zonecut.h 5.25 KB
Newer Older
1
/*  Copyright (C) 2014-2017 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
2

Marek Vavruša's avatar
Marek Vavruša committed
3 4 5 6
    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.
7

Marek Vavruša's avatar
Marek Vavruša committed
8 9 10 11
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
12

Marek Vavruša's avatar
Marek Vavruša committed
13
    You should have received a copy of the GNU General Public License
14
    along with this program.  If not, see <https://www.gnu.org/licenses/>.
Marek Vavruša's avatar
Marek Vavruša committed
15
 */
16 17 18

#pragma once

19
#include "lib/cache/api.h"
20 21 22
#include "lib/defines.h"
#include "lib/generic/pack.h"
#include "lib/generic/trie.h"
23

Marek Vavruša's avatar
Marek Vavruša committed
24
struct kr_rplan;
25
struct kr_context;
26

Marek Vavruša's avatar
Marek Vavruša committed
27 28
/**
 * Current zone cut representation.
Marek Vavruša's avatar
Marek Vavruša committed
29 30
*/
struct kr_zonecut {
31
	knot_dname_t *name; /**< Zone cut name. */
32
	knot_rrset_t* key;  /**< Zone cut DNSKEY. */
33
	knot_rrset_t* trust_anchor; /**< Current trust anchor. */
34
	struct kr_zonecut *parent; /**< Parent zone cut. */
35
	trie_t *nsset;        /**< Map of nameserver => address_set (pack_t). */
36
	knot_mm_t *pool;     /**< Memory pool. */
37 38
};

Marek Vavruša's avatar
Marek Vavruša committed
39
/**
40 41 42 43 44
 * Populate root zone cut with SBELT.
 * @param cut zone cut
 * @param name
 * @param pool
 * @return 0 or error code
45
 */
46
KR_EXPORT
47
int kr_zonecut_init(struct kr_zonecut *cut, const knot_dname_t *name, knot_mm_t *pool);
48

Marek Vavruša's avatar
Marek Vavruša committed
49
/**
50 51
 * Clear the structure and free the address set.
 * @param cut zone cut
52
 */
53
KR_EXPORT
54
void kr_zonecut_deinit(struct kr_zonecut *cut);
Marek Vavruša's avatar
Marek Vavruša committed
55

56 57 58 59 60 61 62 63
/**
 * Move a zonecut, transferring ownership of any pointed-to memory.
 * @param to the target - it gets deinit-ed
 * @param from the source - not modified, but shouldn't be used afterward
 */
KR_EXPORT
void kr_zonecut_move(struct kr_zonecut *to, const struct kr_zonecut *from);

Marek Vavruša's avatar
Marek Vavruša committed
64
/**
65
 * Reset zone cut to given name and clear address list.
66
 * @note This clears the address list even if the name doesn't change. TA and DNSKEY don't change.
67 68
 * @param cut  zone cut to be set
 * @param name new zone cut name
69
 */
70
KR_EXPORT
71
void kr_zonecut_set(struct kr_zonecut *cut, const knot_dname_t *name);
72

73
/**
74
 * Copy zone cut, including all data. Does not copy keys and trust anchor.
75 76
 * @param dst destination zone cut
 * @param src source zone cut
77 78 79
 * @return 0 or an error code; If it fails with kr_error(ENOMEM),
 * it may be in a half-filled state, but it's safe to deinit...
 * @note addresses for names in `src` get replaced and others are left as they were.
80
 */
81
KR_EXPORT
82 83
int kr_zonecut_copy(struct kr_zonecut *dst, const struct kr_zonecut *src);

84
/**
85
 * Copy zone trust anchor and keys.
86 87 88 89
 * @param dst destination zone cut
 * @param src source zone cut
 * @return 0 or an error code
 */
90
KR_EXPORT
91
int kr_zonecut_copy_trust(struct kr_zonecut *dst, const struct kr_zonecut *src);
92

Marek Vavruša's avatar
Marek Vavruša committed
93
/**
94 95 96 97 98 99 100
 * Add address record to the zone cut.
 *
 * The record will be merged with existing data,
 * it may be either A/AAAA type.
 *
 * @param cut    zone cut to be populated
 * @param ns     nameserver name
101 102
 * @param data   typically knot_rdata_t::data
 * @param len    typically knot_rdata_t::len
103 104
 * @return 0 or error code
 */
105
KR_EXPORT
106
int kr_zonecut_add(struct kr_zonecut *cut, const knot_dname_t *ns, const void *data, int len);
107 108 109 110 111

/**
 * Delete nameserver/address pair from the zone cut.
 * @param  cut
 * @param  ns    name server name
112 113
 * @param  data  typically knot_rdata_t::data
 * @param  len   typically knot_rdata_t::len
114 115
 * @return       0 or error code
 */
116
KR_EXPORT
117
int kr_zonecut_del(struct kr_zonecut *cut, const knot_dname_t *ns, const void *data, int len);
118

119 120 121 122 123 124 125 126 127
/**
 * Delete all addresses associated with the given name.
 * @param  cut
 * @param  ns    name server name
 * @return       0 or error code
 */
KR_EXPORT
int kr_zonecut_del_all(struct kr_zonecut *cut, const knot_dname_t *ns);

128 129 130 131 132 133 134 135 136 137
/**
 * Find nameserver address list in the zone cut.
 *
 * @note This can be used for membership test, a non-null pack is returned
 *       if the nameserver name exists.
 * 
 * @param  cut
 * @param  ns    name server name
 * @return       pack of addresses or NULL
 */
138
KR_EXPORT KR_PURE
139 140
pack_t *kr_zonecut_find(struct kr_zonecut *cut, const knot_dname_t *ns);

141 142 143
/**
 * Populate zone cut with a root zone using SBELT :rfc:`1034`
 *
144
 * @param ctx resolution context (to fetch root hints)
145 146 147
 * @param cut zone cut to be populated
 * @return 0 or error code
 */
148
KR_EXPORT
149
int kr_zonecut_set_sbelt(struct kr_context *ctx, struct kr_zonecut *cut);
150 151 152

/**
 * Populate zone cut address set from cache.
153 154
 *
 * @param ctx       resolution context (to fetch data from LRU caches)
155
 * @param cut       zone cut to be populated
156
 * @param name      QNAME to start finding zone cut for
157
 * @param qry       query for timestamp and stale-serving decisions
158
 * @param secured   set to true if want secured zone cut, will return false if it is provably insecure
159
 * @return 0 or error code (ENOENT if it doesn't find anything)
Marek Vavruša's avatar
Marek Vavruša committed
160
 */
161
KR_EXPORT
162 163 164
int kr_zonecut_find_cached(struct kr_context *ctx, struct kr_zonecut *cut,
			   const knot_dname_t *name, const struct kr_query *qry,
			   bool * restrict secured);
165
/**
166
 * Check if any address is present in the zone cut.
167 168 169 170
 *
 * @param cut zone cut to check
 * @return true/false
 */
171 172 173
KR_EXPORT
bool kr_zonecut_is_empty(struct kr_zonecut *cut);