diff options
Diffstat (limited to '')
-rw-r--r-- | src/knot/nameserver/process_query.h | 107 |
1 files changed, 107 insertions, 0 deletions
diff --git a/src/knot/nameserver/process_query.h b/src/knot/nameserver/process_query.h new file mode 100644 index 0000000..bd7d42a --- /dev/null +++ b/src/knot/nameserver/process_query.h @@ -0,0 +1,107 @@ +/* Copyright (C) 2022 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz> + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <https://www.gnu.org/licenses/>. + */ + +#pragma once + +#include "knot/include/module.h" +#include "knot/query/layer.h" +#include "knot/updates/acl.h" +#include "knot/zone/zone.h" + +/* Query processing module implementation. */ +const knot_layer_api_t *process_query_layer(void); + +/*! \brief Query processing intermediate data. */ +typedef struct knotd_qdata_extra { + zone_t *zone; /*!< Zone from which is answered. */ + const zone_contents_t *contents; /*!< Zone contents from which is answered. */ + list_t wildcards; /*!< Visited wildcards. */ + list_t rrsigs; /*!< Section RRSIGs. */ + uint8_t *opt_rr_pos; /*!< Place of the OPT RR in wire. */ + + /* Currently processed nodes. */ + const zone_node_t *node, *encloser, *previous; + + uint8_t cname_chain; /*!< Length of the CNAME chain so far. */ + + /* Extensions. */ + void *ext; + void (*ext_cleanup)(knotd_qdata_t *); /*!< Extensions cleanup callback. */ +} knotd_qdata_extra_t; + +/*! \brief Visited wildcard node list. */ +struct wildcard_hit { + node_t n; + const zone_node_t *node; /* Visited node. */ + const zone_node_t *prev; /* Previous node from the SNAME. */ + const knot_dname_t *sname; /* Name leading to this node. */ +}; + +/*! \brief RRSIG info node list. */ +struct rrsig_info { + node_t n; + knot_rrset_t synth_rrsig; /* Synthesized RRSIG. */ + knot_rrinfo_t *rrinfo; /* RR info. */ +}; + +/*! + * \brief Check current query against ACL. + * + * \param conf Configuration. + * \param action ACL action. + * \param qdata Query data. + * \return true if accepted, false if denied. + */ +bool process_query_acl_check(conf_t *conf, acl_action_t action, + knotd_qdata_t *qdata); + +/*! + * \brief Verify current query transaction security and update query data. + * + * \param qdata + * \retval KNOT_EOK + * \retval KNOT_TSIG_EBADKEY + * \retval KNOT_TSIG_EBADSIG + * \retval KNOT_TSIG_EBADTIME + * \retval (other generic errors) + */ +int process_query_verify(knotd_qdata_t *qdata); + +/*! + * \brief Sign current query using configured TSIG keys. + * + * \param pkt Outgoing message. + * \param qdata Query data. + * + * \retval KNOT_E* + */ +int process_query_sign_response(knot_pkt_t *pkt, knotd_qdata_t *qdata); + +/*! + * \brief Puts RRSet to packet, will store its RRSIG for later use. + * + * \param pkt Packet to store RRSet into. + * \param qdata Query data structure. + * \param rr RRSet to be stored. + * \param rrsigs RRSIGs to be stored. + * \param compr_hint Compression hint. + * \param flags Flags. + * + * \return KNOT_E* + */ +int process_query_put_rr(knot_pkt_t *pkt, knotd_qdata_t *qdata, + const knot_rrset_t *rr, const knot_rrset_t *rrsigs, + uint16_t compr_hint, uint32_t flags); |