1238106Sdes/*
2238106Sdes * validator/val_anchor.h - validator trust anchor storage.
3238106Sdes *
4238106Sdes * Copyright (c) 2007, NLnet Labs. All rights reserved.
5238106Sdes *
6238106Sdes * This software is open source.
7238106Sdes *
8238106Sdes * Redistribution and use in source and binary forms, with or without
9238106Sdes * modification, are permitted provided that the following conditions
10238106Sdes * are met:
11238106Sdes *
12238106Sdes * Redistributions of source code must retain the above copyright notice,
13238106Sdes * this list of conditions and the following disclaimer.
14238106Sdes *
15238106Sdes * Redistributions in binary form must reproduce the above copyright notice,
16238106Sdes * this list of conditions and the following disclaimer in the documentation
17238106Sdes * and/or other materials provided with the distribution.
18238106Sdes *
19238106Sdes * Neither the name of the NLNET LABS nor the names of its contributors may
20238106Sdes * be used to endorse or promote products derived from this software without
21238106Sdes * specific prior written permission.
22238106Sdes *
23238106Sdes * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24238106Sdes * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
25238106Sdes * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
26238106Sdes * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
27238106Sdes * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
28238106Sdes * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
29238106Sdes * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
30238106Sdes * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
31238106Sdes * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
32238106Sdes * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
33238106Sdes * POSSIBILITY OF SUCH DAMAGE.
34238106Sdes */
35238106Sdes
36238106Sdes/**
37238106Sdes * \file
38238106Sdes *
39238106Sdes * This file contains storage for the trust anchors for the validator.
40238106Sdes */
41238106Sdes
42238106Sdes#ifndef VALIDATOR_VAL_ANCHOR_H
43238106Sdes#define VALIDATOR_VAL_ANCHOR_H
44238106Sdes#include "util/rbtree.h"
45238106Sdes#include "util/locks.h"
46238106Sdesstruct trust_anchor;
47238106Sdesstruct config_file;
48238106Sdesstruct ub_packed_rrset_key;
49238106Sdesstruct autr_point_data;
50238106Sdesstruct autr_global_data;
51238106Sdes
52238106Sdes/**
53238106Sdes * Trust anchor store.
54238106Sdes * The tree must be locked, while no other locks (from trustanchors) are held.
55238106Sdes * And then an anchor searched for.  Which can be locked or deleted.  Then
56238106Sdes * the tree can be unlocked again.  This means you have to release the lock
57238106Sdes * on a trust anchor and look it up again to delete it.
58238106Sdes */
59238106Sdesstruct val_anchors {
60238106Sdes	/** lock on trees */
61238106Sdes	lock_basic_t lock;
62238106Sdes	/**
63238106Sdes	 * Anchors are store in this tree. Sort order is chosen, so that
64238106Sdes	 * dnames are in nsec-like order. A lookup on class, name will return
65238106Sdes	 * an exact match of the closest match, with the ancestor needed.
66238106Sdes	 * contents of type trust_anchor.
67238106Sdes	 */
68238106Sdes	rbtree_t* tree;
69238106Sdes	/** The DLV trust anchor (if one is configured, else NULL) */
70238106Sdes	struct trust_anchor* dlv_anchor;
71238106Sdes	/** Autotrust global data, anchors sorted by next probe time */
72238106Sdes	struct autr_global_data* autr;
73238106Sdes};
74238106Sdes
75238106Sdes/**
76238106Sdes * Trust anchor key
77238106Sdes */
78238106Sdesstruct ta_key {
79238106Sdes	/** next in list */
80238106Sdes	struct ta_key* next;
81238106Sdes	/** rdata, in wireformat of the key RR. starts with rdlength. */
82238106Sdes	uint8_t* data;
83238106Sdes	/** length of the rdata (including rdlength). */
84238106Sdes	size_t len;
85238106Sdes	/** DNS type (host format) of the key, DS or DNSKEY */
86238106Sdes	uint16_t type;
87238106Sdes};
88238106Sdes
89238106Sdes/**
90238106Sdes * A trust anchor in the trust anchor store.
91238106Sdes * Unique by name, class.
92238106Sdes */
93238106Sdesstruct trust_anchor {
94238106Sdes	/** rbtree node, key is this structure */
95238106Sdes	rbnode_t node;
96238106Sdes	/** lock on the entire anchor and its keys; for autotrust changes */
97238106Sdes	lock_basic_t lock;
98238106Sdes	/** name of this trust anchor */
99238106Sdes	uint8_t* name;
100238106Sdes	/** length of name */
101238106Sdes	size_t namelen;
102238106Sdes	/** number of labels in name of rrset */
103238106Sdes	int namelabs;
104238106Sdes	/** the ancestor in the trustanchor tree */
105238106Sdes	struct trust_anchor* parent;
106238106Sdes	/**
107238106Sdes	 * List of DS or DNSKEY rrs that form the trust anchor.
108238106Sdes	 */
109238106Sdes	struct ta_key* keylist;
110238106Sdes	/** Autotrust anchor point data, or NULL */
111238106Sdes	struct autr_point_data* autr;
112238106Sdes	/** number of DSs in the keylist */
113238106Sdes	size_t numDS;
114238106Sdes	/** number of DNSKEYs in the keylist */
115238106Sdes	size_t numDNSKEY;
116238106Sdes	/** the DS RRset */
117238106Sdes	struct ub_packed_rrset_key* ds_rrset;
118238106Sdes	/** The DNSKEY RRset */
119238106Sdes	struct ub_packed_rrset_key* dnskey_rrset;
120238106Sdes	/** class of the trust anchor */
121238106Sdes	uint16_t dclass;
122238106Sdes};
123238106Sdes
124238106Sdes/**
125238106Sdes * Create trust anchor storage
126238106Sdes * @return new storage or NULL on error.
127238106Sdes */
128238106Sdesstruct val_anchors* anchors_create(void);
129238106Sdes
130238106Sdes/**
131238106Sdes * Delete trust anchor storage.
132238106Sdes * @param anchors: to delete.
133238106Sdes */
134238106Sdesvoid anchors_delete(struct val_anchors* anchors);
135238106Sdes
136238106Sdes/**
137238106Sdes * Process trust anchor config.
138238106Sdes * @param anchors: struct anchor storage
139238106Sdes * @param cfg: config options.
140238106Sdes * @return 0 on error.
141238106Sdes */
142238106Sdesint anchors_apply_cfg(struct val_anchors* anchors, struct config_file* cfg);
143238106Sdes
144238106Sdes/**
145238106Sdes * Recalculate parent pointers.  The caller must hold the lock on the
146238106Sdes * anchors structure (say after removing an item from the rbtree).
147238106Sdes * Caller must not hold any locks on trust anchors.
148238106Sdes * After the call is complete the parent pointers are updated and an item
149238106Sdes * just removed is no longer referenced in parent pointers.
150238106Sdes * @param anchors: the structure to update.
151238106Sdes */
152238106Sdesvoid anchors_init_parents_locked(struct val_anchors* anchors);
153238106Sdes
154238106Sdes/**
155238106Sdes * Given a qname/qclass combination, find the trust anchor closest above it.
156238106Sdes * Or return NULL if none exists.
157238106Sdes *
158238106Sdes * @param anchors: struct anchor storage
159238106Sdes * @param qname: query name, uncompressed wireformat.
160238106Sdes * @param qname_len: length of qname.
161238106Sdes * @param qclass: class to query for.
162238106Sdes * @return the trust anchor or NULL if none is found. The anchor is locked.
163238106Sdes */
164238106Sdesstruct trust_anchor* anchors_lookup(struct val_anchors* anchors,
165238106Sdes	uint8_t* qname, size_t qname_len, uint16_t qclass);
166238106Sdes
167238106Sdes/**
168238106Sdes * Find a trust anchor. Exact matching.
169238106Sdes * @param anchors: anchor storage.
170238106Sdes * @param name: name of trust anchor (wireformat)
171238106Sdes * @param namelabs: labels in name
172238106Sdes * @param namelen: length of name
173238106Sdes * @param dclass: class of trust anchor
174238106Sdes * @return NULL if not found. The anchor is locked.
175238106Sdes */
176238106Sdesstruct trust_anchor* anchor_find(struct val_anchors* anchors,
177238106Sdes	uint8_t* name, int namelabs, size_t namelen, uint16_t dclass);
178238106Sdes
179238106Sdes/**
180238106Sdes * Store one string as trust anchor RR.
181238106Sdes * @param anchors: anchor storage.
182238106Sdes * @param buffer: parsing buffer, to generate the RR wireformat in.
183238106Sdes * @param str: string.
184238106Sdes * @return NULL on error.
185238106Sdes */
186238106Sdesstruct trust_anchor* anchor_store_str(struct val_anchors* anchors,
187238106Sdes	ldns_buffer* buffer, const char* str);
188238106Sdes
189238106Sdes/**
190238106Sdes * Get memory in use by the trust anchor storage
191238106Sdes * @param anchors: anchor storage.
192238106Sdes * @return memory in use in bytes.
193238106Sdes */
194238106Sdessize_t anchors_get_mem(struct val_anchors* anchors);
195238106Sdes
196238106Sdes/** compare two trust anchors */
197238106Sdesint anchor_cmp(const void* k1, const void* k2);
198238106Sdes
199238106Sdes/**
200238106Sdes * Add insecure point trust anchor.  For external use (locks and init_parents)
201238106Sdes * @param anchors: anchor storage.
202238106Sdes * @param c: class.
203238106Sdes * @param nm: name of insecure trust point.
204238106Sdes * @return false on alloc failure.
205238106Sdes */
206238106Sdesint anchors_add_insecure(struct val_anchors* anchors, uint16_t c, uint8_t* nm);
207238106Sdes
208238106Sdes/**
209238106Sdes * Delete insecure point trust anchor.  Does not remove if no such point.
210238106Sdes * For external use (locks and init_parents)
211238106Sdes * @param anchors: anchor storage.
212238106Sdes * @param c: class.
213238106Sdes * @param nm: name of insecure trust point.
214238106Sdes */
215238106Sdesvoid anchors_delete_insecure(struct val_anchors* anchors, uint16_t c,
216238106Sdes	uint8_t* nm);
217238106Sdes
218238106Sdes#endif /* VALIDATOR_VAL_ANCHOR_H */
219