1b7579f77SDag-Erling Smørgrav /* 2b7579f77SDag-Erling Smørgrav * validator/autotrust.h - RFC5011 trust anchor management for unbound. 3b7579f77SDag-Erling Smørgrav * 4b7579f77SDag-Erling Smørgrav * Copyright (c) 2009, NLnet Labs. All rights reserved. 5b7579f77SDag-Erling Smørgrav * 6b7579f77SDag-Erling Smørgrav * This software is open source. 7b7579f77SDag-Erling Smørgrav * 8b7579f77SDag-Erling Smørgrav * Redistribution and use in source and binary forms, with or without 9b7579f77SDag-Erling Smørgrav * modification, are permitted provided that the following conditions 10b7579f77SDag-Erling Smørgrav * are met: 11b7579f77SDag-Erling Smørgrav * 12b7579f77SDag-Erling Smørgrav * Redistributions of source code must retain the above copyright notice, 13b7579f77SDag-Erling Smørgrav * this list of conditions and the following disclaimer. 14b7579f77SDag-Erling Smørgrav * 15b7579f77SDag-Erling Smørgrav * Redistributions in binary form must reproduce the above copyright notice, 16b7579f77SDag-Erling Smørgrav * this list of conditions and the following disclaimer in the documentation 17b7579f77SDag-Erling Smørgrav * and/or other materials provided with the distribution. 18b7579f77SDag-Erling Smørgrav * 19b7579f77SDag-Erling Smørgrav * Neither the name of the NLNET LABS nor the names of its contributors may 20b7579f77SDag-Erling Smørgrav * be used to endorse or promote products derived from this software without 21b7579f77SDag-Erling Smørgrav * specific prior written permission. 22b7579f77SDag-Erling Smørgrav * 23b7579f77SDag-Erling Smørgrav * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 24*17d15b25SDag-Erling Smørgrav * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 25*17d15b25SDag-Erling Smørgrav * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 26*17d15b25SDag-Erling Smørgrav * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 27*17d15b25SDag-Erling Smørgrav * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 28*17d15b25SDag-Erling Smørgrav * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 29*17d15b25SDag-Erling Smørgrav * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 30*17d15b25SDag-Erling Smørgrav * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 31*17d15b25SDag-Erling Smørgrav * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 32*17d15b25SDag-Erling Smørgrav * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33*17d15b25SDag-Erling Smørgrav * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34b7579f77SDag-Erling Smørgrav */ 35b7579f77SDag-Erling Smørgrav 36b7579f77SDag-Erling Smørgrav /** 37b7579f77SDag-Erling Smørgrav * \file 38b7579f77SDag-Erling Smørgrav * 39b7579f77SDag-Erling Smørgrav * Contains autotrust definitions. 40b7579f77SDag-Erling Smørgrav */ 41b7579f77SDag-Erling Smørgrav 42b7579f77SDag-Erling Smørgrav #ifndef VALIDATOR_AUTOTRUST_H 43b7579f77SDag-Erling Smørgrav #define VALIDATOR_AUTOTRUST_H 44b7579f77SDag-Erling Smørgrav #include "util/rbtree.h" 45b7579f77SDag-Erling Smørgrav #include "util/data/packed_rrset.h" 46b7579f77SDag-Erling Smørgrav struct val_anchors; 47b7579f77SDag-Erling Smørgrav struct trust_anchor; 48b7579f77SDag-Erling Smørgrav struct ub_packed_rrset_key; 49b7579f77SDag-Erling Smørgrav struct module_env; 50b7579f77SDag-Erling Smørgrav struct val_env; 51*17d15b25SDag-Erling Smørgrav struct sldns_buffer; 52b7579f77SDag-Erling Smørgrav 53b7579f77SDag-Erling Smørgrav /** Autotrust anchor states */ 54b7579f77SDag-Erling Smørgrav typedef enum { 55b7579f77SDag-Erling Smørgrav AUTR_STATE_START = 0, 56b7579f77SDag-Erling Smørgrav AUTR_STATE_ADDPEND = 1, 57b7579f77SDag-Erling Smørgrav AUTR_STATE_VALID = 2, 58b7579f77SDag-Erling Smørgrav AUTR_STATE_MISSING = 3, 59b7579f77SDag-Erling Smørgrav AUTR_STATE_REVOKED = 4, 60b7579f77SDag-Erling Smørgrav AUTR_STATE_REMOVED = 5 61b7579f77SDag-Erling Smørgrav } autr_state_t; 62b7579f77SDag-Erling Smørgrav 63b7579f77SDag-Erling Smørgrav /** 64b7579f77SDag-Erling Smørgrav * Autotrust metadata for one trust anchor key. 65b7579f77SDag-Erling Smørgrav */ 66b7579f77SDag-Erling Smørgrav struct autr_ta { 67b7579f77SDag-Erling Smørgrav /** next key */ 68b7579f77SDag-Erling Smørgrav struct autr_ta* next; 69b7579f77SDag-Erling Smørgrav /** the RR */ 70*17d15b25SDag-Erling Smørgrav uint8_t* rr; 71*17d15b25SDag-Erling Smørgrav /** length of rr */ 72*17d15b25SDag-Erling Smørgrav size_t rr_len, dname_len; 73b7579f77SDag-Erling Smørgrav /** last update of key state (new pending count keeps date the same) */ 74b7579f77SDag-Erling Smørgrav time_t last_change; 75b7579f77SDag-Erling Smørgrav /** 5011 state */ 76b7579f77SDag-Erling Smørgrav autr_state_t s; 77b7579f77SDag-Erling Smørgrav /** pending count */ 78b7579f77SDag-Erling Smørgrav uint8_t pending_count; 79b7579f77SDag-Erling Smørgrav /** fresh TA was seen */ 80b7579f77SDag-Erling Smørgrav uint8_t fetched; 81b7579f77SDag-Erling Smørgrav /** revoked TA was seen */ 82b7579f77SDag-Erling Smørgrav uint8_t revoked; 83b7579f77SDag-Erling Smørgrav }; 84b7579f77SDag-Erling Smørgrav 85b7579f77SDag-Erling Smørgrav /** 86b7579f77SDag-Erling Smørgrav * Autotrust metadata for a trust point. 87b7579f77SDag-Erling Smørgrav * This is part of the struct trust_anchor data. 88b7579f77SDag-Erling Smørgrav */ 89b7579f77SDag-Erling Smørgrav struct autr_point_data { 90b7579f77SDag-Erling Smørgrav /** file to store the trust point in. chrootdir already applied. */ 91b7579f77SDag-Erling Smørgrav char* file; 92b7579f77SDag-Erling Smørgrav /** rbtree node for probe sort, key is struct trust_anchor */ 93b7579f77SDag-Erling Smørgrav rbnode_t pnode; 94b7579f77SDag-Erling Smørgrav 95b7579f77SDag-Erling Smørgrav /** the keys */ 96b7579f77SDag-Erling Smørgrav struct autr_ta* keys; 97b7579f77SDag-Erling Smørgrav 98b7579f77SDag-Erling Smørgrav /** last queried DNSKEY set 99b7579f77SDag-Erling Smørgrav * Not all failures are captured in this entry. 100b7579f77SDag-Erling Smørgrav * If the validator did not even start (e.g. timeout or localservfail), 101b7579f77SDag-Erling Smørgrav * then the last_queried and query_failed values are not updated. 102b7579f77SDag-Erling Smørgrav */ 103b7579f77SDag-Erling Smørgrav time_t last_queried; 104b7579f77SDag-Erling Smørgrav /** last successful DNSKEY set */ 105b7579f77SDag-Erling Smørgrav time_t last_success; 106b7579f77SDag-Erling Smørgrav /** next probe time */ 107b7579f77SDag-Erling Smørgrav time_t next_probe_time; 108b7579f77SDag-Erling Smørgrav 109b7579f77SDag-Erling Smørgrav /** when to query if !failed */ 110*17d15b25SDag-Erling Smørgrav time_t query_interval; 111b7579f77SDag-Erling Smørgrav /** when to retry if failed */ 112*17d15b25SDag-Erling Smørgrav time_t retry_time; 113b7579f77SDag-Erling Smørgrav 114b7579f77SDag-Erling Smørgrav /** 115b7579f77SDag-Erling Smørgrav * How many times did it fail. diagnostic only (has no effect). 116b7579f77SDag-Erling Smørgrav * Only updated if there was a dnskey rrset that failed to verify. 117b7579f77SDag-Erling Smørgrav */ 118b7579f77SDag-Erling Smørgrav uint8_t query_failed; 119b7579f77SDag-Erling Smørgrav /** true if the trust point has been revoked */ 120b7579f77SDag-Erling Smørgrav uint8_t revoked; 121b7579f77SDag-Erling Smørgrav }; 122b7579f77SDag-Erling Smørgrav 123b7579f77SDag-Erling Smørgrav /** 124b7579f77SDag-Erling Smørgrav * Autotrust global metadata. 125b7579f77SDag-Erling Smørgrav */ 126b7579f77SDag-Erling Smørgrav struct autr_global_data { 127b7579f77SDag-Erling Smørgrav /** rbtree of autotrust anchors sorted by next probe time. 128b7579f77SDag-Erling Smørgrav * When time is equal, sorted by anchor class, name. */ 129b7579f77SDag-Erling Smørgrav rbtree_t probe; 130b7579f77SDag-Erling Smørgrav }; 131b7579f77SDag-Erling Smørgrav 132b7579f77SDag-Erling Smørgrav /** 133b7579f77SDag-Erling Smørgrav * Create new global 5011 data structure. 134b7579f77SDag-Erling Smørgrav * @return new structure or NULL on malloc failure. 135b7579f77SDag-Erling Smørgrav */ 136b7579f77SDag-Erling Smørgrav struct autr_global_data* autr_global_create(void); 137b7579f77SDag-Erling Smørgrav 138b7579f77SDag-Erling Smørgrav /** 139b7579f77SDag-Erling Smørgrav * Delete global 5011 data structure. 140b7579f77SDag-Erling Smørgrav * @param global: global autotrust state to delete. 141b7579f77SDag-Erling Smørgrav */ 142b7579f77SDag-Erling Smørgrav void autr_global_delete(struct autr_global_data* global); 143b7579f77SDag-Erling Smørgrav 144b7579f77SDag-Erling Smørgrav /** 145b7579f77SDag-Erling Smørgrav * See if autotrust anchors are configured and how many. 146b7579f77SDag-Erling Smørgrav * @param anchors: the trust anchors structure. 147b7579f77SDag-Erling Smørgrav * @return number of autotrust trust anchors 148b7579f77SDag-Erling Smørgrav */ 149b7579f77SDag-Erling Smørgrav size_t autr_get_num_anchors(struct val_anchors* anchors); 150b7579f77SDag-Erling Smørgrav 151b7579f77SDag-Erling Smørgrav /** 152b7579f77SDag-Erling Smørgrav * Process probe timer. Add new probes if needed. 153b7579f77SDag-Erling Smørgrav * @param env: module environment with time, with anchors and with the mesh. 154b7579f77SDag-Erling Smørgrav * @return time of next probe (in seconds from now). 155b7579f77SDag-Erling Smørgrav * If 0, then there is no next probe anymore (trust points deleted). 156b7579f77SDag-Erling Smørgrav */ 157*17d15b25SDag-Erling Smørgrav time_t autr_probe_timer(struct module_env* env); 158b7579f77SDag-Erling Smørgrav 159b7579f77SDag-Erling Smørgrav /** probe tree compare function */ 160b7579f77SDag-Erling Smørgrav int probetree_cmp(const void* x, const void* y); 161b7579f77SDag-Erling Smørgrav 162b7579f77SDag-Erling Smørgrav /** 163b7579f77SDag-Erling Smørgrav * Read autotrust file. 164b7579f77SDag-Erling Smørgrav * @param anchors: the anchors structure. 165b7579f77SDag-Erling Smørgrav * @param nm: name of the file (copied). 166b7579f77SDag-Erling Smørgrav * @return false on failure. 167b7579f77SDag-Erling Smørgrav */ 168b7579f77SDag-Erling Smørgrav int autr_read_file(struct val_anchors* anchors, const char* nm); 169b7579f77SDag-Erling Smørgrav 170b7579f77SDag-Erling Smørgrav /** 171b7579f77SDag-Erling Smørgrav * Write autotrust file. 172b7579f77SDag-Erling Smørgrav * @param env: environment with scratch space. 173b7579f77SDag-Erling Smørgrav * @param tp: trust point to write. 174b7579f77SDag-Erling Smørgrav */ 175b7579f77SDag-Erling Smørgrav void autr_write_file(struct module_env* env, struct trust_anchor* tp); 176b7579f77SDag-Erling Smørgrav 177b7579f77SDag-Erling Smørgrav /** 178b7579f77SDag-Erling Smørgrav * Delete autr anchor, deletes the autr data but does not do 179b7579f77SDag-Erling Smørgrav * unlinking from trees, caller does that. 180b7579f77SDag-Erling Smørgrav * @param tp: trust point to delete. 181b7579f77SDag-Erling Smørgrav */ 182b7579f77SDag-Erling Smørgrav void autr_point_delete(struct trust_anchor* tp); 183b7579f77SDag-Erling Smørgrav 184b7579f77SDag-Erling Smørgrav /** 185b7579f77SDag-Erling Smørgrav * Perform autotrust processing. 186b7579f77SDag-Erling Smørgrav * @param env: qstate environment with the anchors structure. 187b7579f77SDag-Erling Smørgrav * @param ve: validator environment for verification of rrsigs. 188b7579f77SDag-Erling Smørgrav * @param tp: trust anchor to process. 189b7579f77SDag-Erling Smørgrav * @param dnskey_rrset: DNSKEY rrset probed (can be NULL if bad prime result). 190b7579f77SDag-Erling Smørgrav * allocated in a region. Has not been validated yet. 191b7579f77SDag-Erling Smørgrav * @return false if trust anchor was revoked completely. 192b7579f77SDag-Erling Smørgrav * Otherwise logs errors to log, does not change return value. 193b7579f77SDag-Erling Smørgrav * On errors, likely the trust point has been unchanged. 194b7579f77SDag-Erling Smørgrav */ 195b7579f77SDag-Erling Smørgrav int autr_process_prime(struct module_env* env, struct val_env* ve, 196b7579f77SDag-Erling Smørgrav struct trust_anchor* tp, struct ub_packed_rrset_key* dnskey_rrset); 197b7579f77SDag-Erling Smørgrav 198b7579f77SDag-Erling Smørgrav /** 199b7579f77SDag-Erling Smørgrav * Debug printout of rfc5011 tracked anchors 200b7579f77SDag-Erling Smørgrav * @param anchors: all the anchors. 201b7579f77SDag-Erling Smørgrav */ 202b7579f77SDag-Erling Smørgrav void autr_debug_print(struct val_anchors* anchors); 203b7579f77SDag-Erling Smørgrav 204b7579f77SDag-Erling Smørgrav /** callback for query answer to 5011 probe */ 205*17d15b25SDag-Erling Smørgrav void probe_answer_cb(void* arg, int rcode, struct sldns_buffer* buf, 206b7579f77SDag-Erling Smørgrav enum sec_status sec, char* errinf); 207b7579f77SDag-Erling Smørgrav 208b7579f77SDag-Erling Smørgrav #endif /* VALIDATOR_AUTOTRUST_H */ 209