xref: /openbsd-src/usr.sbin/nsd/dns.h (revision 3efee2e132f9af6db74577d714f3304be2b3af74) 
162ac0c33Sjakob /*
262ac0c33Sjakob  * dns.h -- DNS definitions.
362ac0c33Sjakob  *
4dd5b221eSsthen  * Copyright (c) 2001-2006, NLnet Labs. All rights reserved.
562ac0c33Sjakob  *
662ac0c33Sjakob  * See LICENSE for the license.
762ac0c33Sjakob  *
862ac0c33Sjakob  */
962ac0c33Sjakob 
10*3efee2e1Sflorian #ifndef DNS_H
11*3efee2e1Sflorian #define DNS_H
1262ac0c33Sjakob 
1362ac0c33Sjakob enum rr_section {
1462ac0c33Sjakob 	QUESTION_SECTION,
1562ac0c33Sjakob 	ANSWER_SECTION,
1662ac0c33Sjakob 	AUTHORITY_SECTION,
175bcb494bSjakob 	/*
185bcb494bSjakob 	 * Use a split authority section to ensure that optional
195bcb494bSjakob 	 * NS RRsets in the response can be omitted.
205bcb494bSjakob 	 */
215bcb494bSjakob 	OPTIONAL_AUTHORITY_SECTION,
2262ac0c33Sjakob 	ADDITIONAL_SECTION,
2362ac0c33Sjakob 	/*
2462ac0c33Sjakob 	 * Use a split additional section to ensure A records appear
2562ac0c33Sjakob 	 * before any AAAA records (this is recommended practice to
2662ac0c33Sjakob 	 * avoid truncating the additional section for IPv4 clients
2762ac0c33Sjakob 	 * that do not specify EDNS0), and AAAA records before other
2862ac0c33Sjakob 	 * types of additional records (such as X25 and ISDN).
2962ac0c33Sjakob 	 * Encode_answer sets the ARCOUNT field of the response packet
3062ac0c33Sjakob 	 * correctly.
3162ac0c33Sjakob 	 */
3262ac0c33Sjakob 	ADDITIONAL_A_SECTION = ADDITIONAL_SECTION,
3362ac0c33Sjakob 	ADDITIONAL_AAAA_SECTION,
3462ac0c33Sjakob 	ADDITIONAL_OTHER_SECTION,
3562ac0c33Sjakob 
3662ac0c33Sjakob 	RR_SECTION_COUNT
3762ac0c33Sjakob };
3862ac0c33Sjakob typedef enum rr_section rr_section_type;
3962ac0c33Sjakob 
4062ac0c33Sjakob /* Possible OPCODE values */
4162ac0c33Sjakob #define OPCODE_QUERY		0 	/* a standard query (QUERY) */
4262ac0c33Sjakob #define OPCODE_IQUERY		1 	/* an inverse query (IQUERY) */
4362ac0c33Sjakob #define OPCODE_STATUS		2 	/* a server status request (STATUS) */
4462ac0c33Sjakob #define OPCODE_NOTIFY		4 	/* NOTIFY */
4562ac0c33Sjakob #define OPCODE_UPDATE		5 	/* Dynamic update */
4662ac0c33Sjakob 
4762ac0c33Sjakob /* Possible RCODE values */
4862ac0c33Sjakob #define RCODE_OK		0 	/* No error condition */
4962ac0c33Sjakob #define RCODE_FORMAT		1 	/* Format error */
5062ac0c33Sjakob #define RCODE_SERVFAIL		2 	/* Server failure */
5162ac0c33Sjakob #define RCODE_NXDOMAIN		3 	/* Name Error */
5262ac0c33Sjakob #define RCODE_IMPL		4 	/* Not implemented */
5362ac0c33Sjakob #define RCODE_REFUSE		5 	/* Refused */
5462ac0c33Sjakob #define RCODE_YXDOMAIN		6	/* name should not exist */
5562ac0c33Sjakob #define RCODE_YXRRSET		7	/* rrset should not exist */
5662ac0c33Sjakob #define RCODE_NXRRSET		8	/* rrset does not exist */
5762ac0c33Sjakob #define RCODE_NOTAUTH		9	/* server not authoritative */
5862ac0c33Sjakob #define RCODE_NOTZONE		10	/* name not inside zone */
5962ac0c33Sjakob 
6062ac0c33Sjakob /* Standardized NSD return code.  Partially maps to DNS RCODE values.  */
6162ac0c33Sjakob enum nsd_rc
6262ac0c33Sjakob {
6362ac0c33Sjakob 	/* Discard the client request.  */
6462ac0c33Sjakob 	NSD_RC_DISCARD  = -1,
6562ac0c33Sjakob 	/* OK, continue normal processing.  */
6662ac0c33Sjakob 	NSD_RC_OK       = RCODE_OK,
6762ac0c33Sjakob 	/* Return the appropriate error code to the client.  */
6862ac0c33Sjakob 	NSD_RC_FORMAT   = RCODE_FORMAT,
6962ac0c33Sjakob 	NSD_RC_SERVFAIL = RCODE_SERVFAIL,
7062ac0c33Sjakob 	NSD_RC_NXDOMAIN = RCODE_NXDOMAIN,
7162ac0c33Sjakob 	NSD_RC_IMPL     = RCODE_IMPL,
7262ac0c33Sjakob 	NSD_RC_REFUSE   = RCODE_REFUSE,
7362ac0c33Sjakob 	NSD_RC_NOTAUTH  = RCODE_NOTAUTH
7462ac0c33Sjakob };
7562ac0c33Sjakob typedef enum nsd_rc nsd_rc_type;
7662ac0c33Sjakob 
7762ac0c33Sjakob /* RFC1035 */
7862ac0c33Sjakob #define CLASS_IN	1	/* Class IN */
7962ac0c33Sjakob #define CLASS_CS	2	/* Class CS */
8062ac0c33Sjakob #define CLASS_CH	3	/* Class CHAOS */
8162ac0c33Sjakob #define CLASS_HS	4	/* Class HS */
8262ac0c33Sjakob #define CLASS_NONE	254	/* Class NONE rfc2136 */
8362ac0c33Sjakob #define CLASS_ANY	255	/* Class ANY */
8462ac0c33Sjakob 
8562ac0c33Sjakob #define TYPE_A		1	/* a host address */
8662ac0c33Sjakob #define TYPE_NS		2	/* an authoritative name server */
8762ac0c33Sjakob #define TYPE_MD		3	/* a mail destination (Obsolete - use MX) */
8862ac0c33Sjakob #define TYPE_MF		4	/* a mail forwarder (Obsolete - use MX) */
8962ac0c33Sjakob #define TYPE_CNAME	5	/* the canonical name for an alias */
9062ac0c33Sjakob #define TYPE_SOA	6	/* marks the start of a zone of authority */
9162ac0c33Sjakob #define TYPE_MB		7	/* a mailbox domain name (EXPERIMENTAL) */
9262ac0c33Sjakob #define TYPE_MG		8	/* a mail group member (EXPERIMENTAL) */
9362ac0c33Sjakob #define TYPE_MR		9	/* a mail rename domain name (EXPERIMENTAL) */
9462ac0c33Sjakob #define TYPE_NULL	10	/* a null RR (EXPERIMENTAL) */
9562ac0c33Sjakob #define TYPE_WKS	11	/* a well known service description */
9662ac0c33Sjakob #define TYPE_PTR	12	/* a domain name pointer */
9762ac0c33Sjakob #define TYPE_HINFO	13	/* host information */
9862ac0c33Sjakob #define TYPE_MINFO	14	/* mailbox or mail list information */
9962ac0c33Sjakob #define TYPE_MX		15	/* mail exchange */
10062ac0c33Sjakob #define TYPE_TXT	16	/* text strings */
10162ac0c33Sjakob #define TYPE_RP		17	/* RFC1183 */
10262ac0c33Sjakob #define TYPE_AFSDB	18	/* RFC1183 */
10362ac0c33Sjakob #define TYPE_X25	19	/* RFC1183 */
10462ac0c33Sjakob #define TYPE_ISDN	20	/* RFC1183 */
10562ac0c33Sjakob #define TYPE_RT		21	/* RFC1183 */
10662ac0c33Sjakob #define TYPE_NSAP	22	/* RFC1706 */
10762ac0c33Sjakob 
10862ac0c33Sjakob #define TYPE_SIG	24	/* 2535typecode */
10962ac0c33Sjakob #define TYPE_KEY	25	/* 2535typecode */
11062ac0c33Sjakob #define TYPE_PX		26	/* RFC2163 */
11162ac0c33Sjakob 
11262ac0c33Sjakob #define TYPE_AAAA	28	/* ipv6 address */
11362ac0c33Sjakob #define TYPE_LOC	29	/* LOC record  RFC1876 */
11462ac0c33Sjakob #define TYPE_NXT	30	/* 2535typecode */
11562ac0c33Sjakob 
11662ac0c33Sjakob #define TYPE_SRV	33	/* SRV record RFC2782 */
11762ac0c33Sjakob 
11862ac0c33Sjakob #define TYPE_NAPTR	35	/* RFC2915 */
11962ac0c33Sjakob #define TYPE_KX		36	/* RFC2230 Key Exchange Delegation Record */
12062ac0c33Sjakob #define TYPE_CERT	37	/* RFC2538 */
12162ac0c33Sjakob 
12262ac0c33Sjakob #define TYPE_A6		38	/* RFC2874 */
12362ac0c33Sjakob 
12462ac0c33Sjakob #define TYPE_DNAME	39	/* RFC2672 */
12562ac0c33Sjakob 
12662ac0c33Sjakob #define TYPE_OPT	41	/* Pseudo OPT record... */
12762ac0c33Sjakob #define TYPE_APL	42	/* RFC3123 */
12862ac0c33Sjakob #define TYPE_DS		43	/* RFC 4033, 4034, and 4035 */
12962ac0c33Sjakob #define TYPE_SSHFP	44	/* SSH Key Fingerprint */
13062ac0c33Sjakob #define TYPE_IPSECKEY	45	/* public key for ipsec use. RFC 4025 */
13162ac0c33Sjakob 
13262ac0c33Sjakob #define TYPE_RRSIG	46	/* RFC 4033, 4034, and 4035 */
13362ac0c33Sjakob #define TYPE_NSEC	47	/* RFC 4033, 4034, and 4035 */
13462ac0c33Sjakob #define TYPE_DNSKEY	48	/* RFC 4033, 4034, and 4035 */
13562ac0c33Sjakob #define TYPE_DHCID	49	/* RFC4701 DHCP information */
13662ac0c33Sjakob #define TYPE_NSEC3	50	/* NSEC3, secure denial, prevents zonewalking */
13762ac0c33Sjakob #define TYPE_NSEC3PARAM 51	/* NSEC3PARAM at zone apex nsec3 parameters */
13872f0a8e9Ssthen #define TYPE_TLSA	52	/* RFC 6698 */
13918e77612Sflorian #define TYPE_SMIMEA	53	/* RFC 8162 */
14003739794Sbrad #define TYPE_CDS	59	/* RFC 7344 */
14103739794Sbrad #define TYPE_CDNSKEY	60	/* RFC 7344 */
142c1e73312Sflorian #define TYPE_OPENPGPKEY 61	/* RFC 7929 */
143275a8d89Sflorian #define TYPE_CSYNC	62	/* RFC 7477 */
144977db6e5Sflorian #define TYPE_ZONEMD	63	/* draft-ietf-dnsop-dns-zone-digest */
145063644e9Sflorian #define TYPE_SVCB	64	/* draft-ietf-dnsop-svcb-https-03 */
146063644e9Sflorian #define TYPE_HTTPS	65	/* draft-ietf-dnsop-svcb-https-03 */
14762ac0c33Sjakob 
14862ac0c33Sjakob #define TYPE_SPF        99      /* RFC 4408 */
14962ac0c33Sjakob 
15075343be4Ssthen #define TYPE_NID        104     /* RFC 6742 */
15175343be4Ssthen #define TYPE_L32        105     /* RFC 6742 */
15275343be4Ssthen #define TYPE_L64        106     /* RFC 6742 */
15375343be4Ssthen #define TYPE_LP         107     /* RFC 6742 */
154a302926fSbrad #define TYPE_EUI48      108     /* RFC 7043 */
155a302926fSbrad #define TYPE_EUI64      109     /* RFC 7043 */
1569c620270Ssthen 
15762ac0c33Sjakob #define TYPE_TSIG	250
15862ac0c33Sjakob #define TYPE_IXFR	251
15962ac0c33Sjakob #define TYPE_AXFR	252
16062ac0c33Sjakob #define TYPE_MAILB	253	/* A request for mailbox-related records (MB, MG or MR) */
16162ac0c33Sjakob #define TYPE_MAILA	254	/* A request for mail agent RRs (Obsolete - see MX) */
16262ac0c33Sjakob #define TYPE_ANY	255	/* any type (wildcard) */
163e3d8a0a5Ssthen #define TYPE_URI	256	/* RFC 7553 */
164a302926fSbrad #define TYPE_CAA	257	/* RFC 6844 */
165fb800cb5Sflorian #define TYPE_AVC	258
166a302926fSbrad 
16762ac0c33Sjakob #define TYPE_DLV	32769	/* RFC 4431 */
16862ac0c33Sjakob #define PSEUDO_TYPE_DLV	RRTYPE_DESCRIPTORS_LENGTH
16962ac0c33Sjakob 
170063644e9Sflorian #define SVCB_KEY_MANDATORY		0
171063644e9Sflorian #define SVCB_KEY_ALPN			1
172063644e9Sflorian #define SVCB_KEY_NO_DEFAULT_ALPN	2
173063644e9Sflorian #define SVCB_KEY_PORT			3
174063644e9Sflorian #define SVCB_KEY_IPV4HINT		4
175063644e9Sflorian #define SVCB_KEY_ECH		5
176063644e9Sflorian #define SVCB_KEY_IPV6HINT		6
177de04d855Ssthen #define SVCB_KEY_DOHPATH		7
178de04d855Ssthen #define SVCPARAMKEY_COUNT 8
179063644e9Sflorian 
18062ac0c33Sjakob #define MAXLABELLEN	63
18162ac0c33Sjakob #define MAXDOMAINLEN	255
18262ac0c33Sjakob 
18362ac0c33Sjakob #define MAXRDATALEN	64      /* This is more than enough, think multiple TXT. */
18462ac0c33Sjakob #define MAX_RDLENGTH	65535
18562ac0c33Sjakob 
18662ac0c33Sjakob /* Maximum size of a single RR.  */
18762ac0c33Sjakob #define MAX_RR_SIZE \
18862ac0c33Sjakob 	(MAXDOMAINLEN + sizeof(uint32_t) + 4*sizeof(uint16_t) + MAX_RDLENGTH)
18962ac0c33Sjakob 
19062ac0c33Sjakob #define IP4ADDRLEN	(32/8)
19162ac0c33Sjakob #define IP6ADDRLEN	(128/8)
1929c620270Ssthen #define EUI48ADDRLEN	(48/8)
1939c620270Ssthen #define EUI64ADDRLEN	(64/8)
19462ac0c33Sjakob 
195dd5b221eSsthen #define NSEC3_HASH_LEN 20
196dd5b221eSsthen 
19762ac0c33Sjakob /*
19862ac0c33Sjakob  * The different types of RDATA wireformat data.
19962ac0c33Sjakob  */
20062ac0c33Sjakob enum rdata_wireformat
20162ac0c33Sjakob {
20262ac0c33Sjakob 	RDATA_WF_COMPRESSED_DNAME,   /* Possibly compressed domain name.  */
20362ac0c33Sjakob 	RDATA_WF_UNCOMPRESSED_DNAME, /* Uncompressed domain name.  */
20462ac0c33Sjakob 	RDATA_WF_LITERAL_DNAME,      /* Literal (not downcased) dname.  */
20562ac0c33Sjakob 	RDATA_WF_BYTE,               /* 8-bit integer.  */
20662ac0c33Sjakob 	RDATA_WF_SHORT,              /* 16-bit integer.  */
20762ac0c33Sjakob 	RDATA_WF_LONG,               /* 32-bit integer.  */
20862ac0c33Sjakob 	RDATA_WF_TEXT,               /* Text string.  */
209f72b2965Sjakob 	RDATA_WF_TEXTS,              /* Text string sequence.  */
21062ac0c33Sjakob 	RDATA_WF_A,                  /* 32-bit IPv4 address.  */
21162ac0c33Sjakob 	RDATA_WF_AAAA,               /* 128-bit IPv6 address.  */
21262ac0c33Sjakob 	RDATA_WF_BINARY,             /* Binary data (unknown length).  */
21362ac0c33Sjakob 	RDATA_WF_BINARYWITHLENGTH,   /* Binary data preceded by 1 byte length */
21462ac0c33Sjakob 	RDATA_WF_APL,                /* APL data.  */
21575343be4Ssthen 	RDATA_WF_IPSECGATEWAY,       /* IPSECKEY gateway ip4, ip6 or dname. */
2169c620270Ssthen 	RDATA_WF_ILNP64,             /* 64-bit uncompressed IPv6 address.  */
2179c620270Ssthen 	RDATA_WF_EUI48,	             /* 48-bit address.  */
218a302926fSbrad 	RDATA_WF_EUI64,              /* 64-bit address.  */
219063644e9Sflorian 	RDATA_WF_LONG_TEXT,          /* Long (>255) text string. */
220063644e9Sflorian 	RDATA_WF_SVCPARAM            /* SvcParam <key>[=<value>] */
22162ac0c33Sjakob };
22262ac0c33Sjakob typedef enum rdata_wireformat rdata_wireformat_type;
22362ac0c33Sjakob 
22462ac0c33Sjakob /*
22562ac0c33Sjakob  * The different types of RDATA that can appear in the zone file.
22662ac0c33Sjakob  */
22762ac0c33Sjakob enum rdata_zoneformat
22862ac0c33Sjakob {
22962ac0c33Sjakob 	RDATA_ZF_DNAME,		/* Domain name.  */
23062ac0c33Sjakob 	RDATA_ZF_LITERAL_DNAME,	/* DNS name (not lowercased domain name).  */
23162ac0c33Sjakob 	RDATA_ZF_TEXT,		/* Text string.  */
232f72b2965Sjakob 	RDATA_ZF_TEXTS,		/* Text string sequence.  */
23362ac0c33Sjakob 	RDATA_ZF_BYTE,		/* 8-bit integer.  */
23462ac0c33Sjakob 	RDATA_ZF_SHORT,		/* 16-bit integer.  */
23562ac0c33Sjakob 	RDATA_ZF_LONG,		/* 32-bit integer.  */
23662ac0c33Sjakob 	RDATA_ZF_A,		/* 32-bit IPv4 address.  */
23762ac0c33Sjakob 	RDATA_ZF_AAAA,		/* 128-bit IPv6 address.  */
23862ac0c33Sjakob 	RDATA_ZF_RRTYPE,	/* RR type.  */
23962ac0c33Sjakob 	RDATA_ZF_ALGORITHM,	/* Cryptographic algorithm.  */
24062ac0c33Sjakob 	RDATA_ZF_CERTIFICATE_TYPE,
24162ac0c33Sjakob 	RDATA_ZF_PERIOD,	/* Time period.  */
24262ac0c33Sjakob 	RDATA_ZF_TIME,
24362ac0c33Sjakob 	RDATA_ZF_BASE64,	/* Base-64 binary data.  */
24462ac0c33Sjakob 	RDATA_ZF_BASE32,	/* Base-32 binary data.  */
24562ac0c33Sjakob 	RDATA_ZF_HEX,		/* Hexadecimal binary data.  */
24662ac0c33Sjakob 	RDATA_ZF_HEX_LEN,	/* Hexadecimal binary data. Skip initial length byte. */
24762ac0c33Sjakob 	RDATA_ZF_NSAP,		/* NSAP.  */
24862ac0c33Sjakob 	RDATA_ZF_APL,		/* APL.  */
24962ac0c33Sjakob 	RDATA_ZF_IPSECGATEWAY,	/* IPSECKEY gateway ip4, ip6 or dname. */
25062ac0c33Sjakob 	RDATA_ZF_SERVICES,	/* Protocol and port number bitmap.  */
25162ac0c33Sjakob 	RDATA_ZF_NXT,		/* NXT type bitmap.  */
25262ac0c33Sjakob 	RDATA_ZF_NSEC,		/* NSEC type bitmap.  */
25362ac0c33Sjakob 	RDATA_ZF_LOC,		/* Location data.  */
25475343be4Ssthen 	RDATA_ZF_ILNP64,	/* 64-bit uncompressed IPv6 address.  */
2559c620270Ssthen 	RDATA_ZF_EUI48,		/* EUI48 address.  */
2569c620270Ssthen 	RDATA_ZF_EUI64,		/* EUI64 address.  */
257a302926fSbrad 	RDATA_ZF_LONG_TEXT,	/* Long (>255) text string. */
258a302926fSbrad 	RDATA_ZF_TAG,		/* Text string without quotes. */
259063644e9Sflorian 	RDATA_ZF_SVCPARAM,	/* SvcParam <key>[=<value>] */
26062ac0c33Sjakob 	RDATA_ZF_UNKNOWN	/* Unknown data.  */
26162ac0c33Sjakob };
26262ac0c33Sjakob typedef enum rdata_zoneformat rdata_zoneformat_type;
26362ac0c33Sjakob 
26462ac0c33Sjakob struct rrtype_descriptor
26562ac0c33Sjakob {
26662ac0c33Sjakob 	uint16_t    type;	/* RR type */
26762ac0c33Sjakob 	const char *name;	/* Textual name.  */
26862ac0c33Sjakob 	int         token;	/* Parser token.  */
269d65f3523Sjakob 	uint32_t    minimum;	/* Minimum number of RDATAs.  */
270d65f3523Sjakob 	uint32_t    maximum;	/* Maximum number of RDATAs.  */
27162ac0c33Sjakob 	uint8_t     wireformat[MAXRDATALEN]; /* rdata_wireformat_type */
27262ac0c33Sjakob 	uint8_t     zoneformat[MAXRDATALEN]; /* rdata_zoneformat_type  */
27362ac0c33Sjakob };
27462ac0c33Sjakob typedef struct rrtype_descriptor rrtype_descriptor_type;
27562ac0c33Sjakob 
27662ac0c33Sjakob /*
27762ac0c33Sjakob  * Indexed by type.  The special type "0" can be used to get a
27862ac0c33Sjakob  * descriptor for unknown types (with one binary rdata).
27962ac0c33Sjakob  *
280fb800cb5Sflorian  * AVC + 1
28162ac0c33Sjakob  */
282fb800cb5Sflorian #define RRTYPE_DESCRIPTORS_LENGTH  (TYPE_AVC + 1)
28362ac0c33Sjakob rrtype_descriptor_type *rrtype_descriptor_by_name(const char *name);
28462ac0c33Sjakob rrtype_descriptor_type *rrtype_descriptor_by_type(uint16_t type);
28562ac0c33Sjakob 
28662ac0c33Sjakob const char *rrtype_to_string(uint16_t rrtype);
28762ac0c33Sjakob 
28862ac0c33Sjakob /*
28962ac0c33Sjakob  * Lookup the type in the ztypes lookup table.  If not found, check if
29062ac0c33Sjakob  * the type uses the "TYPExxx" notation for unknown types.
29162ac0c33Sjakob  *
29262ac0c33Sjakob  * Return 0 if no type matches.
29362ac0c33Sjakob  */
29462ac0c33Sjakob uint16_t rrtype_from_string(const char *name);
29562ac0c33Sjakob 
29662ac0c33Sjakob const char *rrclass_to_string(uint16_t rrclass);
29762ac0c33Sjakob uint16_t rrclass_from_string(const char *name);
29862ac0c33Sjakob 
29962ac0c33Sjakob #ifdef __cplusplus
30062ac0c33Sjakob inline rr_section_type
30162ac0c33Sjakob operator++(rr_section_type &lhs)
30262ac0c33Sjakob {
30362ac0c33Sjakob 	lhs = (rr_section_type) ((int) lhs + 1);
30462ac0c33Sjakob 	return lhs;
30562ac0c33Sjakob }
30662ac0c33Sjakob #endif /* __cplusplus */
30762ac0c33Sjakob 
308*3efee2e1Sflorian #endif /* DNS_H */
309