zonecut.h 5.44 KB
Newer Older
1
/*  Copyright (C) 2014-2017 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
2

Marek Vavruša's avatar
Marek Vavruša committed
3 4 5 6
    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.
7

Marek Vavruša's avatar
Marek Vavruša committed
8 9 10 11
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
12

Marek Vavruša's avatar
Marek Vavruša committed
13
    You should have received a copy of the GNU General Public License
14
    along with this program.  If not, see <https://www.gnu.org/licenses/>.
Marek Vavruša's avatar
Marek Vavruša committed
15
 */
16 17 18

#pragma once

19
#include "lib/cache/api.h"
20 21 22
#include "lib/defines.h"
#include "lib/generic/pack.h"
#include "lib/generic/trie.h"
23

24 25 26 27 28 29 30 31 32

/* TMP: compatibility for using libknot 2.8 API with 2.9. */
#if KNOT_VERSION_MINOR >= 9
static inline size_t knot_rdataset_size(const knot_rdataset_t *rrs)
{
	return rrs->size;
}
#endif

33
struct kr_rplan;
34
struct kr_context;
35

36 37
/**
 * Current zone cut representation.
38 39
*/
struct kr_zonecut {
40
	knot_dname_t *name; /**< Zone cut name. */
41
	knot_rrset_t* key;  /**< Zone cut DNSKEY. */
42
	knot_rrset_t* trust_anchor; /**< Current trust anchor. */
43
	struct kr_zonecut *parent; /**< Parent zone cut. */
44
	trie_t *nsset;        /**< Map of nameserver => address_set (pack_t). */
45
	knot_mm_t *pool;     /**< Memory pool. */
46 47
};

48
/**
49 50 51 52 53
 * Populate root zone cut with SBELT.
 * @param cut zone cut
 * @param name
 * @param pool
 * @return 0 or error code
54
 */
55
KR_EXPORT
56
int kr_zonecut_init(struct kr_zonecut *cut, const knot_dname_t *name, knot_mm_t *pool);
57

58
/**
59 60
 * Clear the structure and free the address set.
 * @param cut zone cut
61
 */
62
KR_EXPORT
63
void kr_zonecut_deinit(struct kr_zonecut *cut);
64

65 66 67 68 69 70 71 72
/**
 * Move a zonecut, transferring ownership of any pointed-to memory.
 * @param to the target - it gets deinit-ed
 * @param from the source - not modified, but shouldn't be used afterward
 */
KR_EXPORT
void kr_zonecut_move(struct kr_zonecut *to, const struct kr_zonecut *from);

73
/**
74
 * Reset zone cut to given name and clear address list.
75
 * @note This clears the address list even if the name doesn't change. TA and DNSKEY don't change.
76 77
 * @param cut  zone cut to be set
 * @param name new zone cut name
78
 */
79
KR_EXPORT
80
void kr_zonecut_set(struct kr_zonecut *cut, const knot_dname_t *name);
81

82
/**
83
 * Copy zone cut, including all data. Does not copy keys and trust anchor.
84 85
 * @param dst destination zone cut
 * @param src source zone cut
86 87 88
 * @return 0 or an error code; If it fails with kr_error(ENOMEM),
 * it may be in a half-filled state, but it's safe to deinit...
 * @note addresses for names in `src` get replaced and others are left as they were.
89
 */
90
KR_EXPORT
91 92
int kr_zonecut_copy(struct kr_zonecut *dst, const struct kr_zonecut *src);

93
/**
94
 * Copy zone trust anchor and keys.
95 96 97 98
 * @param dst destination zone cut
 * @param src source zone cut
 * @return 0 or an error code
 */
99
KR_EXPORT
100
int kr_zonecut_copy_trust(struct kr_zonecut *dst, const struct kr_zonecut *src);
101

102
/**
103 104 105 106 107 108 109
 * Add address record to the zone cut.
 *
 * The record will be merged with existing data,
 * it may be either A/AAAA type.
 *
 * @param cut    zone cut to be populated
 * @param ns     nameserver name
110 111
 * @param data   typically knot_rdata_t::data
 * @param len    typically knot_rdata_t::len
112 113
 * @return 0 or error code
 */
114
KR_EXPORT
115
int kr_zonecut_add(struct kr_zonecut *cut, const knot_dname_t *ns, const void *data, int len);
116 117 118 119 120

/**
 * Delete nameserver/address pair from the zone cut.
 * @param  cut
 * @param  ns    name server name
121 122
 * @param  data  typically knot_rdata_t::data
 * @param  len   typically knot_rdata_t::len
123 124
 * @return       0 or error code
 */
125
KR_EXPORT
126
int kr_zonecut_del(struct kr_zonecut *cut, const knot_dname_t *ns, const void *data, int len);
127

128 129 130 131 132 133 134 135 136
/**
 * Delete all addresses associated with the given name.
 * @param  cut
 * @param  ns    name server name
 * @return       0 or error code
 */
KR_EXPORT
int kr_zonecut_del_all(struct kr_zonecut *cut, const knot_dname_t *ns);

137 138 139 140 141 142 143 144 145 146
/**
 * Find nameserver address list in the zone cut.
 *
 * @note This can be used for membership test, a non-null pack is returned
 *       if the nameserver name exists.
 * 
 * @param  cut
 * @param  ns    name server name
 * @return       pack of addresses or NULL
 */
147
KR_EXPORT KR_PURE
148 149
pack_t *kr_zonecut_find(struct kr_zonecut *cut, const knot_dname_t *ns);

150 151 152
/**
 * Populate zone cut with a root zone using SBELT :rfc:`1034`
 *
153
 * @param ctx resolution context (to fetch root hints)
154 155 156
 * @param cut zone cut to be populated
 * @return 0 or error code
 */
157
KR_EXPORT
158
int kr_zonecut_set_sbelt(struct kr_context *ctx, struct kr_zonecut *cut);
159 160 161

/**
 * Populate zone cut address set from cache.
162 163
 *
 * @param ctx       resolution context (to fetch data from LRU caches)
164
 * @param cut       zone cut to be populated
165
 * @param name      QNAME to start finding zone cut for
166
 * @param qry       query for timestamp and stale-serving decisions
167
 * @param secured   set to true if want secured zone cut, will return false if it is provably insecure
168
 * @return 0 or error code (ENOENT if it doesn't find anything)
169
 */
170
KR_EXPORT
171 172 173
int kr_zonecut_find_cached(struct kr_context *ctx, struct kr_zonecut *cut,
			   const knot_dname_t *name, const struct kr_query *qry,
			   bool * restrict secured);
174
/**
175
 * Check if any address is present in the zone cut.
176 177 178 179
 *
 * @param cut zone cut to check
 * @return true/false
 */
180 181 182
KR_EXPORT
bool kr_zonecut_is_empty(struct kr_zonecut *cut);