74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering#include <math.h>

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

a0166609f782da91710dea9183d1bf138538db37Tom Gundersen#include "alloc-util.h"

71d35b6b5563817dfbe757ab9e3b9f018b2db491Thomas Hindoe Paaboel Andersen#include "dns-domain.h"

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering#include "dns-type.h"

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering#include "hexdecoct.h"

7e8e0422aeb16f2a09a40546c61df753d10029b6Lennart Poettering#include "resolved-dns-dnssec.h"

71d35b6b5563817dfbe757ab9e3b9f018b2db491Thomas Hindoe Paaboel Andersen#include "resolved-dns-packet.h"

71d35b6b5563817dfbe757ab9e3b9f018b2db491Thomas Hindoe Paaboel Andersen#include "resolved-dns-rr.h"

7e8e0422aeb16f2a09a40546c61df753d10029b6Lennart Poettering#include "string-table.h"

7e8e0422aeb16f2a09a40546c61df753d10029b6Lennart Poettering#include "string-util.h"

7e8e0422aeb16f2a09a40546c61df753d10029b6Lennart Poettering#include "strv.h"

7e8e0422aeb16f2a09a40546c61df753d10029b6Lennart Poettering#include "terminal-util.h"

51323288fc628a5cac50914df915545d685b793eLennart Poettering

71d35b6b5563817dfbe757ab9e3b9f018b2db491Thomas Hindoe Paaboel AndersenDnsResourceKey* dns_resource_key_new(uint16_t class, uint16_t type, const char *name) {

71d35b6b5563817dfbe757ab9e3b9f018b2db491Thomas Hindoe Paaboel Andersen DnsResourceKey *k;

71d35b6b5563817dfbe757ab9e3b9f018b2db491Thomas Hindoe Paaboel Andersen size_t l;

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering assert(name);

1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering

1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering l = strlen(name);

1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering k = malloc0(sizeof(DnsResourceKey) + l + 1);

1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering if (!k)

1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering return NULL;

1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering

1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering k->n_ref = 1;

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering k->class = class;

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering k->type = type;

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering strcpy((char*) k + sizeof(DnsResourceKey), name);

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering return k;

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering}

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart PoetteringDnsResourceKey* dns_resource_key_new_redirect(const DnsResourceKey *key, const DnsResourceRecord *cname) {

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering int r;

a0166609f782da91710dea9183d1bf138538db37Tom Gundersen

c73ce96b569e2f10dff64b7dc0bd271972674c2aLennart Poettering assert(key);

c73ce96b569e2f10dff64b7dc0bd271972674c2aLennart Poettering assert(cname);

c73ce96b569e2f10dff64b7dc0bd271972674c2aLennart Poettering

e1c959948c0e31d6997bcdfbabfbd077784b2baeLennart Poettering assert(IN_SET(cname->key->type, DNS_TYPE_CNAME, DNS_TYPE_DNAME));

c73ce96b569e2f10dff64b7dc0bd271972674c2aLennart Poettering

e1c959948c0e31d6997bcdfbabfbd077784b2baeLennart Poettering if (cname->key->type == DNS_TYPE_CNAME)

e1c959948c0e31d6997bcdfbabfbd077784b2baeLennart Poettering return dns_resource_key_new(key->class, key->type, cname->cname.name);

e1c959948c0e31d6997bcdfbabfbd077784b2baeLennart Poettering else {

e1c959948c0e31d6997bcdfbabfbd077784b2baeLennart Poettering DnsResourceKey *k;

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering char *destination = NULL;

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering r = dns_name_change_suffix(DNS_RESOURCE_KEY_NAME(key), DNS_RESOURCE_KEY_NAME(cname->key), cname->dname.name, &destination);

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering if (r < 0)

1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering return NULL;

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering if (r == 0)

faa133f3aa7a18f26563dc5d6b95898cb315c37aLennart Poettering return dns_resource_key_ref((DnsResourceKey*) key);

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

faa133f3aa7a18f26563dc5d6b95898cb315c37aLennart Poettering k = dns_resource_key_new_consume(key->class, key->type, destination);

faa133f3aa7a18f26563dc5d6b95898cb315c37aLennart Poettering if (!k) {

faa133f3aa7a18f26563dc5d6b95898cb315c37aLennart Poettering free(destination);

faa133f3aa7a18f26563dc5d6b95898cb315c37aLennart Poettering return NULL;

1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering }

dc61b7e45d89a69f0469ab7b3289cdde7fcc55abTorstein Husebø

1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering return k;

623a4c97b9175f95c4b1c6fc34e36c56f1e4ddbfLennart Poettering }

1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering}

623a4c97b9175f95c4b1c6fc34e36c56f1e4ddbfLennart Poettering

0dd25fb9f005d8ab7ac4bc10a609d00569f8c56aLennart Poetteringint dns_resource_key_new_append_suffix(DnsResourceKey **ret, DnsResourceKey *key, char *name) {

a407657425a3e47fd2b559cd3bc800f791303f63Lennart Poettering DnsResourceKey *new_key;

a407657425a3e47fd2b559cd3bc800f791303f63Lennart Poettering char *joined;

f6a5fec6b971e2a8c69d92ab20ed13693be82ddbLennart Poettering int r;

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering assert(ret);

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering assert(key);

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering assert(name);

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering if (dns_name_is_root(name)) {

faa133f3aa7a18f26563dc5d6b95898cb315c37aLennart Poettering *ret = dns_resource_key_ref(key);

faa133f3aa7a18f26563dc5d6b95898cb315c37aLennart Poettering return 0;

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering }

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering r = dns_name_concat(DNS_RESOURCE_KEY_NAME(key), name, &joined);

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering if (r < 0)

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering return r;

3cb10d3a0b1b6a7c44f307f2abb5215104e16941Lennart Poettering

3cb10d3a0b1b6a7c44f307f2abb5215104e16941Lennart Poettering new_key = dns_resource_key_new_consume(key->class, key->type, joined);

3cb10d3a0b1b6a7c44f307f2abb5215104e16941Lennart Poettering if (!new_key) {

8b757a38611006a751c90933d1810cccaa47e1afDaniel Mack free(joined);

ad867662936a4c7ab2c7116d804c272338801231Lennart Poettering return -ENOMEM;

8b757a38611006a751c90933d1810cccaa47e1afDaniel Mack }

8b757a38611006a751c90933d1810cccaa47e1afDaniel Mack

8b757a38611006a751c90933d1810cccaa47e1afDaniel Mack *ret = new_key;

8b757a38611006a751c90933d1810cccaa47e1afDaniel Mack return 0;

8b757a38611006a751c90933d1810cccaa47e1afDaniel Mack}

8b757a38611006a751c90933d1810cccaa47e1afDaniel Mack

8b757a38611006a751c90933d1810cccaa47e1afDaniel MackDnsResourceKey* dns_resource_key_new_consume(uint16_t class, uint16_t type, char *name) {

8b757a38611006a751c90933d1810cccaa47e1afDaniel Mack DnsResourceKey *k;

8b757a38611006a751c90933d1810cccaa47e1afDaniel Mack

8b757a38611006a751c90933d1810cccaa47e1afDaniel Mack assert(name);

3cb10d3a0b1b6a7c44f307f2abb5215104e16941Lennart Poettering

3cb10d3a0b1b6a7c44f307f2abb5215104e16941Lennart Poettering k = new0(DnsResourceKey, 1);

3cb10d3a0b1b6a7c44f307f2abb5215104e16941Lennart Poettering if (!k)

3cb10d3a0b1b6a7c44f307f2abb5215104e16941Lennart Poettering return NULL;

3cb10d3a0b1b6a7c44f307f2abb5215104e16941Lennart Poettering

3cb10d3a0b1b6a7c44f307f2abb5215104e16941Lennart Poettering k->n_ref = 1;

f0258e473667f44f4656dde49597b2badb9f598aLennart Poettering k->class = class;

f0258e473667f44f4656dde49597b2badb9f598aLennart Poettering k->type = type;

f0258e473667f44f4656dde49597b2badb9f598aLennart Poettering k->_name = name;

f0258e473667f44f4656dde49597b2badb9f598aLennart Poettering

f0258e473667f44f4656dde49597b2badb9f598aLennart Poettering return k;

f0258e473667f44f4656dde49597b2badb9f598aLennart Poettering}

f0258e473667f44f4656dde49597b2badb9f598aLennart Poettering

f0258e473667f44f4656dde49597b2badb9f598aLennart PoetteringDnsResourceKey* dns_resource_key_ref(DnsResourceKey *k) {

f0258e473667f44f4656dde49597b2badb9f598aLennart Poettering

3cb10d3a0b1b6a7c44f307f2abb5215104e16941Lennart Poettering if (!k)

322345fdb9865ef2477fba8e4bdde0e1183ef505Lennart Poettering return NULL;

322345fdb9865ef2477fba8e4bdde0e1183ef505Lennart Poettering

322345fdb9865ef2477fba8e4bdde0e1183ef505Lennart Poettering /* Static/const keys created with DNS_RESOURCE_KEY_CONST will

322345fdb9865ef2477fba8e4bdde0e1183ef505Lennart Poettering assert(k->n_ref != (unsigned) -1);

322345fdb9865ef2477fba8e4bdde0e1183ef505Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering assert(k->n_ref > 0);

1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering k->n_ref++;

1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering return k;

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering}

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart PoetteringDnsResourceKey* dns_resource_key_unref(DnsResourceKey *k) {

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering if (!k)

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering return NULL;

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering assert(k->n_ref != (unsigned) -1);

623a4c97b9175f95c4b1c6fc34e36c56f1e4ddbfLennart Poettering assert(k->n_ref > 0);

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

623a4c97b9175f95c4b1c6fc34e36c56f1e4ddbfLennart Poettering if (k->n_ref == 1) {

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering free(k->_name);

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering free(k);

623a4c97b9175f95c4b1c6fc34e36c56f1e4ddbfLennart Poettering } else

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering k->n_ref--;

2001c80560e3dae69e14fd994d3978c187af48b8Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering return NULL;

2001c80560e3dae69e14fd994d3978c187af48b8Lennart Poettering}

623a4c97b9175f95c4b1c6fc34e36c56f1e4ddbfLennart Poettering

623a4c97b9175f95c4b1c6fc34e36c56f1e4ddbfLennart Poetteringbool dns_resource_key_is_address(const DnsResourceKey *key) {

dc913c9a1f243bca291d47b1a5d8e270c471d113Tom Gundersen assert(key);

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

9c5e12a4314e7192e834e1b855e5e80111e636a6Tom Gundersen /* Check if this is an A or AAAA resource key */

9c5e12a4314e7192e834e1b855e5e80111e636a6Tom Gundersen

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering return key->class == DNS_CLASS_IN && IN_SET(key->type, DNS_TYPE_A, DNS_TYPE_AAAA);

623a4c97b9175f95c4b1c6fc34e36c56f1e4ddbfLennart Poettering}

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poetteringint dns_resource_key_equal(const DnsResourceKey *a, const DnsResourceKey *b) {

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering int r;

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

2001c80560e3dae69e14fd994d3978c187af48b8Lennart Poettering if (a == b)

2001c80560e3dae69e14fd994d3978c187af48b8Lennart Poettering return 1;

faa133f3aa7a18f26563dc5d6b95898cb315c37aLennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering r = dns_name_equal(DNS_RESOURCE_KEY_NAME(a), DNS_RESOURCE_KEY_NAME(b));

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering if (r <= 0)

8ba9fd9cee0eef572f7b3ed7a8c3ed31160e93d3Lennart Poettering return r;

8ba9fd9cee0eef572f7b3ed7a8c3ed31160e93d3Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering if (a->class != b->class)

faa133f3aa7a18f26563dc5d6b95898cb315c37aLennart Poettering return 0;

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

d830ebbdf67d8cb32d33d8fdd47cf467fd6d3815Lennart Poettering if (a->type != b->type)

d830ebbdf67d8cb32d33d8fdd47cf467fd6d3815Lennart Poettering return 0;

d830ebbdf67d8cb32d33d8fdd47cf467fd6d3815Lennart Poettering

d830ebbdf67d8cb32d33d8fdd47cf467fd6d3815Lennart Poettering return 1;

d830ebbdf67d8cb32d33d8fdd47cf467fd6d3815Lennart Poettering}

d830ebbdf67d8cb32d33d8fdd47cf467fd6d3815Lennart Poettering

d830ebbdf67d8cb32d33d8fdd47cf467fd6d3815Lennart Poetteringint dns_resource_key_match_rr(const DnsResourceKey *key, DnsResourceRecord *rr, const char *search_domain) {

d830ebbdf67d8cb32d33d8fdd47cf467fd6d3815Lennart Poettering int r;

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering assert(key);

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering assert(rr);

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering if (key == rr->key)

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering return 1;

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering /* Checks if an rr matches the specified key. If a search

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering if (rr->key->class != key->class && key->class != DNS_CLASS_ANY)

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering return 0;

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering if (rr->key->type != key->type && key->type != DNS_TYPE_ANY)

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering return 0;

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering r = dns_name_equal(DNS_RESOURCE_KEY_NAME(rr->key), DNS_RESOURCE_KEY_NAME(key));

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering if (r != 0)

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering return r;

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering if (search_domain) {

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering _cleanup_free_ char *joined = NULL;

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering

74b2466e14a1961bf3ac0e8a60cfaceec705bd59Lennart Poettering r = dns_name_concat(DNS_RESOURCE_KEY_NAME(key), search_domain, &joined);

1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering if (r < 0)

1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering return r;

1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering

1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering return dns_name_equal(DNS_RESOURCE_KEY_NAME(rr->key), joined);

1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering }

1716f6dcf54d4c181c2e2558e3d5414f54c8d9caLennart Poettering

8db0d2f5c37e7e8f5bfce016cfdad7947a3ea939Zbigniew Jędrzejewski-Szmek return 0;

8db0d2f5c37e7e8f5bfce016cfdad7947a3ea939Zbigniew Jędrzejewski-Szmek}

8db0d2f5c37e7e8f5bfce016cfdad7947a3ea939Zbigniew Jędrzejewski-Szmek

8db0d2f5c37e7e8f5bfce016cfdad7947a3ea939Zbigniew Jędrzejewski-Szmekint dns_resource_key_match_cname_or_dname(const DnsResourceKey *key, const DnsResourceKey *cname, const char *search_domain) {

8db0d2f5c37e7e8f5bfce016cfdad7947a3ea939Zbigniew Jędrzejewski-Szmek int r;

8db0d2f5c37e7e8f5bfce016cfdad7947a3ea939Zbigniew Jędrzejewski-Szmek

8db0d2f5c37e7e8f5bfce016cfdad7947a3ea939Zbigniew Jędrzejewski-Szmek assert(key);

8db0d2f5c37e7e8f5bfce016cfdad7947a3ea939Zbigniew Jędrzejewski-Szmek assert(cname);

ff3d6560bead6879a2fed1bf99bfe8273b3723f1Zbigniew Jędrzejewski-Szmek

ff3d6560bead6879a2fed1bf99bfe8273b3723f1Zbigniew Jędrzejewski-Szmek if (cname->class != key->class && key->class != DNS_CLASS_ANY)

ff3d6560bead6879a2fed1bf99bfe8273b3723f1Zbigniew Jędrzejewski-Szmek return 0;

ff3d6560bead6879a2fed1bf99bfe8273b3723f1Zbigniew Jędrzejewski-Szmek

ff3d6560bead6879a2fed1bf99bfe8273b3723f1Zbigniew Jędrzejewski-Szmek if (cname->type == DNS_TYPE_CNAME)

ff3d6560bead6879a2fed1bf99bfe8273b3723f1Zbigniew Jędrzejewski-Szmek r = dns_name_equal(DNS_RESOURCE_KEY_NAME(key), DNS_RESOURCE_KEY_NAME(cname));

ff3d6560bead6879a2fed1bf99bfe8273b3723f1Zbigniew Jędrzejewski-Szmek else if (cname->type == DNS_TYPE_DNAME)

ff3d6560bead6879a2fed1bf99bfe8273b3723f1Zbigniew Jędrzejewski-Szmek r = dns_name_endswith(DNS_RESOURCE_KEY_NAME(key), DNS_RESOURCE_KEY_NAME(cname));

5d45a8808431987c370706d365fb0cc95cf03d52Tom Gundersen else

5d45a8808431987c370706d365fb0cc95cf03d52Tom Gundersen return 0;

ff3d6560bead6879a2fed1bf99bfe8273b3723f1Zbigniew Jędrzejewski-Szmek

ff3d6560bead6879a2fed1bf99bfe8273b3723f1Zbigniew Jędrzejewski-Szmek if (r != 0)

ff3d6560bead6879a2fed1bf99bfe8273b3723f1Zbigniew Jędrzejewski-Szmek return r;

ff3d6560bead6879a2fed1bf99bfe8273b3723f1Zbigniew Jędrzejewski-Szmek

ff3d6560bead6879a2fed1bf99bfe8273b3723f1Zbigniew Jędrzejewski-Szmek if (search_domain) {

ff3d6560bead6879a2fed1bf99bfe8273b3723f1Zbigniew Jędrzejewski-Szmek _cleanup_free_ char *joined = NULL;

ff3d6560bead6879a2fed1bf99bfe8273b3723f1Zbigniew Jędrzejewski-Szmek

ff3d6560bead6879a2fed1bf99bfe8273b3723f1Zbigniew Jędrzejewski-Szmek r = dns_name_concat(DNS_RESOURCE_KEY_NAME(key), search_domain, &joined);

51323288fc628a5cac50914df915545d685b793eLennart Poettering if (r < 0)

51323288fc628a5cac50914df915545d685b793eLennart Poettering return r;

51323288fc628a5cac50914df915545d685b793eLennart Poettering

51323288fc628a5cac50914df915545d685b793eLennart Poettering if (cname->type == DNS_TYPE_CNAME)

51323288fc628a5cac50914df915545d685b793eLennart Poettering return dns_name_equal(joined, DNS_RESOURCE_KEY_NAME(cname));

106784ebb7b303ae471851100a773ad2aebf5b80Daniel Mack else if (cname->type == DNS_TYPE_DNAME)

106784ebb7b303ae471851100a773ad2aebf5b80Daniel Mack return dns_name_endswith(joined, DNS_RESOURCE_KEY_NAME(cname));

51323288fc628a5cac50914df915545d685b793eLennart Poettering }

51323288fc628a5cac50914df915545d685b793eLennart Poettering

106784ebb7b303ae471851100a773ad2aebf5b80Daniel Mack return 0;

51323288fc628a5cac50914df915545d685b793eLennart Poettering}

51323288fc628a5cac50914df915545d685b793eLennart Poettering

106784ebb7b303ae471851100a773ad2aebf5b80Daniel Mackint dns_resource_key_match_soa(const DnsResourceKey *key, const DnsResourceKey *soa) {

106784ebb7b303ae471851100a773ad2aebf5b80Daniel Mack assert(soa);

106784ebb7b303ae471851100a773ad2aebf5b80Daniel Mack assert(key);

106784ebb7b303ae471851100a773ad2aebf5b80Daniel Mack

51323288fc628a5cac50914df915545d685b793eLennart Poettering /* Checks whether 'soa' is a SOA record for the specified key. */

51323288fc628a5cac50914df915545d685b793eLennart Poettering

if (soa->class != key->class)

return 0;

if (soa->type != DNS_TYPE_SOA)

return 0;

return dns_name_endswith(DNS_RESOURCE_KEY_NAME(key), DNS_RESOURCE_KEY_NAME(soa));

}

static void dns_resource_key_hash_func(const void *i, struct siphash *state) {

const DnsResourceKey *k = i;

assert(k);

dns_name_hash_func(DNS_RESOURCE_KEY_NAME(k), state);

siphash24_compress(&k->class, sizeof(k->class), state);

siphash24_compress(&k->type, sizeof(k->type), state);

}

static int dns_resource_key_compare_func(const void *a, const void *b) {

const DnsResourceKey *x = a, *y = b;

int ret;

ret = dns_name_compare_func(DNS_RESOURCE_KEY_NAME(x), DNS_RESOURCE_KEY_NAME(y));

if (ret != 0)

return ret;

if (x->type < y->type)

return -1;

if (x->type > y->type)

return 1;

if (x->class < y->class)

return -1;

if (x->class > y->class)

return 1;

return 0;

}

const struct hash_ops dns_resource_key_hash_ops = {

.hash = dns_resource_key_hash_func,

.compare = dns_resource_key_compare_func

};

int dns_resource_key_to_string(const DnsResourceKey *key, char **ret) {

char cbuf[strlen("CLASS") + DECIMAL_STR_MAX(uint16_t)], tbuf[strlen("TYPE") + DECIMAL_STR_MAX(uint16_t)];

const char *c, *t, *n;

char *s;

/* If we cannot convert the CLASS/TYPE into a known string,

c = dns_class_to_string(key->class);

if (!c) {

sprintf(cbuf, "CLASS%u", key->class);

c = cbuf;

}

t = dns_type_to_string(key->type);

if (!t){

sprintf(tbuf, "TYPE%u", key->type);

t = tbuf;

}

n = DNS_RESOURCE_KEY_NAME(key);

if (asprintf(&s, "%s%s %s %-5s", n, endswith(n, ".") ? "" : ".", c, t) < 0)

return -ENOMEM;

*ret = s;

return 0;

}

bool dns_resource_key_reduce(DnsResourceKey **a, DnsResourceKey **b) {

assert(a);

assert(b);

/* Try to replace one RR key by another if they are identical, thus saving a bit of memory. Note that we do

if (!*a)

return false;

if (!*b)

return false;

/* We refuse merging const keys */

if ((*a)->n_ref == (unsigned) -1)

return false;

if ((*b)->n_ref == (unsigned) -1)

return false;

/* Already the same? */

if (*a == *b)

return true;

/* Are they really identical? */

if (dns_resource_key_equal(*a, *b) <= 0)

return false;

/* Keep the one which already has more references. */

if ((*a)->n_ref > (*b)->n_ref) {

dns_resource_key_unref(*b);

*b = dns_resource_key_ref(*a);

} else {

dns_resource_key_unref(*a);

*a = dns_resource_key_ref(*b);

}

return true;

}

DnsResourceRecord* dns_resource_record_new(DnsResourceKey *key) {

DnsResourceRecord *rr;

rr = new0(DnsResourceRecord, 1);

if (!rr)

return NULL;

rr->n_ref = 1;

rr->key = dns_resource_key_ref(key);

rr->expiry = USEC_INFINITY;

rr->n_skip_labels_signer = rr->n_skip_labels_source = (unsigned) -1;

return rr;

}

DnsResourceRecord* dns_resource_record_new_full(uint16_t class, uint16_t type, const char *name) {

_cleanup_(dns_resource_key_unrefp) DnsResourceKey *key = NULL;

key = dns_resource_key_new(class, type, name);

if (!key)

return NULL;

return dns_resource_record_new(key);

}

DnsResourceRecord* dns_resource_record_ref(DnsResourceRecord *rr) {

if (!rr)

return NULL;

assert(rr->n_ref > 0);

rr->n_ref++;

return rr;

}

DnsResourceRecord* dns_resource_record_unref(DnsResourceRecord *rr) {

if (!rr)

return NULL;

assert(rr->n_ref > 0);

if (rr->n_ref > 1) {

rr->n_ref--;

return NULL;

}

if (rr->key) {

switch(rr->key->type) {

case DNS_TYPE_SRV:

free(rr->srv.name);

break;

case DNS_TYPE_PTR:

case DNS_TYPE_NS:

case DNS_TYPE_CNAME:

case DNS_TYPE_DNAME:

free(rr->ptr.name);

break;

case DNS_TYPE_HINFO:

free(rr->hinfo.cpu);

free(rr->hinfo.os);

break;

case DNS_TYPE_TXT:

case DNS_TYPE_SPF:

dns_txt_item_free_all(rr->txt.items);

break;

case DNS_TYPE_SOA:

free(rr->soa.mname);

free(rr->soa.rname);

break;

case DNS_TYPE_MX:

free(rr->mx.exchange);

break;

case DNS_TYPE_DS:

free(rr->ds.digest);

break;

case DNS_TYPE_SSHFP:

free(rr->sshfp.fingerprint);

break;

case DNS_TYPE_DNSKEY:

free(rr->dnskey.key);

break;

case DNS_TYPE_RRSIG:

free(rr->rrsig.signer);

free(rr->rrsig.signature);

break;

case DNS_TYPE_NSEC:

free(rr->nsec.next_domain_name);

bitmap_free(rr->nsec.types);

break;

case DNS_TYPE_NSEC3:

free(rr->nsec3.next_hashed_name);

free(rr->nsec3.salt);

bitmap_free(rr->nsec3.types);

break;

case DNS_TYPE_LOC:

case DNS_TYPE_A:

case DNS_TYPE_AAAA:

break;

case DNS_TYPE_TLSA:

free(rr->tlsa.data);

break;

case DNS_TYPE_OPENPGPKEY:

default:

free(rr->generic.data);

}

free(rr->wire_format);

dns_resource_key_unref(rr->key);

}

free(rr->to_string);

free(rr);

return NULL;

}

int dns_resource_record_new_reverse(DnsResourceRecord **ret, int family, const union in_addr_union *address, const char *hostname) {

_cleanup_(dns_resource_key_unrefp) DnsResourceKey *key = NULL;

_cleanup_(dns_resource_record_unrefp) DnsResourceRecord *rr = NULL;

_cleanup_free_ char *ptr = NULL;

int r;

assert(ret);

assert(address);

assert(hostname);

r = dns_name_reverse(family, address, &ptr);

if (r < 0)

return r;

key = dns_resource_key_new_consume(DNS_CLASS_IN, DNS_TYPE_PTR, ptr);

if (!key)

return -ENOMEM;

ptr = NULL;

rr = dns_resource_record_new(key);

if (!rr)

return -ENOMEM;

rr->ptr.name = strdup(hostname);

if (!rr->ptr.name)

return -ENOMEM;

*ret = rr;

rr = NULL;

return 0;

}

int dns_resource_record_new_address(DnsResourceRecord **ret, int family, const union in_addr_union *address, const char *name) {

DnsResourceRecord *rr;

assert(ret);

assert(address);

assert(family);

if (family == AF_INET) {

rr = dns_resource_record_new_full(DNS_CLASS_IN, DNS_TYPE_A, name);

if (!rr)

return -ENOMEM;

rr->a.in_addr = address->in;

} else if (family == AF_INET6) {

rr = dns_resource_record_new_full(DNS_CLASS_IN, DNS_TYPE_AAAA, name);

if (!rr)

return -ENOMEM;

rr->aaaa.in6_addr = address->in6;

} else

return -EAFNOSUPPORT;

*ret = rr;

return 0;

}

int dns_resource_record_equal(const DnsResourceRecord *a, const DnsResourceRecord *b) {

int r;

assert(a);

assert(b);

if (a == b)

return 1;

r = dns_resource_key_equal(a->key, b->key);

if (r <= 0)

return r;

if (a->unparseable != b->unparseable)

return 0;

switch (a->unparseable ? _DNS_TYPE_INVALID : a->key->type) {

case DNS_TYPE_SRV:

r = dns_name_equal(a->srv.name, b->srv.name);

if (r <= 0)

return r;

return a->srv.priority == b->srv.priority &&

a->srv.weight == b->srv.weight &&

a->srv.port == b->srv.port;

case DNS_TYPE_PTR:

case DNS_TYPE_NS:

case DNS_TYPE_CNAME:

case DNS_TYPE_DNAME:

return dns_name_equal(a->ptr.name, b->ptr.name);

case DNS_TYPE_HINFO:

return strcaseeq(a->hinfo.cpu, b->hinfo.cpu) &&

strcaseeq(a->hinfo.os, b->hinfo.os);

case DNS_TYPE_SPF: /* exactly the same as TXT */

case DNS_TYPE_TXT:

return dns_txt_item_equal(a->txt.items, b->txt.items);

case DNS_TYPE_A:

return memcmp(&a->a.in_addr, &b->a.in_addr, sizeof(struct in_addr)) == 0;

case DNS_TYPE_AAAA:

return memcmp(&a->aaaa.in6_addr, &b->aaaa.in6_addr, sizeof(struct in6_addr)) == 0;

case DNS_TYPE_SOA:

r = dns_name_equal(a->soa.mname, b->soa.mname);

if (r <= 0)

return r;

r = dns_name_equal(a->soa.rname, b->soa.rname);

if (r <= 0)

return r;

return a->soa.serial == b->soa.serial &&

a->soa.refresh == b->soa.refresh &&

a->soa.retry == b->soa.retry &&

a->soa.expire == b->soa.expire &&

a->soa.minimum == b->soa.minimum;

case DNS_TYPE_MX:

if (a->mx.priority != b->mx.priority)

return 0;

return dns_name_equal(a->mx.exchange, b->mx.exchange);

case DNS_TYPE_LOC:

assert(a->loc.version == b->loc.version);

return a->loc.size == b->loc.size &&

a->loc.horiz_pre == b->loc.horiz_pre &&

a->loc.vert_pre == b->loc.vert_pre &&

a->loc.latitude == b->loc.latitude &&

a->loc.longitude == b->loc.longitude &&

a->loc.altitude == b->loc.altitude;

case DNS_TYPE_DS:

return a->ds.key_tag == b->ds.key_tag &&

a->ds.algorithm == b->ds.algorithm &&

a->ds.digest_type == b->ds.digest_type &&

a->ds.digest_size == b->ds.digest_size &&

memcmp(a->ds.digest, b->ds.digest, a->ds.digest_size) == 0;

case DNS_TYPE_SSHFP:

return a->sshfp.algorithm == b->sshfp.algorithm &&

a->sshfp.fptype == b->sshfp.fptype &&

a->sshfp.fingerprint_size == b->sshfp.fingerprint_size &&

memcmp(a->sshfp.fingerprint, b->sshfp.fingerprint, a->sshfp.fingerprint_size) == 0;

case DNS_TYPE_DNSKEY:

return a->dnskey.flags == b->dnskey.flags &&

a->dnskey.protocol == b->dnskey.protocol &&

a->dnskey.algorithm == b->dnskey.algorithm &&

a->dnskey.key_size == b->dnskey.key_size &&

memcmp(a->dnskey.key, b->dnskey.key, a->dnskey.key_size) == 0;

case DNS_TYPE_RRSIG:

/* do the fast comparisons first */

if (a->rrsig.type_covered != b->rrsig.type_covered ||

a->rrsig.algorithm != b->rrsig.algorithm ||

a->rrsig.labels != b->rrsig.labels ||

a->rrsig.original_ttl != b->rrsig.original_ttl ||

a->rrsig.expiration != b->rrsig.expiration ||

a->rrsig.inception != b->rrsig.inception ||

a->rrsig.key_tag != b->rrsig.key_tag ||

a->rrsig.signature_size != b->rrsig.signature_size ||

memcmp(a->rrsig.signature, b->rrsig.signature, a->rrsig.signature_size) != 0)

return false;

return dns_name_equal(a->rrsig.signer, b->rrsig.signer);

case DNS_TYPE_NSEC:

return dns_name_equal(a->nsec.next_domain_name, b->nsec.next_domain_name) &&

bitmap_equal(a->nsec.types, b->nsec.types);

case DNS_TYPE_NSEC3:

return a->nsec3.algorithm == b->nsec3.algorithm &&

a->nsec3.flags == b->nsec3.flags &&

a->nsec3.iterations == b->nsec3.iterations &&

a->nsec3.salt_size == b->nsec3.salt_size &&

memcmp(a->nsec3.salt, b->nsec3.salt, a->nsec3.salt_size) == 0 &&

memcmp(a->nsec3.next_hashed_name, b->nsec3.next_hashed_name, a->nsec3.next_hashed_name_size) == 0 &&

bitmap_equal(a->nsec3.types, b->nsec3.types);

case DNS_TYPE_TLSA:

return a->tlsa.cert_usage == b->tlsa.cert_usage &&

a->tlsa.selector == b->tlsa.selector &&

a->tlsa.matching_type == b->tlsa.matching_type &&

a->tlsa.data_size == b->tlsa.data_size &&

memcmp(a->tlsa.data, b->tlsa.data, a->tlsa.data_size) == 0;

default:

return a->generic.size == b->generic.size &&

memcmp(a->generic.data, b->generic.data, a->generic.size) == 0;

}

}

static char* format_location(uint32_t latitude, uint32_t longitude, uint32_t altitude,

uint8_t size, uint8_t horiz_pre, uint8_t vert_pre) {

char *s;

char NS = latitude >= 1U<<31 ? 'N' : 'S';

char EW = longitude >= 1U<<31 ? 'E' : 'W';

int lat = latitude >= 1U<<31 ? (int) (latitude - (1U<<31)) : (int) ((1U<<31) - latitude);

int lon = longitude >= 1U<<31 ? (int) (longitude - (1U<<31)) : (int) ((1U<<31) - longitude);

double alt = altitude >= 10000000u ? altitude - 10000000u : -(double)(10000000u - altitude);

double siz = (size >> 4) * exp10((double) (size & 0xF));

double hor = (horiz_pre >> 4) * exp10((double) (horiz_pre & 0xF));

double ver = (vert_pre >> 4) * exp10((double) (vert_pre & 0xF));

if (asprintf(&s, "%d %d %.3f %c %d %d %.3f %c %.2fm %.2fm %.2fm %.2fm",

(lat / 60000 / 60),

(lat / 60000) % 60,

(lat % 60000) / 1000.,

NS,

(lon / 60000 / 60),

(lon / 60000) % 60,

(lon % 60000) / 1000.,

EW,

alt / 100.,

siz / 100.,

hor / 100.,

ver / 100.) < 0)

return NULL;

return s;

}

static int format_timestamp_dns(char *buf, size_t l, time_t sec) {

struct tm tm;

assert(buf);

assert(l > strlen("YYYYMMDDHHmmSS"));

if (!gmtime_r(&sec, &tm))

return -EINVAL;

if (strftime(buf, l, "%Y%m%d%H%M%S", &tm) <= 0)

return -EINVAL;

return 0;

}

static char *format_types(Bitmap *types) {

_cleanup_strv_free_ char **strv = NULL;

_cleanup_free_ char *str = NULL;

Iterator i;

unsigned type;

int r;

BITMAP_FOREACH(type, types, i) {

if (dns_type_to_string(type)) {

r = strv_extend(&strv, dns_type_to_string(type));

if (r < 0)

return NULL;

} else {

char *t;

r = asprintf(&t, "TYPE%u", type);

if (r < 0)

return NULL;

r = strv_consume(&strv, t);

if (r < 0)

return NULL;

}

}

str = strv_join(strv, " ");

if (!str)

return NULL;

return strjoin("( ", str, " )", NULL);

}

static char *format_txt(DnsTxtItem *first) {

DnsTxtItem *i;

size_t c = 1;

char *p, *s;

LIST_FOREACH(items, i, first)

c += i->length * 4 + 3;

p = s = new(char, c);

if (!s)

return NULL;

LIST_FOREACH(items, i, first) {

size_t j;

if (i != first)

*(p++) = ' ';

*(p++) = '"';

for (j = 0; j < i->length; j++) {

if (i->data[j] < ' ' || i->data[j] == '"' || i->data[j] >= 127) {

*(p++) = '\\';

*(p++) = '0' + (i->data[j] / 100);

*(p++) = '0' + ((i->data[j] / 10) % 10);

*(p++) = '0' + (i->data[j] % 10);

} else

*(p++) = i->data[j];

}

*(p++) = '"';

}

*p = 0;

return s;

}

const char *dns_resource_record_to_string(DnsResourceRecord *rr) {

_cleanup_free_ char *k = NULL, *t = NULL;

char *s;

int r;

assert(rr);

if (rr->to_string)

return rr->to_string;

r = dns_resource_key_to_string(rr->key, &k);

if (r < 0)

return NULL;

switch (rr->unparseable ? _DNS_TYPE_INVALID : rr->key->type) {

case DNS_TYPE_SRV:

r = asprintf(&s, "%s %u %u %u %s",

k,

rr->srv.priority,

rr->srv.weight,

rr->srv.port,

strna(rr->srv.name));

if (r < 0)

return NULL;

break;

case DNS_TYPE_PTR:

case DNS_TYPE_NS:

case DNS_TYPE_CNAME:

case DNS_TYPE_DNAME:

s = strjoin(k, " ", rr->ptr.name, NULL);

if (!s)

return NULL;

break;

case DNS_TYPE_HINFO:

s = strjoin(k, " ", rr->hinfo.cpu, " ", rr->hinfo.os, NULL);

if (!s)

return NULL;

break;

case DNS_TYPE_SPF: /* exactly the same as TXT */

case DNS_TYPE_TXT:

t = format_txt(rr->txt.items);

if (!t)

return NULL;

s = strjoin(k, " ", t, NULL);

if (!s)

return NULL;

break;

case DNS_TYPE_A: {

_cleanup_free_ char *x = NULL;

r = in_addr_to_string(AF_INET, (const union in_addr_union*) &rr->a.in_addr, &x);

if (r < 0)

return NULL;

s = strjoin(k, " ", x, NULL);

if (!s)

return NULL;

break;

}

case DNS_TYPE_AAAA:

r = in_addr_to_string(AF_INET6, (const union in_addr_union*) &rr->aaaa.in6_addr, &t);

if (r < 0)

return NULL;

s = strjoin(k, " ", t, NULL);

if (!s)

return NULL;

break;

case DNS_TYPE_SOA:

r = asprintf(&s, "%s %s %s %u %u %u %u %u",

k,

strna(rr->soa.mname),

strna(rr->soa.rname),

rr->soa.serial,

rr->soa.refresh,

rr->soa.retry,

rr->soa.expire,

rr->soa.minimum);

if (r < 0)

return NULL;

break;

case DNS_TYPE_MX:

r = asprintf(&s, "%s %u %s",

k,

rr->mx.priority,

rr->mx.exchange);

if (r < 0)

return NULL;

break;

case DNS_TYPE_LOC:

assert(rr->loc.version == 0);

t = format_location(rr->loc.latitude,

rr->loc.longitude,

rr->loc.altitude,

rr->loc.size,

rr->loc.horiz_pre,

rr->loc.vert_pre);

if (!t)

return NULL;

s = strjoin(k, " ", t, NULL);

if (!s)

return NULL;

break;

case DNS_TYPE_DS:

t = hexmem(rr->ds.digest, rr->ds.digest_size);

if (!t)

return NULL;

r = asprintf(&s, "%s %u %u %u %s",

k,

rr->ds.key_tag,

rr->ds.algorithm,

rr->ds.digest_type,

t);

if (r < 0)

return NULL;

break;

case DNS_TYPE_SSHFP:

t = hexmem(rr->sshfp.fingerprint, rr->sshfp.fingerprint_size);

if (!t)

return NULL;

r = asprintf(&s, "%s %u %u %s",

k,

rr->sshfp.algorithm,

rr->sshfp.fptype,

t);

if (r < 0)

return NULL;

break;

case DNS_TYPE_DNSKEY: {

_cleanup_free_ char *alg = NULL;

char *ss;

int n, n1;

uint16_t key_tag;

key_tag = dnssec_keytag(rr, true);

r = dnssec_algorithm_to_string_alloc(rr->dnskey.algorithm, &alg);

if (r < 0)

return NULL;

r = asprintf(&s, "%s %n%u %u %s %n",

k,

&n1,

rr->dnskey.flags,

rr->dnskey.protocol,

alg,

&n);

if (r < 0)

return NULL;

r = base64_append(&s, n,

rr->dnskey.key, rr->dnskey.key_size,

8, columns());

if (r < 0)

return NULL;

r = asprintf(&ss, "%s\n"

"%*s-- Flags:%s%s%s\n"

"%*s-- Key tag: %u",

s,

n1, "",

rr->dnskey.flags & DNSKEY_FLAG_SEP ? " SEP" : "",

rr->dnskey.flags & DNSKEY_FLAG_REVOKE ? " REVOKE" : "",

rr->dnskey.flags & DNSKEY_FLAG_ZONE_KEY ? " ZONE_KEY" : "",

n1, "",

key_tag);

if (r < 0)

return NULL;

free(s);

s = ss;

break;

}

case DNS_TYPE_RRSIG: {

_cleanup_free_ char *alg = NULL;

char expiration[strlen("YYYYMMDDHHmmSS") + 1], inception[strlen("YYYYMMDDHHmmSS") + 1];

const char *type;

int n;

type = dns_type_to_string(rr->rrsig.type_covered);

r = dnssec_algorithm_to_string_alloc(rr->rrsig.algorithm, &alg);

if (r < 0)

return NULL;

r = format_timestamp_dns(expiration, sizeof(expiration), rr->rrsig.expiration);

if (r < 0)

return NULL;

r = format_timestamp_dns(inception, sizeof(inception), rr->rrsig.inception);

if (r < 0)

return NULL;

/* TYPE?? follows

r = asprintf(&s, "%s %s%.*u %s %u %u %s %s %u %s %n",

k,

type ?: "TYPE",

type ? 0 : 1, type ? 0u : (unsigned) rr->rrsig.type_covered,

alg,

rr->rrsig.labels,

rr->rrsig.original_ttl,

expiration,

inception,

rr->rrsig.key_tag,

rr->rrsig.signer,

&n);

if (r < 0)

return NULL;

r = base64_append(&s, n,

rr->rrsig.signature, rr->rrsig.signature_size,

8, columns());

if (r < 0)

return NULL;

break;

}

case DNS_TYPE_NSEC:

t = format_types(rr->nsec.types);

if (!t)

return NULL;

r = asprintf(&s, "%s %s %s",

k,

rr->nsec.next_domain_name,

t);

if (r < 0)

return NULL;

break;

case DNS_TYPE_NSEC3: {

_cleanup_free_ char *salt = NULL, *hash = NULL;

if (rr->nsec3.salt_size > 0) {

salt = hexmem(rr->nsec3.salt, rr->nsec3.salt_size);

if (!salt)

return NULL;

}

hash = base32hexmem(rr->nsec3.next_hashed_name, rr->nsec3.next_hashed_name_size, false);

if (!hash)

return NULL;

t = format_types(rr->nsec3.types);

if (!t)

return NULL;

r = asprintf(&s, "%s %"PRIu8" %"PRIu8" %"PRIu16" %s %s %s",

k,

rr->nsec3.algorithm,

rr->nsec3.flags,

rr->nsec3.iterations,

rr->nsec3.salt_size > 0 ? salt : "-",

hash,

t);

if (r < 0)

return NULL;

break;

}

case DNS_TYPE_TLSA: {

const char *cert_usage, *selector, *matching_type;

char *ss;

int n;

cert_usage = tlsa_cert_usage_to_string(rr->tlsa.cert_usage);

selector = tlsa_selector_to_string(rr->tlsa.selector);

matching_type = tlsa_matching_type_to_string(rr->tlsa.matching_type);

r = asprintf(&s, "%s %u %u %u %n",

k,

rr->tlsa.cert_usage,

rr->tlsa.selector,

rr->tlsa.matching_type,

&n);

if (r < 0)

return NULL;

r = base64_append(&s, n,

rr->tlsa.data, rr->tlsa.data_size,

8, columns());

if (r < 0)

return NULL;

r = asprintf(&ss, "%s\n"

"%*s-- Cert. usage: %s\n"

"%*s-- Selector: %s\n"

"%*s-- Matching type: %s",

s,

n - 6, "", cert_usage,

n - 6, "", selector,

n - 6, "", matching_type);

if (r < 0)

return NULL;

free(s);

s = ss;

break;

}

case DNS_TYPE_OPENPGPKEY: {

int n;

r = asprintf(&s, "%s %n",

k,

&n);

if (r < 0)

return NULL;

r = base64_append(&s, n,

rr->generic.data, rr->generic.size,

8, columns());

if (r < 0)

return NULL;

break;

}

default:

t = hexmem(rr->generic.data, rr->generic.size);

if (!t)

return NULL;

/* Format as documented in RFC 3597, Section 5 */

r = asprintf(&s, "%s \\# %zu %s", k, rr->generic.size, t);

if (r < 0)

return NULL;

break;

}

rr->to_string = s;

return s;

}

int dns_resource_record_to_wire_format(DnsResourceRecord *rr, bool canonical) {

DnsPacket packet = {

.n_ref = 1,

.protocol = DNS_PROTOCOL_DNS,

.on_stack = true,

.refuse_compression = true,

.canonical_form = canonical,

};

size_t start, rds;

int r;

assert(rr);

/* Generates the RR in wire-format, optionally in the

if (rr->wire_format && rr->wire_format_canonical == canonical)

return 0;

r = dns_packet_append_rr(&packet, rr, &start, &rds);

if (r < 0)

return r;

assert(start == 0);

assert(packet._data);

free(rr->wire_format);

rr->wire_format = packet._data;

rr->wire_format_size = packet.size;

rr->wire_format_rdata_offset = rds;

rr->wire_format_canonical = canonical;

packet._data = NULL;

dns_packet_unref(&packet);

return 0;

}

int dns_resource_record_signer(DnsResourceRecord *rr, const char **ret) {

const char *n;

int r;

assert(rr);

assert(ret);

/* Returns the RRset's signer, if it is known. */

if (rr->n_skip_labels_signer == (unsigned) -1)

return -ENODATA;

n = DNS_RESOURCE_KEY_NAME(rr->key);

r = dns_name_skip(n, rr->n_skip_labels_signer, &n);

if (r < 0)

return r;

if (r == 0)

return -EINVAL;

*ret = n;

return 0;

}

int dns_resource_record_source(DnsResourceRecord *rr, const char **ret) {

const char *n;

int r;

assert(rr);

assert(ret);

/* Returns the RRset's synthesizing source, if it is known. */

if (rr->n_skip_labels_source == (unsigned) -1)

return -ENODATA;

n = DNS_RESOURCE_KEY_NAME(rr->key);

r = dns_name_skip(n, rr->n_skip_labels_source, &n);

if (r < 0)

return r;

if (r == 0)

return -EINVAL;

*ret = n;

return 0;

}

int dns_resource_record_is_signer(DnsResourceRecord *rr, const char *zone) {

const char *signer;

int r;

assert(rr);

r = dns_resource_record_signer(rr, &signer);

if (r < 0)

return r;

return dns_name_equal(zone, signer);

}

int dns_resource_record_is_synthetic(DnsResourceRecord *rr) {

int r;

assert(rr);

/* Returns > 0 if the RR is generated from a wildcard, and is not the asterisk name itself */

if (rr->n_skip_labels_source == (unsigned) -1)

return -ENODATA;

if (rr->n_skip_labels_source == 0)

return 0;

if (rr->n_skip_labels_source > 1)

return 1;

r = dns_name_startswith(DNS_RESOURCE_KEY_NAME(rr->key), "*");

if (r < 0)

return r;

return !r;

}

static void dns_resource_record_hash_func(const void *i, struct siphash *state) {

const DnsResourceRecord *rr = i;

assert(rr);

dns_resource_key_hash_func(rr->key, state);

switch (rr->unparseable ? _DNS_TYPE_INVALID : rr->key->type) {

case DNS_TYPE_SRV:

siphash24_compress(&rr->srv.priority, sizeof(rr->srv.priority), state);

siphash24_compress(&rr->srv.weight, sizeof(rr->srv.weight), state);

siphash24_compress(&rr->srv.port, sizeof(rr->srv.port), state);

dns_name_hash_func(rr->srv.name, state);

break;