1 /*	$OpenBSD: nameser.h,v 1.11 2005/12/20 02:06:56 millert Exp $	*/
2 
3 /*
4  * ++Copyright++ 1983, 1989, 1993
5  * -
6  * Copyright (c) 1983, 1989, 1993
7  *    The Regents of the University of California.  All rights reserved.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions
11  * are met:
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer in the
16  *    documentation and/or other materials provided with the distribution.
17  * 3. Neither the name of the University nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  * -
33  * Portions Copyright (c) 1993 by Digital Equipment Corporation.
34  *
35  * Permission to use, copy, modify, and distribute this software for any
36  * purpose with or without fee is hereby granted, provided that the above
37  * copyright notice and this permission notice appear in all copies, and that
38  * the name of Digital Equipment Corporation not be used in advertising or
39  * publicity pertaining to distribution of the document or software without
40  * specific, written prior permission.
41  *
42  * THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL
43  * WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES
44  * OF MERCHANTABILITY AND FITNESS.   IN NO EVENT SHALL DIGITAL EQUIPMENT
45  * CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
46  * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
47  * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
48  * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
49  * SOFTWARE.
50  * -
51  * Portions Copyright (c) 1995 by International Business Machines, Inc.
52  *
53  * International Business Machines, Inc. (hereinafter called IBM) grants
54  * permission under its copyrights to use, copy, modify, and distribute this
55  * Software with or without fee, provided that the above copyright notice and
56  * all paragraphs of this notice appear in all copies, and that the name of IBM
57  * not be used in connection with the marketing of any product incorporating
58  * the Software or modifications thereof, without specific, written prior
59  * permission.
60  *
61  * To the extent it has a right to do so, IBM grants an immunity from suit
62  * under its patents, if any, for the use, sale or manufacture of products to
63  * the extent that such products are used for performing Domain Name System
64  * dynamic updates in TCP/IP networks by means of the Software.  No immunity is
65  * granted for any product per se or for any other function of any product.
66  *
67  * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
68  * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
69  * PARTICULAR PURPOSE.  IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
70  * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
71  * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
72  * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
73  * --Copyright--
74  */
75 
76 /*
77  *      @(#)nameser.h	8.1 (Berkeley) 6/2/93
78  *	$From: nameser.h,v 8.11 1996/10/08 04:51:02 vixie Exp $
79  */
80 
81 #ifndef _NAMESER_H_
82 #define _NAMESER_H_
83 
84 #include <sys/cdefs.h>
85 #include <sys/param.h>
86 
87 /*
88  * revision information.  this is the release date in YYYYMMDD format.
89  * it can change every day so the right thing to do with it is use it
90  * in preprocessor commands such as "#if (__BIND > 19931104)".  do not
91  * compare for equality; rather, use it to determine whether your resolver
92  * is new enough to contain a certain feature.
93  */
94 
95 #define __BIND		19960801	/* interface version stamp */
96 
97 /*
98  * Define constants based on rfc883
99  */
100 #define PACKETSZ	512		/* maximum packet size */
101 #define MAXDNAME	1025		/* maximum presentation domain name */
102 #define MAXCDNAME	255		/* maximum compressed domain name */
103 #define MAXLABEL	63		/* maximum length of domain label */
104 #define HFIXEDSZ	12		/* #/bytes of fixed data in header */
105 #define QFIXEDSZ	4		/* #/bytes of fixed data in query */
106 #define RRFIXEDSZ	10		/* #/bytes of fixed data in r record */
107 #define INT32SZ		4		/* for systems without 32-bit ints */
108 #define INT16SZ		2		/* for systems without 16-bit ints */
109 #define INADDRSZ	4		/* IPv4 T_A */
110 #define IN6ADDRSZ	16		/* IPv6 T_AAAA */
111 
112 /*
113  * Internet nameserver port number
114  */
115 #define NAMESERVER_PORT	53
116 
117 /*
118  * Currently defined opcodes
119  */
120 #define QUERY		0x0		/* standard query */
121 #define IQUERY		0x1		/* inverse query */
122 #define STATUS		0x2		/* nameserver status query */
123 /*#define xxx		0x3*/		/* 0x3 reserved */
124 #define NS_NOTIFY_OP	0x4		/* notify secondary of SOA change */
125 /*
126  * Currently defined response codes
127  */
128 #define NOERROR		0		/* no error */
129 #define FORMERR		1		/* format error */
130 #define SERVFAIL	2		/* server failure */
131 #define NXDOMAIN	3		/* non existent domain */
132 #define NOTIMP		4		/* not implemented */
133 #define REFUSED		5		/* query refused */
134 
135 /*
136  * Type values for resources and queries
137  */
138 #define T_A		1		/* host address */
139 #define T_NS		2		/* authoritative server */
140 #define T_MD		3		/* mail destination */
141 #define T_MF		4		/* mail forwarder */
142 #define T_CNAME		5		/* canonical name */
143 #define T_SOA		6		/* start of authority zone */
144 #define T_MB		7		/* mailbox domain name */
145 #define T_MG		8		/* mail group member */
146 #define T_MR		9		/* mail rename name */
147 #define T_NULL		10		/* null resource record */
148 #define T_WKS		11		/* well known service */
149 #define T_PTR		12		/* domain name pointer */
150 #define T_HINFO		13		/* host information */
151 #define T_MINFO		14		/* mailbox information */
152 #define T_MX		15		/* mail routing information */
153 #define T_TXT		16		/* text strings */
154 #define T_RP		17		/* responsible person */
155 #define T_AFSDB		18		/* AFS cell database */
156 #define T_X25		19		/* X_25 calling address */
157 #define T_ISDN		20		/* ISDN calling address */
158 #define T_RT		21		/* router */
159 #define T_NSAP		22		/* NSAP address */
160 #define T_NSAP_PTR	23		/* reverse NSAP lookup (deprecated) */
161 #define T_SIG		24		/* security signature */
162 #define T_KEY		25		/* security key */
163 #define T_PX		26		/* X.400 mail mapping */
164 #define T_GPOS		27		/* geographical position (withdrawn) */
165 #define T_AAAA		28		/* IP6 Address */
166 #define T_LOC		29		/* Location Information */
167 #define T_NXT		30		/* Next Valid Name in Zone */
168 #define T_EID		31		/* Endpoint identifier */
169 #define T_NIMLOC	32		/* Nimrod locator */
170 #define T_SRV		33		/* Server selection */
171 #define T_ATMA		34		/* ATM Address */
172 #define T_NAPTR		35		/* Naming Authority PoinTeR */
173 #define T_KX		36		/* Key Exchanger */
174 #define T_CERT		37		/* CERT */
175 #define T_A6		38		/* A6 */
176 #define T_DNAME		39		/* DNAME */
177 #define T_SINK		40		/* SINK */
178 #define T_OPT		41		/* OPT pseudo-RR, RFC2671 */
179 #define T_APL		42		/* APL */
180 #define T_DS		43		/* Delegation Signer */
181 #define T_SSHFP		44		/* SSH Key Fingerprint */
182 #define T_RRSIG		46		/* RRSIG */
183 #define T_NSEC		47		/* NSEC */
184 #define T_DNSKEY	48		/* DNSKEY */
185 	/* non standard */
186 #define T_UINFO		100		/* user (finger) information */
187 #define T_UID		101		/* user ID */
188 #define T_GID		102		/* group ID */
189 #define T_UNSPEC	103		/* Unspecified format (binary data) */
190 	/* Query type values which do not appear in resource records */
191 #define	T_TKEY		249		/* Transaction Key */
192 #define	T_TSIG		250		/* Transaction Signature */
193 #define	T_IXFR		251		/* incremental zone transfer */
194 #define T_AXFR		252		/* transfer zone of authority */
195 #define T_MAILB		253		/* transfer mailbox records */
196 #define T_MAILA		254		/* transfer mail agent records */
197 #define T_ANY		255		/* wildcard match */
198 
199 /*
200  * Values for class field
201  */
202 
203 #define C_IN		1		/* the arpa internet */
204 #define C_CHAOS		3		/* for chaos net (MIT) */
205 #define C_HS		4		/* for Hesiod name server (MIT) (XXX) */
206 	/* Query class values which do not appear in resource records */
207 #define C_ANY		255		/* wildcard match */
208 
209 /*
210  * Flags field of the KEY RR rdata
211  */
212 #define	KEYFLAG_TYPEMASK	0xC000	/* Mask for "type" bits */
213 #define	KEYFLAG_TYPE_AUTH_CONF	0x0000	/* Key usable for both */
214 #define	KEYFLAG_TYPE_CONF_ONLY	0x8000	/* Key usable for confidentiality */
215 #define	KEYFLAG_TYPE_AUTH_ONLY	0x4000	/* Key usable for authentication */
216 #define	KEYFLAG_TYPE_NO_KEY	0xC000	/* No key usable for either; no key */
217 /* The type bits can also be interpreted independently, as single bits: */
218 #define	KEYFLAG_NO_AUTH		0x8000	/* Key not usable for authentication */
219 #define	KEYFLAG_NO_CONF		0x4000	/* Key not usable for confidentiality */
220 
221 #define	KEYFLAG_EXPERIMENTAL	0x2000	/* Security is *mandatory* if bit=0 */
222 #define	KEYFLAG_RESERVED3	0x1000  /* reserved - must be zero */
223 #define	KEYFLAG_RESERVED4	0x0800  /* reserved - must be zero */
224 #define	KEYFLAG_USERACCOUNT	0x0400	/* key is assoc. with a user acct */
225 #define	KEYFLAG_ENTITY		0x0200	/* key is assoc. with entity eg host */
226 #define	KEYFLAG_ZONEKEY		0x0100	/* key is zone key for the zone named */
227 #define	KEYFLAG_IPSEC		0x0080  /* key is for IPSEC use (host or user)*/
228 #define	KEYFLAG_EMAIL		0x0040  /* key is for email (MIME security) */
229 #define	KEYFLAG_RESERVED10	0x0020  /* reserved - must be zero */
230 #define	KEYFLAG_RESERVED11	0x0010  /* reserved - must be zero */
231 #define	KEYFLAG_SIGNATORYMASK	0x000F	/* key can sign DNS RR's of same name */
232 
233 #define  KEYFLAG_RESERVED_BITMASK ( KEYFLAG_RESERVED3 | \
234 				    KEYFLAG_RESERVED4 | \
235 				    KEYFLAG_RESERVED10| KEYFLAG_RESERVED11)
236 
237 /* The Algorithm field of the KEY and SIG RR's is an integer, {1..254} */
238 #define	ALGORITHM_MD5RSA	1	/* MD5 with RSA */
239 #define	ALGORITHM_EXPIRE_ONLY	253	/* No alg, no security */
240 #define	ALGORITHM_PRIVATE_OID	254	/* Key begins with OID indicating alg */
241 
242 /* Signatures */
243 					/* Size of a mod or exp in bits */
244 #define	MIN_MD5RSA_KEY_PART_BITS	 512
245 #define	MAX_MD5RSA_KEY_PART_BITS	2552
246 					/* Total of binary mod and exp, bytes */
247 #define	MAX_MD5RSA_KEY_BYTES		((MAX_MD5RSA_KEY_PART_BITS+7/8)*2+3)
248 					/* Max length of text sig block */
249 #define	MAX_KEY_BASE64			(((MAX_MD5RSA_KEY_BYTES+2)/3)*4)
250 
251 /*
252  * EDNS0 Z-field extended flags
253  */
254 #define DNS_MESSAGEEXTFLAG_DO	0x8000U
255 
256 /*
257  * Status return codes for T_UNSPEC conversion routines
258  */
259 #define CONV_SUCCESS	0
260 #define CONV_OVERFLOW	(-1)
261 #define CONV_BADFMT	(-2)
262 #define CONV_BADCKSUM	(-3)
263 #define CONV_BADBUFLEN	(-4)
264 
265 #if !defined(_BYTE_ORDER) || \
266     (_BYTE_ORDER != _BIG_ENDIAN && _BYTE_ORDER != _LITTLE_ENDIAN && \
267     _BYTE_ORDER != _PDP_ENDIAN)
268 	/* you must determine what the correct bit order is for
269 	 * your compiler - the next line is an intentional error
270 	 * which will force your compiles to bomb until you fix
271 	 * the above macros.
272 	 */
273 #error "Undefined or invalid _BYTE_ORDER";
274 #endif
275 
276 /*
277  * Structure for query header.  The order of the fields is machine- and
278  * compiler-dependent, depending on the byte/bit order and the layout
279  * of bit fields.  We use bit fields only in int variables, as this
280  * is all ANSI requires.  This requires a somewhat confusing rearrangement.
281  */
282 
283 typedef struct {
284 	unsigned	id :16;		/* query identification number */
285 #if _BYTE_ORDER == _BIG_ENDIAN
286 			/* fields in third byte */
287 	unsigned	qr: 1;		/* response flag */
288 	unsigned	opcode: 4;	/* purpose of message */
289 	unsigned	aa: 1;		/* authoritive answer */
290 	unsigned	tc: 1;		/* truncated message */
291 	unsigned	rd: 1;		/* recursion desired */
292 			/* fields in fourth byte */
293 	unsigned	ra: 1;		/* recursion available */
294 	unsigned	unused :1;	/* unused bits (MBZ as of 4.9.3a3) */
295 	unsigned	ad: 1;		/* authentic data from named */
296 	unsigned	cd: 1;		/* checking disabled by resolver */
297 	unsigned	rcode :4;	/* response code */
298 #endif
299 #if _BYTE_ORDER == _LITTLE_ENDIAN || _BYTE_ORDER == _PDP_ENDIAN
300 			/* fields in third byte */
301 	unsigned	rd :1;		/* recursion desired */
302 	unsigned	tc :1;		/* truncated message */
303 	unsigned	aa :1;		/* authoritive answer */
304 	unsigned	opcode :4;	/* purpose of message */
305 	unsigned	qr :1;		/* response flag */
306 			/* fields in fourth byte */
307 	unsigned	rcode :4;	/* response code */
308 	unsigned	cd: 1;		/* checking disabled by resolver */
309 	unsigned	ad: 1;		/* authentic data from named */
310 	unsigned	unused :1;	/* unused bits (MBZ as of 4.9.3a3) */
311 	unsigned	ra :1;		/* recursion available */
312 #endif
313 			/* remaining bytes */
314 	unsigned	qdcount :16;	/* number of question entries */
315 	unsigned	ancount :16;	/* number of answer entries */
316 	unsigned	nscount :16;	/* number of authority entries */
317 	unsigned	arcount :16;	/* number of resource entries */
318 } HEADER;
319 
320 /*
321  * Defines for handling compressed domain names
322  */
323 #define INDIR_MASK	0xc0
324 
325 extern	u_int16_t	_getshort(const unsigned char *);
326 extern	u_int32_t	_getlong(const unsigned char *);
327 
328 /*
329  * Inline versions of get/put short/long.  Pointer is advanced.
330  *
331  * These macros demonstrate the property of C whereby it can be
332  * portable or it can be elegant but rarely both.
333  */
334 #define GETSHORT(s, cp) { \
335 	unsigned char *t_cp = (unsigned char *)(cp); \
336 	(s) = ((u_int16_t)t_cp[0] << 8) \
337 	    | ((u_int16_t)t_cp[1]) \
338 	    ; \
339 	(cp) += INT16SZ; \
340 }
341 
342 #define GETLONG(l, cp) { \
343 	unsigned char *t_cp = (unsigned char *)(cp); \
344 	(l) = ((u_int32_t)t_cp[0] << 24) \
345 	    | ((u_int32_t)t_cp[1] << 16) \
346 	    | ((u_int32_t)t_cp[2] << 8) \
347 	    | ((u_int32_t)t_cp[3]) \
348 	    ; \
349 	(cp) += INT32SZ; \
350 }
351 
352 #define PUTSHORT(s, cp) { \
353 	u_int16_t t_s = (u_int16_t)(s); \
354 	unsigned char *t_cp = (unsigned char *)(cp); \
355 	*t_cp++ = t_s >> 8; \
356 	*t_cp   = t_s; \
357 	(cp) += INT16SZ; \
358 }
359 
360 #define PUTLONG(l, cp) { \
361 	u_int32_t t_l = (u_int32_t)(l); \
362 	unsigned char *t_cp = (unsigned char *)(cp); \
363 	*t_cp++ = t_l >> 24; \
364 	*t_cp++ = t_l >> 16; \
365 	*t_cp++ = t_l >> 8; \
366 	*t_cp   = t_l; \
367 	(cp) += INT32SZ; \
368 }
369 
370 #endif /* !_NAMESER_H_ */
371