summaryrefslogtreecommitdiff
path: root/include/arpa/nameser.h
diff options
context:
space:
mode:
Diffstat (limited to 'include/arpa/nameser.h')
-rw-r--r--include/arpa/nameser.h687
1 files changed, 446 insertions, 241 deletions
diff --git a/include/arpa/nameser.h b/include/arpa/nameser.h
index 4a8ef67c7..6ae1bc61e 100644
--- a/include/arpa/nameser.h
+++ b/include/arpa/nameser.h
@@ -1,9 +1,7 @@
/*
- * ++Copyright++ 1983, 1989, 1993
- * -
* Copyright (c) 1983, 1989, 1993
* The Regents of the University of California. All rights reserved.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -12,14 +10,10 @@
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
- *
+ *
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -31,320 +25,531 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- * -
- * Portions Copyright (c) 1993 by Digital Equipment Corporation.
+ */
+
+/*
+ * Copyright (c) 1996-1999 by Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies, and that
- * the name of Digital Equipment Corporation not be used in advertising or
- * publicity pertaining to distribution of the document or software without
- * specific, written prior permission.
+ * copyright notice and this permission notice appear in all copies.
*
- * THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL
- * WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT
- * CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
* DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
* ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
* SOFTWARE.
- * -
- * Portions Copyright (c) 1995 by International Business Machines, Inc.
- *
- * International Business Machines, Inc. (hereinafter called IBM) grants
- * permission under its copyrights to use, copy, modify, and distribute this
- * Software with or without fee, provided that the above copyright notice and
- * all paragraphs of this notice appear in all copies, and that the name of IBM
- * not be used in connection with the marketing of any product incorporating
- * the Software or modifications thereof, without specific, written prior
- * permission.
- *
- * To the extent it has a right to do so, IBM grants an immunity from suit
- * under its patents, if any, for the use, sale or manufacture of products to
- * the extent that such products are used for performing Domain Name System
- * dynamic updates in TCP/IP networks by means of the Software. No immunity is
- * granted for any product per se or for any other function of any product.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
- * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
- * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
- * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
- * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
- * --Copyright--
*/
/*
- * @(#)nameser.h 8.1 (Berkeley) 6/2/93
- * $Id: nameser.h,v 1.3 2000/07/09 06:39:14 andersen Exp $
+ * $BINDId: nameser.h,v 8.37 2000/03/30 21:16:49 vixie Exp $
*/
-#ifndef _ARPA_NAMESER_H
-#define _ARPA_NAMESER_H 1
+#ifndef _ARPA_NAMESER_H_
+#define _ARPA_NAMESER_H_
+
+#define BIND_4_COMPAT
-#include <features.h>
#include <sys/param.h>
-#include <sys/types.h>
+#if (!defined(BSD)) || (BSD < 199306)
+# include <sys/bitypes.h>
+#else
+# include <sys/types.h>
+#endif
+#include <sys/cdefs.h>
/*
- * revision information. this is the release date in YYYYMMDD format.
- * it can change every day so the right thing to do with it is use it
- * in preprocessor commands such as "#if (__BIND > 19931104)". do not
- * compare for equality; rather, use it to determine whether your resolver
- * is new enough to contain a certain feature.
+ * Revision information. This is the release date in YYYYMMDD format.
+ * It can change every day so the right thing to do with it is use it
+ * in preprocessor commands such as "#if (__NAMESER > 19931104)". Do not
+ * compare for equality; rather, use it to determine whether your libbind.a
+ * contains a new enough lib/nameser/ to support the feature you need.
*/
-#define __BIND 19960801 /* interface version stamp */
+#define __NAMESER 19991006 /* New interface version stamp. */
/*
- * Define constants based on rfc883
+ * Define constants based on RFC 883, RFC 1034, RFC 1035
*/
-#define PACKETSZ 512 /* maximum packet size */
-#define MAXDNAME 1025 /* maximum domain name */
-#define MAXCDNAME 255 /* maximum compressed domain name */
-#define MAXLABEL 63 /* maximum length of domain label */
-#define HFIXEDSZ 12 /* #/bytes of fixed data in header */
-#define QFIXEDSZ 4 /* #/bytes of fixed data in query */
-#define RRFIXEDSZ 10 /* #/bytes of fixed data in r record */
-#define INT32SZ 4 /* for systems without 32-bit ints */
-#define INT16SZ 2 /* for systems without 16-bit ints */
-#define INADDRSZ 4 /* IPv4 T_A */
-#define IN6ADDRSZ 16 /* IPv6 T_AAAA */
+#define NS_PACKETSZ 512 /* maximum packet size */
+#define NS_MAXDNAME 1025 /* maximum domain name */
+#define NS_MAXCDNAME 255 /* maximum compressed domain name */
+#define NS_MAXLABEL 63 /* maximum length of domain label */
+#define NS_HFIXEDSZ 12 /* #/bytes of fixed data in header */
+#define NS_QFIXEDSZ 4 /* #/bytes of fixed data in query */
+#define NS_RRFIXEDSZ 10 /* #/bytes of fixed data in r record */
+#define NS_INT32SZ 4 /* #/bytes of data in a u_int32_t */
+#define NS_INT16SZ 2 /* #/bytes of data in a u_int16_t */
+#define NS_INT8SZ 1 /* #/bytes of data in a u_int8_t */
+#define NS_INADDRSZ 4 /* IPv4 T_A */
+#define NS_IN6ADDRSZ 16 /* IPv6 T_AAAA */
+#define NS_CMPRSFLGS 0xc0 /* Flag bits indicating name compression. */
+#define NS_DEFAULTPORT 53 /* For both TCP and UDP. */
/*
- * Internet nameserver port number
+ * These can be expanded with synonyms, just keep ns_parse.c:ns_parserecord()
+ * in synch with it.
*/
-#define NAMESERVER_PORT 53
+typedef enum __ns_sect {
+ ns_s_qd = 0, /* Query: Question. */
+ ns_s_zn = 0, /* Update: Zone. */
+ ns_s_an = 1, /* Query: Answer. */
+ ns_s_pr = 1, /* Update: Prerequisites. */
+ ns_s_ns = 2, /* Query: Name servers. */
+ ns_s_ud = 2, /* Update: Update. */
+ ns_s_ar = 3, /* Query|Update: Additional records. */
+ ns_s_max = 4
+} ns_sect;
/*
- * Currently defined opcodes
+ * This is a message handle. It is caller allocated and has no dynamic data.
+ * This structure is intended to be opaque to all but ns_parse.c, thus the
+ * leading _'s on the member names. Use the accessor functions, not the _'s.
*/
-#define QUERY 0x0 /* standard query */
-#define IQUERY 0x1 /* inverse query */
-#define STATUS 0x2 /* nameserver status query */
-/*#define xxx 0x3*/ /* 0x3 reserved */
-#define NS_NOTIFY_OP 0x4 /* notify secondary of SOA change */
+typedef struct __ns_msg {
+ const u_char *_msg, *_eom;
+ u_int16_t _id, _flags, _counts[ns_s_max];
+ const u_char *_sections[ns_s_max];
+ ns_sect _sect;
+ int _rrnum;
+ const u_char *_ptr;
+} ns_msg;
+
+/* Private data structure - do not use from outside library. */
+struct _ns_flagdata { int mask, shift; };
+extern struct _ns_flagdata _ns_flagdata[];
+
+/* Accessor macros - this is part of the public interface. */
+#define ns_msg_getflag(handle, flag) ( \
+ ((handle)._flags & _ns_flagdata[flag].mask) \
+ >> _ns_flagdata[flag].shift \
+ )
+#define ns_msg_id(handle) ((handle)._id + 0)
+#define ns_msg_base(handle) ((handle)._msg + 0)
+#define ns_msg_end(handle) ((handle)._eom + 0)
+#define ns_msg_size(handle) ((handle)._eom - (handle)._msg)
+#define ns_msg_count(handle, section) ((handle)._counts[section] + 0)
+
/*
- * Currently defined response codes
+ * This is a parsed record. It is caller allocated and has no dynamic data.
*/
-#define NOERROR 0 /* no error */
-#define FORMERR 1 /* format error */
-#define SERVFAIL 2 /* server failure */
-#define NXDOMAIN 3 /* non existent domain */
-#define NOTIMP 4 /* not implemented */
-#define REFUSED 5 /* query refused */
+typedef struct __ns_rr {
+ char name[NS_MAXDNAME];
+ u_int16_t type;
+ u_int16_t rr_class;
+ u_int32_t ttl;
+ u_int16_t rdlength;
+ const u_char * rdata;
+} ns_rr;
+
+/* Accessor macros - this is part of the public interface. */
+#define ns_rr_name(rr) (((rr).name[0] != '\0') ? (rr).name : ".")
+#define ns_rr_type(rr) ((ns_type)((rr).type + 0))
+#define ns_rr_class(rr) ((ns_class)((rr).rr_class + 0))
+#define ns_rr_ttl(rr) ((rr).ttl + 0)
+#define ns_rr_rdlen(rr) ((rr).rdlength + 0)
+#define ns_rr_rdata(rr) ((rr).rdata + 0)
/*
- * Type values for resources and queries
+ * These don't have to be in the same order as in the packet flags word,
+ * and they can even overlap in some cases, but they will need to be kept
+ * in synch with ns_parse.c:ns_flagdata[].
*/
-#define T_A 1 /* host address */
-#define T_NS 2 /* authoritative server */
-#define T_MD 3 /* mail destination */
-#define T_MF 4 /* mail forwarder */
-#define T_CNAME 5 /* canonical name */
-#define T_SOA 6 /* start of authority zone */
-#define T_MB 7 /* mailbox domain name */
-#define T_MG 8 /* mail group member */
-#define T_MR 9 /* mail rename name */
-#define T_NULL 10 /* null resource record */
-#define T_WKS 11 /* well known service */
-#define T_PTR 12 /* domain name pointer */
-#define T_HINFO 13 /* host information */
-#define T_MINFO 14 /* mailbox information */
-#define T_MX 15 /* mail routing information */
-#define T_TXT 16 /* text strings */
-#define T_RP 17 /* responsible person */
-#define T_AFSDB 18 /* AFS cell database */
-#define T_X25 19 /* X_25 calling address */
-#define T_ISDN 20 /* ISDN calling address */
-#define T_RT 21 /* router */
-#define T_NSAP 22 /* NSAP address */
-#define T_NSAP_PTR 23 /* reverse NSAP lookup (deprecated) */
-#define T_SIG 24 /* security signature */
-#define T_KEY 25 /* security key */
-#define T_PX 26 /* X.400 mail mapping */
-#define T_GPOS 27 /* geographical position (withdrawn) */
-#define T_AAAA 28 /* IP6 Address */
-#define T_LOC 29 /* Location Information */
-#define T_NXT 30 /* Next Valid Name in Zone */
-#define T_EID 31 /* Endpoint identifier */
-#define T_NIMLOC 32 /* Nimrod locator */
-#define T_SRV 33 /* Server selection */
-#define T_ATMA 34 /* ATM Address */
-#define T_NAPTR 35 /* Naming Authority PoinTeR */
- /* non standard */
-#define T_UINFO 100 /* user (finger) information */
-#define T_UID 101 /* user ID */
-#define T_GID 102 /* group ID */
-#define T_UNSPEC 103 /* Unspecified format (binary data) */
- /* Query type values which do not appear in resource records */
-#define T_IXFR 251 /* incremental zone transfer */
-#define T_AXFR 252 /* transfer zone of authority */
-#define T_MAILB 253 /* transfer mailbox records */
-#define T_MAILA 254 /* transfer mail agent records */
-#define T_ANY 255 /* wildcard match */
+typedef enum __ns_flag {
+ ns_f_qr, /* Question/Response. */
+ ns_f_opcode, /* Operation code. */
+ ns_f_aa, /* Authoritative Answer. */
+ ns_f_tc, /* Truncation occurred. */
+ ns_f_rd, /* Recursion Desired. */
+ ns_f_ra, /* Recursion Available. */
+ ns_f_z, /* MBZ. */
+ ns_f_ad, /* Authentic Data (DNSSEC). */
+ ns_f_cd, /* Checking Disabled (DNSSEC). */
+ ns_f_rcode, /* Response code. */
+ ns_f_max
+} ns_flag;
/*
- * Values for class field
+ * Currently defined opcodes.
*/
-
-#define C_IN 1 /* the arpa internet */
-#define C_CHAOS 3 /* for chaos net (MIT) */
-#define C_HS 4 /* for Hesiod name server (MIT) (XXX) */
- /* Query class values which do not appear in resource records */
-#define C_ANY 255 /* wildcard match */
+typedef enum __ns_opcode {
+ ns_o_query = 0, /* Standard query. */
+ ns_o_iquery = 1, /* Inverse query (deprecated/unsupported). */
+ ns_o_status = 2, /* Name server status query (unsupported). */
+ /* Opcode 3 is undefined/reserved. */
+ ns_o_notify = 4, /* Zone change notification. */
+ ns_o_update = 5, /* Zone update message. */
+ ns_o_max = 6
+} ns_opcode;
/*
- * Flags field of the KEY RR rdata
+ * Currently defined response codes.
*/
-#define KEYFLAG_TYPEMASK 0xC000 /* Mask for "type" bits */
-#define KEYFLAG_TYPE_AUTH_CONF 0x0000 /* Key usable for both */
-#define KEYFLAG_TYPE_CONF_ONLY 0x8000 /* Key usable for confidentiality */
-#define KEYFLAG_TYPE_AUTH_ONLY 0x4000 /* Key usable for authentication */
-#define KEYFLAG_TYPE_NO_KEY 0xC000 /* No key usable for either; no key */
-/* The type bits can also be interpreted independently, as single bits: */
-#define KEYFLAG_NO_AUTH 0x8000 /* Key not usable for authentication */
-#define KEYFLAG_NO_CONF 0x4000 /* Key not usable for confidentiality */
-
-#define KEYFLAG_EXPERIMENTAL 0x2000 /* Security is *mandatory* if bit=0 */
-#define KEYFLAG_RESERVED3 0x1000 /* reserved - must be zero */
-#define KEYFLAG_RESERVED4 0x0800 /* reserved - must be zero */
-#define KEYFLAG_USERACCOUNT 0x0400 /* key is assoc. with a user acct */
-#define KEYFLAG_ENTITY 0x0200 /* key is assoc. with entity eg host */
-#define KEYFLAG_ZONEKEY 0x0100 /* key is zone key for the zone named */
-#define KEYFLAG_IPSEC 0x0080 /* key is for IPSEC use (host or user)*/
-#define KEYFLAG_EMAIL 0x0040 /* key is for email (MIME security) */
-#define KEYFLAG_RESERVED10 0x0020 /* reserved - must be zero */
-#define KEYFLAG_RESERVED11 0x0010 /* reserved - must be zero */
-#define KEYFLAG_SIGNATORYMASK 0x000F /* key can sign DNS RR's of same name */
-
-#define KEYFLAG_RESERVED_BITMASK ( KEYFLAG_RESERVED3 | \
- KEYFLAG_RESERVED4 | \
- KEYFLAG_RESERVED10| KEYFLAG_RESERVED11)
+typedef enum __ns_rcode {
+ ns_r_noerror = 0, /* No error occurred. */
+ ns_r_formerr = 1, /* Format error. */
+ ns_r_servfail = 2, /* Server failure. */
+ ns_r_nxdomain = 3, /* Name error. */
+ ns_r_notimpl = 4, /* Unimplemented. */
+ ns_r_refused = 5, /* Operation refused. */
+ /* these are for BIND_UPDATE */
+ ns_r_yxdomain = 6, /* Name exists */
+ ns_r_yxrrset = 7, /* RRset exists */
+ ns_r_nxrrset = 8, /* RRset does not exist */
+ ns_r_notauth = 9, /* Not authoritative for zone */
+ ns_r_notzone = 10, /* Zone of record different from zone section */
+ ns_r_max = 11,
+ /* The following are TSIG extended errors */
+ ns_r_badsig = 16,
+ ns_r_badkey = 17,
+ ns_r_badtime = 18
+} ns_rcode;
-/* The Algorithm field of the KEY and SIG RR's is an integer, {1..254} */
-#define ALGORITHM_MD5RSA 1 /* MD5 with RSA */
-#define ALGORITHM_EXPIRE_ONLY 253 /* No alg, no security */
-#define ALGORITHM_PRIVATE_OID 254 /* Key begins with OID indicating alg */
+/* BIND_UPDATE */
+typedef enum __ns_update_operation {
+ ns_uop_delete = 0,
+ ns_uop_add = 1,
+ ns_uop_max = 2
+} ns_update_operation;
-/* Signatures */
- /* Size of a mod or exp in bits */
-#define MIN_MD5RSA_KEY_PART_BITS 512
-#define MAX_MD5RSA_KEY_PART_BITS 2552
- /* Total of binary mod and exp, bytes */
-#define MAX_MD5RSA_KEY_BYTES ((MAX_MD5RSA_KEY_PART_BITS+7/8)*2+3)
- /* Max length of text sig block */
-#define MAX_KEY_BASE64 (((MAX_MD5RSA_KEY_BYTES+2)/3)*4)
+/*
+ * This structure is used for TSIG authenticated messages
+ */
+struct ns_tsig_key {
+ char name[NS_MAXDNAME], alg[NS_MAXDNAME];
+ unsigned char *data;
+ int len;
+};
+typedef struct ns_tsig_key ns_tsig_key;
/*
- * Status return codes for T_UNSPEC conversion routines
+ * This structure is used for TSIG authenticated TCP messages
*/
-#define CONV_SUCCESS 0
-#define CONV_OVERFLOW (-1)
-#define CONV_BADFMT (-2)
-#define CONV_BADCKSUM (-3)
-#define CONV_BADBUFLEN (-4)
+struct ns_tcp_tsig_state {
+ int counter;
+ struct dst_key *key;
+ void *ctx;
+ unsigned char sig[NS_PACKETSZ];
+ int siglen;
+};
+typedef struct ns_tcp_tsig_state ns_tcp_tsig_state;
-/* glibc always has byte order info in <endian.h> */
-#include <endian.h>
+#define NS_TSIG_FUDGE 300
+#define NS_TSIG_TCP_COUNT 100
+#define NS_TSIG_ALG_HMAC_MD5 "HMAC-MD5.SIG-ALG.REG.INT"
-__BEGIN_DECLS
+#define NS_TSIG_ERROR_NO_TSIG -10
+#define NS_TSIG_ERROR_NO_SPACE -11
+#define NS_TSIG_ERROR_FORMERR -12
/*
- * Structure for query header. The order of the fields is machine- and
- * compiler-dependent, depending on the byte/bit order and the layout
- * of bit fields. We use bit fields only in int variables, as this
- * is all ANSI requires. This requires a somewhat confusing rearrangement.
+ * Currently defined type values for resources and queries.
*/
+typedef enum __ns_type {
+ ns_t_invalid = 0, /* Cookie. */
+ ns_t_a = 1, /* Host address. */
+ ns_t_ns = 2, /* Authoritative server. */
+ ns_t_md = 3, /* Mail destination. */
+ ns_t_mf = 4, /* Mail forwarder. */
+ ns_t_cname = 5, /* Canonical name. */
+ ns_t_soa = 6, /* Start of authority zone. */
+ ns_t_mb = 7, /* Mailbox domain name. */
+ ns_t_mg = 8, /* Mail group member. */
+ ns_t_mr = 9, /* Mail rename name. */
+ ns_t_null = 10, /* Null resource record. */
+ ns_t_wks = 11, /* Well known service. */
+ ns_t_ptr = 12, /* Domain name pointer. */
+ ns_t_hinfo = 13, /* Host information. */
+ ns_t_minfo = 14, /* Mailbox information. */
+ ns_t_mx = 15, /* Mail routing information. */
+ ns_t_txt = 16, /* Text strings. */
+ ns_t_rp = 17, /* Responsible person. */
+ ns_t_afsdb = 18, /* AFS cell database. */
+ ns_t_x25 = 19, /* X_25 calling address. */
+ ns_t_isdn = 20, /* ISDN calling address. */
+ ns_t_rt = 21, /* Router. */
+ ns_t_nsap = 22, /* NSAP address. */
+ ns_t_nsap_ptr = 23, /* Reverse NSAP lookup (deprecated). */
+ ns_t_sig = 24, /* Security signature. */
+ ns_t_key = 25, /* Security key. */
+ ns_t_px = 26, /* X.400 mail mapping. */
+ ns_t_gpos = 27, /* Geographical position (withdrawn). */
+ ns_t_aaaa = 28, /* Ip6 Address. */
+ ns_t_loc = 29, /* Location Information. */
+ ns_t_nxt = 30, /* Next domain (security). */
+ ns_t_eid = 31, /* Endpoint identifier. */
+ ns_t_nimloc = 32, /* Nimrod Locator. */
+ ns_t_srv = 33, /* Server Selection. */
+ ns_t_atma = 34, /* ATM Address */
+ ns_t_naptr = 35, /* Naming Authority PoinTeR */
+ ns_t_kx = 36, /* Key Exchange */
+ ns_t_cert = 37, /* Certification record */
+ ns_t_a6 = 38, /* IPv6 address (deprecates AAAA) */
+ ns_t_dname = 39, /* Non-terminal DNAME (for IPv6) */
+ ns_t_sink = 40, /* Kitchen sink (experimentatl) */
+ ns_t_opt = 41, /* EDNS0 option (meta-RR) */
+ ns_t_tsig = 250, /* Transaction signature. */
+ ns_t_ixfr = 251, /* Incremental zone transfer. */
+ ns_t_axfr = 252, /* Transfer zone of authority. */
+ ns_t_mailb = 253, /* Transfer mailbox records. */
+ ns_t_maila = 254, /* Transfer mail agent records. */
+ ns_t_any = 255, /* Wildcard match. */
+ ns_t_zxfr = 256, /* BIND-specific, nonstandard. */
+ ns_t_max = 65536
+} ns_type;
-typedef struct {
- unsigned id :16; /* query identification number */
-#if BYTE_ORDER == BIG_ENDIAN
- /* fields in third byte */
- unsigned qr: 1; /* response flag */
- unsigned opcode: 4; /* purpose of message */
- unsigned aa: 1; /* authoritative answer */
- unsigned tc: 1; /* truncated message */
- unsigned rd: 1; /* recursion desired */
- /* fields in fourth byte */
- unsigned ra: 1; /* recursion available */
- unsigned unused :1; /* unused bits (MBZ as of 4.9.3a3) */
- unsigned ad: 1; /* authentic data from named */
- unsigned cd: 1; /* checking disabled by resolver */
- unsigned rcode :4; /* response code */
-#endif
-#if BYTE_ORDER == LITTLE_ENDIAN || BYTE_ORDER == PDP_ENDIAN
- /* fields in third byte */
- unsigned rd :1; /* recursion desired */
- unsigned tc :1; /* truncated message */
- unsigned aa :1; /* authoritative answer */
- unsigned opcode :4; /* purpose of message */
- unsigned qr :1; /* response flag */
- /* fields in fourth byte */
- unsigned rcode :4; /* response code */
- unsigned cd: 1; /* checking disabled by resolver */
- unsigned ad: 1; /* authentic data from named */
- unsigned unused :1; /* unused bits (MBZ as of 4.9.3a3) */
- unsigned ra :1; /* recursion available */
-#endif
- /* remaining bytes */
- unsigned qdcount :16; /* number of question entries */
- unsigned ancount :16; /* number of answer entries */
- unsigned nscount :16; /* number of authority entries */
- unsigned arcount :16; /* number of resource entries */
-} HEADER;
+/* Exclusively a QTYPE? (not also an RTYPE) */
+#define ns_t_qt_p(t) (ns_t_xfr_p(t) || (t) == ns_t_any || \
+ (t) == ns_t_mailb || (t) == ns_t_maila)
+/* Some kind of meta-RR? (not a QTYPE, but also not an RTYPE) */
+#define ns_t_mrr_p(t) ((t) == ns_t_tsig || (t) == ns_t_opt)
+/* Exclusively an RTYPE? (not also a QTYPE or a meta-RR) */
+#define ns_t_rr_p(t) (!ns_t_qt_p(t) && !ns_t_mrr_p(t))
+#define ns_t_udp_p(t) ((t) != ns_t_axfr && (t) != ns_t_zxfr)
+#define ns_t_xfr_p(t) ((t) == ns_t_axfr || (t) == ns_t_ixfr || \
+ (t) == ns_t_zxfr)
/*
- * Defines for handling compressed domain names
+ * Values for class field
*/
-#define INDIR_MASK 0xc0
+typedef enum __ns_class {
+ ns_c_invalid = 0, /* Cookie. */
+ ns_c_in = 1, /* Internet. */
+ ns_c_2 = 2, /* unallocated/unsupported. */
+ ns_c_chaos = 3, /* MIT Chaos-net. */
+ ns_c_hs = 4, /* MIT Hesiod. */
+ /* Query class values which do not appear in resource records */
+ ns_c_none = 254, /* for prereq. sections in update requests */
+ ns_c_any = 255, /* Wildcard match. */
+ ns_c_max = 65536
+} ns_class;
+
+/* DNSSEC constants. */
+
+typedef enum __ns_key_types {
+ ns_kt_rsa = 1, /* key type RSA/MD5 */
+ ns_kt_dh = 2, /* Diffie Hellman */
+ ns_kt_dsa = 3, /* Digital Signature Standard (MANDATORY) */
+ ns_kt_private = 254 /* Private key type starts with OID */
+} ns_key_types;
-extern u_int16_t _getshort __P((const u_char *));
-extern u_int32_t _getlong __P((const u_char *));
+typedef enum __ns_cert_types {
+ cert_t_pkix = 1, /* PKIX (X.509v3) */
+ cert_t_spki = 2, /* SPKI */
+ cert_t_pgp = 3, /* PGP */
+ cert_t_url = 253, /* URL private type */
+ cert_t_oid = 254 /* OID private type */
+} ns_cert_types;
+
+/* Flags field of the KEY RR rdata. */
+#define NS_KEY_TYPEMASK 0xC000 /* Mask for "type" bits */
+#define NS_KEY_TYPE_AUTH_CONF 0x0000 /* Key usable for both */
+#define NS_KEY_TYPE_CONF_ONLY 0x8000 /* Key usable for confidentiality */
+#define NS_KEY_TYPE_AUTH_ONLY 0x4000 /* Key usable for authentication */
+#define NS_KEY_TYPE_NO_KEY 0xC000 /* No key usable for either; no key */
+/* The type bits can also be interpreted independently, as single bits: */
+#define NS_KEY_NO_AUTH 0x8000 /* Key unusable for authentication */
+#define NS_KEY_NO_CONF 0x4000 /* Key unusable for confidentiality */
+#define NS_KEY_RESERVED2 0x2000 /* Security is *mandatory* if bit=0 */
+#define NS_KEY_EXTENDED_FLAGS 0x1000 /* reserved - must be zero */
+#define NS_KEY_RESERVED4 0x0800 /* reserved - must be zero */
+#define NS_KEY_RESERVED5 0x0400 /* reserved - must be zero */
+#define NS_KEY_NAME_TYPE 0x0300 /* these bits determine the type */
+#define NS_KEY_NAME_USER 0x0000 /* key is assoc. with user */
+#define NS_KEY_NAME_ENTITY 0x0200 /* key is assoc. with entity eg host */
+#define NS_KEY_NAME_ZONE 0x0100 /* key is zone key */
+#define NS_KEY_NAME_RESERVED 0x0300 /* reserved meaning */
+#define NS_KEY_RESERVED8 0x0080 /* reserved - must be zero */
+#define NS_KEY_RESERVED9 0x0040 /* reserved - must be zero */
+#define NS_KEY_RESERVED10 0x0020 /* reserved - must be zero */
+#define NS_KEY_RESERVED11 0x0010 /* reserved - must be zero */
+#define NS_KEY_SIGNATORYMASK 0x000F /* key can sign RR's of same name */
+#define NS_KEY_RESERVED_BITMASK ( NS_KEY_RESERVED2 | \
+ NS_KEY_RESERVED4 | \
+ NS_KEY_RESERVED5 | \
+ NS_KEY_RESERVED8 | \
+ NS_KEY_RESERVED9 | \
+ NS_KEY_RESERVED10 | \
+ NS_KEY_RESERVED11 )
+#define NS_KEY_RESERVED_BITMASK2 0xFFFF /* no bits defined here */
+
+/* The Algorithm field of the KEY and SIG RR's is an integer, {1..254} */
+#define NS_ALG_MD5RSA 1 /* MD5 with RSA */
+#define NS_ALG_DH 2 /* Diffie Hellman KEY */
+#define NS_ALG_DSA 3 /* DSA KEY */
+#define NS_ALG_DSS NS_ALG_DSA
+#define NS_ALG_EXPIRE_ONLY 253 /* No alg, no security */
+#define NS_ALG_PRIVATE_OID 254 /* Key begins with OID giving alg */
+
+/* Protocol values */
+/* value 0 is reserved */
+#define NS_KEY_PROT_TLS 1
+#define NS_KEY_PROT_EMAIL 2
+#define NS_KEY_PROT_DNSSEC 3
+#define NS_KEY_PROT_IPSEC 4
+#define NS_KEY_PROT_ANY 255
+
+/* Signatures */
+#define NS_MD5RSA_MIN_BITS 512 /* Size of a mod or exp in bits */
+#define NS_MD5RSA_MAX_BITS 2552
+ /* Total of binary mod and exp */
+#define NS_MD5RSA_MAX_BYTES ((NS_MD5RSA_MAX_BITS+7/8)*2+3)
+ /* Max length of text sig block */
+#define NS_MD5RSA_MAX_BASE64 (((NS_MD5RSA_MAX_BYTES+2)/3)*4)
+#define NS_MD5RSA_MIN_SIZE ((NS_MD5RSA_MIN_BITS+7)/8)
+#define NS_MD5RSA_MAX_SIZE ((NS_MD5RSA_MAX_BITS+7)/8)
+
+#define NS_DSA_SIG_SIZE 41
+#define NS_DSA_MIN_SIZE 213
+#define NS_DSA_MAX_BYTES 405
+
+/* Offsets into SIG record rdata to find various values */
+#define NS_SIG_TYPE 0 /* Type flags */
+#define NS_SIG_ALG 2 /* Algorithm */
+#define NS_SIG_LABELS 3 /* How many labels in name */
+#define NS_SIG_OTTL 4 /* Original TTL */
+#define NS_SIG_EXPIR 8 /* Expiration time */
+#define NS_SIG_SIGNED 12 /* Signature time */
+#define NS_SIG_FOOT 16 /* Key footprint */
+#define NS_SIG_SIGNER 18 /* Domain name of who signed it */
+
+/* How RR types are represented as bit-flags in NXT records */
+#define NS_NXT_BITS 8
+#define NS_NXT_BIT_SET( n,p) (p[(n)/NS_NXT_BITS] |= (0x80>>((n)%NS_NXT_BITS)))
+#define NS_NXT_BIT_CLEAR(n,p) (p[(n)/NS_NXT_BITS] &= ~(0x80>>((n)%NS_NXT_BITS)))
+#define NS_NXT_BIT_ISSET(n,p) (p[(n)/NS_NXT_BITS] & (0x80>>((n)%NS_NXT_BITS)))
+#define NS_NXT_MAX 127
/*
* Inline versions of get/put short/long. Pointer is advanced.
- *
- * These macros demonstrate the property of C whereby it can be
- * portable or it can be elegant but rarely both.
*/
-#define GETSHORT(s, cp) { \
+#define NS_GET16(s, cp) do { \
register u_char *t_cp = (u_char *)(cp); \
(s) = ((u_int16_t)t_cp[0] << 8) \
| ((u_int16_t)t_cp[1]) \
; \
- (cp) += INT16SZ; \
-}
+ (cp) += NS_INT16SZ; \
+} while (0)
-#define GETLONG(l, cp) { \
+#define NS_GET32(l, cp) do { \
register u_char *t_cp = (u_char *)(cp); \
(l) = ((u_int32_t)t_cp[0] << 24) \
| ((u_int32_t)t_cp[1] << 16) \
| ((u_int32_t)t_cp[2] << 8) \
| ((u_int32_t)t_cp[3]) \
; \
- (cp) += INT32SZ; \
-}
+ (cp) += NS_INT32SZ; \
+} while (0)
-#define PUTSHORT(s, cp) { \
+#define NS_PUT16(s, cp) do { \
register u_int16_t t_s = (u_int16_t)(s); \
register u_char *t_cp = (u_char *)(cp); \
*t_cp++ = t_s >> 8; \
*t_cp = t_s; \
- (cp) += INT16SZ; \
-}
+ (cp) += NS_INT16SZ; \
+} while (0)
-#define PUTLONG(l, cp) { \
+#define NS_PUT32(l, cp) do { \
register u_int32_t t_l = (u_int32_t)(l); \
register u_char *t_cp = (u_char *)(cp); \
*t_cp++ = t_l >> 24; \
*t_cp++ = t_l >> 16; \
*t_cp++ = t_l >> 8; \
*t_cp = t_l; \
- (cp) += INT32SZ; \
-}
+ (cp) += NS_INT32SZ; \
+} while (0)
+/*
+ * ANSI C identifier hiding for bind's lib/nameser.
+ */
+#define ns_get16 __ns_get16
+#define ns_get32 __ns_get32
+#define ns_put16 __ns_put16
+#define ns_put32 __ns_put32
+#define ns_initparse __ns_initparse
+#define ns_skiprr __ns_skiprr
+#define ns_parserr __ns_parserr
+#define ns_sprintrr __ns_sprintrr
+#define ns_sprintrrf __ns_sprintrrf
+#define ns_format_ttl __ns_format_ttl
+#define ns_parse_ttl __ns_parse_ttl
+#define ns_datetosecs __ns_datetosecs
+#define ns_name_ntol __ns_name_ntol
+#define ns_name_ntop __ns_name_ntop
+#define ns_name_pton __ns_name_pton
+#define ns_name_unpack __ns_name_unpack
+#define ns_name_pack __ns_name_pack
+#define ns_name_compress __ns_name_compress
+#define ns_name_uncompress __ns_name_uncompress
+#define ns_name_skip __ns_name_skip
+#define ns_name_rollback __ns_name_rollback
+#define ns_sign __ns_sign
+#define ns_sign_tcp __ns_sign_tcp
+#define ns_sign_tcp_init __ns_sign_tcp_init
+#define ns_find_tsig __ns_find_tsig
+#define ns_verify __ns_verify
+#define ns_verify_tcp __ns_verify_tcp
+#define ns_verify_tcp_init __ns_verify_tcp_init
+#define ns_samedomain __ns_samedomain
+#define ns_subdomain __ns_subdomain
+#define ns_makecanon __ns_makecanon
+#define ns_samename __ns_samename
+
+__BEGIN_DECLS
+u_int ns_get16 __P((const u_char *));
+u_long ns_get32 __P((const u_char *));
+void ns_put16 __P((u_int, u_char *));
+void ns_put32 __P((u_long, u_char *));
+int ns_initparse __P((const u_char *, int, ns_msg *));
+int ns_skiprr __P((const u_char *, const u_char *, ns_sect, int));
+int ns_parserr __P((ns_msg *, ns_sect, int, ns_rr *));
+int ns_sprintrr __P((const ns_msg *, const ns_rr *,
+ const char *, const char *, char *, size_t));
+int ns_sprintrrf __P((const u_char *, size_t, const char *,
+ ns_class, ns_type, u_long, const u_char *,
+ size_t, const char *, const char *,
+ char *, size_t));
+int ns_format_ttl __P((u_long, char *, size_t));
+int ns_parse_ttl __P((const char *, u_long *));
+u_int32_t ns_datetosecs __P((const char *cp, int *errp));
+int ns_name_ntol __P((const u_char *, u_char *, size_t));
+int ns_name_ntop __P((const u_char *, char *, size_t));
+int ns_name_pton __P((const char *, u_char *, size_t));
+int ns_name_unpack __P((const u_char *, const u_char *,
+ const u_char *, u_char *, size_t));
+int ns_name_pack __P((const u_char *, u_char *, int,
+ const u_char **, const u_char **));
+int ns_name_uncompress __P((const u_char *, const u_char *,
+ const u_char *, char *, size_t));
+int ns_name_compress __P((const char *, u_char *, size_t,
+ const u_char **, const u_char **));
+int ns_name_skip __P((const u_char **, const u_char *));
+void ns_name_rollback __P((const u_char *, const u_char **,
+ const u_char **));
+int ns_sign __P((u_char *, int *, int, int, void *,
+ const u_char *, int, u_char *, int *, time_t));
+int ns_sign_tcp __P((u_char *, int *, int, int,
+ ns_tcp_tsig_state *, int));
+int ns_sign_tcp_init __P((void *, const u_char *, int,
+ ns_tcp_tsig_state *));
+u_char *ns_find_tsig __P((u_char *, u_char *));
+int ns_verify __P((u_char *, int *, void *,
+ const u_char *, int, u_char *, int *,
+ time_t *, int));
+int ns_verify_tcp __P((u_char *, int *, ns_tcp_tsig_state *, int));
+int ns_verify_tcp_init __P((void *, const u_char *, int,
+ ns_tcp_tsig_state *));
+int ns_samedomain __P((const char *, const char *));
+int ns_subdomain __P((const char *, const char *));
+int ns_makecanon __P((const char *, char *, size_t));
+int ns_samename __P((const char *, const char *));
__END_DECLS
-#endif /* arpa/nameser.h */
+#ifdef BIND_4_COMPAT
+#include <arpa/nameser_compat.h>
+#endif
+
+#endif /* !_ARPA_NAMESER_H_ */