zone.h revision 1.3
1/* $NetBSD: zone.h,v 1.3 2019/01/09 16:55:12 christos Exp $ */ 2 3/* 4 * Copyright (C) Internet Systems Consortium, Inc. ("ISC") 5 * 6 * This Source Code Form is subject to the terms of the Mozilla Public 7 * License, v. 2.0. If a copy of the MPL was not distributed with this 8 * file, You can obtain one at http://mozilla.org/MPL/2.0/. 9 * 10 * See the COPYRIGHT file distributed with this work for additional 11 * information regarding copyright ownership. 12 */ 13 14#ifndef DNS_ZONE_H 15#define DNS_ZONE_H 1 16 17/*! \file dns/zone.h */ 18 19/*** 20 *** Imports 21 ***/ 22 23#include <stdbool.h> 24#include <stdio.h> 25#include <inttypes.h> 26 27#include <isc/formatcheck.h> 28#include <isc/lang.h> 29#include <isc/rwlock.h> 30 31#include <dns/catz.h> 32#include <dns/master.h> 33#include <dns/masterdump.h> 34#include <dns/rdatastruct.h> 35#include <dns/rpz.h> 36#include <dns/types.h> 37#include <dns/zt.h> 38 39typedef enum { 40 dns_zone_none, 41 dns_zone_master, 42 dns_zone_slave, 43 dns_zone_mirror, 44 dns_zone_stub, 45 dns_zone_staticstub, 46 dns_zone_key, 47 dns_zone_dlz, 48 dns_zone_redirect 49} dns_zonetype_t; 50 51typedef enum { 52 dns_zonestat_none = 0, 53 dns_zonestat_terse, 54 dns_zonestat_full 55} dns_zonestat_level_t; 56 57typedef enum { 58 DNS_ZONEOPT_MANYERRORS = 1<<0, /*%< return many errors on load */ 59 DNS_ZONEOPT_IXFRFROMDIFFS = 1<<1, /*%< calculate differences */ 60 DNS_ZONEOPT_NOMERGE = 1<<2, /*%< don't merge journal */ 61 DNS_ZONEOPT_CHECKNS = 1<<3, /*%< check if NS's are addresses */ 62 DNS_ZONEOPT_FATALNS = 1<<4, /*%< DNS_ZONEOPT_CHECKNS is fatal */ 63 DNS_ZONEOPT_MULTIMASTER = 1<<5, /*%< this zone has multiple masters */ 64 DNS_ZONEOPT_USEALTXFRSRC = 1<<6, /*%< use alternate transfer sources */ 65 DNS_ZONEOPT_CHECKNAMES = 1<<7, /*%< check-names */ 66 DNS_ZONEOPT_CHECKNAMESFAIL = 1<<8, /*%< fatal check-name failures */ 67 DNS_ZONEOPT_CHECKWILDCARD = 1<<9, /*%< check for internal wildcards */ 68 DNS_ZONEOPT_CHECKMX = 1<<10, /*%< check-mx */ 69 DNS_ZONEOPT_CHECKMXFAIL = 1<<11, /*%< fatal check-mx failures */ 70 DNS_ZONEOPT_CHECKINTEGRITY = 1<<12, /*%< perform integrity checks */ 71 DNS_ZONEOPT_CHECKSIBLING = 1<<13, /*%< perform sibling glue checks */ 72 DNS_ZONEOPT_NOCHECKNS = 1<<14, /*%< disable IN NS address checks */ 73 DNS_ZONEOPT_WARNMXCNAME = 1<<15, /*%< warn on MX CNAME check */ 74 DNS_ZONEOPT_IGNOREMXCNAME = 1<<16, /*%< ignore MX CNAME check */ 75 DNS_ZONEOPT_WARNSRVCNAME = 1<<17, /*%< warn on SRV CNAME check */ 76 DNS_ZONEOPT_IGNORESRVCNAME = 1<<18, /*%< ignore SRV CNAME check */ 77 DNS_ZONEOPT_UPDATECHECKKSK = 1<<19, /*%< check dnskey KSK flag */ 78 DNS_ZONEOPT_TRYTCPREFRESH = 1<<20, /*%< try tcp refresh on udp failure */ 79 DNS_ZONEOPT_NOTIFYTOSOA = 1<<21, /*%< Notify the SOA MNAME */ 80 DNS_ZONEOPT_NSEC3TESTZONE = 1<<22, /*%< nsec3-test-zone */ 81 DNS_ZONEOPT_SECURETOINSECURE = 1<<23, /*%< dnssec-secure-to-insecure */ 82 DNS_ZONEOPT_DNSKEYKSKONLY = 1<<24, /*%< dnssec-dnskey-kskonly */ 83 DNS_ZONEOPT_CHECKDUPRR = 1<<25, /*%< check-dup-records */ 84 DNS_ZONEOPT_CHECKDUPRRFAIL = 1<<26, /*%< fatal check-dup-records failures */ 85 DNS_ZONEOPT_CHECKSPF = 1<<27, /*%< check SPF records */ 86 DNS_ZONEOPT_CHECKTTL = 1<<28, /*%< check max-zone-ttl */ 87 DNS_ZONEOPT_AUTOEMPTY = 1<<29, /*%< automatic empty zone */ 88} dns_zoneopt_t; 89 90/* 91 * Zone key maintenance options 92 */ 93#define DNS_ZONEKEY_ALLOW 0x00000001U /*%< fetch keys on command */ 94#define DNS_ZONEKEY_MAINTAIN 0x00000002U /*%< publish/sign on schedule */ 95#define DNS_ZONEKEY_CREATE 0x00000004U /*%< make keys when needed */ 96#define DNS_ZONEKEY_FULLSIGN 0x00000008U /*%< roll to new keys immediately */ 97#define DNS_ZONEKEY_NORESIGN 0x00000010U /*%< no automatic resigning */ 98 99#ifndef DNS_ZONE_MINREFRESH 100#define DNS_ZONE_MINREFRESH 300 /*%< 5 minutes */ 101#endif 102#ifndef DNS_ZONE_MAXREFRESH 103#define DNS_ZONE_MAXREFRESH 2419200 /*%< 4 weeks */ 104#endif 105#ifndef DNS_ZONE_DEFAULTREFRESH 106#define DNS_ZONE_DEFAULTREFRESH 3600 /*%< 1 hour */ 107#endif 108#ifndef DNS_ZONE_MINRETRY 109#define DNS_ZONE_MINRETRY 300 /*%< 5 minutes */ 110#endif 111#ifndef DNS_ZONE_MAXRETRY 112#define DNS_ZONE_MAXRETRY 1209600 /*%< 2 weeks */ 113#endif 114#ifndef DNS_ZONE_DEFAULTRETRY 115#define DNS_ZONE_DEFAULTRETRY 60 /*%< 1 minute, subject to 116 exponential backoff */ 117#endif 118 119#define DNS_ZONESTATE_XFERRUNNING 1 120#define DNS_ZONESTATE_XFERDEFERRED 2 121#define DNS_ZONESTATE_SOAQUERY 3 122#define DNS_ZONESTATE_ANY 4 123#define DNS_ZONESTATE_AUTOMATIC 5 124 125ISC_LANG_BEGINDECLS 126 127/*** 128 *** Functions 129 ***/ 130 131isc_result_t 132dns_zone_create(dns_zone_t **zonep, isc_mem_t *mctx); 133/*%< 134 * Creates a new empty zone and attach '*zonep' to it. 135 * 136 * Requires: 137 *\li 'zonep' to point to a NULL pointer. 138 *\li 'mctx' to be a valid memory context. 139 * 140 * Ensures: 141 *\li '*zonep' refers to a valid zone. 142 * 143 * Returns: 144 *\li #ISC_R_SUCCESS 145 *\li #ISC_R_NOMEMORY 146 *\li #ISC_R_UNEXPECTED 147 */ 148 149void 150dns_zone_setclass(dns_zone_t *zone, dns_rdataclass_t rdclass); 151/*%< 152 * Sets the class of a zone. This operation can only be performed 153 * once on a zone. 154 * 155 * Require: 156 *\li 'zone' to be a valid zone. 157 *\li dns_zone_setclass() not to have been called since the zone was 158 * created. 159 *\li 'rdclass' != dns_rdataclass_none. 160 */ 161 162dns_rdataclass_t 163dns_zone_getclass(dns_zone_t *zone); 164/*%< 165 * Returns the current zone class. 166 * 167 * Requires: 168 *\li 'zone' to be a valid zone. 169 */ 170 171isc_result_t 172dns_zone_getserial(dns_zone_t *zone, uint32_t *serialp); 173/*%< 174 * Returns the current serial number of the zone. On success, the SOA 175 * serial of the zone will be copied into '*serialp'. 176 * 177 * Requires: 178 *\li 'zone' to be a valid zone. 179 *\li 'serialp' to be non NULL 180 * 181 * Returns: 182 *\li #ISC_R_SUCCESS 183 *\li #DNS_R_NOTLOADED zone DB is not loaded 184 */ 185 186void 187dns_zone_settype(dns_zone_t *zone, dns_zonetype_t type); 188/*%< 189 * Sets the zone type. This operation can only be performed once on 190 * a zone. 191 * 192 * Requires: 193 *\li 'zone' to be a valid zone. 194 *\li dns_zone_settype() not to have been called since the zone was 195 * created. 196 *\li 'type' != dns_zone_none 197 */ 198 199void 200dns_zone_setview(dns_zone_t *zone, dns_view_t *view); 201/*%< 202 * Associate the zone with a view. 203 * 204 * Require: 205 *\li 'zone' to be a valid zone. 206 */ 207 208dns_view_t * 209dns_zone_getview(dns_zone_t *zone); 210/*%< 211 * Returns the zone's associated view. 212 * 213 * Requires: 214 *\li 'zone' to be a valid zone. 215 */ 216 217void 218dns_zone_setviewcommit(dns_zone_t *zone); 219/*%< 220 * Commit the previous view saved internally via dns_zone_setview(). 221 * 222 * Require: 223 *\li 'zone' to be a valid zone. 224 */ 225 226void 227dns_zone_setviewrevert(dns_zone_t *zone); 228/*%< 229 * Revert the most recent dns_zone_setview() on this zone, 230 * restoring the previous view. 231 * 232 * Require: 233 *\li 'zone' to be a valid zone. 234 */ 235 236 237isc_result_t 238dns_zone_setorigin(dns_zone_t *zone, const dns_name_t *origin); 239/*%< 240 * Sets the zones origin to 'origin'. 241 * 242 * Require: 243 *\li 'zone' to be a valid zone. 244 *\li 'origin' to be non NULL. 245 * 246 * Returns: 247 *\li #ISC_R_SUCCESS 248 *\li #ISC_R_NOMEMORY 249 */ 250 251dns_name_t * 252dns_zone_getorigin(dns_zone_t *zone); 253/*%< 254 * Returns the value of the origin. 255 * 256 * Require: 257 *\li 'zone' to be a valid zone. 258 */ 259 260isc_result_t 261dns_zone_setfile(dns_zone_t *zone, const char *file, 262 dns_masterformat_t format, const dns_master_style_t *style); 263/*%< 264 * Sets the name of the master file in the format of 'format' from which 265 * the zone loads its database to 'file'. 266 * 267 * For zones that have no associated master file, 'file' will be NULL. 268 * 269 * For zones with persistent databases, the file name 270 * setting is ignored. 271 * 272 * Require: 273 *\li 'zone' to be a valid zone. 274 * 275 * Returns: 276 *\li #ISC_R_NOMEMORY 277 *\li #ISC_R_SUCCESS 278 */ 279 280const char * 281dns_zone_getfile(dns_zone_t *zone); 282/*%< 283 * Gets the name of the zone's master file, if any. 284 * 285 * Requires: 286 *\li 'zone' to be valid initialised zone. 287 * 288 * Returns: 289 *\li Pointer to null-terminated file name, or NULL. 290 */ 291 292void 293dns_zone_setmaxrecords(dns_zone_t *zone, uint32_t records); 294/*%< 295 * Sets the maximim number of records permitted in a zone. 296 * 0 implies unlimited. 297 * 298 * Requires: 299 *\li 'zone' to be valid initialised zone. 300 * 301 * Returns: 302 *\li void 303 */ 304 305uint32_t 306dns_zone_getmaxrecords(dns_zone_t *zone); 307/*%< 308 * Gets the maximim number of records permitted in a zone. 309 * 0 implies unlimited. 310 * 311 * Requires: 312 *\li 'zone' to be valid initialised zone. 313 * 314 * Returns: 315 *\li uint32_t maxrecords. 316 */ 317 318void 319dns_zone_setmaxttl(dns_zone_t *zone, uint32_t maxttl); 320/*%< 321 * Sets the max ttl of the zone. 322 * 323 * Requires: 324 *\li 'zone' to be valid initialised zone. 325 * 326 * Returns: 327 *\li void 328 */ 329 330dns_ttl_t 331dns_zone_getmaxttl(dns_zone_t *zone); 332/*%< 333 * Gets the max ttl of the zone. 334 * 335 * Requires: 336 *\li 'zone' to be valid initialised zone. 337 * 338 * Returns: 339 *\li dns_ttl_t maxttl. 340 */ 341 342isc_result_t 343dns_zone_load(dns_zone_t *zone, bool newonly); 344 345isc_result_t 346dns_zone_loadandthaw(dns_zone_t *zone); 347 348/*%< 349 * Cause the database to be loaded from its backing store. 350 * Confirm that the minimum requirements for the zone type are 351 * met, otherwise DNS_R_BADZONE is returned. 352 * 353 * If newonly is set dns_zone_load() only loads new zones. 354 * dns_zone_loadandthaw() is similar to dns_zone_load() but will 355 * also re-enable DNS UPDATEs when the load completes. 356 * 357 * Require: 358 *\li 'zone' to be a valid zone. 359 * 360 * Returns: 361 *\li #ISC_R_UNEXPECTED 362 *\li #ISC_R_SUCCESS 363 *\li DNS_R_CONTINUE Incremental load has been queued. 364 *\li DNS_R_UPTODATE The zone has already been loaded based on 365 * file system timestamps. 366 *\li DNS_R_BADZONE 367 *\li Any result value from dns_db_load(). 368 */ 369 370isc_result_t 371dns_zone_asyncload(dns_zone_t *zone, bool newonly, 372 dns_zt_zoneloaded_t done, void *arg); 373/*%< 374 * Cause the database to be loaded from its backing store asynchronously. 375 * Other zone maintenance functions are suspended until this is complete. 376 * When finished, 'done' is called to inform the caller, with 'arg' as 377 * its first argument and 'zone' as its second. (Normally, 'arg' is 378 * expected to point to the zone table but is left undefined for testing 379 * purposes.) 380 * 381 * Require: 382 *\li 'zone' to be a valid zone. 383 * 384 * Returns: 385 *\li #ISC_R_ALREADYRUNNING 386 *\li #ISC_R_SUCCESS 387 *\li #ISC_R_FAILURE 388 *\li #ISC_R_NOMEMORY 389 */ 390 391bool 392dns__zone_loadpending(dns_zone_t *zone); 393/*%< 394 * Indicates whether the zone is waiting to be loaded asynchronously. 395 * (Not currently intended for use outside of this module and associated 396 * tests.) 397 */ 398 399void 400dns_zone_attach(dns_zone_t *source, dns_zone_t **target); 401/*%< 402 * Attach '*target' to 'source' incrementing its external 403 * reference count. 404 * 405 * Require: 406 *\li 'zone' to be a valid zone. 407 *\li 'target' to be non NULL and '*target' to be NULL. 408 */ 409 410void 411dns_zone_detach(dns_zone_t **zonep); 412/*%< 413 * Detach from a zone decrementing its external reference count. 414 * If this was the last external reference to the zone it will be 415 * shut down and eventually freed. 416 * 417 * Require: 418 *\li 'zonep' to point to a valid zone. 419 */ 420 421void 422dns_zone_iattach(dns_zone_t *source, dns_zone_t **target); 423/*%< 424 * Attach '*target' to 'source' incrementing its internal 425 * reference count. This is intended for use by operations 426 * such as zone transfers that need to prevent the zone 427 * object from being freed but not from shutting down. 428 * 429 * Require: 430 *\li The caller is running in the context of the zone's task. 431 *\li 'zone' to be a valid zone. 432 *\li 'target' to be non NULL and '*target' to be NULL. 433 */ 434 435void 436dns_zone_idetach(dns_zone_t **zonep); 437/*%< 438 * Detach from a zone decrementing its internal reference count. 439 * If there are no more internal or external references to the 440 * zone, it will be freed. 441 * 442 * Require: 443 *\li The caller is running in the context of the zone's task. 444 *\li 'zonep' to point to a valid zone. 445 */ 446 447void 448dns_zone_setflag(dns_zone_t *zone, unsigned int flags, bool value); 449/*%< 450 * Sets ('value' == 'true') / clears ('value' == 'IS_FALSE') 451 * zone flags. Valid flag bits are DNS_ZONE_F_*. 452 * 453 * Requires 454 *\li 'zone' to be a valid zone. 455 */ 456 457isc_result_t 458dns_zone_getdb(dns_zone_t *zone, dns_db_t **dbp); 459/*%< 460 * Attach '*dbp' to the database to if it exists otherwise 461 * return DNS_R_NOTLOADED. 462 * 463 * Require: 464 *\li 'zone' to be a valid zone. 465 *\li 'dbp' to be != NULL && '*dbp' == NULL. 466 * 467 * Returns: 468 *\li #ISC_R_SUCCESS 469 *\li DNS_R_NOTLOADED 470 */ 471 472void 473dns_zone_setdb(dns_zone_t *zone, dns_db_t *db); 474/*%< 475 * Sets the zone database to 'db'. 476 * 477 * This function is expected to be used to configure a zone with a 478 * database which is not loaded from a file or zone transfer. 479 * It can be used for a general purpose zone, but right now its use 480 * is limited to static-stub zones to avoid possible undiscovered 481 * problems in the general cases. 482 * 483 * Require: 484 *\li 'zone' to be a valid zone of static-stub. 485 *\li zone doesn't have a database. 486 */ 487 488isc_result_t 489dns_zone_setdbtype(dns_zone_t *zone, 490 unsigned int dbargc, const char * const *dbargv); 491/*%< 492 * Sets the database type to dbargv[0] and database arguments 493 * to subsequent dbargv elements. 494 * 'db_type' is not checked to see if it is a valid database type. 495 * 496 * Require: 497 *\li 'zone' to be a valid zone. 498 *\li 'database' to be non NULL. 499 *\li 'dbargc' to be >= 1 500 *\li 'dbargv' to point to dbargc NULL-terminated strings 501 * 502 * Returns: 503 *\li #ISC_R_NOMEMORY 504 *\li #ISC_R_SUCCESS 505 */ 506 507isc_result_t 508dns_zone_getdbtype(dns_zone_t *zone, char ***argv, isc_mem_t *mctx); 509/*%< 510 * Returns the current dbtype. isc_mem_free() should be used 511 * to free 'argv' after use. 512 * 513 * Require: 514 *\li 'zone' to be a valid zone. 515 *\li 'argv' to be non NULL and *argv to be NULL. 516 *\li 'mctx' to be valid. 517 * 518 * Returns: 519 *\li #ISC_R_NOMEMORY 520 *\li #ISC_R_SUCCESS 521 */ 522 523void 524dns_zone_markdirty(dns_zone_t *zone); 525/*%< 526 * Mark a zone as 'dirty'. 527 * 528 * Require: 529 *\li 'zone' to be a valid zone. 530 */ 531 532void 533dns_zone_expire(dns_zone_t *zone); 534/*%< 535 * Mark the zone as expired. If the zone requires dumping cause it to 536 * be initiated. Set the refresh and retry intervals to there default 537 * values and unload the zone. 538 * 539 * Require 540 *\li 'zone' to be a valid zone. 541 */ 542 543void 544dns_zone_refresh(dns_zone_t *zone); 545/*%< 546 * Initiate zone up to date checks. The zone must already be being 547 * managed. 548 * 549 * Require 550 *\li 'zone' to be a valid zone. 551 */ 552 553isc_result_t 554dns_zone_flush(dns_zone_t *zone); 555/*%< 556 * Write the zone to database if there are uncommitted changes. 557 * 558 * Require: 559 *\li 'zone' to be a valid zone. 560 */ 561 562isc_result_t 563dns_zone_dump(dns_zone_t *zone); 564/*%< 565 * Write the zone to database. 566 * 567 * Require: 568 *\li 'zone' to be a valid zone. 569 */ 570 571isc_result_t 572dns_zone_dumptostream(dns_zone_t *zone, FILE *fd, dns_masterformat_t format, 573 const dns_master_style_t *style, 574 const uint32_t rawversion); 575/*%< 576 * Write the zone to stream 'fd' in the specified 'format'. 577 * If the 'format' is dns_masterformat_text (RFC1035), 'style' also 578 * specifies the file style (e.g., &dns_master_style_default). 579 * 580 * dns_zone_dumptostream() is a backward-compatible form of 581 * dns_zone_dumptostream2(), which always uses the dns_masterformat_text 582 * format and the dns_master_style_default style. 583 * 584 * dns_zone_dumptostream2() is a backward-compatible form of 585 * dns_zone_dumptostream3(), which always uses the current 586 * default raw file format version. 587 * 588 * Note that dns_zone_dumptostream3() is the most flexible form. It 589 * can also provide the functionality of dns_zone_fulldumptostream(). 590 * 591 * Require: 592 *\li 'zone' to be a valid zone. 593 *\li 'fd' to be a stream open for writing. 594 */ 595 596void 597dns_zone_maintenance(dns_zone_t *zone); 598/*%< 599 * Perform regular maintenance on the zone. This is called as a 600 * result of a zone being managed. 601 * 602 * Require 603 *\li 'zone' to be a valid zone. 604 */ 605 606isc_result_t 607dns_zone_setmasters(dns_zone_t *zone, const isc_sockaddr_t *masters, 608 uint32_t count); 609isc_result_t 610dns_zone_setmasterswithkeys(dns_zone_t *zone, 611 const isc_sockaddr_t *masters, 612 dns_name_t **keynames, 613 uint32_t count); 614/*%< 615 * Set the list of master servers for the zone. 616 * 617 * Require: 618 *\li 'zone' to be a valid zone. 619 *\li 'masters' array of isc_sockaddr_t with port set or NULL. 620 *\li 'count' the number of masters. 621 *\li 'keynames' array of dns_name_t's for tsig keys or NULL. 622 * 623 * \li dns_zone_setmasters() is just a wrapper to setmasterswithkeys(), 624 * passing NULL in the keynames field. 625 * 626 * \li If 'masters' is NULL then 'count' must be zero. 627 * 628 * Returns: 629 *\li #ISC_R_SUCCESS 630 *\li #ISC_R_NOMEMORY 631 *\li Any result dns_name_dup() can return, if keynames!=NULL 632 */ 633 634isc_result_t 635dns_zone_setalsonotify(dns_zone_t *zone, const isc_sockaddr_t *notify, 636 uint32_t count); 637isc_result_t 638dns_zone_setalsonotifywithkeys(dns_zone_t *zone, const isc_sockaddr_t *notify, 639 dns_name_t **keynames, uint32_t count); 640isc_result_t 641dns_zone_setalsonotifydscpkeys(dns_zone_t *zone, const isc_sockaddr_t *notify, 642 const isc_dscp_t *dscps, dns_name_t **keynames, 643 uint32_t count); 644/*%< 645 * Set the list of additional servers to be notified when 646 * a zone changes. To clear the list use 'count = 0'. 647 * 648 * dns_zone_alsonotifywithkeys() allows each notify address to 649 * be associated with a TSIG key. 650 * 651 * Require: 652 *\li 'zone' to be a valid zone. 653 *\li 'notify' to be non-NULL if count != 0. 654 *\li 'count' to be the number of notifiees. 655 * 656 * Returns: 657 *\li #ISC_R_SUCCESS 658 *\li #ISC_R_NOMEMORY 659 */ 660 661void 662dns_zone_unload(dns_zone_t *zone); 663/*%< 664 * detach the database from the zone structure. 665 * 666 * Require: 667 *\li 'zone' to be a valid zone. 668 */ 669 670void 671dns_zone_setoption(dns_zone_t *zone, dns_zoneopt_t option, 672 bool value); 673/*%< 674 * Set the given options on ('value' == true) or off 675 * ('value' == #false). 676 * 677 * Require: 678 *\li 'zone' to be a valid zone. 679 */ 680 681dns_zoneopt_t 682dns_zone_getoptions(dns_zone_t *zone); 683/*%< 684 * Returns the current zone options. 685 * 686 * Require: 687 *\li 'zone' to be a valid zone. 688 */ 689 690void 691dns_zone_setkeyopt(dns_zone_t *zone, unsigned int option, bool value); 692/*%< 693 * Set key options on ('value' == true) or off ('value' == 694 * #false). 695 * 696 * Require: 697 *\li 'zone' to be a valid zone. 698 */ 699 700unsigned int 701dns_zone_getkeyopts(dns_zone_t *zone); 702/*%< 703 * Returns the current zone key options. 704 * 705 * Require: 706 *\li 'zone' to be a valid zone. 707 */ 708 709void 710dns_zone_setminrefreshtime(dns_zone_t *zone, uint32_t val); 711/*%< 712 * Set the minimum refresh time. 713 * 714 * Requires: 715 *\li 'zone' is valid. 716 *\li val > 0. 717 */ 718 719void 720dns_zone_setmaxrefreshtime(dns_zone_t *zone, uint32_t val); 721/*%< 722 * Set the maximum refresh time. 723 * 724 * Requires: 725 *\li 'zone' is valid. 726 *\li val > 0. 727 */ 728 729void 730dns_zone_setminretrytime(dns_zone_t *zone, uint32_t val); 731/*%< 732 * Set the minimum retry time. 733 * 734 * Requires: 735 *\li 'zone' is valid. 736 *\li val > 0. 737 */ 738 739void 740dns_zone_setmaxretrytime(dns_zone_t *zone, uint32_t val); 741/*%< 742 * Set the maximum retry time. 743 * 744 * Requires: 745 *\li 'zone' is valid. 746 * val > 0. 747 */ 748 749isc_result_t 750dns_zone_setxfrsource4(dns_zone_t *zone, const isc_sockaddr_t *xfrsource); 751isc_result_t 752dns_zone_setaltxfrsource4(dns_zone_t *zone, 753 const isc_sockaddr_t *xfrsource); 754/*%< 755 * Set the source address to be used in IPv4 zone transfers. 756 * 757 * Require: 758 *\li 'zone' to be a valid zone. 759 *\li 'xfrsource' to contain the address. 760 * 761 * Returns: 762 *\li #ISC_R_SUCCESS 763 */ 764 765isc_sockaddr_t * 766dns_zone_getxfrsource4(dns_zone_t *zone); 767isc_sockaddr_t * 768dns_zone_getaltxfrsource4(dns_zone_t *zone); 769/*%< 770 * Returns the source address set by a previous dns_zone_setxfrsource4 771 * call, or the default of inaddr_any, port 0. 772 * 773 * Require: 774 *\li 'zone' to be a valid zone. 775 */ 776 777isc_result_t 778dns_zone_setxfrsource4dscp(dns_zone_t *zone, isc_dscp_t dscp); 779isc_result_t 780dns_zone_setaltxfrsource4dscp(dns_zone_t *zone, isc_dscp_t dscp); 781/*%< 782 * Set the DSCP value associated with the transfer/alt-transfer source. 783 * 784 * Require: 785 *\li 'zone' to be a valid zone. 786 * 787 * Returns: 788 *\li #ISC_R_SUCCESS 789 */ 790 791isc_dscp_t 792dns_zone_getxfrsource4dscp(dns_zone_t *zone); 793isc_dscp_t 794dns_zone_getaltxfrsource4dscp(dns_zone_t *zone); 795/*%/ 796 * Get the DSCP value associated with the transfer/alt-transfer source. 797 * 798 * Require: 799 *\li 'zone' to be a valid zone. 800 */ 801 802 803isc_result_t 804dns_zone_setxfrsource6(dns_zone_t *zone, const isc_sockaddr_t *xfrsource); 805isc_result_t 806dns_zone_setaltxfrsource6(dns_zone_t *zone, 807 const isc_sockaddr_t *xfrsource); 808/*%< 809 * Set the source address to be used in IPv6 zone transfers. 810 * 811 * Require: 812 *\li 'zone' to be a valid zone. 813 *\li 'xfrsource' to contain the address. 814 * 815 * Returns: 816 *\li #ISC_R_SUCCESS 817 */ 818 819isc_sockaddr_t * 820dns_zone_getxfrsource6(dns_zone_t *zone); 821isc_sockaddr_t * 822dns_zone_getaltxfrsource6(dns_zone_t *zone); 823/*%< 824 * Returns the source address set by a previous dns_zone_setxfrsource6 825 * call, or the default of in6addr_any, port 0. 826 * 827 * Require: 828 *\li 'zone' to be a valid zone. 829 */ 830 831isc_dscp_t 832dns_zone_getxfrsource6dscp(dns_zone_t *zone); 833isc_dscp_t 834dns_zone_getaltxfrsource6dscp(dns_zone_t *zone); 835/*%/ 836 * Get the DSCP value associated with the transfer/alt-transfer source. 837 * 838 * Require: 839 *\li 'zone' to be a valid zone. 840 */ 841 842isc_result_t 843dns_zone_setxfrsource6dscp(dns_zone_t *zone, isc_dscp_t dscp); 844isc_result_t 845dns_zone_setaltxfrsource6dscp(dns_zone_t *zone, isc_dscp_t dscp); 846/*%< 847 * Set the DSCP value associated with the transfer/alt-transfer source. 848 * 849 * Require: 850 *\li 'zone' to be a valid zone. 851 * 852 * Returns: 853 *\li #ISC_R_SUCCESS 854 */ 855 856isc_result_t 857dns_zone_setnotifysrc4(dns_zone_t *zone, const isc_sockaddr_t *notifysrc); 858/*%< 859 * Set the source address to be used with IPv4 NOTIFY messages. 860 * 861 * Require: 862 *\li 'zone' to be a valid zone. 863 *\li 'notifysrc' to contain the address. 864 * 865 * Returns: 866 *\li #ISC_R_SUCCESS 867 */ 868 869isc_sockaddr_t * 870dns_zone_getnotifysrc4(dns_zone_t *zone); 871/*%< 872 * Returns the source address set by a previous dns_zone_setnotifysrc4 873 * call, or the default of inaddr_any, port 0. 874 * 875 * Require: 876 *\li 'zone' to be a valid zone. 877 */ 878 879isc_dscp_t 880dns_zone_getnotifysrc4dscp(dns_zone_t *zone); 881/*%/ 882 * Get the DSCP value associated with the IPv4 notify source. 883 * 884 * Require: 885 *\li 'zone' to be a valid zone. 886 */ 887 888isc_result_t 889dns_zone_setnotifysrc4dscp(dns_zone_t *zone, isc_dscp_t dscp); 890/*%< 891 * Set the DSCP value associated with the IPv4 notify source. 892 * 893 * Require: 894 *\li 'zone' to be a valid zone. 895 * 896 * Returns: 897 *\li #ISC_R_SUCCESS 898 */ 899 900isc_result_t 901dns_zone_setnotifysrc6(dns_zone_t *zone, const isc_sockaddr_t *notifysrc); 902/*%< 903 * Set the source address to be used with IPv6 NOTIFY messages. 904 * 905 * Require: 906 *\li 'zone' to be a valid zone. 907 *\li 'notifysrc' to contain the address. 908 * 909 * Returns: 910 *\li #ISC_R_SUCCESS 911 */ 912 913isc_sockaddr_t * 914dns_zone_getnotifysrc6(dns_zone_t *zone); 915/*%< 916 * Returns the source address set by a previous dns_zone_setnotifysrc6 917 * call, or the default of in6addr_any, port 0. 918 * 919 * Require: 920 *\li 'zone' to be a valid zone. 921 */ 922 923isc_dscp_t 924dns_zone_getnotifysrc6dscp(dns_zone_t *zone); 925/*%/ 926 * Get the DSCP value associated with the IPv6 notify source. 927 * 928 * Require: 929 *\li 'zone' to be a valid zone. 930 */ 931 932isc_result_t 933dns_zone_setnotifysrc6dscp(dns_zone_t *zone, isc_dscp_t dscp); 934/*%< 935 * Set the DSCP value associated with the IPv6 notify source. 936 * 937 * Require: 938 *\li 'zone' to be a valid zone. 939 * 940 * Returns: 941 *\li #ISC_R_SUCCESS 942 */ 943 944void 945dns_zone_setnotifyacl(dns_zone_t *zone, dns_acl_t *acl); 946/*%< 947 * Sets the notify acl list for the zone. 948 * 949 * Require: 950 *\li 'zone' to be a valid zone. 951 *\li 'acl' to be a valid acl. 952 */ 953 954void 955dns_zone_setqueryacl(dns_zone_t *zone, dns_acl_t *acl); 956/*%< 957 * Sets the query acl list for the zone. 958 * 959 * Require: 960 *\li 'zone' to be a valid zone. 961 *\li 'acl' to be a valid acl. 962 */ 963 964void 965dns_zone_setqueryonacl(dns_zone_t *zone, dns_acl_t *acl); 966/*%< 967 * Sets the query-on acl list for the zone. 968 * 969 * Require: 970 *\li 'zone' to be a valid zone. 971 *\li 'acl' to be a valid acl. 972 */ 973 974void 975dns_zone_setupdateacl(dns_zone_t *zone, dns_acl_t *acl); 976/*%< 977 * Sets the update acl list for the zone. 978 * 979 * Require: 980 *\li 'zone' to be a valid zone. 981 *\li 'acl' to be valid acl. 982 */ 983 984void 985dns_zone_setforwardacl(dns_zone_t *zone, dns_acl_t *acl); 986/*%< 987 * Sets the forward unsigned updates acl list for the zone. 988 * 989 * Require: 990 *\li 'zone' to be a valid zone. 991 *\li 'acl' to be valid acl. 992 */ 993 994void 995dns_zone_setxfracl(dns_zone_t *zone, dns_acl_t *acl); 996/*%< 997 * Sets the transfer acl list for the zone. 998 * 999 * Require: 1000 *\li 'zone' to be a valid zone. 1001 *\li 'acl' to be valid acl. 1002 */ 1003 1004dns_acl_t * 1005dns_zone_getnotifyacl(dns_zone_t *zone); 1006/*%< 1007 * Returns the current notify acl or NULL. 1008 * 1009 * Require: 1010 *\li 'zone' to be a valid zone. 1011 * 1012 * Returns: 1013 *\li acl a pointer to the acl. 1014 *\li NULL 1015 */ 1016 1017dns_acl_t * 1018dns_zone_getqueryacl(dns_zone_t *zone); 1019/*%< 1020 * Returns the current query acl or NULL. 1021 * 1022 * Require: 1023 *\li 'zone' to be a valid zone. 1024 * 1025 * Returns: 1026 *\li acl a pointer to the acl. 1027 *\li NULL 1028 */ 1029 1030dns_acl_t * 1031dns_zone_getqueryonacl(dns_zone_t *zone); 1032/*%< 1033 * Returns the current query-on acl or NULL. 1034 * 1035 * Require: 1036 *\li 'zone' to be a valid zone. 1037 * 1038 * Returns: 1039 *\li acl a pointer to the acl. 1040 *\li NULL 1041 */ 1042 1043dns_acl_t * 1044dns_zone_getupdateacl(dns_zone_t *zone); 1045/*%< 1046 * Returns the current update acl or NULL. 1047 * 1048 * Require: 1049 *\li 'zone' to be a valid zone. 1050 * 1051 * Returns: 1052 *\li acl a pointer to the acl. 1053 *\li NULL 1054 */ 1055 1056dns_acl_t * 1057dns_zone_getforwardacl(dns_zone_t *zone); 1058/*%< 1059 * Returns the current forward unsigned updates acl or NULL. 1060 * 1061 * Require: 1062 *\li 'zone' to be a valid zone. 1063 * 1064 * Returns: 1065 *\li acl a pointer to the acl. 1066 *\li NULL 1067 */ 1068 1069dns_acl_t * 1070dns_zone_getxfracl(dns_zone_t *zone); 1071/*%< 1072 * Returns the current transfer acl or NULL. 1073 * 1074 * Require: 1075 *\li 'zone' to be a valid zone. 1076 * 1077 * Returns: 1078 *\li acl a pointer to the acl. 1079 *\li NULL 1080 */ 1081 1082void 1083dns_zone_clearupdateacl(dns_zone_t *zone); 1084/*%< 1085 * Clear the current update acl. 1086 * 1087 * Require: 1088 *\li 'zone' to be a valid zone. 1089 */ 1090 1091void 1092dns_zone_clearforwardacl(dns_zone_t *zone); 1093/*%< 1094 * Clear the current forward unsigned updates acl. 1095 * 1096 * Require: 1097 *\li 'zone' to be a valid zone. 1098 */ 1099 1100void 1101dns_zone_clearnotifyacl(dns_zone_t *zone); 1102/*%< 1103 * Clear the current notify acl. 1104 * 1105 * Require: 1106 *\li 'zone' to be a valid zone. 1107 */ 1108 1109void 1110dns_zone_clearqueryacl(dns_zone_t *zone); 1111/*%< 1112 * Clear the current query acl. 1113 * 1114 * Require: 1115 *\li 'zone' to be a valid zone. 1116 */ 1117 1118void 1119dns_zone_clearqueryonacl(dns_zone_t *zone); 1120/*%< 1121 * Clear the current query-on acl. 1122 * 1123 * Require: 1124 *\li 'zone' to be a valid zone. 1125 */ 1126 1127void 1128dns_zone_clearxfracl(dns_zone_t *zone); 1129/*%< 1130 * Clear the current transfer acl. 1131 * 1132 * Require: 1133 *\li 'zone' to be a valid zone. 1134 */ 1135 1136bool 1137dns_zone_getupdatedisabled(dns_zone_t *zone); 1138/*%< 1139 * Return update disabled. 1140 * Transient unless called when running in isc_task_exclusive() mode. 1141 */ 1142 1143void 1144dns_zone_setupdatedisabled(dns_zone_t *zone, bool state); 1145/*%< 1146 * Set update disabled. 1147 * Should only be called only when running in isc_task_exclusive() mode. 1148 * Failure to do so may result in updates being committed after the 1149 * call has been made. 1150 */ 1151 1152bool 1153dns_zone_getzeronosoattl(dns_zone_t *zone); 1154/*%< 1155 * Return zero-no-soa-ttl status. 1156 */ 1157 1158void 1159dns_zone_setzeronosoattl(dns_zone_t *zone, bool state); 1160/*%< 1161 * Set zero-no-soa-ttl status. 1162 */ 1163 1164void 1165dns_zone_setchecknames(dns_zone_t *zone, dns_severity_t severity); 1166/*%< 1167 * Set the severity of name checking when loading a zone. 1168 * 1169 * Require: 1170 * \li 'zone' to be a valid zone. 1171 */ 1172 1173dns_severity_t 1174dns_zone_getchecknames(dns_zone_t *zone); 1175/*%< 1176 * Return the current severity of name checking. 1177 * 1178 * Require: 1179 *\li 'zone' to be a valid zone. 1180 */ 1181 1182void 1183dns_zone_setjournalsize(dns_zone_t *zone, int32_t size); 1184/*%< 1185 * Sets the journal size for the zone. 1186 * 1187 * Requires: 1188 *\li 'zone' to be a valid zone. 1189 */ 1190 1191int32_t 1192dns_zone_getjournalsize(dns_zone_t *zone); 1193/*%< 1194 * Return the journal size as set with a previous call to 1195 * dns_zone_setjournalsize(). 1196 * 1197 * Requires: 1198 *\li 'zone' to be a valid zone. 1199 */ 1200 1201isc_result_t 1202dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from, 1203 isc_sockaddr_t *to, dns_message_t *msg); 1204/*%< 1205 * Tell the zone that it has received a NOTIFY message from another 1206 * server. This may cause some zone maintenance activity to occur. 1207 * 1208 * Requires: 1209 *\li 'zone' to be a valid zone. 1210 *\li '*from' to contain the address of the server from which 'msg' 1211 * was received. 1212 *\li 'msg' a message with opcode NOTIFY and qr clear. 1213 * 1214 * Returns: 1215 *\li DNS_R_REFUSED 1216 *\li DNS_R_NOTIMP 1217 *\li DNS_R_FORMERR 1218 *\li DNS_R_SUCCESS 1219 */ 1220 1221void 1222dns_zone_setmaxxfrin(dns_zone_t *zone, uint32_t maxxfrin); 1223/*%< 1224 * Set the maximum time (in seconds) that a zone transfer in (AXFR/IXFR) 1225 * of this zone will use before being aborted. 1226 * 1227 * Requires: 1228 * \li 'zone' to be valid initialised zone. 1229 */ 1230 1231uint32_t 1232dns_zone_getmaxxfrin(dns_zone_t *zone); 1233/*%< 1234 * Returns the maximum transfer time for this zone. This will be 1235 * either the value set by the last call to dns_zone_setmaxxfrin() or 1236 * the default value of 1 hour. 1237 * 1238 * Requires: 1239 *\li 'zone' to be valid initialised zone. 1240 */ 1241 1242void 1243dns_zone_setmaxxfrout(dns_zone_t *zone, uint32_t maxxfrout); 1244/*%< 1245 * Set the maximum time (in seconds) that a zone transfer out (AXFR/IXFR) 1246 * of this zone will use before being aborted. 1247 * 1248 * Requires: 1249 * \li 'zone' to be valid initialised zone. 1250 */ 1251 1252uint32_t 1253dns_zone_getmaxxfrout(dns_zone_t *zone); 1254/*%< 1255 * Returns the maximum transfer time for this zone. This will be 1256 * either the value set by the last call to dns_zone_setmaxxfrout() or 1257 * the default value of 1 hour. 1258 * 1259 * Requires: 1260 *\li 'zone' to be valid initialised zone. 1261 */ 1262 1263isc_result_t 1264dns_zone_setjournal(dns_zone_t *zone, const char *myjournal); 1265/*%< 1266 * Sets the filename used for journaling updates / IXFR transfers. 1267 * The default journal name is set by dns_zone_setfile() to be 1268 * "file.jnl". If 'myjournal' is NULL, the zone will have no 1269 * journal name. 1270 * 1271 * Requires: 1272 *\li 'zone' to be a valid zone. 1273 * 1274 * Returns: 1275 *\li #ISC_R_SUCCESS 1276 *\li #ISC_R_NOMEMORY 1277 */ 1278 1279char * 1280dns_zone_getjournal(dns_zone_t *zone); 1281/*%< 1282 * Returns the journal name associated with this zone. 1283 * If no journal has been set this will be NULL. 1284 * 1285 * Requires: 1286 *\li 'zone' to be valid initialised zone. 1287 */ 1288 1289dns_zonetype_t 1290dns_zone_gettype(dns_zone_t *zone); 1291/*%< 1292 * Returns the type of the zone (master/slave/etc.) 1293 * 1294 * Requires: 1295 *\li 'zone' to be valid initialised zone. 1296 */ 1297 1298dns_zonetype_t 1299dns_zone_getredirecttype(dns_zone_t *zone); 1300/*%< 1301 * Returns whether the redirect zone is configured as a master or a 1302 * slave zone. 1303 * 1304 * Requires: 1305 *\li 'zone' to be valid initialised zone. 1306 *\li 'zone' to be a redirect zone. 1307 * 1308 * Returns: 1309 *\li 'dns_zone_master' 1310 *\li 'dns_zone_slave' 1311 */ 1312 1313void 1314dns_zone_settask(dns_zone_t *zone, isc_task_t *task); 1315/*%< 1316 * Give a zone a task to work with. Any current task will be detached. 1317 * 1318 * Requires: 1319 *\li 'zone' to be valid. 1320 *\li 'task' to be valid. 1321 */ 1322 1323void 1324dns_zone_gettask(dns_zone_t *zone, isc_task_t **target); 1325/*%< 1326 * Attach '*target' to the zone's task. 1327 * 1328 * Requires: 1329 *\li 'zone' to be valid initialised zone. 1330 *\li 'zone' to have a task. 1331 *\li 'target' to be != NULL && '*target' == NULL. 1332 */ 1333 1334void 1335dns_zone_notify(dns_zone_t *zone); 1336/*%< 1337 * Generate notify events for this zone. 1338 * 1339 * Requires: 1340 *\li 'zone' to be a valid zone. 1341 */ 1342 1343isc_result_t 1344dns_zone_replacedb(dns_zone_t *zone, dns_db_t *db, bool dump); 1345/*%< 1346 * Replace the database of "zone" with a new database "db". 1347 * 1348 * If "dump" is true, then the new zone contents are dumped 1349 * into to the zone's master file for persistence. When replacing 1350 * a zone database by one just loaded from a master file, set 1351 * "dump" to false to avoid a redundant redump of the data just 1352 * loaded. Otherwise, it should be set to true. 1353 * 1354 * If the "diff-on-reload" option is enabled in the configuration file, 1355 * the differences between the old and the new database are added to the 1356 * journal file, and the master file dump is postponed. 1357 * 1358 * Requires: 1359 * \li 'zone' to be a valid zone. 1360 * 1361 * Returns: 1362 * \li DNS_R_SUCCESS 1363 * \li DNS_R_BADZONE zone failed basic consistency checks: 1364 * * a single SOA must exist 1365 * * some NS records must exist. 1366 * Others 1367 */ 1368 1369uint32_t 1370dns_zone_getidlein(dns_zone_t *zone); 1371/*%< 1372 * Requires: 1373 * \li 'zone' to be a valid zone. 1374 * 1375 * Returns: 1376 * \li number of seconds of idle time before we abort the transfer in. 1377 */ 1378 1379void 1380dns_zone_setidlein(dns_zone_t *zone, uint32_t idlein); 1381/*%< 1382 * \li Set the idle timeout for transfer the. 1383 * \li Zero set the default value, 1 hour. 1384 * 1385 * Requires: 1386 * \li 'zone' to be a valid zone. 1387 */ 1388 1389uint32_t 1390dns_zone_getidleout(dns_zone_t *zone); 1391/*%< 1392 * 1393 * Requires: 1394 * \li 'zone' to be a valid zone. 1395 * 1396 * Returns: 1397 * \li number of seconds of idle time before we abort a transfer out. 1398 */ 1399 1400void 1401dns_zone_setidleout(dns_zone_t *zone, uint32_t idleout); 1402/*%< 1403 * \li Set the idle timeout for transfers out. 1404 * \li Zero set the default value, 1 hour. 1405 * 1406 * Requires: 1407 * \li 'zone' to be a valid zone. 1408 */ 1409 1410void 1411dns_zone_getssutable(dns_zone_t *zone, dns_ssutable_t **table); 1412/*%< 1413 * Get the simple-secure-update policy table. 1414 * 1415 * Requires: 1416 * \li 'zone' to be a valid zone. 1417 */ 1418 1419void 1420dns_zone_setssutable(dns_zone_t *zone, dns_ssutable_t *table); 1421/*%< 1422 * Set / clear the simple-secure-update policy table. 1423 * 1424 * Requires: 1425 * \li 'zone' to be a valid zone. 1426 */ 1427 1428isc_mem_t * 1429dns_zone_getmctx(dns_zone_t *zone); 1430/*%< 1431 * Get the memory context of a zone. 1432 * 1433 * Requires: 1434 * \li 'zone' to be a valid zone. 1435 */ 1436 1437dns_zonemgr_t * 1438dns_zone_getmgr(dns_zone_t *zone); 1439/*%< 1440 * If 'zone' is managed return the zone manager otherwise NULL. 1441 * 1442 * Requires: 1443 * \li 'zone' to be a valid zone. 1444 */ 1445 1446void 1447dns_zone_setsigvalidityinterval(dns_zone_t *zone, uint32_t interval); 1448/*%< 1449 * Set the zone's general signature validity interval. This is the length 1450 * of time for which DNSSEC signatures created as a result of dynamic 1451 * updates to secure zones will remain valid, in seconds. 1452 * 1453 * Requires: 1454 * \li 'zone' to be a valid zone. 1455 */ 1456 1457uint32_t 1458dns_zone_getsigvalidityinterval(dns_zone_t *zone); 1459/*%< 1460 * Get the zone's general signature validity interval. 1461 * 1462 * Requires: 1463 * \li 'zone' to be a valid zone. 1464 */ 1465 1466void 1467dns_zone_setkeyvalidityinterval(dns_zone_t *zone, uint32_t interval); 1468/*%< 1469 * Set the zone's DNSKEY signature validity interval. This is the length 1470 * of time for which DNSSEC signatures created for DNSKEY records 1471 * will remain valid, in seconds. 1472 * 1473 * If this value is set to zero, then the regular signature validity 1474 * interval (see dns_zone_setsigvalidityinterval(), above) is used 1475 * for all RRSIGs. However, if this value is nonzero, then it is used 1476 * as the validity interval for RRSIGs covering DNSKEY and CDNSKEY 1477 * RRsets. 1478 * 1479 * Requires: 1480 * \li 'zone' to be a valid zone. 1481 */ 1482 1483uint32_t 1484dns_zone_getkeyvalidityinterval(dns_zone_t *zone); 1485/*%< 1486 * Get the zone's DNSKEY signature validity interval. 1487 * 1488 * Requires: 1489 * \li 'zone' to be a valid zone. 1490 */ 1491 1492void 1493dns_zone_setsigresigninginterval(dns_zone_t *zone, uint32_t interval); 1494/*%< 1495 * Set the zone's RRSIG re-signing interval. A dynamic zone's RRSIG's 1496 * will be re-signed 'interval' amount of time before they expire. 1497 * 1498 * Requires: 1499 * \li 'zone' to be a valid zone. 1500 */ 1501 1502uint32_t 1503dns_zone_getsigresigninginterval(dns_zone_t *zone); 1504/*%< 1505 * Get the zone's RRSIG re-signing interval. 1506 * 1507 * Requires: 1508 * \li 'zone' to be a valid zone. 1509 */ 1510 1511void 1512dns_zone_setnotifytype(dns_zone_t *zone, dns_notifytype_t notifytype); 1513/*%< 1514 * Sets zone notify method to "notifytype" 1515 */ 1516 1517isc_result_t 1518dns_zone_forwardupdate(dns_zone_t *zone, dns_message_t *msg, 1519 dns_updatecallback_t callback, void *callback_arg); 1520/*%< 1521 * Forward 'msg' to each master in turn until we get an answer or we 1522 * have exhausted the list of masters. 'callback' will be called with 1523 * ISC_R_SUCCESS if we get an answer and the returned message will be 1524 * passed as 'answer_message', otherwise a non ISC_R_SUCCESS result code 1525 * will be passed and answer_message will be NULL. The callback function 1526 * is responsible for destroying 'answer_message'. 1527 * (callback)(callback_arg, result, answer_message); 1528 * 1529 * Require: 1530 *\li 'zone' to be valid 1531 *\li 'msg' to be valid. 1532 *\li 'callback' to be non NULL. 1533 * Returns: 1534 *\li #ISC_R_SUCCESS if the message has been forwarded, 1535 *\li #ISC_R_NOMEMORY 1536 *\li Others 1537 */ 1538 1539isc_result_t 1540dns_zone_next(dns_zone_t *zone, dns_zone_t **next); 1541/*%< 1542 * Find the next zone in the list of managed zones. 1543 * 1544 * Requires: 1545 *\li 'zone' to be valid 1546 *\li The zone manager for the indicated zone MUST be locked 1547 * by the caller. This is not checked. 1548 *\li 'next' be non-NULL, and '*next' be NULL. 1549 * 1550 * Ensures: 1551 *\li 'next' points to a valid zone (result ISC_R_SUCCESS) or to NULL 1552 * (result ISC_R_NOMORE). 1553 */ 1554 1555 1556 1557isc_result_t 1558dns_zone_first(dns_zonemgr_t *zmgr, dns_zone_t **first); 1559/*%< 1560 * Find the first zone in the list of managed zones. 1561 * 1562 * Requires: 1563 *\li 'zonemgr' to be valid 1564 *\li The zone manager for the indicated zone MUST be locked 1565 * by the caller. This is not checked. 1566 *\li 'first' be non-NULL, and '*first' be NULL 1567 * 1568 * Ensures: 1569 *\li 'first' points to a valid zone (result ISC_R_SUCCESS) or to NULL 1570 * (result ISC_R_NOMORE). 1571 */ 1572 1573isc_result_t 1574dns_zone_setkeydirectory(dns_zone_t *zone, const char *directory); 1575/*%< 1576 * Sets the name of the directory where private keys used for 1577 * online signing of dynamic zones are found. 1578 * 1579 * Require: 1580 *\li 'zone' to be a valid zone. 1581 * 1582 * Returns: 1583 *\li #ISC_R_NOMEMORY 1584 *\li #ISC_R_SUCCESS 1585 */ 1586 1587const char * 1588dns_zone_getkeydirectory(dns_zone_t *zone); 1589/*%< 1590 * Gets the name of the directory where private keys used for 1591 * online signing of dynamic zones are found. 1592 * 1593 * Requires: 1594 *\li 'zone' to be valid initialised zone. 1595 * 1596 * Returns: 1597 * Pointer to null-terminated file name, or NULL. 1598 */ 1599 1600 1601isc_result_t 1602dns_zonemgr_create(isc_mem_t *mctx, isc_taskmgr_t *taskmgr, 1603 isc_timermgr_t *timermgr, isc_socketmgr_t *socketmgr, 1604 dns_zonemgr_t **zmgrp); 1605/*%< 1606 * Create a zone manager. Note: the zone manager will not be able to 1607 * manage any zones until dns_zonemgr_setsize() has been run. 1608 * 1609 * Requires: 1610 *\li 'mctx' to be a valid memory context. 1611 *\li 'taskmgr' to be a valid task manager. 1612 *\li 'timermgr' to be a valid timer manager. 1613 *\li 'zmgrp' to point to a NULL pointer. 1614 */ 1615 1616isc_result_t 1617dns_zonemgr_setsize(dns_zonemgr_t *zmgr, int num_zones); 1618/*%< 1619 * Set the size of the zone manager task pool. This must be run 1620 * before zmgr can be used for managing zones. Currently, it can only 1621 * be run once; the task pool cannot be resized. 1622 * 1623 * Requires: 1624 *\li zmgr is a valid zone manager. 1625 *\li zmgr->zonetasks has been initialized. 1626 */ 1627 1628isc_result_t 1629dns_zonemgr_createzone(dns_zonemgr_t *zmgr, dns_zone_t **zonep); 1630/*%< 1631 * Allocate a new zone using a memory context from the 1632 * zone manager's memory context pool. 1633 * 1634 * Require: 1635 *\li 'zmgr' to be a valid zone manager. 1636 *\li 'zonep' != NULL and '*zonep' == NULL. 1637 */ 1638 1639 1640isc_result_t 1641dns_zonemgr_managezone(dns_zonemgr_t *zmgr, dns_zone_t *zone); 1642/*%< 1643 * Bring the zone under control of a zone manager. 1644 * 1645 * Require: 1646 *\li 'zmgr' to be a valid zone manager. 1647 *\li 'zone' to be a valid zone. 1648 */ 1649 1650isc_result_t 1651dns_zonemgr_forcemaint(dns_zonemgr_t *zmgr); 1652/*%< 1653 * Force zone maintenance of all loaded zones managed by 'zmgr' 1654 * to take place at the system's earliest convenience. 1655 */ 1656 1657void 1658dns__zonemgr_run(isc_task_t *task, isc_event_t *event); 1659/*%< 1660 * Event handler to call dns_zonemgr_forcemaint(); used to start 1661 * zone operations from a unit test. Not intended for use outside 1662 * libdns or related tests. 1663 */ 1664 1665void 1666dns_zonemgr_resumexfrs(dns_zonemgr_t *zmgr); 1667/*%< 1668 * Attempt to start any stalled zone transfers. 1669 */ 1670 1671void 1672dns_zonemgr_shutdown(dns_zonemgr_t *zmgr); 1673/*%< 1674 * Shut down the zone manager. 1675 * 1676 * Requires: 1677 *\li 'zmgr' to be a valid zone manager. 1678 */ 1679 1680void 1681dns_zonemgr_attach(dns_zonemgr_t *source, dns_zonemgr_t **target); 1682/*%< 1683 * Attach '*target' to 'source' incrementing its external 1684 * reference count. 1685 * 1686 * Require: 1687 *\li 'zone' to be a valid zone. 1688 *\li 'target' to be non NULL and '*target' to be NULL. 1689 */ 1690 1691void 1692dns_zonemgr_detach(dns_zonemgr_t **zmgrp); 1693/*%< 1694 * Detach from a zone manager. 1695 * 1696 * Requires: 1697 *\li '*zmgrp' is a valid, non-NULL zone manager pointer. 1698 * 1699 * Ensures: 1700 *\li '*zmgrp' is NULL. 1701 */ 1702 1703void 1704dns_zonemgr_releasezone(dns_zonemgr_t *zmgr, dns_zone_t *zone); 1705/*%< 1706 * Release 'zone' from the managed by 'zmgr'. 'zmgr' is implicitly 1707 * detached from 'zone'. 1708 * 1709 * Requires: 1710 *\li 'zmgr' to be a valid zone manager. 1711 *\li 'zone' to be a valid zone. 1712 *\li 'zmgr' == 'zone->zmgr' 1713 * 1714 * Ensures: 1715 *\li 'zone->zmgr' == NULL; 1716 */ 1717 1718void 1719dns_zonemgr_settransfersin(dns_zonemgr_t *zmgr, uint32_t value); 1720/*%< 1721 * Set the maximum number of simultaneous transfers in allowed by 1722 * the zone manager. 1723 * 1724 * Requires: 1725 *\li 'zmgr' to be a valid zone manager. 1726 */ 1727 1728uint32_t 1729dns_zonemgr_getttransfersin(dns_zonemgr_t *zmgr); 1730/*%< 1731 * Return the maximum number of simultaneous transfers in allowed. 1732 * 1733 * Requires: 1734 *\li 'zmgr' to be a valid zone manager. 1735 */ 1736 1737void 1738dns_zonemgr_settransfersperns(dns_zonemgr_t *zmgr, uint32_t value); 1739/*%< 1740 * Set the number of zone transfers allowed per nameserver. 1741 * 1742 * Requires: 1743 *\li 'zmgr' to be a valid zone manager 1744 */ 1745 1746uint32_t 1747dns_zonemgr_getttransfersperns(dns_zonemgr_t *zmgr); 1748/*%< 1749 * Return the number of transfers allowed per nameserver. 1750 * 1751 * Requires: 1752 *\li 'zmgr' to be a valid zone manager. 1753 */ 1754 1755void 1756dns_zonemgr_setiolimit(dns_zonemgr_t *zmgr, uint32_t iolimit); 1757/*%< 1758 * Set the number of simultaneous file descriptors available for 1759 * reading and writing masterfiles. 1760 * 1761 * Requires: 1762 *\li 'zmgr' to be a valid zone manager. 1763 *\li 'iolimit' to be positive. 1764 */ 1765 1766uint32_t 1767dns_zonemgr_getiolimit(dns_zonemgr_t *zmgr); 1768/*%< 1769 * Get the number of simultaneous file descriptors available for 1770 * reading and writing masterfiles. 1771 * 1772 * Requires: 1773 *\li 'zmgr' to be a valid zone manager. 1774 */ 1775 1776void 1777dns_zonemgr_setnotifyrate(dns_zonemgr_t *zmgr, unsigned int value); 1778/*%< 1779 * Set the number of NOTIFY requests sent per second. 1780 * 1781 * Requires: 1782 *\li 'zmgr' to be a valid zone manager 1783 */ 1784 1785void 1786dns_zonemgr_setstartupnotifyrate(dns_zonemgr_t *zmgr, unsigned int value); 1787/*%< 1788 * Set the number of startup NOTIFY requests sent per second. 1789 * 1790 * Requires: 1791 *\li 'zmgr' to be a valid zone manager 1792 */ 1793 1794void 1795dns_zonemgr_setserialqueryrate(dns_zonemgr_t *zmgr, unsigned int value); 1796/*%< 1797 * Set the number of SOA queries sent per second. 1798 * 1799 * Requires: 1800 *\li 'zmgr' to be a valid zone manager 1801 */ 1802 1803unsigned int 1804dns_zonemgr_getnotifyrate(dns_zonemgr_t *zmgr); 1805/*%< 1806 * Return the number of NOTIFY requests sent per second. 1807 * 1808 * Requires: 1809 *\li 'zmgr' to be a valid zone manager. 1810 */ 1811 1812unsigned int 1813dns_zonemgr_getstartupnotifyrate(dns_zonemgr_t *zmgr); 1814/*%< 1815 * Return the number of startup NOTIFY requests sent per second. 1816 * 1817 * Requires: 1818 *\li 'zmgr' to be a valid zone manager. 1819 */ 1820 1821unsigned int 1822dns_zonemgr_getserialqueryrate(dns_zonemgr_t *zmgr); 1823/*%< 1824 * Return the number of SOA queries sent per second. 1825 * 1826 * Requires: 1827 *\li 'zmgr' to be a valid zone manager. 1828 */ 1829 1830unsigned int 1831dns_zonemgr_getcount(dns_zonemgr_t *zmgr, int state); 1832/*%< 1833 * Returns the number of zones in the specified state. 1834 * 1835 * Requires: 1836 *\li 'zmgr' to be a valid zone manager. 1837 *\li 'state' to be a valid DNS_ZONESTATE_ constant. 1838 */ 1839 1840void 1841dns_zonemgr_unreachableadd(dns_zonemgr_t *zmgr, isc_sockaddr_t *remote, 1842 isc_sockaddr_t *local, isc_time_t *now); 1843/*%< 1844 * Add the pair of addresses to the unreachable cache. 1845 * 1846 * Requires: 1847 *\li 'zmgr' to be a valid zone manager. 1848 *\li 'remote' to be a valid sockaddr. 1849 *\li 'local' to be a valid sockaddr. 1850 */ 1851 1852bool 1853dns_zonemgr_unreachable(dns_zonemgr_t *zmgr, isc_sockaddr_t *remote, 1854 isc_sockaddr_t *local, isc_time_t *now); 1855/*%< 1856 * Returns true if the given local/remote address pair 1857 * is found in the zone maanger's unreachable cache. 1858 * 1859 * Requires: 1860 *\li 'zmgr' to be a valid zone manager. 1861 *\li 'remote' to be a valid sockaddr. 1862 *\li 'local' to be a valid sockaddr. 1863 *\li 'now' != NULL 1864 */ 1865 1866void 1867dns_zonemgr_unreachabledel(dns_zonemgr_t *zmgr, isc_sockaddr_t *remote, 1868 isc_sockaddr_t *local); 1869/*%< 1870 * Remove the pair of addresses from the unreachable cache. 1871 * 1872 * Requires: 1873 *\li 'zmgr' to be a valid zone manager. 1874 *\li 'remote' to be a valid sockaddr. 1875 *\li 'local' to be a valid sockaddr. 1876 */ 1877 1878void 1879dns_zone_forcereload(dns_zone_t *zone); 1880/*%< 1881 * Force a reload of specified zone. 1882 * 1883 * Requires: 1884 *\li 'zone' to be a valid zone. 1885 */ 1886 1887bool 1888dns_zone_isforced(dns_zone_t *zone); 1889/*%< 1890 * Check if the zone is waiting a forced reload. 1891 * 1892 * Requires: 1893 * \li 'zone' to be a valid zone. 1894 */ 1895 1896isc_result_t 1897dns_zone_setstatistics(dns_zone_t *zone, bool on); 1898/*%< 1899 * This function is obsoleted by dns_zone_setrequeststats(). 1900 */ 1901 1902uint64_t * 1903dns_zone_getstatscounters(dns_zone_t *zone); 1904/*%< 1905 * This function is obsoleted by dns_zone_getrequeststats(). 1906 */ 1907 1908void 1909dns_zone_setstats(dns_zone_t *zone, isc_stats_t *stats); 1910/*%< 1911 * Set a general zone-maintenance statistics set 'stats' for 'zone'. This 1912 * function is expected to be called only on zone creation (when necessary). 1913 * Once installed, it cannot be removed or replaced. Also, there is no 1914 * interface to get the installed stats from the zone; the caller must keep the 1915 * stats to reference (e.g. dump) it later. 1916 * 1917 * Requires: 1918 * \li 'zone' to be a valid zone and does not have a statistics set already 1919 * installed. 1920 * 1921 *\li stats is a valid statistics supporting zone statistics counters 1922 * (see dns/stats.h). 1923 */ 1924 1925void 1926dns_zone_setrequeststats(dns_zone_t *zone, isc_stats_t *stats); 1927 1928void 1929dns_zone_setrcvquerystats(dns_zone_t *zone, dns_stats_t *stats); 1930/*%< 1931 * Set additional statistics sets to zone. These are attached to the zone 1932 * but are not counted in the zone module; only the caller updates the 1933 * counters. 1934 * 1935 * Requires: 1936 * \li 'zone' to be a valid zone. 1937 * 1938 *\li stats is a valid statistics. 1939 */ 1940 1941isc_stats_t * 1942dns_zone_getrequeststats(dns_zone_t *zone); 1943 1944dns_stats_t * 1945dns_zone_getrcvquerystats(dns_zone_t *zone); 1946/*%< 1947 * Get the additional statistics for zone, if one is installed. 1948 * 1949 * Requires: 1950 * \li 'zone' to be a valid zone. 1951 * 1952 * Returns: 1953 * \li when available, a pointer to the statistics set installed in zone; 1954 * otherwise NULL. 1955 */ 1956 1957void 1958dns_zone_dialup(dns_zone_t *zone); 1959/*%< 1960 * Perform dialup-time maintenance on 'zone'. 1961 */ 1962 1963void 1964dns_zone_setdialup(dns_zone_t *zone, dns_dialuptype_t dialup); 1965/*%< 1966 * Set the dialup type of 'zone' to 'dialup'. 1967 * 1968 * Requires: 1969 * \li 'zone' to be valid initialised zone. 1970 *\li 'dialup' to be a valid dialup type. 1971 */ 1972 1973void 1974dns_zone_logv(dns_zone_t *zone, isc_logcategory_t *category, int level, 1975 const char *prefix, const char *msg, va_list ap); 1976/*%< 1977 * Log the message 'msg...' at 'level' using log category 'category', including 1978 * text that identifies the message as applying to 'zone'. If the (optional) 1979 * 'prefix' is not NULL, it will be placed at the start of the entire log line. 1980 */ 1981 1982void 1983dns_zone_log(dns_zone_t *zone, int level, const char *msg, ...) 1984 ISC_FORMAT_PRINTF(3, 4); 1985/*%< 1986 * Log the message 'msg...' at 'level', including text that identifies 1987 * the message as applying to 'zone'. 1988 */ 1989 1990void 1991dns_zone_logc(dns_zone_t *zone, isc_logcategory_t *category, int level, 1992 const char *msg, ...) ISC_FORMAT_PRINTF(4, 5); 1993/*%< 1994 * Log the message 'msg...' at 'level', including text that identifies 1995 * the message as applying to 'zone'. 1996 */ 1997 1998void 1999dns_zone_name(dns_zone_t *zone, char *buf, size_t len); 2000/*%< 2001 * Return the name of the zone with class and view. 2002 * 2003 * Requires: 2004 *\li 'zone' to be valid. 2005 *\li 'buf' to be non NULL. 2006 */ 2007 2008void 2009dns_zone_nameonly(dns_zone_t *zone, char *buf, size_t len); 2010/*%< 2011 * Return the name of the zone only. 2012 * 2013 * Requires: 2014 *\li 'zone' to be valid. 2015 *\li 'buf' to be non NULL. 2016 */ 2017 2018isc_result_t 2019dns_zone_checknames(dns_zone_t *zone, const dns_name_t *name, 2020 dns_rdata_t *rdata); 2021/*%< 2022 * Check if this record meets the check-names policy. 2023 * 2024 * Requires: 2025 * 'zone' to be valid. 2026 * 'name' to be valid. 2027 * 'rdata' to be valid. 2028 * 2029 * Returns: 2030 * DNS_R_SUCCESS passed checks. 2031 * DNS_R_BADOWNERNAME failed ownername checks. 2032 * DNS_R_BADNAME failed rdata checks. 2033 */ 2034 2035void 2036dns_zone_setcheckmx(dns_zone_t *zone, dns_checkmxfunc_t checkmx); 2037/*%< 2038 * Set the post load integrity callback function 'checkmx'. 2039 * 'checkmx' will be called if the MX TARGET is not within the zone. 2040 * 2041 * Require: 2042 * 'zone' to be a valid zone. 2043 */ 2044 2045void 2046dns_zone_setchecksrv(dns_zone_t *zone, dns_checkmxfunc_t checksrv); 2047/*%< 2048 * Set the post load integrity callback function 'checksrv'. 2049 * 'checksrv' will be called if the SRV TARGET is not within the zone. 2050 * 2051 * Require: 2052 * 'zone' to be a valid zone. 2053 */ 2054 2055void 2056dns_zone_setcheckns(dns_zone_t *zone, dns_checknsfunc_t checkns); 2057/*%< 2058 * Set the post load integrity callback function 'checkns'. 2059 * 'checkns' will be called if the NS TARGET is not within the zone. 2060 * 2061 * Require: 2062 * 'zone' to be a valid zone. 2063 */ 2064 2065void 2066dns_zone_setnotifydelay(dns_zone_t *zone, uint32_t delay); 2067/*%< 2068 * Set the minimum delay between sets of notify messages. 2069 * 2070 * Requires: 2071 * 'zone' to be valid. 2072 */ 2073 2074uint32_t 2075dns_zone_getnotifydelay(dns_zone_t *zone); 2076/*%< 2077 * Get the minimum delay between sets of notify messages. 2078 * 2079 * Requires: 2080 * 'zone' to be valid. 2081 */ 2082 2083void 2084dns_zone_setisself(dns_zone_t *zone, dns_isselffunc_t isself, void *arg); 2085/*%< 2086 * Set the isself callback function and argument. 2087 * 2088 * bool 2089 * isself(dns_view_t *myview, dns_tsigkey_t *mykey, 2090 * const isc_netaddr_t *srcaddr, const isc_netaddr_t *destaddr, 2091 * dns_rdataclass_t rdclass, void *arg); 2092 * 2093 * 'isself' returns true if a non-recursive query from 'srcaddr' to 2094 * 'destaddr' with optional key 'mykey' for class 'rdclass' would be 2095 * delivered to 'myview'. 2096 */ 2097 2098void 2099dns_zone_setnodes(dns_zone_t *zone, uint32_t nodes); 2100/*%< 2101 * Set the number of nodes that will be checked per quantum. 2102 */ 2103 2104void 2105dns_zone_setsignatures(dns_zone_t *zone, uint32_t signatures); 2106/*%< 2107 * Set the number of signatures that will be generated per quantum. 2108 */ 2109 2110uint32_t 2111dns_zone_getsignatures(dns_zone_t *zone); 2112/*%< 2113 * Get the number of signatures that will be generated per quantum. 2114 */ 2115 2116isc_result_t 2117dns_zone_signwithkey(dns_zone_t *zone, dns_secalg_t algorithm, 2118 uint16_t keyid, bool deleteit); 2119/*%< 2120 * Initiate/resume signing of the entire zone with the zone DNSKEY(s) 2121 * that match the given algorithm and keyid. 2122 */ 2123 2124isc_result_t 2125dns_zone_addnsec3chain(dns_zone_t *zone, dns_rdata_nsec3param_t *nsec3param); 2126/*%< 2127 * Incrementally add a NSEC3 chain that corresponds to 'nsec3param'. 2128 */ 2129 2130void 2131dns_zone_setprivatetype(dns_zone_t *zone, dns_rdatatype_t type); 2132dns_rdatatype_t 2133dns_zone_getprivatetype(dns_zone_t *zone); 2134/* 2135 * Get/Set the private record type. It is expected that these interfaces 2136 * will not be permanent. 2137 */ 2138 2139void 2140dns_zone_rekey(dns_zone_t *zone, bool fullsign); 2141/*%< 2142 * Update the zone's DNSKEY set from the key repository. 2143 * 2144 * If 'fullsign' is true, trigger an immediate full signing of 2145 * the zone with the new key. Otherwise, if there are no keys or 2146 * if the new keys are for algorithms that have already signed the 2147 * zone, then the zone can be re-signed incrementally. 2148 */ 2149 2150isc_result_t 2151dns_zone_nscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version, 2152 unsigned int *errors); 2153/*% 2154 * Check if the name servers for the zone are sane (have address, don't 2155 * refer to CNAMEs/DNAMEs. The number of constiancy errors detected in 2156 * returned in '*errors' 2157 * 2158 * Requires: 2159 * \li 'zone' to be valid. 2160 * \li 'db' to be valid. 2161 * \li 'version' to be valid or NULL. 2162 * \li 'errors' to be non NULL. 2163 * 2164 * Returns: 2165 * ISC_R_SUCCESS if there were no errors examining the zone contents. 2166 */ 2167 2168isc_result_t 2169dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version); 2170/*% 2171 * Check if CSD, CDNSKEY and DNSKEY are consistent. 2172 * 2173 * Requires: 2174 * \li 'zone' to be valid. 2175 * \li 'db' to be valid. 2176 * \li 'version' to be valid or NULL. 2177 * 2178 * Returns: 2179 *\li #ISC_R_SUCCESS 2180 *\li #DNS_R_BADCDS 2181 *\li #DNS_R_BADCDNSKEY 2182 * Others 2183 */ 2184 2185void 2186dns_zone_setadded(dns_zone_t *zone, bool added); 2187/*% 2188 * Sets the value of zone->added, which should be true for 2189 * zones that were originally added by "rndc addzone". 2190 * 2191 * Requires: 2192 * \li 'zone' to be valid. 2193 */ 2194 2195bool 2196dns_zone_getadded(dns_zone_t *zone); 2197/*% 2198 * Returns true if the zone was originally added at runtime 2199 * using "rndc addzone". 2200 * 2201 * Requires: 2202 * \li 'zone' to be valid. 2203 */ 2204 2205void 2206dns_zone_setautomatic(dns_zone_t *zone, bool automatic); 2207/*% 2208 * Sets the value of zone->automatic, which should be true for 2209 * zones that were automatically added by named. 2210 * 2211 * Requires: 2212 * \li 'zone' to be valid. 2213 */ 2214 2215bool 2216dns_zone_getautomatic(dns_zone_t *zone); 2217/*% 2218 * Returns true if the zone was added automatically by named. 2219 * 2220 * Requires: 2221 * \li 'zone' to be valid. 2222 */ 2223 2224isc_result_t 2225dns_zone_dlzpostload(dns_zone_t *zone, dns_db_t *db); 2226/*% 2227 * Load the origin names for a writeable DLZ database. 2228 */ 2229 2230bool 2231dns_zone_isdynamic(dns_zone_t *zone, bool ignore_freeze); 2232/*% 2233 * Return true iff the zone is "dynamic", in the sense that the zone's 2234 * master file (if any) is written by the server, rather than being 2235 * updated manually and read by the server. 2236 * 2237 * This is true for slave zones, stub zones, key zones, and zones that 2238 * allow dynamic updates either by having an update policy ("ssutable") 2239 * or an "allow-update" ACL with a value other than exactly "{ none; }". 2240 * 2241 * If 'ignore_freeze' is true, then the zone which has had updates disabled 2242 * will still report itself to be dynamic. 2243 * 2244 * Requires: 2245 * \li 'zone' to be valid. 2246 */ 2247 2248isc_result_t 2249dns_zone_setrefreshkeyinterval(dns_zone_t *zone, uint32_t interval); 2250/*% 2251 * Sets the frequency, in minutes, with which the key repository will be 2252 * checked to see if the keys for this zone have been updated. Any value 2253 * higher than 1440 minutes (24 hours) will be silently reduced. A 2254 * value of zero will return an out-of-range error. 2255 * 2256 * Requires: 2257 * \li 'zone' to be valid. 2258 */ 2259 2260bool 2261dns_zone_getrequestexpire(dns_zone_t *zone); 2262/*% 2263 * Returns the true/false value of the request-expire option in the zone. 2264 * 2265 * Requires: 2266 * \li 'zone' to be valid. 2267 */ 2268 2269void 2270dns_zone_setrequestexpire(dns_zone_t *zone, bool flag); 2271/*% 2272 * Sets the request-expire option for the zone. Either true or false. The 2273 * default value is determined by the setting of this option in the view. 2274 * 2275 * Requires: 2276 * \li 'zone' to be valid. 2277 */ 2278 2279 2280bool 2281dns_zone_getrequestixfr(dns_zone_t *zone); 2282/*% 2283 * Returns the true/false value of the request-ixfr option in the zone. 2284 * 2285 * Requires: 2286 * \li 'zone' to be valid. 2287 */ 2288 2289void 2290dns_zone_setrequestixfr(dns_zone_t *zone, bool flag); 2291/*% 2292 * Sets the request-ixfr option for the zone. Either true or false. The 2293 * default value is determined by the setting of this option in the view. 2294 * 2295 * Requires: 2296 * \li 'zone' to be valid. 2297 */ 2298 2299void 2300dns_zone_setserialupdatemethod(dns_zone_t *zone, dns_updatemethod_t method); 2301/*% 2302 * Sets the update method to use when incrementing the zone serial number 2303 * due to a DDNS update. Valid options are dns_updatemethod_increment 2304 * and dns_updatemethod_unixtime. 2305 * 2306 * Requires: 2307 * \li 'zone' to be valid. 2308 */ 2309 2310dns_updatemethod_t 2311dns_zone_getserialupdatemethod(dns_zone_t *zone); 2312/*% 2313 * Returns the update method to be used when incrementing the zone serial 2314 * number due to a DDNS update. 2315 * 2316 * Requires: 2317 * \li 'zone' to be valid. 2318 */ 2319 2320isc_result_t 2321dns_zone_link(dns_zone_t *zone, dns_zone_t *raw); 2322 2323void 2324dns_zone_getraw(dns_zone_t *zone, dns_zone_t **raw); 2325 2326isc_result_t 2327dns_zone_keydone(dns_zone_t *zone, const char *data); 2328 2329isc_result_t 2330dns_zone_setnsec3param(dns_zone_t *zone, uint8_t hash, uint8_t flags, 2331 uint16_t iter, uint8_t saltlen, 2332 unsigned char *salt, bool replace); 2333/*% 2334 * Set the NSEC3 parameters for the zone. 2335 * 2336 * If 'replace' is true, then the existing NSEC3 chain, if any, will 2337 * be replaced with the new one. If 'hash' is zero, then the replacement 2338 * chain will be NSEC rather than NSEC3. 2339 * 2340 * Requires: 2341 * \li 'zone' to be valid. 2342 */ 2343 2344void 2345dns_zone_setrawdata(dns_zone_t *zone, dns_masterrawheader_t *header); 2346/*% 2347 * Set the data to be included in the header when the zone is dumped in 2348 * binary format. 2349 */ 2350 2351isc_result_t 2352dns_zone_synckeyzone(dns_zone_t *zone); 2353/*% 2354 * Force the managed key zone to synchronize, and start the key 2355 * maintenance timer. 2356 */ 2357 2358isc_result_t 2359dns_zone_getloadtime(dns_zone_t *zone, isc_time_t *loadtime); 2360/*% 2361 * Return the time when the zone was last loaded. 2362 */ 2363 2364isc_result_t 2365dns_zone_getrefreshtime(dns_zone_t *zone, isc_time_t *refreshtime); 2366/*% 2367 * Return the time when the (slave) zone will need to be refreshed. 2368 */ 2369 2370isc_result_t 2371dns_zone_getexpiretime(dns_zone_t *zone, isc_time_t *expiretime); 2372/*% 2373 * Return the time when the (slave) zone will expire. 2374 */ 2375 2376isc_result_t 2377dns_zone_getrefreshkeytime(dns_zone_t *zone, isc_time_t *refreshkeytime); 2378/*% 2379 * Return the time of the next scheduled DNSSEC key event. 2380 */ 2381 2382unsigned int 2383dns_zone_getincludes(dns_zone_t *zone, char ***includesp); 2384/*% 2385 * Return the number include files that were encountered 2386 * during load. If the number is greater than zero, 'includesp' 2387 * will point to an array containing the filenames. 2388 * 2389 * The array and its contents need to be freed using isc_mem_free. 2390 */ 2391 2392isc_result_t 2393dns_zone_rpz_enable(dns_zone_t *zone, dns_rpz_zones_t *rpzs, 2394 dns_rpz_num_t rpz_num); 2395/*% 2396 * Set the response policy associated with a zone. 2397 */ 2398 2399void 2400dns_zone_rpz_enable_db(dns_zone_t *zone, dns_db_t *db); 2401/*% 2402 * If a zone is a response policy zone, mark its new database. 2403 */ 2404 2405dns_rpz_num_t 2406dns_zone_get_rpz_num(dns_zone_t *zone); 2407 2408void 2409dns_zone_catz_enable(dns_zone_t *zone, dns_catz_zones_t *catzs); 2410/*%< 2411 * Enable zone as catalog zone. 2412 * 2413 * Requires: 2414 * 2415 * \li 'zone' is a valid zone object 2416 * \li 'catzs' is not NULL 2417 * \li prior to calling, zone->catzs is NULL or is equal to 'catzs' 2418 */ 2419 2420void 2421dns_zone_catz_enable_db(dns_zone_t *zone, dns_db_t *db); 2422/*%< 2423 * If 'zone' is a catalog zone, then set up a notify-on-update trigger 2424 * in its database. (If not a catalog zone, this function has no effect.) 2425 * 2426 * Requires: 2427 * 2428 * \li 'zone' is a valid zone object 2429 * \li 'db' is not NULL 2430 */ 2431void 2432dns_zone_set_parentcatz(dns_zone_t *zone, dns_catz_zone_t *catz); 2433/*%< 2434 * Set parent catalog zone for this zone 2435 * 2436 * Requires: 2437 * 2438 * \li 'zone' is a valid zone object 2439 * \li 'catz' is not NULL 2440 */ 2441 2442dns_catz_zone_t * 2443dns_zone_get_parentcatz(const dns_zone_t *zone); 2444/*%< 2445 * Get parent catalog zone for this zone 2446 * 2447 * Requires: 2448 * 2449 * \li 'zone' is a valid zone object 2450 */ 2451 2452 2453void 2454dns_zone_setstatlevel(dns_zone_t *zone, dns_zonestat_level_t level); 2455 2456dns_zonestat_level_t 2457dns_zone_getstatlevel(dns_zone_t *zone); 2458/*% 2459 * Set and get the statistics reporting level for the zone; 2460 * full, terse, or none. 2461 */ 2462 2463isc_result_t 2464dns_zone_setserial(dns_zone_t *zone, uint32_t serial); 2465/*% 2466 * Set the zone's serial to 'serial'. 2467 */ 2468ISC_LANG_ENDDECLS 2469 2470isc_stats_t * 2471dns_zone_getgluecachestats(dns_zone_t *zone); 2472/*%< 2473 * Get the glue cache statistics for zone. 2474 * 2475 * Requires: 2476 * \li 'zone' to be a valid zone. 2477 * 2478 * Returns: 2479 * \li if present, a pointer to the statistics set installed in zone; 2480 * otherwise NULL. 2481 */ 2482 2483bool 2484dns_zone_isloaded(const dns_zone_t *zone); 2485/*%< 2486 * Return true if 'zone' was loaded and has not expired yet, return 2487 * false otherwise. 2488 */ 2489 2490isc_result_t 2491dns_zone_verifydb(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver); 2492/*%< 2493 * If 'zone' is a mirror zone, perform DNSSEC validation of version 'ver' of 2494 * its database, 'db'. Ensure that the DNSKEY RRset at zone apex is signed by 2495 * at least one trust anchor specified for the view that 'zone' is assigned to. 2496 * If 'ver' is NULL, use the current version of 'db'. 2497 * 2498 * If 'zone' is not a mirror zone, return ISC_R_SUCCESS immediately. 2499 * 2500 * Returns: 2501 * 2502 * \li #ISC_R_SUCCESS either 'zone' is not a mirror zone or 'zone' is 2503 * a mirror zone and all DNSSEC checks succeeded 2504 * and the DNSKEY RRset at zone apex is signed by 2505 * a trusted key 2506 * 2507 * \li #DNS_R_VERIFYFAILURE any other case 2508 */ 2509 2510#endif /* DNS_ZONE_H */ 2511