1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
samba-mirror/librpc/idl/dns.idl
Gary Lockyer 34acf5a992 dnsserver: Tighten DNS name checking
Add checks for the maximum permitted length, maximum number of labels
and the maximum label length.  These extra checks will be used by the
DNS wild card handling.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12952
2017-08-15 08:07:10 +02:00

271 lines
7.4 KiB
Plaintext

#include "idl_types.h"
/*
IDL structures for DNS operations
DNS is not traditionally encoded using IDL/NDR. This is a bit of an
experiment, and I may well switch us back to a more traditional
encoding if it doesn't work out
*/
import "misc.idl", "dnsp.idl";
[
helper("librpc/ndr/ndr_dns.h"),
helpstring("DNS records"),
version(0.0),
uuid("a047c001-5f22-40b0-9d52-7042c43f711a")
]
interface dns
{
const int DNS_SERVICE_PORT = 53;
const int DNS_MAX_LABELS = 127;
const int DNS_MAX_DOMAIN_LENGTH = 253;
const int DNS_MAX_LABEL_LENGTH = 63;
typedef [public,bitmap16bit] bitmap {
DNS_RCODE = 0x000F,
DNS_FLAG_BROADCAST = 0x0010,
DNS_FLAG_RECURSION_AVAIL = 0x0080,
DNS_FLAG_RECURSION_DESIRED = 0x0100,
DNS_FLAG_TRUNCATION = 0x0200,
DNS_FLAG_AUTHORITATIVE = 0x0400,
DNS_OPCODE = 0x7800,
DNS_FLAG_REPLY = 0x8000
} dns_operation;
/* the opcodes are in the operation field, masked with
DNS_OPCODE */
typedef [public] enum {
DNS_OPCODE_QUERY = (0x0<<11),
DNS_OPCODE_IQUERY = (0x1<<11),
DNS_OPCODE_STATUS = (0x2<<11),
DNS_OPCODE_UPDATE = (0x5<<11),
DNS_OPCODE_RELEASE = (0x6<<11),
DNS_OPCODE_WACK = (0x7<<11),
DNS_OPCODE_REFRESH = (0x8<<11),
DNS_OPCODE_REFRESH2 = (0x9<<11),
DNS_OPCODE_MULTI_HOME_REG = (0xf<<11)
} dns_opcode;
/* rcode values */
typedef [public] enum {
DNS_RCODE_OK = 0x00,
DNS_RCODE_FORMERR = 0x01,
DNS_RCODE_SERVFAIL = 0x02,
DNS_RCODE_NXDOMAIN = 0x03,
DNS_RCODE_NOTIMP = 0x04,
DNS_RCODE_REFUSED = 0x05,
DNS_RCODE_YXDOMAIN = 0x06,
DNS_RCODE_YXRRSET = 0x07,
DNS_RCODE_NXRRSET = 0x08,
DNS_RCODE_NOTAUTH = 0x09,
DNS_RCODE_NOTZONE = 0x0A,
DNS_RCODE_BADSIG = 0x10,
DNS_RCODE_BADKEY = 0x11,
DNS_RCODE_BADTIME = 0x12,
DNS_RCODE_BADMODE = 0x13,
DNS_RCODE_BADNAME = 0x14,
DNS_RCODE_BADALG = 0x15
} dns_rcode;
typedef [public,enum16bit] enum {
DNS_QCLASS_IN = 0x0001,
DNS_QCLASS_NONE = 0x00FE,
DNS_QCLASS_ANY = 0x00FF
} dns_qclass;
/* These vese values could have been merged with NBT_QTYPE values, but
DNS_QTYPE_SRV and NBT_QTYPE_STATUS have the same numeric value. */
typedef [public,enum16bit] enum {
DNS_QTYPE_ZERO = 0x0000,
DNS_QTYPE_A = 0x0001,
DNS_QTYPE_NS = 0x0002,
DNS_QTYPE_MD = 0x0003,
DNS_QTYPE_MF = 0x0004,
DNS_QTYPE_CNAME = 0x0005,
DNS_QTYPE_SOA = 0x0006,
DNS_QTYPE_MB = 0x0007,
DNS_QTYPE_MG = 0x0008,
DNS_QTYPE_MR = 0x0009,
DNS_QTYPE_NULL = 0x000A,
DNS_QTYPE_WKS = 0x000B,
DNS_QTYPE_PTR = 0x000C,
DNS_QTYPE_HINFO = 0x000D,
DNS_QTYPE_MINFO = 0x000E,
DNS_QTYPE_MX = 0x000F,
DNS_QTYPE_TXT = 0x0010,
DNS_QTYPE_RP = 0x0011,
DNS_QTYPE_AFSDB = 0x0012,
DNS_QTYPE_X25 = 0x0013,
DNS_QTYPE_ISDN = 0x0014,
DNS_QTYPE_RT = 0x0015,
DNS_QTYPE_SIG = 0x0018,
DNS_QTYPE_KEY = 0x0019,
DNS_QTYPE_AAAA = 0x001C,
DNS_QTYPE_LOC = 0x001D,
DNS_QTYPE_NXT = 0x001E,
DNS_QTYPE_NETBIOS= 0x0020,
DNS_QTYPE_SRV = 0x0021,
DNS_QTYPE_ATMA = 0x0022,
DNS_QTYPE_NAPTR = 0x0023,
DNS_QTYPE_DNAME = 0x0027,
DNS_QTYPE_OPT = 0x0029,
DNS_QTYPE_DS = 0x002B,
DNS_QTYPE_RRSIG = 0x002E,
DNS_QTYPE_NSEC = 0x002F,
DNS_QTYPE_DNSKEY = 0x0030,
DNS_QTYPE_DHCID = 0x0031,
DNS_QTYPE_TKEY = 0x00F9,
DNS_QTYPE_TSIG = 0x00FA,
DNS_QTYPE_AXFR = 0x00FC,
DNS_QTYPE_MAILB = 0x00FD,
DNS_QTYPE_MAILA = 0x00FE,
DNS_QTYPE_ALL = 0x00FF
} dns_qtype;
typedef [public,enum16bit] enum {
DNS_TKEY_MODE_NULL = 0x0000,
DNS_TKEY_MODE_SERVER = 0x0001,
DNS_TKEY_MODE_DH = 0x0002,
DNS_TKEY_MODE_GSSAPI = 0x0003,
DNS_TKEY_MODE_CLIENT = 0x0004,
DNS_TKEY_MODE_DELETE = 0x0005,
DNS_TKEY_MODE_LAST = 0xFFFF
} dns_tkey_mode;
typedef [public] struct {
dns_string name;
dns_qtype question_type;
dns_qclass question_class;
} dns_name_question;
typedef [public] struct {
uint16 length;
uint8 data[length];
} dns_rdata_data;
typedef struct {
dns_string mname;
dns_string rname;
uint32 serial;
uint32 refresh;
uint32 retry;
uint32 expire;
uint32 minimum;
} dns_soa_record;
typedef [public] struct {
uint16 preference;
dns_string exchange;
} dns_mx_record;
typedef [public,nopull] struct {
dnsp_string_list txt;
} dns_txt_record;
typedef [public] struct {
dns_string mbox;
dns_string txt;
} dns_rp_record;
typedef [public] struct {
uint16 priority;
uint16 weight;
uint16 port;
dns_string target;
} dns_srv_record;
typedef [public] struct {
uint16 option_code;
uint16 option_length;
uint8 option_data[option_length];
} dns_opt_record;
typedef [flag(NDR_NO_COMP),public] struct {
dns_string algorithm;
uint32 inception;
uint32 expiration;
dns_tkey_mode mode;
uint16 error;
uint16 key_size;
uint8 key_data[key_size];
uint16 other_size;
uint8 other_data[other_size];
} dns_tkey_record;
typedef [flag(NDR_NO_COMP),public] struct {
dns_string algorithm_name;
uint16 time_prefix; /* 0 until February 2106*/
uint32 time;
uint16 fudge;
uint16 mac_size;
uint8 mac[mac_size];
uint16 original_id;
uint16 error;
uint16 other_size;
uint8 other_data[other_size];
} dns_tsig_record;
typedef [flag(NDR_NO_COMP|NDR_NOALIGN|NDR_BIG_ENDIAN|NDR_PAHEX),public] struct {
dns_string name;
dns_qclass rr_class;
uint32 ttl;
dns_string algorithm_name;
uint16 time_prefix; /* 0 until February 2106*/
uint32 time;
uint16 fudge;
uint16 error;
uint16 other_size;
uint8 other_data[other_size];
} dns_fake_tsig_rec;
typedef [nodiscriminant,public,flag(NDR_NOALIGN)] union {
[case(DNS_QTYPE_A)] ipv4address ipv4_record;
[case(DNS_QTYPE_NS)] dns_string ns_record;
[case(DNS_QTYPE_CNAME)] dns_string cname_record;
[case(DNS_QTYPE_SOA)] dns_soa_record soa_record;
[case(DNS_QTYPE_PTR)] dns_string ptr_record;
[case(DNS_QTYPE_HINFO)] dnsp_hinfo hinfo_record;
[case(DNS_QTYPE_MX)] dns_mx_record mx_record;
[case(DNS_QTYPE_TXT)] dns_txt_record txt_record;
[case(DNS_QTYPE_RP)] dns_rp_record rp_record;
[case(DNS_QTYPE_AAAA)] ipv6address ipv6_record;
[case(DNS_QTYPE_SRV)] dns_srv_record srv_record;
[case(DNS_QTYPE_OPT)] dns_opt_record opt_record;
[case(DNS_QTYPE_TSIG)] dns_tsig_record tsig_record;
[case(DNS_QTYPE_TKEY)] dns_tkey_record tkey_record;
[default];
} dns_rdata;
typedef [flag(LIBNDR_PRINT_ARRAY_HEX|NDR_NOALIGN),nopush,nopull] struct {
dns_string name;
dns_qtype rr_type;
dns_qclass rr_class;
uint32 ttl;
uint16 length; /* Should be set to either UINT16_MAX or 0 */
[switch_is(rr_type)] dns_rdata rdata;
DATA_BLOB unexpected;
} dns_res_rec;
typedef [flag(NDR_NOALIGN|NDR_BIG_ENDIAN|NDR_PAHEX),public] struct {
uint16 id;
dns_operation operation;
uint16 qdcount;
uint16 ancount;
uint16 nscount;
uint16 arcount;
dns_name_question questions[qdcount];
dns_res_rec answers[ancount];
dns_res_rec nsrecs[nscount];
dns_res_rec additional[arcount];
} dns_name_packet;
/*
this is a convenience hook for ndrdump
*/
[nopython] void decode_dns_name_packet(
[in] dns_name_packet packet
);
}