1 /*
2 * Copyright 2015 The Netty Project
3 *
4 * The Netty Project licenses this file to you under the Apache License,
5 * version 2.0 (the "License"); you may not use this file except in compliance
6 * with the License. You may obtain a copy of the License at:
7 *
8 * https://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 * License for the specific language governing permissions and limitations
14 * under the License.
15 */
16 package io.netty.handler.codec.dns;
17
18 import io.netty.util.collection.IntObjectHashMap;
19 import io.netty.util.internal.UnstableApi;
20
21 import java.util.HashMap;
22 import java.util.Map;
23
24 /**
25 * Represents a DNS record type.
26 */
27 @UnstableApi
28 public class DnsRecordType implements Comparable<DnsRecordType> {
29
30 /**
31 * Address record RFC 1035 Returns a 32-bit IPv4 address, most commonly used
32 * to map hostnames to an IP address of the host, but also used for DNSBLs,
33 * storing subnet masks in RFC 1101, etc.
34 */
35 public static final DnsRecordType A = new DnsRecordType(0x0001, "A");
36
37 /**
38 * Name server record RFC 1035 Delegates a DNS zone to use the given
39 * authoritative name servers
40 */
41 public static final DnsRecordType NS = new DnsRecordType(0x0002, "NS");
42
43 /**
44 * Canonical name record RFC 1035 Alias of one name to another: the DNS
45 * lookup will continue by retrying the lookup with the new name.
46 */
47 public static final DnsRecordType CNAME = new DnsRecordType(0x0005, "CNAME");
48
49 /**
50 * Start of [a zone of] authority record RFC 1035 and RFC 2308 Specifies
51 * authoritative information about a DNS zone, including the primary name
52 * server, the email of the domain administrator, the domain serial number,
53 * and several timers relating to refreshing the zone.
54 */
55 public static final DnsRecordType SOA = new DnsRecordType(0x0006, "SOA");
56
57 /**
58 * Pointer record RFC 1035 Pointer to a canonical name. Unlike a CNAME, DNS
59 * processing does NOT proceed, just the name is returned. The most common
60 * use is for implementing reverse DNS lookups, but other uses include such
61 * things as DNS-SD.
62 */
63 public static final DnsRecordType PTR = new DnsRecordType(0x000c, "PTR");
64
65 /**
66 * Mail exchange record RFC 1035 Maps a domain name to a list of message
67 * transfer agents for that domain.
68 */
69 public static final DnsRecordType MX = new DnsRecordType(0x000f, "MX");
70
71 /**
72 * Text record RFC 1035 Originally for arbitrary human-readable text in a
73 * DNS record. Since the early 1990s, however, this record more often
74 * carries machine-readable data, such as specified by RFC 1464,
75 * opportunistic encryption, Sender Policy Framework, DKIM, DMARC DNS-SD,
76 * etc.
77 */
78 public static final DnsRecordType TXT = new DnsRecordType(0x0010, "TXT");
79
80 /**
81 * Responsible person record RFC 1183 Information about the responsible
82 * person(s) for the domain. Usually an email address with the @ replaced by
83 * a .
84 */
85 public static final DnsRecordType RP = new DnsRecordType(0x0011, "RP");
86
87 /**
88 * AFS database record RFC 1183 Location of database servers of an AFS cell.
89 * This record is commonly used by AFS clients to contact AFS cells outside
90 * their local domain. A subtype of this record is used by the obsolete
91 * DCE/DFS file system.
92 */
93 public static final DnsRecordType AFSDB = new DnsRecordType(0x0012, "AFSDB");
94
95 /**
96 * Signature record RFC 2535 Signature record used in SIG(0) (RFC 2931) and
97 * TKEY (RFC 2930). RFC 3755 designated RRSIG as the replacement for SIG for
98 * use within DNSSEC.
99 */
100 public static final DnsRecordType SIG = new DnsRecordType(0x0018, "SIG");
101
102 /**
103 * key record RFC 2535 and RFC 2930 Used only for SIG(0) (RFC 2931) and TKEY
104 * (RFC 2930). RFC 3445 eliminated their use for application keys and
105 * limited their use to DNSSEC. RFC 3755 designates DNSKEY as the
106 * replacement within DNSSEC. RFC 4025 designates IPSECKEY as the
107 * replacement for use with IPsec.
108 */
109 public static final DnsRecordType KEY = new DnsRecordType(0x0019, "KEY");
110
111 /**
112 * IPv6 address record RFC 3596 Returns a 128-bit IPv6 address, most
113 * commonly used to map hostnames to an IP address of the host.
114 */
115 public static final DnsRecordType AAAA = new DnsRecordType(0x001c, "AAAA");
116
117 /**
118 * Location record RFC 1876 Specifies a geographical location associated
119 * with a domain name.
120 */
121 public static final DnsRecordType LOC = new DnsRecordType(0x001d, "LOC");
122
123 /**
124 * Service locator RFC 2782 Generalized service location record, used for
125 * newer protocols instead of creating protocol-specific records such as MX.
126 */
127 public static final DnsRecordType SRV = new DnsRecordType(0x0021, "SRV");
128
129 /**
130 * Naming Authority Pointer record RFC 3403 Allows regular expression based
131 * rewriting of domain names which can then be used as URIs, further domain
132 * names to lookups, etc.
133 */
134 public static final DnsRecordType NAPTR = new DnsRecordType(0x0023, "NAPTR");
135
136 /**
137 * Key eXchanger record RFC 2230 Used with some cryptographic systems (not
138 * including DNSSEC) to identify a key management agent for the associated
139 * domain-name. Note that this has nothing to do with DNS Security. It is
140 * Informational status, rather than being on the IETF standards-track. It
141 * has always had limited deployment, but is still in use.
142 */
143 public static final DnsRecordType KX = new DnsRecordType(0x0024, "KX");
144
145 /**
146 * Certificate record RFC 4398 Stores PKIX, SPKI, PGP, etc.
147 */
148 public static final DnsRecordType CERT = new DnsRecordType(0x0025, "CERT");
149
150 /**
151 * Delegation name record RFC 2672 DNAME creates an alias for a name and all
152 * its subnames, unlike CNAME, which aliases only the exact name in its
153 * label. Like the CNAME record, the DNS lookup will continue by retrying
154 * the lookup with the new name.
155 */
156 public static final DnsRecordType DNAME = new DnsRecordType(0x0027, "DNAME");
157
158 /**
159 * Option record RFC 2671 This is a pseudo DNS record type needed to support
160 * EDNS.
161 */
162 public static final DnsRecordType OPT = new DnsRecordType(0x0029, "OPT");
163
164 /**
165 * Address Prefix List record RFC 3123 Specify lists of address ranges, e.g.
166 * in CIDR format, for various address families. Experimental.
167 */
168 public static final DnsRecordType APL = new DnsRecordType(0x002a, "APL");
169
170 /**
171 * Delegation signer record RFC 4034 The record used to identify the DNSSEC
172 * signing key of a delegated zone.
173 */
174 public static final DnsRecordType DS = new DnsRecordType(0x002b, "DS");
175
176 /**
177 * SSH Public Key Fingerprint record RFC 4255 Resource record for publishing
178 * SSH public host key fingerprints in the DNS System, in order to aid in
179 * verifying the authenticity of the host. RFC 6594 defines ECC SSH keys and
180 * SHA-256 hashes. See the IANA SSHFP RR parameters registry for details.
181 */
182 public static final DnsRecordType SSHFP = new DnsRecordType(0x002c, "SSHFP");
183
184 /**
185 * IPsec Key record RFC 4025 Key record that can be used with IPsec.
186 */
187 public static final DnsRecordType IPSECKEY = new DnsRecordType(0x002d, "IPSECKEY");
188
189 /**
190 * DNSSEC signature record RFC 4034 Signature for a DNSSEC-secured record
191 * set. Uses the same format as the SIG record.
192 */
193 public static final DnsRecordType RRSIG = new DnsRecordType(0x002e, "RRSIG");
194
195 /**
196 * Next-Secure record RFC 4034 Part of DNSSEC, used to prove a name does not
197 * exist. Uses the same format as the (obsolete) NXT record.
198 */
199 public static final DnsRecordType NSEC = new DnsRecordType(0x002f, "NSEC");
200
201 /**
202 * DNS Key record RFC 4034 The key record used in DNSSEC. Uses the same
203 * format as the KEY record.
204 */
205 public static final DnsRecordType DNSKEY = new DnsRecordType(0x0030, "DNSKEY");
206
207 /**
208 * DHCP identifier record RFC 4701 Used in conjunction with the FQDN option
209 * to DHCP.
210 */
211 public static final DnsRecordType DHCID = new DnsRecordType(0x0031, "DHCID");
212
213 /**
214 * NSEC record version 3 RFC 5155 An extension to DNSSEC that allows proof
215 * of nonexistence for a name without permitting zonewalking.
216 */
217 public static final DnsRecordType NSEC3 = new DnsRecordType(0x0032, "NSEC3");
218
219 /**
220 * NSEC3 parameters record RFC 5155 Parameter record for use with NSEC3.
221 */
222 public static final DnsRecordType NSEC3PARAM = new DnsRecordType(0x0033, "NSEC3PARAM");
223
224 /**
225 * TLSA certificate association record RFC 6698 A record for DNS-based
226 * Authentication of Named Entities (DANE). RFC 6698 defines The TLSA DNS
227 * resource record is used to associate a TLS server certificate or public
228 * key with the domain name where the record is found, thus forming a 'TLSA
229 * certificate association'.
230 */
231 public static final DnsRecordType TLSA = new DnsRecordType(0x0034, "TLSA");
232
233 /**
234 * Host Identity Protocol record RFC 5205 Method of separating the end-point
235 * identifier and locator roles of IP addresses.
236 */
237 public static final DnsRecordType HIP = new DnsRecordType(0x0037, "HIP");
238
239 /**
240 * Sender Policy Framework record RFC 4408 Specified as part of the SPF
241 * protocol as an alternative to of storing SPF data in TXT records. Uses
242 * the same format as the earlier TXT record.
243 */
244 public static final DnsRecordType SPF = new DnsRecordType(0x0063, "SPF");
245
246 /**
247 * Secret key record RFC 2930 A method of providing keying material to be
248 * used with TSIG that is encrypted under the public key in an accompanying
249 * KEY RR..
250 */
251 public static final DnsRecordType TKEY = new DnsRecordType(0x00f9, "TKEY");
252
253 /**
254 * Transaction Signature record RFC 2845 Can be used to authenticate dynamic
255 * updates as coming from an approved client, or to authenticate responses
256 * as coming from an approved recursive name server similar to DNSSEC.
257 */
258 public static final DnsRecordType TSIG = new DnsRecordType(0x00fa, "TSIG");
259
260 /**
261 * Incremental Zone Transfer record RFC 1996 Requests a zone transfer of the
262 * given zone but only differences from a previous serial number. This
263 * request may be ignored and a full (AXFR) sent in response if the
264 * authoritative server is unable to fulfill the request due to
265 * configuration or lack of required deltas.
266 */
267 public static final DnsRecordType IXFR = new DnsRecordType(0x00fb, "IXFR");
268
269 /**
270 * Authoritative Zone Transfer record RFC 1035 Transfer entire zone file
271 * from the master name server to secondary name servers.
272 */
273 public static final DnsRecordType AXFR = new DnsRecordType(0x00fc, "AXFR");
274
275 /**
276 * All cached records RFC 1035 Returns all records of all types known to the
277 * name server. If the name server does not have any information on the
278 * name, the request will be forwarded on. The records returned may not be
279 * complete. For example, if there is both an A and an MX for a name, but
280 * the name server has only the A record cached, only the A record will be
281 * returned. Sometimes referred to as ANY, for example in Windows nslookup
282 * and Wireshark.
283 */
284 public static final DnsRecordType ANY = new DnsRecordType(0x00ff, "ANY");
285
286 /**
287 * Certification Authority Authorization record RFC 6844 CA pinning,
288 * constraining acceptable CAs for a host/domain.
289 */
290 public static final DnsRecordType CAA = new DnsRecordType(0x0101, "CAA");
291
292 /**
293 * DNSSEC Trust Authorities record N/A Part of a deployment proposal for
294 * DNSSEC without a signed DNS root. See the IANA database and Weiler Spec
295 * for details. Uses the same format as the DS record.
296 */
297 public static final DnsRecordType TA = new DnsRecordType(0x8000, "TA");
298
299 /**
300 * DNSSEC Lookaside Validation record RFC 4431 For publishing DNSSEC trust
301 * anchors outside of the DNS delegation chain. Uses the same format as the
302 * DS record. RFC 5074 describes a way of using these records.
303 */
304 public static final DnsRecordType DLV = new DnsRecordType(0x8001, "DLV");
305
306 private static final Map<String, DnsRecordType> BY_NAME = new HashMap<String, DnsRecordType>();
307 private static final IntObjectHashMap<DnsRecordType> BY_TYPE = new IntObjectHashMap<DnsRecordType>();
308 private static final String EXPECTED;
309
310 static {
311 DnsRecordType[] all = {
312 A, NS, CNAME, SOA, PTR, MX, TXT, RP, AFSDB, SIG, KEY, AAAA, LOC, SRV, NAPTR, KX, CERT, DNAME, OPT, APL,
313 DS, SSHFP, IPSECKEY, RRSIG, NSEC, DNSKEY, DHCID, NSEC3, NSEC3PARAM, TLSA, HIP, SPF, TKEY, TSIG, IXFR,
314 AXFR, ANY, CAA, TA, DLV
315 };
316
317 final StringBuilder expected = new StringBuilder(512);
318
319 expected.append(" (expected: ");
320 for (DnsRecordType type: all) {
321 BY_NAME.put(type.name(), type);
322 BY_TYPE.put(type.intValue(), type);
323
324 expected.append(type.name())
325 .append('(')
326 .append(type.intValue())
327 .append("), ");
328 }
329
330 expected.setLength(expected.length() - 2);
331 expected.append(')');
332 EXPECTED = expected.toString();
333 }
334
335 public static DnsRecordType valueOf(int intValue) {
336 DnsRecordType result = BY_TYPE.get(intValue);
337 if (result == null) {
338 return new DnsRecordType(intValue);
339 }
340 return result;
341 }
342
343 public static DnsRecordType valueOf(String name) {
344 DnsRecordType result = BY_NAME.get(name);
345 if (result == null) {
346 throw new IllegalArgumentException("name: " + name + EXPECTED);
347 }
348 return result;
349 }
350
351 private final int intValue;
352 private final String name;
353 private String text;
354
355 private DnsRecordType(int intValue) {
356 this(intValue, "UNKNOWN");
357 }
358
359 public DnsRecordType(int intValue, String name) {
360 if ((intValue & 0xffff) != intValue) {
361 throw new IllegalArgumentException("intValue: " + intValue + " (expected: 0 ~ 65535)");
362 }
363 this.intValue = intValue;
364 this.name = name;
365 }
366
367 /**
368 * Returns the name of this type, as seen in bind config files
369 */
370 public String name() {
371 return name;
372 }
373
374 /**
375 * Returns the value of this DnsType as it appears in DNS protocol
376 */
377 public int intValue() {
378 return intValue;
379 }
380
381 @Override
382 public int hashCode() {
383 return intValue;
384 }
385
386 @Override
387 public boolean equals(Object o) {
388 return o instanceof DnsRecordType && ((DnsRecordType) o).intValue == intValue;
389 }
390
391 @Override
392 public int compareTo(DnsRecordType o) {
393 return intValue() - o.intValue();
394 }
395
396 @Override
397 public String toString() {
398 String text = this.text;
399 if (text == null) {
400 this.text = text = name + '(' + intValue() + ')';
401 }
402 return text;
403 }
404 }