1/*
2 * validator/autotrust.h - RFC5011 trust anchor management for unbound.
3 *
4 * Copyright (c) 2009, NLnet Labs. All rights reserved.
5 *
6 * This software is open source.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * Redistributions of source code must retain the above copyright notice,
13 * this list of conditions and the following disclaimer.
14 *
15 * Redistributions in binary form must reproduce the above copyright notice,
16 * this list of conditions and the following disclaimer in the documentation
17 * and/or other materials provided with the distribution.
18 *
19 * Neither the name of the NLNET LABS nor the names of its contributors may
20 * be used to endorse or promote products derived from this software without
21 * specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
| 1/*
2 * validator/autotrust.h - RFC5011 trust anchor management for unbound.
3 *
4 * Copyright (c) 2009, NLnet Labs. All rights reserved.
5 *
6 * This software is open source.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * Redistributions of source code must retain the above copyright notice,
13 * this list of conditions and the following disclaimer.
14 *
15 * Redistributions in binary form must reproduce the above copyright notice,
16 * this list of conditions and the following disclaimer in the documentation
17 * and/or other materials provided with the distribution.
18 *
19 * Neither the name of the NLNET LABS nor the names of its contributors may
20 * be used to endorse or promote products derived from this software without
21 * specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
25 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
26 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
27 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
28 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
30 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
31 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
32 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
33 * POSSIBILITY OF SUCH DAMAGE.
| 24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
34 */
35
36/**
37 * \file
38 *
39 * Contains autotrust definitions.
40 */
41
42#ifndef VALIDATOR_AUTOTRUST_H
43#define VALIDATOR_AUTOTRUST_H
44#include "util/rbtree.h"
45#include "util/data/packed_rrset.h"
46struct val_anchors;
47struct trust_anchor;
48struct ub_packed_rrset_key;
49struct module_env;
50struct val_env;
| 34 */
35
36/**
37 * \file
38 *
39 * Contains autotrust definitions.
40 */
41
42#ifndef VALIDATOR_AUTOTRUST_H
43#define VALIDATOR_AUTOTRUST_H
44#include "util/rbtree.h"
45#include "util/data/packed_rrset.h"
46struct val_anchors;
47struct trust_anchor;
48struct ub_packed_rrset_key;
49struct module_env;
50struct val_env;
|
| 51struct sldns_buffer;
|
51
52/** Autotrust anchor states */
53typedef enum {
54 AUTR_STATE_START = 0,
55 AUTR_STATE_ADDPEND = 1,
56 AUTR_STATE_VALID = 2,
57 AUTR_STATE_MISSING = 3,
58 AUTR_STATE_REVOKED = 4,
59 AUTR_STATE_REMOVED = 5
60} autr_state_t;
61
62/**
63 * Autotrust metadata for one trust anchor key.
64 */
65struct autr_ta {
66 /** next key */
67 struct autr_ta* next;
68 /** the RR */
| 52
53/** Autotrust anchor states */
54typedef enum {
55 AUTR_STATE_START = 0,
56 AUTR_STATE_ADDPEND = 1,
57 AUTR_STATE_VALID = 2,
58 AUTR_STATE_MISSING = 3,
59 AUTR_STATE_REVOKED = 4,
60 AUTR_STATE_REMOVED = 5
61} autr_state_t;
62
63/**
64 * Autotrust metadata for one trust anchor key.
65 */
66struct autr_ta {
67 /** next key */
68 struct autr_ta* next;
69 /** the RR */
|
69 ldns_rr* rr;
| 70 uint8_t* rr;
71 /** length of rr */
72 size_t rr_len, dname_len;
|
70 /** last update of key state (new pending count keeps date the same) */
71 time_t last_change;
72 /** 5011 state */
73 autr_state_t s;
74 /** pending count */
75 uint8_t pending_count;
76 /** fresh TA was seen */
77 uint8_t fetched;
78 /** revoked TA was seen */
79 uint8_t revoked;
80};
81
82/**
83 * Autotrust metadata for a trust point.
84 * This is part of the struct trust_anchor data.
85 */
86struct autr_point_data {
87 /** file to store the trust point in. chrootdir already applied. */
88 char* file;
89 /** rbtree node for probe sort, key is struct trust_anchor */
90 rbnode_t pnode;
91
92 /** the keys */
93 struct autr_ta* keys;
94
95 /** last queried DNSKEY set
96 * Not all failures are captured in this entry.
97 * If the validator did not even start (e.g. timeout or localservfail),
98 * then the last_queried and query_failed values are not updated.
99 */
100 time_t last_queried;
101 /** last successful DNSKEY set */
102 time_t last_success;
103 /** next probe time */
104 time_t next_probe_time;
105
106 /** when to query if !failed */
| 73 /** last update of key state (new pending count keeps date the same) */
74 time_t last_change;
75 /** 5011 state */
76 autr_state_t s;
77 /** pending count */
78 uint8_t pending_count;
79 /** fresh TA was seen */
80 uint8_t fetched;
81 /** revoked TA was seen */
82 uint8_t revoked;
83};
84
85/**
86 * Autotrust metadata for a trust point.
87 * This is part of the struct trust_anchor data.
88 */
89struct autr_point_data {
90 /** file to store the trust point in. chrootdir already applied. */
91 char* file;
92 /** rbtree node for probe sort, key is struct trust_anchor */
93 rbnode_t pnode;
94
95 /** the keys */
96 struct autr_ta* keys;
97
98 /** last queried DNSKEY set
99 * Not all failures are captured in this entry.
100 * If the validator did not even start (e.g. timeout or localservfail),
101 * then the last_queried and query_failed values are not updated.
102 */
103 time_t last_queried;
104 /** last successful DNSKEY set */
105 time_t last_success;
106 /** next probe time */
107 time_t next_probe_time;
108
109 /** when to query if !failed */
|
107 uint32_t query_interval;
| 110 time_t query_interval;
|
108 /** when to retry if failed */
| 111 /** when to retry if failed */
|
109 uint32_t retry_time;
| 112 time_t retry_time;
|
110
111 /**
112 * How many times did it fail. diagnostic only (has no effect).
113 * Only updated if there was a dnskey rrset that failed to verify.
114 */
115 uint8_t query_failed;
116 /** true if the trust point has been revoked */
117 uint8_t revoked;
118};
119
120/**
121 * Autotrust global metadata.
122 */
123struct autr_global_data {
124 /** rbtree of autotrust anchors sorted by next probe time.
125 * When time is equal, sorted by anchor class, name. */
126 rbtree_t probe;
127};
128
129/**
130 * Create new global 5011 data structure.
131 * @return new structure or NULL on malloc failure.
132 */
133struct autr_global_data* autr_global_create(void);
134
135/**
136 * Delete global 5011 data structure.
137 * @param global: global autotrust state to delete.
138 */
139void autr_global_delete(struct autr_global_data* global);
140
141/**
142 * See if autotrust anchors are configured and how many.
143 * @param anchors: the trust anchors structure.
144 * @return number of autotrust trust anchors
145 */
146size_t autr_get_num_anchors(struct val_anchors* anchors);
147
148/**
149 * Process probe timer. Add new probes if needed.
150 * @param env: module environment with time, with anchors and with the mesh.
151 * @return time of next probe (in seconds from now).
152 * If 0, then there is no next probe anymore (trust points deleted).
153 */
| 113
114 /**
115 * How many times did it fail. diagnostic only (has no effect).
116 * Only updated if there was a dnskey rrset that failed to verify.
117 */
118 uint8_t query_failed;
119 /** true if the trust point has been revoked */
120 uint8_t revoked;
121};
122
123/**
124 * Autotrust global metadata.
125 */
126struct autr_global_data {
127 /** rbtree of autotrust anchors sorted by next probe time.
128 * When time is equal, sorted by anchor class, name. */
129 rbtree_t probe;
130};
131
132/**
133 * Create new global 5011 data structure.
134 * @return new structure or NULL on malloc failure.
135 */
136struct autr_global_data* autr_global_create(void);
137
138/**
139 * Delete global 5011 data structure.
140 * @param global: global autotrust state to delete.
141 */
142void autr_global_delete(struct autr_global_data* global);
143
144/**
145 * See if autotrust anchors are configured and how many.
146 * @param anchors: the trust anchors structure.
147 * @return number of autotrust trust anchors
148 */
149size_t autr_get_num_anchors(struct val_anchors* anchors);
150
151/**
152 * Process probe timer. Add new probes if needed.
153 * @param env: module environment with time, with anchors and with the mesh.
154 * @return time of next probe (in seconds from now).
155 * If 0, then there is no next probe anymore (trust points deleted).
156 */
|
154uint32_t autr_probe_timer(struct module_env* env);
| 157time_t autr_probe_timer(struct module_env* env);
|
155
156/** probe tree compare function */
157int probetree_cmp(const void* x, const void* y);
158
159/**
160 * Read autotrust file.
161 * @param anchors: the anchors structure.
162 * @param nm: name of the file (copied).
163 * @return false on failure.
164 */
165int autr_read_file(struct val_anchors* anchors, const char* nm);
166
167/**
168 * Write autotrust file.
169 * @param env: environment with scratch space.
170 * @param tp: trust point to write.
171 */
172void autr_write_file(struct module_env* env, struct trust_anchor* tp);
173
174/**
175 * Delete autr anchor, deletes the autr data but does not do
176 * unlinking from trees, caller does that.
177 * @param tp: trust point to delete.
178 */
179void autr_point_delete(struct trust_anchor* tp);
180
181/**
182 * Perform autotrust processing.
183 * @param env: qstate environment with the anchors structure.
184 * @param ve: validator environment for verification of rrsigs.
185 * @param tp: trust anchor to process.
186 * @param dnskey_rrset: DNSKEY rrset probed (can be NULL if bad prime result).
187 * allocated in a region. Has not been validated yet.
188 * @return false if trust anchor was revoked completely.
189 * Otherwise logs errors to log, does not change return value.
190 * On errors, likely the trust point has been unchanged.
191 */
192int autr_process_prime(struct module_env* env, struct val_env* ve,
193 struct trust_anchor* tp, struct ub_packed_rrset_key* dnskey_rrset);
194
195/**
196 * Debug printout of rfc5011 tracked anchors
197 * @param anchors: all the anchors.
198 */
199void autr_debug_print(struct val_anchors* anchors);
200
201/** callback for query answer to 5011 probe */
| 158
159/** probe tree compare function */
160int probetree_cmp(const void* x, const void* y);
161
162/**
163 * Read autotrust file.
164 * @param anchors: the anchors structure.
165 * @param nm: name of the file (copied).
166 * @return false on failure.
167 */
168int autr_read_file(struct val_anchors* anchors, const char* nm);
169
170/**
171 * Write autotrust file.
172 * @param env: environment with scratch space.
173 * @param tp: trust point to write.
174 */
175void autr_write_file(struct module_env* env, struct trust_anchor* tp);
176
177/**
178 * Delete autr anchor, deletes the autr data but does not do
179 * unlinking from trees, caller does that.
180 * @param tp: trust point to delete.
181 */
182void autr_point_delete(struct trust_anchor* tp);
183
184/**
185 * Perform autotrust processing.
186 * @param env: qstate environment with the anchors structure.
187 * @param ve: validator environment for verification of rrsigs.
188 * @param tp: trust anchor to process.
189 * @param dnskey_rrset: DNSKEY rrset probed (can be NULL if bad prime result).
190 * allocated in a region. Has not been validated yet.
191 * @return false if trust anchor was revoked completely.
192 * Otherwise logs errors to log, does not change return value.
193 * On errors, likely the trust point has been unchanged.
194 */
195int autr_process_prime(struct module_env* env, struct val_env* ve,
196 struct trust_anchor* tp, struct ub_packed_rrset_key* dnskey_rrset);
197
198/**
199 * Debug printout of rfc5011 tracked anchors
200 * @param anchors: all the anchors.
201 */
202void autr_debug_print(struct val_anchors* anchors);
203
204/** callback for query answer to 5011 probe */
|
202void probe_answer_cb(void* arg, int rcode, ldns_buffer* buf,
| 205void probe_answer_cb(void* arg, int rcode, struct sldns_buffer* buf,
|
203 enum sec_status sec, char* errinf);
204
205#endif /* VALIDATOR_AUTOTRUST_H */
| 206 enum sec_status sec, char* errinf);
207
208#endif /* VALIDATOR_AUTOTRUST_H */
|