1/*
2 * Copyright (C) 2004-2013  Internet Systems Consortium, Inc. ("ISC")
3 * Copyright (C) 1999-2003  Internet Software Consortium.
4 *
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11 * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15 * PERFORMANCE OF THIS SOFTWARE.
16 */
17
18/* $Id$ */
19
20#ifndef NAMED_SERVER_H
21#define NAMED_SERVER_H 1
22
23/*! \file */
24
25#include <isc/log.h>
26#include <isc/magic.h>
27#include <isc/quota.h>
28#include <isc/sockaddr.h>
29#include <isc/types.h>
30#include <isc/xml.h>
31
32#include <dns/acl.h>
33#include <dns/types.h>
34
35#include <named/types.h>
36
37#define NS_EVENTCLASS		ISC_EVENTCLASS(0x4E43)
38#define NS_EVENT_RELOAD		(NS_EVENTCLASS + 0)
39#define NS_EVENT_CLIENTCONTROL	(NS_EVENTCLASS + 1)
40
41/*%
42 * Name server state.  Better here than in lots of separate global variables.
43 */
44struct ns_server {
45	unsigned int		magic;
46	isc_mem_t *		mctx;
47
48	isc_task_t *		task;
49
50	/* Configurable data. */
51	isc_quota_t		xfroutquota;
52	isc_quota_t		tcpquota;
53	isc_quota_t		recursionquota;
54	dns_acl_t		*blackholeacl;
55	char *			statsfile;	/*%< Statistics file name */
56	char *			dumpfile;	/*%< Dump file name */
57	char *			secrootsfile;	/*%< Secroots file name */
58	char *			bindkeysfile;	/*%< bind.keys file name */
59	char *			recfile;	/*%< Recursive file name */
60	isc_boolean_t		version_set;	/*%< User has set version */
61	char *			version;	/*%< User-specified version */
62	isc_boolean_t		hostname_set;	/*%< User has set hostname */
63	char *			hostname;	/*%< User-specified hostname */
64	/*% Use hostname for server id */
65	isc_boolean_t		server_usehostname;
66	char *			server_id;	/*%< User-specified server id */
67
68	/*%
69	 * Current ACL environment.  This defines the
70	 * current values of the localhost and localnets
71	 * ACLs.
72	 */
73	dns_aclenv_t		aclenv;
74
75	/* Server data structures. */
76	dns_loadmgr_t *		loadmgr;
77	dns_zonemgr_t *		zonemgr;
78	dns_viewlist_t		viewlist;
79	ns_interfacemgr_t *	interfacemgr;
80	dns_db_t *		in_roothints;
81	dns_tkeyctx_t *		tkeyctx;
82
83	isc_timer_t *		interface_timer;
84	isc_timer_t *		heartbeat_timer;
85	isc_timer_t *		pps_timer;
86
87	isc_uint32_t		interface_interval;
88	isc_uint32_t		heartbeat_interval;
89
90	isc_mutex_t		reload_event_lock;
91	isc_event_t *		reload_event;
92
93	isc_boolean_t		flushonshutdown;
94	isc_boolean_t		log_queries;	/*%< For BIND 8 compatibility */
95
96	ns_cachelist_t		cachelist;	/*%< Possibly shared caches */
97	isc_stats_t *		nsstats;	/*%< Server stats */
98	dns_stats_t *		rcvquerystats;	/*% Incoming query stats */
99	dns_stats_t *		opcodestats;	/*%< Incoming message stats */
100	isc_stats_t *		zonestats;	/*% Zone management stats */
101	isc_stats_t  *		resolverstats;	/*% Resolver stats */
102	isc_stats_t *		sockstats;	/*%< Socket stats */
103
104	ns_controls_t *		controls;	/*%< Control channels */
105	unsigned int		dispatchgen;
106	ns_dispatchlist_t	dispatches;
107
108	dns_acache_t		*acache;
109
110	ns_statschannellist_t	statschannels;
111
112	dns_tsigkey_t		*sessionkey;
113	char			*session_keyfile;
114	dns_name_t		*session_keyname;
115	unsigned int		session_keyalg;
116	isc_uint16_t		session_keybits;
117};
118
119#define NS_SERVER_MAGIC			ISC_MAGIC('S','V','E','R')
120#define NS_SERVER_VALID(s)		ISC_MAGIC_VALID(s, NS_SERVER_MAGIC)
121
122/*%
123 * Server statistics counters.  Used as isc_statscounter_t values.
124 */
125enum {
126	dns_nsstatscounter_requestv4 = 0,
127	dns_nsstatscounter_requestv6 = 1,
128	dns_nsstatscounter_edns0in = 2,
129	dns_nsstatscounter_badednsver = 3,
130	dns_nsstatscounter_tsigin = 4,
131	dns_nsstatscounter_sig0in = 5,
132	dns_nsstatscounter_invalidsig = 6,
133	dns_nsstatscounter_tcp = 7,
134
135	dns_nsstatscounter_authrej = 8,
136	dns_nsstatscounter_recurserej = 9,
137	dns_nsstatscounter_xfrrej = 10,
138	dns_nsstatscounter_updaterej = 11,
139
140	dns_nsstatscounter_response = 12,
141	dns_nsstatscounter_truncatedresp = 13,
142	dns_nsstatscounter_edns0out = 14,
143	dns_nsstatscounter_tsigout = 15,
144	dns_nsstatscounter_sig0out = 16,
145
146	dns_nsstatscounter_success = 17,
147	dns_nsstatscounter_authans = 18,
148	dns_nsstatscounter_nonauthans = 19,
149	dns_nsstatscounter_referral = 20,
150	dns_nsstatscounter_nxrrset = 21,
151	dns_nsstatscounter_servfail = 22,
152	dns_nsstatscounter_formerr = 23,
153	dns_nsstatscounter_nxdomain = 24,
154	dns_nsstatscounter_recursion = 25,
155	dns_nsstatscounter_duplicate = 26,
156	dns_nsstatscounter_dropped = 27,
157	dns_nsstatscounter_failure = 28,
158
159	dns_nsstatscounter_xfrdone = 29,
160
161	dns_nsstatscounter_updatereqfwd = 30,
162	dns_nsstatscounter_updaterespfwd = 31,
163	dns_nsstatscounter_updatefwdfail = 32,
164	dns_nsstatscounter_updatedone = 33,
165	dns_nsstatscounter_updatefail = 34,
166	dns_nsstatscounter_updatebadprereq = 35,
167
168	dns_nsstatscounter_rpz_rewrites = 36,
169
170#ifdef USE_RRL
171	dns_nsstatscounter_ratedropped = 37,
172	dns_nsstatscounter_rateslipped = 38,
173
174	dns_nsstatscounter_max = 39
175#else /* USE_RRL */
176	dns_nsstatscounter_max = 37
177#endif /* USE_RRL */
178};
179
180void
181ns_server_create(isc_mem_t *mctx, ns_server_t **serverp);
182/*%<
183 * Create a server object with default settings.
184 * This function either succeeds or causes the program to exit
185 * with a fatal error.
186 */
187
188void
189ns_server_destroy(ns_server_t **serverp);
190/*%<
191 * Destroy a server object, freeing its memory.
192 */
193
194void
195ns_server_reloadwanted(ns_server_t *server);
196/*%<
197 * Inform a server that a reload is wanted.  This function
198 * may be called asynchronously, from outside the server's task.
199 * If a reload is already scheduled or in progress, the call
200 * is ignored.
201 */
202
203void
204ns_server_flushonshutdown(ns_server_t *server, isc_boolean_t flush);
205/*%<
206 * Inform the server that the zones should be flushed to disk on shutdown.
207 */
208
209isc_result_t
210ns_server_reloadcommand(ns_server_t *server, char *args, isc_buffer_t *text);
211/*%<
212 * Act on a "reload" command from the command channel.
213 */
214
215isc_result_t
216ns_server_reconfigcommand(ns_server_t *server, char *args);
217/*%<
218 * Act on a "reconfig" command from the command channel.
219 */
220
221isc_result_t
222ns_server_notifycommand(ns_server_t *server, char *args, isc_buffer_t *text);
223/*%<
224 * Act on a "notify" command from the command channel.
225 */
226
227isc_result_t
228ns_server_refreshcommand(ns_server_t *server, char *args, isc_buffer_t *text);
229/*%<
230 * Act on a "refresh" command from the command channel.
231 */
232
233isc_result_t
234ns_server_retransfercommand(ns_server_t *server, char *args,
235			    isc_buffer_t *text);
236/*%<
237 * Act on a "retransfer" command from the command channel.
238 */
239
240isc_result_t
241ns_server_togglequerylog(ns_server_t *server, char *args);
242/*%<
243 * Enable/disable logging of queries.  (Takes "yes" or "no" argument,
244 * but can also be used as a toggle for backward comptibility.)
245 */
246
247/*%
248 * Dump the current statistics to the statistics file.
249 */
250isc_result_t
251ns_server_dumpstats(ns_server_t *server);
252
253/*%
254 * Dump the current cache to the dump file.
255 */
256isc_result_t
257ns_server_dumpdb(ns_server_t *server, char *args);
258
259/*%
260 * Dump the current security roots to the secroots file.
261 */
262isc_result_t
263ns_server_dumpsecroots(ns_server_t *server, char *args);
264
265/*%
266 * Change or increment the server debug level.
267 */
268isc_result_t
269ns_server_setdebuglevel(ns_server_t *server, char *args);
270
271/*%
272 * Flush the server's cache(s)
273 */
274isc_result_t
275ns_server_flushcache(ns_server_t *server, char *args);
276
277/*%
278 * Flush a particular name from the server's cache.  If 'tree' is false,
279 * also flush the name from the ADB and badcache.  If 'tree' is true, also
280 * flush all the names under the specified name.
281 */
282isc_result_t
283ns_server_flushnode(ns_server_t *server, char *args, isc_boolean_t tree);
284
285/*%
286 * Report the server's status.
287 */
288isc_result_t
289ns_server_status(ns_server_t *server, isc_buffer_t *text);
290
291/*%
292 * Report a list of dynamic and static tsig keys, per view.
293 */
294isc_result_t
295ns_server_tsiglist(ns_server_t *server, isc_buffer_t *text);
296
297/*%
298 * Delete a specific key (with optional view).
299 */
300isc_result_t
301ns_server_tsigdelete(ns_server_t *server, char *command, isc_buffer_t *text);
302
303/*%
304 * Enable or disable updates for a zone.
305 */
306isc_result_t
307ns_server_freeze(ns_server_t *server, isc_boolean_t freeze, char *args,
308		 isc_buffer_t *text);
309
310/*%
311 * Dump zone updates to disk, optionally removing the journal file
312 */
313isc_result_t
314ns_server_sync(ns_server_t *server, char *args, isc_buffer_t *text);
315
316/*%
317 * Update a zone's DNSKEY set from the key repository.  If
318 * the command that triggered the call to this function was "sign",
319 * then force a full signing of the zone.  If it was "loadkeys",
320 * then don't sign the zone; any needed changes to signatures can
321 * take place incrementally.
322 */
323isc_result_t
324ns_server_rekey(ns_server_t *server, char *args, isc_buffer_t *text);
325
326/*%
327 * Dump the current recursive queries.
328 */
329isc_result_t
330ns_server_dumprecursing(ns_server_t *server);
331
332/*%
333 * Maintain a list of dispatches that require reserved ports.
334 */
335void
336ns_add_reserved_dispatch(ns_server_t *server, const isc_sockaddr_t *addr);
337
338/*%
339 * Enable or disable dnssec validation.
340 */
341isc_result_t
342ns_server_validation(ns_server_t *server, char *args);
343
344/*%
345 * Add a zone to a running process
346 */
347isc_result_t
348ns_server_add_zone(ns_server_t *server, char *args);
349
350/*%
351 * Deletes a zone from a running process
352 */
353isc_result_t
354ns_server_del_zone(ns_server_t *server, char *args, isc_buffer_t *text);
355
356/*%
357 * Lists the status of the signing records for a given zone.
358 */
359isc_result_t
360ns_server_signing(ns_server_t *server, char *args, isc_buffer_t *text);
361#endif /* NAMED_SERVER_H */
362