1 /*
2  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
3  * Use is subject to license terms.
4  */
5 
6 /*
7  * lib/krb5/os/dnsglue.h
8  *
9  * Copyright 2004 by the Massachusetts Institute of Technology.
10  * All Rights Reserved.
11  *
12  * Export of this software from the United States of America may
13  *   require a specific license from the United States Government.
14  *   It is the responsibility of any person or organization contemplating
15  *   export to obtain such a license before exporting.
16  *
17  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
18  * distribute this software and its documentation for any purpose and
19  * without fee is hereby granted, provided that the above copyright
20  * notice appear in all copies and that both that copyright notice and
21  * this permission notice appear in supporting documentation, and that
22  * the name of M.I.T. not be used in advertising or publicity pertaining
23  * to distribution of the software without specific, written prior
24  * permission.  Furthermore if you modify this software you must label
25  * your software as modified software and not distribute it in such a
26  * fashion that it might be confused with the original M.I.T. software.
27  * M.I.T. makes no representations about the suitability of
28  * this software for any purpose.  It is provided "as is" without express
29  * or implied warranty.
30  *
31  * Glue layer for DNS resolver, to make parsing of replies easier
32  * whether we are using BIND 4, 8, or 9.
33  */
34 
35 /*
36  * BIND 4 doesn't have the ns_initparse() API, so we need to do some
37  * manual parsing via the HEADER struct.  BIND 8 does have
38  * ns_initparse(), but has enums for the various protocol constants
39  * rather than the BIND 4 macros.  BIND 9 (at least on Mac OS X
40  * Panther) appears to disable res_nsearch() if BIND_8_COMPAT is
41  * defined (which is necessary to obtain the HEADER struct).
42  *
43  * We use ns_initparse() if available at all, and never define
44  * BIND_8_COMPAT.  If there is no ns_initparse(), we do manual parsing
45  * by using the HEADER struct.
46  */
47 
48 #ifndef KRB5_DNSGLUE_H
49 #define KRB5_DNSGLUE_H
50 
51 #include "autoconf.h"
52 #ifdef KRB5_DNS_LOOKUP
53 
54 #include "k5-int.h"
55 #include "os-proto.h"
56 #ifdef WSHELPER
57 #include <wshelper.h>
58 #else /* WSHELPER */
59 #include <netinet/in.h>
60 #include <arpa/inet.h>
61 #include <arpa/nameser.h>
62 #include <resolv.h>
63 #include <netdb.h>
64 #endif /* WSHELPER */
65 
66 #if HAVE_SYS_PARAM_H
67 #include <sys/param.h>		/* for MAXHOSTNAMELEN */
68 #endif
69 
70 #ifndef MAXHOSTNAMELEN
71 #define MAXHOSTNAMELEN 64	/* if we can't find it elswhere */
72 #endif
73 
74 #ifndef MAXDNAME
75 
76 #ifdef NS_MAXDNAME
77 #define MAXDNAME NS_MAXDNAME
78 #else
79 #ifdef MAXLABEL
80 #define MAXDNAME (16 * MAXLABEL)
81 #else
82 #define MAXDNAME (16 * MAXHOSTNAMELEN)
83 #endif
84 #endif
85 
86 #endif
87 
88 #if HAVE_NS_INITPARSE
89 /*
90  * Solaris 7 has ns_rr_cl rather than ns_rr_class.
91  */
92 #if !defined(ns_rr_class) && defined(ns_rr_cl)
93 #define ns_rr_class ns_rr_cl
94 #endif
95 #endif
96 
97 #if HAVE_RES_NSEARCH
98 /*
99  * Some BIND 8 / BIND 9 implementations disable the BIND 4 style
100  * constants.
101  */
102 #ifndef C_IN
103 #define C_IN ns_c_in
104 #endif
105 #ifndef T_SRV
106 #define T_SRV ns_t_srv
107 #endif
108 #ifndef T_TXT
109 #define T_TXT ns_t_txt
110 #endif
111 
112 #else  /* !HAVE_RES_NSEARCH */
113 
114 /*
115  * Some BIND implementations might be old enough to lack these.
116  */
117 #ifndef T_TXT
118 #define T_TXT 15
119 #endif
120 #ifndef T_SRV
121 #define T_SRV 33
122 #endif
123 
124 #endif /* HAVE_RES_NSEARCH */
125 
126 /*
127  * INCR_OK
128  *
129  * Given moving pointer PTR offset from BASE, return true if adding
130  * INCR to PTR doesn't move it PTR than MAX bytes from BASE.
131  */
132 #define INCR_OK(base, max, ptr, incr)				\
133     ((incr) <= (max) - ((const unsigned char *)(ptr)		\
134 			- (const unsigned char *)(base)))
135 
136 /*
137  * SAFE_GETUINT16
138  *
139  * Given PTR offset from BASE, if at least INCR bytes are safe to
140  * read, get network byte order uint16 into S, and increment PTR.  On
141  * failure, goto LABEL.
142  */
143 
144 /* Solaris Kerberos */
145 #define SAFE_GETUINT16(base, max, ptr, incr, s, label)	\
146     do {						\
147 	if (!INCR_OK(base, max, ptr, incr)) goto label;	\
148 	(s) = (unsigned short)(ptr)[0] << 8		\
149 	    | (unsigned short)(ptr)[1];			\
150 	(ptr) += (incr);					\
151     } while (0)
152 
153 struct krb5int_dns_state;
154 
155 int krb5int_dns_init(struct krb5int_dns_state **, char *, int, int);
156 int krb5int_dns_nextans(struct krb5int_dns_state *,
157 			const unsigned char **, int *);
158 int krb5int_dns_expand(struct krb5int_dns_state *,
159 		       const unsigned char *, char *, int);
160 void krb5int_dns_fini(struct krb5int_dns_state *);
161 
162 #endif /* KRB5_DNS_LOOKUP */
163 #endif /* !defined(KRB5_DNSGLUE_H) */
164