mDNSMacOSX/dnssec_v2/dnssec_v2.h

   1 //
   2 //      dnssec_v2.h
   3 //      mDNSResponder
   4 //
   5 //      Copyright (c) 2020 Apple Inc. All rights reserved.
   6 //
   7
   8 #ifndef DNSSEC_V2_H
   9 #define DNSSEC_V2_H
  10
  11 #include "mDNSEmbeddedAPI.h"
  12 #if MDNSRESPONDER_SUPPORTS(APPLE, DNSSECv2)
  13 #include <os/feature_private.h>
  14 #include "dnssec_v2_embedded.h"
  15 #include "dnssec_v2_structs.h"
  16 #include "dnssec_v2_retrieval.h"
  17 #include "dnssec_v2_validation.h"
  18 #include "dnssec_v2_trust_anchor.h"
  19 #include "dnssec_v2_log.h"
  20 #include "base_n.h"
  21 #include "list.h"
  22
  23 //======================================================================================================================
  24 //      Constants
  25 //======================================================================================================================
  26
  27 #define EDNS0_SENDER_UDP_PAYLOAD_SIZE   512
  28 #define MAX_ZONES_ALLOWED                               10
  29
  30 //======================================================================================================================
  31 //      Macros
  32 //======================================================================================================================
  33
  34 #define FLAGS_CONTAIN_DNSOK_BIT(FLAGS) (((FLAGS) & kDNSServiceFlagsEnableDNSSEC) != 0)
  35
  36 //======================================================================================================================
  37 //      functions
  38 //======================================================================================================================
  39
  40 mDNSexport mDNSBool
  41 enables_dnssec_validation(const DNSQuestion * _Nonnull q);
  42
  43 mDNSexport mDNSBool
  44 is_eligible_for_dnssec(const domainname * const _Nonnull name, mDNSu16 question_type);
  45
  46 mDNSexport void
  47 get_denial_records_from_negative_cache_to_dnssec_context(
  48         const mDNSBool                                                  enable_dnssec,
  49         dnssec_context_t * const        _Nonnull        context,
  50         CacheRecord * const                     _Nonnull        rr);
  51
  52 mDNSexport void
  53 set_denial_records_in_cache_record(
  54         CacheRecord * const                             _Nonnull                                cache_record,
  55         denial_of_existence_records_t *         _Nullable *     _Nonnull        denial_records_ptr);
  56
  57 mDNSexport void
  58 release_denial_records_in_cache_record(CacheRecord * const _Nonnull cache_record);
  59
  60 mDNSexport void
  61 update_denial_records_in_cache_record(
  62         CacheRecord * const                             _Nonnull                                cache_record,
  63         denial_of_existence_records_t *         _Nullable *     _Nonnull        denial_records_ptr);
  64
  65 mDNSexport mDNSBool
  66 adds_denial_records_in_cache_record(
  67         const ResourceRecord *                  _Nonnull const                  rr,
  68         const mDNSBool                                                                                  enable_dnssec,
  69         denial_of_existence_records_t * _Nullable * _Nonnull    denials_ptr);
  70
  71 mDNSexport mDNSBool
  72 are_records_in_the_same_cache_set_for_dnssec(
  73         const ResourceRecord * const _Nonnull left,
  74         const ResourceRecord * const _Nonnull right);
  75
  76 mDNSexport mDNSBool
  77 record_type_answers_dnssec_question(const ResourceRecord * const _Nonnull record, const mDNSu16 qtype);
  78
  79 mDNSexport mDNSBool
  80 rrsig_records_cover_the_same_record_type(const ResourceRecord * const _Nonnull left, const ResourceRecord * const _Nonnull right);
  81
  82 mDNSexport mDNSBool
  83 record_denies_existence_of_dnssec_question(const ResourceRecord * const _Nonnull record);
  84
  85 mDNSexport void
  86 query_record_result_reply_with_dnssec(
  87         mDNS *const                                             _Null_unspecified       __unused m,
  88         DNSQuestion *                                   _Null_unspecified       question,
  89         const ResourceRecord * const    _Null_unspecified       answer,
  90         QC_result                                                                                       add_record,
  91         DNSServiceErrorType                                                                     dns_result_error,
  92         void *                                                  _Null_unspecified       context);
  93
  94 mDNSexport void
  95 stop_dnssec_if_enable_dnssec(QueryRecordClientRequest * const _Nonnull request);
  96
  97 mDNSexport void
  98 stop_dnssec(QueryRecordClientRequest * const _Nonnull request);
  99
 100 /*!
 101  * @brief
 102  *              Stops the sub request started by the current request, and also possibly delivers RMV events for all the returned answers.
 103  *
 104  * @param dnssec_context
 105  *              A pointer to the DNSSEC context of the current request.
 106  *
 107  * @param deliver_remove
 108  *              A boolean value to indicate if the function should deliver the RMV events for those records that have been returned to the client.
 109  *
 110  * @param m
 111  *              A pointer to the mDNS structure.
 112  *
 113  * @return
 114  *              A boolean value to indicate if the caller should stop all the work immediately. If it returns true, it means that the callback called by this function has canceled
 115  *              the current request and its corresponding question, and the caller should assume that all the allocated memory it owns has already been freed, and it
 116  *              should stop immediately to avoid invalid memory access.
 117  */
 118 mDNSexport mDNSBool
 119 stop_sub_cname_request_and_dnssec(DNSQuestion * const _Nonnull question, dnssec_context_t * const _Nonnull dnssec_context,
 120         const mDNSBool deliver_remove, mDNS * const _Nullable m);
 121
 122 #endif // MDNSRESPONDER_SUPPORTS(APPLE, DNSSECv2)
 123 #endif // DNSSEC_V2_H