/contrib/bind9/lib/dns/include/dns/message.h

https://bitbucket.org/freebsd/freebsd-head/ · C Header · 1355 lines · 248 code · 96 blank · 1011 comment · 0 complexity · 1d2e4254d52bc1f222a3d04f6632d130 MD5 · raw file

  1. /*
  2. * Copyright (C) 2004-2010, 2012 Internet Systems Consortium, Inc. ("ISC")
  3. * Copyright (C) 1999-2003 Internet Software Consortium.
  4. *
  5. * Permission to use, copy, modify, and/or distribute this software for any
  6. * purpose with or without fee is hereby granted, provided that the above
  7. * copyright notice and this permission notice appear in all copies.
  8. *
  9. * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
  10. * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
  11. * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
  12. * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
  13. * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
  14. * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  15. * PERFORMANCE OF THIS SOFTWARE.
  16. */
  17. /* $Id$ */
  18. #ifndef DNS_MESSAGE_H
  19. #define DNS_MESSAGE_H 1
  20. /***
  21. *** Imports
  22. ***/
  23. #include <isc/lang.h>
  24. #include <isc/magic.h>
  25. #include <dns/compress.h>
  26. #include <dns/masterdump.h>
  27. #include <dns/types.h>
  28. #include <dst/dst.h>
  29. /*! \file dns/message.h
  30. * \brief Message Handling Module
  31. *
  32. * How this beast works:
  33. *
  34. * When a dns message is received in a buffer, dns_message_fromwire() is called
  35. * on the memory region. Various items are checked including the format
  36. * of the message (if counts are right, if counts consume the entire sections,
  37. * and if sections consume the entire message) and known pseudo-RRs in the
  38. * additional data section are analyzed and removed.
  39. *
  40. * TSIG checking is also done at this layer, and any DNSSEC transaction
  41. * signatures should also be checked here.
  42. *
  43. * Notes on using the gettemp*() and puttemp*() functions:
  44. *
  45. * These functions return items (names, rdatasets, etc) allocated from some
  46. * internal state of the dns_message_t.
  47. *
  48. * Names and rdatasets must be put back into the dns_message_t in
  49. * one of two ways. Assume a name was allocated via
  50. * dns_message_gettempname():
  51. *
  52. *\li (1) insert it into a section, using dns_message_addname().
  53. *
  54. *\li (2) return it to the message using dns_message_puttempname().
  55. *
  56. * The same applies to rdatasets.
  57. *
  58. * On the other hand, offsets, rdatalists and rdatas allocated using
  59. * dns_message_gettemp*() will always be freed automatically
  60. * when the message is reset or destroyed; calling dns_message_puttemp*()
  61. * on rdatalists and rdatas is optional and serves only to enable the item
  62. * to be reused multiple times during the lifetime of the message; offsets
  63. * cannot be reused.
  64. *
  65. * Buffers allocated using isc_buffer_allocate() can be automatically freed
  66. * as well by giving the buffer to the message using dns_message_takebuffer().
  67. * Doing this will cause the buffer to be freed using isc_buffer_free()
  68. * when the section lists are cleared, such as in a reset or in a destroy.
  69. * Since the buffer itself exists until the message is destroyed, this sort
  70. * of code can be written:
  71. *
  72. * \code
  73. * buffer = isc_buffer_allocate(mctx, 512);
  74. * name = NULL;
  75. * name = dns_message_gettempname(message, &name);
  76. * dns_name_init(name, NULL);
  77. * result = dns_name_fromtext(name, &source, dns_rootname, 0, buffer);
  78. * dns_message_takebuffer(message, &buffer);
  79. * \endcode
  80. *
  81. *
  82. * TODO:
  83. *
  84. * XXX Needed: ways to set and retrieve EDNS information, add rdata to a
  85. * section, move rdata from one section to another, remove rdata, etc.
  86. */
  87. #define DNS_MESSAGEFLAG_QR 0x8000U
  88. #define DNS_MESSAGEFLAG_AA 0x0400U
  89. #define DNS_MESSAGEFLAG_TC 0x0200U
  90. #define DNS_MESSAGEFLAG_RD 0x0100U
  91. #define DNS_MESSAGEFLAG_RA 0x0080U
  92. #define DNS_MESSAGEFLAG_AD 0x0020U
  93. #define DNS_MESSAGEFLAG_CD 0x0010U
  94. /*%< EDNS0 extended message flags */
  95. #define DNS_MESSAGEEXTFLAG_DO 0x8000U
  96. /*%< EDNS0 extended OPT codes */
  97. #define DNS_OPT_NSID 0x0003 /*%< NSID opt code */
  98. #define DNS_MESSAGE_REPLYPRESERVE (DNS_MESSAGEFLAG_RD|DNS_MESSAGEFLAG_CD)
  99. #define DNS_MESSAGEEXTFLAG_REPLYPRESERVE (DNS_MESSAGEEXTFLAG_DO)
  100. #define DNS_MESSAGE_HEADERLEN 12 /*%< 6 isc_uint16_t's */
  101. #define DNS_MESSAGE_MAGIC ISC_MAGIC('M','S','G','@')
  102. #define DNS_MESSAGE_VALID(msg) ISC_MAGIC_VALID(msg, DNS_MESSAGE_MAGIC)
  103. /*
  104. * Ordering here matters. DNS_SECTION_ANY must be the lowest and negative,
  105. * and DNS_SECTION_MAX must be one greater than the last used section.
  106. */
  107. typedef int dns_section_t;
  108. #define DNS_SECTION_ANY (-1)
  109. #define DNS_SECTION_QUESTION 0
  110. #define DNS_SECTION_ANSWER 1
  111. #define DNS_SECTION_AUTHORITY 2
  112. #define DNS_SECTION_ADDITIONAL 3
  113. #define DNS_SECTION_MAX 4
  114. typedef int dns_pseudosection_t;
  115. #define DNS_PSEUDOSECTION_ANY (-1)
  116. #define DNS_PSEUDOSECTION_OPT 0
  117. #define DNS_PSEUDOSECTION_TSIG 1
  118. #define DNS_PSEUDOSECTION_SIG0 2
  119. #define DNS_PSEUDOSECTION_MAX 3
  120. typedef int dns_messagetextflag_t;
  121. #define DNS_MESSAGETEXTFLAG_NOCOMMENTS 0x0001
  122. #define DNS_MESSAGETEXTFLAG_NOHEADERS 0x0002
  123. #define DNS_MESSAGETEXTFLAG_ONESOA 0x0004
  124. #define DNS_MESSAGETEXTFLAG_OMITSOA 0x0008
  125. /*
  126. * Dynamic update names for these sections.
  127. */
  128. #define DNS_SECTION_ZONE DNS_SECTION_QUESTION
  129. #define DNS_SECTION_PREREQUISITE DNS_SECTION_ANSWER
  130. #define DNS_SECTION_UPDATE DNS_SECTION_AUTHORITY
  131. /*
  132. * These tell the message library how the created dns_message_t will be used.
  133. */
  134. #define DNS_MESSAGE_INTENTUNKNOWN 0 /*%< internal use only */
  135. #define DNS_MESSAGE_INTENTPARSE 1 /*%< parsing messages */
  136. #define DNS_MESSAGE_INTENTRENDER 2 /*%< rendering */
  137. /*
  138. * Control behavior of parsing
  139. */
  140. #define DNS_MESSAGEPARSE_PRESERVEORDER 0x0001 /*%< preserve rdata order */
  141. #define DNS_MESSAGEPARSE_BESTEFFORT 0x0002 /*%< return a message if a
  142. recoverable parse error
  143. occurs */
  144. #define DNS_MESSAGEPARSE_CLONEBUFFER 0x0004 /*%< save a copy of the
  145. source buffer */
  146. #define DNS_MESSAGEPARSE_IGNORETRUNCATION 0x0008 /*%< truncation errors are
  147. * not fatal. */
  148. /*
  149. * Control behavior of rendering
  150. */
  151. #define DNS_MESSAGERENDER_ORDERED 0x0001 /*%< don't change order */
  152. #define DNS_MESSAGERENDER_PARTIAL 0x0002 /*%< allow a partial rdataset */
  153. #define DNS_MESSAGERENDER_OMITDNSSEC 0x0004 /*%< omit DNSSEC records */
  154. #define DNS_MESSAGERENDER_PREFER_A 0x0008 /*%< prefer A records in
  155. additional section. */
  156. #define DNS_MESSAGERENDER_PREFER_AAAA 0x0010 /*%< prefer AAAA records in
  157. additional section. */
  158. #ifdef ALLOW_FILTER_AAAA_ON_V4
  159. #define DNS_MESSAGERENDER_FILTER_AAAA 0x0020 /*%< filter AAAA records */
  160. #endif
  161. typedef struct dns_msgblock dns_msgblock_t;
  162. struct dns_message {
  163. /* public from here down */
  164. unsigned int magic;
  165. dns_messageid_t id;
  166. unsigned int flags;
  167. dns_rcode_t rcode;
  168. unsigned int opcode;
  169. dns_rdataclass_t rdclass;
  170. /* 4 real, 1 pseudo */
  171. unsigned int counts[DNS_SECTION_MAX];
  172. /* private from here down */
  173. dns_namelist_t sections[DNS_SECTION_MAX];
  174. dns_name_t *cursors[DNS_SECTION_MAX];
  175. dns_rdataset_t *opt;
  176. dns_rdataset_t *sig0;
  177. dns_rdataset_t *tsig;
  178. int state;
  179. unsigned int from_to_wire : 2;
  180. unsigned int header_ok : 1;
  181. unsigned int question_ok : 1;
  182. unsigned int tcp_continuation : 1;
  183. unsigned int verified_sig : 1;
  184. unsigned int verify_attempted : 1;
  185. unsigned int free_query : 1;
  186. unsigned int free_saved : 1;
  187. unsigned int opt_reserved;
  188. unsigned int sig_reserved;
  189. unsigned int reserved; /* reserved space (render) */
  190. isc_buffer_t *buffer;
  191. dns_compress_t *cctx;
  192. isc_mem_t *mctx;
  193. isc_mempool_t *namepool;
  194. isc_mempool_t *rdspool;
  195. isc_bufferlist_t scratchpad;
  196. isc_bufferlist_t cleanup;
  197. ISC_LIST(dns_msgblock_t) rdatas;
  198. ISC_LIST(dns_msgblock_t) rdatalists;
  199. ISC_LIST(dns_msgblock_t) offsets;
  200. ISC_LIST(dns_rdata_t) freerdata;
  201. ISC_LIST(dns_rdatalist_t) freerdatalist;
  202. dns_rcode_t tsigstatus;
  203. dns_rcode_t querytsigstatus;
  204. dns_name_t *tsigname; /* Owner name of TSIG, if any */
  205. dns_rdataset_t *querytsig;
  206. dns_tsigkey_t *tsigkey;
  207. dst_context_t *tsigctx;
  208. int sigstart;
  209. int timeadjust;
  210. dns_name_t *sig0name; /* Owner name of SIG0, if any */
  211. dst_key_t *sig0key;
  212. dns_rcode_t sig0status;
  213. isc_region_t query;
  214. isc_region_t saved;
  215. dns_rdatasetorderfunc_t order;
  216. const void * order_arg;
  217. };
  218. /***
  219. *** Functions
  220. ***/
  221. ISC_LANG_BEGINDECLS
  222. isc_result_t
  223. dns_message_create(isc_mem_t *mctx, unsigned int intent, dns_message_t **msgp);
  224. /*%<
  225. * Create msg structure.
  226. *
  227. * This function will allocate some internal blocks of memory that are
  228. * expected to be needed for parsing or rendering nearly any type of message.
  229. *
  230. * Requires:
  231. *\li 'mctx' be a valid memory context.
  232. *
  233. *\li 'msgp' be non-null and '*msg' be NULL.
  234. *
  235. *\li 'intent' must be one of DNS_MESSAGE_INTENTPARSE or
  236. * #DNS_MESSAGE_INTENTRENDER.
  237. *
  238. * Ensures:
  239. *\li The data in "*msg" is set to indicate an unused and empty msg
  240. * structure.
  241. *
  242. * Returns:
  243. *\li #ISC_R_NOMEMORY -- out of memory
  244. *\li #ISC_R_SUCCESS -- success
  245. */
  246. void
  247. dns_message_reset(dns_message_t *msg, unsigned int intent);
  248. /*%<
  249. * Reset a message structure to default state. All internal lists are freed
  250. * or reset to a default state as well. This is simply a more efficient
  251. * way to call dns_message_destroy() followed by dns_message_allocate(),
  252. * since it avoid many memory allocations.
  253. *
  254. * If any data loanouts (buffers, names, rdatas, etc) were requested,
  255. * the caller must no longer use them after this call.
  256. *
  257. * The intended next use of the message will be 'intent'.
  258. *
  259. * Requires:
  260. *
  261. *\li 'msg' be valid.
  262. *
  263. *\li 'intent' is DNS_MESSAGE_INTENTPARSE or DNS_MESSAGE_INTENTRENDER
  264. */
  265. void
  266. dns_message_destroy(dns_message_t **msgp);
  267. /*%<
  268. * Destroy all state in the message.
  269. *
  270. * Requires:
  271. *
  272. *\li 'msgp' be valid.
  273. *
  274. * Ensures:
  275. *\li '*msgp' == NULL
  276. */
  277. isc_result_t
  278. dns_message_sectiontotext(dns_message_t *msg, dns_section_t section,
  279. const dns_master_style_t *style,
  280. dns_messagetextflag_t flags,
  281. isc_buffer_t *target);
  282. isc_result_t
  283. dns_message_pseudosectiontotext(dns_message_t *msg,
  284. dns_pseudosection_t section,
  285. const dns_master_style_t *style,
  286. dns_messagetextflag_t flags,
  287. isc_buffer_t *target);
  288. /*%<
  289. * Convert section 'section' or 'pseudosection' of message 'msg' to
  290. * a cleartext representation
  291. *
  292. * Notes:
  293. * \li See dns_message_totext for meanings of flags.
  294. *
  295. * Requires:
  296. *
  297. *\li 'msg' is a valid message.
  298. *
  299. *\li 'style' is a valid master dump style.
  300. *
  301. *\li 'target' is a valid buffer.
  302. *
  303. *\li 'section' is a valid section label.
  304. *
  305. * Ensures:
  306. *
  307. *\li If the result is success:
  308. * The used space in 'target' is updated.
  309. *
  310. * Returns:
  311. *
  312. *\li #ISC_R_SUCCESS
  313. *\li #ISC_R_NOSPACE
  314. *\li #ISC_R_NOMORE
  315. *
  316. *\li Note: On error return, *target may be partially filled with data.
  317. */
  318. isc_result_t
  319. dns_message_totext(dns_message_t *msg, const dns_master_style_t *style,
  320. dns_messagetextflag_t flags, isc_buffer_t *target);
  321. /*%<
  322. * Convert all sections of message 'msg' to a cleartext representation
  323. *
  324. * Notes:
  325. * \li In flags, If #DNS_MESSAGETEXTFLAG_OMITDOT is set, then the
  326. * final '.' in absolute names will not be emitted. If
  327. * #DNS_MESSAGETEXTFLAG_NOCOMMENTS is cleared, lines beginning
  328. * with ";;" will be emitted indicating section name. If
  329. * #DNS_MESSAGETEXTFLAG_NOHEADERS is cleared, header lines will
  330. * be emitted.
  331. *
  332. * If #DNS_MESSAGETEXTFLAG_ONESOA is set then only print the
  333. * first SOA record in the answer section. If
  334. * #DNS_MESSAGETEXTFLAG_OMITSOA is set don't print any SOA records
  335. * in the answer section. These are useful for suppressing the
  336. * display of the second SOA record in a AXFR by setting
  337. * #DNS_MESSAGETEXTFLAG_ONESOA on the first message in a AXFR stream
  338. * and #DNS_MESSAGETEXTFLAG_OMITSOA on subsequent messages.
  339. *
  340. * Requires:
  341. *
  342. *\li 'msg' is a valid message.
  343. *
  344. *\li 'style' is a valid master dump style.
  345. *
  346. *\li 'target' is a valid buffer.
  347. *
  348. * Ensures:
  349. *
  350. *\li If the result is success:
  351. * The used space in 'target' is updated.
  352. *
  353. * Returns:
  354. *
  355. *\li #ISC_R_SUCCESS
  356. *\li #ISC_R_NOSPACE
  357. *\li #ISC_R_NOMORE
  358. *
  359. *\li Note: On error return, *target may be partially filled with data.
  360. */
  361. isc_result_t
  362. dns_message_parse(dns_message_t *msg, isc_buffer_t *source,
  363. unsigned int options);
  364. /*%<
  365. * Parse raw wire data in 'source' as a DNS message.
  366. *
  367. * OPT records are detected and stored in the pseudo-section "opt".
  368. * TSIGs are detected and stored in the pseudo-section "tsig".
  369. *
  370. * If #DNS_MESSAGEPARSE_PRESERVEORDER is set, or if the opcode of the message
  371. * is UPDATE, a separate dns_name_t object will be created for each RR in the
  372. * message. Each such dns_name_t will have a single rdataset containing the
  373. * single RR, and the order of the RRs in the message is preserved.
  374. * Otherwise, only one dns_name_t object will be created for each unique
  375. * owner name in the section, and each such dns_name_t will have a list
  376. * of rdatasets. To access the names and their data, use
  377. * dns_message_firstname() and dns_message_nextname().
  378. *
  379. * If #DNS_MESSAGEPARSE_BESTEFFORT is set, errors in message content will
  380. * not be considered FORMERRs. If the entire message can be parsed, it
  381. * will be returned and DNS_R_RECOVERABLE will be returned.
  382. *
  383. * If #DNS_MESSAGEPARSE_IGNORETRUNCATION is set then return as many complete
  384. * RR's as possible, DNS_R_RECOVERABLE will be returned.
  385. *
  386. * OPT and TSIG records are always handled specially, regardless of the
  387. * 'preserve_order' setting.
  388. *
  389. * Requires:
  390. *\li "msg" be valid.
  391. *
  392. *\li "buffer" be a wire format buffer.
  393. *
  394. * Ensures:
  395. *\li The buffer's data format is correct.
  396. *
  397. *\li The buffer's contents verify as correct regarding header bits, buffer
  398. * and rdata sizes, etc.
  399. *
  400. * Returns:
  401. *\li #ISC_R_SUCCESS -- all is well
  402. *\li #ISC_R_NOMEMORY -- no memory
  403. *\li #DNS_R_RECOVERABLE -- the message parsed properly, but contained
  404. * errors.
  405. *\li Many other errors possible XXXMLG
  406. */
  407. isc_result_t
  408. dns_message_renderbegin(dns_message_t *msg, dns_compress_t *cctx,
  409. isc_buffer_t *buffer);
  410. /*%<
  411. * Begin rendering on a message. Only one call can be made to this function
  412. * per message.
  413. *
  414. * The compression context is "owned" by the message library until
  415. * dns_message_renderend() is called. It must be invalidated by the caller.
  416. *
  417. * The buffer is "owned" by the message library until dns_message_renderend()
  418. * is called.
  419. *
  420. * Requires:
  421. *
  422. *\li 'msg' be valid.
  423. *
  424. *\li 'cctx' be valid.
  425. *
  426. *\li 'buffer' is a valid buffer.
  427. *
  428. * Side Effects:
  429. *
  430. *\li The buffer is cleared before it is used.
  431. *
  432. * Returns:
  433. *\li #ISC_R_SUCCESS -- all is well
  434. *\li #ISC_R_NOSPACE -- output buffer is too small
  435. */
  436. isc_result_t
  437. dns_message_renderchangebuffer(dns_message_t *msg, isc_buffer_t *buffer);
  438. /*%<
  439. * Reset the buffer. This can be used after growing the old buffer
  440. * on a ISC_R_NOSPACE return from most of the render functions.
  441. *
  442. * On successful completion, the old buffer is no longer used by the
  443. * library. The new buffer is owned by the library until
  444. * dns_message_renderend() is called.
  445. *
  446. * Requires:
  447. *
  448. *\li 'msg' be valid.
  449. *
  450. *\li dns_message_renderbegin() was called.
  451. *
  452. *\li buffer != NULL.
  453. *
  454. * Returns:
  455. *\li #ISC_R_NOSPACE -- new buffer is too small
  456. *\li #ISC_R_SUCCESS -- all is well.
  457. */
  458. isc_result_t
  459. dns_message_renderreserve(dns_message_t *msg, unsigned int space);
  460. /*%<
  461. * XXXMLG should use size_t rather than unsigned int once the buffer
  462. * API is cleaned up
  463. *
  464. * Reserve "space" bytes in the given buffer.
  465. *
  466. * Requires:
  467. *
  468. *\li 'msg' be valid.
  469. *
  470. *\li dns_message_renderbegin() was called.
  471. *
  472. * Returns:
  473. *\li #ISC_R_SUCCESS -- all is well.
  474. *\li #ISC_R_NOSPACE -- not enough free space in the buffer.
  475. */
  476. void
  477. dns_message_renderrelease(dns_message_t *msg, unsigned int space);
  478. /*%<
  479. * XXXMLG should use size_t rather than unsigned int once the buffer
  480. * API is cleaned up
  481. *
  482. * Release "space" bytes in the given buffer that was previously reserved.
  483. *
  484. * Requires:
  485. *
  486. *\li 'msg' be valid.
  487. *
  488. *\li 'space' is less than or equal to the total amount of space reserved
  489. * via prior calls to dns_message_renderreserve().
  490. *
  491. *\li dns_message_renderbegin() was called.
  492. */
  493. isc_result_t
  494. dns_message_rendersection(dns_message_t *msg, dns_section_t section,
  495. unsigned int options);
  496. /*%<
  497. * Render all names, rdatalists, etc from the given section at the
  498. * specified priority or higher.
  499. *
  500. * Requires:
  501. *\li 'msg' be valid.
  502. *
  503. *\li 'section' be a valid section.
  504. *
  505. *\li dns_message_renderbegin() was called.
  506. *
  507. * Returns:
  508. *\li #ISC_R_SUCCESS -- all records were written, and there are
  509. * no more records for this section.
  510. *\li #ISC_R_NOSPACE -- Not enough room in the buffer to write
  511. * all records requested.
  512. *\li #DNS_R_MOREDATA -- All requested records written, and there
  513. * are records remaining for this section.
  514. */
  515. void
  516. dns_message_renderheader(dns_message_t *msg, isc_buffer_t *target);
  517. /*%<
  518. * Render the message header. This is implicitly called by
  519. * dns_message_renderend().
  520. *
  521. * Requires:
  522. *
  523. *\li 'msg' be a valid message.
  524. *
  525. *\li dns_message_renderbegin() was called.
  526. *
  527. *\li 'target' is a valid buffer with enough space to hold a message header
  528. */
  529. isc_result_t
  530. dns_message_renderend(dns_message_t *msg);
  531. /*%<
  532. * Finish rendering to the buffer. Note that more data can be in the
  533. * 'msg' structure. Destroying the structure will free this, or in a multi-
  534. * part EDNS1 message this data can be rendered to another buffer later.
  535. *
  536. * Requires:
  537. *
  538. *\li 'msg' be a valid message.
  539. *
  540. *\li dns_message_renderbegin() was called.
  541. *
  542. * Returns:
  543. *\li #ISC_R_SUCCESS -- all is well.
  544. */
  545. void
  546. dns_message_renderreset(dns_message_t *msg);
  547. /*%<
  548. * Reset the message so that it may be rendered again.
  549. *
  550. * Notes:
  551. *
  552. *\li If dns_message_renderbegin() has been called, dns_message_renderend()
  553. * must be called before calling this function.
  554. *
  555. * Requires:
  556. *
  557. *\li 'msg' be a valid message with rendering intent.
  558. */
  559. isc_result_t
  560. dns_message_firstname(dns_message_t *msg, dns_section_t section);
  561. /*%<
  562. * Set internal per-section name pointer to the beginning of the section.
  563. *
  564. * The functions dns_message_firstname() and dns_message_nextname() may
  565. * be used for iterating over the owner names in a section.
  566. *
  567. * Requires:
  568. *
  569. *\li 'msg' be valid.
  570. *
  571. *\li 'section' be a valid section.
  572. *
  573. * Returns:
  574. *\li #ISC_R_SUCCESS -- All is well.
  575. *\li #ISC_R_NOMORE -- No names on given section.
  576. */
  577. isc_result_t
  578. dns_message_nextname(dns_message_t *msg, dns_section_t section);
  579. /*%<
  580. * Sets the internal per-section name pointer to point to the next name
  581. * in that section.
  582. *
  583. * Requires:
  584. *
  585. * \li 'msg' be valid.
  586. *
  587. *\li 'section' be a valid section.
  588. *
  589. *\li dns_message_firstname() must have been called on this section,
  590. * and the result was ISC_R_SUCCESS.
  591. *
  592. * Returns:
  593. *\li #ISC_R_SUCCESS -- All is well.
  594. *\li #ISC_R_NOMORE -- No more names in given section.
  595. */
  596. void
  597. dns_message_currentname(dns_message_t *msg, dns_section_t section,
  598. dns_name_t **name);
  599. /*%<
  600. * Sets 'name' to point to the name where the per-section internal name
  601. * pointer is currently set.
  602. *
  603. * This function returns the name in the database, so any data associated
  604. * with it (via the name's "list" member) contains the actual rdatasets.
  605. *
  606. * Requires:
  607. *
  608. *\li 'msg' be valid.
  609. *
  610. *\li 'name' be non-NULL, and *name be NULL.
  611. *
  612. *\li 'section' be a valid section.
  613. *
  614. *\li dns_message_firstname() must have been called on this section,
  615. * and the result of it and any dns_message_nextname() calls was
  616. * #ISC_R_SUCCESS.
  617. */
  618. isc_result_t
  619. dns_message_findname(dns_message_t *msg, dns_section_t section,
  620. dns_name_t *target, dns_rdatatype_t type,
  621. dns_rdatatype_t covers, dns_name_t **foundname,
  622. dns_rdataset_t **rdataset);
  623. /*%<
  624. * Search for a name in the specified section. If it is found, *name is
  625. * set to point to the name, and *rdataset is set to point to the found
  626. * rdataset (if type is specified as other than dns_rdatatype_any).
  627. *
  628. * Requires:
  629. *\li 'msg' be valid.
  630. *
  631. *\li 'section' be a valid section.
  632. *
  633. *\li If a pointer to the name is desired, 'foundname' should be non-NULL.
  634. * If it is non-NULL, '*foundname' MUST be NULL.
  635. *
  636. *\li If a type other than dns_datatype_any is searched for, 'rdataset'
  637. * may be non-NULL, '*rdataset' be NULL, and will point at the found
  638. * rdataset. If the type is dns_datatype_any, 'rdataset' must be NULL.
  639. *
  640. *\li 'target' be a valid name.
  641. *
  642. *\li 'type' be a valid type.
  643. *
  644. *\li If 'type' is dns_rdatatype_rrsig, 'covers' must be a valid type.
  645. * Otherwise it should be 0.
  646. *
  647. * Returns:
  648. *\li #ISC_R_SUCCESS -- all is well.
  649. *\li #DNS_R_NXDOMAIN -- name does not exist in that section.
  650. *\li #DNS_R_NXRRSET -- The name does exist, but the desired
  651. * type does not.
  652. */
  653. isc_result_t
  654. dns_message_findtype(dns_name_t *name, dns_rdatatype_t type,
  655. dns_rdatatype_t covers, dns_rdataset_t **rdataset);
  656. /*%<
  657. * Search the name for the specified type. If it is found, *rdataset is
  658. * filled in with a pointer to that rdataset.
  659. *
  660. * Requires:
  661. *\li if '**rdataset' is non-NULL, *rdataset needs to be NULL.
  662. *
  663. *\li 'type' be a valid type, and NOT dns_rdatatype_any.
  664. *
  665. *\li If 'type' is dns_rdatatype_rrsig, 'covers' must be a valid type.
  666. * Otherwise it should be 0.
  667. *
  668. * Returns:
  669. *\li #ISC_R_SUCCESS -- all is well.
  670. *\li #ISC_R_NOTFOUND -- the desired type does not exist.
  671. */
  672. isc_result_t
  673. dns_message_find(dns_name_t *name, dns_rdataclass_t rdclass,
  674. dns_rdatatype_t type, dns_rdatatype_t covers,
  675. dns_rdataset_t **rdataset);
  676. /*%<
  677. * Search the name for the specified rdclass and type. If it is found,
  678. * *rdataset is filled in with a pointer to that rdataset.
  679. *
  680. * Requires:
  681. *\li if '**rdataset' is non-NULL, *rdataset needs to be NULL.
  682. *
  683. *\li 'type' be a valid type, and NOT dns_rdatatype_any.
  684. *
  685. *\li If 'type' is dns_rdatatype_rrsig, 'covers' must be a valid type.
  686. * Otherwise it should be 0.
  687. *
  688. * Returns:
  689. *\li #ISC_R_SUCCESS -- all is well.
  690. *\li #ISC_R_NOTFOUND -- the desired type does not exist.
  691. */
  692. void
  693. dns_message_movename(dns_message_t *msg, dns_name_t *name,
  694. dns_section_t fromsection,
  695. dns_section_t tosection);
  696. /*%<
  697. * Move a name from one section to another.
  698. *
  699. * Requires:
  700. *
  701. *\li 'msg' be valid.
  702. *
  703. *\li 'name' must be a name already in 'fromsection'.
  704. *
  705. *\li 'fromsection' must be a valid section.
  706. *
  707. *\li 'tosection' must be a valid section.
  708. */
  709. void
  710. dns_message_addname(dns_message_t *msg, dns_name_t *name,
  711. dns_section_t section);
  712. /*%<
  713. * Adds the name to the given section.
  714. *
  715. * It is the caller's responsibility to enforce any unique name requirements
  716. * in a section.
  717. *
  718. * Requires:
  719. *
  720. *\li 'msg' be valid, and be a renderable message.
  721. *
  722. *\li 'name' be a valid absolute name.
  723. *
  724. *\li 'section' be a named section.
  725. */
  726. void
  727. dns_message_removename(dns_message_t *msg, dns_name_t *name,
  728. dns_section_t section);
  729. /*%<
  730. * Remove a existing name from a given section.
  731. *
  732. * It is the caller's responsibility to ensure the name is part of the
  733. * given section.
  734. *
  735. * Requires:
  736. *
  737. *\li 'msg' be valid, and be a renderable message.
  738. *
  739. *\li 'name' be a valid absolute name.
  740. *
  741. *\li 'section' be a named section.
  742. */
  743. /*
  744. * LOANOUT FUNCTIONS
  745. *
  746. * Each of these functions loan a particular type of data to the caller.
  747. * The storage for these will vanish when the message is destroyed or
  748. * reset, and must NOT be used after these operations.
  749. */
  750. isc_result_t
  751. dns_message_gettempname(dns_message_t *msg, dns_name_t **item);
  752. /*%<
  753. * Return a name that can be used for any temporary purpose, including
  754. * inserting into the message's linked lists. The name must be returned
  755. * to the message code using dns_message_puttempname() or inserted into
  756. * one of the message's sections before the message is destroyed.
  757. *
  758. * It is the caller's responsibility to initialize this name.
  759. *
  760. * Requires:
  761. *\li msg be a valid message
  762. *
  763. *\li item != NULL && *item == NULL
  764. *
  765. * Returns:
  766. *\li #ISC_R_SUCCESS -- All is well.
  767. *\li #ISC_R_NOMEMORY -- No item can be allocated.
  768. */
  769. isc_result_t
  770. dns_message_gettempoffsets(dns_message_t *msg, dns_offsets_t **item);
  771. /*%<
  772. * Return an offsets array that can be used for any temporary purpose,
  773. * such as attaching to a temporary name. The offsets will be freed
  774. * when the message is destroyed or reset.
  775. *
  776. * Requires:
  777. *\li msg be a valid message
  778. *
  779. *\li item != NULL && *item == NULL
  780. *
  781. * Returns:
  782. *\li #ISC_R_SUCCESS -- All is well.
  783. *\li #ISC_R_NOMEMORY -- No item can be allocated.
  784. */
  785. isc_result_t
  786. dns_message_gettemprdata(dns_message_t *msg, dns_rdata_t **item);
  787. /*%<
  788. * Return a rdata that can be used for any temporary purpose, including
  789. * inserting into the message's linked lists. The rdata will be freed
  790. * when the message is destroyed or reset.
  791. *
  792. * Requires:
  793. *\li msg be a valid message
  794. *
  795. *\li item != NULL && *item == NULL
  796. *
  797. * Returns:
  798. *\li #ISC_R_SUCCESS -- All is well.
  799. *\li #ISC_R_NOMEMORY -- No item can be allocated.
  800. */
  801. isc_result_t
  802. dns_message_gettemprdataset(dns_message_t *msg, dns_rdataset_t **item);
  803. /*%<
  804. * Return a rdataset that can be used for any temporary purpose, including
  805. * inserting into the message's linked lists. The name must be returned
  806. * to the message code using dns_message_puttempname() or inserted into
  807. * one of the message's sections before the message is destroyed.
  808. *
  809. * Requires:
  810. *\li msg be a valid message
  811. *
  812. *\li item != NULL && *item == NULL
  813. *
  814. * Returns:
  815. *\li #ISC_R_SUCCESS -- All is well.
  816. *\li #ISC_R_NOMEMORY -- No item can be allocated.
  817. */
  818. isc_result_t
  819. dns_message_gettemprdatalist(dns_message_t *msg, dns_rdatalist_t **item);
  820. /*%<
  821. * Return a rdatalist that can be used for any temporary purpose, including
  822. * inserting into the message's linked lists. The rdatalist will be
  823. * destroyed when the message is destroyed or reset.
  824. *
  825. * Requires:
  826. *\li msg be a valid message
  827. *
  828. *\li item != NULL && *item == NULL
  829. *
  830. * Returns:
  831. *\li #ISC_R_SUCCESS -- All is well.
  832. *\li #ISC_R_NOMEMORY -- No item can be allocated.
  833. */
  834. void
  835. dns_message_puttempname(dns_message_t *msg, dns_name_t **item);
  836. /*%<
  837. * Return a borrowed name to the message's name free list.
  838. *
  839. * Requires:
  840. *\li msg be a valid message
  841. *
  842. *\li item != NULL && *item point to a name returned by
  843. * dns_message_gettempname()
  844. *
  845. * Ensures:
  846. *\li *item == NULL
  847. */
  848. void
  849. dns_message_puttemprdata(dns_message_t *msg, dns_rdata_t **item);
  850. /*%<
  851. * Return a borrowed rdata to the message's rdata free list.
  852. *
  853. * Requires:
  854. *\li msg be a valid message
  855. *
  856. *\li item != NULL && *item point to a rdata returned by
  857. * dns_message_gettemprdata()
  858. *
  859. * Ensures:
  860. *\li *item == NULL
  861. */
  862. void
  863. dns_message_puttemprdataset(dns_message_t *msg, dns_rdataset_t **item);
  864. /*%<
  865. * Return a borrowed rdataset to the message's rdataset free list.
  866. *
  867. * Requires:
  868. *\li msg be a valid message
  869. *
  870. *\li item != NULL && *item point to a rdataset returned by
  871. * dns_message_gettemprdataset()
  872. *
  873. * Ensures:
  874. *\li *item == NULL
  875. */
  876. void
  877. dns_message_puttemprdatalist(dns_message_t *msg, dns_rdatalist_t **item);
  878. /*%<
  879. * Return a borrowed rdatalist to the message's rdatalist free list.
  880. *
  881. * Requires:
  882. *\li msg be a valid message
  883. *
  884. *\li item != NULL && *item point to a rdatalist returned by
  885. * dns_message_gettemprdatalist()
  886. *
  887. * Ensures:
  888. *\li *item == NULL
  889. */
  890. isc_result_t
  891. dns_message_peekheader(isc_buffer_t *source, dns_messageid_t *idp,
  892. unsigned int *flagsp);
  893. /*%<
  894. * Assume the remaining region of "source" is a DNS message. Peek into
  895. * it and fill in "*idp" with the message id, and "*flagsp" with the flags.
  896. *
  897. * Requires:
  898. *
  899. *\li source != NULL
  900. *
  901. * Ensures:
  902. *
  903. *\li if (idp != NULL) *idp == message id.
  904. *
  905. *\li if (flagsp != NULL) *flagsp == message flags.
  906. *
  907. * Returns:
  908. *
  909. *\li #ISC_R_SUCCESS -- all is well.
  910. *
  911. *\li #ISC_R_UNEXPECTEDEND -- buffer doesn't contain enough for a header.
  912. */
  913. isc_result_t
  914. dns_message_reply(dns_message_t *msg, isc_boolean_t want_question_section);
  915. /*%<
  916. * Start formatting a reply to the query in 'msg'.
  917. *
  918. * Requires:
  919. *
  920. *\li 'msg' is a valid message with parsing intent, and contains a query.
  921. *
  922. * Ensures:
  923. *
  924. *\li The message will have a rendering intent. If 'want_question_section'
  925. * is true, the message opcode is query or notify, and the question
  926. * section is present and properly formatted, then the question section
  927. * will be included in the reply. All other sections will be cleared.
  928. * The QR flag will be set, the RD flag will be preserved, and all other
  929. * flags will be cleared.
  930. *
  931. * Returns:
  932. *
  933. *\li #ISC_R_SUCCESS -- all is well.
  934. *
  935. *\li #DNS_R_FORMERR -- the header or question section of the
  936. * message is invalid, replying is impossible.
  937. * If DNS_R_FORMERR is returned when
  938. * want_question_section is ISC_FALSE, then
  939. * it's the header section that's bad;
  940. * otherwise either of the header or question
  941. * sections may be bad.
  942. */
  943. dns_rdataset_t *
  944. dns_message_getopt(dns_message_t *msg);
  945. /*%<
  946. * Get the OPT record for 'msg'.
  947. *
  948. * Requires:
  949. *
  950. *\li 'msg' is a valid message.
  951. *
  952. * Returns:
  953. *
  954. *\li The OPT rdataset of 'msg', or NULL if there isn't one.
  955. */
  956. isc_result_t
  957. dns_message_setopt(dns_message_t *msg, dns_rdataset_t *opt);
  958. /*%<
  959. * Set the OPT record for 'msg'.
  960. *
  961. * Requires:
  962. *
  963. *\li 'msg' is a valid message with rendering intent
  964. * and no sections have been rendered.
  965. *
  966. *\li 'opt' is a valid OPT record.
  967. *
  968. * Ensures:
  969. *
  970. *\li The OPT record has either been freed or ownership of it has
  971. * been transferred to the message.
  972. *
  973. *\li If ISC_R_SUCCESS was returned, the OPT record will be rendered
  974. * when dns_message_renderend() is called.
  975. *
  976. * Returns:
  977. *
  978. *\li #ISC_R_SUCCESS -- all is well.
  979. *
  980. *\li #ISC_R_NOSPACE -- there is no space for the OPT record.
  981. */
  982. dns_rdataset_t *
  983. dns_message_gettsig(dns_message_t *msg, dns_name_t **owner);
  984. /*%<
  985. * Get the TSIG record and owner for 'msg'.
  986. *
  987. * Requires:
  988. *
  989. *\li 'msg' is a valid message.
  990. *\li 'owner' is NULL or *owner is NULL.
  991. *
  992. * Returns:
  993. *
  994. *\li The TSIG rdataset of 'msg', or NULL if there isn't one.
  995. *
  996. * Ensures:
  997. *
  998. * \li If 'owner' is not NULL, it will point to the owner name.
  999. */
  1000. isc_result_t
  1001. dns_message_settsigkey(dns_message_t *msg, dns_tsigkey_t *key);
  1002. /*%<
  1003. * Set the tsig key for 'msg'. This is only necessary for when rendering a
  1004. * query or parsing a response. The key (if non-NULL) is attached to, and
  1005. * will be detached when the message is destroyed.
  1006. *
  1007. * Requires:
  1008. *
  1009. *\li 'msg' is a valid message with rendering intent,
  1010. * dns_message_renderbegin() has been called, and no sections have been
  1011. * rendered.
  1012. *\li 'key' is a valid tsig key or NULL.
  1013. *
  1014. * Returns:
  1015. *
  1016. *\li #ISC_R_SUCCESS -- all is well.
  1017. *
  1018. *\li #ISC_R_NOSPACE -- there is no space for the TSIG record.
  1019. */
  1020. dns_tsigkey_t *
  1021. dns_message_gettsigkey(dns_message_t *msg);
  1022. /*%<
  1023. * Gets the tsig key for 'msg'.
  1024. *
  1025. * Requires:
  1026. *
  1027. *\li 'msg' is a valid message
  1028. */
  1029. isc_result_t
  1030. dns_message_setquerytsig(dns_message_t *msg, isc_buffer_t *querytsig);
  1031. /*%<
  1032. * Indicates that 'querytsig' is the TSIG from the signed query for which
  1033. * 'msg' is the response. This is also used for chained TSIGs in TCP
  1034. * responses.
  1035. *
  1036. * Requires:
  1037. *
  1038. *\li 'querytsig' is a valid buffer as returned by dns_message_getquerytsig()
  1039. * or NULL
  1040. *
  1041. *\li 'msg' is a valid message
  1042. *
  1043. * Returns:
  1044. *
  1045. *\li #ISC_R_SUCCESS
  1046. *\li #ISC_R_NOMEMORY
  1047. */
  1048. isc_result_t
  1049. dns_message_getquerytsig(dns_message_t *msg, isc_mem_t *mctx,
  1050. isc_buffer_t **querytsig);
  1051. /*%<
  1052. * Gets the tsig from the TSIG from the signed query 'msg'. This is also used
  1053. * for chained TSIGs in TCP responses. Unlike dns_message_gettsig, this makes
  1054. * a copy of the data, so can be used if the message is destroyed.
  1055. *
  1056. * Requires:
  1057. *
  1058. *\li 'msg' is a valid signed message
  1059. *\li 'mctx' is a valid memory context
  1060. *\li querytsig != NULL && *querytsig == NULL
  1061. *
  1062. * Returns:
  1063. *
  1064. *\li #ISC_R_SUCCESS
  1065. *\li #ISC_R_NOMEMORY
  1066. *
  1067. * Ensures:
  1068. *\li 'tsig' points to NULL or an allocated buffer which must be freed
  1069. * by the caller.
  1070. */
  1071. dns_rdataset_t *
  1072. dns_message_getsig0(dns_message_t *msg, dns_name_t **owner);
  1073. /*%<
  1074. * Get the SIG(0) record and owner for 'msg'.
  1075. *
  1076. * Requires:
  1077. *
  1078. *\li 'msg' is a valid message.
  1079. *\li 'owner' is NULL or *owner is NULL.
  1080. *
  1081. * Returns:
  1082. *
  1083. *\li The SIG(0) rdataset of 'msg', or NULL if there isn't one.
  1084. *
  1085. * Ensures:
  1086. *
  1087. * \li If 'owner' is not NULL, it will point to the owner name.
  1088. */
  1089. isc_result_t
  1090. dns_message_setsig0key(dns_message_t *msg, dst_key_t *key);
  1091. /*%<
  1092. * Set the SIG(0) key for 'msg'.
  1093. *
  1094. * Requires:
  1095. *
  1096. *\li 'msg' is a valid message with rendering intent,
  1097. * dns_message_renderbegin() has been called, and no sections have been
  1098. * rendered.
  1099. *\li 'key' is a valid sig key or NULL.
  1100. *
  1101. * Returns:
  1102. *
  1103. *\li #ISC_R_SUCCESS -- all is well.
  1104. *
  1105. *\li #ISC_R_NOSPACE -- there is no space for the SIG(0) record.
  1106. */
  1107. dst_key_t *
  1108. dns_message_getsig0key(dns_message_t *msg);
  1109. /*%<
  1110. * Gets the SIG(0) key for 'msg'.
  1111. *
  1112. * Requires:
  1113. *
  1114. *\li 'msg' is a valid message
  1115. */
  1116. void
  1117. dns_message_takebuffer(dns_message_t *msg, isc_buffer_t **buffer);
  1118. /*%<
  1119. * Give the *buffer to the message code to clean up when it is no
  1120. * longer needed. This is usually when the message is reset or
  1121. * destroyed.
  1122. *
  1123. * Requires:
  1124. *
  1125. *\li msg be a valid message.
  1126. *
  1127. *\li buffer != NULL && *buffer is a valid isc_buffer_t, which was
  1128. * dynamically allocated via isc_buffer_allocate().
  1129. */
  1130. isc_result_t
  1131. dns_message_signer(dns_message_t *msg, dns_name_t *signer);
  1132. /*%<
  1133. * If this message was signed, return the identity of the signer.
  1134. * Unless ISC_R_NOTFOUND is returned, signer will reflect the name of the
  1135. * key that signed the message.
  1136. *
  1137. * Requires:
  1138. *
  1139. *\li msg is a valid parsed message.
  1140. *\li signer is a valid name
  1141. *
  1142. * Returns:
  1143. *
  1144. *\li #ISC_R_SUCCESS - the message was signed, and *signer
  1145. * contains the signing identity
  1146. *
  1147. *\li #ISC_R_NOTFOUND - no TSIG or SIG(0) record is present in the
  1148. * message
  1149. *
  1150. *\li #DNS_R_TSIGVERIFYFAILURE - the message was signed by a TSIG, but the
  1151. * signature failed to verify
  1152. *
  1153. *\li #DNS_R_TSIGERRORSET - the message was signed by a TSIG and
  1154. * verified, but the query was rejected by
  1155. * the server
  1156. *
  1157. *\li #DNS_R_NOIDENTITY - the message was signed by a TSIG and
  1158. * verified, but the key has no identity since
  1159. * it was generated by an unsigned TKEY process
  1160. *
  1161. *\li #DNS_R_SIGINVALID - the message was signed by a SIG(0), but
  1162. * the signature failed to verify
  1163. *
  1164. *\li #DNS_R_NOTVERIFIEDYET - the message was signed by a TSIG or SIG(0),
  1165. * but the signature has not been verified yet
  1166. */
  1167. isc_result_t
  1168. dns_message_checksig(dns_message_t *msg, dns_view_t *view);
  1169. /*%<
  1170. * If this message was signed, verify the signature.
  1171. *
  1172. * Requires:
  1173. *
  1174. *\li msg is a valid parsed message.
  1175. *\li view is a valid view or NULL
  1176. *
  1177. * Returns:
  1178. *
  1179. *\li #ISC_R_SUCCESS - the message was unsigned, or the message
  1180. * was signed correctly.
  1181. *
  1182. *\li #DNS_R_EXPECTEDTSIG - A TSIG was expected, but not seen
  1183. *\li #DNS_R_UNEXPECTEDTSIG - A TSIG was seen but not expected
  1184. *\li #DNS_R_TSIGVERIFYFAILURE - The TSIG failed to verify
  1185. */
  1186. isc_result_t
  1187. dns_message_rechecksig(dns_message_t *msg, dns_view_t *view);
  1188. /*%<
  1189. * Reset the signature state and then if the message was signed,
  1190. * verify the message.
  1191. *
  1192. * Requires:
  1193. *
  1194. *\li msg is a valid parsed message.
  1195. *\li view is a valid view or NULL
  1196. *
  1197. * Returns:
  1198. *
  1199. *\li #ISC_R_SUCCESS - the message was unsigned, or the message
  1200. * was signed correctly.
  1201. *
  1202. *\li #DNS_R_EXPECTEDTSIG - A TSIG was expected, but not seen
  1203. *\li #DNS_R_UNEXPECTEDTSIG - A TSIG was seen but not expected
  1204. *\li #DNS_R_TSIGVERIFYFAILURE - The TSIG failed to verify
  1205. */
  1206. void
  1207. dns_message_resetsig(dns_message_t *msg);
  1208. /*%<
  1209. * Reset the signature state.
  1210. *
  1211. * Requires:
  1212. *\li 'msg' is a valid parsed message.
  1213. */
  1214. isc_region_t *
  1215. dns_message_getrawmessage(dns_message_t *msg);
  1216. /*%<
  1217. * Retrieve the raw message in compressed wire format. The message must
  1218. * have been successfully parsed for it to have been saved.
  1219. *
  1220. * Requires:
  1221. *\li msg is a valid parsed message.
  1222. *
  1223. * Returns:
  1224. *\li NULL if there is no saved message.
  1225. * a pointer to a region which refers the dns message.
  1226. */
  1227. void
  1228. dns_message_setsortorder(dns_message_t *msg, dns_rdatasetorderfunc_t order,
  1229. const void *order_arg);
  1230. /*%<
  1231. * Define the order in which RR sets get rendered by
  1232. * dns_message_rendersection() to be the ascending order
  1233. * defined by the integer value returned by 'order' when
  1234. * given each RR and 'arg' as arguments. If 'order' and
  1235. * 'order_arg' are NULL, a default order is used.
  1236. *
  1237. * Requires:
  1238. *\li msg be a valid message.
  1239. *\li order_arg is NULL if and only if order is NULL.
  1240. */
  1241. void
  1242. dns_message_settimeadjust(dns_message_t *msg, int timeadjust);
  1243. /*%<
  1244. * Adjust the time used to sign/verify a message by timeadjust.
  1245. * Currently only TSIG.
  1246. *
  1247. * Requires:
  1248. *\li msg be a valid message.
  1249. */
  1250. int
  1251. dns_message_gettimeadjust(dns_message_t *msg);
  1252. /*%<
  1253. * Return the current time adjustment.
  1254. *
  1255. * Requires:
  1256. *\li msg be a valid message.
  1257. */
  1258. ISC_LANG_ENDDECLS
  1259. #endif /* DNS_MESSAGE_H */