1238106Sdes/*
2238106Sdes * validator/val_anchor.h - validator trust anchor storage.
3238106Sdes *
4238106Sdes * Copyright (c) 2007, NLnet Labs. All rights reserved.
5238106Sdes *
6238106Sdes * This software is open source.
7238106Sdes *
8238106Sdes * Redistribution and use in source and binary forms, with or without
9238106Sdes * modification, are permitted provided that the following conditions
10238106Sdes * are met:
11238106Sdes *
12238106Sdes * Redistributions of source code must retain the above copyright notice,
13238106Sdes * this list of conditions and the following disclaimer.
14238106Sdes *
15238106Sdes * Redistributions in binary form must reproduce the above copyright notice,
16238106Sdes * this list of conditions and the following disclaimer in the documentation
17238106Sdes * and/or other materials provided with the distribution.
18238106Sdes *
19238106Sdes * Neither the name of the NLNET LABS nor the names of its contributors may
20238106Sdes * be used to endorse or promote products derived from this software without
21238106Sdes * specific prior written permission.
22238106Sdes *
23238106Sdes * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24269257Sdes * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25269257Sdes * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
26269257Sdes * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
27269257Sdes * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28269257Sdes * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
29269257Sdes * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
30269257Sdes * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
31269257Sdes * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32269257Sdes * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33269257Sdes * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34238106Sdes */
35238106Sdes
36238106Sdes/**
37238106Sdes * \file
38238106Sdes *
39238106Sdes * This file contains storage for the trust anchors for the validator.
40238106Sdes */
41238106Sdes
42238106Sdes#ifndef VALIDATOR_VAL_ANCHOR_H
43238106Sdes#define VALIDATOR_VAL_ANCHOR_H
44238106Sdes#include "util/rbtree.h"
45238106Sdes#include "util/locks.h"
46238106Sdesstruct trust_anchor;
47238106Sdesstruct config_file;
48238106Sdesstruct ub_packed_rrset_key;
49238106Sdesstruct autr_point_data;
50238106Sdesstruct autr_global_data;
51269257Sdesstruct sldns_buffer;
52238106Sdes
53238106Sdes/**
54238106Sdes * Trust anchor store.
55238106Sdes * The tree must be locked, while no other locks (from trustanchors) are held.
56238106Sdes * And then an anchor searched for.  Which can be locked or deleted.  Then
57238106Sdes * the tree can be unlocked again.  This means you have to release the lock
58238106Sdes * on a trust anchor and look it up again to delete it.
59238106Sdes */
60238106Sdesstruct val_anchors {
61238106Sdes	/** lock on trees */
62238106Sdes	lock_basic_t lock;
63238106Sdes	/**
64238106Sdes	 * Anchors are store in this tree. Sort order is chosen, so that
65238106Sdes	 * dnames are in nsec-like order. A lookup on class, name will return
66238106Sdes	 * an exact match of the closest match, with the ancestor needed.
67238106Sdes	 * contents of type trust_anchor.
68238106Sdes	 */
69238106Sdes	rbtree_t* tree;
70238106Sdes	/** The DLV trust anchor (if one is configured, else NULL) */
71238106Sdes	struct trust_anchor* dlv_anchor;
72238106Sdes	/** Autotrust global data, anchors sorted by next probe time */
73238106Sdes	struct autr_global_data* autr;
74238106Sdes};
75238106Sdes
76238106Sdes/**
77238106Sdes * Trust anchor key
78238106Sdes */
79238106Sdesstruct ta_key {
80238106Sdes	/** next in list */
81238106Sdes	struct ta_key* next;
82238106Sdes	/** rdata, in wireformat of the key RR. starts with rdlength. */
83238106Sdes	uint8_t* data;
84238106Sdes	/** length of the rdata (including rdlength). */
85238106Sdes	size_t len;
86238106Sdes	/** DNS type (host format) of the key, DS or DNSKEY */
87238106Sdes	uint16_t type;
88238106Sdes};
89238106Sdes
90238106Sdes/**
91238106Sdes * A trust anchor in the trust anchor store.
92238106Sdes * Unique by name, class.
93238106Sdes */
94238106Sdesstruct trust_anchor {
95238106Sdes	/** rbtree node, key is this structure */
96238106Sdes	rbnode_t node;
97238106Sdes	/** lock on the entire anchor and its keys; for autotrust changes */
98238106Sdes	lock_basic_t lock;
99238106Sdes	/** name of this trust anchor */
100238106Sdes	uint8_t* name;
101238106Sdes	/** length of name */
102238106Sdes	size_t namelen;
103238106Sdes	/** number of labels in name of rrset */
104238106Sdes	int namelabs;
105238106Sdes	/** the ancestor in the trustanchor tree */
106238106Sdes	struct trust_anchor* parent;
107238106Sdes	/**
108238106Sdes	 * List of DS or DNSKEY rrs that form the trust anchor.
109238106Sdes	 */
110238106Sdes	struct ta_key* keylist;
111238106Sdes	/** Autotrust anchor point data, or NULL */
112238106Sdes	struct autr_point_data* autr;
113238106Sdes	/** number of DSs in the keylist */
114238106Sdes	size_t numDS;
115238106Sdes	/** number of DNSKEYs in the keylist */
116238106Sdes	size_t numDNSKEY;
117238106Sdes	/** the DS RRset */
118238106Sdes	struct ub_packed_rrset_key* ds_rrset;
119238106Sdes	/** The DNSKEY RRset */
120238106Sdes	struct ub_packed_rrset_key* dnskey_rrset;
121238106Sdes	/** class of the trust anchor */
122238106Sdes	uint16_t dclass;
123238106Sdes};
124238106Sdes
125238106Sdes/**
126238106Sdes * Create trust anchor storage
127238106Sdes * @return new storage or NULL on error.
128238106Sdes */
129238106Sdesstruct val_anchors* anchors_create(void);
130238106Sdes
131238106Sdes/**
132238106Sdes * Delete trust anchor storage.
133238106Sdes * @param anchors: to delete.
134238106Sdes */
135238106Sdesvoid anchors_delete(struct val_anchors* anchors);
136238106Sdes
137238106Sdes/**
138238106Sdes * Process trust anchor config.
139238106Sdes * @param anchors: struct anchor storage
140238106Sdes * @param cfg: config options.
141238106Sdes * @return 0 on error.
142238106Sdes */
143238106Sdesint anchors_apply_cfg(struct val_anchors* anchors, struct config_file* cfg);
144238106Sdes
145238106Sdes/**
146238106Sdes * Recalculate parent pointers.  The caller must hold the lock on the
147238106Sdes * anchors structure (say after removing an item from the rbtree).
148238106Sdes * Caller must not hold any locks on trust anchors.
149238106Sdes * After the call is complete the parent pointers are updated and an item
150238106Sdes * just removed is no longer referenced in parent pointers.
151238106Sdes * @param anchors: the structure to update.
152238106Sdes */
153238106Sdesvoid anchors_init_parents_locked(struct val_anchors* anchors);
154238106Sdes
155238106Sdes/**
156238106Sdes * Given a qname/qclass combination, find the trust anchor closest above it.
157238106Sdes * Or return NULL if none exists.
158238106Sdes *
159238106Sdes * @param anchors: struct anchor storage
160238106Sdes * @param qname: query name, uncompressed wireformat.
161238106Sdes * @param qname_len: length of qname.
162238106Sdes * @param qclass: class to query for.
163238106Sdes * @return the trust anchor or NULL if none is found. The anchor is locked.
164238106Sdes */
165238106Sdesstruct trust_anchor* anchors_lookup(struct val_anchors* anchors,
166238106Sdes	uint8_t* qname, size_t qname_len, uint16_t qclass);
167238106Sdes
168238106Sdes/**
169238106Sdes * Find a trust anchor. Exact matching.
170238106Sdes * @param anchors: anchor storage.
171238106Sdes * @param name: name of trust anchor (wireformat)
172238106Sdes * @param namelabs: labels in name
173238106Sdes * @param namelen: length of name
174238106Sdes * @param dclass: class of trust anchor
175238106Sdes * @return NULL if not found. The anchor is locked.
176238106Sdes */
177238106Sdesstruct trust_anchor* anchor_find(struct val_anchors* anchors,
178238106Sdes	uint8_t* name, int namelabs, size_t namelen, uint16_t dclass);
179238106Sdes
180238106Sdes/**
181238106Sdes * Store one string as trust anchor RR.
182238106Sdes * @param anchors: anchor storage.
183238106Sdes * @param buffer: parsing buffer, to generate the RR wireformat in.
184238106Sdes * @param str: string.
185238106Sdes * @return NULL on error.
186238106Sdes */
187238106Sdesstruct trust_anchor* anchor_store_str(struct val_anchors* anchors,
188269257Sdes	struct sldns_buffer* buffer, const char* str);
189238106Sdes
190238106Sdes/**
191238106Sdes * Get memory in use by the trust anchor storage
192238106Sdes * @param anchors: anchor storage.
193238106Sdes * @return memory in use in bytes.
194238106Sdes */
195238106Sdessize_t anchors_get_mem(struct val_anchors* anchors);
196238106Sdes
197238106Sdes/** compare two trust anchors */
198238106Sdesint anchor_cmp(const void* k1, const void* k2);
199238106Sdes
200238106Sdes/**
201238106Sdes * Add insecure point trust anchor.  For external use (locks and init_parents)
202238106Sdes * @param anchors: anchor storage.
203238106Sdes * @param c: class.
204238106Sdes * @param nm: name of insecure trust point.
205238106Sdes * @return false on alloc failure.
206238106Sdes */
207238106Sdesint anchors_add_insecure(struct val_anchors* anchors, uint16_t c, uint8_t* nm);
208238106Sdes
209238106Sdes/**
210238106Sdes * Delete insecure point trust anchor.  Does not remove if no such point.
211238106Sdes * For external use (locks and init_parents)
212238106Sdes * @param anchors: anchor storage.
213238106Sdes * @param c: class.
214238106Sdes * @param nm: name of insecure trust point.
215238106Sdes */
216238106Sdesvoid anchors_delete_insecure(struct val_anchors* anchors, uint16_t c,
217238106Sdes	uint8_t* nm);
218238106Sdes
219238106Sdes#endif /* VALIDATOR_VAL_ANCHOR_H */
220