#include <dns/rdatatype.h>
#include <dns/types.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include "check-tool.h"
#include <dns/fixedname.h>
#include <dns/name.h>
-#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include <isccfg/cfg.h>
#include <isccfg/namedconf.h>
#include <dns/ttl.h>
#include <dns/view.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include <dns/zt.h>
#include <dst/dst.h>
#include <dns/transport.h>
#include <dns/view.h>
#include <dns/xfrin.h>
+#include <dns/zoneproperties.h>
#include <dns/zt.h>
#include <ns/stats.h>
#include <dns/stats.h>
#include <dns/tsig.h>
#include <dns/view.h>
-#include <dns/zone.h>
+#include <dns/zone.h> /* WMM: remove include */
+#include <dns/zoneproperties.h>
#include <ns/client.h>
#include <ns/hooks.h>
#include <dns/name.h>
#include <dns/view.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include "instance.h"
#include "util.h"
#include <dns/dyndb.h>
#include <dns/view.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include "instance.h"
#include "log.h"
#include <dns/tsig.h>
#include <dns/view.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include "fuzz.h"
#include <dns/master.h>
#include <dns/ssu.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include "dlz_p.h"
#include <isc/formatcheck.h>
#include <isc/rwlock.h>
-#include <isc/statsmulti.h>
#include <isc/tls.h>
#include <dns/catz.h>
*\li dns_db_create() error codes.
*/
-void
-dns_zone_setclass(dns_zone_t *zone, dns_rdataclass_t rdclass);
-/*%<
- * Sets the class of a zone. This operation can only be performed
- * once on a zone.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li dns_zone_setclass() not to have been called since the zone was
- * created.
- *\li 'rdclass' != dns_rdataclass_none.
- */
-
-dns_rdataclass_t
-dns_zone_getclass(dns_zone_t *zone);
-/*%<
- * Returns the current zone class.
- *
- * Requires:
- *\li 'zone' to be a valid zone.
- */
-
isc_result_t
dns_zone_getserial(dns_zone_t *zone, uint32_t *serialp);
/*%<
*\li #DNS_R_NOTLOADED zone DB is not loaded
*/
-void
-dns_zone_settype(dns_zone_t *zone, dns_zonetype_t type);
-/*%<
- * Sets the zone type. This operation can only be performed once on
- * a zone.
- *
- * Requires:
- *\li 'zone' to be a valid zone.
- *\li dns_zone_settype() not to have been called since the zone was
- * created.
- *\li 'type' != dns_zone_none
- */
-
-void
-dns_zone_setview(dns_zone_t *zone, dns_view_t *view);
-/*%<
- * Associate the zone with a view.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- */
-
-dns_view_t *
-dns_zone_getview(dns_zone_t *zone);
-/*%<
- * Returns the zone's associated view.
- *
- * Requires:
- *\li 'zone' to be a valid zone.
- */
-
void
dns_zone_setviewcommit(dns_zone_t *zone);
/*%<
*\li 'zone' to be a valid zone.
*/
-void
-dns_zone_setorigin(dns_zone_t *zone, const dns_name_t *origin);
-/*%<
- * Sets the zones origin to 'origin'.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'origin' to be non NULL.
- *
- * Returns:
- *\li #ISC_R_SUCCESS
- */
-
-dns_name_t *
-dns_zone_getorigin(dns_zone_t *zone);
-/*%<
- * Returns the value of the origin.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- */
-
-dns_rdataclass_t
-dns_zone_getrdclass(dns_zone_t *zone);
-/*%<
- * Returns the value of the rdclass.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- */
-
-void
-dns_zone_setfile(dns_zone_t *zone, const char *file, const char *initial_file,
- dns_masterformat_t format, const dns_master_style_t *style);
-/*%<
- * Sets the name of the master file in the format of 'format' from which
- * the zone loads its database to 'file'.
- *
- * For zones that have no associated master file, 'file' will be NULL.
- * For some zone types, e.g. secondary zones, 'file' is optional, but
- * for primary zones it is mandatory. If the master file does not exist
- * during loading, then it will be copied into place from 'initial_file'.
- *
- * For zones with persistent databases, the file name setting is ignored.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- */
-
-const char *
-dns_zone_getfile(dns_zone_t *zone);
-/*%<
- * Gets the name of the zone's master file, if any.
- *
- * Requires:
- *\li 'zone' to be valid initialised zone.
- *
- * Returns:
- *\li Pointer to null-terminated file name, or NULL.
- */
-
-void
-dns_zone_setstream(dns_zone_t *zone, const FILE *stream,
- dns_masterformat_t format, const dns_master_style_t *style);
-/*%<
- * Sets the source stream from which the zone will load its database.
- *
- * Requires:
- *\li 'zone' to be a valid zone.
- *\li 'stream' to be a valid and open FILE *.
- *\li 'zone->masterfile' to be NULL, since we should load data either from
- * 'stream' or from a master file, but not both.
- */
-
-void
-dns_zone_setmaxrecords(dns_zone_t *zone, uint32_t records);
-/*%<
- * Sets the maximum number of records permitted in a zone.
- * 0 implies unlimited.
- *
- * Requires:
- *\li 'zone' to be valid initialised zone.
- *
- * Returns:
- *\li void
- */
-
-uint32_t
-dns_zone_getmaxrecords(dns_zone_t *zone);
-/*%<
- * Gets the maximum number of records permitted in a zone.
- * 0 implies unlimited.
- *
- * Requires:
- *\li 'zone' to be valid initialised zone.
- *
- * Returns:
- *\li uint32_t maxrecords.
- */
-
-void
-dns_zone_setmaxrrperset(dns_zone_t *zone, uint32_t maxrrperset);
-/*%<
- * Sets the maximum number of records per rrset permitted in a zone.
- * 0 implies unlimited.
- *
- * Requires:
- *\li 'zone' to be valid initialised zone.
- *
- * Returns:
- *\li void
- */
-
-void
-dns_zone_setmaxtypepername(dns_zone_t *zone, uint32_t maxtypepername);
-/*%<
- * Sets the maximum number of resource record types per owner name
- * permitted in a zone. 0 implies unlimited.
- *
- * Requires:
- *\li 'zone' to be valid initialised zone.
- *
- * Returns:
- *\li void
- */
-
-void
-dns_zone_setmaxttl(dns_zone_t *zone, uint32_t maxttl);
-/*%<
- * Sets the max ttl of the zone.
- *
- * Requires:
- *\li 'zone' to be valid initialised zone.
- *
- * Returns:
- *\li void
- */
-
-dns_ttl_t
-dns_zone_getmaxttl(dns_zone_t *zone);
-/*%<
- * Gets the max ttl of the zone.
- *
- * Requires:
- *\li 'zone' to be valid initialised zone.
- *
- * Returns:
- *\li dns_ttl_t maxttl.
- */
-
void
dns_zone_lock_keyfiles(dns_zone_t *zone);
/*%<
*\li 'zonep' to point to a valid zone.
*/
-isc_result_t
-dns_zone_getdb(dns_zone_t *zone, dns_db_t **dbp);
-/*%<
- * Attach '*dbp' to the database to if it exists otherwise
- * return DNS_R_NOTLOADED.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'dbp' to be != NULL && '*dbp' == NULL.
- *
- * Returns:
- *\li #ISC_R_SUCCESS
- *\li DNS_R_NOTLOADED
- */
-
-void
-dns_zone_setdb(dns_zone_t *zone, dns_db_t *db);
-/*%<
- * Sets the zone database to 'db'.
- *
- * This function is expected to be used to configure a zone with a
- * database which is not loaded from a file or zone transfer.
- * It can be used for a general purpose zone, but right now its use
- * is limited to static-stub zones to avoid possible undiscovered
- * problems in the general cases.
- *
- * Require:
- *\li 'zone' to be a valid zone of static-stub.
- *\li zone doesn't have a database.
- */
-
-void
-dns_zone_setdbtype(dns_zone_t *zone, unsigned int dbargc,
- const char *const *dbargv);
-/*%<
- * Sets the database type to dbargv[0] and database arguments
- * to subsequent dbargv elements.
- * 'db_type' is not checked to see if it is a valid database type.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'database' to be non NULL.
- *\li 'dbargc' to be >= 1
- *\li 'dbargv' to point to dbargc NULL-terminated strings
- */
-
-void
-dns_zone_getdbtype(dns_zone_t *zone, char ***argv, isc_mem_t *mctx);
-/*%<
- * Returns the current dbtype. isc_mem_free() should be used
- * to free 'argv' after use.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'argv' to be non NULL and *argv to be NULL.
- *\li 'mctx' to be valid.
- */
-
void
dns_zone_markdirty(dns_zone_t *zone);
/*%<
*\li 'fd' to be a stream open for writing.
*/
-void
-dns_zone_setprimaries(dns_zone_t *zone, isc_sockaddr_t *addresses,
- isc_sockaddr_t *sources, dns_name_t **keynames,
- dns_name_t **tlsnames, uint32_t count);
-/*%<
- * Set the list of primary servers for the zone.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'addresses' array of isc_sockaddr_t with port set or NULL.
- *\li 'count' the number of primaries.
- *\li 'keynames' array of dns_name_t's for tsig keys or NULL.
- *
- *\li If 'addresses' is NULL then 'count' must be zero.
- */
-
-void
-dns_zone_setparentals(dns_zone_t *zone, isc_sockaddr_t *addresses,
- isc_sockaddr_t *sources, dns_name_t **keynames,
- dns_name_t **tlsnames, uint32_t count);
-/*%<
- * Set the list of parental agents for the zone.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'addresses' array of isc_sockaddr_t with port set or NULL.
- *\li 'count' the number of primaries.
- *\li 'keynames' array of dns_name_t's for tsig keys or NULL.
- *
- *\li If 'addresses' is NULL then 'count' must be zero.
- */
-
-void
-dns_zone_setalsonotify(dns_zone_t *zone, isc_sockaddr_t *addresses,
- isc_sockaddr_t *sources, dns_name_t **keynames,
- dns_name_t **tlsnames, uint32_t count);
-/*%<
- * Set the list of additional servers to be notified when
- * a zone changes. To clear the list use 'count = 0'.
- *
- * dns_zone_alsonotifywithkeys() allows each notify address to
- * be associated with a TSIG key.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'addresses' to be non-NULL if count != 0.
- *\li 'count' to be the number of notifiees.
- */
-
-void
-dns_zone_setcdsendpoints(dns_zone_t *zone, isc_sockaddr_t *addresses,
- isc_sockaddr_t *sources, dns_name_t **keynames,
- dns_name_t **tlsnames, uint32_t count);
-/*%<
- * Set the list of servers to be notified when the zone changes
- * its CDS/CDNSKEY RRset. To clear the list use 'count = 0'.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'addresses' to be non-NULL if count != 0.
- *\li 'count' to be the number of notifiees.
- */
-
void
dns_zone_unload(dns_zone_t *zone);
/*%<
*
* Returns:
*\li ISC_R_SUCCESS on success.
- *\li ISC_R_NOSPACE if the 'out' buffer is too small.
- *\li ISC_R_FAILURE if other error occurred.
- *\li Printable status in 'out'.
- *
- */
-
-dns_kasp_t *
-dns_zone_getkasp(dns_zone_t *zone);
-/*%<
- * Returns the current kasp.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- */
-
-void
-dns_zone_setkasp(dns_zone_t *zone, dns_kasp_t *kasp);
-void
-dns_zone_setdefaultkasp(dns_zone_t *zone, dns_kasp_t *kasp);
-/*%<
- * Set kasp for zone. If a kasp is already set, it will be detached.
- *
- * Requires:
- *\li 'zone' to be a valid zone.
- */
-
-dns_skrbundle_t *
-dns_zone_getskrbundle(dns_zone_t *zone);
-/*%<
- * Returns the current SKR bundle.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- */
-
-void
-dns_zone_setoption(dns_zone_t *zone, dns_zoneopt_t option, bool value);
-/*%<
- * Set the given options on ('value' == true) or off
- * ('value' == #false).
- *
- * Require:
- *\li 'zone' to be a valid zone.
- */
-
-dns_zoneopt_t
-dns_zone_getoptions(dns_zone_t *zone);
-/*%<
- * Returns the current zone options.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- */
-
-void
-dns_zone_setminrefreshtime(dns_zone_t *zone, uint32_t val);
-/*%<
- * Set the minimum refresh time.
- *
- * Requires:
- *\li 'zone' is valid.
- *\li val > 0.
- */
-
-void
-dns_zone_setmaxrefreshtime(dns_zone_t *zone, uint32_t val);
-/*%<
- * Set the maximum refresh time.
- *
- * Requires:
- *\li 'zone' is valid.
- *\li val > 0.
- */
-
-void
-dns_zone_setminretrytime(dns_zone_t *zone, uint32_t val);
-/*%<
- * Set the minimum retry time.
- *
- * Requires:
- *\li 'zone' is valid.
- *\li val > 0.
- */
-
-void
-dns_zone_setmaxretrytime(dns_zone_t *zone, uint32_t val);
-/*%<
- * Set the maximum retry time.
- *
- * Requires:
- *\li 'zone' is valid.
- * val > 0.
- */
-
-void
-dns_zone_setxfrsource4(dns_zone_t *zone, const isc_sockaddr_t *xfrsource);
-/*%<
- * Set the source address to be used in IPv4 zone transfers.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'xfrsource' to contain the address.
- */
-
-void
-dns_zone_getxfrsource4(dns_zone_t *zone, isc_sockaddr_t *xfrsource);
-/*%<
- * Returns the source address set by a previous dns_zone_setxfrsource4
- * call, or the default of inaddr_any, port 0.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'xfrsource' to not be NULL
- */
-
-void
-dns_zone_setxfrsource6(dns_zone_t *zone, const isc_sockaddr_t *xfrsource);
-/*%<
- * Set the source address to be used in IPv6 zone transfers.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'xfrsource' to contain the address.
- */
-
-void
-dns_zone_getxfrsource6(dns_zone_t *zone, isc_sockaddr_t *xfrsource);
-/*%<
- * Returns the source address set by a previous dns_zone_setxfrsource6
- * call, or the default of in6addr_any, port 0.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'xfrsource' to not be NULL
- */
-
-void
-dns_zone_setparentalsrc4(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc);
-/*%<
- * Set the source address to be used with IPv4 parental DS queries.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'parentalsrc' to contain the address.
- */
-
-void
-dns_zone_getparentalsrc4(dns_zone_t *zone, isc_sockaddr_t *parentalsrc);
-/*%<
- * Returns the source address set by a previous dns_zone_setparentalsrc4
- * call, or the default of inaddr_any, port 0.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'parentalsrc' to be non NULL.
- */
-
-void
-dns_zone_setparentalsrc6(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc);
-/*%<
- * Set the source address to be used with IPv6 parental DS queries.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'parentalsrc' to contain the address.
- */
-
-void
-dns_zone_getparentalsrc6(dns_zone_t *zone, isc_sockaddr_t *parentalsrc);
-/*%<
- * Returns the source address set by a previous dns_zone_setparentalsrc6
- * call, or the default of in6addr_any, port 0.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'parentalsrc' to be non NULL.
- */
-
-void
-dns_zone_setnotifysrc4(dns_zone_t *zone, dns_rdatatype_t type,
- const isc_sockaddr_t *notifysrc);
-/*%<
- * Set the source address to be used with IPv4 NOTIFY messages.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'type' to be a valid notify RRtype.
- *\li 'notifysrc' to contain the address.
- */
-
-void
-dns_zone_setnotifysrc6(dns_zone_t *zone, dns_rdatatype_t type,
- const isc_sockaddr_t *notifysrc);
-/*%<
- * Set the source address to be used with IPv6 NOTIFY messages.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'type' to be a valid notify RRtype.
- *\li 'notifysrc' to contain the address.
- */
-
-void
-dns_zone_setnotifyacl(dns_zone_t *zone, dns_acl_t *acl);
-/*%<
- * Sets the notify acl list for the zone.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'acl' to be a valid acl.
- */
-
-void
-dns_zone_setqueryacl(dns_zone_t *zone, dns_acl_t *acl);
-/*%<
- * Sets the query acl list for the zone.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'acl' to be a valid acl.
- */
-
-void
-dns_zone_setqueryonacl(dns_zone_t *zone, dns_acl_t *acl);
-/*%<
- * Sets the query-on acl list for the zone.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'acl' to be a valid acl.
- */
-
-void
-dns_zone_setupdateacl(dns_zone_t *zone, dns_acl_t *acl);
-/*%<
- * Sets the update acl list for the zone.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'acl' to be valid acl.
- */
-
-void
-dns_zone_setforwardacl(dns_zone_t *zone, dns_acl_t *acl);
-/*%<
- * Sets the forward unsigned updates acl list for the zone.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'acl' to be valid acl.
- */
-
-void
-dns_zone_setxfracl(dns_zone_t *zone, dns_acl_t *acl);
-/*%<
- * Sets the transfer acl list for the zone.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *\li 'acl' to be valid acl.
- */
-
-dns_acl_t *
-dns_zone_getqueryacl(dns_zone_t *zone);
-/*%<
- * Returns the current query acl or NULL.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *
- * Returns:
- *\li acl a pointer to the acl.
- *\li NULL
- */
-
-dns_acl_t *
-dns_zone_getqueryonacl(dns_zone_t *zone);
-/*%<
- * Returns the current query-on acl or NULL.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *
- * Returns:
- *\li acl a pointer to the acl.
- *\li NULL
- */
-
-dns_acl_t *
-dns_zone_getupdateacl(dns_zone_t *zone);
-/*%<
- * Returns the current update acl or NULL.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *
- * Returns:
- *\li acl a pointer to the acl.
- *\li NULL
- */
-
-dns_acl_t *
-dns_zone_getforwardacl(dns_zone_t *zone);
-/*%<
- * Returns the current forward unsigned updates acl or NULL.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *
- * Returns:
- *\li acl a pointer to the acl.
- *\li NULL
- */
-
-dns_acl_t *
-dns_zone_getxfracl(dns_zone_t *zone);
-/*%<
- * Returns the current transfer acl or NULL.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- *
- * Returns:
- *\li acl a pointer to the acl.
- *\li NULL
- */
-
-void
-dns_zone_clearupdateacl(dns_zone_t *zone);
-/*%<
- * Clear the current update acl.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- */
-
-void
-dns_zone_clearforwardacl(dns_zone_t *zone);
-/*%<
- * Clear the current forward unsigned updates acl.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- */
-
-void
-dns_zone_clearnotifyacl(dns_zone_t *zone);
-/*%<
- * Clear the current notify acl.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- */
-
-void
-dns_zone_clearqueryacl(dns_zone_t *zone);
-/*%<
- * Clear the current query acl.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- */
-
-void
-dns_zone_clearqueryonacl(dns_zone_t *zone);
-/*%<
- * Clear the current query-on acl.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- */
-
-void
-dns_zone_clearxfracl(dns_zone_t *zone);
-/*%<
- * Clear the current transfer acl.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- */
-
-bool
-dns_zone_getupdatedisabled(dns_zone_t *zone);
-/*%<
- * Return true if updates are disabled.
- */
-
-void
-dns_zone_setupdatedisabled(dns_zone_t *zone, bool state);
-/*%<
- * Enable or disable updates.
- *
- * This should only be called when running in exclusive mode;
- * otherwise, updates that were already in progress could be
- * committed after disabling.
- */
-
-bool
-dns_zone_getzeronosoattl(dns_zone_t *zone);
-/*%<
- * Return zero-no-soa-ttl status.
- */
-
-void
-dns_zone_setzeronosoattl(dns_zone_t *zone, bool state);
-/*%<
- * Set zero-no-soa-ttl status.
- */
-
-void
-dns_zone_setchecknames(dns_zone_t *zone, dns_severity_t severity);
-/*%<
- * Set the severity of name checking when loading a zone.
- *
- * Require:
- * \li 'zone' to be a valid zone.
- */
-
-dns_severity_t
-dns_zone_getchecknames(dns_zone_t *zone);
-/*%<
- * Return the current severity of name checking.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- */
-
-void
-dns_zone_setjournalsize(dns_zone_t *zone, int32_t size);
-/*%<
- * Sets the journal size for the zone.
- *
- * Requires:
- *\li 'zone' to be a valid zone.
- */
-
-int32_t
-dns_zone_getjournalsize(dns_zone_t *zone);
-/*%<
- * Return the journal size as set with a previous call to
- * dns_zone_setjournalsize().
- *
- * Requires:
- *\li 'zone' to be a valid zone.
- */
-
-isc_result_t
-dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from,
- isc_sockaddr_t *to, dns_message_t *msg);
-/*%<
- * Tell the zone that it has received a NOTIFY message from another
- * server. This may cause some zone maintenance activity to occur.
- *
- * Requires:
- *\li 'zone' to be a valid zone.
- *\li '*from' to contain the address of the server from which 'msg'
- * was received.
- *\li 'msg' a message with opcode NOTIFY and qr clear.
- *
- * Returns:
- *\li DNS_R_REFUSED
- *\li DNS_R_NOTIMP
- *\li DNS_R_FORMERR
- *\li DNS_R_SUCCESS
- */
-
-void
-dns_zone_setminxfrratein(dns_zone_t *zone, uint32_t bytes, uint32_t seconds);
-/*%<
- * Set the minumum traffic rate (in bytes per seconds) that a zone transfer in
- * (AXFR/IXFR) of this zone will use before being aborted.
- *
- * Requires:
- * \li 'zone' to be valid initialised zone.
- */
-
-uint32_t
-dns_zone_getminxfrratebytesin(dns_zone_t *zone);
-/*%<
- * Returns the 'bytes' portion of the minimum traffic rate for the transfer in
- * for this zone.
- *
- * Requires:
- *\li 'zone' to be valid initialised zone.
- */
-
-uint32_t
-dns_zone_getminxfrratesecondsin(dns_zone_t *zone);
-/*%<
- * Returns the 'seconds' portion of the minimum traffic rate for the transfer in
- * for this zone.
- *
- * Requires:
- *\li 'zone' to be valid initialised zone.
- */
-
-void
-dns_zone_setmaxxfrin(dns_zone_t *zone, uint32_t maxxfrin);
-/*%<
- * Set the maximum time (in seconds) that a zone transfer in (AXFR/IXFR)
- * of this zone will use before being aborted.
- *
- * Requires:
- * \li 'zone' to be valid initialised zone.
- */
-
-uint32_t
-dns_zone_getmaxxfrin(dns_zone_t *zone);
-/*%<
- * Returns the maximum transfer time for this zone. This will be
- * either the value set by the last call to dns_zone_setmaxxfrin() or
- * the default value of 1 hour.
- *
- * Requires:
- *\li 'zone' to be valid initialised zone.
- */
-
-void
-dns_zone_setmaxxfrout(dns_zone_t *zone, uint32_t maxxfrout);
-/*%<
- * Set the maximum time (in seconds) that a zone transfer out (AXFR/IXFR)
- * of this zone will use before being aborted.
- *
- * Requires:
- * \li 'zone' to be valid initialised zone.
- */
-
-uint32_t
-dns_zone_getmaxxfrout(dns_zone_t *zone);
-/*%<
- * Returns the maximum transfer time for this zone. This will be
- * either the value set by the last call to dns_zone_setmaxxfrout() or
- * the default value of 1 hour.
- *
- * Requires:
- *\li 'zone' to be valid initialised zone.
- */
-
-void
-dns_zone_setjournal(dns_zone_t *zone, const char *myjournal);
-/*%<
- * Sets the filename used for journaling updates / IXFR transfers.
- * The default journal name is set by dns_zone_setfile() to be
- * "file.jnl". If 'myjournal' is NULL, the zone will have no
- * journal name.
- *
- * Requires:
- *\li 'zone' to be a valid zone.
- */
-
-char *
-dns_zone_getjournal(dns_zone_t *zone);
-/*%<
- * Returns the journal name associated with this zone.
- * If no journal has been set this will be NULL.
- *
- * Requires:
- *\li 'zone' to be valid initialised zone.
- */
-
-dns_zonetype_t
-dns_zone_gettype(dns_zone_t *zone);
-/*%<
- * Returns the type of the zone (primary/secondary/etc.)
- *
- * Requires:
- *\li 'zone' to be valid initialised zone.
- */
-
-dns_zonetype_t
-dns_zone_getredirecttype(dns_zone_t *zone);
-/*%<
- * Returns whether the redirect zone is configured as a primary or a
- * secondary zone.
- *
- * Requires:
- *\li 'zone' to be valid initialised zone.
- *\li 'zone' to be a redirect zone.
- *
- * Returns:
- *\li 'dns_zone_primary'
- *\li 'dns_zone_secondary'
- */
-
-void
-dns_zone_notify(dns_zone_t *zone, bool nodefer);
-/*%<
- * Generate notify events for this zone. If 'nodefer' is true, the
- * 'notify-defer' configuration option is ingored.
- *
- * Requires:
- *\li 'zone' to be a valid zone.
- */
-
-isc_result_t
-dns_zone_replacedb(dns_zone_t *zone, dns_db_t *db, bool dump);
-/*%<
- * Replace the database of "zone" with a new database "db".
- *
- * If "dump" is true, then the new zone contents are dumped
- * into to the zone's master file for persistence. When replacing
- * a zone database by one just loaded from a master file, set
- * "dump" to false to avoid a redundant redump of the data just
- * loaded. Otherwise, it should be set to true.
- *
- * If the "diff-on-reload" option is enabled in the configuration file,
- * the differences between the old and the new database are added to the
- * journal file, and the master file dump is postponed.
- *
- * Requires:
- * \li 'zone' to be a valid zone.
- *
- * Returns:
- * \li DNS_R_SUCCESS
- * \li DNS_R_BADZONE zone failed basic consistency checks:
- * * a single SOA must exist
- * * some NS records must exist.
- * Others
- */
-
-uint32_t
-dns_zone_getidlein(dns_zone_t *zone);
-/*%<
- * Requires:
- * \li 'zone' to be a valid zone.
- *
- * Returns:
- * \li number of seconds of idle time before we abort the transfer in.
- */
-
-void
-dns_zone_setidlein(dns_zone_t *zone, uint32_t idlein);
-/*%<
- * \li Set the idle timeout for transfer the.
- * \li Zero set the default value, 1 hour.
- *
- * Requires:
- * \li 'zone' to be a valid zone.
- */
-
-uint32_t
-dns_zone_getidleout(dns_zone_t *zone);
-/*%<
- *
- * Requires:
- * \li 'zone' to be a valid zone.
- *
- * Returns:
- * \li number of seconds of idle time before we abort a transfer out.
- */
-
-void
-dns_zone_setidleout(dns_zone_t *zone, uint32_t idleout);
-/*%<
- * \li Set the idle timeout for transfers out.
- * \li Zero set the default value, 1 hour.
- *
- * Requires:
- * \li 'zone' to be a valid zone.
- */
-
-void
-dns_zone_getssutable(dns_zone_t *zone, dns_ssutable_t **table);
-/*%<
- * Get the simple-secure-update policy table.
- *
- * Requires:
- * \li 'zone' to be a valid zone.
- */
-
-void
-dns_zone_setssutable(dns_zone_t *zone, dns_ssutable_t *table);
-/*%<
- * Set / clear the simple-secure-update policy table.
- *
- * Requires:
- * \li 'zone' to be a valid zone.
- */
-
-isc_mem_t *
-dns_zone_getmctx(dns_zone_t *zone);
-/*%<
- * Get the memory context of a zone.
- *
- * Requires:
- * \li 'zone' to be a valid zone.
- */
-
-dns_zonemgr_t *
-dns_zone_getmgr(dns_zone_t *zone);
-/*%<
- * If 'zone' is managed return the zone manager otherwise NULL.
- *
- * Requires:
- * \li 'zone' to be a valid zone.
- */
-
-void
-dns_zone_setsigvalidityinterval(dns_zone_t *zone, uint32_t interval);
-/*%<
- * Set the zone's general signature validity interval. This is the length
- * of time for which DNSSEC signatures created as a result of dynamic
- * updates to secure zones will remain valid, in seconds.
+ *\li ISC_R_NOSPACE if the 'out' buffer is too small.
+ *\li ISC_R_FAILURE if other error occurred.
+ *\li Printable status in 'out'.
*
- * Requires:
- * \li 'zone' to be a valid zone.
*/
-uint32_t
-dns_zone_getsigvalidityinterval(dns_zone_t *zone);
+dns_skrbundle_t *
+dns_zone_getskrbundle(dns_zone_t *zone);
/*%<
- * Get the zone's general signature validity interval.
+ * Returns the current SKR bundle.
*
- * Requires:
- * \li 'zone' to be a valid zone.
+ * Require:
+ *\li 'zone' to be a valid zone.
*/
void
-dns_zone_setkeyvalidityinterval(dns_zone_t *zone, uint32_t interval);
+dns_zone_setoption(dns_zone_t *zone, dns_zoneopt_t option, bool value);
/*%<
- * Set the zone's DNSKEY signature validity interval. This is the length
- * of time for which DNSSEC signatures created for DNSKEY records
- * will remain valid, in seconds.
- *
- * If this value is set to zero, then the regular signature validity
- * interval (see dns_zone_setsigvalidityinterval(), above) is used
- * for all RRSIGs. However, if this value is nonzero, then it is used
- * as the validity interval for RRSIGs covering DNSKEY and CDNSKEY
- * RRsets.
+ * Set the given options on ('value' == true) or off
+ * ('value' == #false).
*
- * Requires:
- * \li 'zone' to be a valid zone.
+ * Require:
+ *\li 'zone' to be a valid zone.
*/
-uint32_t
-dns_zone_getkeyvalidityinterval(dns_zone_t *zone);
+dns_zoneopt_t
+dns_zone_getoptions(dns_zone_t *zone);
/*%<
- * Get the zone's DNSKEY signature validity interval.
+ * Returns the current zone options.
*
- * Requires:
- * \li 'zone' to be a valid zone.
+ * Require:
+ *\li 'zone' to be a valid zone.
*/
-void
-dns_zone_setsigresigninginterval(dns_zone_t *zone, uint32_t interval);
+isc_result_t
+dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from,
+ isc_sockaddr_t *to, dns_message_t *msg);
/*%<
- * Set the zone's RRSIG re-signing interval. A dynamic zone's RRSIG's
- * will be re-signed 'interval' amount of time before they expire.
+ * Tell the zone that it has received a NOTIFY message from another
+ * server. This may cause some zone maintenance activity to occur.
*
* Requires:
- * \li 'zone' to be a valid zone.
+ *\li 'zone' to be a valid zone.
+ *\li '*from' to contain the address of the server from which 'msg'
+ * was received.
+ *\li 'msg' a message with opcode NOTIFY and qr clear.
+ *
+ * Returns:
+ *\li DNS_R_REFUSED
+ *\li DNS_R_NOTIMP
+ *\li DNS_R_FORMERR
+ *\li DNS_R_SUCCESS
*/
-uint32_t
-dns_zone_getsigresigninginterval(dns_zone_t *zone);
+dns_zonetype_t
+dns_zone_getredirecttype(dns_zone_t *zone);
/*%<
- * Get the zone's RRSIG re-signing interval.
+ * Returns whether the redirect zone is configured as a primary or a
+ * secondary zone.
*
* Requires:
- * \li 'zone' to be a valid zone.
+ *\li 'zone' to be valid initialised zone.
+ *\li 'zone' to be a redirect zone.
+ *
+ * Returns:
+ *\li 'dns_zone_primary'
+ *\li 'dns_zone_secondary'
*/
void
-dns_zone_getsourceaddr(dns_zone_t *zone, isc_sockaddr_t *sourceaddr);
+dns_zone_notify(dns_zone_t *zone, bool nodefer);
/*%<
- * Get the zone's source address from which it has last contacted the current
- * primary server.
+ * Generate notify events for this zone. If 'nodefer' is true, the
+ * 'notify-defer' configuration option is ingored.
*
* Requires:
- * \li 'zone' to be a valid zone.
- * \li 'zone' has a non-empty primaries list.
- * \li 'sourceaddr' to be non-NULL.
+ *\li 'zone' to be a valid zone.
*/
isc_result_t
-dns_zone_getprimaryaddr(dns_zone_t *zone, isc_sockaddr_t *primaryaddr);
+dns_zone_replacedb(dns_zone_t *zone, dns_db_t *db, bool dump);
/*%<
- * Get the zone's current primary server into '*primaryaddr'.
+ * Replace the database of "zone" with a new database "db".
*
- * Requires:
- * \li 'zone' to be a valid zone.
- * \li 'zone' has a non-empty primaries list.
- * \li 'primaryaddr' to be non-NULL.
+ * If "dump" is true, then the new zone contents are dumped
+ * into to the zone's master file for persistence. When replacing
+ * a zone database by one just loaded from a master file, set
+ * "dump" to false to avoid a redundant redump of the data just
+ * loaded. Otherwise, it should be set to true.
*
- * Returns:
- *\li #ISC_R_SUCCESS if the current primary server was found
- *\li #ISC_R_NOMORE if all the primaries were already iterated over
- */
-
-isc_time_t
-dns_zone_getxfrintime(dns_zone_t *zone);
-/*%<
- * Get the start time of the zone's latest major step before an incoming zone
- * transfer is initiated. The time is set to the current time before the
- * precursory SOA query is queued, then it gets reset when the query starts,
- * when the query restarts (using another transport or another primary server),
- * when an incoming zone transfer is initated and deferred, and, finally, when
- * it gets started.
+ * If the "diff-on-reload" option is enabled in the configuration file,
+ * the differences between the old and the new database are added to the
+ * journal file, and the master file dump is postponed.
*
* Requires:
* \li 'zone' to be a valid zone.
+ *
+ * Returns:
+ * \li DNS_R_SUCCESS
+ * \li DNS_R_BADZONE zone failed basic consistency checks:
+ * * a single SOA must exist
+ * * some NS records must exist.
+ * Others
*/
dns_transport_type_t
* \li 'zone' to be a valid zone.
*/
-void
-dns_zone_setnotifytype(dns_zone_t *zone, dns_rdatatype_t type,
- dns_notifytype_t notifytype);
-/*%<
- * Sets zone notify(type) method to "notifytype"
- */
-
-void
-dns_zone_setcheckdstype(dns_zone_t *zone, dns_checkdstype_t checkdstype);
-/*%<
- * Sets zone checkds method to "checkdstype"
- */
-
isc_result_t
dns_zone_forwardupdate(dns_zone_t *zone, dns_message_t *msg,
dns_updatecallback_t callback, void *callback_arg);
* (result ISC_R_NOMORE).
*/
-void
-dns_zone_setkeydirectory(dns_zone_t *zone, const char *directory);
-/*%<
- * Sets the name of the directory where private keys used for
- * online signing or dynamic zones are found.
- *
- * Require:
- *\li 'zone' to be a valid zone.
- */
-
-const char *
-dns_zone_getkeydirectory(dns_zone_t *zone);
-/*%<
- * Gets the name of the directory where private keys used for
- * online signing of dynamic zones are found.
- *
- * Requires:
- *\li 'zone' to be valid initialised zone.
- *
- * Returns:
- * Pointer to null-terminated file name, or NULL.
- */
-
isc_result_t
dns_zone_getdnsseckeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver,
isc_stdtime_t now, dns_dnsseckeylist_t *keys);
*\li 'is_pending' to be non NULL.
*\li 'needs_refresh' to be non NULL.
*
- * Returns:
- * ISC_R_SUCCESS transfer information is returned
- * ISC_R_FAILURE error while trying to get the transfer information
- */
-
-void
-dns_zonemgr_set_tlsctx_cache(dns_zonemgr_t *zmgr,
- isc_tlsctx_cache_t *tlsctx_cache);
-/*%<
- * Set the TLS client context cache used for zone transfers via
- * encrypted transports (e.g. XoT).
- *
- * Requires:
- *\li 'zmgr' is a valid zone manager.
- *\li 'tlsctx_cache' is a valid TLS context cache.
- */
-
-void
-dns_zone_stopxfr(dns_zone_t *zone);
-/*%<
- * If 'zone' has an ongoing active transfer, stop it.
- *
- * Requires:
- *\li 'zone' to be a valid zone.
- */
-
-void
-dns_zone_forcexfr(dns_zone_t *zone);
-/*%<
- * Force a zone transfer of the specified zone.
- *
- * Requires:
- *\li 'zone' to be a valid zone.
- */
-
-bool
-dns_zone_isforced(dns_zone_t *zone);
-/*%<
- * Check if the zone is waiting a forced reload.
- *
- * Requires:
- * \li 'zone' to be a valid zone.
- */
-
-isc_result_t
-dns_zone_setstatistics(dns_zone_t *zone, bool on);
-/*%<
- * This function is obsoleted by dns_zone_setrequeststats().
- */
-
-uint64_t *
-dns_zone_getstatscounters(dns_zone_t *zone);
-/*%<
- * This function is obsoleted by dns_zone_getrequeststats().
- */
-
-void
-dns_zone_setstats(dns_zone_t *zone, isc_stats_t *stats);
-/*%<
- * Set a general zone-maintenance statistics set 'stats' for 'zone'. This
- * function is expected to be called only on zone creation (when necessary).
- * Once installed, it cannot be removed or replaced. Also, there is no
- * interface to get the installed stats from the zone; the caller must keep the
- * stats to reference (e.g. dump) it later.
- *
- * Requires:
- * \li 'zone' to be a valid zone and does not have a statistics set already
- * installed.
- *
- *\li stats is a valid statistics supporting zone statistics counters
- * (see dns/stats.h).
- */
-
-void
-dns_zone_setrequeststats(dns_zone_t *zone, isc_stats_t *stats);
-
-void
-dns_zone_setrcvquerystats(dns_zone_t *zone, isc_statsmulti_t *stats);
-
-void
-dns_zone_setdnssecsignstats(dns_zone_t *zone, dns_stats_t *stats);
-/*%<
- * Set additional statistics sets to zone. These are attached to the zone
- * but are not counted in the zone module; only the caller updates the
- * counters.
- *
- * Requires:
- * \li 'zone' to be a valid zone.
- *
- *\li stats is a valid statistics.
- */
-
-isc_stats_t *
-dns_zone_getrequeststats(dns_zone_t *zone);
-
-isc_statsmulti_t *
-dns_zone_getrcvquerystats(dns_zone_t *zone);
-
-dns_stats_t *
-dns_zone_getdnssecsignstats(dns_zone_t *zone);
-/*%<
- * Get the additional statistics for zone, if one is installed.
- *
- * Requires:
- * \li 'zone' to be a valid zone.
- *
- * Returns:
- * \li when available, a pointer to the statistics set installed in zone;
- * otherwise NULL.
- */
-
-void
-dns_zone_logv(dns_zone_t *zone, isc_logcategory_t category, int level,
- const char *prefix, const char *msg, va_list ap);
-/*%<
- * Log the message 'msg...' at 'level' using log category 'category', including
- * text that identifies the message as applying to 'zone'. If the (optional)
- * 'prefix' is not NULL, it will be placed at the start of the entire log line.
- */
-
-void
-dns_zone_log(dns_zone_t *zone, int level, const char *msg, ...)
- ISC_FORMAT_PRINTF(3, 4);
-/*%<
- * Log the message 'msg...' at 'level', including text that identifies
- * the message as applying to 'zone'.
- */
-
-void
-dns_zone_logc(dns_zone_t *zone, isc_logcategory_t category, int level,
- const char *msg, ...) ISC_FORMAT_PRINTF(4, 5);
-/*%<
- * Log the message 'msg...' at 'level', including text that identifies
- * the message as applying to 'zone'.
- */
-
-void
-dns_zone_name(dns_zone_t *zone, char *buf, size_t len);
-/*%<
- * Return the name of the zone with class and view.
- *
- * Requires:
- *\li 'zone' to be valid.
- *\li 'buf' to be non NULL.
- */
-
-void
-dns_zone_nameonly(dns_zone_t *zone, char *buf, size_t len);
-/*%<
- * Return the name of the zone only.
- *
- * Requires:
- *\li 'zone' to be valid.
- *\li 'buf' to be non NULL.
- */
-
-isc_result_t
-dns_zone_checknames(dns_zone_t *zone, const dns_name_t *name,
- dns_rdata_t *rdata);
-/*%<
- * Check if this record meets the check-names policy.
- *
- * Requires:
- * 'zone' to be valid.
- * 'name' to be valid.
- * 'rdata' to be valid.
- *
- * Returns:
- * DNS_R_SUCCESS passed checks.
- * DNS_R_BADOWNERNAME failed ownername checks.
- * DNS_R_BADNAME failed rdata checks.
- */
-
-void
-dns_zone_setcheckmx(dns_zone_t *zone, dns_checkmxfunc_t checkmx);
-/*%<
- * Set the post load integrity callback function 'checkmx'.
- * 'checkmx' will be called if the MX TARGET is not within the zone.
- *
- * Require:
- * 'zone' to be a valid zone.
- */
-
-void
-dns_zone_setchecksrv(dns_zone_t *zone, dns_checkmxfunc_t checksrv);
-/*%<
- * Set the post load integrity callback function 'checksrv'.
- * 'checksrv' will be called if the SRV TARGET is not within the zone.
- *
- * Require:
- * 'zone' to be a valid zone.
+ * Returns:
+ * ISC_R_SUCCESS transfer information is returned
+ * ISC_R_FAILURE error while trying to get the transfer information
*/
void
-dns_zone_setcheckns(dns_zone_t *zone, dns_checknsfunc_t checkns);
+dns_zonemgr_set_tlsctx_cache(dns_zonemgr_t *zmgr,
+ isc_tlsctx_cache_t *tlsctx_cache);
/*%<
- * Set the post load integrity callback function 'checkns'.
- * 'checkns' will be called if the NS TARGET is not within the zone.
+ * Set the TLS client context cache used for zone transfers via
+ * encrypted transports (e.g. XoT).
*
- * Require:
- * 'zone' to be a valid zone.
+ * Requires:
+ *\li 'zmgr' is a valid zone manager.
+ *\li 'tlsctx_cache' is a valid TLS context cache.
*/
void
-dns_zone_setcheckisservedby(dns_zone_t *zone,
- dns_checkisservedbyfunc_t checkisserverby);
+dns_zone_stopxfr(dns_zone_t *zone);
/*%<
- * Set the post load integrity callback function 'checkisserverby'.
- * 'checkisserverby' will be called if the NS TARGET is not within
- * the zone and there are A or AAAA records in the the zone.
+ * If 'zone' has an ongoing active transfer, stop it.
*
- * Require:
- * 'zone' to be a valid zone.
+ * Requires:
+ *\li 'zone' to be a valid zone.
*/
void
-dns_zone_setnotifydefer(dns_zone_t *zone, dns_rdatatype_t type, uint32_t defer);
+dns_zone_forcexfr(dns_zone_t *zone);
/*%<
- * Set the wait/defer time (in seconds) before notify messages are sent when
- * they are ready.
+ * Force a zone transfer of the specified zone.
*
* Requires:
- * 'zone' to be valid.
- * 'type' to be a valid notify RRtype.
+ *\li 'zone' to be a valid zone.
*/
-void
-dns_zone_setnotifydelay(dns_zone_t *zone, dns_rdatatype_t type, uint32_t delay);
+bool
+dns_zone_isforced(dns_zone_t *zone);
/*%<
- * Set the minimum delay (in seconds) between sets of notify messages.
+ * Check if the zone is waiting a forced reload.
*
* Requires:
- * 'zone' to be valid.
- * 'type' to be a valid notify RRtype.
+ * \li 'zone' to be a valid zone.
*/
void
-dns_zone_setisself(dns_zone_t *zone, dns_isselffunc_t isself, void *arg);
+dns_zone_logv(dns_zone_t *zone, isc_logcategory_t category, int level,
+ const char *prefix, const char *msg, va_list ap);
/*%<
- * Set the isself callback function and argument.
- *
- * bool
- * isself(dns_view_t *myview, dns_tsigkey_t *mykey,
- * const isc_netaddr_t *srcaddr, const isc_netaddr_t *destaddr,
- * dns_rdataclass_t rdclass, void *arg);
- *
- * 'isself' returns true if a non-recursive query from 'srcaddr' to
- * 'destaddr' with optional key 'mykey' for class 'rdclass' would be
- * delivered to 'myview'.
+ * Log the message 'msg...' at 'level' using log category 'category', including
+ * text that identifies the message as applying to 'zone'. If the (optional)
+ * 'prefix' is not NULL, it will be placed at the start of the entire log line.
*/
void
-dns_zone_setnodes(dns_zone_t *zone, uint32_t nodes);
+dns_zone_log(dns_zone_t *zone, int level, const char *msg, ...)
+ ISC_FORMAT_PRINTF(3, 4);
/*%<
- * Set the number of nodes that will be checked per quantum.
+ * Log the message 'msg...' at 'level', including text that identifies
+ * the message as applying to 'zone'.
*/
void
-dns_zone_setsignatures(dns_zone_t *zone, uint32_t signatures);
+dns_zone_logc(dns_zone_t *zone, isc_logcategory_t category, int level,
+ const char *msg, ...) ISC_FORMAT_PRINTF(4, 5);
/*%<
- * Set the number of signatures that will be generated per quantum.
+ * Log the message 'msg...' at 'level', including text that identifies
+ * the message as applying to 'zone'.
*/
-uint32_t
-dns_zone_getsignatures(dns_zone_t *zone);
+isc_result_t
+dns_zone_checknames(dns_zone_t *zone, const dns_name_t *name,
+ dns_rdata_t *rdata);
/*%<
- * Get the number of signatures that will be generated per quantum.
+ * Check if this record meets the check-names policy.
+ *
+ * Requires:
+ * 'zone' to be valid.
+ * 'name' to be valid.
+ * 'rdata' to be valid.
+ *
+ * Returns:
+ * DNS_R_SUCCESS passed checks.
+ * DNS_R_BADOWNERNAME failed ownername checks.
+ * DNS_R_BADNAME failed rdata checks.
*/
isc_result_t
* Incrementally add a NSEC3 chain that corresponds to 'nsec3param'.
*/
-void
-dns_zone_setprivatetype(dns_zone_t *zone, dns_rdatatype_t type);
-dns_rdatatype_t
-dns_zone_getprivatetype(dns_zone_t *zone);
-/*
- * Get/Set the private record type. It is expected that these interfaces
- * will not be permanent.
- */
-
void
dns_zone_rekey(dns_zone_t *zone, bool fullsign, bool forcekeymgr);
/*%<
* Others
*/
-void
-dns_zone_setadded(dns_zone_t *zone, bool added);
-/*%
- * Sets the value of zone->added, which should be true for
- * zones that were originally added by "rndc addzone".
- *
- * Requires:
- * \li 'zone' to be valid.
- */
-
-bool
-dns_zone_getadded(dns_zone_t *zone);
-/*%
- * Returns true if the zone was originally added at runtime
- * using "rndc addzone".
- *
- * Requires:
- * \li 'zone' to be valid.
- */
-
-void
-dns_zone_setmodded(dns_zone_t *zone, bool added);
-/*%
- * Sets the value of zone->modded, which should be true for
- * zones that were modified by "rndc modzone".
- *
- * Requires:
- * \li 'zone' to be valid.
- */
-
-bool
-dns_zone_getmodded(dns_zone_t *zone);
-/*%
- * Returns true if the zone was modified at runtime
- * using "rndc modzone".
- *
- * Requires:
- * \li 'zone' to be valid.
- */
-
-void
-dns_zone_setautomatic(dns_zone_t *zone, bool automatic);
-/*%
- * Sets the value of zone->automatic, which should be true for
- * zones that were automatically added by named.
- *
- * Requires:
- * \li 'zone' to be valid.
- */
-
-bool
-dns_zone_getautomatic(dns_zone_t *zone);
-/*%
- * Returns true if the zone was added automatically by named.
- *
- * Requires:
- * \li 'zone' to be valid.
- */
-
isc_result_t
dns_zone_dlzpostload(dns_zone_t *zone, dns_db_t *db);
/*%
* \li 'zone' to be valid.
*/
-isc_result_t
-dns_zone_setrefreshkeyinterval(dns_zone_t *zone, uint32_t interval);
-/*%
- * Sets the frequency, in minutes, with which the key repository will be
- * checked to see if the keys for this zone have been updated. Any value
- * higher than 1440 minutes (24 hours) will be silently reduced. A
- * value of zero will return an out-of-range error.
- *
- * Requires:
- * \li 'zone' to be valid.
- */
-
-bool
-dns_zone_getrequestexpire(dns_zone_t *zone);
-/*%
- * Returns the true/false value of the request-expire option in the zone.
- *
- * Requires:
- * \li 'zone' to be valid.
- */
-
-void
-dns_zone_setrequestexpire(dns_zone_t *zone, bool flag);
-/*%
- * Sets the request-expire option for the zone. Either true or false. The
- * default value is determined by the setting of this option in the view.
- *
- * Requires:
- * \li 'zone' to be valid.
- */
-
-bool
-dns_zone_getrequestixfr(dns_zone_t *zone);
-/*%
- * Returns the true/false value of the request-ixfr option in the zone.
- *
- * Requires:
- * \li 'zone' to be valid.
- */
-
-void
-dns_zone_setrequestixfr(dns_zone_t *zone, bool flag);
-/*%
- * Sets the request-ixfr option for the zone. Either true or false. The
- * default value is determined by the setting of this option in the view.
- *
- * Requires:
- * \li 'zone' to be valid.
- */
-
-bool
-dns_zone_getrequestixfrmaxdiffs(dns_zone_t *zone);
-/*%
- * Returns the value of the request-ixfr-max-diffs option in the zone.
- *
- * Requires:
- * \li 'zone' to be valid.
- */
-
-void
-dns_zone_setrequestixfrmaxdiffs(dns_zone_t *zone, uint32_t maxmsgs);
-/*%
- * Sets the request-ixfr-max-diffs option for the zone. 0 means unlimited. The
- * default value is determined by the setting of this option in the view.
- *
- * Requires:
- * \li 'zone' to be valid.
- */
-
-uint32_t
-dns_zone_getixfrratio(dns_zone_t *zone);
-/*%
- * Returns the zone's current IXFR ratio.
- *
- * Requires:
- * \li 'zone' to be valid.
- */
-
-void
-dns_zone_setixfrratio(dns_zone_t *zone, uint32_t ratio);
-/*%
- * Sets the ratio of IXFR size to zone size above which we use an AXFR
- * response, expressed as a percentage. Cannot exceed 100.
- *
- * Requires:
- * \li 'zone' to be valid.
- */
-
-void
-dns_zone_setserialupdatemethod(dns_zone_t *zone, dns_updatemethod_t method);
-/*%
- * Sets the update method to use when incrementing the zone serial number
- * due to a DDNS update. Valid options are dns_updatemethod_increment
- * and dns_updatemethod_unixtime.
- *
- * Requires:
- * \li 'zone' to be valid.
- */
-
-dns_updatemethod_t
-dns_zone_getserialupdatemethod(dns_zone_t *zone);
-/*%<
- * Returns the update method to be used when incrementing the zone serial
- * number due to a DDNS update.
- *
- * Requires:
- * \li 'zone' to be valid.
- */
-
isc_result_t
dns_zone_link(dns_zone_t *zone, dns_zone_t *raw);
* maintenance timer.
*/
-isc_result_t
-dns_zone_getloadtime(dns_zone_t *zone, isc_time_t *loadtime);
-/*%
- * Return the time when the zone was last loaded.
- */
-
-isc_result_t
-dns_zone_getrefreshtime(dns_zone_t *zone, isc_time_t *refreshtime);
-/*%
- * Return the time when the (secondary) zone will need to be refreshed.
- */
-
-isc_result_t
-dns_zone_getexpiretime(dns_zone_t *zone, isc_time_t *expiretime);
-/*%
- * Return the time when the (secondary) zone will expire.
- */
-
-isc_result_t
-dns_zone_getrefreshkeytime(dns_zone_t *zone, isc_time_t *refreshkeytime);
-/*%
- * Return the time of the next scheduled DNSSEC key event.
- */
-
unsigned int
dns_zone_getincludes(dns_zone_t *zone, char ***includesp);
/*%
* \li 'zone' is a valid zone object
*/
-void
-dns_zone_setstatlevel(dns_zone_t *zone, dns_zonestat_level_t level);
-
-dns_zonestat_level_t
-dns_zone_getstatlevel(dns_zone_t *zone);
-/*%
- * Set and get the statistics reporting level for the zone;
- * full, terse, or none.
- */
-
isc_result_t
dns_zone_setserial(dns_zone_t *zone, uint32_t serial);
/*%
* Return the name of the zone type 'type'.
*/
-isc_mem_t *
-dns_zone_getmem(dns_zone_t *zone);
-/**<
- * \brief Return memory context associated with the zone.
- *
- * \param zone valid dns_zone_t object.
- *
- * \return memory context associated with the zone
- */
-
-unsigned int
-dns_zone_gettid(dns_zone_t *zone);
-/**<
- * \brief Return thread-id associated with the zone.
- *
- * \param valid dns_zone_t object
- *
- * \return thread id associated with the zone
- */
-
-isc_loop_t *
-dns_zone_getloop(dns_zone_t *zone);
-/**<
- * \brief Return loop associated with the zone.
- *
- * \param valid dns_zone_t object
- *
- * \return loop associated with the zone
- */
-
bool
dns_zone_check_dnskey_nsec3(dns_zone_t *zone, dns_db_t *db,
dns_dbversion_t *ver, dns_diff_t *diff,
* \li ISC_R_SUCCESS if there were no errors loading the SKR.
*/
-void
-dns_zone_setrad(dns_zone_t *zone, dns_name_t *name);
-/**<
- * \brief Set the per zone RAD
- *
- * Requires:
- * \li 'zone' to be a valid zone.
- * \li 'name' is NULL or a valid name.
- */
-
-isc_result_t
-dns_zone_getrad(dns_zone_t *zone, dns_name_t *name);
-/**<
- * \brief get the per zone RAD
- *
- * Requires:
- * \li 'zone' to be a valid zone.
- * \li 'name' is a valid name with a buffer.
- */
-
isc_result_t
dns_zone_getzoneversion(dns_zone_t *zone, isc_buffer_t *b);
/**<
* initialized.
*/
-void *
-dns_zone_gethooktable(dns_zone_t *zone);
-/**<
- * Returns the zone hooktable
- *
- * Requires:
- * \li 'zone' to be a valid zone.
- */
-
-void
-dns_zone_sethooktable(dns_zone_t *zone, void *hooktable,
- void (*hooktable_free)(isc_mem_t *, void **));
-/**<
- * Initialize zone hooktable and free callback
- *
- * Requires:
- * \li 'zone' to be a valid zone.
- * \li 'hooktable' to be initialized.
- * \li 'hooktable_free' to be valid.
- */
-
void
dns_zone_setplugins(dns_zone_t *zone, void *plugins,
void (*plugins_free)(isc_mem_t *, void **));
* \li 'zone' to be a valid zone.
*/
-void
-dns_zone_setcfg(dns_zone_t *zone, const char *cfg);
-/*%<
- * Save a copy of the configuration text for 'zone', which can be
- * used later to dump the configuration status.
- *
- * Requires:
- * \li 'zone' to be a valid zone.
- */
-
-const char *
-dns_zone_getcfg(dns_zone_t *zone);
-/*%<
- * Return a pointer to the configuration text for 'zone', that was
- * previously saved using _setcfg().
- *
- * Requires:
- * \li 'zone' to be a valid zone.
- */
-
bool
dns_zone_isexpired(dns_zone_t *zone);
/*%<
--- /dev/null
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+#pragma once
+
+/*! \file dns/zoneproperties.h */
+
+#include <isc/statsmulti.h>
+
+#include <dns/view.h>
+#include <dns/zone.h>
+
+void
+dns_zone_setclass(dns_zone_t *zone, dns_rdataclass_t rdclass);
+/*%<
+ * Sets the class of a zone. This operation can only be performed
+ * once on a zone.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li dns_zone_setclass() not to have been called since the zone was
+ * created.
+ *\li 'rdclass' != dns_rdataclass_none.
+ */
+
+dns_rdataclass_t
+dns_zone_getclass(dns_zone_t *zone);
+/*%<
+ * Returns the current zone class.
+ *
+ * Requires:
+ *\li 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_settype(dns_zone_t *zone, dns_zonetype_t type);
+/*%<
+ * Sets the zone type. This operation can only be performed once on
+ * a zone.
+ *
+ * Requires:
+ *\li 'zone' to be a valid zone.
+ *\li dns_zone_settype() not to have been called since the zone was
+ * created.
+ *\li 'type' != dns_zone_none
+ */
+
+void
+dns_zone_setview(dns_zone_t *zone, dns_view_t *view);
+/*%<
+ * Associate the zone with a view.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ */
+
+dns_view_t *
+dns_zone_getview(dns_zone_t *zone);
+/*%<
+ * Returns the zone's associated view.
+ *
+ * Requires:
+ *\li 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_setorigin(dns_zone_t *zone, const dns_name_t *origin);
+/*%<
+ * Sets the zones origin to 'origin'.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'origin' to be non NULL.
+ *
+ * Returns:
+ *\li #ISC_R_SUCCESS
+ */
+
+dns_name_t *
+dns_zone_getorigin(dns_zone_t *zone);
+/*%<
+ * Returns the value of the origin.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ */
+
+dns_rdataclass_t
+dns_zone_getrdclass(dns_zone_t *zone);
+/*%<
+ * Returns the value of the rdclass.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_setfile(dns_zone_t *zone, const char *file, const char *initial_file,
+ dns_masterformat_t format, const dns_master_style_t *style);
+/*%<
+ * Sets the name of the master file in the format of 'format' from which
+ * the zone loads its database to 'file'.
+ *
+ * For zones that have no associated master file, 'file' will be NULL.
+ * For some zone types, e.g. secondary zones, 'file' is optional, but
+ * for primary zones it is mandatory. If the master file does not exist
+ * during loading, then it will be copied into place from 'initial_file'.
+ *
+ * For zones with persistent databases, the file name setting is ignored.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ */
+
+const char *
+dns_zone_getfile(dns_zone_t *zone);
+/*%<
+ * Gets the name of the zone's master file, if any.
+ *
+ * Requires:
+ *\li 'zone' to be valid initialised zone.
+ *
+ * Returns:
+ *\li Pointer to null-terminated file name, or NULL.
+ */
+
+void
+dns_zone_setstream(dns_zone_t *zone, const FILE *stream,
+ dns_masterformat_t format, const dns_master_style_t *style);
+/*%<
+ * Sets the source stream from which the zone will load its database.
+ *
+ * Requires:
+ *\li 'zone' to be a valid zone.
+ *\li 'stream' to be a valid and open FILE *.
+ *\li 'zone->masterfile' to be NULL, since we should load data either from
+ * 'stream' or from a master file, but not both.
+ */
+
+void
+dns_zone_setmaxrecords(dns_zone_t *zone, uint32_t records);
+/*%<
+ * Sets the maximum number of records permitted in a zone.
+ * 0 implies unlimited.
+ *
+ * Requires:
+ *\li 'zone' to be valid initialised zone.
+ *
+ * Returns:
+ *\li void
+ */
+
+uint32_t
+dns_zone_getmaxrecords(dns_zone_t *zone);
+/*%<
+ * Gets the maximum number of records permitted in a zone.
+ * 0 implies unlimited.
+ *
+ * Requires:
+ *\li 'zone' to be valid initialised zone.
+ *
+ * Returns:
+ *\li uint32_t maxrecords.
+ */
+
+void
+dns_zone_setmaxrrperset(dns_zone_t *zone, uint32_t maxrrperset);
+/*%<
+ * Sets the maximum number of records per rrset permitted in a zone.
+ * 0 implies unlimited.
+ *
+ * Requires:
+ *\li 'zone' to be valid initialised zone.
+ *
+ * Returns:
+ *\li void
+ */
+
+void
+dns_zone_setmaxtypepername(dns_zone_t *zone, uint32_t maxtypepername);
+/*%<
+ * Sets the maximum number of resource record types per owner name
+ * permitted in a zone. 0 implies unlimited.
+ *
+ * Requires:
+ *\li 'zone' to be valid initialised zone.
+ *
+ * Returns:
+ *\li void
+ */
+
+void
+dns_zone_setmaxttl(dns_zone_t *zone, uint32_t maxttl);
+/*%<
+ * Sets the max ttl of the zone.
+ *
+ * Requires:
+ *\li 'zone' to be valid initialised zone.
+ *
+ * Returns:
+ *\li void
+ */
+
+dns_ttl_t
+dns_zone_getmaxttl(dns_zone_t *zone);
+/*%<
+ * Gets the max ttl of the zone.
+ *
+ * Requires:
+ *\li 'zone' to be valid initialised zone.
+ *
+ * Returns:
+ *\li dns_ttl_t maxttl.
+ */
+
+isc_result_t
+dns_zone_getdb(dns_zone_t *zone, dns_db_t **dbp);
+/*%<
+ * Attach '*dbp' to the database to if it exists otherwise
+ * return DNS_R_NOTLOADED.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'dbp' to be != NULL && '*dbp' == NULL.
+ *
+ * Returns:
+ *\li #ISC_R_SUCCESS
+ *\li DNS_R_NOTLOADED
+ */
+
+void
+dns_zone_setdb(dns_zone_t *zone, dns_db_t *db);
+/*%<
+ * Sets the zone database to 'db'.
+ *
+ * This function is expected to be used to configure a zone with a
+ * database which is not loaded from a file or zone transfer.
+ * It can be used for a general purpose zone, but right now its use
+ * is limited to static-stub zones to avoid possible undiscovered
+ * problems in the general cases.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone of static-stub.
+ *\li zone doesn't have a database.
+ */
+
+void
+dns_zone_setdbtype(dns_zone_t *zone, unsigned int dbargc,
+ const char *const *dbargv);
+/*%<
+ * Sets the database type to dbargv[0] and database arguments
+ * to subsequent dbargv elements.
+ * 'db_type' is not checked to see if it is a valid database type.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'database' to be non NULL.
+ *\li 'dbargc' to be >= 1
+ *\li 'dbargv' to point to dbargc NULL-terminated strings
+ */
+
+void
+dns_zone_getdbtype(dns_zone_t *zone, char ***argv, isc_mem_t *mctx);
+/*%<
+ * Returns the current dbtype. isc_mem_free() should be used
+ * to free 'argv' after use.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'argv' to be non NULL and *argv to be NULL.
+ *\li 'mctx' to be valid.
+ */
+
+void
+dns_zone_setprimaries(dns_zone_t *zone, isc_sockaddr_t *addresses,
+ isc_sockaddr_t *sources, dns_name_t **keynames,
+ dns_name_t **tlsnames, uint32_t count);
+/*%<
+ * Set the list of primary servers for the zone.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'addresses' array of isc_sockaddr_t with port set or NULL.
+ *\li 'count' the number of primaries.
+ *\li 'keynames' array of dns_name_t's for tsig keys or NULL.
+ *
+ *\li If 'addresses' is NULL then 'count' must be zero.
+ */
+
+void
+dns_zone_setparentals(dns_zone_t *zone, isc_sockaddr_t *addresses,
+ isc_sockaddr_t *sources, dns_name_t **keynames,
+ dns_name_t **tlsnames, uint32_t count);
+/*%<
+ * Set the list of parental agents for the zone.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'addresses' array of isc_sockaddr_t with port set or NULL.
+ *\li 'count' the number of primaries.
+ *\li 'keynames' array of dns_name_t's for tsig keys or NULL.
+ *
+ *\li If 'addresses' is NULL then 'count' must be zero.
+ */
+
+void
+dns_zone_setalsonotify(dns_zone_t *zone, isc_sockaddr_t *addresses,
+ isc_sockaddr_t *sources, dns_name_t **keynames,
+ dns_name_t **tlsnames, uint32_t count);
+/*%<
+ * Set the list of additional servers to be notified when
+ * a zone changes. To clear the list use 'count = 0'.
+ *
+ * dns_zone_alsonotifywithkeys() allows each notify address to
+ * be associated with a TSIG key.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'addresses' to be non-NULL if count != 0.
+ *\li 'count' to be the number of notifiees.
+ */
+
+void
+dns_zone_setcdsendpoints(dns_zone_t *zone, isc_sockaddr_t *addresses,
+ isc_sockaddr_t *sources, dns_name_t **keynames,
+ dns_name_t **tlsnames, uint32_t count);
+/*%<
+ * Set the list of servers to be notified when the zone changes
+ * its CDS/CDNSKEY RRset. To clear the list use 'count = 0'.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'addresses' to be non-NULL if count != 0.
+ *\li 'count' to be the number of notifiees.
+ */
+
+dns_kasp_t *
+dns_zone_getkasp(dns_zone_t *zone);
+/*%<
+ * Returns the current kasp.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_setkasp(dns_zone_t *zone, dns_kasp_t *kasp);
+void
+dns_zone_setdefaultkasp(dns_zone_t *zone, dns_kasp_t *kasp);
+/*%<
+ * Set kasp for zone. If a kasp is already set, it will be detached.
+ *
+ * Requires:
+ *\li 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_setminrefreshtime(dns_zone_t *zone, uint32_t val);
+/*%<
+ * Set the minimum refresh time.
+ *
+ * Requires:
+ *\li 'zone' is valid.
+ *\li val > 0.
+ */
+
+void
+dns_zone_setmaxrefreshtime(dns_zone_t *zone, uint32_t val);
+/*%<
+ * Set the maximum refresh time.
+ *
+ * Requires:
+ *\li 'zone' is valid.
+ *\li val > 0.
+ */
+
+void
+dns_zone_setminretrytime(dns_zone_t *zone, uint32_t val);
+/*%<
+ * Set the minimum retry time.
+ *
+ * Requires:
+ *\li 'zone' is valid.
+ *\li val > 0.
+ */
+
+void
+dns_zone_setmaxretrytime(dns_zone_t *zone, uint32_t val);
+/*%<
+ * Set the maximum retry time.
+ *
+ * Requires:
+ *\li 'zone' is valid.
+ * val > 0.
+ */
+
+void
+dns_zone_setxfrsource4(dns_zone_t *zone, const isc_sockaddr_t *xfrsource);
+/*%<
+ * Set the source address to be used in IPv4 zone transfers.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'xfrsource' to contain the address.
+ */
+
+void
+dns_zone_getxfrsource4(dns_zone_t *zone, isc_sockaddr_t *xfrsource);
+/*%<
+ * Returns the source address set by a previous dns_zone_setxfrsource4
+ * call, or the default of inaddr_any, port 0.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'xfrsource' to not be NULL
+ */
+
+void
+dns_zone_setxfrsource6(dns_zone_t *zone, const isc_sockaddr_t *xfrsource);
+/*%<
+ * Set the source address to be used in IPv6 zone transfers.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'xfrsource' to contain the address.
+ */
+
+void
+dns_zone_getxfrsource6(dns_zone_t *zone, isc_sockaddr_t *xfrsource);
+/*%<
+ * Returns the source address set by a previous dns_zone_setxfrsource6
+ * call, or the default of in6addr_any, port 0.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'xfrsource' to not be NULL
+ */
+
+void
+dns_zone_setparentalsrc4(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc);
+/*%<
+ * Set the source address to be used with IPv4 parental DS queries.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'parentalsrc' to contain the address.
+ */
+
+void
+dns_zone_getparentalsrc4(dns_zone_t *zone, isc_sockaddr_t *parentalsrc);
+/*%<
+ * Returns the source address set by a previous dns_zone_setparentalsrc4
+ * call, or the default of inaddr_any, port 0.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'parentalsrc' to be non NULL.
+ */
+
+void
+dns_zone_setparentalsrc6(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc);
+/*%<
+ * Set the source address to be used with IPv6 parental DS queries.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'parentalsrc' to contain the address.
+ */
+
+void
+dns_zone_getparentalsrc6(dns_zone_t *zone, isc_sockaddr_t *parentalsrc);
+/*%<
+ * Returns the source address set by a previous dns_zone_setparentalsrc6
+ * call, or the default of in6addr_any, port 0.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'parentalsrc' to be non NULL.
+ */
+
+void
+dns_zone_setnotifysrc4(dns_zone_t *zone, dns_rdatatype_t type,
+ const isc_sockaddr_t *notifysrc);
+/*%<
+ * Set the source address to be used with IPv4 NOTIFY messages.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'type' to be a valid notify RRtype.
+ *\li 'notifysrc' to contain the address.
+ */
+
+void
+dns_zone_setnotifysrc6(dns_zone_t *zone, dns_rdatatype_t type,
+ const isc_sockaddr_t *notifysrc);
+/*%<
+ * Set the source address to be used with IPv6 NOTIFY messages.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'type' to be a valid notify RRtype.
+ *\li 'notifysrc' to contain the address.
+ */
+
+void
+dns_zone_setnotifyacl(dns_zone_t *zone, dns_acl_t *acl);
+/*%<
+ * Sets the notify acl list for the zone.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'acl' to be a valid acl.
+ */
+
+void
+dns_zone_setqueryacl(dns_zone_t *zone, dns_acl_t *acl);
+/*%<
+ * Sets the query acl list for the zone.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'acl' to be a valid acl.
+ */
+
+void
+dns_zone_setqueryonacl(dns_zone_t *zone, dns_acl_t *acl);
+/*%<
+ * Sets the query-on acl list for the zone.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'acl' to be a valid acl.
+ */
+
+void
+dns_zone_setupdateacl(dns_zone_t *zone, dns_acl_t *acl);
+/*%<
+ * Sets the update acl list for the zone.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'acl' to be valid acl.
+ */
+
+void
+dns_zone_setforwardacl(dns_zone_t *zone, dns_acl_t *acl);
+/*%<
+ * Sets the forward unsigned updates acl list for the zone.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'acl' to be valid acl.
+ */
+
+void
+dns_zone_setxfracl(dns_zone_t *zone, dns_acl_t *acl);
+/*%<
+ * Sets the transfer acl list for the zone.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *\li 'acl' to be valid acl.
+ */
+
+dns_acl_t *
+dns_zone_getqueryacl(dns_zone_t *zone);
+/*%<
+ * Returns the current query acl or NULL.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *
+ * Returns:
+ *\li acl a pointer to the acl.
+ *\li NULL
+ */
+
+dns_acl_t *
+dns_zone_getqueryonacl(dns_zone_t *zone);
+/*%<
+ * Returns the current query-on acl or NULL.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *
+ * Returns:
+ *\li acl a pointer to the acl.
+ *\li NULL
+ */
+
+dns_acl_t *
+dns_zone_getupdateacl(dns_zone_t *zone);
+/*%<
+ * Returns the current update acl or NULL.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *
+ * Returns:
+ *\li acl a pointer to the acl.
+ *\li NULL
+ */
+
+dns_acl_t *
+dns_zone_getforwardacl(dns_zone_t *zone);
+/*%<
+ * Returns the current forward unsigned updates acl or NULL.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *
+ * Returns:
+ *\li acl a pointer to the acl.
+ *\li NULL
+ */
+
+dns_acl_t *
+dns_zone_getxfracl(dns_zone_t *zone);
+/*%<
+ * Returns the current transfer acl or NULL.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ *
+ * Returns:
+ *\li acl a pointer to the acl.
+ *\li NULL
+ */
+
+void
+dns_zone_clearupdateacl(dns_zone_t *zone);
+/*%<
+ * Clear the current update acl.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_clearforwardacl(dns_zone_t *zone);
+/*%<
+ * Clear the current forward unsigned updates acl.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_clearnotifyacl(dns_zone_t *zone);
+/*%<
+ * Clear the current notify acl.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_clearqueryacl(dns_zone_t *zone);
+/*%<
+ * Clear the current query acl.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_clearqueryonacl(dns_zone_t *zone);
+/*%<
+ * Clear the current query-on acl.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_clearxfracl(dns_zone_t *zone);
+/*%<
+ * Clear the current transfer acl.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ */
+
+bool
+dns_zone_getupdatedisabled(dns_zone_t *zone);
+/*%<
+ * Return true if updates are disabled.
+ */
+
+void
+dns_zone_setupdatedisabled(dns_zone_t *zone, bool state);
+/*%<
+ * Enable or disable updates.
+ *
+ * This should only be called when running in exclusive mode;
+ * otherwise, updates that were already in progress could be
+ * committed after disabling.
+ */
+
+bool
+dns_zone_getzeronosoattl(dns_zone_t *zone);
+/*%<
+ * Return zero-no-soa-ttl status.
+ */
+
+void
+dns_zone_setzeronosoattl(dns_zone_t *zone, bool state);
+/*%<
+ * Set zero-no-soa-ttl status.
+ */
+
+void
+dns_zone_setchecknames(dns_zone_t *zone, dns_severity_t severity);
+/*%<
+ * Set the severity of name checking when loading a zone.
+ *
+ * Require:
+ * \li 'zone' to be a valid zone.
+ */
+
+dns_severity_t
+dns_zone_getchecknames(dns_zone_t *zone);
+/*%<
+ * Return the current severity of name checking.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_setjournalsize(dns_zone_t *zone, int32_t size);
+/*%<
+ * Sets the journal size for the zone.
+ *
+ * Requires:
+ *\li 'zone' to be a valid zone.
+ */
+
+int32_t
+dns_zone_getjournalsize(dns_zone_t *zone);
+/*%<
+ * Return the journal size as set with a previous call to
+ * dns_zone_setjournalsize().
+ *
+ * Requires:
+ *\li 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_setminxfrratein(dns_zone_t *zone, uint32_t bytes, uint32_t seconds);
+/*%<
+ * Set the minumum traffic rate (in bytes per seconds) that a zone transfer in
+ * (AXFR/IXFR) of this zone will use before being aborted.
+ *
+ * Requires:
+ * \li 'zone' to be valid initialised zone.
+ */
+
+uint32_t
+dns_zone_getminxfrratebytesin(dns_zone_t *zone);
+/*%<
+ * Returns the 'bytes' portion of the minimum traffic rate for the transfer in
+ * for this zone.
+ *
+ * Requires:
+ *\li 'zone' to be valid initialised zone.
+ */
+
+uint32_t
+dns_zone_getminxfrratesecondsin(dns_zone_t *zone);
+/*%<
+ * Returns the 'seconds' portion of the minimum traffic rate for the transfer in
+ * for this zone.
+ *
+ * Requires:
+ *\li 'zone' to be valid initialised zone.
+ */
+
+void
+dns_zone_setmaxxfrin(dns_zone_t *zone, uint32_t maxxfrin);
+/*%<
+ * Set the maximum time (in seconds) that a zone transfer in (AXFR/IXFR)
+ * of this zone will use before being aborted.
+ *
+ * Requires:
+ * \li 'zone' to be valid initialised zone.
+ */
+
+uint32_t
+dns_zone_getmaxxfrin(dns_zone_t *zone);
+/*%<
+ * Returns the maximum transfer time for this zone. This will be
+ * either the value set by the last call to dns_zone_setmaxxfrin() or
+ * the default value of 1 hour.
+ *
+ * Requires:
+ *\li 'zone' to be valid initialised zone.
+ */
+
+void
+dns_zone_setmaxxfrout(dns_zone_t *zone, uint32_t maxxfrout);
+/*%<
+ * Set the maximum time (in seconds) that a zone transfer out (AXFR/IXFR)
+ * of this zone will use before being aborted.
+ *
+ * Requires:
+ * \li 'zone' to be valid initialised zone.
+ */
+
+uint32_t
+dns_zone_getmaxxfrout(dns_zone_t *zone);
+/*%<
+ * Returns the maximum transfer time for this zone. This will be
+ * either the value set by the last call to dns_zone_setmaxxfrout() or
+ * the default value of 1 hour.
+ *
+ * Requires:
+ *\li 'zone' to be valid initialised zone.
+ */
+
+void
+dns_zone_setjournal(dns_zone_t *zone, const char *myjournal);
+/*%<
+ * Sets the filename used for journaling updates / IXFR transfers.
+ * The default journal name is set by dns_zone_setfile() to be
+ * "file.jnl". If 'myjournal' is NULL, the zone will have no
+ * journal name.
+ *
+ * Requires:
+ *\li 'zone' to be a valid zone.
+ */
+
+char *
+dns_zone_getjournal(dns_zone_t *zone);
+/*%<
+ * Returns the journal name associated with this zone.
+ * If no journal has been set this will be NULL.
+ *
+ * Requires:
+ *\li 'zone' to be valid initialised zone.
+ */
+
+dns_zonetype_t
+dns_zone_gettype(dns_zone_t *zone);
+/*%<
+ * Returns the type of the zone (primary/secondary/etc.)
+ *
+ * Requires:
+ *\li 'zone' to be valid initialised zone.
+ */
+
+uint32_t
+dns_zone_getidlein(dns_zone_t *zone);
+/*%<
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ *
+ * Returns:
+ * \li number of seconds of idle time before we abort the transfer in.
+ */
+
+void
+dns_zone_setidlein(dns_zone_t *zone, uint32_t idlein);
+/*%<
+ * \li Set the idle timeout for transfer the.
+ * \li Zero set the default value, 1 hour.
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ */
+
+uint32_t
+dns_zone_getidleout(dns_zone_t *zone);
+/*%<
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ *
+ * Returns:
+ * \li number of seconds of idle time before we abort a transfer out.
+ */
+
+void
+dns_zone_setidleout(dns_zone_t *zone, uint32_t idleout);
+/*%<
+ * \li Set the idle timeout for transfers out.
+ * \li Zero set the default value, 1 hour.
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_getssutable(dns_zone_t *zone, dns_ssutable_t **table);
+/*%<
+ * Get the simple-secure-update policy table.
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_setssutable(dns_zone_t *zone, dns_ssutable_t *table);
+/*%<
+ * Set / clear the simple-secure-update policy table.
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ */
+
+isc_mem_t *
+dns_zone_getmctx(dns_zone_t *zone);
+/*%<
+ * Get the memory context of a zone.
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ */
+
+dns_zonemgr_t *
+dns_zone_getmgr(dns_zone_t *zone);
+/*%<
+ * If 'zone' is managed return the zone manager otherwise NULL.
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_setsigvalidityinterval(dns_zone_t *zone, uint32_t interval);
+/*%<
+ * Set the zone's general signature validity interval. This is the length
+ * of time for which DNSSEC signatures created as a result of dynamic
+ * updates to secure zones will remain valid, in seconds.
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ */
+
+uint32_t
+dns_zone_getsigvalidityinterval(dns_zone_t *zone);
+/*%<
+ * Get the zone's general signature validity interval.
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_setkeyvalidityinterval(dns_zone_t *zone, uint32_t interval);
+/*%<
+ * Set the zone's DNSKEY signature validity interval. This is the length
+ * of time for which DNSSEC signatures created for DNSKEY records
+ * will remain valid, in seconds.
+ *
+ * If this value is set to zero, then the regular signature validity
+ * interval (see dns_zone_setsigvalidityinterval(), above) is used
+ * for all RRSIGs. However, if this value is nonzero, then it is used
+ * as the validity interval for RRSIGs covering DNSKEY and CDNSKEY
+ * RRsets.
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ */
+
+uint32_t
+dns_zone_getkeyvalidityinterval(dns_zone_t *zone);
+/*%<
+ * Get the zone's DNSKEY signature validity interval.
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_setsigresigninginterval(dns_zone_t *zone, uint32_t interval);
+/*%<
+ * Set the zone's RRSIG re-signing interval. A dynamic zone's RRSIG's
+ * will be re-signed 'interval' amount of time before they expire.
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ */
+
+uint32_t
+dns_zone_getsigresigninginterval(dns_zone_t *zone);
+/*%<
+ * Get the zone's RRSIG re-signing interval.
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_getsourceaddr(dns_zone_t *zone, isc_sockaddr_t *sourceaddr);
+/*%<
+ * Get the zone's source address from which it has last contacted the current
+ * primary server.
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ * \li 'zone' has a non-empty primaries list.
+ * \li 'sourceaddr' to be non-NULL.
+ */
+
+isc_result_t
+dns_zone_getprimaryaddr(dns_zone_t *zone, isc_sockaddr_t *primaryaddr);
+/*%<
+ * Get the zone's current primary server into '*primaryaddr'.
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ * \li 'zone' has a non-empty primaries list.
+ * \li 'primaryaddr' to be non-NULL.
+ *
+ * Returns:
+ *\li #ISC_R_SUCCESS if the current primary server was found
+ *\li #ISC_R_NOMORE if all the primaries were already iterated over
+ */
+
+isc_time_t
+dns_zone_getxfrintime(dns_zone_t *zone);
+/*%<
+ * Get the start time of the zone's latest major step before an incoming zone
+ * transfer is initiated. The time is set to the current time before the
+ * precursory SOA query is queued, then it gets reset when the query starts,
+ * when the query restarts (using another transport or another primary server),
+ * when an incoming zone transfer is initated and deferred, and, finally, when
+ * it gets started.
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_setnotifytype(dns_zone_t *zone, dns_rdatatype_t type,
+ dns_notifytype_t notifytype);
+/*%<
+ * Sets zone notify(type) method to "notifytype"
+ */
+
+void
+dns_zone_setcheckdstype(dns_zone_t *zone, dns_checkdstype_t checkdstype);
+/*%<
+ * Sets zone checkds method to "checkdstype"
+ */
+
+void
+dns_zone_setkeydirectory(dns_zone_t *zone, const char *directory);
+/*%<
+ * Sets the name of the directory where private keys used for
+ * online signing or dynamic zones are found.
+ *
+ * Require:
+ *\li 'zone' to be a valid zone.
+ */
+
+const char *
+dns_zone_getkeydirectory(dns_zone_t *zone);
+/*%<
+ * Gets the name of the directory where private keys used for
+ * online signing of dynamic zones are found.
+ *
+ * Requires:
+ *\li 'zone' to be valid initialised zone.
+ *
+ * Returns:
+ * Pointer to null-terminated file name, or NULL.
+ */
+
+isc_result_t
+dns_zone_setstatistics(dns_zone_t *zone, bool on);
+/*%<
+ * This function is obsoleted by dns_zone_setrequeststats().
+ */
+
+uint64_t *
+dns_zone_getstatscounters(dns_zone_t *zone);
+/*%<
+ * This function is obsoleted by dns_zone_getrequeststats().
+ */
+
+void
+dns_zone_setstats(dns_zone_t *zone, isc_stats_t *stats);
+/*%<
+ * Set a general zone-maintenance statistics set 'stats' for 'zone'. This
+ * function is expected to be called only on zone creation (when necessary).
+ * Once installed, it cannot be removed or replaced. Also, there is no
+ * interface to get the installed stats from the zone; the caller must keep the
+ * stats to reference (e.g. dump) it later.
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone and does not have a statistics set already
+ * installed.
+ *
+ *\li stats is a valid statistics supporting zone statistics counters
+ * (see dns/stats.h).
+ */
+
+void
+dns_zone_setrequeststats(dns_zone_t *zone, isc_stats_t *stats);
+
+void
+dns_zone_setrcvquerystats(dns_zone_t *zone, isc_statsmulti_t *stats);
+
+void
+dns_zone_setdnssecsignstats(dns_zone_t *zone, dns_stats_t *stats);
+/*%<
+ * Set additional statistics sets to zone. These are attached to the zone
+ * but are not counted in the zone module; only the caller updates the
+ * counters.
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ *
+ *\li stats is a valid statistics.
+ */
+
+isc_stats_t *
+dns_zone_getrequeststats(dns_zone_t *zone);
+
+isc_statsmulti_t *
+dns_zone_getrcvquerystats(dns_zone_t *zone);
+
+dns_stats_t *
+dns_zone_getdnssecsignstats(dns_zone_t *zone);
+/*%<
+ * Get the additional statistics for zone, if one is installed.
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ *
+ * Returns:
+ * \li when available, a pointer to the statistics set installed in zone;
+ * otherwise NULL.
+ */
+
+void
+dns_zone_name(dns_zone_t *zone, char *buf, size_t len);
+/*%<
+ * Return the name of the zone with class and view.
+ *
+ * Requires:
+ *\li 'zone' to be valid.
+ *\li 'buf' to be non NULL.
+ */
+
+void
+dns_zone_nameonly(dns_zone_t *zone, char *buf, size_t len);
+/*%<
+ * Return the name of the zone only.
+ *
+ * Requires:
+ *\li 'zone' to be valid.
+ *\li 'buf' to be non NULL.
+ */
+
+void
+dns_zone_setcheckmx(dns_zone_t *zone, dns_checkmxfunc_t checkmx);
+/*%<
+ * Set the post load integrity callback function 'checkmx'.
+ * 'checkmx' will be called if the MX TARGET is not within the zone.
+ *
+ * Require:
+ * 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_setchecksrv(dns_zone_t *zone, dns_checkmxfunc_t checksrv);
+/*%<
+ * Set the post load integrity callback function 'checksrv'.
+ * 'checksrv' will be called if the SRV TARGET is not within the zone.
+ *
+ * Require:
+ * 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_setcheckns(dns_zone_t *zone, dns_checknsfunc_t checkns);
+/*%<
+ * Set the post load integrity callback function 'checkns'.
+ * 'checkns' will be called if the NS TARGET is not within the zone.
+ *
+ * Require:
+ * 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_setcheckisservedby(dns_zone_t *zone,
+ dns_checkisservedbyfunc_t checkisserverby);
+/*%<
+ * Set the post load integrity callback function 'checkisserverby'.
+ * 'checkisserverby' will be called if the NS TARGET is not within
+ * the zone and there are A or AAAA records in the the zone.
+ *
+ * Require:
+ * 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_setnotifydefer(dns_zone_t *zone, dns_rdatatype_t type, uint32_t defer);
+/*%<
+ * Set the wait/defer time (in seconds) before notify messages are sent when
+ * they are ready.
+ *
+ * Requires:
+ * 'zone' to be valid.
+ * 'type' to be a valid notify RRtype.
+ */
+
+void
+dns_zone_setnotifydelay(dns_zone_t *zone, dns_rdatatype_t type, uint32_t delay);
+/*%<
+ * Set the minimum delay (in seconds) between sets of notify messages.
+ *
+ * Requires:
+ * 'zone' to be valid.
+ * 'type' to be a valid notify RRtype.
+ */
+
+void
+dns_zone_setisself(dns_zone_t *zone, dns_isselffunc_t isself, void *arg);
+/*%<
+ * Set the isself callback function and argument.
+ *
+ * bool
+ * isself(dns_view_t *myview, dns_tsigkey_t *mykey,
+ * const isc_netaddr_t *srcaddr, const isc_netaddr_t *destaddr,
+ * dns_rdataclass_t rdclass, void *arg);
+ *
+ * 'isself' returns true if a non-recursive query from 'srcaddr' to
+ * 'destaddr' with optional key 'mykey' for class 'rdclass' would be
+ * delivered to 'myview'.
+ */
+
+void
+dns_zone_setnodes(dns_zone_t *zone, uint32_t nodes);
+/*%<
+ * Set the number of nodes that will be checked per quantum.
+ */
+
+void
+dns_zone_setsignatures(dns_zone_t *zone, uint32_t signatures);
+/*%<
+ * Set the number of signatures that will be generated per quantum.
+ */
+
+uint32_t
+dns_zone_getsignatures(dns_zone_t *zone);
+/*%<
+ * Get the number of signatures that will be generated per quantum.
+ */
+
+void
+dns_zone_setprivatetype(dns_zone_t *zone, dns_rdatatype_t type);
+dns_rdatatype_t
+dns_zone_getprivatetype(dns_zone_t *zone);
+/*
+ * Get/Set the private record type. It is expected that these interfaces
+ * will not be permanent.
+ */
+
+void
+dns_zone_setadded(dns_zone_t *zone, bool added);
+/*%
+ * Sets the value of zone->added, which should be true for
+ * zones that were originally added by "rndc addzone".
+ *
+ * Requires:
+ * \li 'zone' to be valid.
+ */
+
+bool
+dns_zone_getadded(dns_zone_t *zone);
+/*%
+ * Returns true if the zone was originally added at runtime
+ * using "rndc addzone".
+ *
+ * Requires:
+ * \li 'zone' to be valid.
+ */
+
+void
+dns_zone_setmodded(dns_zone_t *zone, bool added);
+/*%
+ * Sets the value of zone->modded, which should be true for
+ * zones that were modified by "rndc modzone".
+ *
+ * Requires:
+ * \li 'zone' to be valid.
+ */
+
+bool
+dns_zone_getmodded(dns_zone_t *zone);
+/*%
+ * Returns true if the zone was modified at runtime
+ * using "rndc modzone".
+ *
+ * Requires:
+ * \li 'zone' to be valid.
+ */
+
+void
+dns_zone_setautomatic(dns_zone_t *zone, bool automatic);
+/*%
+ * Sets the value of zone->automatic, which should be true for
+ * zones that were automatically added by named.
+ *
+ * Requires:
+ * \li 'zone' to be valid.
+ */
+
+bool
+dns_zone_getautomatic(dns_zone_t *zone);
+/*%
+ * Returns true if the zone was added automatically by named.
+ *
+ * Requires:
+ * \li 'zone' to be valid.
+ */
+
+isc_result_t
+dns_zone_setrefreshkeyinterval(dns_zone_t *zone, uint32_t interval);
+/*%
+ * Sets the frequency, in minutes, with which the key repository will be
+ * checked to see if the keys for this zone have been updated. Any value
+ * higher than 1440 minutes (24 hours) will be silently reduced. A
+ * value of zero will return an out-of-range error.
+ *
+ * Requires:
+ * \li 'zone' to be valid.
+ */
+
+bool
+dns_zone_getrequestexpire(dns_zone_t *zone);
+/*%
+ * Returns the true/false value of the request-expire option in the zone.
+ *
+ * Requires:
+ * \li 'zone' to be valid.
+ */
+
+void
+dns_zone_setrequestexpire(dns_zone_t *zone, bool flag);
+/*%
+ * Sets the request-expire option for the zone. Either true or false. The
+ * default value is determined by the setting of this option in the view.
+ *
+ * Requires:
+ * \li 'zone' to be valid.
+ */
+
+bool
+dns_zone_getrequestixfr(dns_zone_t *zone);
+/*%
+ * Returns the true/false value of the request-ixfr option in the zone.
+ *
+ * Requires:
+ * \li 'zone' to be valid.
+ */
+
+void
+dns_zone_setrequestixfr(dns_zone_t *zone, bool flag);
+/*%
+ * Sets the request-ixfr option for the zone. Either true or false. The
+ * default value is determined by the setting of this option in the view.
+ *
+ * Requires:
+ * \li 'zone' to be valid.
+ */
+
+bool
+dns_zone_getrequestixfrmaxdiffs(dns_zone_t *zone);
+/*%
+ * Returns the value of the request-ixfr-max-diffs option in the zone.
+ *
+ * Requires:
+ * \li 'zone' to be valid.
+ */
+
+void
+dns_zone_setrequestixfrmaxdiffs(dns_zone_t *zone, uint32_t maxmsgs);
+/*%
+ * Sets the request-ixfr-max-diffs option for the zone. 0 means unlimited. The
+ * default value is determined by the setting of this option in the view.
+ *
+ * Requires:
+ * \li 'zone' to be valid.
+ */
+
+uint32_t
+dns_zone_getixfrratio(dns_zone_t *zone);
+/*%
+ * Returns the zone's current IXFR ratio.
+ *
+ * Requires:
+ * \li 'zone' to be valid.
+ */
+
+void
+dns_zone_setixfrratio(dns_zone_t *zone, uint32_t ratio);
+/*%
+ * Sets the ratio of IXFR size to zone size above which we use an AXFR
+ * response, expressed as a percentage. Cannot exceed 100.
+ *
+ * Requires:
+ * \li 'zone' to be valid.
+ */
+
+void
+dns_zone_setserialupdatemethod(dns_zone_t *zone, dns_updatemethod_t method);
+/*%
+ * Sets the update method to use when incrementing the zone serial number
+ * due to a DDNS update. Valid options are dns_updatemethod_increment
+ * and dns_updatemethod_unixtime.
+ *
+ * Requires:
+ * \li 'zone' to be valid.
+ */
+
+dns_updatemethod_t
+dns_zone_getserialupdatemethod(dns_zone_t *zone);
+/*%<
+ * Returns the update method to be used when incrementing the zone serial
+ * number due to a DDNS update.
+ *
+ * Requires:
+ * \li 'zone' to be valid.
+ */
+
+isc_result_t
+dns_zone_getloadtime(dns_zone_t *zone, isc_time_t *loadtime);
+/*%
+ * Return the time when the zone was last loaded.
+ */
+
+isc_result_t
+dns_zone_getrefreshtime(dns_zone_t *zone, isc_time_t *refreshtime);
+/*%
+ * Return the time when the (secondary) zone will need to be refreshed.
+ */
+
+isc_result_t
+dns_zone_getexpiretime(dns_zone_t *zone, isc_time_t *expiretime);
+/*%
+ * Return the time when the (secondary) zone will expire.
+ */
+
+isc_result_t
+dns_zone_getrefreshkeytime(dns_zone_t *zone, isc_time_t *refreshkeytime);
+/*%
+ * Return the time of the next scheduled DNSSEC key event.
+ */
+
+void
+dns_zone_setstatlevel(dns_zone_t *zone, dns_zonestat_level_t level);
+
+dns_zonestat_level_t
+dns_zone_getstatlevel(dns_zone_t *zone);
+/*%
+ * Set and get the statistics reporting level for the zone;
+ * full, terse, or none.
+ */
+
+isc_mem_t *
+dns_zone_getmem(dns_zone_t *zone);
+/**<
+ * \brief Return memory context associated with the zone.
+ *
+ * \param zone valid dns_zone_t object.
+ *
+ * \return memory context associated with the zone
+ */
+
+unsigned int
+dns_zone_gettid(dns_zone_t *zone);
+/**<
+ * \brief Return thread-id associated with the zone.
+ *
+ * \param valid dns_zone_t object
+ *
+ * \return thread id associated with the zone
+ */
+
+isc_loop_t *
+dns_zone_getloop(dns_zone_t *zone);
+/**<
+ * \brief Return loop associated with the zone.
+ *
+ * \param valid dns_zone_t object
+ *
+ * \return loop associated with the zone
+ */
+
+void
+dns_zone_setrad(dns_zone_t *zone, dns_name_t *name);
+/**<
+ * \brief Set the per zone RAD
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ * \li 'name' is NULL or a valid name.
+ */
+
+isc_result_t
+dns_zone_getrad(dns_zone_t *zone, dns_name_t *name);
+/**<
+ * \brief get the per zone RAD
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ * \li 'name' is a valid name with a buffer.
+ */
+
+void *
+dns_zone_gethooktable(dns_zone_t *zone);
+/**<
+ * Returns the zone hooktable
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ */
+
+void
+dns_zone_sethooktable(dns_zone_t *zone, void *hooktable,
+ void (*hooktable_free)(isc_mem_t *, void **));
+/**<
+ * Initialize zone hooktable and free callback
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ * \li 'hooktable' to be initialized.
+ * \li 'hooktable_free' to be valid.
+ */
+
+void
+dns_zone_setcfg(dns_zone_t *zone, const char *cfg);
+/*%<
+ * Save a copy of the configuration text for 'zone', which can be
+ * used later to dump the configuration status.
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ */
+
+const char *
+dns_zone_getcfg(dns_zone_t *zone);
+/*%<
+ * Return a pointer to the configuration text for 'zone', that was
+ * previously saved using _setcfg().
+ *
+ * Requires:
+ * \li 'zone' to be a valid zone.
+ */
'view.c',
'zone.c',
'zonefetch.c',
+ 'zoneproperties.c',
'zoneverify.c',
'zt.c',
),
#include <dns/stats.h>
#include <dns/tsig.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include "zone_p.h"
#include <dns/rdatasetiter.h>
#include <dns/rdatastruct.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include <dst/dst.h>
#include <dns/tsig.h>
#include <dns/validator.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include "dns/view.h"
#include <dns/rrl.h>
#include <dns/view.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
static void
log_end(dns_rrl_t *rrl, dns_rrl_entry_t *e, bool early, char *log_buf,
#include <dns/update.h>
#include <dns/view.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include <dns/zt.h>
/**************************************************************************/
#include <dns/unreachcache.h>
#include <dns/view.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include <dns/zt.h>
#define DNS_VIEW_DELONLYHASH 111
#include <dns/view.h>
#include <dns/xfrin.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include <dst/dst.h>
#include <dns/xfrin.h>
#include <dns/zone.h>
#include <dns/zonefetch.h>
+#include <dns/zoneproperties.h>
#include <dns/zoneverify.h>
#include <dns/zt.h>
#include "zone_p.h"
-#define ZONE_MAGIC ISC_MAGIC('Z', 'O', 'N', 'E')
-#define DNS_ZONE_VALID(zone) ISC_MAGIC_VALID(zone, ZONE_MAGIC)
-
-#define CHECKDS_MAGIC ISC_MAGIC('C', 'h', 'D', 'S')
-#define DNS_CHECKDS_VALID(checkds) ISC_MAGIC_VALID(checkds, CHECKDS_MAGIC)
-
-#define STUB_MAGIC ISC_MAGIC('S', 't', 'u', 'b')
-#define DNS_STUB_VALID(stub) ISC_MAGIC_VALID(stub, STUB_MAGIC)
-
-#define ZONEMGR_MAGIC ISC_MAGIC('Z', 'm', 'g', 'r')
-#define DNS_ZONEMGR_VALID(stub) ISC_MAGIC_VALID(stub, ZONEMGR_MAGIC)
-
-#define FORWARD_MAGIC ISC_MAGIC('F', 'o', 'r', 'w')
-#define DNS_FORWARD_VALID(load) ISC_MAGIC_VALID(load, FORWARD_MAGIC)
-
-#define IO_MAGIC ISC_MAGIC('Z', 'm', 'I', 'O')
-#define DNS_IO_VALID(load) ISC_MAGIC_VALID(load, IO_MAGIC)
-
/*%
* Ensure 'a' is at least 'min' but not more than 'max'.
*/
UNLOCK(&((k)->lock)); \
}
-/*
- * Default values.
- */
-#define DNS_DEFAULT_IDLEIN 3600 /*%< 1 hour */
-#define DNS_DEFAULT_IDLEOUT 3600 /*%< 1 hour */
-#define MAX_XFER_TIME (2 * 3600) /*%< Documented default is 2 hours */
-#define RESIGN_DELAY 3600 /*%< 1 hour */
-
-#ifndef DNS_MAX_EXPIRE
-#define DNS_MAX_EXPIRE 14515200 /*%< 24 weeks */
-#endif /* ifndef DNS_MAX_EXPIRE */
-
-#ifndef DNS_DUMP_DELAY
-#define DNS_DUMP_DELAY 900 /*%< 15 minutes */
-#endif /* ifndef DNS_DUMP_DELAY */
-
-typedef struct dns_checkds dns_checkds_t;
typedef struct dns_stub dns_stub_t;
typedef struct dns_load dns_load_t;
-typedef struct dns_forward dns_forward_t;
-typedef ISC_LIST(dns_forward_t) dns_forwardlist_t;
-typedef struct dns_signing dns_signing_t;
-typedef ISC_LIST(dns_signing_t) dns_signinglist_t;
-typedef struct dns_nsec3chain dns_nsec3chain_t;
-typedef ISC_LIST(dns_nsec3chain_t) dns_nsec3chainlist_t;
typedef struct dns_asyncload dns_asyncload_t;
-typedef struct dns_include dns_include_t;
-
-#define DNS_ZONE_CHECKLOCK
-#ifdef DNS_ZONE_CHECKLOCK
-#define LOCK_ZONE(z) \
- do { \
- LOCK(&(z)->lock); \
- INSIST(!(z)->locked); \
- (z)->locked = true; \
- } while (0)
-#define UNLOCK_ZONE(z) \
- do { \
- INSIST((z)->locked); \
- (z)->locked = false; \
- UNLOCK(&(z)->lock); \
- } while (0)
-#define LOCKED_ZONE(z) ((z)->locked)
-#define TRYLOCK_ZONE(result, z) \
- do { \
- result = isc_mutex_trylock(&(z)->lock); \
- if (result == ISC_R_SUCCESS) { \
- INSIST(!(z)->locked); \
- (z)->locked = true; \
- } \
- } while (0)
-#else /* ifdef DNS_ZONE_CHECKLOCK */
-#define LOCK_ZONE(z) LOCK(&(z)->lock)
-#define UNLOCK_ZONE(z) UNLOCK(&(z)->lock)
-#define LOCKED_ZONE(z) true
-#define TRYLOCK_ZONE(result, z) \
- do { \
- result = isc_mutex_trylock(&(z)->lock); \
- } while (0)
-#endif /* ifdef DNS_ZONE_CHECKLOCK */
-
-#define ZONEDB_INITLOCK(l) isc_rwlock_init(l)
-#define ZONEDB_DESTROYLOCK(l) isc_rwlock_destroy(l)
-#define ZONEDB_LOCK(l, t) RWLOCK((l), (t))
-#define ZONEDB_UNLOCK(l, t) RWUNLOCK((l), (t))
#ifdef ENABLE_AFL
extern bool dns_fuzzing_resolver;
static dns_keymgmt_bucket_t keymgmt_buckets_g[1024];
-typedef struct dns_rad {
- isc_mem_t *mctx;
- struct rcu_head rcu_head;
- dns_fixedname_t fname;
-} dns_rad_t;
-
-static void
-free_rad_rcu(struct rcu_head *rcu_head) {
- dns_rad_t *rad = caa_container_of(rcu_head, dns_rad_t, rcu_head);
- dns_fixedname_invalidate(&rad->fname);
-
- isc_mem_putanddetach(&rad->mctx, rad, sizeof(*rad));
-}
-
-struct dns_zone {
- /* Unlocked */
- unsigned int magic;
- isc_mutex_t lock;
-#ifdef DNS_ZONE_CHECKLOCK
- bool locked;
-#endif /* ifdef DNS_ZONE_CHECKLOCK */
- isc_mem_t *mctx;
- isc_refcount_t references;
-
- isc_rwlock_t dblock;
- dns_db_t *db; /* Locked by dblock */
-
- isc_tid_t tid;
-
- /* Locked */
- dns_zonemgr_t *zmgr;
- ISC_LINK(dns_zone_t) link; /* Used by zmgr. */
- isc_loop_t *loop;
- isc_timer_t *timer;
- isc_refcount_t irefs;
- dns_name_t origin;
- dns_rad_t *rad;
- char *masterfile;
- char *initfile;
- const FILE *stream; /* loading from a stream? */
- ISC_LIST(dns_include_t) includes; /* Include files */
- ISC_LIST(dns_include_t) newincludes; /* Loading */
- unsigned int nincludes;
- dns_masterformat_t masterformat;
- const dns_master_style_t *masterstyle;
- char *journal;
- int32_t journalsize;
- dns_rdataclass_t rdclass;
- dns_zonetype_t type;
- atomic_uint_fast64_t flags;
- atomic_uint_fast64_t options;
- unsigned int db_argc;
- char **db_argv;
- isc_time_t expiretime;
- isc_time_t refreshtime;
- isc_time_t dumptime;
- isc_time_t loadtime;
- isc_time_t notifytime;
- isc_time_t resigntime;
- isc_time_t keywarntime;
- isc_time_t signingtime;
- isc_time_t nsec3chaintime;
- isc_time_t refreshkeytime;
- isc_time_t xfrintime;
- uint32_t refreshkeyinterval;
- uint32_t refresh;
- uint32_t retry;
- uint32_t expire;
- uint32_t minimum;
- isc_stdtime_t key_expiry;
- isc_stdtime_t log_key_expired_timer;
- char *keydirectory;
- dns_xfrin_t *xfr;
-
- uint32_t maxrefresh;
- uint32_t minrefresh;
- uint32_t maxretry;
- uint32_t minretry;
-
- uint32_t maxrecords;
- uint32_t maxrrperset;
- uint32_t maxtypepername;
-
- dns_remote_t primaries;
-
- dns_remote_t parentals;
- dns_dnsseckeylist_t checkds_ok;
- dns_checkdstype_t checkdstype;
- uint32_t parent_nscount;
-
- uint32_t fetchcount[ZONEFETCHTYPE_COUNT];
-
- dns_remote_t alsonotify;
- dns_notifyctx_t notifysoa;
-
- dns_remote_t cds_endpoints;
- dns_notifyctx_t notifycds;
-
- isc_sockaddr_t parentalsrc4;
- isc_sockaddr_t parentalsrc6;
- isc_sockaddr_t xfrsource4;
- isc_sockaddr_t xfrsource6;
- isc_sockaddr_t sourceaddr;
- dns_tsigkey_t *tsigkey; /* key used for xfr */
- dns_transport_t *transport; /* transport used for xfr */
- /* Access Control Lists */
- dns_acl_t *update_acl;
- dns_acl_t *forward_acl;
- dns_acl_t *query_acl;
- dns_acl_t *queryon_acl;
- dns_acl_t *xfr_acl;
- bool update_disabled;
- bool zero_no_soa_ttl;
- dns_severity_t check_names;
-
- ISC_LIST(dns_checkds_t) checkds_requests;
- dns_request_t *request;
- dns_loadctx_t *loadctx;
- dns_dumpctx_t *dumpctx;
- uint32_t minxfrratebytesin;
- uint32_t minxfrratesecondsin;
- uint32_t maxxfrin;
- uint32_t maxxfrout;
- uint32_t idlein;
- uint32_t idleout;
- dns_ssutable_t *ssutable;
- uint32_t sigvalidityinterval;
- uint32_t keyvalidityinterval;
- uint32_t sigresigninginterval;
- dns_view_t *view;
- dns_view_t *prev_view;
- dns_kasp_t *kasp;
- dns_kasp_t *defaultkasp;
- dns_dnsseckeylist_t keyring;
- dns_checkmxfunc_t checkmx;
- dns_checksrvfunc_t checksrv;
- dns_checknsfunc_t checkns;
- dns_checkisservedbyfunc_t checkisservedby;
- /*%
- * Zones in certain states such as "waiting for zone transfer"
- * or "zone transfer in progress" are kept on per-state linked lists
- * in the zone manager using the 'statelink' field. The 'statelist'
- * field points at the list the zone is currently on. It the zone
- * is not on any such list, statelist is NULL.
- */
- ISC_LINK(dns_zone_t) statelink;
- dns_zonelist_t *statelist;
- /*%
- * Statistics counters about zone management.
- */
- isc_stats_t *stats;
- /*%
- * Optional per-zone statistics counters. Counted outside of this
- * module.
- */
- dns_zonestat_level_t statlevel;
- bool requeststats_on;
- isc_stats_t *requeststats;
- isc_statsmulti_t *rcvquerystats;
- dns_stats_t *dnssecsignstats;
- dns_isselffunc_t isself;
- void *isselfarg;
-
- char *strnamerd;
- char *strname;
- char *strrdclass;
- char *strviewname;
-
- /*%
- * Serial number for deferred journal compaction.
- */
- uint32_t compact_serial;
- /*%
- * Keys that are signing the zone for the first time.
- */
- dns_signinglist_t signing;
- dns_nsec3chainlist_t nsec3chain;
- /*%
- * List of outstanding NSEC3PARAM change requests.
- */
- ISC_LIST(struct np3) setnsec3param_queue;
- /*%
- * Signing / re-signing quantum stopping parameters.
- */
- uint32_t signatures;
- uint32_t nodes;
- dns_rdatatype_t privatetype;
-
- /*%
- * True if added by "rndc addzone"
- */
- bool added;
-
- /*%
- * True if modded by "rndc modzone"
- */
- bool modded;
-
- /*%
- * True if added by automatically by named.
- */
- bool automatic;
-
- /*%
- * response policy data to be relayed to the database
- */
- dns_rpz_zones_t *rpzs;
- dns_rpz_num_t rpz_num;
-
- /*%
- * catalog zone data
- */
- dns_catz_zones_t *catzs;
-
- /*%
- * parent catalog zone
- */
- dns_catz_zone_t *parentcatz;
-
- /*%
- * Serial number update method.
- */
- dns_updatemethod_t updatemethod;
-
- /*%
- * whether ixfr is requested
- */
- bool requestixfr;
- uint32_t requestixfr_maxdiffs;
- uint32_t ixfr_ratio;
-
- /*%
- * whether EDNS EXPIRE is requested
- */
- bool requestexpire;
-
- /*%
- * Outstanding forwarded UPDATE requests.
- */
- dns_forwardlist_t forwards;
-
- dns_zone_t *raw;
- dns_zone_t *secure;
-
- bool sourceserialset;
- uint32_t sourceserial;
-
- /*%
- * soa and maximum zone ttl
- */
- dns_ttl_t soattl;
- dns_ttl_t maxttl;
-
- /*
- * Inline zone signing state.
- */
- dns_diff_t rss_diff;
- dns_dbversion_t *rss_newver;
- dns_dbversion_t *rss_oldver;
- dns_db_t *rss_db;
- dns_zone_t *rss_raw;
- struct rss *rss;
- dns_update_state_t *rss_state;
-
- isc_stats_t *gluecachestats;
-
- /*%
- * Offline KSK signed key responses.
- */
- dns_skr_t *skr;
- dns_skrbundle_t *skrbundle;
-
- /*
- * Plugin-related data structures
- */
- void *plugins;
- void (*plugins_free)(isc_mem_t *, void **);
- void *hooktable;
- void (*hooktable_free)(isc_mem_t *, void **);
-
- /* Configuration text */
- char *cfg;
-};
-
#define zonediff_init(z, d) \
do { \
dns__zonediff_t *_z = (z); \
(_z)->offline = false; \
} while (0)
-#define DNS_ZONE_FLAG(z, f) ((atomic_load_relaxed(&(z)->flags) & (f)) != 0)
-#define DNS_ZONE_SETFLAG(z, f) atomic_fetch_or(&(z)->flags, (f))
-#define DNS_ZONE_CLRFLAG(z, f) atomic_fetch_and(&(z)->flags, ~(f))
-typedef enum {
- DNS_ZONEFLG_REFRESH = 1U << 0, /*%< refresh check in progress */
- DNS_ZONEFLG_NEEDDUMP = 1U << 1, /*%< zone need consolidation */
- DNS_ZONEFLG_USEVC = 1U << 2, /*%< use tcp for refresh query */
- DNS_ZONEFLG_DUMPING = 1U << 3, /*%< a dump is in progress */
- DNS_ZONEFLG_HASINCLUDE = 1U << 4, /*%< $INCLUDE in zone file */
- DNS_ZONEFLG_LOADED = 1U << 5, /*%< database has loaded */
- DNS_ZONEFLG_EXITING = 1U << 6, /*%< zone is being destroyed */
- DNS_ZONEFLG_EXPIRED = 1U << 7, /*%< zone has expired */
- DNS_ZONEFLG_NEEDREFRESH = 1U << 8, /*%< refresh check needed */
- DNS_ZONEFLG_UPTODATE = 1U << 9, /*%< zone contents are
- * up-to-date */
- DNS_ZONEFLG_NEEDNOTIFY = 1U << 10, /*%< need to send out notify
- * messages */
- DNS_ZONEFLG_FIXJOURNAL = 1U << 11, /*%< journal file had
- * recoverable error,
- * needs rewriting */
- DNS_ZONEFLG_NOPRIMARIES = 1U << 12, /*%< an attempt to refresh a
- * zone with no primaries
- * occurred */
- DNS_ZONEFLG_LOADING = 1U << 13, /*%< load from disk in progress*/
- DNS_ZONEFLG_HAVETIMERS = 1U << 14, /*%< timer values have been set
- * from SOA (if not set, we
- * are still using
- * default timer values) */
- DNS_ZONEFLG_FORCEXFER = 1U << 15, /*%< Force a zone xfer */
- DNS_ZONEFLG_SHUTDOWN = 1U << 16,
- DNS_ZONEFLG_NOIXFR = 1U << 17, /*%< IXFR failed, force AXFR */
- DNS_ZONEFLG_FLUSH = 1U << 18,
- DNS_ZONEFLG_NOEDNS = 1U << 19,
- DNS_ZONEFLG_USEALTXFRSRC = 1U << 20, /*%< Obsoleted. */
- DNS_ZONEFLG_SOABEFOREAXFR = 1U << 21,
- DNS_ZONEFLG_NEEDCOMPACT = 1U << 22,
- DNS_ZONEFLG_REFRESHING = 1U << 23, /*%< Refreshing keydata */
- DNS_ZONEFLG_THAW = 1U << 24,
- DNS_ZONEFLG_LOADPENDING = 1U << 25, /*%< Loading scheduled */
- DNS_ZONEFLG_NODELAY = 1U << 26,
- DNS_ZONEFLG_SENDSECURE = 1U << 27,
- DNS_ZONEFLG_NEEDSTARTUPNOTIFY = 1U << 28, /*%< need to send out
- * notify due to the zone
- * just being loaded for
- * the first time. */
- DNS_ZONEFLG_NOTIFYNODEFER = 1U << 29, /*%< ignore the
- * notify-defer option. */
- DNS_ZONEFLG_NOTIFYDEFERRED = 1U << 30, /*%< notify was deferred
- * according to the
- * notify-defer option. */
- DNS_ZONEFLG_FIRSTREFRESH = 1U << 31, /*%< First refresh pending */
- DNS_ZONEFLG___MAX = UINT64_MAX, /* trick to make the ENUM 64-bit wide */
-} dns_zoneflg_t;
-
-#define DNS_ZONE_OPTION(z, o) ((atomic_load_relaxed(&(z)->options) & (o)) != 0)
-#define DNS_ZONE_SETOPTION(z, o) atomic_fetch_or(&(z)->options, (o))
-#define DNS_ZONE_CLROPTION(z, o) atomic_fetch_and(&(z)->options, ~(o))
-
/* Flags for zone_load() */
typedef enum {
DNS_ZONELOADFLAG_NOSTAT = 0x00000001U, /* Do not stat() master files */
isc_rwlock_t tlsctx_cache_rwlock;
};
-/*%
- * Hold checkds state.
- */
-struct dns_checkds {
- unsigned int magic;
- dns_notify_flags_t flags;
- isc_mem_t *mctx;
- dns_zone_t *zone;
- dns_adbfind_t *find;
- dns_request_t *request;
- dns_name_t ns;
- isc_sockaddr_t src;
- isc_sockaddr_t dst;
- dns_tsigkey_t *key;
- dns_transport_t *transport;
- ISC_LINK(dns_checkds_t) link;
- isc_rlevent_t *rlevent;
-};
-
/*%
* dns_stub holds state while performing a 'stub' transfer.
* 'db' is the zone's 'db' or a new one if this is the initial
dns_rdatacallbacks_t callbacks;
};
-/*%
- * Hold forward state.
- */
-struct dns_forward {
- unsigned int magic;
- isc_mem_t *mctx;
- dns_zone_t *zone;
- isc_buffer_t *msgbuf;
- dns_request_t *request;
- uint32_t which;
- isc_sockaddr_t addr;
- dns_transport_t *transport;
- dns_updatecallback_t callback;
- void *callback_arg;
- unsigned int options;
- ISC_LINK(dns_forward_t) link;
-};
-
-/*%
- * Hold state for when we are signing a zone with a new
- * DNSKEY as result of an update.
- */
-struct dns_signing {
- unsigned int magic;
- dns_db_t *db;
- dns_dbiterator_t *dbiterator;
- dst_algorithm_t algorithm;
- uint16_t keyid;
- bool deleteit;
- bool fullsign;
- bool done;
- ISC_LINK(dns_signing_t) link;
-};
-
-struct dns_nsec3chain {
- unsigned int magic;
- dns_db_t *db;
- dns_dbiterator_t *dbiterator;
- dns_rdata_nsec3param_t nsec3param;
- unsigned char salt[255];
- bool done;
- bool seen_nsec;
- bool delete_nsec;
- bool save_delete_nsec;
- ISC_LINK(dns_nsec3chain_t) link;
-};
-
-/*%<
- * 'dbiterator' contains a iterator for the database. If we are creating
- * a NSEC3 chain only the non-NSEC3 nodes will be iterated. If we are
- * removing a NSEC3 chain then both NSEC3 and non-NSEC3 nodes will be
- * iterated.
- *
- * 'nsec3param' contains the parameters of the NSEC3 chain being created
- * or removed.
- *
- * 'salt' is buffer space and is referenced via 'nsec3param.salt'.
- *
- * 'seen_nsec' will be set to true if, while iterating the zone to create a
- * NSEC3 chain, a NSEC record is seen.
- *
- * 'delete_nsec' will be set to true if, at the completion of the creation
- * of a NSEC3 chain, 'seen_nsec' is true. If 'delete_nsec' is true then we
- * are in the process of deleting the NSEC chain.
- *
- * 'save_delete_nsec' is used to store the initial state of 'delete_nsec'
- * so it can be recovered in the event of a error.
- */
-
/*%
* Hold state for an asynchronous load
*/
void *loaded_arg;
};
-/*%
- * Reference to an include file encountered during loading
- */
-struct dns_include {
- char *name;
- isc_time_t filetime;
- ISC_LINK(dns_include_t) link;
-};
-
/*
* These can be overridden by the -T mkeytimers option on the command
* line, so that we can test with shorter periods than specified in
static void
zone_timer_set(dns_zone_t *zone, isc_time_t *next, isc_time_t *now);
-typedef struct zone_settimer {
- dns_zone_t *zone;
- isc_time_t now;
-} zone_settimer_t;
-
-static void
-zone_settimer(dns_zone_t *, isc_time_t *);
static void
cancel_refresh(dns_zone_t *);
static void
static void
zone_catz_disable(dns_zone_t *zone);
static void
-default_journal(dns_zone_t *zone);
-static void
zone_xfrdone(dns_zone_t *zone, uint32_t *expireopt, isc_result_t result);
static isc_result_t
zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime,
static void
zone_namerd_tostr(dns_zone_t *zone, char *buf, size_t length);
static void
-zone_name_tostr(dns_zone_t *zone, char *buf, size_t length);
-static void
-zone_rdclass_tostr(dns_zone_t *zone, char *buf, size_t length);
-static void
zone_viewname_tostr(dns_zone_t *zone, char *buf, size_t length);
static isc_result_t
zone_send_secureserial(dns_zone_t *zone, uint32_t serial);
uint32_t *refresh, uint32_t *retry, uint32_t *expire,
uint32_t *minimum, unsigned int *errors);
-static void
-zone_freedbargs(dns_zone_t *zone);
static void
forward_callback(void *arg);
static void
* Returns true iff this the signed side of an inline-signing zone.
* Caller should hold zone lock.
*/
-static bool
+bool
inline_secure(dns_zone_t *zone) {
REQUIRE(DNS_ZONE_VALID(zone));
if (zone->raw != NULL) {
* Returns true iff this the unsigned side of an inline-signing zone
* Caller should hold zone lock.
*/
-static bool
+bool
inline_raw(dns_zone_t *zone) {
REQUIRE(DNS_ZONE_VALID(zone));
if (zone->secure != NULL) {
return false;
}
-/*
- * Single shot.
- */
-void
-dns_zone_setclass(dns_zone_t *zone, dns_rdataclass_t rdclass) {
- char namebuf[1024];
-
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(rdclass != dns_rdataclass_none);
-
- /*
- * Test and set.
- */
- LOCK_ZONE(zone);
- INSIST(zone != zone->raw);
- REQUIRE(zone->rdclass == dns_rdataclass_none ||
- zone->rdclass == rdclass);
- zone->rdclass = rdclass;
-
- if (zone->strnamerd != NULL) {
- isc_mem_free(zone->mctx, zone->strnamerd);
- }
- if (zone->strrdclass != NULL) {
- isc_mem_free(zone->mctx, zone->strrdclass);
- }
-
- zone_namerd_tostr(zone, namebuf, sizeof namebuf);
- zone->strnamerd = isc_mem_strdup(zone->mctx, namebuf);
- zone_rdclass_tostr(zone, namebuf, sizeof namebuf);
- zone->strrdclass = isc_mem_strdup(zone->mctx, namebuf);
-
- if (inline_secure(zone)) {
- dns_zone_setclass(zone->raw, rdclass);
- }
- UNLOCK_ZONE(zone);
-}
-
-dns_rdataclass_t
-dns_zone_getclass(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->rdclass;
-}
-
-void
-dns_zone_setnotifytype(dns_zone_t *zone, dns_rdatatype_t type,
- dns_notifytype_t notifytype) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- switch (type) {
- case dns_rdatatype_soa:
- zone->notifysoa.notifytype = notifytype;
- break;
- case dns_rdatatype_cds:
- INSIST(notifytype == dns_notifytype_no ||
- notifytype == dns_notifytype_yes);
- zone->notifycds.notifytype = notifytype;
- break;
- default:
- UNREACHABLE();
- }
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_setcheckdstype(dns_zone_t *zone, dns_checkdstype_t checkdstype) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- zone->checkdstype = checkdstype;
- UNLOCK_ZONE(zone);
-}
-
isc_result_t
dns_zone_getserial(dns_zone_t *zone, uint32_t *serialp) {
isc_result_t result;
return result;
}
-/*
- * Single shot.
- */
void
-dns_zone_settype(dns_zone_t *zone, dns_zonetype_t type) {
- char namebuf[1024];
-
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(type != dns_zone_none);
-
- /*
- * Test and set.
- */
- LOCK_ZONE(zone);
- REQUIRE(zone->type == dns_zone_none || zone->type == type);
- zone->type = type;
-
- if (zone->strnamerd != NULL) {
- isc_mem_free(zone->mctx, zone->strnamerd);
- }
-
- zone_namerd_tostr(zone, namebuf, sizeof namebuf);
- zone->strnamerd = isc_mem_strdup(zone->mctx, namebuf);
- UNLOCK_ZONE(zone);
-}
-
-static void
zone_freedbargs(dns_zone_t *zone) {
unsigned int i;
}
void
-dns_zone_getdbtype(dns_zone_t *zone, char ***argv, isc_mem_t *mctx) {
- size_t size = 0;
- unsigned int i;
- void *mem;
- char **tmp, *tmp2, *base;
-
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(argv != NULL && *argv == NULL);
-
- LOCK_ZONE(zone);
- size = ISC_CHECKED_MUL(zone->db_argc + 1, sizeof(char *));
- for (i = 0; i < zone->db_argc; i++) {
- size += strlen(zone->db_argv[i]) + 1;
- }
- mem = isc_mem_allocate(mctx, size);
- {
- tmp = mem;
- tmp2 = mem;
- base = mem;
- tmp2 += ISC_CHECKED_MUL(zone->db_argc + 1, sizeof(char *));
- for (i = 0; i < zone->db_argc; i++) {
- *tmp++ = tmp2;
- strlcpy(tmp2, zone->db_argv[i], size - (tmp2 - base));
- tmp2 += strlen(tmp2) + 1;
- }
- *tmp = NULL;
- }
- UNLOCK_ZONE(zone);
- *argv = mem;
-}
-
-void
-dns_zone_setdbtype(dns_zone_t *zone, unsigned int dbargc,
- const char *const *dbargv) {
- char **argv = NULL;
- unsigned int i;
-
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(dbargc >= 1);
- REQUIRE(dbargv != NULL);
-
- LOCK_ZONE(zone);
-
- /* Set up a new database argument list. */
- argv = isc_mem_cget(zone->mctx, dbargc, sizeof(*argv));
- for (i = 0; i < dbargc; i++) {
- argv[i] = NULL;
- }
- for (i = 0; i < dbargc; i++) {
- argv[i] = isc_mem_strdup(zone->mctx, dbargv[i]);
- }
-
- /* Free the old list. */
- zone_freedbargs(zone);
-
- zone->db_argc = dbargc;
- zone->db_argv = argv;
-
- UNLOCK_ZONE(zone);
-}
-
-static void
dns_zone_setview_helper(dns_zone_t *zone, dns_view_t *view) {
char namebuf[1024];
}
void
-dns_zone_setview(dns_zone_t *zone, dns_view_t *view) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- dns_zone_setview_helper(zone, view);
- UNLOCK_ZONE(zone);
-}
-
-dns_view_t *
-dns_zone_getview(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->view;
-}
-
-void
-dns_zone_setviewcommit(dns_zone_t *zone) {
+dns_zone_setviewcommit(dns_zone_t *zone) {
REQUIRE(DNS_ZONE_VALID(zone));
LOCK_ZONE(zone);
UNLOCK_ZONE(zone);
}
-void
-dns_zone_setorigin(dns_zone_t *zone, const dns_name_t *origin) {
- char namebuf[1024];
-
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(origin != NULL);
-
- LOCK_ZONE(zone);
- INSIST(zone != zone->raw);
- if (dns_name_dynamic(&zone->origin)) {
- dns_name_free(&zone->origin, zone->mctx);
- dns_name_init(&zone->origin);
- }
- dns_name_dup(origin, zone->mctx, &zone->origin);
-
- if (zone->strnamerd != NULL) {
- isc_mem_free(zone->mctx, zone->strnamerd);
- }
- if (zone->strname != NULL) {
- isc_mem_free(zone->mctx, zone->strname);
- }
-
- zone_namerd_tostr(zone, namebuf, sizeof namebuf);
- zone->strnamerd = isc_mem_strdup(zone->mctx, namebuf);
- zone_name_tostr(zone, namebuf, sizeof namebuf);
- zone->strname = isc_mem_strdup(zone->mctx, namebuf);
-
- if (inline_secure(zone)) {
- dns_zone_setorigin(zone->raw, origin);
- }
- UNLOCK_ZONE(zone);
-}
-
-static void
-setstring(dns_zone_t *zone, char **field, const char *value) {
- char *copy;
-
- if (value != NULL) {
- copy = isc_mem_strdup(zone->mctx, value);
- } else {
- copy = NULL;
- }
-
- if (*field != NULL) {
- isc_mem_free(zone->mctx, *field);
- }
-
- *field = copy;
-}
-
-typedef struct foundtoken foundtoken_t;
-typedef isc_result_t (*tokenparse_t)(const dns_zone_t *zone,
- const foundtoken_t *token,
- isc_buffer_t *b);
-struct foundtoken {
- const char *pos;
- size_t len;
- tokenparse_t parse;
-};
-
-static int
-foundtoken_order(const void *a, const void *b) {
- /* sort char pointers in order of which occurs first in memory */
- return ((foundtoken_t *)a)->pos - ((foundtoken_t *)b)->pos;
-}
-
-static isc_result_t
-putmem(isc_buffer_t *b, const char *base, size_t length) {
- size_t space = isc_buffer_availablelength(b) - 1;
- if (space < length) {
- isc_buffer_putmem(b, (const unsigned char *)base, space);
- return ISC_R_NOSPACE;
- }
-
- isc_buffer_putmem(b, (const unsigned char *)base, length);
- return ISC_R_SUCCESS;
-}
-
-static isc_result_t
-tokenparse_type(const dns_zone_t *zone, const foundtoken_t *token,
- isc_buffer_t *b) {
- const char *typename = dns_zonetype_name(zone->type);
-
- UNUSED(token);
-
- return putmem(b, typename, strlen(typename));
-}
-
-static isc_result_t
-tokenparse_name(const dns_zone_t *zone, const foundtoken_t *token,
- isc_buffer_t *b) {
- isc_result_t result;
- char buf[DNS_NAME_FORMATSIZE];
- dns_fixedname_t fn;
- dns_name_t *name = dns_fixedname_initname(&fn);
-
- UNUSED(token);
-
- result = dns_name_downcase(&zone->origin, name);
- RUNTIME_CHECK(result == ISC_R_SUCCESS);
- dns_name_format(name, buf, sizeof(buf));
- result = putmem(b, buf, strlen(buf));
-
- return result;
-}
-
-static isc_result_t
-tokenparse_view(const dns_zone_t *zone, const foundtoken_t *token,
- isc_buffer_t *b) {
- UNUSED(token);
-
- return putmem(b, zone->view->name, strlen(zone->view->name));
-}
-
-static isc_result_t
-tokenparse_char(const dns_zone_t *zone, const foundtoken_t *token,
- isc_buffer_t *b) {
- isc_result_t result;
- char buf[DNS_NAME_FORMATSIZE];
- dns_fixedname_t fn;
- dns_name_t *name = dns_fixedname_initname(&fn);
- size_t chartokidx;
- char c;
-
- result = dns_name_downcase(&zone->origin, name);
- RUNTIME_CHECK(result == ISC_R_SUCCESS);
- dns_name_format(name, buf, sizeof(buf));
-
- chartokidx = token->pos[token->len - 1] - '1';
- INSIST(chartokidx <= 2);
- if (chartokidx < strlen(buf)) {
- c = buf[chartokidx];
- } else {
- c = '.';
- }
- result = putmem(b, &c, 1);
-
- return result;
-}
-
-static isc_result_t
-tokenparse_label(const dns_zone_t *zone, const foundtoken_t *token,
- isc_buffer_t *b) {
- isc_result_t result;
- char buf[DNS_NAME_FORMATSIZE];
- dns_fixedname_t fn;
- dns_name_t *name = dns_fixedname_initname(&fn);
- unsigned int labels = dns_name_countlabels(&zone->origin);
- char labeltokidx;
- int ilabel = -1;
-
- result = dns_name_fromstring(name, ".", NULL, 0, NULL);
- INSIST(result == ISC_R_SUCCESS);
-
- labeltokidx = token->pos[token->len - 1];
- if (token->len == 2) {
- /*
- * %z, %y, %x pattern
- */
- INSIST(labeltokidx >= 'x' && labeltokidx <= 'z');
- } else {
- /*
- * $label1, $label2, $label3 pattern
- */
- INSIST(labeltokidx >= '1' && labeltokidx <= '3');
- }
-
- /*
- * Even if implicit, the root label counts as one label.
- */
- if (labeltokidx == '1' || labeltokidx == 'z') {
- ilabel = labels - 2;
- } else if (labeltokidx == '2' || labeltokidx == 'y') {
- ilabel = labels - 3;
- } else if (labeltokidx == '3' || labeltokidx == 'x') {
- ilabel = labels - 4;
- }
-
- if (ilabel >= 0) {
- dns_name_getlabelsequence(&zone->origin, ilabel, 1, name);
- result = dns_name_downcase(name, name);
- RUNTIME_CHECK(result == ISC_R_SUCCESS);
- }
- dns_name_format(name, buf, sizeof(buf));
- result = putmem(b, buf, strlen(buf));
-
- return result;
-}
-
-typedef struct {
- const char *name;
- tokenparse_t parse;
-} token_t;
-static const token_t tokens[] = {
- { "$type", tokenparse_type }, { "$name", tokenparse_name },
- { "$view", tokenparse_view }, { "$char1", tokenparse_char },
- { "$char2", tokenparse_char }, { "$char3", tokenparse_char },
- { "$label1", tokenparse_label }, { "$label2", tokenparse_label },
- { "$label3", tokenparse_label }, { "%t", tokenparse_type },
- { "%s", tokenparse_name }, { "%v", tokenparse_view },
- { "%1", tokenparse_char }, { "%2", tokenparse_char },
- { "%3", tokenparse_char }, { "%z", tokenparse_label },
- { "%y", tokenparse_label }, { "%x", tokenparse_label }
-};
-
-/*
- * Set the masterfile field, expanding:
- *
- * - $name or "%s" to the zone name
- * - $type or "%t" to the zone type
- * - $view or "%v" to the view name.
- * - $char1 or "%1" to the first character of the zone name
- * - $char2 or "%2" to the second character of the zone name (or a dot if
- * there is no second character)
- * - $char3 or "%3" to the third character of the zone name (or a dot if
- * there is no third character)
- * - $label1 or "%z" to the toplevel domain of the zone (or a dot if it is
- * the TLD)
- * - $label2 or "%y" to the next label under the toplevel domain (or a dot if
- * there is no next label)
- * - $label2 or "%x" to the next-next label under the toplevel domain (or a
- * dot if there is no next-next label)
- *
- * Cap the length at PATH_MAX.
- */
-static void
-setfilename(dns_zone_t *zone, char **field, const char *value) {
- isc_result_t result;
- foundtoken_t founds[ARRAY_SIZE(tokens)];
- char filename[PATH_MAX];
- isc_buffer_t b;
- size_t tags = 0;
-
- if (value == NULL) {
- *field = NULL;
- return;
- }
-
- for (size_t i = 0; i < ARRAY_SIZE(tokens); i++) {
- const token_t *token = &tokens[i];
- const char *p = strcasestr(value, token->name);
-
- if (p != NULL) {
- founds[tags++] =
- (foundtoken_t){ .pos = p,
- .len = strlen(token->name),
- .parse = token->parse };
- }
- }
-
- if (tags == 0) {
- setstring(zone, field, value);
- return;
- }
-
- isc_buffer_init(&b, filename, sizeof(filename));
-
- /* sort the tag offsets in order of occurrence */
- qsort(founds, tags, sizeof(foundtoken_t), foundtoken_order);
-
- const char *p = value;
- for (size_t i = 0; i < tags; i++) {
- foundtoken_t *token = &founds[i];
-
- CHECK(putmem(&b, p, token->pos - p));
-
- p = token->pos;
- INSIST(p != NULL);
- CHECK(token->parse(zone, token, &b));
-
- /* Advance the input pointer past the token */
- p += founds[i].len;
- }
-
- const char *end = value + strlen(value);
- putmem(&b, p, end - p);
-
-cleanup:
- isc_buffer_putuint8(&b, 0);
- setstring(zone, field, filename);
-}
-
-void
-dns_zone_setfile(dns_zone_t *zone, const char *file, const char *initial_file,
- dns_masterformat_t format, const dns_master_style_t *style) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(zone->stream == NULL);
-
- LOCK_ZONE(zone);
- setfilename(zone, &zone->masterfile, file);
- setstring(zone, &zone->initfile, initial_file);
- zone->masterformat = format;
- if (format == dns_masterformat_text) {
- zone->masterstyle = style;
- }
- default_journal(zone);
- UNLOCK_ZONE(zone);
-}
-
-const char *
-dns_zone_getfile(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->masterfile;
-}
-
-void
-dns_zone_setstream(dns_zone_t *zone, const FILE *stream,
- dns_masterformat_t format, const dns_master_style_t *style) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(stream != NULL);
- REQUIRE(zone->masterfile == NULL);
-
- LOCK_ZONE(zone);
- zone->stream = stream;
- zone->masterformat = format;
- if (format == dns_masterformat_text) {
- zone->masterstyle = style;
- }
- default_journal(zone);
- UNLOCK_ZONE(zone);
-}
-
-dns_ttl_t
-dns_zone_getmaxttl(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->maxttl;
-}
-
-void
-dns_zone_setmaxttl(dns_zone_t *zone, dns_ttl_t maxttl) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- if (maxttl != 0) {
- DNS_ZONE_SETOPTION(zone, DNS_ZONEOPT_CHECKTTL);
- } else {
- DNS_ZONE_CLROPTION(zone, DNS_ZONEOPT_CHECKTTL);
- }
- zone->maxttl = maxttl;
- UNLOCK_ZONE(zone);
-
- return;
-}
-
-static void
-default_journal(dns_zone_t *zone) {
- char *journal;
-
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(LOCKED_ZONE(zone));
-
- if (zone->masterfile != NULL) {
- /* Calculate string length including '\0'. */
- int len = strlen(zone->masterfile) + sizeof(".jnl");
- journal = isc_mem_allocate(zone->mctx, len);
- strlcpy(journal, zone->masterfile, len);
- strlcat(journal, ".jnl", len);
- } else {
- journal = NULL;
- }
- setstring(zone, &zone->journal, journal);
- if (journal != NULL) {
- isc_mem_free(zone->mctx, journal);
- }
-}
-
-void
-dns_zone_setjournal(dns_zone_t *zone, const char *myjournal) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- setstring(zone, &zone->journal, myjournal);
- UNLOCK_ZONE(zone);
-}
-
-char *
-dns_zone_getjournal(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->journal;
-}
-
/*
* Return true iff the zone is "dynamic", in the sense that the zone's
* master file (if any) is written by the server, rather than being
}
}
-static void
+void
set_resigntime(dns_zone_t *zone) {
dns_fixedname_t fixed;
isc_stdtime_t resign;
}
}
-isc_mem_t *
-dns_zone_getmctx(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->mctx;
-}
-
isc_refcount_t *
dns__zone_irefs(dns_zone_t *zone) {
REQUIRE(DNS_ZONE_VALID(zone));
return &zone->irefs;
}
-dns_zonemgr_t *
-dns_zone_getmgr(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->zmgr;
-}
-
-void
-dns_zone_setkasp(dns_zone_t *zone, dns_kasp_t *kasp) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- if (zone->kasp != NULL) {
- dns_kasp_detach(&zone->kasp);
- }
- if (kasp != NULL) {
- dns_kasp_attach(kasp, &zone->kasp);
- }
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_setdefaultkasp(dns_zone_t *zone, dns_kasp_t *kasp) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- if (zone->defaultkasp != NULL) {
- dns_kasp_detach(&zone->defaultkasp);
- }
- if (kasp != NULL) {
- dns_kasp_attach(kasp, &zone->defaultkasp);
- }
- UNLOCK_ZONE(zone);
-}
-
-dns_kasp_t *
-dns_zone_getkasp(dns_zone_t *zone) {
- dns_kasp_t *kasp = NULL;
-
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- if (inline_raw(zone) && zone->secure != NULL) {
- kasp = zone->secure->kasp;
- } else {
- kasp = zone->kasp;
- }
- UNLOCK_ZONE(zone);
-
- return kasp;
-}
-
static void
dns_zone_setskr(dns_zone_t *zone, dns_skr_t *skr) {
REQUIRE(DNS_ZONE_VALID(zone));
return atomic_load_relaxed(&zone->options);
}
-void
-dns_zone_setxfrsource4(dns_zone_t *zone, const isc_sockaddr_t *xfrsource) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(xfrsource != NULL);
+static bool
+was_dumping(dns_zone_t *zone) {
+ REQUIRE(LOCKED_ZONE(zone));
- LOCK_ZONE(zone);
- zone->xfrsource4 = *xfrsource;
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_getxfrsource4(dns_zone_t *zone, isc_sockaddr_t *xfrsource) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(xfrsource != NULL);
-
- LOCK_ZONE(zone);
- *xfrsource = zone->xfrsource4;
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_setxfrsource6(dns_zone_t *zone, const isc_sockaddr_t *xfrsource) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(xfrsource != NULL);
-
- LOCK_ZONE(zone);
- zone->xfrsource6 = *xfrsource;
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_getxfrsource6(dns_zone_t *zone, isc_sockaddr_t *xfrsource) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(xfrsource != NULL);
-
- LOCK_ZONE(zone);
- *xfrsource = zone->xfrsource6;
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_setparentalsrc4(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(parentalsrc != NULL);
-
- LOCK_ZONE(zone);
- zone->parentalsrc4 = *parentalsrc;
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_getparentalsrc4(dns_zone_t *zone, isc_sockaddr_t *parentalsrc) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(parentalsrc != NULL);
-
- LOCK_ZONE(zone);
- *parentalsrc = zone->parentalsrc4;
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_setparentalsrc6(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- zone->parentalsrc6 = *parentalsrc;
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_getparentalsrc6(dns_zone_t *zone, isc_sockaddr_t *parentalsrc) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(parentalsrc != NULL);
-
- LOCK_ZONE(zone);
- *parentalsrc = zone->parentalsrc6;
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_setnotifysrc4(dns_zone_t *zone, dns_rdatatype_t type,
- const isc_sockaddr_t *notifysrc) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(notifysrc != NULL);
-
- LOCK_ZONE(zone);
- switch (type) {
- case dns_rdatatype_soa:
- zone->notifysoa.notifysrc4 = *notifysrc;
- break;
- case dns_rdatatype_cds:
- zone->notifycds.notifysrc4 = *notifysrc;
- break;
- default:
- UNREACHABLE();
- }
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_setnotifysrc6(dns_zone_t *zone, dns_rdatatype_t type,
- const isc_sockaddr_t *notifysrc) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(notifysrc != NULL);
-
- LOCK_ZONE(zone);
- switch (type) {
- case dns_rdatatype_soa:
- zone->notifysoa.notifysrc6 = *notifysrc;
- break;
- case dns_rdatatype_cds:
- zone->notifycds.notifysrc6 = *notifysrc;
- break;
- default:
- UNREACHABLE();
- }
- UNLOCK_ZONE(zone);
-}
-
-static bool
-has_pf(isc_sockaddr_t *addresses, size_t count, int pf) {
- for (size_t i = 0; i < count; i++) {
- if (isc_sockaddr_pf(&addresses[i]) == pf) {
- return true;
- }
- }
- return false;
-}
-
-static void
-report_no_active_addresses(dns_zone_t *zone, isc_sockaddr_t *addresses,
- size_t count, const char *what) {
- if (isc_net_probeipv4() == ISC_R_DISABLED) {
- if (!has_pf(addresses, count, AF_INET6)) {
- dns_zone_log(zone, ISC_LOG_NOTICE,
- "IPv4 disabled and no IPv6 %s", what);
- }
- } else if (isc_net_probeipv6() == ISC_R_DISABLED) {
- if (!has_pf(addresses, count, AF_INET)) {
- dns_zone_log(zone, ISC_LOG_NOTICE,
- "IPv6 disabled and no IPv4 %s", what);
- }
- }
-}
-
-static void
-setremote(dns_zone_t *zone, dns_remote_t *remote, const char *remotestr,
- isc_sockaddr_t *addresses, isc_sockaddr_t *sources,
- dns_name_t **keynames, dns_name_t **tlsnames, bool refresh,
- bool report, uint32_t count) {
- dns_remote_t newremote;
-
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(DNS_REMOTE_VALID(remote));
-
- newremote.magic = DNS_REMOTE_MAGIC;
- newremote.addresses = addresses;
- newremote.sources = sources;
- newremote.keynames = keynames;
- newremote.tlsnames = tlsnames;
- newremote.addrcnt = count;
-
- if (dns_remote_equal(remote, &newremote)) {
- return;
- }
-
- /*
- * The refresh code assumes that 'servers' wouldn't change under it.
- * If it will change then kill off any current refresh in progress
- * and update the primaries info. If it won't change then we can just
- * unlock and exit.
- */
- if (zone->request != NULL && refresh) {
- dns_request_cancel(zone->request);
- }
-
- dns_remote_clear(remote);
-
- /*
- * If count == 0, don't allocate any space for servers.
- */
- if (count == 0) {
- return;
- }
-
- /*
- * Now set up the address and key lists.
- */
- if (report) {
- report_no_active_addresses(zone, addresses, count, remotestr);
- }
-
- dns_remote_init(remote, count, addresses, sources, keynames, tlsnames,
- true, zone->mctx);
-}
-
-void
-dns_zone_setalsonotify(dns_zone_t *zone, isc_sockaddr_t *addresses,
- isc_sockaddr_t *sources, dns_name_t **keynames,
- dns_name_t **tlsnames, uint32_t count) {
- bool refresh = false;
- bool report = false;
-
- LOCK_ZONE(zone);
- setremote(zone, &zone->alsonotify, "also-notify", addresses, sources,
- keynames, tlsnames, refresh, report, count);
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_setprimaries(dns_zone_t *zone, isc_sockaddr_t *addresses,
- isc_sockaddr_t *sources, dns_name_t **keynames,
- dns_name_t **tlsnames, uint32_t count) {
- bool refresh = true;
- bool report = true;
-
- LOCK_ZONE(zone);
- setremote(zone, &zone->primaries, "primaries", addresses, sources,
- keynames, tlsnames, refresh, report, count);
- DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_NOPRIMARIES);
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_setparentals(dns_zone_t *zone, isc_sockaddr_t *addresses,
- isc_sockaddr_t *sources, dns_name_t **keynames,
- dns_name_t **tlsnames, uint32_t count) {
- bool refresh = false;
- bool report = true;
-
- LOCK_ZONE(zone);
- setremote(zone, &zone->parentals, "parental-agents", addresses, sources,
- keynames, tlsnames, refresh, report, count);
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_setcdsendpoints(dns_zone_t *zone, isc_sockaddr_t *addresses,
- isc_sockaddr_t *sources, dns_name_t **keynames,
- dns_name_t **tlsnames, uint32_t count) {
- bool refresh = false;
- bool report = false;
-
- LOCK_ZONE(zone);
- setremote(zone, &zone->cds_endpoints, "cds-endpoints", addresses,
- sources, keynames, tlsnames, refresh, report, count);
- UNLOCK_ZONE(zone);
-}
-
-isc_result_t
-dns_zone_getdb(dns_zone_t *zone, dns_db_t **dpb) {
- isc_result_t result = ISC_R_SUCCESS;
-
- REQUIRE(DNS_ZONE_VALID(zone));
-
- ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read);
- if (zone->db == NULL) {
- result = DNS_R_NOTLOADED;
- } else {
- dns_db_attach(zone->db, dpb);
- }
- ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read);
-
- return result;
-}
-
-void
-dns_zone_setdb(dns_zone_t *zone, dns_db_t *db) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(zone->type == dns_zone_staticstub);
-
- ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_write);
- REQUIRE(zone->db == NULL);
- dns_db_attach(db, &zone->db);
- ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_write);
-}
-
-static bool
-was_dumping(dns_zone_t *zone) {
- REQUIRE(LOCKED_ZONE(zone));
-
- if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_DUMPING)) {
- return true;
- }
+ if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_DUMPING)) {
+ return true;
+ }
DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_DUMPING);
DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_NEEDDUMP);
}
}
-void
-dns_zone_setminrefreshtime(dns_zone_t *zone, uint32_t val) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(val > 0);
-
- zone->minrefresh = val;
-}
-
-void
-dns_zone_setmaxrefreshtime(dns_zone_t *zone, uint32_t val) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(val > 0);
-
- zone->maxrefresh = val;
-}
-
-void
-dns_zone_setminretrytime(dns_zone_t *zone, uint32_t val) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(val > 0);
-
- zone->minretry = val;
-}
-
-void
-dns_zone_setmaxretrytime(dns_zone_t *zone, uint32_t val) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(val > 0);
-
- zone->maxretry = val;
-}
-
-uint32_t
-dns_zone_getmaxrecords(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->maxrecords;
-}
-
-void
-dns_zone_setmaxrecords(dns_zone_t *zone, uint32_t val) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- zone->maxrecords = val;
-}
-
-void
-dns_zone_setmaxrrperset(dns_zone_t *zone, uint32_t val) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- zone->maxrrperset = val;
- if (zone->db != NULL) {
- dns_db_setmaxrrperset(zone->db, val);
- }
-}
-
-void
-dns_zone_setmaxtypepername(dns_zone_t *zone, uint32_t val) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- zone->maxtypepername = val;
- if (zone->db != NULL) {
- dns_db_setmaxtypepername(zone->db, val);
- }
-}
-
void
dns_zone_notify(dns_zone_t *zone, bool nodefer) {
isc_time_t now;
}
}
-static void
+void
zone_settimer(dns_zone_t *zone, isc_time_t *now) {
if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_EXITING)) {
return;
}
void
-dns_zone_setnotifyacl(dns_zone_t *zone, dns_acl_t *acl) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- dns_zone_clearnotifyacl(zone);
-
- LOCK_ZONE(zone);
- dns_acl_attach(acl, &zone->notifysoa.notify_acl);
- dns_acl_attach(acl, &zone->notifycds.notify_acl);
- UNLOCK_ZONE(zone);
-}
+dns_zone_logv(dns_zone_t *zone, isc_logcategory_t category, int level,
+ const char *prefix, const char *fmt, va_list ap) {
+ char message[4096];
+ const char *zstr;
-void
-dns_zone_setqueryacl(dns_zone_t *zone, dns_acl_t *acl) {
REQUIRE(DNS_ZONE_VALID(zone));
- LOCK_ZONE(zone);
- if (zone->query_acl != NULL) {
- dns_acl_detach(&zone->query_acl);
+ if (!isc_log_wouldlog(level)) {
+ return;
}
- dns_acl_attach(acl, &zone->query_acl);
- UNLOCK_ZONE(zone);
-}
-void
-dns_zone_setqueryonacl(dns_zone_t *zone, dns_acl_t *acl) {
- REQUIRE(DNS_ZONE_VALID(zone));
+ vsnprintf(message, sizeof(message), fmt, ap);
- LOCK_ZONE(zone);
- if (zone->queryon_acl != NULL) {
- dns_acl_detach(&zone->queryon_acl);
+ switch (zone->type) {
+ case dns_zone_key:
+ zstr = "managed-keys-zone";
+ break;
+ case dns_zone_redirect:
+ zstr = "redirect-zone";
+ break;
+ default:
+ zstr = "zone ";
}
- dns_acl_attach(acl, &zone->queryon_acl);
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_setupdateacl(dns_zone_t *zone, dns_acl_t *acl) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- if (zone->update_acl != NULL) {
- dns_acl_detach(&zone->update_acl);
- }
- dns_acl_attach(acl, &zone->update_acl);
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_setforwardacl(dns_zone_t *zone, dns_acl_t *acl) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- if (zone->forward_acl != NULL) {
- dns_acl_detach(&zone->forward_acl);
- }
- dns_acl_attach(acl, &zone->forward_acl);
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_setxfracl(dns_zone_t *zone, dns_acl_t *acl) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- if (zone->xfr_acl != NULL) {
- dns_acl_detach(&zone->xfr_acl);
- }
- dns_acl_attach(acl, &zone->xfr_acl);
- UNLOCK_ZONE(zone);
-}
-
-dns_acl_t *
-dns_zone_getqueryacl(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->query_acl;
-}
-
-dns_acl_t *
-dns_zone_getqueryonacl(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->queryon_acl;
-}
-
-dns_acl_t *
-dns_zone_getupdateacl(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->update_acl;
-}
-
-dns_acl_t *
-dns_zone_getforwardacl(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->forward_acl;
-}
-
-dns_acl_t *
-dns_zone_getxfracl(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->xfr_acl;
-}
-
-void
-dns_zone_clearupdateacl(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- if (zone->update_acl != NULL) {
- dns_acl_detach(&zone->update_acl);
- }
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_clearforwardacl(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- if (zone->forward_acl != NULL) {
- dns_acl_detach(&zone->forward_acl);
- }
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_clearnotifyacl(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- if (zone->notifysoa.notify_acl != NULL) {
- dns_acl_detach(&zone->notifysoa.notify_acl);
- }
- if (zone->notifycds.notify_acl != NULL) {
- dns_acl_detach(&zone->notifycds.notify_acl);
- }
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_clearqueryacl(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- if (zone->query_acl != NULL) {
- dns_acl_detach(&zone->query_acl);
- }
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_clearqueryonacl(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- if (zone->queryon_acl != NULL) {
- dns_acl_detach(&zone->queryon_acl);
- }
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_clearxfracl(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- if (zone->xfr_acl != NULL) {
- dns_acl_detach(&zone->xfr_acl);
- }
- UNLOCK_ZONE(zone);
-}
-
-bool
-dns_zone_getupdatedisabled(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
- return zone->update_disabled;
-}
-
-void
-dns_zone_setupdatedisabled(dns_zone_t *zone, bool state) {
- REQUIRE(DNS_ZONE_VALID(zone));
- zone->update_disabled = state;
-}
-
-bool
-dns_zone_getzeronosoattl(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
- return zone->zero_no_soa_ttl;
-}
-
-void
-dns_zone_setzeronosoattl(dns_zone_t *zone, bool state) {
- REQUIRE(DNS_ZONE_VALID(zone));
- zone->zero_no_soa_ttl = state;
-}
-
-void
-dns_zone_setchecknames(dns_zone_t *zone, dns_severity_t severity) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- zone->check_names = severity;
-}
-
-dns_severity_t
-dns_zone_getchecknames(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->check_names;
-}
-
-void
-dns_zone_setjournalsize(dns_zone_t *zone, int32_t size) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- zone->journalsize = size;
-}
-
-int32_t
-dns_zone_getjournalsize(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->journalsize;
-}
-
-static void
-zone_namerd_tostr(dns_zone_t *zone, char *buf, size_t length) {
- isc_result_t result = ISC_R_FAILURE;
- isc_buffer_t buffer;
-
- REQUIRE(buf != NULL);
- REQUIRE(length > 1U);
-
- /*
- * Leave space for terminating '\0'.
- */
- isc_buffer_init(&buffer, buf, (unsigned int)length - 1);
- if (zone->type != dns_zone_redirect && zone->type != dns_zone_key) {
- if (dns_name_dynamic(&zone->origin)) {
- result = dns_name_totext(
- &zone->origin, DNS_NAME_OMITFINALDOT, &buffer);
- }
- if (result != ISC_R_SUCCESS &&
- isc_buffer_availablelength(&buffer) >=
- (sizeof("<UNKNOWN>") - 1))
- {
- isc_buffer_putstr(&buffer, "<UNKNOWN>");
- }
-
- if (isc_buffer_availablelength(&buffer) > 0) {
- isc_buffer_putstr(&buffer, "/");
- }
- (void)dns_rdataclass_totext(zone->rdclass, &buffer);
- }
-
- if (zone->view != NULL && strcmp(zone->view->name, "_bind") != 0 &&
- strcmp(zone->view->name, "_default") != 0 &&
- strlen(zone->view->name) < isc_buffer_availablelength(&buffer))
- {
- isc_buffer_putstr(&buffer, "/");
- isc_buffer_putstr(&buffer, zone->view->name);
- }
- if (inline_secure(zone) && 9U < isc_buffer_availablelength(&buffer)) {
- isc_buffer_putstr(&buffer, " (signed)");
- }
- if (inline_raw(zone) && 11U < isc_buffer_availablelength(&buffer)) {
- isc_buffer_putstr(&buffer, " (unsigned)");
- }
-
- buf[isc_buffer_usedlength(&buffer)] = '\0';
-}
-
-static void
-zone_name_tostr(dns_zone_t *zone, char *buf, size_t length) {
- isc_result_t result = ISC_R_FAILURE;
- isc_buffer_t buffer;
-
- REQUIRE(buf != NULL);
- REQUIRE(length > 1U);
-
- /*
- * Leave space for terminating '\0'.
- */
- isc_buffer_init(&buffer, buf, (unsigned int)length - 1);
- if (dns_name_dynamic(&zone->origin)) {
- result = dns_name_totext(&zone->origin, DNS_NAME_OMITFINALDOT,
- &buffer);
- }
- if (result != ISC_R_SUCCESS &&
- isc_buffer_availablelength(&buffer) >= (sizeof("<UNKNOWN>") - 1))
- {
- isc_buffer_putstr(&buffer, "<UNKNOWN>");
- }
-
- buf[isc_buffer_usedlength(&buffer)] = '\0';
-}
-
-static void
-zone_rdclass_tostr(dns_zone_t *zone, char *buf, size_t length) {
- isc_buffer_t buffer;
-
- REQUIRE(buf != NULL);
- REQUIRE(length > 1U);
-
- /*
- * Leave space for terminating '\0'.
- */
- isc_buffer_init(&buffer, buf, (unsigned int)length - 1);
- (void)dns_rdataclass_totext(zone->rdclass, &buffer);
-
- buf[isc_buffer_usedlength(&buffer)] = '\0';
-}
-
-static void
-zone_viewname_tostr(dns_zone_t *zone, char *buf, size_t length) {
- isc_buffer_t buffer;
-
- REQUIRE(buf != NULL);
- REQUIRE(length > 1U);
-
- /*
- * Leave space for terminating '\0'.
- */
- isc_buffer_init(&buffer, buf, (unsigned int)length - 1);
-
- if (zone->view == NULL) {
- isc_buffer_putstr(&buffer, "_none");
- } else if (strlen(zone->view->name) <
- isc_buffer_availablelength(&buffer))
- {
- isc_buffer_putstr(&buffer, zone->view->name);
- } else {
- isc_buffer_putstr(&buffer, "_toolong");
- }
-
- buf[isc_buffer_usedlength(&buffer)] = '\0';
-}
-
-void
-dns_zone_name(dns_zone_t *zone, char *buf, size_t length) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(buf != NULL);
-
- LOCK_ZONE(zone);
- zone_namerd_tostr(zone, buf, length);
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_nameonly(dns_zone_t *zone, char *buf, size_t length) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(buf != NULL);
- zone_name_tostr(zone, buf, length);
-}
-
-void
-dns_zone_logv(dns_zone_t *zone, isc_logcategory_t category, int level,
- const char *prefix, const char *fmt, va_list ap) {
- char message[4096];
- const char *zstr;
-
- REQUIRE(DNS_ZONE_VALID(zone));
-
- if (!isc_log_wouldlog(level)) {
- return;
- }
-
- vsnprintf(message, sizeof(message), fmt, ap);
-
- switch (zone->type) {
- case dns_zone_key:
- zstr = "managed-keys-zone";
- break;
- case dns_zone_redirect:
- zstr = "redirect-zone";
- break;
- default:
- zstr = "zone ";
- }
-
- isc_log_write(category, DNS_LOGMODULE_ZONE, level, "%s%s%s%s: %s",
- prefix != NULL ? prefix : "", prefix != NULL ? ": " : "",
- zstr, zone->strnamerd, message);
+
+ isc_log_write(category, DNS_LOGMODULE_ZONE, level, "%s%s%s%s: %s",
+ prefix != NULL ? prefix : "", prefix != NULL ? ": " : "",
+ zstr, zone->strnamerd, message);
}
void
va_list ap;
va_start(ap, fmt);
- dns_zone_logv(zone, category, level, me, fmt, ap);
- va_end(ap);
-}
-
-static void
-zone_debuglog(dns_zone_t *zone, const char *me, int debuglevel, const char *fmt,
- ...) {
- int level = ISC_LOG_DEBUG(debuglevel);
- va_list ap;
-
- va_start(ap, fmt);
- dns_zone_logv(zone, DNS_LOGCATEGORY_GENERAL, level, me, fmt, ap);
- va_end(ap);
-}
-
-static void
-dnssec_log(dns_zone_t *zone, int level, const char *fmt, ...) {
- va_list ap;
-
- va_start(ap, fmt);
- dns_zone_logv(zone, DNS_LOGCATEGORY_DNSSEC, level, NULL, fmt, ap);
- va_end(ap);
-}
-
-static int
-message_count(dns_message_t *msg, dns_section_t section, dns_rdatatype_t type) {
- int count = 0;
-
- MSG_SECTION_FOREACH(msg, section, name) {
- ISC_LIST_FOREACH_REV(name->list, curr, link) {
- if (curr->type == type) {
- count++;
- }
- }
- }
-
- return count;
-}
-
-void
-dns_zone_setminxfrratein(dns_zone_t *zone, uint32_t bytes, uint32_t seconds) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- zone->minxfrratebytesin = bytes;
- zone->minxfrratesecondsin = seconds;
-}
-
-uint32_t
-dns_zone_getminxfrratebytesin(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->minxfrratebytesin;
-}
-
-uint32_t
-dns_zone_getminxfrratesecondsin(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->minxfrratesecondsin;
-}
-
-void
-dns_zone_setmaxxfrin(dns_zone_t *zone, uint32_t maxxfrin) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- zone->maxxfrin = maxxfrin;
-}
-
-uint32_t
-dns_zone_getmaxxfrin(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->maxxfrin;
+ dns_zone_logv(zone, category, level, me, fmt, ap);
+ va_end(ap);
}
-void
-dns_zone_setmaxxfrout(dns_zone_t *zone, uint32_t maxxfrout) {
- REQUIRE(DNS_ZONE_VALID(zone));
- zone->maxxfrout = maxxfrout;
+static void
+zone_debuglog(dns_zone_t *zone, const char *me, int debuglevel, const char *fmt,
+ ...) {
+ int level = ISC_LOG_DEBUG(debuglevel);
+ va_list ap;
+
+ va_start(ap, fmt);
+ dns_zone_logv(zone, DNS_LOGCATEGORY_GENERAL, level, me, fmt, ap);
+ va_end(ap);
}
-uint32_t
-dns_zone_getmaxxfrout(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
+static void
+dnssec_log(dns_zone_t *zone, int level, const char *fmt, ...) {
+ va_list ap;
- return zone->maxxfrout;
+ va_start(ap, fmt);
+ dns_zone_logv(zone, DNS_LOGCATEGORY_DNSSEC, level, NULL, fmt, ap);
+ va_end(ap);
}
-dns_zonetype_t
-dns_zone_gettype(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
+static int
+message_count(dns_message_t *msg, dns_section_t section, dns_rdatatype_t type) {
+ int count = 0;
+
+ MSG_SECTION_FOREACH(msg, section, name) {
+ ISC_LIST_FOREACH_REV(name->list, curr, link) {
+ if (curr->type == type) {
+ count++;
+ }
+ }
+ }
- return zone->type;
+ return count;
}
const char *
: dns_zone_secondary;
}
-dns_name_t *
-dns_zone_getorigin(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return &zone->origin;
-}
-
-dns_rdataclass_t
-dns_zone_getrdclass(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->rdclass;
-}
-
dns_notifyctx_t *
dns__zone_getnotifyctx(dns_zone_t *zone, dns_rdatatype_t type) {
REQUIRE(DNS_ZONE_VALID(zone));
return NULL;
}
-void
-dns_zone_setidlein(dns_zone_t *zone, uint32_t idlein) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- if (idlein == 0) {
- idlein = DNS_DEFAULT_IDLEIN;
- }
- zone->idlein = idlein;
-}
-
-uint32_t
-dns_zone_getidlein(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->idlein;
-}
-
-void
-dns_zone_setidleout(dns_zone_t *zone, uint32_t idleout) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- zone->idleout = idleout;
-}
-
-uint32_t
-dns_zone_getidleout(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->idleout;
-}
-
void
dns__zone_stats_increment(dns_zone_t *zone, isc_statscounter_t counter) {
REQUIRE(DNS_ZONE_VALID(zone));
dns_zone_idetach(&zone);
}
-void
-dns_zone_getssutable(dns_zone_t *zone, dns_ssutable_t **table) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(table != NULL);
- REQUIRE(*table == NULL);
-
- LOCK_ZONE(zone);
- if (zone->ssutable != NULL) {
- dns_ssutable_attach(zone->ssutable, table);
- }
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_setssutable(dns_zone_t *zone, dns_ssutable_t *table) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- if (zone->ssutable != NULL) {
- dns_ssutable_detach(&zone->ssutable);
- }
- if (table != NULL) {
- dns_ssutable_attach(table, &zone->ssutable);
- }
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_setsigvalidityinterval(dns_zone_t *zone, uint32_t interval) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- zone->sigvalidityinterval = interval;
-}
-
-uint32_t
-dns_zone_getsigvalidityinterval(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->sigvalidityinterval;
-}
-
-void
-dns_zone_setkeyvalidityinterval(dns_zone_t *zone, uint32_t interval) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- zone->keyvalidityinterval = interval;
-}
-
-uint32_t
-dns_zone_getkeyvalidityinterval(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->keyvalidityinterval;
-}
-
-void
-dns_zone_setsigresigninginterval(dns_zone_t *zone, uint32_t interval) {
- isc_time_t now;
-
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- zone->sigresigninginterval = interval;
- set_resigntime(zone);
- if (zone->loop != NULL) {
- now = isc_time_now();
- zone_settimer(zone, &now);
- }
- UNLOCK_ZONE(zone);
-}
-
-uint32_t
-dns_zone_getsigresigninginterval(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->sigresigninginterval;
-}
-
-void
-dns_zone_getsourceaddr(dns_zone_t *zone, isc_sockaddr_t *sourceaddr) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(sourceaddr != NULL);
-
- LOCK_ZONE(zone);
- INSIST(dns_remote_count(&zone->primaries) > 0);
- *sourceaddr = zone->sourceaddr;
- UNLOCK_ZONE(zone);
-}
-
-isc_result_t
-dns_zone_getprimaryaddr(dns_zone_t *zone, isc_sockaddr_t *primaryaddr) {
- isc_result_t result = ISC_R_NOMORE;
-
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(primaryaddr != NULL);
-
- LOCK_ZONE(zone);
- INSIST(dns_remote_count(&zone->primaries) > 0);
- if (!dns_remote_done(&zone->primaries)) {
- *primaryaddr = dns_remote_curraddr(&zone->primaries);
- result = ISC_R_SUCCESS;
- }
- UNLOCK_ZONE(zone);
-
- return result;
-}
-
-isc_time_t
-dns_zone_getxfrintime(dns_zone_t *zone) {
- isc_time_t xfrintime;
-
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- xfrintime = zone->xfrintime;
- UNLOCK_ZONE(zone);
-
- return xfrintime;
-}
-
static void
queue_xfrin(dns_zone_t *zone) {
isc_result_t result;
return DNS_ZONE_FLAG(zone, DNS_ZONEFLG_FORCEXFER);
}
-isc_result_t
-dns_zone_setstatistics(dns_zone_t *zone, bool on) {
- /*
- * This function is obsoleted.
- */
- UNUSED(zone);
- UNUSED(on);
- return ISC_R_NOTIMPLEMENTED;
-}
+static void
+zone_namerd_tostr(dns_zone_t *zone, char *buf, size_t length) {
+ isc_result_t result = ISC_R_FAILURE;
+ isc_buffer_t buffer;
+
+ REQUIRE(buf != NULL);
+ REQUIRE(length > 1U);
-uint64_t *
-dns_zone_getstatscounters(dns_zone_t *zone) {
/*
- * This function is obsoleted.
+ * Leave space for terminating '\0'.
*/
- UNUSED(zone);
- return NULL;
-}
-
-void
-dns_zone_setstats(dns_zone_t *zone, isc_stats_t *stats) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(zone->stats == NULL);
-
- LOCK_ZONE(zone);
- zone->stats = NULL;
- isc_stats_attach(stats, &zone->stats);
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_setrequeststats(dns_zone_t *zone, isc_stats_t *stats) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- if (zone->requeststats_on && stats == NULL) {
- zone->requeststats_on = false;
- } else if (!zone->requeststats_on && stats != NULL) {
- if (zone->requeststats == NULL) {
- isc_stats_attach(stats, &zone->requeststats);
+ isc_buffer_init(&buffer, buf, (unsigned int)length - 1);
+ if (zone->type != dns_zone_redirect && zone->type != dns_zone_key) {
+ if (dns_name_dynamic(&zone->origin)) {
+ result = dns_name_totext(
+ &zone->origin, DNS_NAME_OMITFINALDOT, &buffer);
+ }
+ if (result != ISC_R_SUCCESS &&
+ isc_buffer_availablelength(&buffer) >=
+ (sizeof("<UNKNOWN>") - 1))
+ {
+ isc_buffer_putstr(&buffer, "<UNKNOWN>");
}
- zone->requeststats_on = true;
- }
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_setrcvquerystats(dns_zone_t *zone, isc_statsmulti_t *stats) {
- REQUIRE(DNS_ZONE_VALID(zone));
- LOCK_ZONE(zone);
- if (zone->requeststats_on && stats != NULL) {
- if (zone->rcvquerystats == NULL) {
- isc_statsmulti_attach(stats, &zone->rcvquerystats);
- zone->requeststats_on = true;
+ if (isc_buffer_availablelength(&buffer) > 0) {
+ isc_buffer_putstr(&buffer, "/");
}
+ (void)dns_rdataclass_totext(zone->rdclass, &buffer);
}
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_setdnssecsignstats(dns_zone_t *zone, dns_stats_t *stats) {
- REQUIRE(DNS_ZONE_VALID(zone));
- LOCK_ZONE(zone);
- if (stats != NULL && zone->dnssecsignstats == NULL) {
- dns_stats_attach(stats, &zone->dnssecsignstats);
+ if (zone->view != NULL && strcmp(zone->view->name, "_bind") != 0 &&
+ strcmp(zone->view->name, "_default") != 0 &&
+ strlen(zone->view->name) < isc_buffer_availablelength(&buffer))
+ {
+ isc_buffer_putstr(&buffer, "/");
+ isc_buffer_putstr(&buffer, zone->view->name);
}
- UNLOCK_ZONE(zone);
+ if (inline_secure(zone) && 9U < isc_buffer_availablelength(&buffer)) {
+ isc_buffer_putstr(&buffer, " (signed)");
+ }
+ if (inline_raw(zone) && 11U < isc_buffer_availablelength(&buffer)) {
+ isc_buffer_putstr(&buffer, " (unsigned)");
+ }
+
+ buf[isc_buffer_usedlength(&buffer)] = '\0';
}
-dns_stats_t *
-dns_zone_getdnssecsignstats(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
+static void
+zone_viewname_tostr(dns_zone_t *zone, char *buf, size_t length) {
+ isc_buffer_t buffer;
- return zone->dnssecsignstats;
-}
+ REQUIRE(buf != NULL);
+ REQUIRE(length > 1U);
-isc_stats_t *
-dns_zone_getrequeststats(dns_zone_t *zone) {
/*
- * We don't lock zone for efficiency reason. This is not catastrophic
- * because requeststats must always be valid when requeststats_on is
- * true.
- * Some counters may be incremented while requeststats_on is becoming
- * false, or some cannot be incremented just after the statistics are
- * installed, but it shouldn't matter much in practice.
+ * Leave space for terminating '\0'.
*/
- if (zone->requeststats_on) {
- return zone->requeststats;
- } else {
- return NULL;
- }
-}
-
-/*
- * Return the received query stats bucket
- * see note from dns_zone_getrequeststats()
- */
-isc_statsmulti_t *
-dns_zone_getrcvquerystats(dns_zone_t *zone) {
- if (zone->requeststats_on) {
- return zone->rcvquerystats;
- } else {
- return NULL;
- }
-}
-
-void
-dns_zone_setkeydirectory(dns_zone_t *zone, const char *directory) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- setstring(zone, &zone->keydirectory, directory);
- UNLOCK_ZONE(zone);
-}
+ isc_buffer_init(&buffer, buf, (unsigned int)length - 1);
-const char *
-dns_zone_getkeydirectory(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
+ if (zone->view == NULL) {
+ isc_buffer_putstr(&buffer, "_none");
+ } else if (strlen(zone->view->name) <
+ isc_buffer_availablelength(&buffer))
+ {
+ isc_buffer_putstr(&buffer, zone->view->name);
+ } else {
+ isc_buffer_putstr(&buffer, "_toolong");
+ }
- return zone->keydirectory;
+ buf[isc_buffer_usedlength(&buffer)] = '\0';
}
unsigned int
return ISC_R_SUCCESS;
}
-void
-dns_zone_setcheckmx(dns_zone_t *zone, dns_checkmxfunc_t checkmx) {
- REQUIRE(DNS_ZONE_VALID(zone));
- zone->checkmx = checkmx;
-}
-
-void
-dns_zone_setchecksrv(dns_zone_t *zone, dns_checksrvfunc_t checksrv) {
- REQUIRE(DNS_ZONE_VALID(zone));
- zone->checksrv = checksrv;
-}
-
-void
-dns_zone_setcheckns(dns_zone_t *zone, dns_checknsfunc_t checkns) {
- REQUIRE(DNS_ZONE_VALID(zone));
- zone->checkns = checkns;
-}
-
-void
-dns_zone_setcheckisservedby(dns_zone_t *zone,
- dns_checkisservedbyfunc_t checkisservedby) {
- REQUIRE(DNS_ZONE_VALID(zone));
- zone->checkisservedby = checkisservedby;
-}
-
-void
-dns_zone_setisself(dns_zone_t *zone, dns_isselffunc_t isself, void *arg) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- zone->isself = isself;
- zone->isselfarg = arg;
- UNLOCK_ZONE(zone);
-}
-
-void
-dns__zone_getisself(dns_zone_t *zone, dns_isselffunc_t *isself, void **arg) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(isself != NULL);
- REQUIRE(arg != NULL && *arg == NULL);
-
- *isself = zone->isself;
- *arg = zone->isselfarg;
-}
-
-void
-dns_zone_setnotifydefer(dns_zone_t *zone, dns_rdatatype_t type,
- uint32_t defer) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- switch (type) {
- case dns_rdatatype_soa:
- zone->notifysoa.notifydefer = defer;
- break;
- case dns_rdatatype_cds:
- /* not applicable to NOTIFY(CDS), unused */
- zone->notifycds.notifydefer = defer;
- break;
- default:
- UNREACHABLE();
- }
- UNLOCK_ZONE(zone);
-}
-
-void
-dns_zone_setnotifydelay(dns_zone_t *zone, dns_rdatatype_t type,
- uint32_t delay) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- switch (type) {
- case dns_rdatatype_soa:
- zone->notifysoa.notifydelay = delay;
- break;
- case dns_rdatatype_cds:
- /* not applicable to NOTIFY(CDS), unused */
- zone->notifycds.notifydelay = delay;
- break;
- default:
- UNREACHABLE();
- }
- UNLOCK_ZONE(zone);
-}
-
/*
* Called when a dynamic update for an NSEC3PARAM record is received.
*
return result;
}
-void
-dns_zone_setnodes(dns_zone_t *zone, uint32_t nodes) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- if (nodes == 0) {
- nodes = 1;
- }
- zone->nodes = nodes;
-}
-
-void
-dns_zone_setsignatures(dns_zone_t *zone, uint32_t signatures) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- /*
- * We treat signatures as a signed value so explicitly
- * limit its range here.
- */
- if (signatures > INT32_MAX) {
- signatures = INT32_MAX;
- } else if (signatures == 0) {
- signatures = 1;
- }
- zone->signatures = signatures;
-}
-
-uint32_t
-dns_zone_getsignatures(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
- return zone->signatures;
-}
-
-void
-dns_zone_setprivatetype(dns_zone_t *zone, dns_rdatatype_t type) {
- REQUIRE(DNS_ZONE_VALID(zone));
- zone->privatetype = type;
-}
-
-dns_rdatatype_t
-dns_zone_getprivatetype(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
- return zone->privatetype;
-}
-
static isc_result_t
zone_signwithkey(dns_zone_t *zone, dst_algorithm_t algorithm, uint16_t keyid,
bool deleteit, bool fullsign) {
return result;
}
-void
-dns_zone_setautomatic(dns_zone_t *zone, bool automatic) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- zone->automatic = automatic;
- UNLOCK_ZONE(zone);
-}
-
-bool
-dns_zone_getautomatic(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
- return zone->automatic;
-}
-
-void
-dns_zone_setadded(dns_zone_t *zone, bool added) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- zone->added = added;
- UNLOCK_ZONE(zone);
-}
-
-bool
-dns_zone_getadded(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
- return zone->added;
-}
-
-void
-dns_zone_setmodded(dns_zone_t *zone, bool modded) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- LOCK_ZONE(zone);
- zone->modded = modded;
- UNLOCK_ZONE(zone);
-}
-
-bool
-dns_zone_getmodded(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
- return zone->modded;
-}
-
isc_result_t
dns_zone_dlzpostload(dns_zone_t *zone, dns_db_t *db) {
isc_time_t loadtime;
return result;
}
-isc_result_t
-dns_zone_setrefreshkeyinterval(dns_zone_t *zone, uint32_t interval) {
- REQUIRE(DNS_ZONE_VALID(zone));
- if (interval == 0) {
- return ISC_R_RANGE;
- }
- /* Maximum value: 24 hours (3600 minutes) */
- if (interval > (24 * 60)) {
- interval = (24 * 60);
- }
- /* Multiply by 60 for seconds */
- zone->refreshkeyinterval = interval * 60;
- return ISC_R_SUCCESS;
-}
-
-void
-dns_zone_setrequestixfr(dns_zone_t *zone, bool flag) {
- REQUIRE(DNS_ZONE_VALID(zone));
- zone->requestixfr = flag;
-}
-
-bool
-dns_zone_getrequestixfr(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
- return zone->requestixfr;
-}
-
-void
-dns_zone_setrequestixfrmaxdiffs(dns_zone_t *zone, uint32_t maxdiffs) {
- REQUIRE(DNS_ZONE_VALID(zone));
- zone->requestixfr_maxdiffs = maxdiffs;
-}
-
-bool
-dns_zone_getrequestixfrmaxdiffs(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
- return zone->requestixfr_maxdiffs;
-}
-
-void
-dns_zone_setixfrratio(dns_zone_t *zone, uint32_t ratio) {
- REQUIRE(DNS_ZONE_VALID(zone));
- zone->ixfr_ratio = ratio;
-}
-
-uint32_t
-dns_zone_getixfrratio(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
- return zone->ixfr_ratio;
-}
-
-void
-dns_zone_setrequestexpire(dns_zone_t *zone, bool flag) {
- REQUIRE(DNS_ZONE_VALID(zone));
- zone->requestexpire = flag;
-}
-
-bool
-dns_zone_getrequestexpire(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
- return zone->requestexpire;
-}
-
-void
-dns_zone_setserialupdatemethod(dns_zone_t *zone, dns_updatemethod_t method) {
- REQUIRE(DNS_ZONE_VALID(zone));
- zone->updatemethod = method;
-}
-
-dns_updatemethod_t
-dns_zone_getserialupdatemethod(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
- return zone->updatemethod;
-}
-
/*
* Lock hierarchy: zmgr, zone, raw.
*/
return result;
}
-isc_result_t
-dns_zone_getloadtime(dns_zone_t *zone, isc_time_t *loadtime) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(loadtime != NULL);
-
- LOCK_ZONE(zone);
- *loadtime = zone->loadtime;
- UNLOCK_ZONE(zone);
- return ISC_R_SUCCESS;
-}
-
-isc_result_t
-dns_zone_getexpiretime(dns_zone_t *zone, isc_time_t *expiretime) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(expiretime != NULL);
-
- LOCK_ZONE(zone);
- *expiretime = zone->expiretime;
- UNLOCK_ZONE(zone);
- return ISC_R_SUCCESS;
-}
-
-isc_result_t
-dns_zone_getrefreshtime(dns_zone_t *zone, isc_time_t *refreshtime) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(refreshtime != NULL);
-
- LOCK_ZONE(zone);
- *refreshtime = zone->refreshtime;
- UNLOCK_ZONE(zone);
- return ISC_R_SUCCESS;
-}
-
-isc_result_t
-dns_zone_getrefreshkeytime(dns_zone_t *zone, isc_time_t *refreshkeytime) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(refreshkeytime != NULL);
-
- LOCK_ZONE(zone);
- *refreshkeytime = zone->refreshkeytime;
- UNLOCK_ZONE(zone);
- return ISC_R_SUCCESS;
-}
-
unsigned int
dns_zone_getincludes(dns_zone_t *zone, char ***includesp) {
char **array = NULL;
return n;
}
-void
-dns_zone_setstatlevel(dns_zone_t *zone, dns_zonestat_level_t level) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- zone->statlevel = level;
-}
-
-dns_zonestat_level_t
-dns_zone_getstatlevel(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->statlevel;
-}
-
static void
setserial(void *arg) {
uint32_t oldserial, desired;
RWUNLOCK(&zmgr->tlsctx_cache_rwlock, isc_rwlocktype_read);
}
-isc_mem_t *
-dns_zone_getmem(dns_zone_t *zone) {
- return zone->mctx;
-}
-
-unsigned int
-dns_zone_gettid(dns_zone_t *zone) {
- return zone->tid;
-}
-
-isc_loop_t *
-dns_zone_getloop(dns_zone_t *zone) {
- return zone->loop;
-}
-
isc_result_t
dns_zone_makedb(dns_zone_t *zone, dns_db_t **dbp) {
REQUIRE(DNS_ZONE_VALID(zone));
return result;
}
-isc_result_t
-dns_zone_getrad(dns_zone_t *zone, dns_name_t *name) {
- isc_result_t result = ISC_R_NOTFOUND;
-
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(DNS_NAME_VALID(name));
-
- rcu_read_lock();
- dns_rad_t *rad = rcu_dereference(zone->rad);
- if (rad != NULL) {
- dns_name_t *inner = dns_fixedname_name(&rad->fname);
- dns_name_copy(inner, name);
- result = ISC_R_SUCCESS;
- }
- rcu_read_unlock();
-
- return result;
-}
-
-void
-dns_zone_setrad(dns_zone_t *zone, dns_name_t *name) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(name == NULL || DNS_NAME_VALID(name));
-
- rcu_read_lock();
- dns_rad_t *new_rad = NULL;
- if (name != NULL) {
- new_rad = isc_mem_get(zone->mctx, sizeof(*new_rad));
- *new_rad = (dns_rad_t){};
- dns_fixedname_init(&new_rad->fname);
-
- isc_mem_attach(zone->mctx, &new_rad->mctx);
- dns_name_copy(name, dns_fixedname_name(&new_rad->fname));
- }
- dns_rad_t *xchg_rad = rcu_xchg_pointer(&zone->rad, new_rad);
-
- if (xchg_rad != NULL) {
- call_rcu(&xchg_rad->rcu_head, free_rad_rcu);
- }
- rcu_read_unlock();
-}
-
-void *
-dns_zone_gethooktable(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
- return zone->hooktable;
-}
-
-void
-dns_zone_sethooktable(dns_zone_t *zone, void *hooktable,
- void (*hooktable_free)(isc_mem_t *, void **)) {
- REQUIRE(DNS_ZONE_VALID(zone));
- REQUIRE(zone->hooktable == NULL);
- REQUIRE(zone->hooktable_free == NULL);
-
- zone->hooktable = hooktable;
- zone->hooktable_free = hooktable_free;
-}
-
void
dns_zone_setplugins(dns_zone_t *zone, void *plugins,
void (*plugins_free)(isc_mem_t *, void **)) {
}
}
-void
-dns_zone_setcfg(dns_zone_t *zone, const char *cfg) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- if (zone->cfg != NULL) {
- isc_mem_free(zone->mctx, zone->cfg);
- }
- if (cfg != NULL) {
- zone->cfg = isc_mem_strdup(zone->mctx, cfg);
- }
-}
-
-const char *
-dns_zone_getcfg(dns_zone_t *zone) {
- REQUIRE(DNS_ZONE_VALID(zone));
-
- return zone->cfg;
-}
-
bool
dns_zone_isexpired(dns_zone_t *zone) {
REQUIRE(DNS_ZONE_VALID(zone));
#pragma once
+/*! \file */
+
#include <stdbool.h>
-/*! \file */
+#include <dns/adb.h>
+#include <dns/db.h>
+#include <dns/notify.h>
+#include <dns/remote.h>
+#include <dns/update.h>
+#include <dns/zonefetch.h>
/*%
* Types and functions below meant to be used for internal zone
* modules only, and associated unit tests.
*/
+#define ZONE_MAGIC ISC_MAGIC('Z', 'O', 'N', 'E')
+#define DNS_ZONE_VALID(zone) ISC_MAGIC_VALID(zone, ZONE_MAGIC)
+
+#define CHECKDS_MAGIC ISC_MAGIC('C', 'h', 'D', 'S')
+#define DNS_CHECKDS_VALID(checkds) ISC_MAGIC_VALID(checkds, CHECKDS_MAGIC)
+
+#define STUB_MAGIC ISC_MAGIC('S', 't', 'u', 'b')
+#define DNS_STUB_VALID(stub) ISC_MAGIC_VALID(stub, STUB_MAGIC)
+
+#define ZONEMGR_MAGIC ISC_MAGIC('Z', 'm', 'g', 'r')
+#define DNS_ZONEMGR_VALID(stub) ISC_MAGIC_VALID(stub, ZONEMGR_MAGIC)
+
+#define FORWARD_MAGIC ISC_MAGIC('F', 'o', 'r', 'w')
+#define DNS_FORWARD_VALID(load) ISC_MAGIC_VALID(load, FORWARD_MAGIC)
+
+#define IO_MAGIC ISC_MAGIC('Z', 'm', 'I', 'O')
+#define DNS_IO_VALID(load) ISC_MAGIC_VALID(load, IO_MAGIC)
+
+/*
+ * Default values.
+ */
+#define DNS_DEFAULT_IDLEIN 3600 /*%< 1 hour */
+#define DNS_DEFAULT_IDLEOUT 3600 /*%< 1 hour */
+#define MAX_XFER_TIME (2 * 3600) /*%< Documented default is 2 hours */
+#define RESIGN_DELAY 3600 /*%< 1 hour */
+
+#ifndef DNS_MAX_EXPIRE
+#define DNS_MAX_EXPIRE 14515200 /*%< 24 weeks */
+#endif /* ifndef DNS_MAX_EXPIRE */
+
+#ifndef DNS_DUMP_DELAY
+#define DNS_DUMP_DELAY 900 /*%< 15 minutes */
+#endif /* ifndef DNS_DUMP_DELAY */
+
+/*%
+ * Transport timeouts.
+ */
#define UDP_REQUEST_TIMEOUT 5 /*%< 5 seconds */
#define UDP_REQUEST_RETRIES 2
#define TCP_REQUEST_TIMEOUT \
(UDP_REQUEST_TIMEOUT * (UDP_REQUEST_RETRIES + 1) + 1)
+/*%
+ * Zone locks.
+ */
+#define DNS_ZONE_CHECKLOCK
+#ifdef DNS_ZONE_CHECKLOCK
+#define LOCK_ZONE(z) \
+ do { \
+ LOCK(&(z)->lock); \
+ INSIST(!(z)->locked); \
+ (z)->locked = true; \
+ } while (0)
+#define UNLOCK_ZONE(z) \
+ do { \
+ INSIST((z)->locked); \
+ (z)->locked = false; \
+ UNLOCK(&(z)->lock); \
+ } while (0)
+#define LOCKED_ZONE(z) ((z)->locked)
+#define TRYLOCK_ZONE(result, z) \
+ do { \
+ result = isc_mutex_trylock(&(z)->lock); \
+ if (result == ISC_R_SUCCESS) { \
+ INSIST(!(z)->locked); \
+ (z)->locked = true; \
+ } \
+ } while (0)
+#else /* ifdef DNS_ZONE_CHECKLOCK */
+#define LOCK_ZONE(z) LOCK(&(z)->lock)
+#define UNLOCK_ZONE(z) UNLOCK(&(z)->lock)
+#define LOCKED_ZONE(z) true
+#define TRYLOCK_ZONE(result, z) \
+ do { \
+ result = isc_mutex_trylock(&(z)->lock); \
+ } while (0)
+#endif /* ifdef DNS_ZONE_CHECKLOCK */
+
+#define ZONEDB_INITLOCK(l) isc_rwlock_init(l)
+#define ZONEDB_DESTROYLOCK(l) isc_rwlock_destroy(l)
+#define ZONEDB_LOCK(l, t) RWLOCK((l), (t))
+#define ZONEDB_UNLOCK(l, t) RWUNLOCK((l), (t))
+
+/*%
+ * Zone flags.
+ */
+#define DNS_ZONE_FLAG(z, f) ((atomic_load_relaxed(&(z)->flags) & (f)) != 0)
+#define DNS_ZONE_SETFLAG(z, f) atomic_fetch_or(&(z)->flags, (f))
+#define DNS_ZONE_CLRFLAG(z, f) atomic_fetch_and(&(z)->flags, ~(f))
+typedef enum {
+ DNS_ZONEFLG_REFRESH = 1U << 0, /*%< refresh check in progress */
+ DNS_ZONEFLG_NEEDDUMP = 1U << 1, /*%< zone need consolidation */
+ DNS_ZONEFLG_USEVC = 1U << 2, /*%< use tcp for refresh query */
+ DNS_ZONEFLG_DUMPING = 1U << 3, /*%< a dump is in progress */
+ DNS_ZONEFLG_HASINCLUDE = 1U << 4, /*%< $INCLUDE in zone file */
+ DNS_ZONEFLG_LOADED = 1U << 5, /*%< database has loaded */
+ DNS_ZONEFLG_EXITING = 1U << 6, /*%< zone is being destroyed */
+ DNS_ZONEFLG_EXPIRED = 1U << 7, /*%< zone has expired */
+ DNS_ZONEFLG_NEEDREFRESH = 1U << 8, /*%< refresh check needed */
+ DNS_ZONEFLG_UPTODATE = 1U << 9, /*%< zone contents are
+ * up-to-date */
+ DNS_ZONEFLG_NEEDNOTIFY = 1U << 10, /*%< need to send out notify
+ * messages */
+ DNS_ZONEFLG_FIXJOURNAL = 1U << 11, /*%< journal file had
+ * recoverable error,
+ * needs rewriting */
+ DNS_ZONEFLG_NOPRIMARIES = 1U << 12, /*%< an attempt to refresh a
+ * zone with no primaries
+ * occurred */
+ DNS_ZONEFLG_LOADING = 1U << 13, /*%< load from disk in progress*/
+ DNS_ZONEFLG_HAVETIMERS = 1U << 14, /*%< timer values have been set
+ * from SOA (if not set, we
+ * are still using
+ * default timer values) */
+ DNS_ZONEFLG_FORCEXFER = 1U << 15, /*%< Force a zone xfer */
+ DNS_ZONEFLG_SHUTDOWN = 1U << 16,
+ DNS_ZONEFLG_NOIXFR = 1U << 17, /*%< IXFR failed, force AXFR */
+ DNS_ZONEFLG_FLUSH = 1U << 18,
+ DNS_ZONEFLG_NOEDNS = 1U << 19,
+ DNS_ZONEFLG_USEALTXFRSRC = 1U << 20, /*%< Obsoleted. */
+ DNS_ZONEFLG_SOABEFOREAXFR = 1U << 21,
+ DNS_ZONEFLG_NEEDCOMPACT = 1U << 22,
+ DNS_ZONEFLG_REFRESHING = 1U << 23, /*%< Refreshing keydata */
+ DNS_ZONEFLG_THAW = 1U << 24,
+ DNS_ZONEFLG_LOADPENDING = 1U << 25, /*%< Loading scheduled */
+ DNS_ZONEFLG_NODELAY = 1U << 26,
+ DNS_ZONEFLG_SENDSECURE = 1U << 27,
+ DNS_ZONEFLG_NEEDSTARTUPNOTIFY = 1U << 28, /*%< need to send out
+ * notify due to the zone
+ * just being loaded for
+ * the first time. */
+ DNS_ZONEFLG_NOTIFYNODEFER = 1U << 29, /*%< ignore the
+ * notify-defer option. */
+ DNS_ZONEFLG_NOTIFYDEFERRED = 1U << 30, /*%< notify was deferred
+ * according to the
+ * notify-defer option. */
+ DNS_ZONEFLG_FIRSTREFRESH = 1U << 31, /*%< First refresh pending */
+ DNS_ZONEFLG___MAX = UINT64_MAX, /* trick to make the ENUM 64-bit wide */
+} dns_zoneflg_t;
+
+/*%
+ * Zone options.
+ */
+#define DNS_ZONE_OPTION(z, o) ((atomic_load_relaxed(&(z)->options) & (o)) != 0)
+#define DNS_ZONE_SETOPTION(z, o) atomic_fetch_or(&(z)->options, (o))
+#define DNS_ZONE_CLROPTION(z, o) atomic_fetch_and(&(z)->options, ~(o))
+
+/*%
+ * Zone specific structures.
+ */
+typedef struct dns_checkds dns_checkds_t;
+typedef struct dns_forward dns_forward_t;
+typedef ISC_LIST(dns_forward_t) dns_forwardlist_t;
+typedef struct dns_signing dns_signing_t;
+typedef ISC_LIST(dns_signing_t) dns_signinglist_t;
+typedef struct dns_nsec3chain dns_nsec3chain_t;
+typedef ISC_LIST(dns_nsec3chain_t) dns_nsec3chainlist_t;
+typedef struct dns_include dns_include_t;
+
+/*%
+ * Hold checkds state.
+ */
+struct dns_checkds {
+ unsigned int magic;
+ dns_notify_flags_t flags;
+ isc_mem_t *mctx;
+ dns_zone_t *zone;
+ dns_adbfind_t *find;
+ dns_request_t *request;
+ dns_name_t ns;
+ isc_sockaddr_t src;
+ isc_sockaddr_t dst;
+ dns_tsigkey_t *key;
+ dns_transport_t *transport;
+ ISC_LINK(dns_checkds_t) link;
+ isc_rlevent_t *rlevent;
+};
+
+/*%
+ * Hold forward state.
+ */
+struct dns_forward {
+ unsigned int magic;
+ isc_mem_t *mctx;
+ dns_zone_t *zone;
+ isc_buffer_t *msgbuf;
+ dns_request_t *request;
+ uint32_t which;
+ isc_sockaddr_t addr;
+ dns_transport_t *transport;
+ dns_updatecallback_t callback;
+ void *callback_arg;
+ unsigned int options;
+ ISC_LINK(dns_forward_t) link;
+};
+
+/*%
+ * Hold state for when we are signing a zone with a new
+ * DNSKEY as result of an update.
+ */
+struct dns_signing {
+ unsigned int magic;
+ dns_db_t *db;
+ dns_dbiterator_t *dbiterator;
+ dst_algorithm_t algorithm;
+ uint16_t keyid;
+ bool deleteit;
+ bool fullsign;
+ bool done;
+ ISC_LINK(dns_signing_t) link;
+};
+
+struct dns_nsec3chain {
+ unsigned int magic;
+ dns_db_t *db;
+ dns_dbiterator_t *dbiterator;
+ dns_rdata_nsec3param_t nsec3param;
+ unsigned char salt[255];
+ bool done;
+ bool seen_nsec;
+ bool delete_nsec;
+ bool save_delete_nsec;
+ ISC_LINK(dns_nsec3chain_t) link;
+};
+
+/*%<
+ * 'dbiterator' contains a iterator for the database. If we are creating
+ * a NSEC3 chain only the non-NSEC3 nodes will be iterated. If we are
+ * removing a NSEC3 chain then both NSEC3 and non-NSEC3 nodes will be
+ * iterated.
+ *
+ * 'nsec3param' contains the parameters of the NSEC3 chain being created
+ * or removed.
+ *
+ * 'salt' is buffer space and is referenced via 'nsec3param.salt'.
+ *
+ * 'seen_nsec' will be set to true if, while iterating the zone to create a
+ * NSEC3 chain, a NSEC record is seen.
+ *
+ * 'delete_nsec' will be set to true if, at the completion of the creation
+ * of a NSEC3 chain, 'seen_nsec' is true. If 'delete_nsec' is true then we
+ * are in the process of deleting the NSEC chain.
+ *
+ * 'save_delete_nsec' is used to store the initial state of 'delete_nsec'
+ * so it can be recovered in the event of a error.
+ */
+
+/*%
+ * Reference to an include file encountered during loading
+ */
+struct dns_include {
+ char *name;
+ isc_time_t filetime;
+ ISC_LINK(dns_include_t) link;
+};
+
+typedef struct dns_rad {
+ isc_mem_t *mctx;
+ struct rcu_head rcu_head;
+ dns_fixedname_t fname;
+} dns_rad_t;
+
+typedef struct zone_settimer {
+ dns_zone_t *zone;
+ isc_time_t now;
+} zone_settimer_t;
+
+/*%
+ * Zone structure.
+ */
+struct dns_zone {
+ /* Unlocked */
+ unsigned int magic;
+ isc_mutex_t lock;
+#ifdef DNS_ZONE_CHECKLOCK
+ bool locked;
+#endif /* ifdef DNS_ZONE_CHECKLOCK */
+ isc_mem_t *mctx;
+ isc_refcount_t references;
+
+ isc_rwlock_t dblock;
+ dns_db_t *db; /* Locked by dblock */
+
+ isc_tid_t tid;
+ /* Locked */
+ dns_zonemgr_t *zmgr;
+ ISC_LINK(dns_zone_t) link; /* Used by zmgr. */
+ isc_loop_t *loop;
+ isc_timer_t *timer;
+ isc_refcount_t irefs;
+ dns_name_t origin;
+ dns_rad_t *rad;
+ char *masterfile;
+ char *initfile;
+ const FILE *stream; /* loading from a stream? */
+ ISC_LIST(dns_include_t) includes; /* Include files */
+ ISC_LIST(dns_include_t) newincludes; /* Loading */
+ unsigned int nincludes;
+ dns_masterformat_t masterformat;
+ const dns_master_style_t *masterstyle;
+ char *journal;
+ int32_t journalsize;
+ dns_rdataclass_t rdclass;
+ dns_zonetype_t type;
+ atomic_uint_fast64_t flags;
+ atomic_uint_fast64_t options;
+ unsigned int db_argc;
+ char **db_argv;
+ isc_time_t expiretime;
+ isc_time_t refreshtime;
+ isc_time_t dumptime;
+ isc_time_t loadtime;
+ isc_time_t notifytime;
+ isc_time_t resigntime;
+ isc_time_t keywarntime;
+ isc_time_t signingtime;
+ isc_time_t nsec3chaintime;
+ isc_time_t refreshkeytime;
+ isc_time_t xfrintime;
+ uint32_t refreshkeyinterval;
+ uint32_t refresh;
+ uint32_t retry;
+ uint32_t expire;
+ uint32_t minimum;
+ isc_stdtime_t key_expiry;
+ isc_stdtime_t log_key_expired_timer;
+ char *keydirectory;
+ dns_xfrin_t *xfr;
+
+ uint32_t maxrefresh;
+ uint32_t minrefresh;
+ uint32_t maxretry;
+ uint32_t minretry;
+
+ uint32_t maxrecords;
+ uint32_t maxrrperset;
+ uint32_t maxtypepername;
+
+ dns_remote_t primaries;
+
+ dns_remote_t parentals;
+ dns_dnsseckeylist_t checkds_ok;
+ dns_checkdstype_t checkdstype;
+ uint32_t parent_nscount;
+
+ uint32_t fetchcount[ZONEFETCHTYPE_COUNT];
+
+ dns_remote_t alsonotify;
+ dns_notifyctx_t notifysoa;
+
+ dns_remote_t cds_endpoints;
+ dns_notifyctx_t notifycds;
+
+ isc_sockaddr_t parentalsrc4;
+ isc_sockaddr_t parentalsrc6;
+ isc_sockaddr_t xfrsource4;
+ isc_sockaddr_t xfrsource6;
+ isc_sockaddr_t sourceaddr;
+ dns_tsigkey_t *tsigkey; /* key used for xfr */
+ dns_transport_t *transport; /* transport used for xfr */
+ /* Access Control Lists */
+ dns_acl_t *update_acl;
+ dns_acl_t *forward_acl;
+ dns_acl_t *query_acl;
+ dns_acl_t *queryon_acl;
+ dns_acl_t *xfr_acl;
+ bool update_disabled;
+ bool zero_no_soa_ttl;
+ dns_severity_t check_names;
+
+ ISC_LIST(dns_checkds_t) checkds_requests;
+ dns_request_t *request;
+ dns_loadctx_t *loadctx;
+ dns_dumpctx_t *dumpctx;
+ uint32_t minxfrratebytesin;
+ uint32_t minxfrratesecondsin;
+ uint32_t maxxfrin;
+ uint32_t maxxfrout;
+ uint32_t idlein;
+ uint32_t idleout;
+ dns_ssutable_t *ssutable;
+ uint32_t sigvalidityinterval;
+ uint32_t keyvalidityinterval;
+ uint32_t sigresigninginterval;
+ dns_view_t *view;
+ dns_view_t *prev_view;
+ dns_kasp_t *kasp;
+ dns_kasp_t *defaultkasp;
+ dns_dnsseckeylist_t keyring;
+ dns_checkmxfunc_t checkmx;
+ dns_checksrvfunc_t checksrv;
+ dns_checknsfunc_t checkns;
+ dns_checkisservedbyfunc_t checkisservedby;
+ /*%
+ * Zones in certain states such as "waiting for zone transfer"
+ * or "zone transfer in progress" are kept on per-state linked lists
+ * in the zone manager using the 'statelink' field. The 'statelist'
+ * field points at the list the zone is currently on. It the zone
+ * is not on any such list, statelist is NULL.
+ */
+ ISC_LINK(dns_zone_t) statelink;
+ dns_zonelist_t *statelist;
+ /*%
+ * Statistics counters about zone management.
+ */
+ isc_stats_t *stats;
+
+ /*
+ * Optional per-zone statistics counters. Counted outside of this
+ * module.
+ */
+ dns_zonestat_level_t statlevel;
+ bool requeststats_on;
+ isc_stats_t *requeststats;
+ isc_statsmulti_t *rcvquerystats;
+ dns_stats_t *dnssecsignstats;
+ dns_isselffunc_t isself;
+ void *isselfarg;
+
+ char *strnamerd;
+ char *strname;
+ char *strrdclass;
+ char *strviewname;
+
+ /*%
+ * Serial number for deferred journal compaction.
+ */
+ uint32_t compact_serial;
+ /*%
+ * Keys that are signing the zone for the first time.
+ */
+ dns_signinglist_t signing;
+ dns_nsec3chainlist_t nsec3chain;
+ /*%
+ * List of outstanding NSEC3PARAM change requests.
+ */
+ ISC_LIST(struct np3) setnsec3param_queue;
+ /*%
+ * Signing / re-signing quantum stopping parameters.
+ */
+ uint32_t signatures;
+ uint32_t nodes;
+ dns_rdatatype_t privatetype;
+
+ /*%
+ * True if added by "rndc addzone"
+ */
+ bool added;
+
+ /*%
+ * True if modded by "rndc modzone"
+ */
+ bool modded;
+
+ /*%
+ * True if added by automatically by named.
+ */
+ bool automatic;
+
+ /*%
+ * response policy data to be relayed to the database
+ */
+ dns_rpz_zones_t *rpzs;
+ dns_rpz_num_t rpz_num;
+
+ /*%
+ * catalog zone data
+ */
+ dns_catz_zones_t *catzs;
+
+ /*%
+ * parent catalog zone
+ */
+ dns_catz_zone_t *parentcatz;
+
+ /*%
+ * Serial number update method.
+ */
+ dns_updatemethod_t updatemethod;
+
+ /*%
+ * whether ixfr is requested
+ */
+ bool requestixfr;
+ uint32_t requestixfr_maxdiffs;
+ uint32_t ixfr_ratio;
+
+ /*%
+ * whether EDNS EXPIRE is requested
+ */
+ bool requestexpire;
+
+ /*%
+ * Outstanding forwarded UPDATE requests.
+ */
+ dns_forwardlist_t forwards;
+
+ dns_zone_t *raw;
+ dns_zone_t *secure;
+
+ bool sourceserialset;
+ uint32_t sourceserial;
+
+ /*%
+ * soa and maximum zone ttl
+ */
+ dns_ttl_t soattl;
+ dns_ttl_t maxttl;
+
+ /*
+ * Inline zone signing state.
+ */
+ dns_diff_t rss_diff;
+ dns_dbversion_t *rss_newver;
+ dns_dbversion_t *rss_oldver;
+ dns_db_t *rss_db;
+ dns_zone_t *rss_raw;
+ struct rss *rss;
+ dns_update_state_t *rss_state;
+
+ isc_stats_t *gluecachestats;
+
+ /*%
+ * Offline KSK signed key responses.
+ */
+ dns_skr_t *skr;
+ dns_skrbundle_t *skrbundle;
+
+ /*
+ * Plugin-related data structures
+ */
+ void *plugins;
+ void (*plugins_free)(isc_mem_t *, void **);
+ void *hooktable;
+ void (*hooktable_free)(isc_mem_t *, void **);
+
+ /* Configuration text */
+ char *cfg;
+};
+
typedef struct {
dns_diff_t *diff;
bool offline;
* Requires:
* \li 'zone' to be a valid zone, locked.
*/
+
+void
+dns_zone_setview_helper(dns_zone_t *zone, dns_view_t *view);
+/*
+ * Helper function to associate a zone with a view.
+ *
+ * Requires:
+ *
+ *\li 'zone' to be a valid zone, locked.
+ */
+
+bool
+inline_secure(dns_zone_t *zone);
+/*
+ * Returns true iff this the signed side of an inline-signing zone.
+ * Caller should hold zone lock.
+ *
+ * Requires:
+ *
+ *\li 'zone' to be a valid zone, locked.
+ */
+
+bool
+inline_raw(dns_zone_t *zone);
+/*
+ * Returns true iff this the signed side of an inline-signing zone.
+ * Caller should hold zone lock.
+ *
+ * Requires:
+ *
+ *\li 'zone' to be a valid zone, locked.
+ */
+
+void
+zone_freedbargs(dns_zone_t *zone);
+/*%<
+ * Free zone dbargs.
+ *
+ * Requires:
+ *
+ *\li 'zone' to be a valid zone.
+ */
+
+void
+zone_settimer(dns_zone_t *zone, isc_time_t *now);
+/*%<
+ * Sets zone timer to 'now' time.
+ *
+ * Requires:
+ *
+ *\li 'zone' to be a valid zone.
+ */
+
+void
+set_resigntime(dns_zone_t *zone);
+/*%<
+ * Calculates the next resign time and sets zone timer
+ * accordingly.
+ *
+ * Requires:
+ *
+ *\li 'zone' to be a valid zone, locked.
+ */
#include <dns/view.h>
#include <dns/zone.h>
#include <dns/zonefetch.h>
+#include <dns/zoneproperties.h>
#include "zone_p.h"
--- /dev/null
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+/*! \file */
+
+#include <isc/async.h> /* WMM: remove include */
+#include <isc/random.h> /* WMM: remove include */
+
+#include <dns/kasp.h>
+#include <dns/request.h>
+#include <dns/ssu.h>
+#include <dns/stats.h>
+#include <dns/view.h>
+#include <dns/zone.h>
+#include <dns/zoneproperties.h>
+
+#include "zone_p.h"
+
+static void
+default_journal(dns_zone_t *zone);
+static void
+zone_namerd_tostr(dns_zone_t *zone, char *buf, size_t length);
+static void
+zone_name_tostr(dns_zone_t *zone, char *buf, size_t length);
+static void
+zone_rdclass_tostr(dns_zone_t *zone, char *buf, size_t length);
+
+static void
+free_rad_rcu(struct rcu_head *rcu_head) {
+ dns_rad_t *rad = caa_container_of(rcu_head, dns_rad_t, rcu_head);
+ dns_fixedname_invalidate(&rad->fname);
+
+ isc_mem_putanddetach(&rad->mctx, rad, sizeof(*rad));
+}
+
+/*
+ * Single shot.
+ */
+void
+dns_zone_setclass(dns_zone_t *zone, dns_rdataclass_t rdclass) {
+ char namebuf[1024];
+
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(rdclass != dns_rdataclass_none);
+
+ /*
+ * Test and set.
+ */
+ LOCK_ZONE(zone);
+ INSIST(zone != zone->raw);
+ REQUIRE(zone->rdclass == dns_rdataclass_none ||
+ zone->rdclass == rdclass);
+ zone->rdclass = rdclass;
+
+ if (zone->strnamerd != NULL) {
+ isc_mem_free(zone->mctx, zone->strnamerd);
+ }
+ if (zone->strrdclass != NULL) {
+ isc_mem_free(zone->mctx, zone->strrdclass);
+ }
+
+ zone_namerd_tostr(zone, namebuf, sizeof namebuf);
+ zone->strnamerd = isc_mem_strdup(zone->mctx, namebuf);
+ zone_rdclass_tostr(zone, namebuf, sizeof namebuf);
+ zone->strrdclass = isc_mem_strdup(zone->mctx, namebuf);
+
+ if (inline_secure(zone)) {
+ dns_zone_setclass(zone->raw, rdclass);
+ }
+ UNLOCK_ZONE(zone);
+}
+
+dns_rdataclass_t
+dns_zone_getclass(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->rdclass;
+}
+
+void
+dns_zone_setnotifytype(dns_zone_t *zone, dns_rdatatype_t type,
+ dns_notifytype_t notifytype) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ switch (type) {
+ case dns_rdatatype_soa:
+ zone->notifysoa.notifytype = notifytype;
+ break;
+ case dns_rdatatype_cds:
+ INSIST(notifytype == dns_notifytype_no ||
+ notifytype == dns_notifytype_yes);
+ zone->notifycds.notifytype = notifytype;
+ break;
+ default:
+ UNREACHABLE();
+ }
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setcheckdstype(dns_zone_t *zone, dns_checkdstype_t checkdstype) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ zone->checkdstype = checkdstype;
+ UNLOCK_ZONE(zone);
+}
+
+/*
+ * Single shot.
+ */
+void
+dns_zone_settype(dns_zone_t *zone, dns_zonetype_t type) {
+ char namebuf[1024];
+
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(type != dns_zone_none);
+
+ /*
+ * Test and set.
+ */
+ LOCK_ZONE(zone);
+ REQUIRE(zone->type == dns_zone_none || zone->type == type);
+ zone->type = type;
+
+ if (zone->strnamerd != NULL) {
+ isc_mem_free(zone->mctx, zone->strnamerd);
+ }
+
+ zone_namerd_tostr(zone, namebuf, sizeof namebuf);
+ zone->strnamerd = isc_mem_strdup(zone->mctx, namebuf);
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_getdbtype(dns_zone_t *zone, char ***argv, isc_mem_t *mctx) {
+ size_t size = 0;
+ unsigned int i;
+ void *mem;
+ char **tmp, *tmp2, *base;
+
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(argv != NULL && *argv == NULL);
+
+ LOCK_ZONE(zone);
+ size = ISC_CHECKED_MUL(zone->db_argc + 1, sizeof(char *));
+ for (i = 0; i < zone->db_argc; i++) {
+ size += strlen(zone->db_argv[i]) + 1;
+ }
+ mem = isc_mem_allocate(mctx, size);
+ {
+ tmp = mem;
+ tmp2 = mem;
+ base = mem;
+ tmp2 += ISC_CHECKED_MUL(zone->db_argc + 1, sizeof(char *));
+ for (i = 0; i < zone->db_argc; i++) {
+ *tmp++ = tmp2;
+ strlcpy(tmp2, zone->db_argv[i], size - (tmp2 - base));
+ tmp2 += strlen(tmp2) + 1;
+ }
+ *tmp = NULL;
+ }
+ UNLOCK_ZONE(zone);
+ *argv = mem;
+}
+
+void
+dns_zone_setdbtype(dns_zone_t *zone, unsigned int dbargc,
+ const char *const *dbargv) {
+ char **argv = NULL;
+ unsigned int i;
+
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(dbargc >= 1);
+ REQUIRE(dbargv != NULL);
+
+ LOCK_ZONE(zone);
+
+ /* Set up a new database argument list. */
+ argv = isc_mem_cget(zone->mctx, dbargc, sizeof(*argv));
+ for (i = 0; i < dbargc; i++) {
+ argv[i] = NULL;
+ }
+ for (i = 0; i < dbargc; i++) {
+ argv[i] = isc_mem_strdup(zone->mctx, dbargv[i]);
+ }
+
+ /* Free the old list. */
+ zone_freedbargs(zone);
+
+ zone->db_argc = dbargc;
+ zone->db_argv = argv;
+
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setview(dns_zone_t *zone, dns_view_t *view) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ dns_zone_setview_helper(zone, view);
+ UNLOCK_ZONE(zone);
+}
+
+dns_view_t *
+dns_zone_getview(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->view;
+}
+
+void
+dns_zone_setorigin(dns_zone_t *zone, const dns_name_t *origin) {
+ char namebuf[1024];
+
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(origin != NULL);
+
+ LOCK_ZONE(zone);
+ INSIST(zone != zone->raw);
+ if (dns_name_dynamic(&zone->origin)) {
+ dns_name_free(&zone->origin, zone->mctx);
+ dns_name_init(&zone->origin);
+ }
+ dns_name_dup(origin, zone->mctx, &zone->origin);
+
+ if (zone->strnamerd != NULL) {
+ isc_mem_free(zone->mctx, zone->strnamerd);
+ }
+ if (zone->strname != NULL) {
+ isc_mem_free(zone->mctx, zone->strname);
+ }
+
+ zone_namerd_tostr(zone, namebuf, sizeof namebuf);
+ zone->strnamerd = isc_mem_strdup(zone->mctx, namebuf);
+ zone_name_tostr(zone, namebuf, sizeof namebuf);
+ zone->strname = isc_mem_strdup(zone->mctx, namebuf);
+
+ if (inline_secure(zone)) {
+ dns_zone_setorigin(zone->raw, origin);
+ }
+ UNLOCK_ZONE(zone);
+}
+
+static void
+setstring(dns_zone_t *zone, char **field, const char *value) {
+ char *copy;
+
+ if (value != NULL) {
+ copy = isc_mem_strdup(zone->mctx, value);
+ } else {
+ copy = NULL;
+ }
+
+ if (*field != NULL) {
+ isc_mem_free(zone->mctx, *field);
+ }
+
+ *field = copy;
+}
+
+typedef struct foundtoken foundtoken_t;
+typedef isc_result_t (*tokenparse_t)(const dns_zone_t *zone,
+ const foundtoken_t *token,
+ isc_buffer_t *b);
+struct foundtoken {
+ const char *pos;
+ size_t len;
+ tokenparse_t parse;
+};
+
+static int
+foundtoken_order(const void *a, const void *b) {
+ /* sort char pointers in order of which occurs first in memory */
+ return ((foundtoken_t *)a)->pos - ((foundtoken_t *)b)->pos;
+}
+
+static isc_result_t
+putmem(isc_buffer_t *b, const char *base, size_t length) {
+ size_t space = isc_buffer_availablelength(b) - 1;
+ if (space < length) {
+ isc_buffer_putmem(b, (const unsigned char *)base, space);
+ return ISC_R_NOSPACE;
+ }
+
+ isc_buffer_putmem(b, (const unsigned char *)base, length);
+ return ISC_R_SUCCESS;
+}
+
+static isc_result_t
+tokenparse_type(const dns_zone_t *zone, const foundtoken_t *token,
+ isc_buffer_t *b) {
+ const char *typename = dns_zonetype_name(zone->type);
+
+ UNUSED(token);
+
+ return putmem(b, typename, strlen(typename));
+}
+
+static isc_result_t
+tokenparse_name(const dns_zone_t *zone, const foundtoken_t *token,
+ isc_buffer_t *b) {
+ isc_result_t result;
+ char buf[DNS_NAME_FORMATSIZE];
+ dns_fixedname_t fn;
+ dns_name_t *name = dns_fixedname_initname(&fn);
+
+ UNUSED(token);
+
+ result = dns_name_downcase(&zone->origin, name);
+ RUNTIME_CHECK(result == ISC_R_SUCCESS);
+ dns_name_format(name, buf, sizeof(buf));
+ result = putmem(b, buf, strlen(buf));
+
+ return result;
+}
+
+static isc_result_t
+tokenparse_view(const dns_zone_t *zone, const foundtoken_t *token,
+ isc_buffer_t *b) {
+ UNUSED(token);
+
+ return putmem(b, zone->view->name, strlen(zone->view->name));
+}
+
+static isc_result_t
+tokenparse_char(const dns_zone_t *zone, const foundtoken_t *token,
+ isc_buffer_t *b) {
+ isc_result_t result;
+ char buf[DNS_NAME_FORMATSIZE];
+ dns_fixedname_t fn;
+ dns_name_t *name = dns_fixedname_initname(&fn);
+ size_t chartokidx;
+ char c;
+
+ result = dns_name_downcase(&zone->origin, name);
+ RUNTIME_CHECK(result == ISC_R_SUCCESS);
+ dns_name_format(name, buf, sizeof(buf));
+
+ chartokidx = token->pos[token->len - 1] - '1';
+ INSIST(chartokidx <= 2);
+ if (chartokidx < strlen(buf)) {
+ c = buf[chartokidx];
+ } else {
+ c = '.';
+ }
+ result = putmem(b, &c, 1);
+
+ return result;
+}
+
+static isc_result_t
+tokenparse_label(const dns_zone_t *zone, const foundtoken_t *token,
+ isc_buffer_t *b) {
+ isc_result_t result;
+ char buf[DNS_NAME_FORMATSIZE];
+ dns_fixedname_t fn;
+ dns_name_t *name = dns_fixedname_initname(&fn);
+ unsigned int labels = dns_name_countlabels(&zone->origin);
+ char labeltokidx;
+ int ilabel = -1;
+
+ result = dns_name_fromstring(name, ".", NULL, 0, NULL);
+ INSIST(result == ISC_R_SUCCESS);
+
+ labeltokidx = token->pos[token->len - 1];
+ if (token->len == 2) {
+ /*
+ * %z, %y, %x pattern
+ */
+ INSIST(labeltokidx >= 'x' && labeltokidx <= 'z');
+ } else {
+ /*
+ * $label1, $label2, $label3 pattern
+ */
+ INSIST(labeltokidx >= '1' && labeltokidx <= '3');
+ }
+
+ /*
+ * Even if implicit, the root label counts as one label.
+ */
+ if (labeltokidx == '1' || labeltokidx == 'z') {
+ ilabel = labels - 2;
+ } else if (labeltokidx == '2' || labeltokidx == 'y') {
+ ilabel = labels - 3;
+ } else if (labeltokidx == '3' || labeltokidx == 'x') {
+ ilabel = labels - 4;
+ }
+
+ if (ilabel >= 0) {
+ dns_name_getlabelsequence(&zone->origin, ilabel, 1, name);
+ result = dns_name_downcase(name, name);
+ RUNTIME_CHECK(result == ISC_R_SUCCESS);
+ }
+ dns_name_format(name, buf, sizeof(buf));
+ result = putmem(b, buf, strlen(buf));
+
+ return result;
+}
+
+typedef struct {
+ const char *name;
+ tokenparse_t parse;
+} token_t;
+static const token_t tokens[] = {
+ { "$type", tokenparse_type }, { "$name", tokenparse_name },
+ { "$view", tokenparse_view }, { "$char1", tokenparse_char },
+ { "$char2", tokenparse_char }, { "$char3", tokenparse_char },
+ { "$label1", tokenparse_label }, { "$label2", tokenparse_label },
+ { "$label3", tokenparse_label }, { "%t", tokenparse_type },
+ { "%s", tokenparse_name }, { "%v", tokenparse_view },
+ { "%1", tokenparse_char }, { "%2", tokenparse_char },
+ { "%3", tokenparse_char }, { "%z", tokenparse_label },
+ { "%y", tokenparse_label }, { "%x", tokenparse_label }
+};
+
+/*
+ * Set the masterfile field, expanding:
+ *
+ * - $name or "%s" to the zone name
+ * - $type or "%t" to the zone type
+ * - $view or "%v" to the view name.
+ * - $char1 or "%1" to the first character of the zone name
+ * - $char2 or "%2" to the second character of the zone name (or a dot if
+ * there is no second character)
+ * - $char3 or "%3" to the third character of the zone name (or a dot if
+ * there is no third character)
+ * - $label1 or "%z" to the toplevel domain of the zone (or a dot if it is
+ * the TLD)
+ * - $label2 or "%y" to the next label under the toplevel domain (or a dot if
+ * there is no next label)
+ * - $label2 or "%x" to the next-next label under the toplevel domain (or a
+ * dot if there is no next-next label)
+ *
+ * Cap the length at PATH_MAX.
+ */
+static void
+setfilename(dns_zone_t *zone, char **field, const char *value) {
+ isc_result_t result;
+ foundtoken_t founds[ARRAY_SIZE(tokens)];
+ char filename[PATH_MAX];
+ isc_buffer_t b;
+ size_t tags = 0;
+
+ if (value == NULL) {
+ *field = NULL;
+ return;
+ }
+
+ for (size_t i = 0; i < ARRAY_SIZE(tokens); i++) {
+ const token_t *token = &tokens[i];
+ const char *p = strcasestr(value, token->name);
+
+ if (p != NULL) {
+ founds[tags++] =
+ (foundtoken_t){ .pos = p,
+ .len = strlen(token->name),
+ .parse = token->parse };
+ }
+ }
+
+ if (tags == 0) {
+ setstring(zone, field, value);
+ return;
+ }
+
+ isc_buffer_init(&b, filename, sizeof(filename));
+
+ /* sort the tag offsets in order of occurrence */
+ qsort(founds, tags, sizeof(foundtoken_t), foundtoken_order);
+
+ const char *p = value;
+ for (size_t i = 0; i < tags; i++) {
+ foundtoken_t *token = &founds[i];
+
+ CHECK(putmem(&b, p, token->pos - p));
+
+ p = token->pos;
+ INSIST(p != NULL);
+ CHECK(token->parse(zone, token, &b));
+
+ /* Advance the input pointer past the token */
+ p += founds[i].len;
+ }
+
+ const char *end = value + strlen(value);
+ putmem(&b, p, end - p);
+
+cleanup:
+ isc_buffer_putuint8(&b, 0);
+ setstring(zone, field, filename);
+}
+
+void
+dns_zone_setfile(dns_zone_t *zone, const char *file, const char *initial_file,
+ dns_masterformat_t format, const dns_master_style_t *style) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(zone->stream == NULL);
+
+ LOCK_ZONE(zone);
+ setfilename(zone, &zone->masterfile, file);
+ setstring(zone, &zone->initfile, initial_file);
+ zone->masterformat = format;
+ if (format == dns_masterformat_text) {
+ zone->masterstyle = style;
+ }
+ default_journal(zone);
+ UNLOCK_ZONE(zone);
+}
+
+const char *
+dns_zone_getfile(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->masterfile;
+}
+
+void
+dns_zone_setstream(dns_zone_t *zone, const FILE *stream,
+ dns_masterformat_t format, const dns_master_style_t *style) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(stream != NULL);
+ REQUIRE(zone->masterfile == NULL);
+
+ LOCK_ZONE(zone);
+ zone->stream = stream;
+ zone->masterformat = format;
+ if (format == dns_masterformat_text) {
+ zone->masterstyle = style;
+ }
+ default_journal(zone);
+ UNLOCK_ZONE(zone);
+}
+
+dns_ttl_t
+dns_zone_getmaxttl(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->maxttl;
+}
+
+void
+dns_zone_setmaxttl(dns_zone_t *zone, dns_ttl_t maxttl) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ if (maxttl != 0) {
+ DNS_ZONE_SETOPTION(zone, DNS_ZONEOPT_CHECKTTL);
+ } else {
+ DNS_ZONE_CLROPTION(zone, DNS_ZONEOPT_CHECKTTL);
+ }
+ zone->maxttl = maxttl;
+ UNLOCK_ZONE(zone);
+
+ return;
+}
+
+static void
+default_journal(dns_zone_t *zone) {
+ char *journal;
+
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(LOCKED_ZONE(zone));
+
+ if (zone->masterfile != NULL) {
+ /* Calculate string length including '\0'. */
+ int len = strlen(zone->masterfile) + sizeof(".jnl");
+ journal = isc_mem_allocate(zone->mctx, len);
+ strlcpy(journal, zone->masterfile, len);
+ strlcat(journal, ".jnl", len);
+ } else {
+ journal = NULL;
+ }
+ setstring(zone, &zone->journal, journal);
+ if (journal != NULL) {
+ isc_mem_free(zone->mctx, journal);
+ }
+}
+
+void
+dns_zone_setjournal(dns_zone_t *zone, const char *myjournal) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ setstring(zone, &zone->journal, myjournal);
+ UNLOCK_ZONE(zone);
+}
+
+char *
+dns_zone_getjournal(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->journal;
+}
+
+isc_mem_t *
+dns_zone_getmctx(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->mctx;
+}
+
+dns_zonemgr_t *
+dns_zone_getmgr(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->zmgr;
+}
+
+void
+dns_zone_setkasp(dns_zone_t *zone, dns_kasp_t *kasp) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ if (zone->kasp != NULL) {
+ dns_kasp_detach(&zone->kasp);
+ }
+ if (kasp != NULL) {
+ dns_kasp_attach(kasp, &zone->kasp);
+ }
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setdefaultkasp(dns_zone_t *zone, dns_kasp_t *kasp) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ if (zone->defaultkasp != NULL) {
+ dns_kasp_detach(&zone->defaultkasp);
+ }
+ if (kasp != NULL) {
+ dns_kasp_attach(kasp, &zone->defaultkasp);
+ }
+ UNLOCK_ZONE(zone);
+}
+
+dns_kasp_t *
+dns_zone_getkasp(dns_zone_t *zone) {
+ dns_kasp_t *kasp = NULL;
+
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ if (inline_raw(zone) && zone->secure != NULL) {
+ kasp = zone->secure->kasp;
+ } else {
+ kasp = zone->kasp;
+ }
+ UNLOCK_ZONE(zone);
+
+ return kasp;
+}
+
+void
+dns_zone_setxfrsource4(dns_zone_t *zone, const isc_sockaddr_t *xfrsource) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(xfrsource != NULL);
+
+ LOCK_ZONE(zone);
+ zone->xfrsource4 = *xfrsource;
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_getxfrsource4(dns_zone_t *zone, isc_sockaddr_t *xfrsource) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(xfrsource != NULL);
+
+ LOCK_ZONE(zone);
+ *xfrsource = zone->xfrsource4;
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setxfrsource6(dns_zone_t *zone, const isc_sockaddr_t *xfrsource) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(xfrsource != NULL);
+
+ LOCK_ZONE(zone);
+ zone->xfrsource6 = *xfrsource;
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_getxfrsource6(dns_zone_t *zone, isc_sockaddr_t *xfrsource) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(xfrsource != NULL);
+
+ LOCK_ZONE(zone);
+ *xfrsource = zone->xfrsource6;
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setparentalsrc4(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(parentalsrc != NULL);
+
+ LOCK_ZONE(zone);
+ zone->parentalsrc4 = *parentalsrc;
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_getparentalsrc4(dns_zone_t *zone, isc_sockaddr_t *parentalsrc) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(parentalsrc != NULL);
+
+ LOCK_ZONE(zone);
+ *parentalsrc = zone->parentalsrc4;
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setparentalsrc6(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ zone->parentalsrc6 = *parentalsrc;
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_getparentalsrc6(dns_zone_t *zone, isc_sockaddr_t *parentalsrc) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(parentalsrc != NULL);
+
+ LOCK_ZONE(zone);
+ *parentalsrc = zone->parentalsrc6;
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setnotifysrc4(dns_zone_t *zone, dns_rdatatype_t type,
+ const isc_sockaddr_t *notifysrc) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(notifysrc != NULL);
+
+ LOCK_ZONE(zone);
+ switch (type) {
+ case dns_rdatatype_soa:
+ zone->notifysoa.notifysrc4 = *notifysrc;
+ break;
+ case dns_rdatatype_cds:
+ zone->notifycds.notifysrc4 = *notifysrc;
+ break;
+ default:
+ UNREACHABLE();
+ }
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setnotifysrc6(dns_zone_t *zone, dns_rdatatype_t type,
+ const isc_sockaddr_t *notifysrc) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(notifysrc != NULL);
+
+ LOCK_ZONE(zone);
+ switch (type) {
+ case dns_rdatatype_soa:
+ zone->notifysoa.notifysrc6 = *notifysrc;
+ break;
+ case dns_rdatatype_cds:
+ zone->notifycds.notifysrc6 = *notifysrc;
+ break;
+ default:
+ UNREACHABLE();
+ }
+ UNLOCK_ZONE(zone);
+}
+
+static bool
+has_pf(isc_sockaddr_t *addresses, size_t count, int pf) {
+ for (size_t i = 0; i < count; i++) {
+ if (isc_sockaddr_pf(&addresses[i]) == pf) {
+ return true;
+ }
+ }
+ return false;
+}
+
+static void
+report_no_active_addresses(dns_zone_t *zone, isc_sockaddr_t *addresses,
+ size_t count, const char *what) {
+ if (isc_net_probeipv4() == ISC_R_DISABLED) {
+ if (!has_pf(addresses, count, AF_INET6)) {
+ dns_zone_log(zone, ISC_LOG_NOTICE,
+ "IPv4 disabled and no IPv6 %s", what);
+ }
+ } else if (isc_net_probeipv6() == ISC_R_DISABLED) {
+ if (!has_pf(addresses, count, AF_INET)) {
+ dns_zone_log(zone, ISC_LOG_NOTICE,
+ "IPv6 disabled and no IPv4 %s", what);
+ }
+ }
+}
+
+static void
+setremote(dns_zone_t *zone, dns_remote_t *remote, const char *remotestr,
+ isc_sockaddr_t *addresses, isc_sockaddr_t *sources,
+ dns_name_t **keynames, dns_name_t **tlsnames, bool refresh,
+ bool report, uint32_t count) {
+ dns_remote_t newremote;
+
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(DNS_REMOTE_VALID(remote));
+
+ newremote.magic = DNS_REMOTE_MAGIC;
+ newremote.addresses = addresses;
+ newremote.sources = sources;
+ newremote.keynames = keynames;
+ newremote.tlsnames = tlsnames;
+ newremote.addrcnt = count;
+
+ if (dns_remote_equal(remote, &newremote)) {
+ return;
+ }
+
+ /*
+ * The refresh code assumes that 'servers' wouldn't change under it.
+ * If it will change then kill off any current refresh in progress
+ * and update the primaries info. If it won't change then we can just
+ * unlock and exit.
+ */
+ if (zone->request != NULL && refresh) {
+ dns_request_cancel(zone->request);
+ }
+
+ dns_remote_clear(remote);
+
+ /*
+ * If count == 0, don't allocate any space for servers.
+ */
+ if (count == 0) {
+ return;
+ }
+
+ /*
+ * Now set up the address and key lists.
+ */
+ if (report) {
+ report_no_active_addresses(zone, addresses, count, remotestr);
+ }
+
+ dns_remote_init(remote, count, addresses, sources, keynames, tlsnames,
+ true, zone->mctx);
+}
+
+void
+dns_zone_setalsonotify(dns_zone_t *zone, isc_sockaddr_t *addresses,
+ isc_sockaddr_t *sources, dns_name_t **keynames,
+ dns_name_t **tlsnames, uint32_t count) {
+ bool refresh = false;
+ bool report = false;
+
+ LOCK_ZONE(zone);
+ setremote(zone, &zone->alsonotify, "also-notify", addresses, sources,
+ keynames, tlsnames, refresh, report, count);
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setprimaries(dns_zone_t *zone, isc_sockaddr_t *addresses,
+ isc_sockaddr_t *sources, dns_name_t **keynames,
+ dns_name_t **tlsnames, uint32_t count) {
+ bool refresh = true;
+ bool report = true;
+
+ LOCK_ZONE(zone);
+ setremote(zone, &zone->primaries, "primaries", addresses, sources,
+ keynames, tlsnames, refresh, report, count);
+ DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_NOPRIMARIES);
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setparentals(dns_zone_t *zone, isc_sockaddr_t *addresses,
+ isc_sockaddr_t *sources, dns_name_t **keynames,
+ dns_name_t **tlsnames, uint32_t count) {
+ bool refresh = false;
+ bool report = true;
+
+ LOCK_ZONE(zone);
+ setremote(zone, &zone->parentals, "parental-agents", addresses, sources,
+ keynames, tlsnames, refresh, report, count);
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setcdsendpoints(dns_zone_t *zone, isc_sockaddr_t *addresses,
+ isc_sockaddr_t *sources, dns_name_t **keynames,
+ dns_name_t **tlsnames, uint32_t count) {
+ bool refresh = false;
+ bool report = false;
+
+ LOCK_ZONE(zone);
+ setremote(zone, &zone->cds_endpoints, "cds-endpoints", addresses,
+ sources, keynames, tlsnames, refresh, report, count);
+ UNLOCK_ZONE(zone);
+}
+
+isc_result_t
+dns_zone_getdb(dns_zone_t *zone, dns_db_t **dpb) {
+ isc_result_t result = ISC_R_SUCCESS;
+
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read);
+ if (zone->db == NULL) {
+ result = DNS_R_NOTLOADED;
+ } else {
+ dns_db_attach(zone->db, dpb);
+ }
+ ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read);
+
+ return result;
+}
+
+void
+dns_zone_setdb(dns_zone_t *zone, dns_db_t *db) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(zone->type == dns_zone_staticstub);
+
+ ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_write);
+ REQUIRE(zone->db == NULL);
+ dns_db_attach(db, &zone->db);
+ ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_write);
+}
+
+void
+dns_zone_setminrefreshtime(dns_zone_t *zone, uint32_t val) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(val > 0);
+
+ zone->minrefresh = val;
+}
+
+void
+dns_zone_setmaxrefreshtime(dns_zone_t *zone, uint32_t val) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(val > 0);
+
+ zone->maxrefresh = val;
+}
+
+void
+dns_zone_setminretrytime(dns_zone_t *zone, uint32_t val) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(val > 0);
+
+ zone->minretry = val;
+}
+
+void
+dns_zone_setmaxretrytime(dns_zone_t *zone, uint32_t val) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(val > 0);
+
+ zone->maxretry = val;
+}
+
+uint32_t
+dns_zone_getmaxrecords(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->maxrecords;
+}
+
+void
+dns_zone_setmaxrecords(dns_zone_t *zone, uint32_t val) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ zone->maxrecords = val;
+}
+
+void
+dns_zone_setmaxrrperset(dns_zone_t *zone, uint32_t val) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ zone->maxrrperset = val;
+ if (zone->db != NULL) {
+ dns_db_setmaxrrperset(zone->db, val);
+ }
+}
+
+void
+dns_zone_setmaxtypepername(dns_zone_t *zone, uint32_t val) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ zone->maxtypepername = val;
+ if (zone->db != NULL) {
+ dns_db_setmaxtypepername(zone->db, val);
+ }
+}
+
+void
+dns_zone_setnotifyacl(dns_zone_t *zone, dns_acl_t *acl) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ dns_zone_clearnotifyacl(zone);
+
+ LOCK_ZONE(zone);
+ dns_acl_attach(acl, &zone->notifysoa.notify_acl);
+ dns_acl_attach(acl, &zone->notifycds.notify_acl);
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setqueryacl(dns_zone_t *zone, dns_acl_t *acl) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ if (zone->query_acl != NULL) {
+ dns_acl_detach(&zone->query_acl);
+ }
+ dns_acl_attach(acl, &zone->query_acl);
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setqueryonacl(dns_zone_t *zone, dns_acl_t *acl) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ if (zone->queryon_acl != NULL) {
+ dns_acl_detach(&zone->queryon_acl);
+ }
+ dns_acl_attach(acl, &zone->queryon_acl);
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setupdateacl(dns_zone_t *zone, dns_acl_t *acl) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ if (zone->update_acl != NULL) {
+ dns_acl_detach(&zone->update_acl);
+ }
+ dns_acl_attach(acl, &zone->update_acl);
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setforwardacl(dns_zone_t *zone, dns_acl_t *acl) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ if (zone->forward_acl != NULL) {
+ dns_acl_detach(&zone->forward_acl);
+ }
+ dns_acl_attach(acl, &zone->forward_acl);
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setxfracl(dns_zone_t *zone, dns_acl_t *acl) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ if (zone->xfr_acl != NULL) {
+ dns_acl_detach(&zone->xfr_acl);
+ }
+ dns_acl_attach(acl, &zone->xfr_acl);
+ UNLOCK_ZONE(zone);
+}
+
+dns_acl_t *
+dns_zone_getqueryacl(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->query_acl;
+}
+
+dns_acl_t *
+dns_zone_getqueryonacl(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->queryon_acl;
+}
+
+dns_acl_t *
+dns_zone_getupdateacl(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->update_acl;
+}
+
+dns_acl_t *
+dns_zone_getforwardacl(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->forward_acl;
+}
+
+dns_acl_t *
+dns_zone_getxfracl(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->xfr_acl;
+}
+
+void
+dns_zone_clearupdateacl(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ if (zone->update_acl != NULL) {
+ dns_acl_detach(&zone->update_acl);
+ }
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_clearforwardacl(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ if (zone->forward_acl != NULL) {
+ dns_acl_detach(&zone->forward_acl);
+ }
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_clearnotifyacl(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ if (zone->notifysoa.notify_acl != NULL) {
+ dns_acl_detach(&zone->notifysoa.notify_acl);
+ }
+ if (zone->notifycds.notify_acl != NULL) {
+ dns_acl_detach(&zone->notifycds.notify_acl);
+ }
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_clearqueryacl(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ if (zone->query_acl != NULL) {
+ dns_acl_detach(&zone->query_acl);
+ }
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_clearqueryonacl(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ if (zone->queryon_acl != NULL) {
+ dns_acl_detach(&zone->queryon_acl);
+ }
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_clearxfracl(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ if (zone->xfr_acl != NULL) {
+ dns_acl_detach(&zone->xfr_acl);
+ }
+ UNLOCK_ZONE(zone);
+}
+
+bool
+dns_zone_getupdatedisabled(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ return zone->update_disabled;
+}
+
+void
+dns_zone_setupdatedisabled(dns_zone_t *zone, bool state) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ zone->update_disabled = state;
+}
+
+bool
+dns_zone_getzeronosoattl(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ return zone->zero_no_soa_ttl;
+}
+
+void
+dns_zone_setzeronosoattl(dns_zone_t *zone, bool state) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ zone->zero_no_soa_ttl = state;
+}
+
+void
+dns_zone_setchecknames(dns_zone_t *zone, dns_severity_t severity) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ zone->check_names = severity;
+}
+
+dns_severity_t
+dns_zone_getchecknames(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->check_names;
+}
+
+void
+dns_zone_setjournalsize(dns_zone_t *zone, int32_t size) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ zone->journalsize = size;
+}
+
+int32_t
+dns_zone_getjournalsize(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->journalsize;
+}
+
+static void
+zone_namerd_tostr(dns_zone_t *zone, char *buf, size_t length) {
+ isc_result_t result = ISC_R_FAILURE;
+ isc_buffer_t buffer;
+
+ REQUIRE(buf != NULL);
+ REQUIRE(length > 1U);
+
+ /*
+ * Leave space for terminating '\0'.
+ */
+ isc_buffer_init(&buffer, buf, (unsigned int)length - 1);
+ if (zone->type != dns_zone_redirect && zone->type != dns_zone_key) {
+ if (dns_name_dynamic(&zone->origin)) {
+ result = dns_name_totext(
+ &zone->origin, DNS_NAME_OMITFINALDOT, &buffer);
+ }
+ if (result != ISC_R_SUCCESS &&
+ isc_buffer_availablelength(&buffer) >=
+ (sizeof("<UNKNOWN>") - 1))
+ {
+ isc_buffer_putstr(&buffer, "<UNKNOWN>");
+ }
+
+ if (isc_buffer_availablelength(&buffer) > 0) {
+ isc_buffer_putstr(&buffer, "/");
+ }
+ (void)dns_rdataclass_totext(zone->rdclass, &buffer);
+ }
+
+ if (zone->view != NULL && strcmp(zone->view->name, "_bind") != 0 &&
+ strcmp(zone->view->name, "_default") != 0 &&
+ strlen(zone->view->name) < isc_buffer_availablelength(&buffer))
+ {
+ isc_buffer_putstr(&buffer, "/");
+ isc_buffer_putstr(&buffer, zone->view->name);
+ }
+ if (inline_secure(zone) && 9U < isc_buffer_availablelength(&buffer)) {
+ isc_buffer_putstr(&buffer, " (signed)");
+ }
+ if (inline_raw(zone) && 11U < isc_buffer_availablelength(&buffer)) {
+ isc_buffer_putstr(&buffer, " (unsigned)");
+ }
+
+ buf[isc_buffer_usedlength(&buffer)] = '\0';
+}
+
+static void
+zone_name_tostr(dns_zone_t *zone, char *buf, size_t length) {
+ isc_result_t result = ISC_R_FAILURE;
+ isc_buffer_t buffer;
+
+ REQUIRE(buf != NULL);
+ REQUIRE(length > 1U);
+
+ /*
+ * Leave space for terminating '\0'.
+ */
+ isc_buffer_init(&buffer, buf, (unsigned int)length - 1);
+ if (dns_name_dynamic(&zone->origin)) {
+ result = dns_name_totext(&zone->origin, DNS_NAME_OMITFINALDOT,
+ &buffer);
+ }
+ if (result != ISC_R_SUCCESS &&
+ isc_buffer_availablelength(&buffer) >= (sizeof("<UNKNOWN>") - 1))
+ {
+ isc_buffer_putstr(&buffer, "<UNKNOWN>");
+ }
+
+ buf[isc_buffer_usedlength(&buffer)] = '\0';
+}
+
+static void
+zone_rdclass_tostr(dns_zone_t *zone, char *buf, size_t length) {
+ isc_buffer_t buffer;
+
+ REQUIRE(buf != NULL);
+ REQUIRE(length > 1U);
+
+ /*
+ * Leave space for terminating '\0'.
+ */
+ isc_buffer_init(&buffer, buf, (unsigned int)length - 1);
+ (void)dns_rdataclass_totext(zone->rdclass, &buffer);
+
+ buf[isc_buffer_usedlength(&buffer)] = '\0';
+}
+
+void
+dns_zone_name(dns_zone_t *zone, char *buf, size_t length) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(buf != NULL);
+
+ LOCK_ZONE(zone);
+ zone_namerd_tostr(zone, buf, length);
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_nameonly(dns_zone_t *zone, char *buf, size_t length) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(buf != NULL);
+ zone_name_tostr(zone, buf, length);
+}
+
+void
+dns_zone_setminxfrratein(dns_zone_t *zone, uint32_t bytes, uint32_t seconds) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ zone->minxfrratebytesin = bytes;
+ zone->minxfrratesecondsin = seconds;
+}
+
+uint32_t
+dns_zone_getminxfrratebytesin(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->minxfrratebytesin;
+}
+
+uint32_t
+dns_zone_getminxfrratesecondsin(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->minxfrratesecondsin;
+}
+
+void
+dns_zone_setmaxxfrin(dns_zone_t *zone, uint32_t maxxfrin) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ zone->maxxfrin = maxxfrin;
+}
+
+uint32_t
+dns_zone_getmaxxfrin(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->maxxfrin;
+}
+
+void
+dns_zone_setmaxxfrout(dns_zone_t *zone, uint32_t maxxfrout) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ zone->maxxfrout = maxxfrout;
+}
+
+uint32_t
+dns_zone_getmaxxfrout(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->maxxfrout;
+}
+
+dns_zonetype_t
+dns_zone_gettype(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->type;
+}
+
+dns_name_t *
+dns_zone_getorigin(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return &zone->origin;
+}
+
+dns_rdataclass_t
+dns_zone_getrdclass(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->rdclass;
+}
+
+void
+dns_zone_setidlein(dns_zone_t *zone, uint32_t idlein) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ if (idlein == 0) {
+ idlein = DNS_DEFAULT_IDLEIN;
+ }
+ zone->idlein = idlein;
+}
+
+uint32_t
+dns_zone_getidlein(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->idlein;
+}
+
+void
+dns_zone_setidleout(dns_zone_t *zone, uint32_t idleout) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ zone->idleout = idleout;
+}
+
+uint32_t
+dns_zone_getidleout(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->idleout;
+}
+
+void
+dns_zone_getssutable(dns_zone_t *zone, dns_ssutable_t **table) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(table != NULL);
+ REQUIRE(*table == NULL);
+
+ LOCK_ZONE(zone);
+ if (zone->ssutable != NULL) {
+ dns_ssutable_attach(zone->ssutable, table);
+ }
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setssutable(dns_zone_t *zone, dns_ssutable_t *table) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ if (zone->ssutable != NULL) {
+ dns_ssutable_detach(&zone->ssutable);
+ }
+ if (table != NULL) {
+ dns_ssutable_attach(table, &zone->ssutable);
+ }
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setsigvalidityinterval(dns_zone_t *zone, uint32_t interval) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ zone->sigvalidityinterval = interval;
+}
+
+uint32_t
+dns_zone_getsigvalidityinterval(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->sigvalidityinterval;
+}
+
+void
+dns_zone_setkeyvalidityinterval(dns_zone_t *zone, uint32_t interval) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ zone->keyvalidityinterval = interval;
+}
+
+uint32_t
+dns_zone_getkeyvalidityinterval(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->keyvalidityinterval;
+}
+
+void
+dns_zone_setsigresigninginterval(dns_zone_t *zone, uint32_t interval) {
+ isc_time_t now;
+
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ zone->sigresigninginterval = interval;
+ set_resigntime(zone);
+ if (zone->loop != NULL) {
+ now = isc_time_now();
+ zone_settimer(zone, &now);
+ }
+ UNLOCK_ZONE(zone);
+}
+
+uint32_t
+dns_zone_getsigresigninginterval(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->sigresigninginterval;
+}
+
+void
+dns_zone_getsourceaddr(dns_zone_t *zone, isc_sockaddr_t *sourceaddr) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(sourceaddr != NULL);
+
+ LOCK_ZONE(zone);
+ INSIST(dns_remote_count(&zone->primaries) > 0);
+ *sourceaddr = zone->sourceaddr;
+ UNLOCK_ZONE(zone);
+}
+
+isc_result_t
+dns_zone_getprimaryaddr(dns_zone_t *zone, isc_sockaddr_t *primaryaddr) {
+ isc_result_t result = ISC_R_NOMORE;
+
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(primaryaddr != NULL);
+
+ LOCK_ZONE(zone);
+ INSIST(dns_remote_count(&zone->primaries) > 0);
+ if (!dns_remote_done(&zone->primaries)) {
+ *primaryaddr = dns_remote_curraddr(&zone->primaries);
+ result = ISC_R_SUCCESS;
+ }
+ UNLOCK_ZONE(zone);
+
+ return result;
+}
+
+isc_time_t
+dns_zone_getxfrintime(dns_zone_t *zone) {
+ isc_time_t xfrintime;
+
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ xfrintime = zone->xfrintime;
+ UNLOCK_ZONE(zone);
+
+ return xfrintime;
+}
+
+isc_result_t
+dns_zone_setstatistics(dns_zone_t *zone, bool on) {
+ /*
+ * This function is obsoleted.
+ */
+ UNUSED(zone);
+ UNUSED(on);
+ return ISC_R_NOTIMPLEMENTED;
+}
+
+uint64_t *
+dns_zone_getstatscounters(dns_zone_t *zone) {
+ /*
+ * This function is obsoleted.
+ */
+ UNUSED(zone);
+ return NULL;
+}
+
+void
+dns_zone_setstats(dns_zone_t *zone, isc_stats_t *stats) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(zone->stats == NULL);
+
+ LOCK_ZONE(zone);
+ zone->stats = NULL;
+ isc_stats_attach(stats, &zone->stats);
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setrequeststats(dns_zone_t *zone, isc_stats_t *stats) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ if (zone->requeststats_on && stats == NULL) {
+ zone->requeststats_on = false;
+ } else if (!zone->requeststats_on && stats != NULL) {
+ if (zone->requeststats == NULL) {
+ isc_stats_attach(stats, &zone->requeststats);
+ }
+ zone->requeststats_on = true;
+ }
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setrcvquerystats(dns_zone_t *zone, isc_statsmulti_t *stats) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ if (zone->requeststats_on && stats != NULL) {
+ if (zone->rcvquerystats == NULL) {
+ isc_statsmulti_attach(stats, &zone->rcvquerystats);
+ zone->requeststats_on = true;
+ }
+ }
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setdnssecsignstats(dns_zone_t *zone, dns_stats_t *stats) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ if (stats != NULL && zone->dnssecsignstats == NULL) {
+ dns_stats_attach(stats, &zone->dnssecsignstats);
+ }
+ UNLOCK_ZONE(zone);
+}
+
+dns_stats_t *
+dns_zone_getdnssecsignstats(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->dnssecsignstats;
+}
+
+isc_stats_t *
+dns_zone_getrequeststats(dns_zone_t *zone) {
+ /*
+ * We don't lock zone for efficiency reason. This is not catastrophic
+ * because requeststats must always be valid when requeststats_on is
+ * true.
+ * Some counters may be incremented while requeststats_on is becoming
+ * false, or some cannot be incremented just after the statistics are
+ * installed, but it shouldn't matter much in practice.
+ */
+ if (zone->requeststats_on) {
+ return zone->requeststats;
+ } else {
+ return NULL;
+ }
+}
+
+/*
+ * Return the received query stats bucket
+ * see note from dns_zone_getrequeststats()
+ */
+isc_statsmulti_t *
+dns_zone_getrcvquerystats(dns_zone_t *zone) {
+ if (zone->requeststats_on) {
+ return zone->rcvquerystats;
+ } else {
+ return NULL;
+ }
+}
+
+void
+dns_zone_setkeydirectory(dns_zone_t *zone, const char *directory) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ setstring(zone, &zone->keydirectory, directory);
+ UNLOCK_ZONE(zone);
+}
+
+const char *
+dns_zone_getkeydirectory(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->keydirectory;
+}
+
+void
+dns_zone_setcheckmx(dns_zone_t *zone, dns_checkmxfunc_t checkmx) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ zone->checkmx = checkmx;
+}
+
+void
+dns_zone_setchecksrv(dns_zone_t *zone, dns_checksrvfunc_t checksrv) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ zone->checksrv = checksrv;
+}
+
+void
+dns_zone_setcheckns(dns_zone_t *zone, dns_checknsfunc_t checkns) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ zone->checkns = checkns;
+}
+
+void
+dns_zone_setcheckisservedby(dns_zone_t *zone,
+ dns_checkisservedbyfunc_t checkisservedby) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ zone->checkisservedby = checkisservedby;
+}
+
+void
+dns_zone_setisself(dns_zone_t *zone, dns_isselffunc_t isself, void *arg) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ zone->isself = isself;
+ zone->isselfarg = arg;
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns__zone_getisself(dns_zone_t *zone, dns_isselffunc_t *isself, void **arg) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(isself != NULL);
+ REQUIRE(arg != NULL && *arg == NULL);
+
+ *isself = zone->isself;
+ *arg = zone->isselfarg;
+}
+
+void
+dns_zone_setnotifydefer(dns_zone_t *zone, dns_rdatatype_t type,
+ uint32_t defer) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ switch (type) {
+ case dns_rdatatype_soa:
+ zone->notifysoa.notifydefer = defer;
+ break;
+ case dns_rdatatype_cds:
+ /* not applicable to NOTIFY(CDS), unused */
+ zone->notifycds.notifydefer = defer;
+ break;
+ default:
+ UNREACHABLE();
+ }
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setnotifydelay(dns_zone_t *zone, dns_rdatatype_t type,
+ uint32_t delay) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ switch (type) {
+ case dns_rdatatype_soa:
+ zone->notifysoa.notifydelay = delay;
+ break;
+ case dns_rdatatype_cds:
+ /* not applicable to NOTIFY(CDS), unused */
+ zone->notifycds.notifydelay = delay;
+ break;
+ default:
+ UNREACHABLE();
+ }
+ UNLOCK_ZONE(zone);
+}
+
+void
+dns_zone_setnodes(dns_zone_t *zone, uint32_t nodes) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ if (nodes == 0) {
+ nodes = 1;
+ }
+ zone->nodes = nodes;
+}
+
+void
+dns_zone_setsignatures(dns_zone_t *zone, uint32_t signatures) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ /*
+ * We treat signatures as a signed value so explicitly
+ * limit its range here.
+ */
+ if (signatures > INT32_MAX) {
+ signatures = INT32_MAX;
+ } else if (signatures == 0) {
+ signatures = 1;
+ }
+ zone->signatures = signatures;
+}
+
+uint32_t
+dns_zone_getsignatures(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ return zone->signatures;
+}
+
+void
+dns_zone_setprivatetype(dns_zone_t *zone, dns_rdatatype_t type) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ zone->privatetype = type;
+}
+
+dns_rdatatype_t
+dns_zone_getprivatetype(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ return zone->privatetype;
+}
+
+void
+dns_zone_setautomatic(dns_zone_t *zone, bool automatic) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ zone->automatic = automatic;
+ UNLOCK_ZONE(zone);
+}
+
+bool
+dns_zone_getautomatic(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ return zone->automatic;
+}
+
+void
+dns_zone_setadded(dns_zone_t *zone, bool added) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ zone->added = added;
+ UNLOCK_ZONE(zone);
+}
+
+bool
+dns_zone_getadded(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ return zone->added;
+}
+
+void
+dns_zone_setmodded(dns_zone_t *zone, bool modded) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ LOCK_ZONE(zone);
+ zone->modded = modded;
+ UNLOCK_ZONE(zone);
+}
+
+bool
+dns_zone_getmodded(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ return zone->modded;
+}
+
+isc_result_t
+dns_zone_setrefreshkeyinterval(dns_zone_t *zone, uint32_t interval) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ if (interval == 0) {
+ return ISC_R_RANGE;
+ }
+ /* Maximum value: 24 hours (3600 minutes) */
+ if (interval > (24 * 60)) {
+ interval = (24 * 60);
+ }
+ /* Multiply by 60 for seconds */
+ zone->refreshkeyinterval = interval * 60;
+ return ISC_R_SUCCESS;
+}
+
+void
+dns_zone_setrequestixfr(dns_zone_t *zone, bool flag) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ zone->requestixfr = flag;
+}
+
+bool
+dns_zone_getrequestixfr(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ return zone->requestixfr;
+}
+
+void
+dns_zone_setrequestixfrmaxdiffs(dns_zone_t *zone, uint32_t maxdiffs) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ zone->requestixfr_maxdiffs = maxdiffs;
+}
+
+bool
+dns_zone_getrequestixfrmaxdiffs(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ return zone->requestixfr_maxdiffs;
+}
+
+void
+dns_zone_setixfrratio(dns_zone_t *zone, uint32_t ratio) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ zone->ixfr_ratio = ratio;
+}
+
+uint32_t
+dns_zone_getixfrratio(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ return zone->ixfr_ratio;
+}
+
+void
+dns_zone_setrequestexpire(dns_zone_t *zone, bool flag) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ zone->requestexpire = flag;
+}
+
+bool
+dns_zone_getrequestexpire(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ return zone->requestexpire;
+}
+
+void
+dns_zone_setserialupdatemethod(dns_zone_t *zone, dns_updatemethod_t method) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ zone->updatemethod = method;
+}
+
+dns_updatemethod_t
+dns_zone_getserialupdatemethod(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ return zone->updatemethod;
+}
+
+isc_result_t
+dns_zone_getloadtime(dns_zone_t *zone, isc_time_t *loadtime) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(loadtime != NULL);
+
+ LOCK_ZONE(zone);
+ *loadtime = zone->loadtime;
+ UNLOCK_ZONE(zone);
+ return ISC_R_SUCCESS;
+}
+
+isc_result_t
+dns_zone_getexpiretime(dns_zone_t *zone, isc_time_t *expiretime) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(expiretime != NULL);
+
+ LOCK_ZONE(zone);
+ *expiretime = zone->expiretime;
+ UNLOCK_ZONE(zone);
+ return ISC_R_SUCCESS;
+}
+
+isc_result_t
+dns_zone_getrefreshtime(dns_zone_t *zone, isc_time_t *refreshtime) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(refreshtime != NULL);
+
+ LOCK_ZONE(zone);
+ *refreshtime = zone->refreshtime;
+ UNLOCK_ZONE(zone);
+ return ISC_R_SUCCESS;
+}
+
+isc_result_t
+dns_zone_getrefreshkeytime(dns_zone_t *zone, isc_time_t *refreshkeytime) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(refreshkeytime != NULL);
+
+ LOCK_ZONE(zone);
+ *refreshkeytime = zone->refreshkeytime;
+ UNLOCK_ZONE(zone);
+ return ISC_R_SUCCESS;
+}
+
+void
+dns_zone_setstatlevel(dns_zone_t *zone, dns_zonestat_level_t level) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ zone->statlevel = level;
+}
+
+dns_zonestat_level_t
+dns_zone_getstatlevel(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->statlevel;
+}
+
+isc_mem_t *
+dns_zone_getmem(dns_zone_t *zone) {
+ return zone->mctx;
+}
+
+unsigned int
+dns_zone_gettid(dns_zone_t *zone) {
+ return zone->tid;
+}
+
+isc_loop_t *
+dns_zone_getloop(dns_zone_t *zone) {
+ return zone->loop;
+}
+
+isc_result_t
+dns_zone_getrad(dns_zone_t *zone, dns_name_t *name) {
+ isc_result_t result = ISC_R_NOTFOUND;
+
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(DNS_NAME_VALID(name));
+
+ rcu_read_lock();
+ dns_rad_t *rad = rcu_dereference(zone->rad);
+ if (rad != NULL) {
+ dns_name_t *inner = dns_fixedname_name(&rad->fname);
+ dns_name_copy(inner, name);
+ result = ISC_R_SUCCESS;
+ }
+ rcu_read_unlock();
+
+ return result;
+}
+
+void
+dns_zone_setrad(dns_zone_t *zone, dns_name_t *name) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(name == NULL || DNS_NAME_VALID(name));
+
+ rcu_read_lock();
+ dns_rad_t *new_rad = NULL;
+ if (name != NULL) {
+ new_rad = isc_mem_get(zone->mctx, sizeof(*new_rad));
+ *new_rad = (dns_rad_t){};
+ dns_fixedname_init(&new_rad->fname);
+
+ isc_mem_attach(zone->mctx, &new_rad->mctx);
+ dns_name_copy(name, dns_fixedname_name(&new_rad->fname));
+ }
+ dns_rad_t *xchg_rad = rcu_xchg_pointer(&zone->rad, new_rad);
+
+ if (xchg_rad != NULL) {
+ call_rcu(&xchg_rad->rcu_head, free_rad_rcu);
+ }
+ rcu_read_unlock();
+}
+
+void *
+dns_zone_gethooktable(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ return zone->hooktable;
+}
+
+void
+dns_zone_sethooktable(dns_zone_t *zone, void *hooktable,
+ void (*hooktable_free)(isc_mem_t *, void **)) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(zone->hooktable == NULL);
+ REQUIRE(zone->hooktable_free == NULL);
+
+ zone->hooktable = hooktable;
+ zone->hooktable_free = hooktable_free;
+}
+
+void
+dns_zone_setcfg(dns_zone_t *zone, const char *cfg) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ if (zone->cfg != NULL) {
+ isc_mem_free(zone->mctx, zone->cfg);
+ }
+ if (cfg != NULL) {
+ zone->cfg = isc_mem_strdup(zone->mctx, cfg);
+ }
+}
+
+const char *
+dns_zone_getcfg(dns_zone_t *zone) {
+ REQUIRE(DNS_ZONE_VALID(zone));
+
+ return zone->cfg;
+}
#include <dns/rdataclass.h>
#include <dns/view.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include <dns/zt.h>
#define ZTMAGIC ISC_MAGIC('Z', 'T', 'b', 'l')
#include <dns/tsig.h>
#include <dns/view.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include <ns/client.h>
#include <ns/interfacemgr.h>
#include <dns/tsig.h>
#include <dns/view.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include <dns/zt.h>
#include <ns/notify.h>
#include <dns/types.h>
#include <dns/view.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include <dns/zt.h>
#include <ns/client.h>
#include <dns/update.h>
#include <dns/view.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include <dns/zt.h>
#include <ns/client.h>
#include <dns/tsig.h>
#include <dns/view.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include <dns/zt.h>
#include <ns/client.h>
#include <dns/db.h>
#include <dns/lib.h>
#include <dns/nsec3.h>
+#include <dns/zoneproperties.h>
#include "zone_p.h"
#include <dns/rdatatype.h>
#include <dns/types.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include <dst/dst.h>
#include <dns/lib.h>
#include <dns/view.h>
+#include <dns/zoneproperties.h>
#include <tests/dns.h>
#include <dns/name.h>
#include <dns/view.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include <tests/dns.h>
#include <dns/name.h>
#include <dns/view.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include <dns/zt.h>
#include <tests/dns.h>
#include <dns/name.h>
#include <dns/view.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include <tests/dns.h>
#include <dns/name.h>
#include <dns/view.h>
#include <dns/zone.h>
+#include <dns/zoneproperties.h>
#include <ns/client.h>
#include <ns/hooks.h>
projects / thirdparty / bind9.git / commitdiff
