Annotation of embedaddon/strongswan/src/libstrongswan/resolver/resolver_response.h, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2012 Reto Guadagnini
! 3: * HSR Hochschule fuer Technik Rapperswil
! 4: *
! 5: * This program is free software; you can redistribute it and/or modify it
! 6: * under the terms of the GNU General Public License as published by the
! 7: * Free Software Foundation; either version 2 of the License, or (at your
! 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 9: *
! 10: * This program is distributed in the hope that it will be useful, but
! 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 13: * for more details.
! 14: */
! 15:
! 16: /**
! 17: * @defgroup rsolver_response resolver_response
! 18: * @{ @ingroup resolver
! 19: */
! 20:
! 21: #ifndef RESOLVER_RESPONSE_H_
! 22: #define RESOLVER_RESPONSE_H_
! 23:
! 24: typedef struct resolver_response_t resolver_response_t;
! 25: typedef enum dnssec_status_t dnssec_status_t;
! 26:
! 27: #include <library.h>
! 28: #include <resolver/rr_set.h>
! 29:
! 30: /**
! 31: * DNSSEC security state.
! 32: *
! 33: * DNSSEC security state, which a security aware resolver is able determine
! 34: * according to RFC 4033.
! 35: */
! 36: enum dnssec_status_t {
! 37: /**
! 38: * The validating resolver has a trust anchor, has a chain of
! 39: * trust, and is able to verify all the signatures in the response.
! 40: * [RFC4033]
! 41: */
! 42: SECURE,
! 43: /**
! 44: * The validating resolver has a trust anchor, a chain of
! 45: * trust, and, at some delegation point, signed proof of the
! 46: * non-existence of a DS record. This indicates that subsequent
! 47: * branches in the tree are provably insecure. A validating resolver
! 48: * may have a local policy to mark parts of the domain space as
! 49: * insecure. [RFC4033]
! 50: */
! 51: INSECURE,
! 52: /**
! 53: * The validating resolver has a trust anchor and a secure
! 54: * delegation indicating that subsidiary data is signed, but the
! 55: * response fails to validate for some reason: missing signatures,
! 56: * expired signatures, signatures with unsupported algorithms, data
! 57: * missing that the relevant NSEC RR says should be present, and so
! 58: * forth. [RFC4033]
! 59: */
! 60: BOGUS,
! 61: /**
! 62: * There is no trust anchor that would indicate that a
! 63: * specific portion of the tree is secure. This is the default
! 64: * operation mode. [RFC4033]
! 65: */
! 66: INDETERMINATE,
! 67: };
! 68:
! 69:
! 70: /**
! 71: * A response of the DNS resolver to a DNS query.
! 72: *
! 73: * A response represents the answer of the Domain Name System to a query.
! 74: * It contains the RRset with the queried Resource Records and additional
! 75: * information.
! 76: */
! 77: struct resolver_response_t {
! 78:
! 79: /**
! 80: * Get the original question string.
! 81: *
! 82: * The string to which the returned pointer points, is still owned
! 83: * by the resolver_response. Clone it if necessary.
! 84: *
! 85: * @return the queried name
! 86: */
! 87: char *(*get_query_name)(resolver_response_t *this);
! 88:
! 89: /**
! 90: * Get the canonical name of the result.
! 91: *
! 92: * The string to which the returned pointer points, is still owned
! 93: * by the resolver_response. Clone it if necessary.
! 94: *
! 95: * @return - canonical name of result
! 96: * - NULL, if result has no canonical name
! 97: */
! 98: char *(*get_canon_name)(resolver_response_t *this);
! 99:
! 100: /**
! 101: * Does the RRset of this response contain some Resource Records?
! 102: *
! 103: * Returns TRUE if the RRset of this response contains some RRs
! 104: * (RRSIG Resource Records are ignored).
! 105: *
! 106: * @return
! 107: * - TRUE, if there are some RRs in the RRset
! 108: * - FALSE, otherwise
! 109: */
! 110: bool (*has_data)(resolver_response_t *this);
! 111:
! 112: /**
! 113: * Does the queried name exist?
! 114: *
! 115: * @return
! 116: * - TRUE, if the queried name exists
! 117: * - FALSE, otherwise
! 118: */
! 119: bool (*query_name_exist)(resolver_response_t *this);
! 120:
! 121: /**
! 122: * Get the DNSSEC security state of the response.
! 123: *
! 124: * @return DNSSEC security state
! 125: */
! 126: dnssec_status_t (*get_security_state)(resolver_response_t *this);
! 127:
! 128: /**
! 129: * Get the RRset with all Resource Records of this response.
! 130: *
! 131: * @return - RRset
! 132: * - NULL if there is no data or the query name
! 133: * does not exist
! 134: */
! 135: rr_set_t *(*get_rr_set)(resolver_response_t *this);
! 136:
! 137: /**
! 138: * Destroy this response.
! 139: */
! 140: void (*destroy) (resolver_response_t *this);
! 141: };
! 142:
! 143: #endif /** RR_SET_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>