lib » dns » include » dns

dns64.h

Go to the documentation of this file.
00001 /*
00002  * Copyright (C) 2010, 2014  Internet Systems Consortium, Inc. ("ISC")
00003  *
00004  * Permission to use, copy, modify, and/or distribute this software for any
00005  * purpose with or without fee is hereby granted, provided that the above
00006  * copyright notice and this permission notice appear in all copies.
00007  *
00008  * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
00009  * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
00010  * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
00011  * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
00012  * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
00013  * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
00014  * PERFORMANCE OF THIS SOFTWARE.
00015  */
00016 
00017 /* $Id: dns64.h,v 1.3 2010/12/08 23:51:56 tbox Exp $ */
00018 
00019 #ifndef DNS_DNS64_H
00020 #define DNS_DNS64_H 1
00021 
00022 #include <isc/lang.h>
00023 
00024 #include <dns/types.h>
00025 
00026 ISC_LANG_BEGINDECLS
00027 
00028 /*
00029  * dns_dns64_create() flags.
00030  */
00031 #define DNS_DNS64_RECURSIVE_ONLY        0x01    /* If set then this record
00032                                                  * only applies to recursive
00033                                                  * queries.
00034                                                  */
00035 #define DNS_DNS64_BREAK_DNSSEC          0x02    /* If set then still perform
00036                                                  * DNSSEC synthesis even
00037                                                  * though the result would
00038                                                  * fail validation.
00039                                                  */
00040 
00041 /*
00042  * dns_dns64_aaaaok() and dns_dns64_aaaafroma() flags.
00043  */
00044 #define DNS_DNS64_RECURSIVE             0x01    /* Recursive query. */
00045 #define DNS_DNS64_DNSSEC                0x02    /* DNSSEC sensitive query. */
00046 
00047 isc_result_t
00048 dns_dns64_create(isc_mem_t *mctx, isc_netaddr_t *prefix,
00049                  unsigned int prefixlen, isc_netaddr_t *suffix,
00050                  dns_acl_t *client, dns_acl_t *mapped, dns_acl_t *excluded,
00051                  unsigned int flags, dns_dns64_t **dns64);
00052 /*
00053  * Create a dns64 record which is used to identify the set of clients
00054  * it applies to and how to perform the DNS64 synthesis.
00055  *
00056  * 'prefix' and 'prefixlen' defined the leading bits of the AAAA records
00057  * to be synthesised.  'suffix' defines the bits after the A records bits.
00058  * If suffix is NULL zeros will be used for these bits.  'client' defines
00059  * for which clients this record applies.  If 'client' is NULL then all
00060  * clients apply.  'mapped' defines which A records are candidated for
00061  * mapping.  If 'mapped' is NULL then all A records will be mapped.
00062  * 'excluded' defines which AAAA are to be treated as non-existent for the
00063  * purposed of determining whether to perform syntesis.  If 'excluded' is
00064  * NULL then no AAAA records prevent synthesis.
00065  *
00066  * If DNS_DNS64_RECURSIVE_ONLY is set then the record will only match if
00067  * DNS_DNS64_RECURSIVE is set when calling  dns_dns64_aaaaok() and
00068  * dns_dns64_aaaafroma().
00069  *
00070  * If DNS_DNS64_BREAK_DNSSEC is set then the record will still apply if
00071  * DNS_DNS64_DNSSEC is set when calling  dns_dns64_aaaaok() and
00072  * dns_dns64_aaaafroma() otherwise the record will be ignored.
00073  *
00074  * Requires:
00075  *      'mctx'          to be valid.
00076  *      'prefix'        to be valid and the address family to AF_INET6.
00077  *      'prefixlen'     to be one of 32, 40, 48, 56, 72 and 96.
00078  *                      the bits not covered by prefixlen in prefix to
00079  *                      be zero.
00080  *      'suffix'        to be NULL or the address family be set to AF_INET6
00081  *                      and the leading 'prefixlen' + 32 bits of the 'suffix'
00082  *                      to be zero.  If 'prefixlen' is 40, 48 or 56 then the
00083  *                      the leading 'prefixlen' + 40 bits of 'suffix' must be
00084  *                      zero.
00085  *      'client'        to be NULL or a valid acl.
00086  *      'mapped'        to be NULL or a valid acl.
00087  *      'excluded'      to be NULL or a valid acl.
00088  *
00089  * Returns:
00090  *      ISC_R_SUCCESS
00091  *      ISC_R_NOMEMORY
00092  */
00093 
00094 void
00095 dns_dns64_destroy(dns_dns64_t **dns64p);
00096 /*
00097  * Destroys a dns64 record.
00098  *
00099  * Requires the record to not be linked.
00100  */
00101 
00102 isc_result_t
00103 dns_dns64_aaaafroma(const dns_dns64_t *dns64, const isc_netaddr_t *reqaddr,
00104                     const dns_name_t *reqsigner, const dns_aclenv_t *env,
00105                     unsigned int flags, unsigned char *a, unsigned char *aaaa);
00106 /*
00107  * dns_dns64_aaaafroma() determines whether to perform a DNS64 address
00108  * synthesis from 'a' based on 'dns64', 'reqaddr', 'reqsigner', 'env',
00109  * 'flags' and 'aaaa'.  If synthesis is performed then the result is
00110  * written to '*aaaa'.
00111  *
00112  * The synthesised address will be of the form:
00113  *
00114  *       <prefix bits><a bits><suffix bits>
00115  *
00116  * If <a bits> straddle bits 64-71 of the AAAA record, then 8 zero bits will
00117  * be inserted at bits 64-71.
00118  *
00119  * Requires:
00120  *      'dns64'         to be valid.
00121  *      'reqaddr'       to be valid.
00122  *      'reqsigner'     to be NULL or valid.
00123  *      'env'           to be valid.
00124  *      'a'             to point to a IPv4 address in network order.
00125  *      'aaaa'          to point to a IPv6 address buffer in network order.
00126  *
00127  * Returns:
00128  *      ISC_R_SUCCESS           if synthesis was performed.
00129  *      DNS_R_DISALLOWED        if there is no match.
00130  */
00131 
00132 dns_dns64_t *
00133 dns_dns64_next(dns_dns64_t *dns64);
00134 /*
00135  * Return the next dns64 record in the list.
00136  */
00137 
00138 void
00139 dns_dns64_append(dns_dns64list_t *list, dns_dns64_t *dns64);
00140 /*
00141  * Append the dns64 record to the list.
00142  */
00143 
00144 void
00145 dns_dns64_unlink(dns_dns64list_t *list, dns_dns64_t *dns64);
00146 /*
00147  * Unlink the dns64 record from the list.
00148  */
00149 
00150 isc_boolean_t
00151 dns_dns64_aaaaok(const dns_dns64_t *dns64, const isc_netaddr_t *reqaddr,
00152                  const dns_name_t *reqsigner, const dns_aclenv_t *env,
00153                  unsigned int flags, dns_rdataset_t *rdataset,
00154                  isc_boolean_t *aaaaok, size_t aaaaoklen);
00155 /*
00156  * Determine if there are any non-excluded AAAA records in from the
00157  * matching dns64 records in the list starting at 'dns64'.  If there
00158  * is a non-exluded address return ISC_TRUE.  If all addresses are
00159  * excluded in the matched records return ISC_FALSE.   If no records
00160  * match then return ISC_TRUE.
00161  *
00162  * If aaaaok is defined then dns_dns64_aaaaok() return a array of which
00163  * addresses in 'rdataset' were deemed to not be exclude by any matching
00164  * record.  If there are no matching records then all entries are set
00165  * to ISC_TRUE.
00166  *
00167  * Requires
00168  *      'rdataset'      to be valid and to be for type AAAA and class IN.
00169  *      'aaaaoklen'     must match the number of records in 'rdataset'
00170  *                      if 'aaaaok' in non NULL.
00171  */
00172 
00173 ISC_LANG_ENDDECLS
00174 
00175 #endif /* DNS_DNS64_H */
Generated on Tue Apr 28 17:40:57 2015 by Doxygen 1.5.4 for BIND9 Internals 9.11.0pre-alpha