1 /* 2 * Copyright (C) Internet Systems Consortium, Inc. ("ISC") 3 * 4 * SPDX-License-Identifier: MPL-2.0 5 * 6 * This Source Code Form is subject to the terms of the Mozilla Public 7 * License, v. 2.0. If a copy of the MPL was not distributed with this 8 * file, you can obtain one at https://mozilla.org/MPL/2.0/. 9 * 10 * See the COPYRIGHT file distributed with this work for additional 11 * information regarding copyright ownership. 12 */ 13 14 #ifndef DNS_DNSRPS_H 15 #define DNS_DNSRPS_H 16 17 #include <inttypes.h> 18 #include <stdbool.h> 19 20 #include <isc/lang.h> 21 22 #include <dns/types.h> 23 24 #ifdef USE_DNSRPS 25 26 #include <dns/librpz.h> 27 #include <dns/rpz.h> 28 29 /* 30 * Error message if dlopen(librpz) failed. 31 */ 32 extern librpz_emsg_t librpz_lib_open_emsg; 33 34 /* 35 * These shim BIND9 database, node, and rdataset are handles on RRs from librpz. 36 * 37 * All of these structures are used by a single thread and so need no locks. 38 * 39 * rpsdb_t holds the state for a set of RPZ queries. 40 * 41 * rpsnode_t is a link to the rpsdb_t for the set of RPZ queries 42 * and a flag saying whether it is pretending to be a node with RRs for 43 * the qname or the node with the SOA for the zone containing the rewritten 44 * RRs or justifying NXDOMAIN. 45 */ 46 typedef struct { 47 uint8_t unused; 48 } rpsnode_t; 49 typedef struct rpsdb { 50 dns_db_t common; 51 int ref_cnt; 52 librpz_result_id_t hit_id; 53 librpz_result_t result; 54 librpz_rsp_t *rsp; 55 librpz_domain_buf_t origin_buf; 56 const dns_name_t *qname; 57 rpsnode_t origin_node; 58 rpsnode_t data_node; 59 } rpsdb_t; 60 61 /* 62 * Convert a dnsrps policy to a classic BIND9 RPZ policy. 63 */ 64 dns_rpz_policy_t 65 dns_dnsrps_2policy(librpz_policy_t rps_policy); 66 67 /* 68 * Convert a dnsrps trigger to a classic BIND9 RPZ rewrite or trigger type. 69 */ 70 dns_rpz_type_t 71 dns_dnsrps_trig2type(librpz_trig_t trig); 72 73 /* 74 * Convert a classic BIND9 RPZ rewrite or trigger type to a librpz trigger type. 75 */ 76 librpz_trig_t 77 dns_dnsrps_type2trig(dns_rpz_type_t type); 78 79 /* 80 * Start dnsrps for the entire server. 81 */ 82 isc_result_t 83 dns_dnsrps_server_create(void); 84 85 /* 86 * Stop dnsrps for the entire server. 87 */ 88 void 89 dns_dnsrps_server_destroy(void); 90 91 /* 92 * Ready dnsrps for a view. 93 */ 94 isc_result_t 95 dns_dnsrps_view_init(dns_rpz_zones_t *new, char *rps_cstr); 96 97 /* 98 * Connect to and start the dnsrps daemon, dnsrpzd. 99 */ 100 isc_result_t 101 dns_dnsrps_connect(dns_rpz_zones_t *rpzs); 102 103 /* 104 * Get ready to try dnsrps rewriting. 105 */ 106 isc_result_t 107 dns_dnsrps_rewrite_init(librpz_emsg_t *emsg, dns_rpz_st_t *st, 108 dns_rpz_zones_t *rpzs, const dns_name_t *qname, 109 isc_mem_t *mctx, bool have_rd); 110 111 #endif /* USE_DNSRPS */ 112 113 ISC_LANG_ENDDECLS 114 115 #endif /* DNS_DNSRPS_H */ 116