X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=src%2Finclude%2Fgnunet_dnsparser_lib.h;h=9fe3491d672a734611d6dbad6e0f7194b44eacf9;hb=a67bd3630046d3a52195a13cbd4b4631c283d68d;hp=2d3a26215acf94f43b749f22eac50ab0865a9b31;hpb=38be3ab6333e09e5689b4626bf9caa93bd1bbfba;p=oweals%2Fgnunet.git diff --git a/src/include/gnunet_dnsparser_lib.h b/src/include/gnunet_dnsparser_lib.h index 2d3a26215..9fe3491d6 100644 --- a/src/include/gnunet_dnsparser_lib.h +++ b/src/include/gnunet_dnsparser_lib.h @@ -1,6 +1,6 @@ /* This file is part of GNUnet - (C) 2010-2013 Christian Grothoff (and other contributing authors) + Copyright (C) 2010-2014 GNUnet e.V. GNUnet is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published @@ -14,20 +14,25 @@ You should have received a copy of the GNU General Public License along with GNUnet; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 59 Temple Place - Suite 330, - Boston, MA 02111-1307, USA. + Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, + Boston, MA 02110-1301, USA. */ /** - * @file include/gnunet_dnsparser_lib.h - * @brief API for helper library to parse DNS packets. * @author Philipp Toelke * @author Christian Grothoff + * + * @file + * API for helper library to parse DNS packets. + * + * @defgroup dns-parser DNS parser library + * Helper library to parse DNS packets. + * @{ */ #ifndef GNUNET_DNSPARSER_LIB_H #define GNUNET_DNSPARSER_LIB_H -#include "gnunet_common.h" +#include "gnunet_util_lib.h" #include "gnunet_tun_lib.h" /** @@ -53,6 +58,7 @@ #define GNUNET_DNSPARSER_TYPE_TXT 16 #define GNUNET_DNSPARSER_TYPE_AAAA 28 #define GNUNET_DNSPARSER_TYPE_SRV 33 +#define GNUNET_DNSPARSER_TYPE_CERT 37 #define GNUNET_DNSPARSER_TYPE_TLSA 52 @@ -64,8 +70,8 @@ struct GNUNET_DNSPARSER_Query /** * Name of the record that the query is for (0-terminated). - * In UTF-8 format. The library will convert from and to DNS-IDNA - * as necessary. Use 'GNUNET_DNSPARSER_check_label' to test if an + * In UTF-8 format. The library will convert from and to DNS-IDNA + * as necessary. Use #GNUNET_DNSPARSER_check_label() to test if an * individual label is well-formed. If a given name is not well-formed, * creating the DNS packet will fail. */ @@ -79,7 +85,7 @@ struct GNUNET_DNSPARSER_Query /** * See GNUNET_TUN_DNS_CLASS_*. */ - uint16_t class; + uint16_t dns_traffic_class; }; @@ -89,7 +95,7 @@ struct GNUNET_DNSPARSER_Query */ struct GNUNET_DNSPARSER_MxRecord { - + /** * Preference for this entry (lower value is higher preference). */ @@ -97,8 +103,8 @@ struct GNUNET_DNSPARSER_MxRecord /** * Name of the mail server. - * In UTF-8 format. The library will convert from and to DNS-IDNA - * as necessary. Use 'GNUNET_DNSPARSER_check_label' to test if an + * In UTF-8 format. The library will convert from and to DNS-IDNA + * as necessary. Use #GNUNET_DNSPARSER_check_label() to test if an * individual label is well-formed. If a given name is not well-formed, * creating the DNS packet will fail. */ @@ -108,48 +114,15 @@ struct GNUNET_DNSPARSER_MxRecord /** - * Information from SRV records (RFC 2782). The 'service', 'proto' - * and 'domain_name' fields together give the DNS-name which for SRV - * records is of the form "_$SERVICE._$PROTO.$DOMAIN_NAME". The DNS - * parser provides the full name in 'struct DNSPARSER_Record' and the - * individual components in the respective fields of this struct. - * When serializing, you CAN set the 'name' field of 'struct - * GNUNET_DNSPARSER_Record' to NULL, in which case the DNSPARSER code - * will populate 'name' from the 'service', 'proto' and 'domain_name' - * fields in this struct. + * Information from SRV records (RFC 2782). */ struct GNUNET_DNSPARSER_SrvRecord { - - /** - * Service name without the underscore (!). Note that RFC 6335 clarifies the - * set of legal characters for service names. - * In UTF-8 format. The library will convert from and to DNS-IDNA - * as necessary. Use 'GNUNET_DNSPARSER_check_label' to test if an - * individual label is well-formed. If a given name is not well-formed, - * creating the DNS packet will fail. - */ - char *service; - - /** - * Transport protocol (typcially "tcp" or "udp", but others might be allowed). - * Without the underscore (!). - */ - char *proto; - - /** - * Domain name for which the record is valid - * In UTF-8 format. The library will convert from and to DNS-IDNA - * as necessary. Use 'GNUNET_DNSPARSER_check_label' to test if an - * individual label is well-formed. If a given name is not well-formed, - * creating the DNS packet will fail. - */ - char *domain_name; /** * Hostname offering the service. - * In UTF-8 format. The library will convert from and to DNS-IDNA - * as necessary. Use 'GNUNET_DNSPARSER_check_label' to test if an + * In UTF-8 format. The library will convert from and to DNS-IDNA + * as necessary. Use #GNUNET_DNSPARSER_check_label() to test if an * individual label is well-formed. If a given name is not well-formed, * creating the DNS packet will fail. */ @@ -176,18 +149,183 @@ struct GNUNET_DNSPARSER_SrvRecord }; - + +/** + * DNS CERT types as defined in RFC 4398. + */ +enum GNUNET_DNSPARSER_CertType +{ + /** + * Reserved value + */ + GNUNET_DNSPARSER_CERTTYPE_RESERVED = 0, + + /** + * An x509 PKIX certificate + */ + GNUNET_DNSPARSER_CERTTYPE_PKIX = 1, + + /** + * A SKPI certificate + */ + GNUNET_DNSPARSER_CERTTYPE_SKPI = 2, + + /** + * A PGP certificate + */ + GNUNET_DNSPARSER_CERTTYPE_PGP = 3, + + /** + * An x509 PKIX cert URL + */ + GNUNET_DNSPARSER_CERTTYPE_IPKIX = 4, + + /** + * A SKPI cert URL + */ + GNUNET_DNSPARSER_CERTTYPE_ISKPI = 5, + + /** + * A PGP cert fingerprint and URL + */ + GNUNET_DNSPARSER_CERTTYPE_IPGP = 6, + + /** + * An attribute Certificate + */ + GNUNET_DNSPARSER_CERTTYPE_ACPKIX = 7, + + /** + * An attribute cert URL + */ + GNUNET_DNSPARSER_CERTTYPE_IACKPIX = 8 +}; + + +/** + * DNSCERT algorithms as defined in http://www.iana.org/assignments/ + * dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml, under dns-sec-alg-numbers-1 + */ +enum GNUNET_DNSPARSER_CertAlgorithm +{ + /** + * No defined + */ + GNUNET_DNSPARSER_CERTALGO_UNDEFINED = 0, + + /** + * RSA/MD5 + */ + GNUNET_DNSPARSER_CERTALGO_RSAMD5 = 1, + + /** + * Diffie-Hellman + */ + GNUNET_DNSPARSER_CERTALGO_DH = 2, + + /** + * DSA/SHA1 + */ + GNUNET_DNSPARSER_CERTALGO_DSASHA = 3, + + /** + * Reserved + */ + GNUNET_DNSPARSER_CERTALGO_RSRVD4 = 4, + + /** + * RSA/SHA1 + */ + GNUNET_DNSPARSER_CERTALGO_RSASHA = 5, + + /** + * DSA/NSEC3/SHA + */ + GNUNET_DNSPARSER_CERTALGO_DSANSEC3 = 6, + + /** + * RSA/NSEC3/SHA + */ + GNUNET_DNSPARSER_CERTALGO_RSANSEC3 = 7, + + /** + * RSA/SHA256 + */ + GNUNET_DNSPARSER_CERTALGO_RSASHA256 = 8, + + /** + * Reserved + */ + GNUNET_DNSPARSER_CERTALGO_RSRVD9 = 9, + + /** + * RSA/SHA512 + */ + GNUNET_DNSPARSER_CERTALGO_RSASHA512 = 10, + + /** + * GOST R 34.10-2001 + */ + GNUNET_DNSPARSER_CERTALGO_GOST_R34 = 12, + + /** + * ECDSA Curve P-256/SHA256 + */ + GNUNET_DNSPARSER_CERTALGO_ECDSA_P256SHA256 = 13, + + /** + * ECDSA Curve P-384/SHA384 + */ + GNUNET_DNSPARSER_CERTALGO_ECDSA_P384SHA384 = 14 + +}; + + +/** + * Information from CERT records (RFC 4034). + */ +struct GNUNET_DNSPARSER_CertRecord +{ + + /** + * Certificate type + */ + enum GNUNET_DNSPARSER_CertType cert_type; + + /** + * Certificate KeyTag + */ + uint16_t cert_tag; + + /** + * Algorithm + */ + enum GNUNET_DNSPARSER_CertAlgorithm algorithm; + + /** + * Number of bytes in @e certificate_data + */ + size_t certificate_size; + + /** + * Data of the certificate. + */ + char *certificate_data; + +}; + + /** * Information from SOA records (RFC 1035). */ struct GNUNET_DNSPARSER_SoaRecord { - + /** - *The domainname of the name server that was the + * The domainname of the name server that was the * original or primary source of data for this zone. - * In UTF-8 format. The library will convert from and to DNS-IDNA - * as necessary. Use 'GNUNET_DNSPARSER_check_label' to test if an + * In UTF-8 format. The library will convert from and to DNS-IDNA + * as necessary. Use #GNUNET_DNSPARSER_check_label() to test if an * individual label is well-formed. If a given name is not well-formed, * creating the DNS packet will fail. */ @@ -196,15 +334,15 @@ struct GNUNET_DNSPARSER_SoaRecord /** * A domainname which specifies the mailbox of the * person responsible for this zone. - * In UTF-8 format. The library will convert from and to DNS-IDNA - * as necessary. Use 'GNUNET_DNSPARSER_check_label' to test if an + * In UTF-8 format. The library will convert from and to DNS-IDNA + * as necessary. Use #GNUNET_DNSPARSER_check_label() to test if an * individual label is well-formed. If a given name is not well-formed, * creating the DNS packet will fail. */ char *rname; /** - * The version number of the original copy of the zone. + * The version number of the original copy of the zone. */ uint32_t serial; @@ -230,7 +368,7 @@ struct GNUNET_DNSPARSER_SoaRecord * from this zone. */ uint32_t minimum_ttl; - + }; @@ -260,8 +398,8 @@ struct GNUNET_DNSPARSER_Record /** * Name of the record that the query is for (0-terminated). - * In UTF-8 format. The library will convert from and to DNS-IDNA - * as necessary. Use #GNUNET_DNSPARSER_check_label to test if an + * In UTF-8 format. The library will convert from and to DNS-IDNA + * as necessary. Use #GNUNET_DNSPARSER_check_label() to test if an * individual label is well-formed. If a given name is not well-formed, * creating the DNS packet will fail. */ @@ -270,23 +408,28 @@ struct GNUNET_DNSPARSER_Record /** * Payload of the record (which one of these is valid depends on the 'type'). */ - union + union { /** * For NS, CNAME and PTR records, this is the uncompressed 0-terminated hostname. - * In UTF-8 format. The library will convert from and to DNS-IDNA - * as necessary. Use #GNUNET_DNSPARSER_check_label to test if an + * In UTF-8 format. The library will convert from and to DNS-IDNA + * as necessary. Use #GNUNET_DNSPARSER_check_label() to test if an * individual label is well-formed. If a given name is not well-formed, * creating the DNS packet will fail. */ char *hostname; - + /** * SOA data for SOA records. */ struct GNUNET_DNSPARSER_SoaRecord *soa; - + + /** + * CERT data for CERT records. + */ + struct GNUNET_DNSPARSER_CertRecord *cert; + /** * MX data for MX records. */ @@ -318,7 +461,7 @@ struct GNUNET_DNSPARSER_Record /** * See GNUNET_TUN_DNS_CLASS_*. */ - uint16_t class; + uint16_t dns_traffic_class; }; @@ -370,7 +513,7 @@ struct GNUNET_DNSPARSER_Packet /** * Bitfield of DNS flags. - */ + */ struct GNUNET_TUN_DnsFlags flags; /** @@ -386,8 +529,8 @@ struct GNUNET_DNSPARSER_Packet * This can fail if the ASCII-conversion becomes longer than 63 characters. * * @param label label to check (UTF-8 string) - * @return GNUNET_OK if the label can be converted to IDNA, - * GNUNET_SYSERR if the label is not valid for DNS names + * @return #GNUNET_OK if the label can be converted to IDNA, + * #GNUNET_SYSERR if the label is not valid for DNS names */ int GNUNET_DNSPARSER_check_label (const char *label); @@ -399,8 +542,8 @@ GNUNET_DNSPARSER_check_label (const char *label); * the entire name exceeds 253 characters. * * @param name name to check (UTF-8 string) - * @return GNUNET_OK if the label can be converted to IDNA, - * GNUNET_SYSERR if the label is not valid for DNS names + * @return #GNUNET_OK if the label can be converted to IDNA, + * #GNUNET_SYSERR if the label is not valid for DNS names */ int GNUNET_DNSPARSER_check_name (const char *name); @@ -411,7 +554,7 @@ GNUNET_DNSPARSER_check_name (const char *name); * processing and manipulation. * * @param udp_payload wire-format of the DNS packet - * @param udp_payload_length number of bytes in udp_payload + * @param udp_payload_length number of bytes in @a udp_payload * @return NULL on error, otherwise the parsed packet */ struct GNUNET_DNSPARSER_Packet * @@ -431,7 +574,7 @@ GNUNET_DNSPARSER_free_packet (struct GNUNET_DNSPARSER_Packet *p); /** * Given a DNS packet @a p, generate the corresponding UDP payload. * Note that we do not attempt to pack the strings with pointers - * as this would complicate the code and this is about being + * as this would complicate the code and this is about being * simple and secure, not fast, fancy and broken like bind. * * @param p packet to pack @@ -527,6 +670,25 @@ GNUNET_DNSPARSER_builder_add_soa (char *dst, const struct GNUNET_DNSPARSER_SoaRecord *soa); +/** + * Add CERT record to the UDP packet at the given location. + * + * @param dst where to write the CERT record + * @param dst_len number of bytes in @a dst + * @param off pointer to offset where to write the CERT information (increment by bytes used) + * can also change if there was an error + * @param cert CERT information to write + * @return #GNUNET_SYSERR if @a soa is invalid + * #GNUNET_NO if @a soa did not fit + * #GNUNET_OK if @a soa was added to @a dst + */ +int +GNUNET_DNSPARSER_builder_add_cert (char *dst, + size_t dst_len, + size_t *off, + const struct GNUNET_DNSPARSER_CertRecord *cert); + + /** * Add an SRV record to the UDP packet at the given location. * @@ -595,6 +757,7 @@ GNUNET_DNSPARSER_parse_query (const char *udp_payload, size_t *off, struct GNUNET_DNSPARSER_Query *q); + /** * Parse a DNS SOA record. * @@ -610,6 +773,21 @@ GNUNET_DNSPARSER_parse_soa (const char *udp_payload, size_t *off); +/** + * Parse a DNS CERT record. + * + * @param udp_payload reference to UDP packet + * @param udp_payload_length length of @a udp_payload + * @param off pointer to the offset of the query to parse in the CERT record (to be + * incremented by the size of the record), unchanged on error + * @return the parsed CERT record, NULL on error + */ +struct GNUNET_DNSPARSER_CertRecord * +GNUNET_DNSPARSER_parse_cert (const char *udp_payload, + size_t udp_payload_length, + size_t *off); + + /** * Parse a DNS MX record. * @@ -628,7 +806,6 @@ GNUNET_DNSPARSER_parse_mx (const char *udp_payload, /** * Parse a DNS SRV record. * - * @param r_name name of the SRV record * @param udp_payload reference to UDP packet * @param udp_payload_length length of @a udp_payload * @param off pointer to the offset of the query to parse in the SRV record (to be @@ -636,10 +813,82 @@ GNUNET_DNSPARSER_parse_mx (const char *udp_payload, * @return the parsed SRV record, NULL on error */ struct GNUNET_DNSPARSER_SrvRecord * -GNUNET_DNSPARSER_parse_srv (const char *r_name, - const char *udp_payload, +GNUNET_DNSPARSER_parse_srv (const char *udp_payload, size_t udp_payload_length, size_t *off); +/* ***************** low-level deallocation API ******************** */ + +/** + * Free the given DNS record. + * + * @param r record to free + */ +void +GNUNET_DNSPARSER_free_record (struct GNUNET_DNSPARSER_Record *r); + + +/** + * Free MX information record. + * + * @param mx record to free + */ +void +GNUNET_DNSPARSER_free_mx (struct GNUNET_DNSPARSER_MxRecord *mx); + + +/** + * Free SRV information record. + * + * @param srv record to free + */ +void +GNUNET_DNSPARSER_free_srv (struct GNUNET_DNSPARSER_SrvRecord *srv); + + +/** + * Free SOA information record. + * + * @param soa record to free + */ +void +GNUNET_DNSPARSER_free_soa (struct GNUNET_DNSPARSER_SoaRecord *soa); + + +/** + * Free CERT information record. + * + * @param cert record to free + */ +void +GNUNET_DNSPARSER_free_cert (struct GNUNET_DNSPARSER_CertRecord *cert); + + +/** + * Convert a block of binary data to HEX. + * + * @param data binary data to convert + * @param data_size number of bytes in @a data + * @return HEX string (lower case) + */ +char * +GNUNET_DNSPARSER_bin_to_hex (const void *data, + size_t data_size); + + +/** + * Convert a HEX string to block of binary data. + * + * @param hex HEX string to convert (may contain mixed case) + * @param data where to write result, must be + * at least `strlen(hex)/2` bytes long + * @return number of bytes written to data + */ +size_t +GNUNET_DNSPARSER_hex_to_bin (const char *hex, + void *data); + #endif + +/** @} */ /* end of group */