1/*
2 * Copyright (C) 2004-2012  Internet Systems Consortium, Inc. ("ISC")
3 * Copyright (C) 1999-2003  Internet Software Consortium.
4 *
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11 * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15 * PERFORMANCE OF THIS SOFTWARE.
16 */
17
18/* $Id$ */
19
20#ifndef DNS_ZONE_H
21#define DNS_ZONE_H 1
22
23/*! \file dns/zone.h */
24
25/***
26 ***	Imports
27 ***/
28
29#include <stdio.h>
30
31#include <isc/formatcheck.h>
32#include <isc/lang.h>
33#include <isc/rwlock.h>
34
35#include <dns/masterdump.h>
36#include <dns/rdatastruct.h>
37#include <dns/types.h>
38
39typedef enum {
40	dns_zone_none,
41	dns_zone_master,
42	dns_zone_slave,
43	dns_zone_stub,
44	dns_zone_staticstub,
45	dns_zone_key,
46	dns_zone_dlz
47} dns_zonetype_t;
48
49#define DNS_ZONEOPT_SERVERS	  0x00000001U	/*%< perform server checks */
50#define DNS_ZONEOPT_PARENTS	  0x00000002U	/*%< perform parent checks */
51#define DNS_ZONEOPT_CHILDREN	  0x00000004U	/*%< perform child checks */
52#define DNS_ZONEOPT_NOTIFY	  0x00000008U	/*%< perform NOTIFY */
53#define DNS_ZONEOPT_MANYERRORS	  0x00000010U	/*%< return many errors on load */
54#define DNS_ZONEOPT_IXFRFROMDIFFS 0x00000020U	/*%< calculate differences */
55#define DNS_ZONEOPT_NOMERGE	  0x00000040U	/*%< don't merge journal */
56#define DNS_ZONEOPT_CHECKNS	  0x00000080U	/*%< check if NS's are addresses */
57#define DNS_ZONEOPT_FATALNS	  0x00000100U	/*%< DNS_ZONEOPT_CHECKNS is fatal */
58#define DNS_ZONEOPT_MULTIMASTER	  0x00000200U	/*%< this zone has multiple masters */
59#define DNS_ZONEOPT_USEALTXFRSRC  0x00000400U	/*%< use alternate transfer sources */
60#define DNS_ZONEOPT_CHECKNAMES	  0x00000800U	/*%< check-names */
61#define DNS_ZONEOPT_CHECKNAMESFAIL 0x00001000U	/*%< fatal check-name failures */
62#define DNS_ZONEOPT_CHECKWILDCARD 0x00002000U	/*%< check for internal wildcards */
63#define DNS_ZONEOPT_CHECKMX	  0x00004000U	/*%< check-mx */
64#define DNS_ZONEOPT_CHECKMXFAIL   0x00008000U	/*%< fatal check-mx failures */
65#define DNS_ZONEOPT_CHECKINTEGRITY 0x00010000U	/*%< perform integrity checks */
66#define DNS_ZONEOPT_CHECKSIBLING  0x00020000U	/*%< perform sibling glue checks */
67#define DNS_ZONEOPT_NOCHECKNS	  0x00040000U	/*%< disable IN NS address checks */
68#define DNS_ZONEOPT_WARNMXCNAME	  0x00080000U	/*%< warn on MX CNAME check */
69#define DNS_ZONEOPT_IGNOREMXCNAME 0x00100000U	/*%< ignore MX CNAME check */
70#define DNS_ZONEOPT_WARNSRVCNAME  0x00200000U	/*%< warn on SRV CNAME check */
71#define DNS_ZONEOPT_IGNORESRVCNAME 0x00400000U	/*%< ignore SRV CNAME check */
72#define DNS_ZONEOPT_UPDATECHECKKSK 0x00800000U	/*%< check dnskey KSK flag */
73#define DNS_ZONEOPT_TRYTCPREFRESH 0x01000000U	/*%< try tcp refresh on udp failure */
74#define DNS_ZONEOPT_NOTIFYTOSOA	  0x02000000U	/*%< Notify the SOA MNAME */
75#define DNS_ZONEOPT_NSEC3TESTZONE 0x04000000U	/*%< nsec3-test-zone */
76#define DNS_ZONEOPT_SECURETOINSECURE 0x08000000U /*%< dnssec-secure-to-insecure */
77#define DNS_ZONEOPT_DNSKEYKSKONLY 0x10000000U	/*%< dnssec-dnskey-kskonly */
78#define DNS_ZONEOPT_CHECKDUPRR	  0x20000000U   /*%< check-dup-records */
79#define DNS_ZONEOPT_CHECKDUPRRFAIL 0x40000000U	/*%< fatal check-dup-records failures */
80
81#ifndef NOMINUM_PUBLIC
82/*
83 * Nominum specific options build down.
84 */
85#define DNS_ZONEOPT_NOTIFYFORWARD 0x80000000U	/* forward notify to master */
86#endif /* NOMINUM_PUBLIC */
87
88/*
89 * Zone key maintenance options
90 */
91#define DNS_ZONEKEY_ALLOW	0x00000001U	/*%< fetch keys on command */
92#define DNS_ZONEKEY_MAINTAIN	0x00000002U	/*%< publish/sign on schedule */
93#define DNS_ZONEKEY_CREATE	0x00000004U	/*%< make keys when needed */
94#define DNS_ZONEKEY_FULLSIGN    0x00000008U     /*%< roll to new keys immediately */
95
96#ifndef DNS_ZONE_MINREFRESH
97#define DNS_ZONE_MINREFRESH		    300	/*%< 5 minutes */
98#endif
99#ifndef DNS_ZONE_MAXREFRESH
100#define DNS_ZONE_MAXREFRESH		2419200	/*%< 4 weeks */
101#endif
102#ifndef DNS_ZONE_DEFAULTREFRESH
103#define DNS_ZONE_DEFAULTREFRESH		   3600	/*%< 1 hour */
104#endif
105#ifndef DNS_ZONE_MINRETRY
106#define DNS_ZONE_MINRETRY		    300	/*%< 5 minutes */
107#endif
108#ifndef DNS_ZONE_MAXRETRY
109#define DNS_ZONE_MAXRETRY		1209600	/*%< 2 weeks */
110#endif
111#ifndef DNS_ZONE_DEFAULTRETRY
112#define DNS_ZONE_DEFAULTRETRY		     60	/*%< 1 minute, subject to
113						   exponential backoff */
114#endif
115
116#define DNS_ZONESTATE_XFERRUNNING	1
117#define DNS_ZONESTATE_XFERDEFERRED	2
118#define DNS_ZONESTATE_SOAQUERY		3
119#define DNS_ZONESTATE_ANY		4
120
121ISC_LANG_BEGINDECLS
122
123/***
124 ***	Functions
125 ***/
126
127isc_result_t
128dns_zone_create(dns_zone_t **zonep, isc_mem_t *mctx);
129/*%<
130 *	Creates a new empty zone and attach '*zonep' to it.
131 *
132 * Requires:
133 *\li	'zonep' to point to a NULL pointer.
134 *\li	'mctx' to be a valid memory context.
135 *
136 * Ensures:
137 *\li	'*zonep' refers to a valid zone.
138 *
139 * Returns:
140 *\li	#ISC_R_SUCCESS
141 *\li	#ISC_R_NOMEMORY
142 *\li	#ISC_R_UNEXPECTED
143 */
144
145void
146dns_zone_setclass(dns_zone_t *zone, dns_rdataclass_t rdclass);
147/*%<
148 *	Sets the class of a zone.  This operation can only be performed
149 *	once on a zone.
150 *
151 * Require:
152 *\li	'zone' to be a valid zone.
153 *\li	dns_zone_setclass() not to have been called since the zone was
154 *	created.
155 *\li	'rdclass' != dns_rdataclass_none.
156 */
157
158dns_rdataclass_t
159dns_zone_getclass(dns_zone_t *zone);
160/*%<
161 *	Returns the current zone class.
162 *
163 * Requires:
164 *\li	'zone' to be a valid zone.
165 */
166
167isc_result_t
168dns_zone_getserial2(dns_zone_t *zone, isc_uint32_t *serialp);
169
170isc_uint32_t
171dns_zone_getserial(dns_zone_t *zone);
172/*%<
173 *	Returns the current serial number of the zone.  On success, the SOA
174 *	serial of the zone will be copied into '*serialp'.
175 *	dns_zone_getserial() cannot catch failure cases and is deprecated by
176 *	dns_zone_getserial2().
177 *
178 * Requires:
179 *\li	'zone' to be a valid zone.
180 *\li	'serialp' to be non NULL
181 *
182 * Returns:
183 *\li	#ISC_R_SUCCESS
184 *\li	#DNS_R_NOTLOADED	zone DB is not loaded
185 */
186
187void
188dns_zone_settype(dns_zone_t *zone, dns_zonetype_t type);
189/*%<
190 *	Sets the zone type. This operation can only be performed once on
191 *	a zone.
192 *
193 * Requires:
194 *\li	'zone' to be a valid zone.
195 *\li	dns_zone_settype() not to have been called since the zone was
196 *	created.
197 *\li	'type' != dns_zone_none
198 */
199
200void
201dns_zone_setview(dns_zone_t *zone, dns_view_t *view);
202/*%<
203 *	Associate the zone with a view.
204 *
205 * Require:
206 *\li	'zone' to be a valid zone.
207 */
208
209dns_view_t *
210dns_zone_getview(dns_zone_t *zone);
211/*%<
212 *	Returns the zone's associated view.
213 *
214 * Requires:
215 *\li	'zone' to be a valid zone.
216 */
217
218isc_result_t
219dns_zone_setorigin(dns_zone_t *zone, const dns_name_t *origin);
220/*%<
221 *	Sets the zones origin to 'origin'.
222 *
223 * Require:
224 *\li	'zone' to be a valid zone.
225 *\li	'origin' to be non NULL.
226 *
227 * Returns:
228 *\li	#ISC_R_SUCCESS
229 *\li 	#ISC_R_NOMEMORY
230 */
231
232dns_name_t *
233dns_zone_getorigin(dns_zone_t *zone);
234/*%<
235 *	Returns the value of the origin.
236 *
237 * Require:
238 *\li	'zone' to be a valid zone.
239 */
240
241isc_result_t
242dns_zone_setfile(dns_zone_t *zone, const char *file);
243
244isc_result_t
245dns_zone_setfile2(dns_zone_t *zone, const char *file,
246		  dns_masterformat_t format);
247/*%<
248 *    Sets the name of the master file in the format of 'format' from which
249 *    the zone loads its database to 'file'.
250 *
251 *    For zones that have no associated master file, 'file' will be NULL.
252 *
253 *	For zones with persistent databases, the file name
254 *	setting is ignored.
255 *
256 *    dns_zone_setfile() is a backward-compatible form of
257 *    dns_zone_setfile2(), which always specifies the
258 *    dns_masterformat_text (RFC1035) format.
259 *
260 * Require:
261 *\li	'zone' to be a valid zone.
262 *
263 * Returns:
264 *\li	#ISC_R_NOMEMORY
265 *\li	#ISC_R_SUCCESS
266 */
267
268const char *
269dns_zone_getfile(dns_zone_t *zone);
270/*%<
271 * 	Gets the name of the zone's master file, if any.
272 *
273 * Requires:
274 *\li	'zone' to be valid initialised zone.
275 *
276 * Returns:
277 *\li	Pointer to null-terminated file name, or NULL.
278 */
279
280isc_result_t
281dns_zone_load(dns_zone_t *zone);
282
283isc_result_t
284dns_zone_loadnew(dns_zone_t *zone);
285
286isc_result_t
287dns_zone_loadandthaw(dns_zone_t *zone);
288/*%<
289 *	Cause the database to be loaded from its backing store.
290 *	Confirm that the minimum requirements for the zone type are
291 *	met, otherwise DNS_R_BADZONE is returned.
292 *
293 *	dns_zone_loadnew() only loads zones that are not yet loaded.
294 *	dns_zone_load() also loads zones that are already loaded and
295 *	and whose master file has changed since the last load.
296 *	dns_zone_loadandthaw() is similar to dns_zone_load() but will
297 *	also re-enable DNS UPDATEs when the load completes.
298 *
299 * Require:
300 *\li	'zone' to be a valid zone.
301 *
302 * Returns:
303 *\li	#ISC_R_UNEXPECTED
304 *\li	#ISC_R_SUCCESS
305 *\li	DNS_R_CONTINUE	  Incremental load has been queued.
306 *\li	DNS_R_UPTODATE	  The zone has already been loaded based on
307 *			  file system timestamps.
308 *\li	DNS_R_BADZONE
309 *\li	Any result value from dns_db_load().
310 */
311
312void
313dns_zone_attach(dns_zone_t *source, dns_zone_t **target);
314/*%<
315 *	Attach '*target' to 'source' incrementing its external
316 * 	reference count.
317 *
318 * Require:
319 *\li	'zone' to be a valid zone.
320 *\li	'target' to be non NULL and '*target' to be NULL.
321 */
322
323void
324dns_zone_detach(dns_zone_t **zonep);
325/*%<
326 *	Detach from a zone decrementing its external reference count.
327 *	If this was the last external reference to the zone it will be
328 * 	shut down and eventually freed.
329 *
330 * Require:
331 *\li	'zonep' to point to a valid zone.
332 */
333
334void
335dns_zone_iattach(dns_zone_t *source, dns_zone_t **target);
336/*%<
337 *	Attach '*target' to 'source' incrementing its internal
338 * 	reference count.  This is intended for use by operations
339 * 	such as zone transfers that need to prevent the zone
340 * 	object from being freed but not from shutting down.
341 *
342 * Require:
343 *\li	The caller is running in the context of the zone's task.
344 *\li	'zone' to be a valid zone.
345 *\li	'target' to be non NULL and '*target' to be NULL.
346 */
347
348void
349dns_zone_idetach(dns_zone_t **zonep);
350/*%<
351 *	Detach from a zone decrementing its internal reference count.
352 *	If there are no more internal or external references to the
353 * 	zone, it will be freed.
354 *
355 * Require:
356 *\li	The caller is running in the context of the zone's task.
357 *\li	'zonep' to point to a valid zone.
358 */
359
360void
361dns_zone_setflag(dns_zone_t *zone, unsigned int flags, isc_boolean_t value);
362/*%<
363 *	Sets ('value' == 'ISC_TRUE') / clears ('value' == 'IS_FALSE')
364 *	zone flags.  Valid flag bits are DNS_ZONE_F_*.
365 *
366 * Requires
367 *\li	'zone' to be a valid zone.
368 */
369
370isc_result_t
371dns_zone_getdb(dns_zone_t *zone, dns_db_t **dbp);
372/*%<
373 * 	Attach '*dbp' to the database to if it exists otherwise
374 *	return DNS_R_NOTLOADED.
375 *
376 * Require:
377 *\li	'zone' to be a valid zone.
378 *\li	'dbp' to be != NULL && '*dbp' == NULL.
379 *
380 * Returns:
381 *\li	#ISC_R_SUCCESS
382 *\li	DNS_R_NOTLOADED
383 */
384
385void
386dns_zone_setdb(dns_zone_t *zone, dns_db_t *db);
387/*%<
388 *	Sets the zone database to 'db'.
389 *
390 *	This function is expected to be used to configure a zone with a
391 *	database which is not loaded from a file or zone transfer.
392 *	It can be used for a general purpose zone, but right now its use
393 *	is limited to static-stub zones to avoid possible undiscovered
394 *	problems in the general cases.
395 *
396 * Require:
397 *\li	'zone' to be a valid zone of static-stub.
398 *\li	zone doesn't have a database.
399 */
400
401isc_result_t
402dns_zone_setdbtype(dns_zone_t *zone,
403		   unsigned int dbargc, const char * const *dbargv);
404/*%<
405 *	Sets the database type to dbargv[0] and database arguments
406 *	to subsequent dbargv elements.
407 *	'db_type' is not checked to see if it is a valid database type.
408 *
409 * Require:
410 *\li	'zone' to be a valid zone.
411 *\li	'database' to be non NULL.
412 *\li	'dbargc' to be >= 1
413 *\li	'dbargv' to point to dbargc NULL-terminated strings
414 *
415 * Returns:
416 *\li	#ISC_R_NOMEMORY
417 *\li	#ISC_R_SUCCESS
418 */
419
420isc_result_t
421dns_zone_getdbtype(dns_zone_t *zone, char ***argv, isc_mem_t *mctx);
422/*%<
423 *	Returns the current dbtype.  isc_mem_free() should be used
424 * 	to free 'argv' after use.
425 *
426 * Require:
427 *\li	'zone' to be a valid zone.
428 *\li	'argv' to be non NULL and *argv to be NULL.
429 *\li	'mctx' to be valid.
430 *
431 * Returns:
432 *\li	#ISC_R_NOMEMORY
433 *\li	#ISC_R_SUCCESS
434 */
435
436void
437dns_zone_markdirty(dns_zone_t *zone);
438/*%<
439 *	Mark a zone as 'dirty'.
440 *
441 * Require:
442 *\li	'zone' to be a valid zone.
443 */
444
445void
446dns_zone_expire(dns_zone_t *zone);
447/*%<
448 *	Mark the zone as expired.  If the zone requires dumping cause it to
449 *	be initiated.  Set the refresh and retry intervals to there default
450 *	values and unload the zone.
451 *
452 * Require
453 *\li	'zone' to be a valid zone.
454 */
455
456void
457dns_zone_refresh(dns_zone_t *zone);
458/*%<
459 *	Initiate zone up to date checks.  The zone must already be being
460 *	managed.
461 *
462 * Require
463 *\li	'zone' to be a valid zone.
464 */
465
466isc_result_t
467dns_zone_flush(dns_zone_t *zone);
468/*%<
469 *	Write the zone to database if there are uncommitted changes.
470 *
471 * Require:
472 *\li	'zone' to be a valid zone.
473 */
474
475isc_result_t
476dns_zone_dump(dns_zone_t *zone);
477/*%<
478 *	Write the zone to database.
479 *
480 * Require:
481 *\li	'zone' to be a valid zone.
482 */
483
484isc_result_t
485dns_zone_dumptostream(dns_zone_t *zone, FILE *fd);
486
487isc_result_t
488dns_zone_dumptostream2(dns_zone_t *zone, FILE *fd, dns_masterformat_t format,
489		       const dns_master_style_t *style);
490/*%<
491 *    Write the zone to stream 'fd' in the specified 'format'.
492 *    If the 'format' is dns_masterformat_text (RFC1035), 'style' also
493 *    specifies the file style (e.g., &dns_master_style_default).
494 *
495 *    dns_zone_dumptostream() is a backward-compatible form of
496 *    dns_zone_dumptostream2(), which always uses the dns_masterformat_text
497 *    format and the dns_master_style_default style.
498 *
499 *    Note that dns_zone_dumptostream2() is the most flexible form.  It
500 *    can also provide the functionality of dns_zone_fulldumptostream().
501 *
502 * Require:
503 *\li	'zone' to be a valid zone.
504 *\li	'fd' to be a stream open for writing.
505 */
506
507isc_result_t
508dns_zone_fulldumptostream(dns_zone_t *zone, FILE *fd);
509/*%<
510 *	The same as dns_zone_dumptostream, but dumps the zone with
511 *	different dump settings (dns_master_style_full).
512 *
513 * Require:
514 *\li	'zone' to be a valid zone.
515 *\li	'fd' to be a stream open for writing.
516 */
517
518void
519dns_zone_maintenance(dns_zone_t *zone);
520/*%<
521 *	Perform regular maintenance on the zone.  This is called as a
522 *	result of a zone being managed.
523 *
524 * Require
525 *\li	'zone' to be a valid zone.
526 */
527
528isc_result_t
529dns_zone_setmasters(dns_zone_t *zone, const isc_sockaddr_t *masters,
530		    isc_uint32_t count);
531isc_result_t
532dns_zone_setmasterswithkeys(dns_zone_t *zone,
533			    const isc_sockaddr_t *masters,
534			    dns_name_t **keynames,
535			    isc_uint32_t count);
536/*%<
537 *	Set the list of master servers for the zone.
538 *
539 * Require:
540 *\li	'zone' to be a valid zone.
541 *\li	'masters' array of isc_sockaddr_t with port set or NULL.
542 *\li	'count' the number of masters.
543 *\li      'keynames' array of dns_name_t's for tsig keys or NULL.
544 *
545 *  \li    dns_zone_setmasters() is just a wrapper to setmasterswithkeys(),
546 *      passing NULL in the keynames field.
547 *
548 * \li	If 'masters' is NULL then 'count' must be zero.
549 *
550 * Returns:
551 *\li	#ISC_R_SUCCESS
552 *\li	#ISC_R_NOMEMORY
553 *\li      Any result dns_name_dup() can return, if keynames!=NULL
554 */
555
556isc_result_t
557dns_zone_setalsonotify(dns_zone_t *zone, const isc_sockaddr_t *notify,
558		       isc_uint32_t count);
559/*%<
560 *	Set the list of additional servers to be notified when
561 *	a zone changes.	 To clear the list use 'count = 0'.
562 *
563 * Require:
564 *\li	'zone' to be a valid zone.
565 *\li	'notify' to be non-NULL if count != 0.
566 *\li	'count' to be the number of notifiees.
567 *
568 * Returns:
569 *\li	#ISC_R_SUCCESS
570 *\li	#ISC_R_NOMEMORY
571 */
572
573void
574dns_zone_unload(dns_zone_t *zone);
575/*%<
576 *	detach the database from the zone structure.
577 *
578 * Require:
579 *\li	'zone' to be a valid zone.
580 */
581
582void
583dns_zone_setoption(dns_zone_t *zone, unsigned int option, isc_boolean_t value);
584/*%<
585 *	Set given options on ('value' == ISC_TRUE) or off ('value' ==
586 *	#ISC_FALSE).
587 *
588 * Require:
589 *\li	'zone' to be a valid zone.
590 */
591
592unsigned int
593dns_zone_getoptions(dns_zone_t *zone);
594/*%<
595 *	Returns the current zone options.
596 *
597 * Require:
598 *\li	'zone' to be a valid zone.
599 */
600
601void
602dns_zone_setkeyopt(dns_zone_t *zone, unsigned int option, isc_boolean_t value);
603/*%<
604 *	Set key options on ('value' == ISC_TRUE) or off ('value' ==
605 *	#ISC_FALSE).
606 *
607 * Require:
608 *\li	'zone' to be a valid zone.
609 */
610
611unsigned int
612dns_zone_getkeyopts(dns_zone_t *zone);
613/*%<
614 *	Returns the current zone key options.
615 *
616 * Require:
617 *\li	'zone' to be a valid zone.
618 */
619
620void
621dns_zone_setminrefreshtime(dns_zone_t *zone, isc_uint32_t val);
622/*%<
623 *	Set the minimum refresh time.
624 *
625 * Requires:
626 *\li	'zone' is valid.
627 *\li	val > 0.
628 */
629
630void
631dns_zone_setmaxrefreshtime(dns_zone_t *zone, isc_uint32_t val);
632/*%<
633 *	Set the maximum refresh time.
634 *
635 * Requires:
636 *\li	'zone' is valid.
637 *\li	val > 0.
638 */
639
640void
641dns_zone_setminretrytime(dns_zone_t *zone, isc_uint32_t val);
642/*%<
643 *	Set the minimum retry time.
644 *
645 * Requires:
646 *\li	'zone' is valid.
647 *\li	val > 0.
648 */
649
650void
651dns_zone_setmaxretrytime(dns_zone_t *zone, isc_uint32_t val);
652/*%<
653 *	Set the maximum retry time.
654 *
655 * Requires:
656 *\li	'zone' is valid.
657 *	val > 0.
658 */
659
660isc_result_t
661dns_zone_setxfrsource4(dns_zone_t *zone, const isc_sockaddr_t *xfrsource);
662isc_result_t
663dns_zone_setaltxfrsource4(dns_zone_t *zone,
664			  const isc_sockaddr_t *xfrsource);
665/*%<
666 * 	Set the source address to be used in IPv4 zone transfers.
667 *
668 * Require:
669 *\li	'zone' to be a valid zone.
670 *\li	'xfrsource' to contain the address.
671 *
672 * Returns:
673 *\li	#ISC_R_SUCCESS
674 */
675
676isc_sockaddr_t *
677dns_zone_getxfrsource4(dns_zone_t *zone);
678isc_sockaddr_t *
679dns_zone_getaltxfrsource4(dns_zone_t *zone);
680/*%<
681 *	Returns the source address set by a previous dns_zone_setxfrsource4
682 *	call, or the default of inaddr_any, port 0.
683 *
684 * Require:
685 *\li	'zone' to be a valid zone.
686 */
687
688isc_result_t
689dns_zone_setxfrsource6(dns_zone_t *zone, const isc_sockaddr_t *xfrsource);
690isc_result_t
691dns_zone_setaltxfrsource6(dns_zone_t *zone,
692			  const isc_sockaddr_t *xfrsource);
693/*%<
694 * 	Set the source address to be used in IPv6 zone transfers.
695 *
696 * Require:
697 *\li	'zone' to be a valid zone.
698 *\li	'xfrsource' to contain the address.
699 *
700 * Returns:
701 *\li	#ISC_R_SUCCESS
702 */
703
704isc_sockaddr_t *
705dns_zone_getxfrsource6(dns_zone_t *zone);
706isc_sockaddr_t *
707dns_zone_getaltxfrsource6(dns_zone_t *zone);
708/*%<
709 *	Returns the source address set by a previous dns_zone_setxfrsource6
710 *	call, or the default of in6addr_any, port 0.
711 *
712 * Require:
713 *\li	'zone' to be a valid zone.
714 */
715
716isc_result_t
717dns_zone_setnotifysrc4(dns_zone_t *zone, const isc_sockaddr_t *notifysrc);
718/*%<
719 * 	Set the source address to be used with IPv4 NOTIFY messages.
720 *
721 * Require:
722 *\li	'zone' to be a valid zone.
723 *\li	'notifysrc' to contain the address.
724 *
725 * Returns:
726 *\li	#ISC_R_SUCCESS
727 */
728
729isc_sockaddr_t *
730dns_zone_getnotifysrc4(dns_zone_t *zone);
731/*%<
732 *	Returns the source address set by a previous dns_zone_setnotifysrc4
733 *	call, or the default of inaddr_any, port 0.
734 *
735 * Require:
736 *\li	'zone' to be a valid zone.
737 */
738
739isc_result_t
740dns_zone_setnotifysrc6(dns_zone_t *zone, const isc_sockaddr_t *notifysrc);
741/*%<
742 * 	Set the source address to be used with IPv6 NOTIFY messages.
743 *
744 * Require:
745 *\li	'zone' to be a valid zone.
746 *\li	'notifysrc' to contain the address.
747 *
748 * Returns:
749 *\li	#ISC_R_SUCCESS
750 */
751
752isc_sockaddr_t *
753dns_zone_getnotifysrc6(dns_zone_t *zone);
754/*%<
755 *	Returns the source address set by a previous dns_zone_setnotifysrc6
756 *	call, or the default of in6addr_any, port 0.
757 *
758 * Require:
759 *\li	'zone' to be a valid zone.
760 */
761
762void
763dns_zone_setnotifyacl(dns_zone_t *zone, dns_acl_t *acl);
764/*%<
765 *	Sets the notify acl list for the zone.
766 *
767 * Require:
768 *\li	'zone' to be a valid zone.
769 *\li	'acl' to be a valid acl.
770 */
771
772void
773dns_zone_setqueryacl(dns_zone_t *zone, dns_acl_t *acl);
774/*%<
775 *	Sets the query acl list for the zone.
776 *
777 * Require:
778 *\li	'zone' to be a valid zone.
779 *\li	'acl' to be a valid acl.
780 */
781
782void
783dns_zone_setqueryonacl(dns_zone_t *zone, dns_acl_t *acl);
784/*%<
785 *	Sets the query-on acl list for the zone.
786 *
787 * Require:
788 *\li	'zone' to be a valid zone.
789 *\li	'acl' to be a valid acl.
790 */
791
792void
793dns_zone_setupdateacl(dns_zone_t *zone, dns_acl_t *acl);
794/*%<
795 *	Sets the update acl list for the zone.
796 *
797 * Require:
798 *\li	'zone' to be a valid zone.
799 *\li	'acl' to be valid acl.
800 */
801
802void
803dns_zone_setforwardacl(dns_zone_t *zone, dns_acl_t *acl);
804/*%<
805 *	Sets the forward unsigned updates acl list for the zone.
806 *
807 * Require:
808 *\li	'zone' to be a valid zone.
809 *\li	'acl' to be valid acl.
810 */
811
812void
813dns_zone_setxfracl(dns_zone_t *zone, dns_acl_t *acl);
814/*%<
815 *	Sets the transfer acl list for the zone.
816 *
817 * Require:
818 *\li	'zone' to be a valid zone.
819 *\li	'acl' to be valid acl.
820 */
821
822dns_acl_t *
823dns_zone_getnotifyacl(dns_zone_t *zone);
824/*%<
825 * 	Returns the current notify acl or NULL.
826 *
827 * Require:
828 *\li	'zone' to be a valid zone.
829 *
830 * Returns:
831 *\li	acl a pointer to the acl.
832 *\li	NULL
833 */
834
835dns_acl_t *
836dns_zone_getqueryacl(dns_zone_t *zone);
837/*%<
838 * 	Returns the current query acl or NULL.
839 *
840 * Require:
841 *\li	'zone' to be a valid zone.
842 *
843 * Returns:
844 *\li	acl a pointer to the acl.
845 *\li	NULL
846 */
847
848dns_acl_t *
849dns_zone_getqueryonacl(dns_zone_t *zone);
850/*%<
851 * 	Returns the current query-on acl or NULL.
852 *
853 * Require:
854 *\li	'zone' to be a valid zone.
855 *
856 * Returns:
857 *\li	acl a pointer to the acl.
858 *\li	NULL
859 */
860
861dns_acl_t *
862dns_zone_getupdateacl(dns_zone_t *zone);
863/*%<
864 * 	Returns the current update acl or NULL.
865 *
866 * Require:
867 *\li	'zone' to be a valid zone.
868 *
869 * Returns:
870 *\li	acl a pointer to the acl.
871 *\li	NULL
872 */
873
874dns_acl_t *
875dns_zone_getforwardacl(dns_zone_t *zone);
876/*%<
877 * 	Returns the current forward unsigned updates acl or NULL.
878 *
879 * Require:
880 *\li	'zone' to be a valid zone.
881 *
882 * Returns:
883 *\li	acl a pointer to the acl.
884 *\li	NULL
885 */
886
887dns_acl_t *
888dns_zone_getxfracl(dns_zone_t *zone);
889/*%<
890 * 	Returns the current transfer acl or NULL.
891 *
892 * Require:
893 *\li	'zone' to be a valid zone.
894 *
895 * Returns:
896 *\li	acl a pointer to the acl.
897 *\li	NULL
898 */
899
900void
901dns_zone_clearupdateacl(dns_zone_t *zone);
902/*%<
903 *	Clear the current update acl.
904 *
905 * Require:
906 *\li	'zone' to be a valid zone.
907 */
908
909void
910dns_zone_clearforwardacl(dns_zone_t *zone);
911/*%<
912 *	Clear the current forward unsigned updates acl.
913 *
914 * Require:
915 *\li	'zone' to be a valid zone.
916 */
917
918void
919dns_zone_clearnotifyacl(dns_zone_t *zone);
920/*%<
921 *	Clear the current notify acl.
922 *
923 * Require:
924 *\li	'zone' to be a valid zone.
925 */
926
927void
928dns_zone_clearqueryacl(dns_zone_t *zone);
929/*%<
930 *	Clear the current query acl.
931 *
932 * Require:
933 *\li	'zone' to be a valid zone.
934 */
935
936void
937dns_zone_clearqueryonacl(dns_zone_t *zone);
938/*%<
939 *	Clear the current query-on acl.
940 *
941 * Require:
942 *\li	'zone' to be a valid zone.
943 */
944
945void
946dns_zone_clearxfracl(dns_zone_t *zone);
947/*%<
948 *	Clear the current transfer acl.
949 *
950 * Require:
951 *\li	'zone' to be a valid zone.
952 */
953
954isc_boolean_t
955dns_zone_getupdatedisabled(dns_zone_t *zone);
956/*%<
957 * Return update disabled.
958 * Transient unless called when running in isc_task_exclusive() mode.
959 */
960
961void
962dns_zone_setupdatedisabled(dns_zone_t *zone, isc_boolean_t state);
963/*%<
964 * Set update disabled.
965 * Should only be called only when running in isc_task_exclusive() mode.
966 * Failure to do so may result in updates being committed after the
967 * call has been made.
968 */
969
970isc_boolean_t
971dns_zone_getzeronosoattl(dns_zone_t *zone);
972/*%<
973 * Return zero-no-soa-ttl status.
974 */
975
976void
977dns_zone_setzeronosoattl(dns_zone_t *zone, isc_boolean_t state);
978/*%<
979 * Set zero-no-soa-ttl status.
980 */
981
982void
983dns_zone_setchecknames(dns_zone_t *zone, dns_severity_t severity);
984/*%<
985 * 	Set the severity of name checking when loading a zone.
986 *
987 * Require:
988 * \li     'zone' to be a valid zone.
989 */
990
991dns_severity_t
992dns_zone_getchecknames(dns_zone_t *zone);
993/*%<
994 *	Return the current severity of name checking.
995 *
996 * Require:
997 *\li	'zone' to be a valid zone.
998 */
999
1000void
1001dns_zone_setjournalsize(dns_zone_t *zone, isc_int32_t size);
1002/*%<
1003 *	Sets the journal size for the zone.
1004 *
1005 * Requires:
1006 *\li	'zone' to be a valid zone.
1007 */
1008
1009isc_int32_t
1010dns_zone_getjournalsize(dns_zone_t *zone);
1011/*%<
1012 *	Return the journal size as set with a previous call to
1013 *	dns_zone_setjournalsize().
1014 *
1015 * Requires:
1016 *\li	'zone' to be a valid zone.
1017 */
1018
1019isc_result_t
1020dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from,
1021		       dns_message_t *msg);
1022/*%<
1023 *	Tell the zone that it has received a NOTIFY message from another
1024 *	server.  This may cause some zone maintenance activity to occur.
1025 *
1026 * Requires:
1027 *\li	'zone' to be a valid zone.
1028 *\li	'*from' to contain the address of the server from which 'msg'
1029 *		was received.
1030 *\li	'msg' a message with opcode NOTIFY and qr clear.
1031 *
1032 * Returns:
1033 *\li	DNS_R_REFUSED
1034 *\li	DNS_R_NOTIMP
1035 *\li	DNS_R_FORMERR
1036 *\li	DNS_R_SUCCESS
1037 */
1038
1039void
1040dns_zone_setmaxxfrin(dns_zone_t *zone, isc_uint32_t maxxfrin);
1041/*%<
1042 * Set the maximum time (in seconds) that a zone transfer in (AXFR/IXFR)
1043 * of this zone will use before being aborted.
1044 *
1045 * Requires:
1046 * \li	'zone' to be valid initialised zone.
1047 */
1048
1049isc_uint32_t
1050dns_zone_getmaxxfrin(dns_zone_t *zone);
1051/*%<
1052 * Returns the maximum transfer time for this zone.  This will be
1053 * either the value set by the last call to dns_zone_setmaxxfrin() or
1054 * the default value of 1 hour.
1055 *
1056 * Requires:
1057 *\li	'zone' to be valid initialised zone.
1058 */
1059
1060void
1061dns_zone_setmaxxfrout(dns_zone_t *zone, isc_uint32_t maxxfrout);
1062/*%<
1063 * Set the maximum time (in seconds) that a zone transfer out (AXFR/IXFR)
1064 * of this zone will use before being aborted.
1065 *
1066 * Requires:
1067 * \li	'zone' to be valid initialised zone.
1068 */
1069
1070isc_uint32_t
1071dns_zone_getmaxxfrout(dns_zone_t *zone);
1072/*%<
1073 * Returns the maximum transfer time for this zone.  This will be
1074 * either the value set by the last call to dns_zone_setmaxxfrout() or
1075 * the default value of 1 hour.
1076 *
1077 * Requires:
1078 *\li	'zone' to be valid initialised zone.
1079 */
1080
1081isc_result_t
1082dns_zone_setjournal(dns_zone_t *zone, const char *journal);
1083/*%<
1084 * Sets the filename used for journaling updates / IXFR transfers.
1085 * The default journal name is set by dns_zone_setfile() to be
1086 * "file.jnl".  If 'journal' is NULL, the zone will have no
1087 * journal name.
1088 *
1089 * Requires:
1090 *\li	'zone' to be a valid zone.
1091 *
1092 * Returns:
1093 *\li	#ISC_R_SUCCESS
1094 *\li	#ISC_R_NOMEMORY
1095 */
1096
1097char *
1098dns_zone_getjournal(dns_zone_t *zone);
1099/*%<
1100 * Returns the journal name associated with this zone.
1101 * If no journal has been set this will be NULL.
1102 *
1103 * Requires:
1104 *\li	'zone' to be valid initialised zone.
1105 */
1106
1107dns_zonetype_t
1108dns_zone_gettype(dns_zone_t *zone);
1109/*%<
1110 * Returns the type of the zone (master/slave/etc.)
1111 *
1112 * Requires:
1113 *\li	'zone' to be valid initialised zone.
1114 */
1115
1116void
1117dns_zone_settask(dns_zone_t *zone, isc_task_t *task);
1118/*%<
1119 * Give a zone a task to work with.  Any current task will be detached.
1120 *
1121 * Requires:
1122 *\li	'zone' to be valid.
1123 *\li	'task' to be valid.
1124 */
1125
1126void
1127dns_zone_gettask(dns_zone_t *zone, isc_task_t **target);
1128/*%<
1129 * Attach '*target' to the zone's task.
1130 *
1131 * Requires:
1132 *\li	'zone' to be valid initialised zone.
1133 *\li	'zone' to have a task.
1134 *\li	'target' to be != NULL && '*target' == NULL.
1135 */
1136
1137void
1138dns_zone_notify(dns_zone_t *zone);
1139/*%<
1140 * Generate notify events for this zone.
1141 *
1142 * Requires:
1143 *\li	'zone' to be a valid zone.
1144 */
1145
1146isc_result_t
1147dns_zone_replacedb(dns_zone_t *zone, dns_db_t *db, isc_boolean_t dump);
1148/*%<
1149 * Replace the database of "zone" with a new database "db".
1150 *
1151 * If "dump" is ISC_TRUE, then the new zone contents are dumped
1152 * into to the zone's master file for persistence.  When replacing
1153 * a zone database by one just loaded from a master file, set
1154 * "dump" to ISC_FALSE to avoid a redundant redump of the data just
1155 * loaded.  Otherwise, it should be set to ISC_TRUE.
1156 *
1157 * If the "diff-on-reload" option is enabled in the configuration file,
1158 * the differences between the old and the new database are added to the
1159 * journal file, and the master file dump is postponed.
1160 *
1161 * Requires:
1162 * \li	'zone' to be a valid zone.
1163 *
1164 * Returns:
1165 * \li	DNS_R_SUCCESS
1166 * \li	DNS_R_BADZONE	zone failed basic consistency checks:
1167 *			* a single SOA must exist
1168 *			* some NS records must exist.
1169 *	Others
1170 */
1171
1172isc_uint32_t
1173dns_zone_getidlein(dns_zone_t *zone);
1174/*%<
1175 * Requires:
1176 * \li	'zone' to be a valid zone.
1177 *
1178 * Returns:
1179 * \li	number of seconds of idle time before we abort the transfer in.
1180 */
1181
1182void
1183dns_zone_setidlein(dns_zone_t *zone, isc_uint32_t idlein);
1184/*%<
1185 * \li	Set the idle timeout for transfer the.
1186 * \li	Zero set the default value, 1 hour.
1187 *
1188 * Requires:
1189 * \li	'zone' to be a valid zone.
1190 */
1191
1192isc_uint32_t
1193dns_zone_getidleout(dns_zone_t *zone);
1194/*%<
1195 *
1196 * Requires:
1197 * \li	'zone' to be a valid zone.
1198 *
1199 * Returns:
1200 * \li	number of seconds of idle time before we abort a transfer out.
1201 */
1202
1203void
1204dns_zone_setidleout(dns_zone_t *zone, isc_uint32_t idleout);
1205/*%<
1206 * \li	Set the idle timeout for transfers out.
1207 * \li	Zero set the default value, 1 hour.
1208 *
1209 * Requires:
1210 * \li	'zone' to be a valid zone.
1211 */
1212
1213void
1214dns_zone_getssutable(dns_zone_t *zone, dns_ssutable_t **table);
1215/*%<
1216 * Get the simple-secure-update policy table.
1217 *
1218 * Requires:
1219 * \li	'zone' to be a valid zone.
1220 */
1221
1222void
1223dns_zone_setssutable(dns_zone_t *zone, dns_ssutable_t *table);
1224/*%<
1225 * Set / clear the simple-secure-update policy table.
1226 *
1227 * Requires:
1228 * \li	'zone' to be a valid zone.
1229 */
1230
1231isc_mem_t *
1232dns_zone_getmctx(dns_zone_t *zone);
1233/*%<
1234 * Get the memory context of a zone.
1235 *
1236 * Requires:
1237 * \li	'zone' to be a valid zone.
1238 */
1239
1240dns_zonemgr_t *
1241dns_zone_getmgr(dns_zone_t *zone);
1242/*%<
1243 *	If 'zone' is managed return the zone manager otherwise NULL.
1244 *
1245 * Requires:
1246 * \li	'zone' to be a valid zone.
1247 */
1248
1249void
1250dns_zone_setsigvalidityinterval(dns_zone_t *zone, isc_uint32_t interval);
1251/*%<
1252 * Set the zone's RRSIG validity interval.  This is the length of time
1253 * for which DNSSEC signatures created as a result of dynamic updates
1254 * to secure zones will remain valid, in seconds.
1255 *
1256 * Requires:
1257 * \li	'zone' to be a valid zone.
1258 */
1259
1260isc_uint32_t
1261dns_zone_getsigvalidityinterval(dns_zone_t *zone);
1262/*%<
1263 * Get the zone's RRSIG validity interval.
1264 *
1265 * Requires:
1266 * \li	'zone' to be a valid zone.
1267 */
1268
1269void
1270dns_zone_setsigresigninginterval(dns_zone_t *zone, isc_uint32_t interval);
1271/*%<
1272 * Set the zone's RRSIG re-signing interval.  A dynamic zone's RRSIG's
1273 * will be re-signed 'interval' amount of time before they expire.
1274 *
1275 * Requires:
1276 * \li	'zone' to be a valid zone.
1277 */
1278
1279isc_uint32_t
1280dns_zone_getsigresigninginterval(dns_zone_t *zone);
1281/*%<
1282 * Get the zone's RRSIG re-signing interval.
1283 *
1284 * Requires:
1285 * \li	'zone' to be a valid zone.
1286 */
1287
1288void
1289dns_zone_setnotifytype(dns_zone_t *zone, dns_notifytype_t notifytype);
1290/*%<
1291 * Sets zone notify method to "notifytype"
1292 */
1293
1294isc_result_t
1295dns_zone_forwardupdate(dns_zone_t *zone, dns_message_t *msg,
1296		       dns_updatecallback_t callback, void *callback_arg);
1297/*%<
1298 * Forward 'msg' to each master in turn until we get an answer or we
1299 * have exhausted the list of masters. 'callback' will be called with
1300 * ISC_R_SUCCESS if we get an answer and the returned message will be
1301 * passed as 'answer_message', otherwise a non ISC_R_SUCCESS result code
1302 * will be passed and answer_message will be NULL.  The callback function
1303 * is responsible for destroying 'answer_message'.
1304 *		(callback)(callback_arg, result, answer_message);
1305 *
1306 * Require:
1307 *\li	'zone' to be valid
1308 *\li	'msg' to be valid.
1309 *\li	'callback' to be non NULL.
1310 * Returns:
1311 *\li	#ISC_R_SUCCESS if the message has been forwarded,
1312 *\li	#ISC_R_NOMEMORY
1313 *\li	Others
1314 */
1315
1316isc_result_t
1317dns_zone_next(dns_zone_t *zone, dns_zone_t **next);
1318/*%<
1319 * Find the next zone in the list of managed zones.
1320 *
1321 * Requires:
1322 *\li	'zone' to be valid
1323 *\li	The zone manager for the indicated zone MUST be locked
1324 *	by the caller.  This is not checked.
1325 *\li	'next' be non-NULL, and '*next' be NULL.
1326 *
1327 * Ensures:
1328 *\li	'next' points to a valid zone (result ISC_R_SUCCESS) or to NULL
1329 *	(result ISC_R_NOMORE).
1330 */
1331
1332
1333
1334isc_result_t
1335dns_zone_first(dns_zonemgr_t *zmgr, dns_zone_t **first);
1336/*%<
1337 * Find the first zone in the list of managed zones.
1338 *
1339 * Requires:
1340 *\li	'zonemgr' to be valid
1341 *\li	The zone manager for the indicated zone MUST be locked
1342 *	by the caller.  This is not checked.
1343 *\li	'first' be non-NULL, and '*first' be NULL
1344 *
1345 * Ensures:
1346 *\li	'first' points to a valid zone (result ISC_R_SUCCESS) or to NULL
1347 *	(result ISC_R_NOMORE).
1348 */
1349
1350isc_result_t
1351dns_zone_setkeydirectory(dns_zone_t *zone, const char *directory);
1352/*%<
1353 *	Sets the name of the directory where private keys used for
1354 *	online signing of dynamic zones are found.
1355 *
1356 * Require:
1357 *\li	'zone' to be a valid zone.
1358 *
1359 * Returns:
1360 *\li	#ISC_R_NOMEMORY
1361 *\li	#ISC_R_SUCCESS
1362 */
1363
1364const char *
1365dns_zone_getkeydirectory(dns_zone_t *zone);
1366/*%<
1367 * 	Gets the name of the directory where private keys used for
1368 *	online signing of dynamic zones are found.
1369 *
1370 * Requires:
1371 *\li	'zone' to be valid initialised zone.
1372 *
1373 * Returns:
1374 *	Pointer to null-terminated file name, or NULL.
1375 */
1376
1377
1378isc_result_t
1379dns_zonemgr_create(isc_mem_t *mctx, isc_taskmgr_t *taskmgr,
1380		   isc_timermgr_t *timermgr, isc_socketmgr_t *socketmgr,
1381		   dns_zonemgr_t **zmgrp);
1382/*%<
1383 * Create a zone manager.  Note: the zone manager will not be able to
1384 * manage any zones until dns_zonemgr_setsize() has been run.
1385 *
1386 * Requires:
1387 *\li	'mctx' to be a valid memory context.
1388 *\li	'taskmgr' to be a valid task manager.
1389 *\li	'timermgr' to be a valid timer manager.
1390 *\li	'zmgrp'	to point to a NULL pointer.
1391 */
1392
1393isc_result_t
1394dns_zonemgr_setsize(dns_zonemgr_t *zmgr, int num_zones);
1395/*%<
1396 *	Set the size of the zone manager task pool.  This must be run
1397 *	before zmgr can be used for managing zones.  Currently, it can only
1398 *	be run once; the task pool cannot be resized.
1399 *
1400 * Requires:
1401 *\li	zmgr is a valid zone manager.
1402 *\li	zmgr->zonetasks has been initialized.
1403 */
1404
1405isc_result_t
1406dns_zonemgr_managezone(dns_zonemgr_t *zmgr, dns_zone_t *zone);
1407/*%<
1408 *	Bring the zone under control of a zone manager.
1409 *
1410 * Require:
1411 *\li	'zmgr' to be a valid zone manager.
1412 *\li	'zone' to be a valid zone.
1413 */
1414
1415isc_result_t
1416dns_zonemgr_forcemaint(dns_zonemgr_t *zmgr);
1417/*%<
1418 * Force zone maintenance of all zones managed by 'zmgr' at its
1419 * earliest convenience.
1420 */
1421
1422void
1423dns_zonemgr_resumexfrs(dns_zonemgr_t *zmgr);
1424/*%<
1425 * Attempt to start any stalled zone transfers.
1426 */
1427
1428void
1429dns_zonemgr_shutdown(dns_zonemgr_t *zmgr);
1430/*%<
1431 *	Shut down the zone manager.
1432 *
1433 * Requires:
1434 *\li	'zmgr' to be a valid zone manager.
1435 */
1436
1437void
1438dns_zonemgr_attach(dns_zonemgr_t *source, dns_zonemgr_t **target);
1439/*%<
1440 *	Attach '*target' to 'source' incrementing its external
1441 * 	reference count.
1442 *
1443 * Require:
1444 *\li	'zone' to be a valid zone.
1445 *\li	'target' to be non NULL and '*target' to be NULL.
1446 */
1447
1448void
1449dns_zonemgr_detach(dns_zonemgr_t **zmgrp);
1450/*%<
1451 *	 Detach from a zone manager.
1452 *
1453 * Requires:
1454 *\li	'*zmgrp' is a valid, non-NULL zone manager pointer.
1455 *
1456 * Ensures:
1457 *\li	'*zmgrp' is NULL.
1458 */
1459
1460void
1461dns_zonemgr_releasezone(dns_zonemgr_t *zmgr, dns_zone_t *zone);
1462/*%<
1463 *	Release 'zone' from the managed by 'zmgr'.  'zmgr' is implicitly
1464 *	detached from 'zone'.
1465 *
1466 * Requires:
1467 *\li	'zmgr' to be a valid zone manager.
1468 *\li	'zone' to be a valid zone.
1469 *\li	'zmgr' == 'zone->zmgr'
1470 *
1471 * Ensures:
1472 *\li	'zone->zmgr' == NULL;
1473 */
1474
1475void
1476dns_zonemgr_settransfersin(dns_zonemgr_t *zmgr, isc_uint32_t value);
1477/*%<
1478 *	Set the maximum number of simultaneous transfers in allowed by
1479 *	the zone manager.
1480 *
1481 * Requires:
1482 *\li	'zmgr' to be a valid zone manager.
1483 */
1484
1485isc_uint32_t
1486dns_zonemgr_getttransfersin(dns_zonemgr_t *zmgr);
1487/*%<
1488 *	Return the maximum number of simultaneous transfers in allowed.
1489 *
1490 * Requires:
1491 *\li	'zmgr' to be a valid zone manager.
1492 */
1493
1494void
1495dns_zonemgr_settransfersperns(dns_zonemgr_t *zmgr, isc_uint32_t value);
1496/*%<
1497 *	Set the number of zone transfers allowed per nameserver.
1498 *
1499 * Requires:
1500 *\li	'zmgr' to be a valid zone manager
1501 */
1502
1503isc_uint32_t
1504dns_zonemgr_getttransfersperns(dns_zonemgr_t *zmgr);
1505/*%<
1506 *	Return the number of transfers allowed per nameserver.
1507 *
1508 * Requires:
1509 *\li	'zmgr' to be a valid zone manager.
1510 */
1511
1512void
1513dns_zonemgr_setiolimit(dns_zonemgr_t *zmgr, isc_uint32_t iolimit);
1514/*%<
1515 *	Set the number of simultaneous file descriptors available for
1516 *	reading and writing masterfiles.
1517 *
1518 * Requires:
1519 *\li	'zmgr' to be a valid zone manager.
1520 *\li	'iolimit' to be positive.
1521 */
1522
1523isc_uint32_t
1524dns_zonemgr_getiolimit(dns_zonemgr_t *zmgr);
1525/*%<
1526 *	Get the number of simultaneous file descriptors available for
1527 *	reading and writing masterfiles.
1528 *
1529 * Requires:
1530 *\li	'zmgr' to be a valid zone manager.
1531 */
1532
1533void
1534dns_zonemgr_setserialqueryrate(dns_zonemgr_t *zmgr, unsigned int value);
1535/*%<
1536 *	Set the number of SOA queries sent per second.
1537 *
1538 * Requires:
1539 *\li	'zmgr' to be a valid zone manager
1540 */
1541
1542unsigned int
1543dns_zonemgr_getserialqueryrate(dns_zonemgr_t *zmgr);
1544/*%<
1545 *	Return the number of SOA queries sent per second.
1546 *
1547 * Requires:
1548 *\li	'zmgr' to be a valid zone manager.
1549 */
1550
1551unsigned int
1552dns_zonemgr_getcount(dns_zonemgr_t *zmgr, int state);
1553/*%<
1554 *	Returns the number of zones in the specified state.
1555 *
1556 * Requires:
1557 *\li	'zmgr' to be a valid zone manager.
1558 *\li	'state' to be a valid DNS_ZONESTATE_ constant.
1559 */
1560
1561void
1562dns_zonemgr_unreachableadd(dns_zonemgr_t *zmgr, isc_sockaddr_t *remote,
1563			   isc_sockaddr_t *local, isc_time_t *now);
1564/*%<
1565 *	Add the pair of addresses to the unreachable cache.
1566 *
1567 * Requires:
1568 *\li	'zmgr' to be a valid zone manager.
1569 *\li	'remote' to be a valid sockaddr.
1570 *\li	'local' to be a valid sockaddr.
1571 */
1572
1573isc_boolean_t
1574dns_zonemgr_unreachable(dns_zonemgr_t *zmgr, isc_sockaddr_t *remote,
1575			isc_sockaddr_t *local, isc_time_t *now);
1576/*%<
1577 *	Returns ISC_TRUE if the given local/remote address pair
1578 *	is found in the zone maanger's unreachable cache.
1579 *
1580 * Requires:
1581 *\li	'zmgr' to be a valid zone manager.
1582 *\li	'remote' to be a valid sockaddr.
1583 *\li	'local' to be a valid sockaddr.
1584 *\li	'now' != NULL
1585 */
1586
1587void
1588dns_zonemgr_unreachabledel(dns_zonemgr_t *zmgr, isc_sockaddr_t *remote,
1589			   isc_sockaddr_t *local);
1590/*%<
1591 *	Remove the pair of addresses from the unreachable cache.
1592 *
1593 * Requires:
1594 *\li	'zmgr' to be a valid zone manager.
1595 *\li	'remote' to be a valid sockaddr.
1596 *\li	'local' to be a valid sockaddr.
1597 */
1598
1599void
1600dns_zone_forcereload(dns_zone_t *zone);
1601/*%<
1602 *      Force a reload of specified zone.
1603 *
1604 * Requires:
1605 *\li      'zone' to be a valid zone.
1606 */
1607
1608isc_boolean_t
1609dns_zone_isforced(dns_zone_t *zone);
1610/*%<
1611 *      Check if the zone is waiting a forced reload.
1612 *
1613 * Requires:
1614 * \li     'zone' to be a valid zone.
1615 */
1616
1617isc_result_t
1618dns_zone_setstatistics(dns_zone_t *zone, isc_boolean_t on);
1619/*%<
1620 * This function is obsoleted by dns_zone_setrequeststats().
1621 */
1622
1623isc_uint64_t *
1624dns_zone_getstatscounters(dns_zone_t *zone);
1625/*%<
1626 * This function is obsoleted by dns_zone_getrequeststats().
1627 */
1628
1629void
1630dns_zone_setstats(dns_zone_t *zone, isc_stats_t *stats);
1631/*%<
1632 * Set a general zone-maintenance statistics set 'stats' for 'zone'.  This
1633 * function is expected to be called only on zone creation (when necessary).
1634 * Once installed, it cannot be removed or replaced.  Also, there is no
1635 * interface to get the installed stats from the zone; the caller must keep the
1636 * stats to reference (e.g. dump) it later.
1637 *
1638 * Requires:
1639 * \li	'zone' to be a valid zone and does not have a statistics set already
1640 *	installed.
1641 *
1642 *\li	stats is a valid statistics supporting zone statistics counters
1643 *	(see dns/stats.h).
1644 */
1645
1646void
1647dns_zone_setrequeststats(dns_zone_t *zone, isc_stats_t *stats);
1648/*%<
1649 * Set an additional statistics set to zone.  It is attached in the zone
1650 * but is not counted in the zone module; only the caller updates the counters.
1651 *
1652 * Requires:
1653 * \li	'zone' to be a valid zone.
1654 *
1655 *\li	stats is a valid statistics.
1656 */
1657
1658isc_stats_t *
1659dns_zone_getrequeststats(dns_zone_t *zone);
1660/*%<
1661 * Get the additional statistics for zone, if one is installed.
1662 *
1663 * Requires:
1664 * \li	'zone' to be a valid zone.
1665 *
1666 * Returns:
1667 * \li	when available, a pointer to the statistics set installed in zone;
1668 *	otherwise NULL.
1669 */
1670
1671void
1672dns_zone_dialup(dns_zone_t *zone);
1673/*%<
1674 * Perform dialup-time maintenance on 'zone'.
1675 */
1676
1677void
1678dns_zone_setdialup(dns_zone_t *zone, dns_dialuptype_t dialup);
1679/*%<
1680 * Set the dialup type of 'zone' to 'dialup'.
1681 *
1682 * Requires:
1683 * \li	'zone' to be valid initialised zone.
1684 *\li	'dialup' to be a valid dialup type.
1685 */
1686
1687void
1688dns_zone_log(dns_zone_t *zone, int level, const char *msg, ...)
1689	ISC_FORMAT_PRINTF(3, 4);
1690/*%<
1691 * Log the message 'msg...' at 'level', including text that identifies
1692 * the message as applying to 'zone'.
1693 */
1694
1695void
1696dns_zone_logc(dns_zone_t *zone, isc_logcategory_t *category, int level,
1697	      const char *msg, ...) ISC_FORMAT_PRINTF(4, 5);
1698/*%<
1699 * Log the message 'msg...' at 'level', including text that identifies
1700 * the message as applying to 'zone'.
1701 */
1702
1703void
1704dns_zone_name(dns_zone_t *zone, char *buf, size_t len);
1705/*%<
1706 * Return the name of the zone with class and view.
1707 *
1708 * Requires:
1709 *\li	'zone' to be valid.
1710 *\li	'buf' to be non NULL.
1711 */
1712
1713isc_result_t
1714dns_zone_checknames(dns_zone_t *zone, dns_name_t *name, dns_rdata_t *rdata);
1715/*%<
1716 * Check if this record meets the check-names policy.
1717 *
1718 * Requires:
1719 *	'zone' to be valid.
1720 *	'name' to be valid.
1721 *	'rdata' to be valid.
1722 *
1723 * Returns:
1724 *	DNS_R_SUCCESS		passed checks.
1725 *	DNS_R_BADOWNERNAME	failed ownername checks.
1726 *	DNS_R_BADNAME		failed rdata checks.
1727 */
1728
1729void
1730dns_zone_setacache(dns_zone_t *zone, dns_acache_t *acache);
1731/*%<
1732 *	Associate the zone with an additional cache.
1733 *
1734 * Require:
1735 *	'zone' to be a valid zone.
1736 *	'acache' to be a non NULL pointer.
1737 *
1738 * Ensures:
1739 *	'zone' will have a reference to 'acache'
1740 */
1741
1742void
1743dns_zone_setcheckmx(dns_zone_t *zone, dns_checkmxfunc_t checkmx);
1744/*%<
1745 *	Set the post load integrity callback function 'checkmx'.
1746 *	'checkmx' will be called if the MX TARGET is not within the zone.
1747 *
1748 * Require:
1749 *	'zone' to be a valid zone.
1750 */
1751
1752void
1753dns_zone_setchecksrv(dns_zone_t *zone, dns_checkmxfunc_t checksrv);
1754/*%<
1755 *	Set the post load integrity callback function 'checksrv'.
1756 *	'checksrv' will be called if the SRV TARGET is not within the zone.
1757 *
1758 * Require:
1759 *	'zone' to be a valid zone.
1760 */
1761
1762void
1763dns_zone_setcheckns(dns_zone_t *zone, dns_checknsfunc_t checkns);
1764/*%<
1765 *	Set the post load integrity callback function 'checkns'.
1766 *	'checkns' will be called if the NS TARGET is not within the zone.
1767 *
1768 * Require:
1769 *	'zone' to be a valid zone.
1770 */
1771
1772void
1773dns_zone_setnotifydelay(dns_zone_t *zone, isc_uint32_t delay);
1774/*%<
1775 * Set the minimum delay between sets of notify messages.
1776 *
1777 * Requires:
1778 *	'zone' to be valid.
1779 */
1780
1781isc_uint32_t
1782dns_zone_getnotifydelay(dns_zone_t *zone);
1783/*%<
1784 * Get the minimum delay between sets of notify messages.
1785 *
1786 * Requires:
1787 *	'zone' to be valid.
1788 */
1789
1790void
1791dns_zone_setisself(dns_zone_t *zone, dns_isselffunc_t isself, void *arg);
1792/*%<
1793 * Set the isself callback function and argument.
1794 *
1795 * isc_boolean_t
1796 * isself(dns_view_t *myview, dns_tsigkey_t *mykey, isc_netaddr_t *srcaddr,
1797 *	  isc_netaddr_t *destaddr, dns_rdataclass_t rdclass, void *arg);
1798 *
1799 * 'isself' returns ISC_TRUE if a non-recursive query from 'srcaddr' to
1800 * 'destaddr' with optional key 'mykey' for class 'rdclass' would be
1801 * delivered to 'myview'.
1802 */
1803
1804void
1805dns_zone_setnodes(dns_zone_t *zone, isc_uint32_t nodes);
1806/*%<
1807 * Set the number of nodes that will be checked per quantum.
1808 */
1809
1810void
1811dns_zone_setsignatures(dns_zone_t *zone, isc_uint32_t signatures);
1812/*%<
1813 * Set the number of signatures that will be generated per quantum.
1814 */
1815
1816isc_result_t
1817dns_zone_signwithkey(dns_zone_t *zone, dns_secalg_t algorithm,
1818		     isc_uint16_t keyid, isc_boolean_t delete);
1819/*%<
1820 * Initiate/resume signing of the entire zone with the zone DNSKEY(s)
1821 * that match the given algorithm and keyid.
1822 */
1823
1824isc_result_t
1825dns_zone_addnsec3chain(dns_zone_t *zone, dns_rdata_nsec3param_t *nsec3param);
1826/*%<
1827 * Incrementally add a NSEC3 chain that corresponds to 'nsec3param'.
1828 */
1829
1830void
1831dns_zone_setprivatetype(dns_zone_t *zone, dns_rdatatype_t type);
1832dns_rdatatype_t
1833dns_zone_getprivatetype(dns_zone_t *zone);
1834/*
1835 * Get/Set the private record type.  It is expected that these interfaces
1836 * will not be permanent.
1837 */
1838
1839void
1840dns_zone_rekey(dns_zone_t *zone, isc_boolean_t fullsign);
1841/*%<
1842 * Update the zone's DNSKEY set from the key repository.
1843 *
1844 * If 'fullsign' is true, trigger an immediate full signing of
1845 * the zone with the new key.  Otherwise, if there are no keys or
1846 * if the new keys are for algorithms that have already signed the
1847 * zone, then the zone can be re-signed incrementally.
1848 */
1849
1850isc_result_t
1851dns_zone_nscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version,
1852		 unsigned int *errors);
1853/*%
1854 * Check if the name servers for the zone are sane (have address, don't
1855 * refer to CNAMEs/DNAMEs.  The number of constiancy errors detected in
1856 * returned in '*errors'
1857 *
1858 * Requires:
1859 * \li	'zone' to be valid.
1860 * \li	'db' to be valid.
1861 * \li	'version' to be valid or NULL.
1862 * \li	'errors' to be non NULL.
1863 *
1864 * Returns:
1865 * 	ISC_R_SUCCESS if there were no errors examining the zone contents.
1866 */
1867
1868void
1869dns_zone_setadded(dns_zone_t *zone, isc_boolean_t added);
1870/*%
1871 * Sets the value of zone->added, which should be ISC_TRUE for
1872 * zones that were originally added by "rndc addzone".
1873 *
1874 * Requires:
1875 * \li	'zone' to be valid.
1876 */
1877
1878isc_boolean_t
1879dns_zone_getadded(dns_zone_t *zone);
1880/*%
1881 * Returns ISC_TRUE if the zone was originally added at runtime
1882 * using "rndc addzone".
1883 *
1884 * Requires:
1885 * \li	'zone' to be valid.
1886 */
1887
1888isc_result_t
1889dns_zone_dlzpostload(dns_zone_t *zone, dns_db_t *db);
1890/*%
1891 * Load the origin names for a writeable DLZ database.
1892 */
1893
1894isc_result_t
1895dns_zone_synckeyzone(dns_zone_t *zone);
1896/*%
1897 * Force the managed key zone to synchronize, and start the key
1898 * maintenance timer.
1899 */
1900
1901ISC_LANG_ENDDECLS
1902
1903#endif /* DNS_ZONE_H */
1904