1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2 #pragma once
3 
4 #include "in-addr-util.h"
5 #include "list.h"
6 #include "resolve-util.h"
7 #include "time-util.h"
8 
9 typedef struct DnsScope DnsScope;
10 typedef struct DnsServer DnsServer;
11 typedef struct DnsStream DnsStream;
12 typedef struct DnsPacket DnsPacket;
13 typedef struct Link Link;
14 typedef struct Manager Manager;
15 
16 #include "resolved-dnstls.h"
17 
18 typedef enum DnsServerType {
19         DNS_SERVER_SYSTEM,
20         DNS_SERVER_FALLBACK,
21         DNS_SERVER_LINK,
22         _DNS_SERVER_TYPE_MAX,
23         _DNS_SERVER_TYPE_INVALID = -EINVAL,
24 } DnsServerType;
25 
26 const char* dns_server_type_to_string(DnsServerType i) _const_;
27 DnsServerType dns_server_type_from_string(const char *s) _pure_;
28 
29 typedef enum DnsServerFeatureLevel {
30         DNS_SERVER_FEATURE_LEVEL_TCP,
31         DNS_SERVER_FEATURE_LEVEL_UDP,
32         DNS_SERVER_FEATURE_LEVEL_EDNS0,
33         DNS_SERVER_FEATURE_LEVEL_TLS_PLAIN,
34         DNS_SERVER_FEATURE_LEVEL_DO,
35         DNS_SERVER_FEATURE_LEVEL_TLS_DO,
36         _DNS_SERVER_FEATURE_LEVEL_MAX,
37         _DNS_SERVER_FEATURE_LEVEL_INVALID = -EINVAL,
38 } DnsServerFeatureLevel;
39 
40 #define DNS_SERVER_FEATURE_LEVEL_WORST 0
41 #define DNS_SERVER_FEATURE_LEVEL_BEST (_DNS_SERVER_FEATURE_LEVEL_MAX - 1)
42 #define DNS_SERVER_FEATURE_LEVEL_IS_EDNS0(x) ((x) >= DNS_SERVER_FEATURE_LEVEL_EDNS0)
43 #define DNS_SERVER_FEATURE_LEVEL_IS_TLS(x) IN_SET(x, DNS_SERVER_FEATURE_LEVEL_TLS_PLAIN, DNS_SERVER_FEATURE_LEVEL_TLS_DO)
44 #define DNS_SERVER_FEATURE_LEVEL_IS_DNSSEC(x) ((x) >= DNS_SERVER_FEATURE_LEVEL_DO)
45 #define DNS_SERVER_FEATURE_LEVEL_IS_UDP(x) IN_SET(x, DNS_SERVER_FEATURE_LEVEL_UDP, DNS_SERVER_FEATURE_LEVEL_EDNS0, DNS_SERVER_FEATURE_LEVEL_DO)
46 
47 const char* dns_server_feature_level_to_string(int i) _const_;
48 int dns_server_feature_level_from_string(const char *s) _pure_;
49 
50 struct DnsServer {
51         Manager *manager;
52 
53         unsigned n_ref;
54 
55         DnsServerType type;
56         Link *link;
57 
58         int family;
59         union in_addr_union address;
60         int ifindex; /* for IPv6 link-local DNS servers */
61         uint16_t port;
62         char *server_name;
63 
64         char *server_string;
65         char *server_string_full;
66 
67         /* The long-lived stream towards this server. */
68         DnsStream *stream;
69 
70 #if ENABLE_DNS_OVER_TLS
71         DnsTlsServerData dnstls_data;
72 #endif
73 
74         DnsServerFeatureLevel verified_feature_level;
75         DnsServerFeatureLevel possible_feature_level;
76 
77         size_t received_udp_fragment_max;   /* largest packet or fragment (without IP/UDP header) we saw so far */
78 
79         unsigned n_failed_udp;
80         unsigned n_failed_tcp;
81         unsigned n_failed_tls;
82 
83         bool packet_truncated:1;        /* Set when TC bit was set on reply */
84         bool packet_bad_opt:1;          /* Set when OPT was missing or otherwise bad on reply */
85         bool packet_rrsig_missing:1;    /* Set when RRSIG was missing */
86         bool packet_invalid:1;          /* Set when we failed to parse a reply */
87         bool packet_do_off:1;           /* Set when the server didn't copy DNSSEC DO flag from request to response */
88         bool packet_fragmented:1;       /* Set when we ever saw a fragmented packet */
89 
90         usec_t verified_usec;
91         usec_t features_grace_period_usec;
92 
93         /* Whether we already warned about downgrading to non-DNSSEC mode for this server */
94         bool warned_downgrade:1;
95 
96         /* Used when GC'ing old DNS servers when configuration changes. */
97         bool marked:1;
98 
99         /* If linked is set, then this server appears in the servers linked list */
100         bool linked:1;
101         LIST_FIELDS(DnsServer, servers);
102 };
103 
104 int dns_server_new(
105                 Manager *m,
106                 DnsServer **ret,
107                 DnsServerType type,
108                 Link *link,
109                 int family,
110                 const union in_addr_union *address,
111                 uint16_t port,
112                 int ifindex,
113                 const char *server_string);
114 
115 DnsServer* dns_server_ref(DnsServer *s);
116 DnsServer* dns_server_unref(DnsServer *s);
117 
118 void dns_server_unlink(DnsServer *s);
119 void dns_server_move_back_and_unmark(DnsServer *s);
120 
121 void dns_server_packet_received(DnsServer *s, int protocol, DnsServerFeatureLevel level, size_t fragsize);
122 void dns_server_packet_lost(DnsServer *s, int protocol, DnsServerFeatureLevel level);
123 void dns_server_packet_truncated(DnsServer *s, DnsServerFeatureLevel level);
124 void dns_server_packet_rrsig_missing(DnsServer *s, DnsServerFeatureLevel level);
125 void dns_server_packet_bad_opt(DnsServer *s, DnsServerFeatureLevel level);
126 void dns_server_packet_rcode_downgrade(DnsServer *s, DnsServerFeatureLevel level);
127 void dns_server_packet_invalid(DnsServer *s, DnsServerFeatureLevel level);
128 void dns_server_packet_do_off(DnsServer *s, DnsServerFeatureLevel level);
129 void dns_server_packet_udp_fragmented(DnsServer *s, size_t fragsize);
130 
131 DnsServerFeatureLevel dns_server_possible_feature_level(DnsServer *s);
132 
133 int dns_server_adjust_opt(DnsServer *server, DnsPacket *packet, DnsServerFeatureLevel level);
134 
135 const char *dns_server_string(DnsServer *server);
136 const char *dns_server_string_full(DnsServer *server);
137 int dns_server_ifindex(const DnsServer *s);
138 uint16_t dns_server_port(const DnsServer *s);
139 
140 bool dns_server_dnssec_supported(DnsServer *server);
141 
142 void dns_server_warn_downgrade(DnsServer *server);
143 
144 DnsServer *dns_server_find(DnsServer *first, int family, const union in_addr_union *in_addr, uint16_t port, int ifindex, const char *name);
145 
146 void dns_server_unlink_all(DnsServer *first);
147 bool dns_server_unlink_marked(DnsServer *first);
148 void dns_server_mark_all(DnsServer *first);
149 
150 DnsServer *manager_get_first_dns_server(Manager *m, DnsServerType t);
151 
152 DnsServer *manager_set_dns_server(Manager *m, DnsServer *s);
153 DnsServer *manager_get_dns_server(Manager *m);
154 void manager_next_dns_server(Manager *m, DnsServer *if_current);
155 
156 DnssecMode dns_server_get_dnssec_mode(DnsServer *s);
157 DnsOverTlsMode dns_server_get_dns_over_tls_mode(DnsServer *s);
158 
159 size_t dns_server_get_mtu(DnsServer *s);
160 
161 DEFINE_TRIVIAL_CLEANUP_FUNC(DnsServer*, dns_server_unref);
162 
163 extern const struct hash_ops dns_server_hash_ops;
164 
165 void dns_server_flush_cache(DnsServer *s);
166 
167 void dns_server_reset_features(DnsServer *s);
168 void dns_server_reset_features_all(DnsServer *s);
169 
170 void dns_server_dump(DnsServer *s, FILE *f);
171 
172 void dns_server_unref_stream(DnsServer *s);
173 
174 DnsScope *dns_server_scope(DnsServer *s);
175