The FreeRADIUS server  $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
dns.h
Go to the documentation of this file.
1 #pragma once
2 /*
3  * This program is free software; you can redistribute it and/or modify
4  * it under the terms of the GNU General Public License as published by
5  * the Free Software Foundation; either version 2 of the License, or
6  * (at your option) any later version.
7  *
8  * This program is distributed in the hope that it will be useful,
9  * but WITHOUT ANY WARRANTY; without even the implied warranty of
10  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11  * GNU General Public License for more details.
12  *
13  * You should have received a copy of the GNU General Public License
14  * along with this program; if not, write to the Free Software
15  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
16  */
17 
18 /**
19  * $Id: 3033910e1bdf3474aa396cc3609794aeb8181aec $
20  *
21  * @file protocols/dns/dns.h
22  * @brief Implementation of the DNS protocol.
23  *
24  * @copyright 2021 Network RADIUS SAS (legal@networkradius.com)
25  */
26 RCSIDH(dhcp_h, "$Id: 3033910e1bdf3474aa396cc3609794aeb8181aec $")
27 
28 #ifdef __cplusplus
29 extern "C" {
30 #endif
31 
32 #include <freeradius-devel/util/packet.h>
33 #include <freeradius-devel/util/dns.h>
34 
35 #define DNS_MAX_ATTRIBUTES 255
36 
37 typedef struct {
38  uint16_t id;
39 #ifdef WORDS_BIGENDIAN
40  unsigned int query : 1;
41  unsigned int opcode : 4;
42  unsigned int authoritative : 1;
43  unsigned int truncated : 1;
44  unsigned int recursion_desired : 1;
45 #else
46  unsigned int recursion_desired : 1;
47  unsigned int truncated : 1;
48  unsigned int authoritative : 1;
49  unsigned int opcode : 4;
50  unsigned int query : 1;
51 #endif
52 
53 #ifdef WORDS_BIGENDIAN
54  unsigned int recursion_available : 1;
55  unsigned int reserved : 1;
56  unsigned int authentic_data : 1;
57  unsigned int checking_disabled : 1;
58  unsigned int rcode : 4;
59 #else
60  unsigned int rcode : 4;
61  unsigned int checking_disabled : 1;
62  unsigned int authentic_data : 1;
63  unsigned int reserved : 1;
64  unsigned int recursion_available : 1;
65 #endif
66 
67  uint16_t qdcount;
68  uint16_t ancount;
69  uint16_t nscount;
70  uint16_t arcount;
71 } CC_HINT(__packed__) fr_dns_packet_t;
72 
73 /** subtype values for DHCPv4 and DHCPv6
74  *
75  */
76 enum {
77  FLAG_ENCODE_NONE = 0, //!< no particular encoding for DNS strings
78  FLAG_ENCODE_DNS_LABEL, //!< encode as DNS label
79  FLAG_ENCODE_DNS_LABEL_UNCOMPRESSED, //!< encode as uncompressed DNS label
80 };
81 
82 typedef struct {
83  TALLOC_CTX *tmp_ctx; //!< for temporary things cleaned up during decoding
84  uint8_t const *packet; //!< DNS labels can point anywhere in the packet :(
85  size_t packet_len;
86  fr_dns_labels_t *lb;
87 } fr_dns_ctx_t;
88 
89 int fr_dns_global_init(void);
90 void fr_dns_global_free(void);
91 
92 typedef enum {
93  FR_DNS_QUERY = 0,
94  FR_DNS_INVERSE_QUERY = 1,
95  FR_DNS_STATUS = 2,
96  FR_DNS_NOTIFY = 4,
97  FR_DNS_UPDATE = 5,
98  FR_DNS_STATEFUL_OPERATION = 6,
99  FR_DNS_CODE_MAX = 7,
100 
101  FR_DNS_QUERY_RESPONSE = 16,
102  FR_DNS_INVERSE_QUERY_RESPONSE = 17,
103  FR_DNS_STATUS_RESPONSE = 18,
104  FR_DNS_NOTIFY_RESPONSE = 20,
105  FR_DNS_UPDATE_RESPONSE = 21,
106  FR_DNS_STATEFUL_OPERATION_RESPONSE = 22,
107 
108  FR_DNS_DO_NOT_RESPOND = 256,
109 } fr_dns_packet_code_t;
110 
111 typedef enum {
112  FR_DNS_DECODE_FAIL_NONE = 0,
113  FR_DNS_DECODE_FAIL_MIN_LENGTH_PACKET,
114  FR_DNS_DECODE_FAIL_MAX_LENGTH_PACKET,
115  FR_DNS_DECODE_FAIL_UNEXPECTED,
116  FR_DNS_DECODE_FAIL_NO_QUESTIONS,
117  FR_DNS_DECODE_FAIL_ANSWERS_IN_QUESTION,
118  FR_DNS_DECODE_FAIL_NS_IN_QUESTION,
119  FR_DNS_DECODE_FAIL_INVALID_RR_LABEL,
120  FR_DNS_DECODE_FAIL_MISSING_RR_HEADER,
121  FR_DNS_DECODE_FAIL_MISSING_RR_LEN,
122  FR_DNS_DECODE_FAIL_ZERO_RR_LEN,
123  FR_DNS_DECODE_FAIL_RR_OVERFLOWS_PACKET,
124  FR_DNS_DECODE_FAIL_TOO_MANY_RRS,
125  FR_DNS_DECODE_FAIL_TOO_FEW_RRS,
126  FR_DNS_DECODE_FAIL_POINTER_TO_NON_LABEL,
127  FR_DNS_DECODE_FAIL_POINTER_OVERFLOWS_PACKET,
128  FR_DNS_DECODE_FAIL_POINTER_TO_HEADER,
129  FR_DNS_DECODE_FAIL_POINTER_LOOPS,
130  FR_DNS_DECODE_FAIL_INVALID_POINTER,
131  FR_DNS_DECODE_FAIL_LABEL_OVERFLOWS_PACKET,
132  FR_DNS_DECODE_FAIL_LABEL_TOO_LONG,
133  FR_DNS_DECODE_FAIL_MISSING_QD_HEADER,
134  FR_DNS_DECODE_FAIL_MISSING_TLV_HEADER,
135  FR_DNS_DECODE_FAIL_TLV_OVERFLOWS_RR,
136  FR_DNS_DECODE_FAIL_MAX
137 } fr_dns_decode_fail_t;
138 
139 #define FR_DNS_PACKET_CODE_VALID(_code) (((_code) < FR_DNS_CODE_MAX) || (((_code & 0x10) != 0) && ((_code & ~0x10) < FR_DNS_CODE_MAX)))
140 
141 #define DNS_HDR_LEN (12)
142 
143 extern fr_table_num_ordered_t fr_dns_reason_fail_table[];
144 extern char const *fr_dns_packet_names[FR_DNS_CODE_MAX];
145 extern size_t fr_dns_reason_fail_table_len;
146 
147 bool fr_dns_packet_ok(uint8_t const *packet, size_t packet_len, bool query, fr_dns_decode_fail_t *reason);
148 
149 fr_dns_labels_t *fr_dns_labels_get(uint8_t const *packet, size_t packet_len, bool init_mark);
150 
151 ssize_t fr_dns_decode(TALLOC_CTX *ctx, fr_pair_list_t *out,
152  uint8_t const *packet, size_t packet_len, fr_dns_ctx_t *packet_ctx);
153 
154 ssize_t fr_dns_encode(fr_dbuff_t *dbuff, fr_pair_list_t *vps, fr_dns_ctx_t *encode_ctx);
155 
156 #ifdef __cplusplus
157 }
158 #endif
RCSIDH
#define RCSIDH(h, id)
Definition: build.h:445
fr_dns_labels_t
Definition: dns.h:35
uint16_t
unsigned short uint16_t
Definition: merged_model.c:31
ssize_t
long int ssize_t
Definition: merged_model.c:24
uint8_t
unsigned char uint8_t
Definition: merged_model.c:30
fr_dbuff_t
Definition: merged_model.c:41
encode_ctx
static fr_internal_encode_ctx_t encode_ctx
Definition: proto_ldap_sync.c:34
fr_dns_packet_t::nscount
uint16_t nscount
Definition: dns.h:69
fr_dns_encode
ssize_t fr_dns_encode(fr_dbuff_t *dbuff, fr_pair_list_t *vps, fr_dns_ctx_t *encode_ctx)
Encode a DNS packet.
Definition: encode.c:454
fr_dns_global_init
int fr_dns_global_init(void)
Resolve/cache attributes in the DNS dictionary.
Definition: base.c:404
fr_dns_packet_t::reserved
unsigned int reserved
Definition: dns.h:63
fr_dns_ctx_t::packet_len
size_t packet_len
Definition: dns.h:85
fr_dns_packet_code_t
fr_dns_packet_code_t
Definition: dns.h:92
FR_DNS_DO_NOT_RESPOND
@ FR_DNS_DO_NOT_RESPOND
Definition: dns.h:108
FR_DNS_STATEFUL_OPERATION_RESPONSE
@ FR_DNS_STATEFUL_OPERATION_RESPONSE
Definition: dns.h:106
FR_DNS_UPDATE_RESPONSE
@ FR_DNS_UPDATE_RESPONSE
Definition: dns.h:105
FR_DNS_STATEFUL_OPERATION
@ FR_DNS_STATEFUL_OPERATION
Definition: dns.h:98
FR_DNS_QUERY
@ FR_DNS_QUERY
Definition: dns.h:93
FR_DNS_QUERY_RESPONSE
@ FR_DNS_QUERY_RESPONSE
Definition: dns.h:101
FR_DNS_NOTIFY_RESPONSE
@ FR_DNS_NOTIFY_RESPONSE
Definition: dns.h:104
FR_DNS_STATUS_RESPONSE
@ FR_DNS_STATUS_RESPONSE
Definition: dns.h:103
FR_DNS_NOTIFY
@ FR_DNS_NOTIFY
Definition: dns.h:96
FR_DNS_INVERSE_QUERY
@ FR_DNS_INVERSE_QUERY
Definition: dns.h:94
FR_DNS_STATUS
@ FR_DNS_STATUS
Definition: dns.h:95
FR_DNS_INVERSE_QUERY_RESPONSE
@ FR_DNS_INVERSE_QUERY_RESPONSE
Definition: dns.h:102
FR_DNS_UPDATE
@ FR_DNS_UPDATE
Definition: dns.h:97
FR_DNS_CODE_MAX
@ FR_DNS_CODE_MAX
Definition: dns.h:99
fr_dns_packet_t::authentic_data
unsigned int authentic_data
Definition: dns.h:62
fr_dns_ctx_t::tmp_ctx
TALLOC_CTX * tmp_ctx
for temporary things cleaned up during decoding
Definition: dns.h:83
fr_dns_decode
ssize_t fr_dns_decode(TALLOC_CTX *ctx, fr_pair_list_t *out, uint8_t const *packet, size_t packet_len, fr_dns_ctx_t *packet_ctx)
Decode a DNS packet.
Definition: decode.c:265
fr_dns_reason_fail_table_len
size_t fr_dns_reason_fail_table_len
Definition: decode.c:413
fr_dns_packet_t::rcode
unsigned int rcode
Definition: dns.h:60
fr_dns_packet_t::query
unsigned int query
Definition: dns.h:50
fr_dns_global_free
void fr_dns_global_free(void)
Definition: base.c:426
fr_dns_packet_t::opcode
unsigned int opcode
Definition: dns.h:49
fr_dns_labels_get
fr_dns_labels_t * fr_dns_labels_get(uint8_t const *packet, size_t packet_len, bool init_mark)
Definition: base.c:375
fr_dns_packet_t::truncated
unsigned int truncated
Definition: dns.h:47
fr_dns_packet_names
char const * fr_dns_packet_names[FR_DNS_CODE_MAX]
Definition: base.c:68
fr_dns_ctx_t::packet
uint8_t const * packet
DNS labels can point anywhere in the packet :(.
Definition: dns.h:84
fr_dns_decode_fail_t
fr_dns_decode_fail_t
Definition: dns.h:111
FR_DNS_DECODE_FAIL_ANSWERS_IN_QUESTION
@ FR_DNS_DECODE_FAIL_ANSWERS_IN_QUESTION
Definition: dns.h:117
FR_DNS_DECODE_FAIL_TOO_MANY_RRS
@ FR_DNS_DECODE_FAIL_TOO_MANY_RRS
Definition: dns.h:124
FR_DNS_DECODE_FAIL_RR_OVERFLOWS_PACKET
@ FR_DNS_DECODE_FAIL_RR_OVERFLOWS_PACKET
Definition: dns.h:123
FR_DNS_DECODE_FAIL_INVALID_RR_LABEL
@ FR_DNS_DECODE_FAIL_INVALID_RR_LABEL
Definition: dns.h:119
FR_DNS_DECODE_FAIL_POINTER_TO_NON_LABEL
@ FR_DNS_DECODE_FAIL_POINTER_TO_NON_LABEL
Definition: dns.h:126
FR_DNS_DECODE_FAIL_INVALID_POINTER
@ FR_DNS_DECODE_FAIL_INVALID_POINTER
Definition: dns.h:130
FR_DNS_DECODE_FAIL_POINTER_OVERFLOWS_PACKET
@ FR_DNS_DECODE_FAIL_POINTER_OVERFLOWS_PACKET
Definition: dns.h:127
FR_DNS_DECODE_FAIL_LABEL_OVERFLOWS_PACKET
@ FR_DNS_DECODE_FAIL_LABEL_OVERFLOWS_PACKET
Definition: dns.h:131
FR_DNS_DECODE_FAIL_MISSING_TLV_HEADER
@ FR_DNS_DECODE_FAIL_MISSING_TLV_HEADER
Definition: dns.h:134
FR_DNS_DECODE_FAIL_UNEXPECTED
@ FR_DNS_DECODE_FAIL_UNEXPECTED
Definition: dns.h:115
FR_DNS_DECODE_FAIL_POINTER_TO_HEADER
@ FR_DNS_DECODE_FAIL_POINTER_TO_HEADER
Definition: dns.h:128
FR_DNS_DECODE_FAIL_ZERO_RR_LEN
@ FR_DNS_DECODE_FAIL_ZERO_RR_LEN
Definition: dns.h:122
FR_DNS_DECODE_FAIL_LABEL_TOO_LONG
@ FR_DNS_DECODE_FAIL_LABEL_TOO_LONG
Definition: dns.h:132
FR_DNS_DECODE_FAIL_TOO_FEW_RRS
@ FR_DNS_DECODE_FAIL_TOO_FEW_RRS
Definition: dns.h:125
FR_DNS_DECODE_FAIL_MISSING_RR_LEN
@ FR_DNS_DECODE_FAIL_MISSING_RR_LEN
Definition: dns.h:121
FR_DNS_DECODE_FAIL_MISSING_QD_HEADER
@ FR_DNS_DECODE_FAIL_MISSING_QD_HEADER
Definition: dns.h:133
FR_DNS_DECODE_FAIL_MAX_LENGTH_PACKET
@ FR_DNS_DECODE_FAIL_MAX_LENGTH_PACKET
Definition: dns.h:114
FR_DNS_DECODE_FAIL_MAX
@ FR_DNS_DECODE_FAIL_MAX
Definition: dns.h:136
FR_DNS_DECODE_FAIL_NS_IN_QUESTION
@ FR_DNS_DECODE_FAIL_NS_IN_QUESTION
Definition: dns.h:118
FR_DNS_DECODE_FAIL_NO_QUESTIONS
@ FR_DNS_DECODE_FAIL_NO_QUESTIONS
Definition: dns.h:116
FR_DNS_DECODE_FAIL_NONE
@ FR_DNS_DECODE_FAIL_NONE
Definition: dns.h:112
FR_DNS_DECODE_FAIL_TLV_OVERFLOWS_RR
@ FR_DNS_DECODE_FAIL_TLV_OVERFLOWS_RR
Definition: dns.h:135
FR_DNS_DECODE_FAIL_POINTER_LOOPS
@ FR_DNS_DECODE_FAIL_POINTER_LOOPS
Definition: dns.h:129
FR_DNS_DECODE_FAIL_MISSING_RR_HEADER
@ FR_DNS_DECODE_FAIL_MISSING_RR_HEADER
Definition: dns.h:120
FR_DNS_DECODE_FAIL_MIN_LENGTH_PACKET
@ FR_DNS_DECODE_FAIL_MIN_LENGTH_PACKET
Definition: dns.h:113
fr_dns_packet_t::authoritative
unsigned int authoritative
Definition: dns.h:48
fr_dns_reason_fail_table
fr_table_num_ordered_t fr_dns_reason_fail_table[]
Definition: decode.c:387
fr_dns_packet_t::arcount
uint16_t arcount
Definition: dns.h:70
FLAG_ENCODE_NONE
@ FLAG_ENCODE_NONE
no particular encoding for DNS strings
Definition: dns.h:77
FLAG_ENCODE_DNS_LABEL_UNCOMPRESSED
@ FLAG_ENCODE_DNS_LABEL_UNCOMPRESSED
encode as uncompressed DNS label
Definition: dns.h:79
FLAG_ENCODE_DNS_LABEL
@ FLAG_ENCODE_DNS_LABEL
encode as DNS label
Definition: dns.h:78
fr_dns_packet_ok
bool fr_dns_packet_ok(uint8_t const *packet, size_t packet_len, bool query, fr_dns_decode_fail_t *reason)
Definition: base.c:100
fr_dns_packet_t::ancount
uint16_t ancount
Definition: dns.h:68
fr_dns_packet_t::id
uint16_t id
Definition: dns.h:38
fr_dns_packet_t::checking_disabled
unsigned int checking_disabled
Definition: dns.h:61
fr_dns_ctx_t::lb
fr_dns_labels_t * lb
Definition: dns.h:86
fr_dns_packet_t::recursion_available
unsigned int recursion_available
Definition: dns.h:64
fr_dns_packet_t::recursion_desired
unsigned int recursion_desired
Definition: dns.h:46
fr_dns_packet_t::qdcount
uint16_t qdcount
Definition: dns.h:67
fr_dns_ctx_t
Definition: dns.h:82
fr_dns_packet_t
Definition: dns.h:37
pair_list_s
Definition: pair.h:52
fr_table_num_ordered_t
An element in an arbitrarily ordered array of name to num mappings.
Definition: table.h:53
out
static size_t char ** out
Definition: value.h:984
Generated by   doxygen 1.9.1