summaryrefslogtreecommitdiff
path: root/src/shared/dns-domain.h
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2015-12-21 19:57:34 +0100
committerLennart Poettering <lennart@poettering.net>2015-12-26 19:09:10 +0100
commite7ff0e0b391341bdc4d9c08dff1c477e1df6a682 (patch)
tree03852136cb91d95a6549b74a983f295abdc8c250 /src/shared/dns-domain.h
parentd38d5ca65b3f8fd19348a7919cf1f1f07c955393 (diff)
resolved: properly implement RRSIG validation of wildcarded RRsets
Note that this is still not complete, one additional step is still missing: when we verified that a wildcard RRset is properly signed, we still need to do an NSEC/NSEC3 proof that no more specific RRset exists.
Diffstat (limited to 'src/shared/dns-domain.h')
-rw-r--r--src/shared/dns-domain.h6
1 files changed, 6 insertions, 0 deletions
diff --git a/src/shared/dns-domain.h b/src/shared/dns-domain.h
index 02b51832b6..7b509729fb 100644
--- a/src/shared/dns-domain.h
+++ b/src/shared/dns-domain.h
@@ -42,6 +42,9 @@
/* Maximum length of a full hostname, on the wire, including the final NUL byte */
#define DNS_WIRE_FOMAT_HOSTNAME_MAX 255
+/* Maximum number of labels per valid hostname */
+#define DNS_N_LABELS_MAX 127
+
int dns_label_unescape(const char **name, char *dest, size_t sz);
int dns_label_unescape_suffix(const char *name, const char **label_end, char *dest, size_t sz);
int dns_label_escape(const char *p, size_t l, char *dest, size_t sz);
@@ -96,3 +99,6 @@ bool dns_service_name_is_valid(const char *name);
int dns_service_join(const char *name, const char *type, const char *domain, char **ret);
int dns_service_split(const char *joined, char **name, char **type, char **domain);
+
+int dns_name_suffix(const char *name, unsigned n_labels, const char **ret);
+int dns_name_count_labels(const char *name);