xref: /openbsd/usr.sbin/nsd/dns.h (revision 3efee2e1)
1 /*
2  * dns.h -- DNS definitions.
3  *
4  * Copyright (c) 2001-2006, NLnet Labs. All rights reserved.
5  *
6  * See LICENSE for the license.
7  *
8  */
9 
10 #ifndef DNS_H
11 #define DNS_H
12 
13 enum rr_section {
14 	QUESTION_SECTION,
15 	ANSWER_SECTION,
16 	AUTHORITY_SECTION,
17 	/*
18 	 * Use a split authority section to ensure that optional
19 	 * NS RRsets in the response can be omitted.
20 	 */
21 	OPTIONAL_AUTHORITY_SECTION,
22 	ADDITIONAL_SECTION,
23 	/*
24 	 * Use a split additional section to ensure A records appear
25 	 * before any AAAA records (this is recommended practice to
26 	 * avoid truncating the additional section for IPv4 clients
27 	 * that do not specify EDNS0), and AAAA records before other
28 	 * types of additional records (such as X25 and ISDN).
29 	 * Encode_answer sets the ARCOUNT field of the response packet
30 	 * correctly.
31 	 */
32 	ADDITIONAL_A_SECTION = ADDITIONAL_SECTION,
33 	ADDITIONAL_AAAA_SECTION,
34 	ADDITIONAL_OTHER_SECTION,
35 
36 	RR_SECTION_COUNT
37 };
38 typedef enum rr_section rr_section_type;
39 
40 /* Possible OPCODE values */
41 #define OPCODE_QUERY		0 	/* a standard query (QUERY) */
42 #define OPCODE_IQUERY		1 	/* an inverse query (IQUERY) */
43 #define OPCODE_STATUS		2 	/* a server status request (STATUS) */
44 #define OPCODE_NOTIFY		4 	/* NOTIFY */
45 #define OPCODE_UPDATE		5 	/* Dynamic update */
46 
47 /* Possible RCODE values */
48 #define RCODE_OK		0 	/* No error condition */
49 #define RCODE_FORMAT		1 	/* Format error */
50 #define RCODE_SERVFAIL		2 	/* Server failure */
51 #define RCODE_NXDOMAIN		3 	/* Name Error */
52 #define RCODE_IMPL		4 	/* Not implemented */
53 #define RCODE_REFUSE		5 	/* Refused */
54 #define RCODE_YXDOMAIN		6	/* name should not exist */
55 #define RCODE_YXRRSET		7	/* rrset should not exist */
56 #define RCODE_NXRRSET		8	/* rrset does not exist */
57 #define RCODE_NOTAUTH		9	/* server not authoritative */
58 #define RCODE_NOTZONE		10	/* name not inside zone */
59 
60 /* Standardized NSD return code.  Partially maps to DNS RCODE values.  */
61 enum nsd_rc
62 {
63 	/* Discard the client request.  */
64 	NSD_RC_DISCARD  = -1,
65 	/* OK, continue normal processing.  */
66 	NSD_RC_OK       = RCODE_OK,
67 	/* Return the appropriate error code to the client.  */
68 	NSD_RC_FORMAT   = RCODE_FORMAT,
69 	NSD_RC_SERVFAIL = RCODE_SERVFAIL,
70 	NSD_RC_NXDOMAIN = RCODE_NXDOMAIN,
71 	NSD_RC_IMPL     = RCODE_IMPL,
72 	NSD_RC_REFUSE   = RCODE_REFUSE,
73 	NSD_RC_NOTAUTH  = RCODE_NOTAUTH
74 };
75 typedef enum nsd_rc nsd_rc_type;
76 
77 /* RFC1035 */
78 #define CLASS_IN	1	/* Class IN */
79 #define CLASS_CS	2	/* Class CS */
80 #define CLASS_CH	3	/* Class CHAOS */
81 #define CLASS_HS	4	/* Class HS */
82 #define CLASS_NONE	254	/* Class NONE rfc2136 */
83 #define CLASS_ANY	255	/* Class ANY */
84 
85 #define TYPE_A		1	/* a host address */
86 #define TYPE_NS		2	/* an authoritative name server */
87 #define TYPE_MD		3	/* a mail destination (Obsolete - use MX) */
88 #define TYPE_MF		4	/* a mail forwarder (Obsolete - use MX) */
89 #define TYPE_CNAME	5	/* the canonical name for an alias */
90 #define TYPE_SOA	6	/* marks the start of a zone of authority */
91 #define TYPE_MB		7	/* a mailbox domain name (EXPERIMENTAL) */
92 #define TYPE_MG		8	/* a mail group member (EXPERIMENTAL) */
93 #define TYPE_MR		9	/* a mail rename domain name (EXPERIMENTAL) */
94 #define TYPE_NULL	10	/* a null RR (EXPERIMENTAL) */
95 #define TYPE_WKS	11	/* a well known service description */
96 #define TYPE_PTR	12	/* a domain name pointer */
97 #define TYPE_HINFO	13	/* host information */
98 #define TYPE_MINFO	14	/* mailbox or mail list information */
99 #define TYPE_MX		15	/* mail exchange */
100 #define TYPE_TXT	16	/* text strings */
101 #define TYPE_RP		17	/* RFC1183 */
102 #define TYPE_AFSDB	18	/* RFC1183 */
103 #define TYPE_X25	19	/* RFC1183 */
104 #define TYPE_ISDN	20	/* RFC1183 */
105 #define TYPE_RT		21	/* RFC1183 */
106 #define TYPE_NSAP	22	/* RFC1706 */
107 
108 #define TYPE_SIG	24	/* 2535typecode */
109 #define TYPE_KEY	25	/* 2535typecode */
110 #define TYPE_PX		26	/* RFC2163 */
111 
112 #define TYPE_AAAA	28	/* ipv6 address */
113 #define TYPE_LOC	29	/* LOC record  RFC1876 */
114 #define TYPE_NXT	30	/* 2535typecode */
115 
116 #define TYPE_SRV	33	/* SRV record RFC2782 */
117 
118 #define TYPE_NAPTR	35	/* RFC2915 */
119 #define TYPE_KX		36	/* RFC2230 Key Exchange Delegation Record */
120 #define TYPE_CERT	37	/* RFC2538 */
121 
122 #define TYPE_A6		38	/* RFC2874 */
123 
124 #define TYPE_DNAME	39	/* RFC2672 */
125 
126 #define TYPE_OPT	41	/* Pseudo OPT record... */
127 #define TYPE_APL	42	/* RFC3123 */
128 #define TYPE_DS		43	/* RFC 4033, 4034, and 4035 */
129 #define TYPE_SSHFP	44	/* SSH Key Fingerprint */
130 #define TYPE_IPSECKEY	45	/* public key for ipsec use. RFC 4025 */
131 
132 #define TYPE_RRSIG	46	/* RFC 4033, 4034, and 4035 */
133 #define TYPE_NSEC	47	/* RFC 4033, 4034, and 4035 */
134 #define TYPE_DNSKEY	48	/* RFC 4033, 4034, and 4035 */
135 #define TYPE_DHCID	49	/* RFC4701 DHCP information */
136 #define TYPE_NSEC3	50	/* NSEC3, secure denial, prevents zonewalking */
137 #define TYPE_NSEC3PARAM 51	/* NSEC3PARAM at zone apex nsec3 parameters */
138 #define TYPE_TLSA	52	/* RFC 6698 */
139 #define TYPE_SMIMEA	53	/* RFC 8162 */
140 #define TYPE_CDS	59	/* RFC 7344 */
141 #define TYPE_CDNSKEY	60	/* RFC 7344 */
142 #define TYPE_OPENPGPKEY 61	/* RFC 7929 */
143 #define TYPE_CSYNC	62	/* RFC 7477 */
144 #define TYPE_ZONEMD	63	/* draft-ietf-dnsop-dns-zone-digest */
145 #define TYPE_SVCB	64	/* draft-ietf-dnsop-svcb-https-03 */
146 #define TYPE_HTTPS	65	/* draft-ietf-dnsop-svcb-https-03 */
147 
148 #define TYPE_SPF        99      /* RFC 4408 */
149 
150 #define TYPE_NID        104     /* RFC 6742 */
151 #define TYPE_L32        105     /* RFC 6742 */
152 #define TYPE_L64        106     /* RFC 6742 */
153 #define TYPE_LP         107     /* RFC 6742 */
154 #define TYPE_EUI48      108     /* RFC 7043 */
155 #define TYPE_EUI64      109     /* RFC 7043 */
156 
157 #define TYPE_TSIG	250
158 #define TYPE_IXFR	251
159 #define TYPE_AXFR	252
160 #define TYPE_MAILB	253	/* A request for mailbox-related records (MB, MG or MR) */
161 #define TYPE_MAILA	254	/* A request for mail agent RRs (Obsolete - see MX) */
162 #define TYPE_ANY	255	/* any type (wildcard) */
163 #define TYPE_URI	256	/* RFC 7553 */
164 #define TYPE_CAA	257	/* RFC 6844 */
165 #define TYPE_AVC	258
166 
167 #define TYPE_DLV	32769	/* RFC 4431 */
168 #define PSEUDO_TYPE_DLV	RRTYPE_DESCRIPTORS_LENGTH
169 
170 #define SVCB_KEY_MANDATORY		0
171 #define SVCB_KEY_ALPN			1
172 #define SVCB_KEY_NO_DEFAULT_ALPN	2
173 #define SVCB_KEY_PORT			3
174 #define SVCB_KEY_IPV4HINT		4
175 #define SVCB_KEY_ECH		5
176 #define SVCB_KEY_IPV6HINT		6
177 #define SVCB_KEY_DOHPATH		7
178 #define SVCPARAMKEY_COUNT 8
179 
180 #define MAXLABELLEN	63
181 #define MAXDOMAINLEN	255
182 
183 #define MAXRDATALEN	64      /* This is more than enough, think multiple TXT. */
184 #define MAX_RDLENGTH	65535
185 
186 /* Maximum size of a single RR.  */
187 #define MAX_RR_SIZE \
188 	(MAXDOMAINLEN + sizeof(uint32_t) + 4*sizeof(uint16_t) + MAX_RDLENGTH)
189 
190 #define IP4ADDRLEN	(32/8)
191 #define IP6ADDRLEN	(128/8)
192 #define EUI48ADDRLEN	(48/8)
193 #define EUI64ADDRLEN	(64/8)
194 
195 #define NSEC3_HASH_LEN 20
196 
197 /*
198  * The different types of RDATA wireformat data.
199  */
200 enum rdata_wireformat
201 {
202 	RDATA_WF_COMPRESSED_DNAME,   /* Possibly compressed domain name.  */
203 	RDATA_WF_UNCOMPRESSED_DNAME, /* Uncompressed domain name.  */
204 	RDATA_WF_LITERAL_DNAME,      /* Literal (not downcased) dname.  */
205 	RDATA_WF_BYTE,               /* 8-bit integer.  */
206 	RDATA_WF_SHORT,              /* 16-bit integer.  */
207 	RDATA_WF_LONG,               /* 32-bit integer.  */
208 	RDATA_WF_TEXT,               /* Text string.  */
209 	RDATA_WF_TEXTS,              /* Text string sequence.  */
210 	RDATA_WF_A,                  /* 32-bit IPv4 address.  */
211 	RDATA_WF_AAAA,               /* 128-bit IPv6 address.  */
212 	RDATA_WF_BINARY,             /* Binary data (unknown length).  */
213 	RDATA_WF_BINARYWITHLENGTH,   /* Binary data preceded by 1 byte length */
214 	RDATA_WF_APL,                /* APL data.  */
215 	RDATA_WF_IPSECGATEWAY,       /* IPSECKEY gateway ip4, ip6 or dname. */
216 	RDATA_WF_ILNP64,             /* 64-bit uncompressed IPv6 address.  */
217 	RDATA_WF_EUI48,	             /* 48-bit address.  */
218 	RDATA_WF_EUI64,              /* 64-bit address.  */
219 	RDATA_WF_LONG_TEXT,          /* Long (>255) text string. */
220 	RDATA_WF_SVCPARAM            /* SvcParam <key>[=<value>] */
221 };
222 typedef enum rdata_wireformat rdata_wireformat_type;
223 
224 /*
225  * The different types of RDATA that can appear in the zone file.
226  */
227 enum rdata_zoneformat
228 {
229 	RDATA_ZF_DNAME,		/* Domain name.  */
230 	RDATA_ZF_LITERAL_DNAME,	/* DNS name (not lowercased domain name).  */
231 	RDATA_ZF_TEXT,		/* Text string.  */
232 	RDATA_ZF_TEXTS,		/* Text string sequence.  */
233 	RDATA_ZF_BYTE,		/* 8-bit integer.  */
234 	RDATA_ZF_SHORT,		/* 16-bit integer.  */
235 	RDATA_ZF_LONG,		/* 32-bit integer.  */
236 	RDATA_ZF_A,		/* 32-bit IPv4 address.  */
237 	RDATA_ZF_AAAA,		/* 128-bit IPv6 address.  */
238 	RDATA_ZF_RRTYPE,	/* RR type.  */
239 	RDATA_ZF_ALGORITHM,	/* Cryptographic algorithm.  */
240 	RDATA_ZF_CERTIFICATE_TYPE,
241 	RDATA_ZF_PERIOD,	/* Time period.  */
242 	RDATA_ZF_TIME,
243 	RDATA_ZF_BASE64,	/* Base-64 binary data.  */
244 	RDATA_ZF_BASE32,	/* Base-32 binary data.  */
245 	RDATA_ZF_HEX,		/* Hexadecimal binary data.  */
246 	RDATA_ZF_HEX_LEN,	/* Hexadecimal binary data. Skip initial length byte. */
247 	RDATA_ZF_NSAP,		/* NSAP.  */
248 	RDATA_ZF_APL,		/* APL.  */
249 	RDATA_ZF_IPSECGATEWAY,	/* IPSECKEY gateway ip4, ip6 or dname. */
250 	RDATA_ZF_SERVICES,	/* Protocol and port number bitmap.  */
251 	RDATA_ZF_NXT,		/* NXT type bitmap.  */
252 	RDATA_ZF_NSEC,		/* NSEC type bitmap.  */
253 	RDATA_ZF_LOC,		/* Location data.  */
254 	RDATA_ZF_ILNP64,	/* 64-bit uncompressed IPv6 address.  */
255 	RDATA_ZF_EUI48,		/* EUI48 address.  */
256 	RDATA_ZF_EUI64,		/* EUI64 address.  */
257 	RDATA_ZF_LONG_TEXT,	/* Long (>255) text string. */
258 	RDATA_ZF_TAG,		/* Text string without quotes. */
259 	RDATA_ZF_SVCPARAM,	/* SvcParam <key>[=<value>] */
260 	RDATA_ZF_UNKNOWN	/* Unknown data.  */
261 };
262 typedef enum rdata_zoneformat rdata_zoneformat_type;
263 
264 struct rrtype_descriptor
265 {
266 	uint16_t    type;	/* RR type */
267 	const char *name;	/* Textual name.  */
268 	int         token;	/* Parser token.  */
269 	uint32_t    minimum;	/* Minimum number of RDATAs.  */
270 	uint32_t    maximum;	/* Maximum number of RDATAs.  */
271 	uint8_t     wireformat[MAXRDATALEN]; /* rdata_wireformat_type */
272 	uint8_t     zoneformat[MAXRDATALEN]; /* rdata_zoneformat_type  */
273 };
274 typedef struct rrtype_descriptor rrtype_descriptor_type;
275 
276 /*
277  * Indexed by type.  The special type "0" can be used to get a
278  * descriptor for unknown types (with one binary rdata).
279  *
280  * AVC + 1
281  */
282 #define RRTYPE_DESCRIPTORS_LENGTH  (TYPE_AVC + 1)
283 rrtype_descriptor_type *rrtype_descriptor_by_name(const char *name);
284 rrtype_descriptor_type *rrtype_descriptor_by_type(uint16_t type);
285 
286 const char *rrtype_to_string(uint16_t rrtype);
287 
288 /*
289  * Lookup the type in the ztypes lookup table.  If not found, check if
290  * the type uses the "TYPExxx" notation for unknown types.
291  *
292  * Return 0 if no type matches.
293  */
294 uint16_t rrtype_from_string(const char *name);
295 
296 const char *rrclass_to_string(uint16_t rrclass);
297 uint16_t rrclass_from_string(const char *name);
298 
299 #ifdef __cplusplus
300 inline rr_section_type
301 operator++(rr_section_type &lhs)
302 {
303 	lhs = (rr_section_type) ((int) lhs + 1);
304 	return lhs;
305 }
306 #endif /* __cplusplus */
307 
308 #endif /* DNS_H */
309