summaryrefslogtreecommitdiffstats
path: root/src/resolve/resolved-dns-packet.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/resolve/resolved-dns-packet.h')
-rw-r--r--src/resolve/resolved-dns-packet.h133
1 files changed, 112 insertions, 21 deletions
diff --git a/src/resolve/resolved-dns-packet.h b/src/resolve/resolved-dns-packet.h
index a6af44c..393b7b2 100644
--- a/src/resolve/resolved-dns-packet.h
+++ b/src/resolve/resolved-dns-packet.h
@@ -253,32 +253,100 @@ int dns_packet_extract(DnsPacket *p);
bool dns_packet_equal(const DnsPacket *a, const DnsPacket *b);
+int dns_packet_ede_rcode(DnsPacket *p, int *ret_ede_rcode, char **ret_ede_msg);
+bool dns_ede_rcode_is_dnssec(int ede_rcode);
int dns_packet_has_nsid_request(DnsPacket *p);
/* https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-6 */
enum {
- DNS_RCODE_SUCCESS = 0,
- DNS_RCODE_FORMERR = 1,
- DNS_RCODE_SERVFAIL = 2,
- DNS_RCODE_NXDOMAIN = 3,
- DNS_RCODE_NOTIMP = 4,
- DNS_RCODE_REFUSED = 5,
- DNS_RCODE_YXDOMAIN = 6,
- DNS_RCODE_YXRRSET = 7,
- DNS_RCODE_NXRRSET = 8,
- DNS_RCODE_NOTAUTH = 9,
- DNS_RCODE_NOTZONE = 10,
- DNS_RCODE_BADVERS = 16,
- DNS_RCODE_BADSIG = 16, /* duplicate value! */
- DNS_RCODE_BADKEY = 17,
- DNS_RCODE_BADTIME = 18,
- DNS_RCODE_BADMODE = 19,
- DNS_RCODE_BADNAME = 20,
- DNS_RCODE_BADALG = 21,
- DNS_RCODE_BADTRUNC = 22,
- DNS_RCODE_BADCOOKIE = 23,
+ DNS_RCODE_SUCCESS = 0,
+ DNS_RCODE_FORMERR = 1,
+ DNS_RCODE_SERVFAIL = 2,
+ DNS_RCODE_NXDOMAIN = 3,
+ DNS_RCODE_NOTIMP = 4,
+ DNS_RCODE_REFUSED = 5,
+ DNS_RCODE_YXDOMAIN = 6,
+ DNS_RCODE_YXRRSET = 7,
+ DNS_RCODE_NXRRSET = 8,
+ DNS_RCODE_NOTAUTH = 9,
+ DNS_RCODE_NOTZONE = 10,
+ DNS_RCODE_DSOTYPENI = 11,
+ /* 12-15 are unassigned. */
+ DNS_RCODE_BADVERS = 16,
+ DNS_RCODE_BADSIG = 16, /* duplicate value! */
+ DNS_RCODE_BADKEY = 17,
+ DNS_RCODE_BADTIME = 18,
+ DNS_RCODE_BADMODE = 19,
+ DNS_RCODE_BADNAME = 20,
+ DNS_RCODE_BADALG = 21,
+ DNS_RCODE_BADTRUNC = 22,
+ DNS_RCODE_BADCOOKIE = 23,
+ /* 24-3840 are unassigned. */
+ /* 3841-4095 are for private use. */
+ /* 4096-65534 are unassigned. */
_DNS_RCODE_MAX_DEFINED,
- _DNS_RCODE_MAX = 4095 /* 4 bit rcode in the header plus 8 bit rcode in OPT, makes 12 bit */
+ _DNS_RCODE_MAX = 65535, /* reserved */
+ _DNS_RCODE_INVALID = -EINVAL,
+};
+
+/* https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-11 */
+enum {
+ DNS_EDNS_OPT_RESERVED = 0, /* RFC 6891 */
+ DNS_EDNS_OPT_LLQ = 1, /* RFC 8764 */
+ DNS_EDNS_OPT_UL = 2,
+ DNS_EDNS_OPT_NSID = 3, /* RFC 5001 */
+ /* DNS_EDNS_OPT_RESERVED = 4 */
+ DNS_EDNS_OPT_DAU = 5, /* RFC 6975 */
+ DNS_EDNS_OPT_DHU = 6, /* RFC 6975 */
+ DNS_EDNS_OPT_N3U = 7, /* RFC 6975 */
+ DNS_EDNS_OPT_CLIENT_SUBNET = 8, /* RFC 7871 */
+ DNS_EDNS_OPT_EXPIRE = 9, /* RFC 7314 */
+ DNS_EDNS_OPT_COOKIE = 10, /* RFC 7873 */
+ DNS_EDNS_OPT_TCP_KEEPALIVE = 11, /* RFC 7828 */
+ DNS_EDNS_OPT_PADDING = 12, /* RFC 7830 */
+ DNS_EDNS_OPT_CHAIN = 13, /* RFC 7901 */
+ DNS_EDNS_OPT_KEY_TAG = 14, /* RFC 8145 */
+ DNS_EDNS_OPT_EXT_ERROR = 15, /* RFC 8914 */
+ DNS_EDNS_OPT_CLIENT_TAG = 16,
+ DNS_EDNS_OPT_SERVER_TAG = 17,
+ _DNS_EDNS_OPT_MAX_DEFINED,
+ _DNS_EDNS_OPT_INVALID = -EINVAL,
+};
+
+/* https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#extended-dns-error-codes */
+enum {
+ DNS_EDE_RCODE_OTHER = 0, /* RFC 8914, Section 4.1 */
+ DNS_EDE_RCODE_UNSUPPORTED_DNSKEY_ALG = 1, /* RFC 8914, Section 4.2 */
+ DNS_EDE_RCODE_UNSUPPORTED_DS_DIGEST = 2, /* RFC 8914, Section 4.3 */
+ DNS_EDE_RCODE_STALE_ANSWER = 3, /* RFC 8914, Section 4.4 */
+ DNS_EDE_RCODE_FORGED_ANSWER = 4, /* RFC 8914, Section 4.5 */
+ DNS_EDE_RCODE_DNSSEC_INDETERMINATE = 5, /* RFC 8914, Section 4.6 */
+ DNS_EDE_RCODE_DNSSEC_BOGUS = 6, /* RFC 8914, Section 4.7 */
+ DNS_EDE_RCODE_SIG_EXPIRED = 7, /* RFC 8914, Section 4.8 */
+ DNS_EDE_RCODE_SIG_NOT_YET_VALID = 8, /* RFC 8914, Section 4.9 */
+ DNS_EDE_RCODE_DNSKEY_MISSING = 9, /* RFC 8914, Section 4.10 */
+ DNS_EDE_RCODE_RRSIG_MISSING = 10, /* RFC 8914, Section 4.11 */
+ DNS_EDE_RCODE_NO_ZONE_KEY_BIT = 11, /* RFC 8914, Section 4.12 */
+ DNS_EDE_RCODE_NSEC_MISSING = 12, /* RFC 8914, Section 4.13 */
+ DNS_EDE_RCODE_CACHED_ERROR = 13, /* RFC 8914, Section 4.14 */
+ DNS_EDE_RCODE_NOT_READY = 14, /* RFC 8914, Section 4.15 */
+ DNS_EDE_RCODE_BLOCKED = 15, /* RFC 8914, Section 4.16 */
+ DNS_EDE_RCODE_CENSORED = 16, /* RFC 8914, Section 4.17 */
+ DNS_EDE_RCODE_FILTERED = 17, /* RFC 8914, Section 4.18 */
+ DNS_EDE_RCODE_PROHIBITIED = 18, /* RFC 8914, Section 4.19 */
+ DNS_EDE_RCODE_STALE_NXDOMAIN_ANSWER = 19, /* RFC 8914, Section 4.20 */
+ DNS_EDE_RCODE_NOT_AUTHORITATIVE = 20, /* RFC 8914, Section 4.21 */
+ DNS_EDE_RCODE_NOT_SUPPORTED = 21, /* RFC 8914, Section 4.22 */
+ DNS_EDE_RCODE_UNREACH_AUTHORITY = 22, /* RFC 8914, Section 4.23 */
+ DNS_EDE_RCODE_NET_ERROR = 23, /* RFC 8914, Section 4.24 */
+ DNS_EDE_RCODE_INVALID_DATA = 24, /* RFC 8914, Section 4.25 */
+ DNS_EDE_RCODE_SIG_NEVER = 25,
+ DNS_EDE_RCODE_TOO_EARLY = 26, /* RFC 9250 */
+ DNS_EDE_RCODE_UNSUPPORTED_NSEC3_ITER = 27, /* RFC 9276 */
+ DNS_EDE_RCODE_TRANSPORT_POLICY = 28,
+ DNS_EDE_RCODE_SYNTHESIZED = 29,
+ _DNS_EDE_RCODE_MAX_DEFINED,
+ _DNS_EDE_RCODE_INVALID = -EINVAL,
};
const char* dns_rcode_to_string(int i) _const_;
@@ -286,9 +354,32 @@ int dns_rcode_from_string(const char *s) _pure_;
const char *format_dns_rcode(int i, char buf[static DECIMAL_STR_MAX(int)]);
#define FORMAT_DNS_RCODE(i) format_dns_rcode(i, (char [DECIMAL_STR_MAX(int)]) {})
+const char* dns_ede_rcode_to_string(int i) _const_;
+const char *format_dns_ede_rcode(int i, char buf[static DECIMAL_STR_MAX(int)]);
+#define FORMAT_DNS_EDE_RCODE(i) format_dns_ede_rcode(i, (char [DECIMAL_STR_MAX(int)]) {})
+
const char* dns_protocol_to_string(DnsProtocol p) _const_;
DnsProtocol dns_protocol_from_string(const char *s) _pure_;
+/* https://www.iana.org/assignments/dns-svcb/dns-svcb.xhtml#dns-svcparamkeys */
+enum {
+ DNS_SVC_PARAM_KEY_MANDATORY = 0, /* RFC 9460 section 8 */
+ DNS_SVC_PARAM_KEY_ALPN = 1, /* RFC 9460 section 7.1 */
+ DNS_SVC_PARAM_KEY_NO_DEFAULT_ALPN = 2, /* RFC 9460 Section 7.1 */
+ DNS_SVC_PARAM_KEY_PORT = 3, /* RFC 9460 section 7.2 */
+ DNS_SVC_PARAM_KEY_IPV4HINT = 4, /* RFC 9460 section 7.3 */
+ DNS_SVC_PARAM_KEY_ECH = 5, /* RFC 9460 */
+ DNS_SVC_PARAM_KEY_IPV6HINT = 6, /* RFC 9460 section 7.3 */
+ DNS_SVC_PARAM_KEY_DOHPATH = 7, /* RFC 9461 */
+ DNS_SVC_PARAM_KEY_OHTTP = 8,
+ _DNS_SVC_PARAM_KEY_MAX_DEFINED,
+ DNS_SVC_PARAM_KEY_INVALID = 65535 /* RFC 9460 */
+};
+
+const char* dns_svc_param_key_to_string(int i) _const_;
+const char *format_dns_svc_param_key(uint16_t i, char buf[static DECIMAL_STR_MAX(uint16_t)+3]);
+#define FORMAT_DNS_SVC_PARAM_KEY(i) format_dns_svc_param_key(i, (char [DECIMAL_STR_MAX(uint16_t)+3]) {})
+
#define LLMNR_MULTICAST_IPV4_ADDRESS ((struct in_addr) { .s_addr = htobe32(224U << 24 | 252U) })
#define LLMNR_MULTICAST_IPV6_ADDRESS ((struct in6_addr) { .s6_addr = { 0xFF, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x03 } })
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-15 07:12:27 +0000