xref: /openbsd/include/arpa/nameser.h (revision 2811b70e) 
1 /*	$OpenBSD: nameser.h,v 1.15 2022/12/27 07:44:56 jmc Exp $	*/
2 
3 /*
4  * ++Copyright++ 1983, 1989, 1993
5  * -
6  * Copyright (c) 1983, 1989, 1993
7  *    The Regents of the University of California.  All rights reserved.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions
11  * are met:
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer in the
16  *    documentation and/or other materials provided with the distribution.
17  * 3. Neither the name of the University nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  * -
33  * Portions Copyright (c) 1993 by Digital Equipment Corporation.
34  *
35  * Permission to use, copy, modify, and distribute this software for any
36  * purpose with or without fee is hereby granted, provided that the above
37  * copyright notice and this permission notice appear in all copies, and that
38  * the name of Digital Equipment Corporation not be used in advertising or
39  * publicity pertaining to distribution of the document or software without
40  * specific, written prior permission.
41  *
42  * THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL
43  * WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES
44  * OF MERCHANTABILITY AND FITNESS.   IN NO EVENT SHALL DIGITAL EQUIPMENT
45  * CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
46  * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
47  * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
48  * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
49  * SOFTWARE.
50  * -
51  * Portions Copyright (c) 1995 by International Business Machines, Inc.
52  *
53  * International Business Machines, Inc. (hereinafter called IBM) grants
54  * permission under its copyrights to use, copy, modify, and distribute this
55  * Software with or without fee, provided that the above copyright notice and
56  * all paragraphs of this notice appear in all copies, and that the name of IBM
57  * not be used in connection with the marketing of any product incorporating
58  * the Software or modifications thereof, without specific, written prior
59  * permission.
60  *
61  * To the extent it has a right to do so, IBM grants an immunity from suit
62  * under its patents, if any, for the use, sale or manufacture of products to
63  * the extent that such products are used for performing Domain Name System
64  * dynamic updates in TCP/IP networks by means of the Software.  No immunity is
65  * granted for any product per se or for any other function of any product.
66  *
67  * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
68  * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
69  * PARTICULAR PURPOSE.  IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
70  * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
71  * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
72  * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
73  * --Copyright--
74  */
75 
76 /*
77  *      @(#)nameser.h	8.1 (Berkeley) 6/2/93
78  *	$From: nameser.h,v 8.11 1996/10/08 04:51:02 vixie Exp $
79  */
80 
81 #ifndef _NAMESER_H_
82 #define _NAMESER_H_
83 
84 #include <sys/types.h>
85 
86 /*
87  * revision information.  this is the release date in YYYYMMDD format.
88  * it can change every day so the right thing to do with it is use it
89  * in preprocessor commands such as "#if (__BIND > 19931104)".  do not
90  * compare for equality; rather, use it to determine whether your resolver
91  * is new enough to contain a certain feature.
92  */
93 
94 #define __BIND		19960801	/* interface version stamp */
95 
96 /*
97  * Define constants based on rfc883
98  */
99 #define PACKETSZ	512		/* maximum packet size */
100 #define MAXDNAME	1025		/* maximum presentation domain name */
101 #define MAXCDNAME	255		/* maximum compressed domain name */
102 #define MAXLABEL	63		/* maximum length of domain label */
103 #define HFIXEDSZ	12		/* #/bytes of fixed data in header */
104 #define QFIXEDSZ	4		/* #/bytes of fixed data in query */
105 #define RRFIXEDSZ	10		/* #/bytes of fixed data in r record */
106 #define INT32SZ		4		/* for systems without 32-bit ints */
107 #define INT16SZ		2		/* for systems without 16-bit ints */
108 #define INADDRSZ	4		/* IPv4 T_A */
109 #define IN6ADDRSZ	16		/* IPv6 T_AAAA */
110 
111 /*
112  * Internet nameserver port number
113  */
114 #define NAMESERVER_PORT	53
115 
116 /*
117  * Currently defined opcodes
118  */
119 #define QUERY		0x0		/* standard query */
120 #define IQUERY		0x1		/* inverse query */
121 #define STATUS		0x2		/* nameserver status query */
122 /*#define xxx		0x3*/		/* 0x3 reserved */
123 #define NS_NOTIFY_OP	0x4		/* notify secondary of SOA change */
124 /*
125  * Currently defined response codes
126  */
127 #define NOERROR		0		/* no error */
128 #define FORMERR		1		/* format error */
129 #define SERVFAIL	2		/* server failure */
130 #define NXDOMAIN	3		/* non existent domain */
131 #define NOTIMP		4		/* not implemented */
132 #define REFUSED		5		/* query refused */
133 
134 /*
135  * Type values for resources and queries
136  */
137 #define T_A		1		/* host address */
138 #define T_NS		2		/* authoritative server */
139 #define T_MD		3		/* mail destination */
140 #define T_MF		4		/* mail forwarder */
141 #define T_CNAME		5		/* canonical name */
142 #define T_SOA		6		/* start of authority zone */
143 #define T_MB		7		/* mailbox domain name */
144 #define T_MG		8		/* mail group member */
145 #define T_MR		9		/* mail rename name */
146 #define T_NULL		10		/* null resource record */
147 #define T_WKS		11		/* well known service */
148 #define T_PTR		12		/* domain name pointer */
149 #define T_HINFO		13		/* host information */
150 #define T_MINFO		14		/* mailbox information */
151 #define T_MX		15		/* mail routing information */
152 #define T_TXT		16		/* text strings */
153 #define T_RP		17		/* responsible person */
154 #define T_AFSDB		18		/* AFS cell database */
155 #define T_X25		19		/* X_25 calling address */
156 #define T_ISDN		20		/* ISDN calling address */
157 #define T_RT		21		/* router */
158 #define T_NSAP		22		/* NSAP address */
159 #define T_NSAP_PTR	23		/* reverse NSAP lookup (deprecated) */
160 #define T_SIG		24		/* security signature */
161 #define T_KEY		25		/* security key */
162 #define T_PX		26		/* X.400 mail mapping */
163 #define T_GPOS		27		/* geographical position (withdrawn) */
164 #define T_AAAA		28		/* IP6 Address */
165 #define T_LOC		29		/* Location Information */
166 #define T_NXT		30		/* Next Valid Name in Zone */
167 #define T_EID		31		/* Endpoint identifier */
168 #define T_NIMLOC	32		/* Nimrod locator */
169 #define T_SRV		33		/* Server selection */
170 #define T_ATMA		34		/* ATM Address */
171 #define T_NAPTR		35		/* Naming Authority PoinTeR */
172 #define T_KX		36		/* Key Exchanger */
173 #define T_CERT		37		/* CERT */
174 #define T_A6		38		/* A6 */
175 #define T_DNAME		39		/* DNAME */
176 #define T_SINK		40		/* SINK */
177 #define T_OPT		41		/* OPT pseudo-RR, RFC2671 */
178 #define T_APL		42		/* APL */
179 #define T_DS		43		/* Delegation Signer */
180 #define T_SSHFP		44		/* SSH Key Fingerprint */
181 #define T_RRSIG		46		/* RRSIG */
182 #define T_NSEC		47		/* NSEC */
183 #define T_DNSKEY	48		/* DNSKEY */
184 	/* non standard */
185 #define T_UINFO		100		/* user (finger) information */
186 #define T_UID		101		/* user ID */
187 #define T_GID		102		/* group ID */
188 #define T_UNSPEC	103		/* Unspecified format (binary data) */
189 	/* Query type values which do not appear in resource records */
190 #define	T_TKEY		249		/* Transaction Key */
191 #define	T_TSIG		250		/* Transaction Signature */
192 #define	T_IXFR		251		/* incremental zone transfer */
193 #define T_AXFR		252		/* transfer zone of authority */
194 #define T_MAILB		253		/* transfer mailbox records */
195 #define T_MAILA		254		/* transfer mail agent records */
196 #define T_ANY		255		/* wildcard match */
197 
198 /*
199  * Values for class field
200  */
201 
202 #define C_IN		1		/* the arpa internet */
203 #define C_CHAOS		3		/* for chaos net (MIT) */
204 #define C_HS		4		/* for Hesiod name server (MIT) (XXX) */
205 	/* Query class values which do not appear in resource records */
206 #define C_ANY		255		/* wildcard match */
207 
208 /*
209  * Flags field of the KEY RR rdata
210  */
211 #define	KEYFLAG_TYPEMASK	0xC000	/* Mask for "type" bits */
212 #define	KEYFLAG_TYPE_AUTH_CONF	0x0000	/* Key usable for both */
213 #define	KEYFLAG_TYPE_CONF_ONLY	0x8000	/* Key usable for confidentiality */
214 #define	KEYFLAG_TYPE_AUTH_ONLY	0x4000	/* Key usable for authentication */
215 #define	KEYFLAG_TYPE_NO_KEY	0xC000	/* No key usable for either; no key */
216 /* The type bits can also be interpreted independently, as single bits: */
217 #define	KEYFLAG_NO_AUTH		0x8000	/* Key not usable for authentication */
218 #define	KEYFLAG_NO_CONF		0x4000	/* Key not usable for confidentiality */
219 
220 #define	KEYFLAG_EXPERIMENTAL	0x2000	/* Security is *mandatory* if bit=0 */
221 #define	KEYFLAG_RESERVED3	0x1000  /* reserved - must be zero */
222 #define	KEYFLAG_RESERVED4	0x0800  /* reserved - must be zero */
223 #define	KEYFLAG_USERACCOUNT	0x0400	/* key is assoc. with a user acct */
224 #define	KEYFLAG_ENTITY		0x0200	/* key is assoc. with entity eg host */
225 #define	KEYFLAG_ZONEKEY		0x0100	/* key is zone key for the zone named */
226 #define	KEYFLAG_IPSEC		0x0080  /* key is for IPsec use (host or user)*/
227 #define	KEYFLAG_EMAIL		0x0040  /* key is for email (MIME security) */
228 #define	KEYFLAG_RESERVED10	0x0020  /* reserved - must be zero */
229 #define	KEYFLAG_RESERVED11	0x0010  /* reserved - must be zero */
230 #define	KEYFLAG_SIGNATORYMASK	0x000F	/* key can sign DNS RR's of same name */
231 
232 #define  KEYFLAG_RESERVED_BITMASK ( KEYFLAG_RESERVED3 | \
233 				    KEYFLAG_RESERVED4 | \
234 				    KEYFLAG_RESERVED10| KEYFLAG_RESERVED11)
235 
236 /* The Algorithm field of the KEY and SIG RR's is an integer, {1..254} */
237 #define	ALGORITHM_MD5RSA	1	/* MD5 with RSA */
238 #define	ALGORITHM_EXPIRE_ONLY	253	/* No alg, no security */
239 #define	ALGORITHM_PRIVATE_OID	254	/* Key begins with OID indicating alg */
240 
241 /* Signatures */
242 					/* Size of a mod or exp in bits */
243 #define	MIN_MD5RSA_KEY_PART_BITS	 512
244 #define	MAX_MD5RSA_KEY_PART_BITS	2552
245 					/* Total of binary mod and exp, bytes */
246 #define	MAX_MD5RSA_KEY_BYTES		((MAX_MD5RSA_KEY_PART_BITS+7/8)*2+3)
247 					/* Max length of text sig block */
248 #define	MAX_KEY_BASE64			(((MAX_MD5RSA_KEY_BYTES+2)/3)*4)
249 
250 /*
251  * EDNS0 Z-field extended flags
252  */
253 #define DNS_MESSAGEEXTFLAG_DO	0x8000U
254 
255 /*
256  * Status return codes for T_UNSPEC conversion routines
257  */
258 #define CONV_SUCCESS	0
259 #define CONV_OVERFLOW	(-1)
260 #define CONV_BADFMT	(-2)
261 #define CONV_BADCKSUM	(-3)
262 #define CONV_BADBUFLEN	(-4)
263 
264 #if !defined(_BYTE_ORDER) || \
265     (_BYTE_ORDER != _BIG_ENDIAN && _BYTE_ORDER != _LITTLE_ENDIAN && \
266     _BYTE_ORDER != _PDP_ENDIAN)
267 	/* you must determine what the correct bit order is for
268 	 * your compiler - the next line is an intentional error
269 	 * which will force your compiles to bomb until you fix
270 	 * the above macros.
271 	 */
272 #error "Undefined or invalid _BYTE_ORDER";
273 #endif
274 
275 /*
276  * Structure for query header.  The order of the fields is machine- and
277  * compiler-dependent, depending on the byte/bit order and the layout
278  * of bit fields.  We use bit fields only in int variables, as this
279  * is all ANSI requires.  This requires a somewhat confusing rearrangement.
280  */
281 
282 typedef struct {
283 	unsigned	id :16;		/* query identification number */
284 #if _BYTE_ORDER == _BIG_ENDIAN
285 			/* fields in third byte */
286 	unsigned	qr: 1;		/* response flag */
287 	unsigned	opcode: 4;	/* purpose of message */
288 	unsigned	aa: 1;		/* authoritative answer */
289 	unsigned	tc: 1;		/* truncated message */
290 	unsigned	rd: 1;		/* recursion desired */
291 			/* fields in fourth byte */
292 	unsigned	ra: 1;		/* recursion available */
293 	unsigned	unused :1;	/* unused bits (MBZ as of 4.9.3a3) */
294 	unsigned	ad: 1;		/* authentic data from named */
295 	unsigned	cd: 1;		/* checking disabled by resolver */
296 	unsigned	rcode :4;	/* response code */
297 #endif
298 #if _BYTE_ORDER == _LITTLE_ENDIAN || _BYTE_ORDER == _PDP_ENDIAN
299 			/* fields in third byte */
300 	unsigned	rd :1;		/* recursion desired */
301 	unsigned	tc :1;		/* truncated message */
302 	unsigned	aa :1;		/* authoritative answer */
303 	unsigned	opcode :4;	/* purpose of message */
304 	unsigned	qr :1;		/* response flag */
305 			/* fields in fourth byte */
306 	unsigned	rcode :4;	/* response code */
307 	unsigned	cd: 1;		/* checking disabled by resolver */
308 	unsigned	ad: 1;		/* authentic data from named */
309 	unsigned	unused :1;	/* unused bits (MBZ as of 4.9.3a3) */
310 	unsigned	ra :1;		/* recursion available */
311 #endif
312 			/* remaining bytes */
313 	unsigned	qdcount :16;	/* number of question entries */
314 	unsigned	ancount :16;	/* number of answer entries */
315 	unsigned	nscount :16;	/* number of authority entries */
316 	unsigned	arcount :16;	/* number of resource entries */
317 } HEADER;
318 
319 /*
320  * Defines for handling compressed domain names
321  */
322 #define INDIR_MASK	0xc0
323 
324 extern	u_int16_t	_getshort(const unsigned char *);
325 extern	u_int32_t	_getlong(const unsigned char *);
326 
327 /*
328  * Inline versions of get/put short/long.  Pointer is advanced.
329  *
330  * These macros demonstrate the property of C whereby it can be
331  * portable or it can be elegant but rarely both.
332  */
333 #define GETSHORT(s, cp) { \
334 	unsigned char *t_cp = (unsigned char *)(cp); \
335 	(s) = ((u_int16_t)t_cp[0] << 8) \
336 	    | ((u_int16_t)t_cp[1]) \
337 	    ; \
338 	(cp) += INT16SZ; \
339 }
340 
341 #define GETLONG(l, cp) { \
342 	unsigned char *t_cp = (unsigned char *)(cp); \
343 	(l) = ((u_int32_t)t_cp[0] << 24) \
344 	    | ((u_int32_t)t_cp[1] << 16) \
345 	    | ((u_int32_t)t_cp[2] << 8) \
346 	    | ((u_int32_t)t_cp[3]) \
347 	    ; \
348 	(cp) += INT32SZ; \
349 }
350 
351 #define PUTSHORT(s, cp) { \
352 	u_int16_t t_s = (u_int16_t)(s); \
353 	unsigned char *t_cp = (unsigned char *)(cp); \
354 	*t_cp++ = t_s >> 8; \
355 	*t_cp   = t_s; \
356 	(cp) += INT16SZ; \
357 }
358 
359 #define PUTLONG(l, cp) { \
360 	u_int32_t t_l = (u_int32_t)(l); \
361 	unsigned char *t_cp = (unsigned char *)(cp); \
362 	*t_cp++ = t_l >> 24; \
363 	*t_cp++ = t_l >> 16; \
364 	*t_cp++ = t_l >> 8; \
365 	*t_cp   = t_l; \
366 	(cp) += INT32SZ; \
367 }
368 
369 #endif /* !_NAMESER_H_ */
370