
4c89c718 MP	344	DnsTxtItem dns_txt_item_free_all(DnsTxtItem i);
4c89c718 MP	345	bool dns_txt_item_equal(DnsTxtItem a, DnsTxtItem b);
5a920b42	346	DnsTxtItem dns_txt_item_copy(DnsTxtItem i);
52ad194e	347	int dns_txt_item_new_empty(DnsTxtItem **ret);
5eef597e	348
6e866b33	349	void dns_resource_record_hash_func(const DnsResourceRecord i, struct siphash state);
3a6ce677	350	int dns_resource_record_compare_func(const DnsResourceRecord x, const DnsResourceRecord y);
aa27b158	351
5eef597e	352	extern const struct hash_ops dns_resource_key_hash_ops;
4c89c718 MP	353	extern const struct hash_ops dns_resource_record_hash_ops;
	354
	355	int dnssec_algorithm_to_string_alloc(int i, char **ret);
	356	int dnssec_algorithm_from_string(const char *s) _pure_;
	357
	358	int dnssec_digest_to_string_alloc(int i, char **ret);
	359	int dnssec_digest_from_string(const char *s) _pure_;