2 * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC")
3 * Copyright (C) 1998-2003 Internet Software Consortium.
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15 * PERFORMANCE OF THIS SOFTWARE.
23 #include <isc/buffer.h>
24 #include <isc/parseint.h>
25 #include <isc/print.h>
26 #include <isc/region.h>
27 #include <isc/result.h>
28 #include <isc/stdio.h>
29 #include <isc/stdlib.h>
30 #include <isc/string.h>
31 #include <isc/types.h>
35 #include <dns/keyflags.h>
36 #include <dns/keyvalues.h>
37 #include <dns/rcode.h>
38 #include <dns/rdataclass.h>
39 #include <dns/result.h>
40 #include <dns/secalg.h>
41 #include <dns/secproto.h>
45 isc_result_t _r = (x); \
46 if (_r != ISC_R_SUCCESS) \
50 #define NUMBERSIZE sizeof("037777777777") /* 2^32-1 octal + NUL */
53 /* standard rcodes */ \
54 { dns_rcode_noerror, "NOERROR", 0}, \
55 { dns_rcode_formerr, "FORMERR", 0}, \
56 { dns_rcode_servfail, "SERVFAIL", 0}, \
57 { dns_rcode_nxdomain, "NXDOMAIN", 0}, \
58 { dns_rcode_notimp, "NOTIMP", 0}, \
59 { dns_rcode_refused, "REFUSED", 0}, \
60 { dns_rcode_yxdomain, "YXDOMAIN", 0}, \
61 { dns_rcode_yxrrset, "YXRRSET", 0}, \
62 { dns_rcode_nxrrset, "NXRRSET", 0}, \
63 { dns_rcode_notauth, "NOTAUTH", 0}, \
64 { dns_rcode_notzone, "NOTZONE", 0},
67 /* extended rcodes */ \
68 { dns_rcode_badvers, "BADVERS", 0}, \
71 #define TSIGRCODENAMES \
72 /* extended rcodes */ \
73 { dns_tsigerror_badsig, "BADSIG", 0}, \
74 { dns_tsigerror_badkey, "BADKEY", 0}, \
75 { dns_tsigerror_badtime, "BADTIME", 0}, \
76 { dns_tsigerror_badmode, "BADMODE", 0}, \
77 { dns_tsigerror_badname, "BADNAME", 0}, \
78 { dns_tsigerror_badalg, "BADALG", 0}, \
79 { dns_tsigerror_badtrunc, "BADTRUNC", 0}, \
82 /* RFC4398 section 2.1 */
97 /* RFC2535 section 7, RFC3110 */
100 { DNS_KEYALG_RSAMD5, "RSAMD5", 0 }, \
101 { DNS_KEYALG_RSAMD5, "RSA", 0 }, \
102 { DNS_KEYALG_DH, "DH", 0 }, \
103 { DNS_KEYALG_DSA, "DSA", 0 }, \
104 { DNS_KEYALG_NSEC3DSA, "NSEC3DSA", 0 }, \
105 { DNS_KEYALG_ECC, "ECC", 0 }, \
106 { DNS_KEYALG_RSASHA1, "RSASHA1", 0 }, \
107 { DNS_KEYALG_NSEC3RSASHA1, "NSEC3RSASHA1", 0 }, \
108 { DNS_KEYALG_RSASHA256, "RSASHA256", 0 }, \
109 { DNS_KEYALG_RSASHA512, "RSASHA512", 0 }, \
110 { DNS_KEYALG_ECCGOST, "ECCGOST", 0 }, \
111 { DNS_KEYALG_ECDSA256, "ECDSAP256SHA256", 0 }, \
112 { DNS_KEYALG_ECDSA384, "ECDSAP384SHA384", 0 }, \
113 { DNS_KEYALG_INDIRECT, "INDIRECT", 0 }, \
114 { DNS_KEYALG_PRIVATEDNS, "PRIVATEDNS", 0 }, \
115 { DNS_KEYALG_PRIVATEOID, "PRIVATEOID", 0 }, \
118 /* RFC2535 section 7.1 */
120 #define SECPROTONAMES \
124 { 3, "DNSSEC", 0 }, \
129 #define HASHALGNAMES \
139 static struct tbl rcodes[] = { RCODENAMES ERCODENAMES };
140 static struct tbl tsigrcodes[] = { RCODENAMES TSIGRCODENAMES };
141 static struct tbl certs[] = { CERTNAMES };
142 static struct tbl secalgs[] = { SECALGNAMES };
143 static struct tbl secprotos[] = { SECPROTONAMES };
144 static struct tbl hashalgs[] = { HASHALGNAMES };
146 static struct keyflag {
151 { "NOCONF", 0x4000, 0xC000 },
152 { "NOAUTH", 0x8000, 0xC000 },
153 { "NOKEY", 0xC000, 0xC000 },
154 { "FLAG2", 0x2000, 0x2000 },
155 { "EXTEND", 0x1000, 0x1000 },
156 { "FLAG4", 0x0800, 0x0800 },
157 { "FLAG5", 0x0400, 0x0400 },
158 { "USER", 0x0000, 0x0300 },
159 { "ZONE", 0x0100, 0x0300 },
160 { "HOST", 0x0200, 0x0300 },
161 { "NTYP3", 0x0300, 0x0300 },
162 { "FLAG8", 0x0080, 0x0080 },
163 { "FLAG9", 0x0040, 0x0040 },
164 { "FLAG10", 0x0020, 0x0020 },
165 { "FLAG11", 0x0010, 0x0010 },
166 { "SIG0", 0x0000, 0x000F },
167 { "SIG1", 0x0001, 0x000F },
168 { "SIG2", 0x0002, 0x000F },
169 { "SIG3", 0x0003, 0x000F },
170 { "SIG4", 0x0004, 0x000F },
171 { "SIG5", 0x0005, 0x000F },
172 { "SIG6", 0x0006, 0x000F },
173 { "SIG7", 0x0007, 0x000F },
174 { "SIG8", 0x0008, 0x000F },
175 { "SIG9", 0x0009, 0x000F },
176 { "SIG10", 0x000A, 0x000F },
177 { "SIG11", 0x000B, 0x000F },
178 { "SIG12", 0x000C, 0x000F },
179 { "SIG13", 0x000D, 0x000F },
180 { "SIG14", 0x000E, 0x000F },
181 { "SIG15", 0x000F, 0x000F },
182 { "KSK", DNS_KEYFLAG_KSK, DNS_KEYFLAG_KSK },
187 str_totext(const char *source, isc_buffer_t *target) {
191 isc_buffer_availableregion(target, ®ion);
194 if (l > region.length)
195 return (ISC_R_NOSPACE);
197 memcpy(region.base, source, l);
198 isc_buffer_add(target, l);
199 return (ISC_R_SUCCESS);
203 maybe_numeric(unsigned int *valuep, isc_textregion_t *source,
204 unsigned int max, isc_boolean_t hex_allowed)
208 char buffer[NUMBERSIZE];
210 if (! isdigit(source->base[0] & 0xff) ||
211 source->length > NUMBERSIZE - 1)
212 return (ISC_R_BADNUMBER);
215 * We have a potential number. Try to parse it with
216 * isc_parse_uint32(). isc_parse_uint32() requires
217 * null termination, so we must make a copy.
219 strncpy(buffer, source->base, NUMBERSIZE);
220 INSIST(buffer[source->length] == '\0');
222 result = isc_parse_uint32(&n, buffer, 10);
223 if (result == ISC_R_BADNUMBER && hex_allowed)
224 result = isc_parse_uint32(&n, buffer, 16);
225 if (result != ISC_R_SUCCESS)
228 return (ISC_R_RANGE);
230 return (ISC_R_SUCCESS);
234 dns_mnemonic_fromtext(unsigned int *valuep, isc_textregion_t *source,
235 struct tbl *table, unsigned int max)
240 result = maybe_numeric(valuep, source, max, ISC_FALSE);
241 if (result != ISC_R_BADNUMBER)
244 for (i = 0; table[i].name != NULL; i++) {
246 n = strlen(table[i].name);
247 if (n == source->length &&
248 strncasecmp(source->base, table[i].name, n) == 0) {
249 *valuep = table[i].value;
250 return (ISC_R_SUCCESS);
253 return (DNS_R_UNKNOWN);
257 dns_mnemonic_totext(unsigned int value, isc_buffer_t *target,
261 char buf[sizeof("4294967296")];
262 while (table[i].name != NULL) {
263 if (table[i].value == value) {
264 return (str_totext(table[i].name, target));
268 snprintf(buf, sizeof(buf), "%u", value);
269 return (str_totext(buf, target));
273 dns_rcode_fromtext(dns_rcode_t *rcodep, isc_textregion_t *source) {
275 RETERR(dns_mnemonic_fromtext(&value, source, rcodes, 0xffff));
277 return (ISC_R_SUCCESS);
281 dns_rcode_totext(dns_rcode_t rcode, isc_buffer_t *target) {
282 return (dns_mnemonic_totext(rcode, target, rcodes));
286 dns_tsigrcode_fromtext(dns_rcode_t *rcodep, isc_textregion_t *source) {
288 RETERR(dns_mnemonic_fromtext(&value, source, tsigrcodes, 0xffff));
290 return (ISC_R_SUCCESS);
294 dns_tsigrcode_totext(dns_rcode_t rcode, isc_buffer_t *target) {
295 return (dns_mnemonic_totext(rcode, target, tsigrcodes));
299 dns_cert_fromtext(dns_cert_t *certp, isc_textregion_t *source) {
301 RETERR(dns_mnemonic_fromtext(&value, source, certs, 0xffff));
303 return (ISC_R_SUCCESS);
307 dns_cert_totext(dns_cert_t cert, isc_buffer_t *target) {
308 return (dns_mnemonic_totext(cert, target, certs));
312 dns_secalg_fromtext(dns_secalg_t *secalgp, isc_textregion_t *source) {
314 RETERR(dns_mnemonic_fromtext(&value, source, secalgs, 0xff));
316 return (ISC_R_SUCCESS);
320 dns_secalg_totext(dns_secalg_t secalg, isc_buffer_t *target) {
321 return (dns_mnemonic_totext(secalg, target, secalgs));
325 dns_secalg_format(dns_secalg_t alg, char *cp, unsigned int size) {
330 REQUIRE(cp != NULL && size > 0);
331 isc_buffer_init(&b, cp, size - 1);
332 result = dns_secalg_totext(alg, &b);
333 isc_buffer_usedregion(&b, &r);
334 r.base[r.length] = 0;
335 if (result != ISC_R_SUCCESS)
340 dns_secproto_fromtext(dns_secproto_t *secprotop, isc_textregion_t *source) {
342 RETERR(dns_mnemonic_fromtext(&value, source, secprotos, 0xff));
344 return (ISC_R_SUCCESS);
348 dns_secproto_totext(dns_secproto_t secproto, isc_buffer_t *target) {
349 return (dns_mnemonic_totext(secproto, target, secprotos));
353 dns_hashalg_fromtext(unsigned char *hashalg, isc_textregion_t *source) {
355 RETERR(dns_mnemonic_fromtext(&value, source, hashalgs, 0xff));
357 return (ISC_R_SUCCESS);
361 dns_keyflags_fromtext(dns_keyflags_t *flagsp, isc_textregion_t *source)
365 unsigned int value, mask;
367 result = maybe_numeric(&value, source, 0xffff, ISC_TRUE);
368 if (result == ISC_R_SUCCESS) {
370 return (ISC_R_SUCCESS);
372 if (result != ISC_R_BADNUMBER)
376 end = source->base + source->length;
382 char *delim = memchr(text, '|', end - text);
387 for (p = keyflags; p->name != NULL; p++) {
388 if (strncasecmp(p->name, text, len) == 0)
392 return (DNS_R_UNKNOWNFLAG);
395 if ((mask & p->mask) != 0)
396 warn("overlapping key flags");
401 text++; /* Skip "|" */
404 return (ISC_R_SUCCESS);
408 * This uses lots of hard coded values, but how often do we actually
412 dns_rdataclass_fromtext(dns_rdataclass_t *classp, isc_textregion_t *source) {
413 #define COMPARE(string, rdclass) \
414 if (((sizeof(string) - 1) == source->length) \
415 && (strncasecmp(source->base, string, source->length) == 0)) { \
417 return (ISC_R_SUCCESS); \
420 switch (tolower((unsigned char)source->base[0])) {
422 COMPARE("any", dns_rdataclass_any);
426 * RFC1035 says the mnemonic for the CHAOS class is CH,
427 * but historical BIND practice is to call it CHAOS.
428 * We will accept both forms, but only generate CH.
430 COMPARE("ch", dns_rdataclass_chaos);
431 COMPARE("chaos", dns_rdataclass_chaos);
433 if (source->length > 5 &&
434 source->length < (5 + sizeof("65000")) &&
435 strncasecmp("class", source->base, 5) == 0) {
436 char buf[sizeof("65000")];
440 strncpy(buf, source->base + 5, source->length - 5);
441 buf[source->length - 5] = '\0';
442 val = strtoul(buf, &endp, 10);
443 if (*endp == '\0' && val <= 0xffff) {
444 *classp = (dns_rdataclass_t)val;
445 return (ISC_R_SUCCESS);
450 COMPARE("hs", dns_rdataclass_hs);
451 COMPARE("hesiod", dns_rdataclass_hs);
454 COMPARE("in", dns_rdataclass_in);
457 COMPARE("none", dns_rdataclass_none);
460 COMPARE("reserved0", dns_rdataclass_reserved0);
466 return (DNS_R_UNKNOWN);
470 dns_rdataclass_totext(dns_rdataclass_t rdclass, isc_buffer_t *target) {
471 char buf[sizeof("CLASS65535")];
474 case dns_rdataclass_any:
475 return (str_totext("ANY", target));
476 case dns_rdataclass_chaos:
477 return (str_totext("CH", target));
478 case dns_rdataclass_hs:
479 return (str_totext("HS", target));
480 case dns_rdataclass_in:
481 return (str_totext("IN", target));
482 case dns_rdataclass_none:
483 return (str_totext("NONE", target));
484 case dns_rdataclass_reserved0:
485 return (str_totext("RESERVED0", target));
487 snprintf(buf, sizeof(buf), "CLASS%u", rdclass);
488 return (str_totext(buf, target));
493 dns_rdataclass_format(dns_rdataclass_t rdclass,
494 char *array, unsigned int size)
502 isc_buffer_init(&buf, array, size);
503 result = dns_rdataclass_totext(rdclass, &buf);
507 if (result == ISC_R_SUCCESS) {
508 if (isc_buffer_availablelength(&buf) >= 1)
509 isc_buffer_putuint8(&buf, 0);
511 result = ISC_R_NOSPACE;
513 if (result != ISC_R_SUCCESS)
514 strlcpy(array, "<unknown>", size);