| 1 | /* $NetBSD: nameser.h,v 1.25 2009/04/12 17:07:34 christos Exp $ */ |
|---|---|
| 2 | |
| 3 | /* |
| 4 | * Portions Copyright (C) 2004, 2005, 2008, 2009 Internet Systems Consortium, Inc. ("ISC") |
| 5 | * Portions Copyright (C) 1996-2003 Internet Software Consortium. |
| 6 | * |
| 7 | * Permission to use, copy, modify, and/or distribute this software for any |
| 8 | * purpose with or without fee is hereby granted, provided that the above |
| 9 | * copyright notice and this permission notice appear in all copies. |
| 10 | * |
| 11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH |
| 12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY |
| 13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, |
| 14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM |
| 15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE |
| 16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR |
| 17 | * PERFORMANCE OF THIS SOFTWARE. |
| 18 | */ |
| 19 | |
| 20 | /* |
| 21 | * Copyright (c) 1983, 1989, 1993 |
| 22 | * The Regents of the University of California. All rights reserved. |
| 23 | * |
| 24 | * Redistribution and use in source and binary forms, with or without |
| 25 | * modification, are permitted provided that the following conditions |
| 26 | * are met: |
| 27 | * 1. Redistributions of source code must retain the above copyright |
| 28 | * notice, this list of conditions and the following disclaimer. |
| 29 | * 2. Redistributions in binary form must reproduce the above copyright |
| 30 | * notice, this list of conditions and the following disclaimer in the |
| 31 | * documentation and/or other materials provided with the distribution. |
| 32 | * 3. Neither the name of the University nor the names of its contributors |
| 33 | * may be used to endorse or promote products derived from this software |
| 34 | * without specific prior written permission. |
| 35 | * |
| 36 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND |
| 37 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 38 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| 39 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE |
| 40 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
| 41 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
| 42 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
| 43 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
| 44 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
| 45 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| 46 | * SUCH DAMAGE. |
| 47 | */ |
| 48 | |
| 49 | /* |
| 50 | * Id: nameser.h,v 1.16 2009/03/03 01:52:48 each Exp |
| 51 | */ |
| 52 | |
| 53 | #ifndef _ARPA_NAMESER_H_ |
| 54 | #define _ARPA_NAMESER_H_ |
| 55 | |
| 56 | #define BIND_4_COMPAT |
| 57 | |
| 58 | #include <sys/param.h> |
| 59 | #if (!defined(BSD)) || (BSD < 199306) |
| 60 | # include <sys/bitypes.h> |
| 61 | #else |
| 62 | # include <sys/types.h> |
| 63 | #endif |
| 64 | #include <sys/cdefs.h> |
| 65 | |
| 66 | /*% |
| 67 | * Revision information. This is the release date in YYYYMMDD format. |
| 68 | * It can change every day so the right thing to do with it is use it |
| 69 | * in preprocessor commands such as "#if (__NAMESER > 19931104)". Do not |
| 70 | * compare for equality; rather, use it to determine whether your libbind.a |
| 71 | * contains a new enough lib/nameser/ to support the feature you need. |
| 72 | */ |
| 73 | |
| 74 | #define __NAMESER 20090302 /*%< New interface version stamp. */ |
| 75 | /* |
| 76 | * Define constants based on RFC0883, RFC1034, RFC 1035 |
| 77 | */ |
| 78 | #define NS_PACKETSZ 512 /*%< default UDP packet size */ |
| 79 | #define NS_MAXDNAME 1025 /*%< maximum domain name (presentation format)*/ |
| 80 | #define NS_MAXMSG 65535 /*%< maximum message size */ |
| 81 | #define NS_MAXCDNAME 255 /*%< maximum compressed domain name */ |
| 82 | #define NS_MAXLABEL 63 /*%< maximum length of domain label */ |
| 83 | #define NS_MAXLABELS 128 /*%< theoretical max #/labels per domain name */ |
| 84 | #define NS_MAXNNAME 256 /*%< maximum uncompressed (binary) domain name*/ |
| 85 | #define NS_MAXPADDR (sizeof "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff") |
| 86 | #define NS_HFIXEDSZ 12 /*%< #/bytes of fixed data in header */ |
| 87 | #define NS_QFIXEDSZ 4 /*%< #/bytes of fixed data in query */ |
| 88 | #define NS_RRFIXEDSZ 10 /*%< #/bytes of fixed data in r record */ |
| 89 | #define NS_INT32SZ 4 /*%< #/bytes of data in a uint32_t */ |
| 90 | #define NS_INT16SZ 2 /*%< #/bytes of data in a uint16_t */ |
| 91 | #define NS_INT8SZ 1 /*%< #/bytes of data in a u_int8_t */ |
| 92 | #define NS_INADDRSZ 4 /*%< IPv4 T_A */ |
| 93 | #define NS_IN6ADDRSZ 16 /*%< IPv6 T_AAAA */ |
| 94 | #define NS_CMPRSFLGS 0xc0 /*%< Flag bits indicating name compression. */ |
| 95 | #define NS_DEFAULTPORT 53 /*%< For both TCP and UDP. */ |
| 96 | |
| 97 | /* |
| 98 | * These can be expanded with synonyms, just keep ns_parse.c:ns_parserecord() |
| 99 | * in synch with it. |
| 100 | */ |
| 101 | typedef enum __ns_sect { |
| 102 | ns_s_qd = 0, /*%< Query: Question. */ |
| 103 | ns_s_zn = 0, /*%< Update: Zone. */ |
| 104 | ns_s_an = 1, /*%< Query: Answer. */ |
| 105 | ns_s_pr = 1, /*%< Update: Prerequisites. */ |
| 106 | ns_s_ns = 2, /*%< Query: Name servers. */ |
| 107 | ns_s_ud = 2, /*%< Update: Update. */ |
| 108 | ns_s_ar = 3, /*%< Query|Update: Additional records. */ |
| 109 | ns_s_max = 4 |
| 110 | } ns_sect; |
| 111 | |
| 112 | /*% |
| 113 | * Network name (compressed or not) type. Equivilent to a pointer when used |
| 114 | * in a function prototype. Can be const'd. |
| 115 | */ |
| 116 | typedef u_char ns_nname[NS_MAXNNAME]; |
| 117 | typedef const u_char *ns_nname_ct; |
| 118 | typedef u_char *ns_nname_t; |
| 119 | |
| 120 | struct ns_namemap { ns_nname_ct base; int len; }; |
| 121 | typedef struct ns_namemap *ns_namemap_t; |
| 122 | typedef const struct ns_namemap *ns_namemap_ct; |
| 123 | |
| 124 | /*% |
| 125 | * This is a message handle. It is caller allocated and has no dynamic data. |
| 126 | * This structure is intended to be opaque to all but ns_parse.c, thus the |
| 127 | * leading _'s on the member names. Use the accessor functions, not the _'s. |
| 128 | */ |
| 129 | typedef struct __ns_msg { |
| 130 | const u_char *_msg, *_eom; |
| 131 | uint16_t _id, _flags, _counts[ns_s_max]; |
| 132 | const u_char *_sections[ns_s_max]; |
| 133 | ns_sect _sect; |
| 134 | int _rrnum; |
| 135 | const u_char *_msg_ptr; |
| 136 | } ns_msg; |
| 137 | |
| 138 | /* |
| 139 | * This is a newmsg handle, used when constructing new messages with |
| 140 | * ns_newmsg_init, et al. |
| 141 | */ |
| 142 | struct ns_newmsg { |
| 143 | ns_msg msg; |
| 144 | const u_char *dnptrs[25]; |
| 145 | const u_char **lastdnptr; |
| 146 | }; |
| 147 | typedef struct ns_newmsg ns_newmsg; |
| 148 | |
| 149 | /* Private data structure - do not use from outside library. */ |
| 150 | struct _ns_flagdata { int mask, shift; }; |
| 151 | extern struct _ns_flagdata _ns_flagdata[]; |
| 152 | |
| 153 | /* Accessor macros - this is part of the public interface. */ |
| 154 | |
| 155 | #define ns_msg_id(handle) ((handle)._id + 0) |
| 156 | #define ns_msg_base(handle) ((handle)._msg + 0) |
| 157 | #define ns_msg_end(handle) ((handle)._eom + 0) |
| 158 | #define ns_msg_size(handle) ((size_t)((handle)._eom - (handle)._msg)) |
| 159 | #define ns_msg_count(handle, section) ((handle)._counts[section] + 0) |
| 160 | |
| 161 | /*% |
| 162 | * This is a parsed record. It is caller allocated and has no dynamic data. |
| 163 | */ |
| 164 | typedef struct __ns_rr { |
| 165 | char name[NS_MAXDNAME]; |
| 166 | uint16_t type; |
| 167 | uint16_t rr_class; |
| 168 | uint32_t ttl; |
| 169 | uint16_t rdlength; |
| 170 | const u_char * rdata; |
| 171 | } ns_rr; |
| 172 | |
| 173 | /* |
| 174 | * Same thing, but using uncompressed network binary names, and real C types. |
| 175 | */ |
| 176 | typedef struct __ns_rr2 { |
| 177 | ns_nname nname; |
| 178 | size_t nnamel; |
| 179 | int type; |
| 180 | int rr_class; |
| 181 | u_int ttl; |
| 182 | int rdlength; |
| 183 | const u_char * rdata; |
| 184 | } ns_rr2; |
| 185 | |
| 186 | /* Accessor macros - this is part of the public interface. */ |
| 187 | #define ns_rr_name(rr) (((rr).name[0] != '\0') ? (rr).name : ".") |
| 188 | #define ns_rr_nname(rr) ((const ns_nname_t)(rr).nname) |
| 189 | #define ns_rr_nnamel(rr) ((rr).nnamel + 0) |
| 190 | #define ns_rr_type(rr) ((ns_type)((rr).type + 0)) |
| 191 | #define ns_rr_class(rr) ((ns_class)((rr).rr_class + 0)) |
| 192 | #define ns_rr_ttl(rr) ((u_long)(rr).ttl + 0) |
| 193 | #define ns_rr_rdlen(rr) ((size_t)(rr).rdlength + 0) |
| 194 | #define ns_rr_rdata(rr) ((rr).rdata + 0) |
| 195 | |
| 196 | /*% |
| 197 | * These don't have to be in the same order as in the packet flags word, |
| 198 | * and they can even overlap in some cases, but they will need to be kept |
| 199 | * in synch with ns_parse.c:ns_flagdata[]. |
| 200 | */ |
| 201 | typedef enum __ns_flag { |
| 202 | ns_f_qr, /*%< Question/Response. */ |
| 203 | ns_f_opcode, /*%< Operation code. */ |
| 204 | ns_f_aa, /*%< Authoritative Answer. */ |
| 205 | ns_f_tc, /*%< Truncation occurred. */ |
| 206 | ns_f_rd, /*%< Recursion Desired. */ |
| 207 | ns_f_ra, /*%< Recursion Available. */ |
| 208 | ns_f_z, /*%< MBZ. */ |
| 209 | ns_f_ad, /*%< Authentic Data (DNSSEC). */ |
| 210 | ns_f_cd, /*%< Checking Disabled (DNSSEC). */ |
| 211 | ns_f_rcode, /*%< Response code. */ |
| 212 | ns_f_max |
| 213 | } ns_flag; |
| 214 | |
| 215 | /*% |
| 216 | * Currently defined opcodes. |
| 217 | */ |
| 218 | typedef enum __ns_opcode { |
| 219 | ns_o_query = 0, /*%< Standard query. */ |
| 220 | ns_o_iquery = 1, /*%< Inverse query (deprecated/unsupported). */ |
| 221 | ns_o_status = 2, /*%< Name server status query (unsupported). */ |
| 222 | /* Opcode 3 is undefined/reserved. */ |
| 223 | ns_o_notify = 4, /*%< Zone change notification. */ |
| 224 | ns_o_update = 5, /*%< Zone update message. */ |
| 225 | ns_o_max = 6 |
| 226 | } ns_opcode; |
| 227 | |
| 228 | /*% |
| 229 | * Currently defined response codes. |
| 230 | */ |
| 231 | typedef enum __ns_rcode { |
| 232 | ns_r_noerror = 0, /*%< No error occurred. */ |
| 233 | ns_r_formerr = 1, /*%< Format error. */ |
| 234 | ns_r_servfail = 2, /*%< Server failure. */ |
| 235 | ns_r_nxdomain = 3, /*%< Name error. */ |
| 236 | ns_r_notimpl = 4, /*%< Unimplemented. */ |
| 237 | ns_r_refused = 5, /*%< Operation refused. */ |
| 238 | /* these are for BIND_UPDATE */ |
| 239 | ns_r_yxdomain = 6, /*%< Name exists */ |
| 240 | ns_r_yxrrset = 7, /*%< RRset exists */ |
| 241 | ns_r_nxrrset = 8, /*%< RRset does not exist */ |
| 242 | ns_r_notauth = 9, /*%< Not authoritative for zone */ |
| 243 | ns_r_notzone = 10, /*%< Zone of record different from zone section */ |
| 244 | ns_r_max = 11, |
| 245 | /* The following are EDNS extended rcodes */ |
| 246 | ns_r_badvers = 16, |
| 247 | /* The following are TSIG errors */ |
| 248 | ns_r_badsig = 16, |
| 249 | ns_r_badkey = 17, |
| 250 | ns_r_badtime = 18 |
| 251 | } ns_rcode; |
| 252 | |
| 253 | /* BIND_UPDATE */ |
| 254 | typedef enum __ns_update_operation { |
| 255 | ns_uop_delete = 0, |
| 256 | ns_uop_add = 1, |
| 257 | ns_uop_max = 2 |
| 258 | } ns_update_operation; |
| 259 | |
| 260 | /*% |
| 261 | * This structure is used for TSIG authenticated messages |
| 262 | */ |
| 263 | struct ns_tsig_key { |
| 264 | char name[NS_MAXDNAME], alg[NS_MAXDNAME]; |
| 265 | unsigned char *data; |
| 266 | int len; |
| 267 | }; |
| 268 | typedef struct ns_tsig_key ns_tsig_key; |
| 269 | |
| 270 | /*% |
| 271 | * This structure is used for TSIG authenticated TCP messages |
| 272 | */ |
| 273 | struct ns_tcp_tsig_state { |
| 274 | int counter; |
| 275 | struct dst_key *key; |
| 276 | void *ctx; |
| 277 | unsigned char sig[NS_PACKETSZ]; |
| 278 | int siglen; |
| 279 | }; |
| 280 | typedef struct ns_tcp_tsig_state ns_tcp_tsig_state; |
| 281 | |
| 282 | #define NS_TSIG_FUDGE 300 |
| 283 | #define NS_TSIG_TCP_COUNT 100 |
| 284 | #define NS_TSIG_ALG_HMAC_MD5 "HMAC-MD5.SIG-ALG.REG.INT" |
| 285 | |
| 286 | #define NS_TSIG_ERROR_NO_TSIG -10 |
| 287 | #define NS_TSIG_ERROR_NO_SPACE -11 |
| 288 | #define NS_TSIG_ERROR_FORMERR -12 |
| 289 | |
| 290 | /*% |
| 291 | * Currently defined type values for resources and queries. |
| 292 | */ |
| 293 | typedef enum __ns_type { |
| 294 | ns_t_invalid = 0, /*%< Cookie. */ |
| 295 | ns_t_a = 1, /*%< Host address. */ |
| 296 | ns_t_ns = 2, /*%< Authoritative server. */ |
| 297 | ns_t_md = 3, /*%< Mail destination. */ |
| 298 | ns_t_mf = 4, /*%< Mail forwarder. */ |
| 299 | ns_t_cname = 5, /*%< Canonical name. */ |
| 300 | ns_t_soa = 6, /*%< Start of authority zone. */ |
| 301 | ns_t_mb = 7, /*%< Mailbox domain name. */ |
| 302 | ns_t_mg = 8, /*%< Mail group member. */ |
| 303 | ns_t_mr = 9, /*%< Mail rename name. */ |
| 304 | ns_t_null = 10, /*%< Null resource record. */ |
| 305 | ns_t_wks = 11, /*%< Well known service. */ |
| 306 | ns_t_ptr = 12, /*%< Domain name pointer. */ |
| 307 | ns_t_hinfo = 13, /*%< Host information. */ |
| 308 | ns_t_minfo = 14, /*%< Mailbox information. */ |
| 309 | ns_t_mx = 15, /*%< Mail routing information. */ |
| 310 | ns_t_txt = 16, /*%< Text strings. */ |
| 311 | ns_t_rp = 17, /*%< Responsible person. */ |
| 312 | ns_t_afsdb = 18, /*%< AFS cell database. */ |
| 313 | ns_t_x25 = 19, /*%< X_25 calling address. */ |
| 314 | ns_t_isdn = 20, /*%< ISDN calling address. */ |
| 315 | ns_t_rt = 21, /*%< Router. */ |
| 316 | ns_t_nsap = 22, /*%< NSAP address. */ |
| 317 | ns_t_nsap_ptr = 23, /*%< Reverse NSAP lookup (deprecated). */ |
| 318 | ns_t_sig = 24, /*%< Security signature. */ |
| 319 | ns_t_key = 25, /*%< Security key. */ |
| 320 | ns_t_px = 26, /*%< X.400 mail mapping. */ |
| 321 | ns_t_gpos = 27, /*%< Geographical position (withdrawn). */ |
| 322 | ns_t_aaaa = 28, /*%< IPv6 Address. */ |
| 323 | ns_t_loc = 29, /*%< Location Information. */ |
| 324 | ns_t_nxt = 30, /*%< Next domain (security). */ |
| 325 | ns_t_eid = 31, /*%< Endpoint identifier. */ |
| 326 | ns_t_nimloc = 32, /*%< Nimrod Locator. */ |
| 327 | ns_t_srv = 33, /*%< Server Selection. */ |
| 328 | ns_t_atma = 34, /*%< ATM Address */ |
| 329 | ns_t_naptr = 35, /*%< Naming Authority PoinTeR */ |
| 330 | ns_t_kx = 36, /*%< Key Exchange */ |
| 331 | ns_t_cert = 37, /*%< Certification record */ |
| 332 | ns_t_a6 = 38, /*%< IPv6 address (experimental) */ |
| 333 | ns_t_dname = 39, /*%< Non-terminal DNAME */ |
| 334 | ns_t_sink = 40, /*%< Kitchen sink (experimentatl) */ |
| 335 | ns_t_opt = 41, /*%< EDNS0 option (meta-RR) */ |
| 336 | ns_t_apl = 42, /*%< Address prefix list (RFC3123) */ |
| 337 | ns_t_ds = 43, /*%< Delegation Signer */ |
| 338 | ns_t_sshfp = 44, /*%< SSH Fingerprint */ |
| 339 | ns_t_ipseckey = 45, /*%< IPSEC Key */ |
| 340 | ns_t_rrsig = 46, /*%< RRset Signature */ |
| 341 | ns_t_nsec = 47, /*%< Negative security */ |
| 342 | ns_t_dnskey = 48, /*%< DNS Key */ |
| 343 | ns_t_dhcid = 49, /*%< Dynamic host configuratin identifier */ |
| 344 | ns_t_nsec3 = 50, /*%< Negative security type 3 */ |
| 345 | ns_t_nsec3param = 51, /*%< Negative security type 3 parameters */ |
| 346 | ns_t_hip = 55, /*%< Host Identity Protocol */ |
| 347 | ns_t_spf = 99, /*%< Sender Policy Framework */ |
| 348 | ns_t_tkey = 249, /*%< Transaction key */ |
| 349 | ns_t_tsig = 250, /*%< Transaction signature. */ |
| 350 | ns_t_ixfr = 251, /*%< Incremental zone transfer. */ |
| 351 | ns_t_axfr = 252, /*%< Transfer zone of authority. */ |
| 352 | ns_t_mailb = 253, /*%< Transfer mailbox records. */ |
| 353 | ns_t_maila = 254, /*%< Transfer mail agent records. */ |
| 354 | ns_t_any = 255, /*%< Wildcard match. */ |
| 355 | ns_t_zxfr = 256, /*%< BIND-specific, nonstandard. */ |
| 356 | ns_t_dlv = 32769, /*%< DNSSEC look-aside validatation. */ |
| 357 | ns_t_max = 65536 |
| 358 | } ns_type; |
| 359 | |
| 360 | /* Exclusively a QTYPE? (not also an RTYPE) */ |
| 361 | #define ns_t_qt_p(t) (ns_t_xfr_p(t) || (t) == ns_t_any || \ |
| 362 | (t) == ns_t_mailb || (t) == ns_t_maila) |
| 363 | /* Some kind of meta-RR? (not a QTYPE, but also not an RTYPE) */ |
| 364 | #define ns_t_mrr_p(t) ((t) == ns_t_tsig || (t) == ns_t_opt) |
| 365 | /* Exclusively an RTYPE? (not also a QTYPE or a meta-RR) */ |
| 366 | #define ns_t_rr_p(t) (!ns_t_qt_p(t) && !ns_t_mrr_p(t)) |
| 367 | #define ns_t_udp_p(t) ((t) != ns_t_axfr && (t) != ns_t_zxfr) |
| 368 | #define ns_t_xfr_p(t) ((t) == ns_t_axfr || (t) == ns_t_ixfr || \ |
| 369 | (t) == ns_t_zxfr) |
| 370 | |
| 371 | /*% |
| 372 | * Values for class field |
| 373 | */ |
| 374 | typedef enum __ns_class { |
| 375 | ns_c_invalid = 0, /*%< Cookie. */ |
| 376 | ns_c_in = 1, /*%< Internet. */ |
| 377 | ns_c_2 = 2, /*%< unallocated/unsupported. */ |
| 378 | ns_c_chaos = 3, /*%< MIT Chaos-net. */ |
| 379 | ns_c_hs = 4, /*%< MIT Hesiod. */ |
| 380 | /* Query class values which do not appear in resource records */ |
| 381 | ns_c_none = 254, /*%< for prereq. sections in update requests */ |
| 382 | ns_c_any = 255, /*%< Wildcard match. */ |
| 383 | ns_c_max = 65536 |
| 384 | } ns_class; |
| 385 | |
| 386 | /* DNSSEC constants. */ |
| 387 | |
| 388 | typedef enum __ns_key_types { |
| 389 | ns_kt_rsa = 1, /*%< key type RSA/MD5 */ |
| 390 | ns_kt_dh = 2, /*%< Diffie Hellman */ |
| 391 | ns_kt_dsa = 3, /*%< Digital Signature Standard (MANDATORY) */ |
| 392 | ns_kt_private = 254 /*%< Private key type starts with OID */ |
| 393 | } ns_key_types; |
| 394 | |
| 395 | typedef enum __ns_cert_types { |
| 396 | cert_t_pkix = 1, /*%< PKIX (X.509v3) */ |
| 397 | cert_t_spki = 2, /*%< SPKI */ |
| 398 | cert_t_pgp = 3, /*%< PGP */ |
| 399 | cert_t_url = 253, /*%< URL private type */ |
| 400 | cert_t_oid = 254 /*%< OID private type */ |
| 401 | } ns_cert_types; |
| 402 | |
| 403 | /* Flags field of the KEY RR rdata. */ |
| 404 | #define NS_KEY_TYPEMASK 0xC000 /*%< Mask for "type" bits */ |
| 405 | #define NS_KEY_TYPE_AUTH_CONF 0x0000 /*%< Key usable for both */ |
| 406 | #define NS_KEY_TYPE_CONF_ONLY 0x8000 /*%< Key usable for confidentiality */ |
| 407 | #define NS_KEY_TYPE_AUTH_ONLY 0x4000 /*%< Key usable for authentication */ |
| 408 | #define NS_KEY_TYPE_NO_KEY 0xC000 /*%< No key usable for either; no key */ |
| 409 | /* The type bits can also be interpreted independently, as single bits: */ |
| 410 | #define NS_KEY_NO_AUTH 0x8000 /*%< Key unusable for authentication */ |
| 411 | #define NS_KEY_NO_CONF 0x4000 /*%< Key unusable for confidentiality */ |
| 412 | #define NS_KEY_RESERVED2 0x2000 /* Security is *mandatory* if bit=0 */ |
| 413 | #define NS_KEY_EXTENDED_FLAGS 0x1000 /*%< reserved - must be zero */ |
| 414 | #define NS_KEY_RESERVED4 0x0800 /*%< reserved - must be zero */ |
| 415 | #define NS_KEY_RESERVED5 0x0400 /*%< reserved - must be zero */ |
| 416 | #define NS_KEY_NAME_TYPE 0x0300 /*%< these bits determine the type */ |
| 417 | #define NS_KEY_NAME_USER 0x0000 /*%< key is assoc. with user */ |
| 418 | #define NS_KEY_NAME_ENTITY 0x0200 /*%< key is assoc. with entity eg host */ |
| 419 | #define NS_KEY_NAME_ZONE 0x0100 /*%< key is zone key */ |
| 420 | #define NS_KEY_NAME_RESERVED 0x0300 /*%< reserved meaning */ |
| 421 | #define NS_KEY_RESERVED8 0x0080 /*%< reserved - must be zero */ |
| 422 | #define NS_KEY_RESERVED9 0x0040 /*%< reserved - must be zero */ |
| 423 | #define NS_KEY_RESERVED10 0x0020 /*%< reserved - must be zero */ |
| 424 | #define NS_KEY_RESERVED11 0x0010 /*%< reserved - must be zero */ |
| 425 | #define NS_KEY_SIGNATORYMASK 0x000F /*%< key can sign RR's of same name */ |
| 426 | #define NS_KEY_RESERVED_BITMASK ( NS_KEY_RESERVED2 | \ |
| 427 | NS_KEY_RESERVED4 | \ |
| 428 | NS_KEY_RESERVED5 | \ |
| 429 | NS_KEY_RESERVED8 | \ |
| 430 | NS_KEY_RESERVED9 | \ |
| 431 | NS_KEY_RESERVED10 | \ |
| 432 | NS_KEY_RESERVED11 ) |
| 433 | #define NS_KEY_RESERVED_BITMASK2 0xFFFF /*%< no bits defined here */ |
| 434 | |
| 435 | /* The Algorithm field of the KEY and SIG RR's is an integer, {1..254} */ |
| 436 | #define NS_ALG_MD5RSA 1 /*%< MD5 with RSA */ |
| 437 | #define NS_ALG_DH 2 /*%< Diffie Hellman KEY */ |
| 438 | #define NS_ALG_DSA 3 /*%< DSA KEY */ |
| 439 | #define NS_ALG_DSS NS_ALG_DSA |
| 440 | #define NS_ALG_EXPIRE_ONLY 253 /*%< No alg, no security */ |
| 441 | #define NS_ALG_PRIVATE_OID 254 /*%< Key begins with OID giving alg */ |
| 442 | |
| 443 | /* Protocol values */ |
| 444 | /* value 0 is reserved */ |
| 445 | #define NS_KEY_PROT_TLS 1 |
| 446 | #define NS_KEY_PROT_EMAIL 2 |
| 447 | #define NS_KEY_PROT_DNSSEC 3 |
| 448 | #define NS_KEY_PROT_IPSEC 4 |
| 449 | #define NS_KEY_PROT_ANY 255 |
| 450 | |
| 451 | /* Signatures */ |
| 452 | #define NS_MD5RSA_MIN_BITS 512 /*%< Size of a mod or exp in bits */ |
| 453 | #define NS_MD5RSA_MAX_BITS 4096 |
| 454 | /* Total of binary mod and exp */ |
| 455 | #define NS_MD5RSA_MAX_BYTES ((NS_MD5RSA_MAX_BITS+7/8)*2+3) |
| 456 | /* Max length of text sig block */ |
| 457 | #define NS_MD5RSA_MAX_BASE64 (((NS_MD5RSA_MAX_BYTES+2)/3)*4) |
| 458 | #define NS_MD5RSA_MIN_SIZE ((NS_MD5RSA_MIN_BITS+7)/8) |
| 459 | #define NS_MD5RSA_MAX_SIZE ((NS_MD5RSA_MAX_BITS+7)/8) |
| 460 | |
| 461 | #define NS_DSA_SIG_SIZE 41 |
| 462 | #define NS_DSA_MIN_SIZE 213 |
| 463 | #define NS_DSA_MAX_BYTES 405 |
| 464 | |
| 465 | /* Offsets into SIG record rdata to find various values */ |
| 466 | #define NS_SIG_TYPE 0 /*%< Type flags */ |
| 467 | #define NS_SIG_ALG 2 /*%< Algorithm */ |
| 468 | #define NS_SIG_LABELS 3 /*%< How many labels in name */ |
| 469 | #define NS_SIG_OTTL 4 /*%< Original TTL */ |
| 470 | #define NS_SIG_EXPIR 8 /*%< Expiration time */ |
| 471 | #define NS_SIG_SIGNED 12 /*%< Signature time */ |
| 472 | #define NS_SIG_FOOT 16 /*%< Key footprint */ |
| 473 | #define NS_SIG_SIGNER 18 /*%< Domain name of who signed it */ |
| 474 | |
| 475 | /* How RR types are represented as bit-flags in NXT records */ |
| 476 | #define NS_NXT_BITS 8 |
| 477 | #define NS_NXT_BIT_SET( n,p) (p[(n)/NS_NXT_BITS] |= (0x80>>((n)%NS_NXT_BITS))) |
| 478 | #define NS_NXT_BIT_CLEAR(n,p) (p[(n)/NS_NXT_BITS] &= ~(0x80>>((n)%NS_NXT_BITS))) |
| 479 | #define NS_NXT_BIT_ISSET(n,p) (p[(n)/NS_NXT_BITS] & (0x80>>((n)%NS_NXT_BITS))) |
| 480 | #define NS_NXT_MAX 127 |
| 481 | |
| 482 | /*% |
| 483 | * EDNS0 extended flags and option codes, host order. |
| 484 | */ |
| 485 | #define NS_OPT_DNSSEC_OK 0x8000U |
| 486 | #define NS_OPT_NSID 3 |
| 487 | |
| 488 | /*% |
| 489 | * Inline versions of get/put short/long. Pointer is advanced. |
| 490 | */ |
| 491 | #define NS_GET16(s, cp) do { \ |
| 492 | const u_char *t_cp = (const u_char *)(cp); \ |
| 493 | (s) = ((uint16_t)t_cp[0] << 8) \ |
| 494 | | ((uint16_t)t_cp[1]) \ |
| 495 | ; \ |
| 496 | (cp) += NS_INT16SZ; \ |
| 497 | } while (/*CONSTCOND*/0) |
| 498 | |
| 499 | #define NS_GET32(l, cp) do { \ |
| 500 | const u_char *t_cp = (const u_char *)(cp); \ |
| 501 | (l) = ((uint32_t)t_cp[0] << 24) \ |
| 502 | | ((uint32_t)t_cp[1] << 16) \ |
| 503 | | ((uint32_t)t_cp[2] << 8) \ |
| 504 | | ((uint32_t)t_cp[3]) \ |
| 505 | ; \ |
| 506 | (cp) += NS_INT32SZ; \ |
| 507 | } while (/*CONSTCOND*/0) |
| 508 | |
| 509 | #define NS_PUT16(s, cp) do { \ |
| 510 | uint32_t t_s = (uint32_t)(s); \ |
| 511 | u_char *t_cp = (u_char *)(cp); \ |
| 512 | *t_cp++ = t_s >> 8; \ |
| 513 | *t_cp = t_s; \ |
| 514 | (cp) += NS_INT16SZ; \ |
| 515 | } while (/*CONSTCOND*/0) |
| 516 | |
| 517 | #define NS_PUT32(l, cp) do { \ |
| 518 | uint32_t t_l = (uint32_t)(l); \ |
| 519 | u_char *t_cp = (u_char *)(cp); \ |
| 520 | *t_cp++ = t_l >> 24; \ |
| 521 | *t_cp++ = t_l >> 16; \ |
| 522 | *t_cp++ = t_l >> 8; \ |
| 523 | *t_cp = t_l; \ |
| 524 | (cp) += NS_INT32SZ; \ |
| 525 | } while (/*CONSTCOND*/0) |
| 526 | |
| 527 | /*% |
| 528 | * ANSI C identifier hiding for bind's lib/nameser. |
| 529 | */ |
| 530 | #define ns_msg_getflag __ns_msg_getflag |
| 531 | #define ns_get16 __ns_get16 |
| 532 | #define ns_get32 __ns_get32 |
| 533 | #define ns_put16 __ns_put16 |
| 534 | #define ns_put32 __ns_put32 |
| 535 | #define ns_initparse __ns_initparse |
| 536 | #define ns_skiprr __ns_skiprr |
| 537 | #define ns_parserr __ns_parserr |
| 538 | #define ns_parserr2 __ns_parserr2 |
| 539 | #define ns_sprintrr __ns_sprintrr |
| 540 | #define ns_sprintrrf __ns_sprintrrf |
| 541 | #define ns_format_ttl __ns_format_ttl |
| 542 | #define ns_parse_ttl __ns_parse_ttl |
| 543 | #define ns_datetosecs __ns_datetosecs |
| 544 | #define ns_name_ntol __ns_name_ntol |
| 545 | #define ns_name_ntop __ns_name_ntop |
| 546 | #define ns_name_pton __ns_name_pton |
| 547 | #define ns_name_pton2 __ns_name_pton2 |
| 548 | #define ns_name_unpack __ns_name_unpack |
| 549 | #define ns_name_unpack2 __ns_name_unpack2 |
| 550 | #define ns_name_pack __ns_name_pack |
| 551 | #define ns_name_compress __ns_name_compress |
| 552 | #define ns_name_uncompress __ns_name_uncompress |
| 553 | #define ns_name_skip __ns_name_skip |
| 554 | #define ns_name_rollback __ns_name_rollback |
| 555 | #define ns_name_length __ns_name_length |
| 556 | #define ns_name_eq __ns_name_eq |
| 557 | #define ns_name_owned __ns_name_owned |
| 558 | #define ns_name_map __ns_name_map |
| 559 | #define ns_name_labels __ns_name_labels |
| 560 | #define ns_sign __ns_sign |
| 561 | #define ns_sign2 __ns_sign2 |
| 562 | #define ns_sign_tcp __ns_sign_tcp |
| 563 | #define ns_sign_tcp2 __ns_sign_tcp2 |
| 564 | #define ns_sign_tcp_init __ns_sign_tcp_init |
| 565 | #define ns_find_tsig __ns_find_tsig |
| 566 | #define ns_verify __ns_verify |
| 567 | #define ns_verify_tcp __ns_verify_tcp |
| 568 | #define ns_verify_tcp_init __ns_verify_tcp_init |
| 569 | #define ns_samedomain __ns_samedomain |
| 570 | #define ns_subdomain __ns_subdomain |
| 571 | #define ns_makecanon __ns_makecanon |
| 572 | #define ns_samename __ns_samename |
| 573 | #define ns_newmsg_init __ns_newmsg_init |
| 574 | #define ns_newmsg_copy __ns_newmsg_copy |
| 575 | #define ns_newmsg_id __ns_newmsg_id |
| 576 | #define ns_newmsg_flag __ns_newmsg_flag |
| 577 | #define ns_newmsg_q __ns_newmsg_q |
| 578 | #define ns_newmsg_rr __ns_newmsg_rr |
| 579 | #define ns_newmsg_done __ns_newmsg_done |
| 580 | #define ns_rdata_unpack __ns_rdata_unpack |
| 581 | #define ns_rdata_equal __ns_rdata_equal |
| 582 | #define ns_rdata_refers __ns_rdata_refers |
| 583 | |
| 584 | __BEGIN_DECLS |
| 585 | int ns_msg_getflag(ns_msg, int); |
| 586 | uint16_t ns_get16(const u_char *); |
| 587 | uint32_t ns_get32(const u_char *); |
| 588 | void ns_put16(uint16_t, u_char *); |
| 589 | void ns_put32(uint32_t, u_char *); |
| 590 | int ns_initparse(const u_char *, int, ns_msg *); |
| 591 | int ns_skiprr(const u_char *, const u_char *, ns_sect, int); |
| 592 | int ns_parserr(ns_msg *, ns_sect, int, ns_rr *); |
| 593 | int ns_parserr2(ns_msg *, ns_sect, int, ns_rr2 *); |
| 594 | int ns_sprintrr(const ns_msg *, const ns_rr *, |
| 595 | const char *, const char *, char *, size_t); |
| 596 | int ns_sprintrrf(const u_char *, size_t, const char *, |
| 597 | ns_class, ns_type, u_long, const u_char *, |
| 598 | size_t, const char *, const char *, |
| 599 | char *, size_t); |
| 600 | int ns_format_ttl(u_long, char *, size_t); |
| 601 | int ns_parse_ttl(const char *, u_long *); |
| 602 | uint32_t ns_datetosecs(const char *cp, int *errp); |
| 603 | int ns_name_ntol(const u_char *, u_char *, size_t); |
| 604 | int ns_name_ntop(const u_char *, char *, size_t); |
| 605 | int ns_name_pton(const char *, u_char *, size_t); |
| 606 | int ns_name_pton2(const char *, u_char *, size_t, size_t *); |
| 607 | int ns_name_unpack(const u_char *, const u_char *, |
| 608 | const u_char *, u_char *, size_t); |
| 609 | int ns_name_unpack2(const u_char *, const u_char *, |
| 610 | const u_char *, u_char *, size_t, |
| 611 | size_t *); |
| 612 | int ns_name_pack(const u_char *, u_char *, int, |
| 613 | const u_char **, const u_char **); |
| 614 | int ns_name_uncompress(const u_char *, const u_char *, |
| 615 | const u_char *, char *, size_t); |
| 616 | int ns_name_compress(const char *, u_char *, size_t, |
| 617 | const u_char **, const u_char **); |
| 618 | int ns_name_skip(const u_char **, const u_char *); |
| 619 | void ns_name_rollback(const u_char *, const u_char **, |
| 620 | const u_char **); |
| 621 | #ifndef __LIBC12_SOURCE__ |
| 622 | int ns_sign(u_char *, int *, int, int, void *, |
| 623 | const u_char *, int, u_char *, int *, time_t) |
| 624 | __RENAME(__ns_sign50); |
| 625 | int ns_sign2(u_char *, int *, int, int, void *, |
| 626 | const u_char *, int, u_char *, int *, time_t, |
| 627 | u_char **, u_char **) |
| 628 | __RENAME(__ns_sign250); |
| 629 | #endif |
| 630 | ssize_t ns_name_length(ns_nname_ct, size_t); |
| 631 | int ns_name_eq(ns_nname_ct, size_t, ns_nname_ct, size_t); |
| 632 | int ns_name_owned(ns_namemap_ct, int, ns_namemap_ct, int); |
| 633 | int ns_name_map(ns_nname_ct, size_t, ns_namemap_t, int); |
| 634 | int ns_name_labels(ns_nname_ct, size_t); |
| 635 | int ns_sign_tcp(u_char *, int *, int, int, |
| 636 | ns_tcp_tsig_state *, int); |
| 637 | int ns_sign_tcp2(u_char *, int *, int, int, |
| 638 | ns_tcp_tsig_state *, int, |
| 639 | u_char **, u_char **); |
| 640 | int ns_sign_tcp_init(void *, const u_char *, int, |
| 641 | ns_tcp_tsig_state *); |
| 642 | u_char *ns_find_tsig(u_char *, u_char *); |
| 643 | #ifndef __LIBC12_SOURCE__ |
| 644 | int ns_verify(u_char *, int *, void *, |
| 645 | const u_char *, int, u_char *, int *, |
| 646 | time_t *, int) |
| 647 | __RENAME(__ns_verify50); |
| 648 | #endif |
| 649 | int ns_verify_tcp(u_char *, int *, ns_tcp_tsig_state *, int); |
| 650 | int ns_verify_tcp_init(void *, const u_char *, int, |
| 651 | ns_tcp_tsig_state *); |
| 652 | int ns_samedomain(const char *, const char *); |
| 653 | int ns_subdomain(const char *, const char *); |
| 654 | int ns_makecanon(const char *, char *, size_t); |
| 655 | int ns_samename(const char *, const char *); |
| 656 | int ns_newmsg_init(u_char *buffer, size_t bufsiz, ns_newmsg *); |
| 657 | int ns_newmsg_copy(ns_newmsg *, ns_msg *); |
| 658 | void ns_newmsg_id(ns_newmsg *handle, uint16_t id); |
| 659 | void ns_newmsg_flag(ns_newmsg *handle, ns_flag flag, u_int value); |
| 660 | int ns_newmsg_q(ns_newmsg *handle, ns_nname_ct qname, |
| 661 | ns_type qtype, ns_class qclass); |
| 662 | int ns_newmsg_rr(ns_newmsg *handle, ns_sect sect, |
| 663 | ns_nname_ct name, ns_type type, |
| 664 | ns_class rr_class, uint32_t ttl, |
| 665 | uint16_t rdlen, const u_char *rdata); |
| 666 | size_t ns_newmsg_done(ns_newmsg *handle); |
| 667 | ssize_t ns_rdata_unpack(const u_char *, const u_char *, ns_type, |
| 668 | const u_char *, size_t, u_char *, size_t); |
| 669 | int ns_rdata_equal(ns_type, |
| 670 | const u_char *, size_t, |
| 671 | const u_char *, size_t); |
| 672 | int ns_rdata_refers(ns_type, |
| 673 | const u_char *, size_t, |
| 674 | const u_char *); |
| 675 | __END_DECLS |
| 676 | |
| 677 | #ifdef BIND_4_COMPAT |
| 678 | #include <arpa/nameser_compat.h> |
| 679 | #endif |
| 680 | |
| 681 | #endif /* !_ARPA_NAMESER_H_ */ |
| 682 |
Generated while processing netbsd/crypto/external/bsd/heimdal/dist/lib/asn1/der.c
Generated on 2019-Jul-19 from project netbsd revision f9da89e0d
Powered by 
Code Browser 2.1
Generator usage only permitted with license.