1/* $NetBSD: resolver.h,v 1.1 2024/02/18 20:57:38 christos Exp $ */ 2 3/* 4 * Copyright (C) Internet Systems Consortium, Inc. ("ISC") 5 * 6 * SPDX-License-Identifier: MPL-2.0 7 * 8 * This Source Code Form is subject to the terms of the Mozilla Public 9 * License, v. 2.0. If a copy of the MPL was not distributed with this 10 * file, you can obtain one at https://mozilla.org/MPL/2.0/. 11 * 12 * See the COPYRIGHT file distributed with this work for additional 13 * information regarding copyright ownership. 14 */ 15 16#ifndef DNS_RESOLVER_H 17#define DNS_RESOLVER_H 1 18 19/***** 20***** Module Info 21*****/ 22 23/*! \file dns/resolver.h 24 * 25 * \brief 26 * This is the BIND 9 resolver, the module responsible for resolving DNS 27 * requests by iteratively querying authoritative servers and following 28 * referrals. This is a "full resolver", not to be confused with 29 * the stub resolvers most people associate with the word "resolver". 30 * The full resolver is part of the caching name server or resolver 31 * daemon the stub resolver talks to. 32 * 33 * MP: 34 *\li The module ensures appropriate synchronization of data structures it 35 * creates and manipulates. 36 * 37 * Reliability: 38 *\li No anticipated impact. 39 * 40 * Resources: 41 *\li TBS 42 * 43 * Security: 44 *\li No anticipated impact. 45 * 46 * Standards: 47 *\li RFCs: 1034, 1035, 2181, TBS 48 *\li Drafts: TBS 49 */ 50 51#include <inttypes.h> 52#include <stdbool.h> 53 54#include <isc/lang.h> 55#include <isc/socket.h> 56#include <isc/stats.h> 57 58#include <dns/fixedname.h> 59#include <dns/types.h> 60 61ISC_LANG_BEGINDECLS 62 63/*% 64 * A dns_fetchevent_t is sent when a 'fetch' completes. Any of 'db', 65 * 'node', 'rdataset', and 'sigrdataset' may be bound. It is the 66 * receiver's responsibility to detach before freeing the event. 67 * \brief 68 * 'rdataset', 'sigrdataset', 'client' and 'id' are the values that were 69 * supplied when dns_resolver_createfetch() was called. They are returned 70 * to the caller so that they may be freed. 71 */ 72typedef struct dns_fetchevent { 73 ISC_EVENT_COMMON(struct dns_fetchevent); 74 dns_fetch_t *fetch; 75 isc_result_t result; 76 dns_rdatatype_t qtype; 77 dns_db_t *db; 78 dns_dbnode_t *node; 79 dns_rdataset_t *rdataset; 80 dns_rdataset_t *sigrdataset; 81 dns_fixedname_t foundname; 82 const isc_sockaddr_t *client; 83 dns_messageid_t id; 84 isc_result_t vresult; 85} dns_fetchevent_t; 86 87/*% 88 * The two quota types (fetches-per-zone and fetches-per-server) 89 */ 90typedef enum { dns_quotatype_zone = 0, dns_quotatype_server } dns_quotatype_t; 91 92/* 93 * Options that modify how a 'fetch' is done. 94 */ 95#define DNS_FETCHOPT_TCP 0x00000001 /*%< Use TCP. */ 96#define DNS_FETCHOPT_UNSHARED 0x00000002 /*%< See below. */ 97#define DNS_FETCHOPT_RECURSIVE 0x00000004 /*%< Set RD? */ 98#define DNS_FETCHOPT_NOEDNS0 0x00000008 /*%< Do not use EDNS. */ 99#define DNS_FETCHOPT_FORWARDONLY 0x00000010 /*%< Only use forwarders. */ 100#define DNS_FETCHOPT_NOVALIDATE 0x00000020 /*%< Disable validation. */ 101#define DNS_FETCHOPT_EDNS512 \ 102 0x00000040 /*%< Advertise a 512 byte \ 103 * UDP buffer. */ 104#define DNS_FETCHOPT_WANTNSID 0x00000080 /*%< Request NSID */ 105#define DNS_FETCHOPT_PREFETCH 0x00000100 /*%< Do prefetch */ 106#define DNS_FETCHOPT_NOCDFLAG 0x00000200 /*%< Don't set CD flag. */ 107#define DNS_FETCHOPT_NONTA 0x00000400 /*%< Ignore NTA table. */ 108/* RESERVED ECS 0x00000000 */ 109/* RESERVED ECS 0x00001000 */ 110/* RESERVED ECS 0x00002000 */ 111/* RESERVED TCPCLIENT 0x00004000 */ 112#define DNS_FETCHOPT_NOCACHED 0x00008000 /*%< Force cache update. */ 113#define DNS_FETCHOPT_QMINIMIZE \ 114 0x00010000 /*%< Use qname \ 115 * minimization. */ 116#define DNS_FETCHOPT_NOFOLLOW \ 117 0x00020000 /*%< Don't follow \ 118 * delegations */ 119#define DNS_FETCHOPT_QMIN_STRICT \ 120 0x00040000 /*%< Do not work around \ 121 * servers that return \ 122 * errors on non-empty \ 123 * terminals. */ 124#define DNS_FETCHOPT_QMIN_USE_A \ 125 0x00080000 /*%< Use A type queries \ 126 * instead of NS when \ 127 * doing minimization */ 128#define DNS_FETCHOPT_QMIN_SKIP_IP6A \ 129 0x00100000 /*%< Skip some labels \ 130 * when doing qname \ 131 * minimization on \ 132 * ip6.arpa. */ 133#define DNS_FETCHOPT_NOFORWARD \ 134 0x00200000 /*%< Do not use forwarders \ 135 * if possible. */ 136 137/* Reserved in use by adb.c 0x00400000 */ 138#define DNS_FETCHOPT_EDNSVERSIONSET 0x00800000 139#define DNS_FETCHOPT_EDNSVERSIONMASK 0xff000000 140#define DNS_FETCHOPT_EDNSVERSIONSHIFT 24 141#define DNS_FETCHOPT_TRYSTALE_ONTIMEOUT 0x01000000 142 143/* 144 * Upper bounds of class of query RTT (ms). Corresponds to 145 * dns_resstatscounter_queryrttX statistics counters. 146 */ 147#define DNS_RESOLVER_QRYRTTCLASS0 10 148#define DNS_RESOLVER_QRYRTTCLASS0STR "10" 149#define DNS_RESOLVER_QRYRTTCLASS1 100 150#define DNS_RESOLVER_QRYRTTCLASS1STR "100" 151#define DNS_RESOLVER_QRYRTTCLASS2 500 152#define DNS_RESOLVER_QRYRTTCLASS2STR "500" 153#define DNS_RESOLVER_QRYRTTCLASS3 800 154#define DNS_RESOLVER_QRYRTTCLASS3STR "800" 155#define DNS_RESOLVER_QRYRTTCLASS4 1600 156#define DNS_RESOLVER_QRYRTTCLASS4STR "1600" 157 158/* 159 * XXXRTH Should this API be made semi-private? (I.e. 160 * _dns_resolver_create()). 161 */ 162 163#define DNS_RESOLVER_CHECKNAMES 0x01 164#define DNS_RESOLVER_CHECKNAMESFAIL 0x02 165 166#define DNS_QMIN_MAXLABELS 7 167#define DNS_QMIN_MAX_NO_DELEGATION 3 168#define DNS_MAX_LABELS 127 169 170isc_result_t 171dns_resolver_create(dns_view_t *view, isc_taskmgr_t *taskmgr, 172 unsigned int ntasks, unsigned int ndisp, 173 isc_socketmgr_t *socketmgr, isc_timermgr_t *timermgr, 174 unsigned int options, dns_dispatchmgr_t *dispatchmgr, 175 dns_dispatch_t *dispatchv4, dns_dispatch_t *dispatchv6, 176 dns_resolver_t **resp); 177 178/*%< 179 * Create a resolver. 180 * 181 * Notes: 182 * 183 *\li Generally, applications should not create a resolver directly, but 184 * should instead call dns_view_createresolver(). 185 * 186 * Requires: 187 * 188 *\li 'view' is a valid view. 189 * 190 *\li 'taskmgr' is a valid task manager. 191 * 192 *\li 'ntasks' > 0. 193 * 194 *\li 'socketmgr' is a valid socket manager. 195 * 196 *\li 'timermgr' is a valid timer manager. 197 * 198 *\li 'dispatchv4' is a dispatch with an IPv4 UDP socket, or is NULL. 199 * If not NULL, 'ndisp' clones of it will be created by the resolver. 200 * 201 *\li 'dispatchv6' is a dispatch with an IPv6 UDP socket, or is NULL. 202 * If not NULL, 'ndisp' clones of it will be created by the resolver. 203 * 204 *\li resp != NULL && *resp == NULL. 205 * 206 * Returns: 207 * 208 *\li #ISC_R_SUCCESS On success. 209 * 210 *\li Anything else Failure. 211 */ 212 213void 214dns_resolver_freeze(dns_resolver_t *res); 215/*%< 216 * Freeze resolver. 217 * 218 * Notes: 219 * 220 *\li Certain configuration changes cannot be made after the resolver 221 * is frozen. Fetches cannot be created until the resolver is frozen. 222 * 223 * Requires: 224 * 225 *\li 'res' is a valid resolver. 226 * 227 * Ensures: 228 * 229 *\li 'res' is frozen. 230 */ 231 232void 233dns_resolver_prime(dns_resolver_t *res); 234/*%< 235 * Prime resolver. 236 * 237 * Notes: 238 * 239 *\li Resolvers which have a forwarding policy other than dns_fwdpolicy_only 240 * need to be primed with the root nameservers, otherwise the root 241 * nameserver hints data may be used indefinitely. This function requests 242 * that the resolver start a priming fetch, if it isn't already priming. 243 * 244 * Requires: 245 * 246 *\li 'res' is a valid, frozen resolver. 247 */ 248 249void 250dns_resolver_whenshutdown(dns_resolver_t *res, isc_task_t *task, 251 isc_event_t **eventp); 252/*%< 253 * Send '*eventp' to 'task' when 'res' has completed shutdown. 254 * 255 * Notes: 256 * 257 *\li It is not safe to detach the last reference to 'res' until 258 * shutdown is complete. 259 * 260 * Requires: 261 * 262 *\li 'res' is a valid resolver. 263 * 264 *\li 'task' is a valid task. 265 * 266 *\li *eventp is a valid event. 267 * 268 * Ensures: 269 * 270 *\li *eventp == NULL. 271 */ 272 273void 274dns_resolver_shutdown(dns_resolver_t *res); 275/*%< 276 * Start the shutdown process for 'res'. 277 * 278 * Notes: 279 * 280 *\li This call has no effect if the resolver is already shutting down. 281 * 282 * Requires: 283 * 284 *\li 'res' is a valid resolver. 285 */ 286 287void 288dns_resolver_attach(dns_resolver_t *source, dns_resolver_t **targetp); 289 290void 291dns_resolver_detach(dns_resolver_t **resp); 292 293isc_result_t 294dns_resolver_createfetch(dns_resolver_t *res, const dns_name_t *name, 295 dns_rdatatype_t type, const dns_name_t *domain, 296 dns_rdataset_t *nameservers, 297 dns_forwarders_t *forwarders, 298 const isc_sockaddr_t *client, dns_messageid_t id, 299 unsigned int options, unsigned int depth, 300 isc_counter_t *qc, isc_task_t *task, 301 isc_taskaction_t action, void *arg, 302 dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset, 303 dns_fetch_t **fetchp); 304/*%< 305 * Recurse to answer a question. 306 * 307 * Notes: 308 * 309 *\li This call starts a query for 'name', type 'type'. 310 * 311 *\li The 'domain' is a parent domain of 'name' for which 312 * a set of name servers 'nameservers' is known. If no 313 * such name server information is available, set 314 * 'domain' and 'nameservers' to NULL. 315 * 316 *\li 'forwarders' is unimplemented, and subject to change when 317 * we figure out how selective forwarding will work. 318 * 319 *\li When the fetch completes (successfully or otherwise), a 320 * #DNS_EVENT_FETCHDONE event with action 'action' and arg 'arg' will be 321 * posted to 'task'. 322 * 323 *\li The values of 'rdataset' and 'sigrdataset' will be returned in 324 * the FETCHDONE event. 325 * 326 *\li 'client' and 'id' are used for duplicate query detection. '*client' 327 * must remain stable until after 'action' has been called or 328 * dns_resolver_cancelfetch() is called. 329 * 330 * Requires: 331 * 332 *\li 'res' is a valid resolver that has been frozen. 333 * 334 *\li 'name' is a valid name. 335 * 336 *\li 'type' is not a meta type other than ANY. 337 * 338 *\li 'domain' is a valid name or NULL. 339 * 340 *\li 'nameservers' is a valid NS rdataset (whose owner name is 'domain') 341 * iff. 'domain' is not NULL. 342 * 343 *\li 'forwarders' is NULL. 344 * 345 *\li 'client' is a valid sockaddr or NULL. 346 * 347 *\li 'options' contains valid options. 348 * 349 *\li 'rdataset' is a valid, disassociated rdataset. 350 * 351 *\li 'sigrdataset' is NULL, or is a valid, disassociated rdataset. 352 * 353 *\li fetchp != NULL && *fetchp == NULL. 354 * 355 * Returns: 356 * 357 *\li #ISC_R_SUCCESS Success 358 *\li #DNS_R_DUPLICATE 359 *\li #DNS_R_DROP 360 * 361 *\li Many other values are possible, all of which indicate failure. 362 */ 363 364void 365dns_resolver_cancelfetch(dns_fetch_t *fetch); 366/*%< 367 * Cancel 'fetch'. 368 * 369 * Notes: 370 * 371 *\li If 'fetch' has not completed, post its FETCHDONE event with a 372 * result code of #ISC_R_CANCELED. 373 * 374 * Requires: 375 * 376 *\li 'fetch' is a valid fetch. 377 */ 378 379void 380dns_resolver_destroyfetch(dns_fetch_t **fetchp); 381/*%< 382 * Destroy 'fetch'. 383 * 384 * Requires: 385 * 386 *\li '*fetchp' is a valid fetch. 387 * 388 *\li The caller has received the FETCHDONE event (either because the 389 * fetch completed or because dns_resolver_cancelfetch() was called). 390 * 391 * Ensures: 392 * 393 *\li *fetchp == NULL. 394 */ 395 396void 397dns_resolver_logfetch(dns_fetch_t *fetch, isc_log_t *lctx, 398 isc_logcategory_t *category, isc_logmodule_t *module, 399 int level, bool duplicateok); 400/*%< 401 * Dump a log message on internal state at the completion of given 'fetch'. 402 * 'lctx', 'category', 'module', and 'level' are used to write the log message. 403 * By default, only one log message is written even if the corresponding fetch 404 * context serves multiple clients; if 'duplicateok' is true the suppression 405 * is disabled and the message can be written every time this function is 406 * called. 407 * 408 * Requires: 409 * 410 *\li 'fetch' is a valid fetch, and has completed. 411 */ 412 413dns_dispatchmgr_t * 414dns_resolver_dispatchmgr(dns_resolver_t *resolver); 415 416dns_dispatch_t * 417dns_resolver_dispatchv4(dns_resolver_t *resolver); 418 419dns_dispatch_t * 420dns_resolver_dispatchv6(dns_resolver_t *resolver); 421 422isc_socketmgr_t * 423dns_resolver_socketmgr(dns_resolver_t *resolver); 424 425isc_taskmgr_t * 426dns_resolver_taskmgr(dns_resolver_t *resolver); 427 428uint32_t 429dns_resolver_getlamettl(dns_resolver_t *resolver); 430/*%< 431 * Get the resolver's lame-ttl. zero => no lame processing. 432 * 433 * Requires: 434 *\li 'resolver' to be valid. 435 */ 436 437void 438dns_resolver_setlamettl(dns_resolver_t *resolver, uint32_t lame_ttl); 439/*%< 440 * Set the resolver's lame-ttl. zero => no lame processing. 441 * 442 * Requires: 443 *\li 'resolver' to be valid. 444 */ 445 446isc_result_t 447dns_resolver_addalternate(dns_resolver_t *resolver, const isc_sockaddr_t *alt, 448 const dns_name_t *name, in_port_t port); 449/*%< 450 * Add alternate addresses to be tried in the event that the nameservers 451 * for a zone are not available in the address families supported by the 452 * operating system. 453 * 454 * Require: 455 * \li only one of 'name' or 'alt' to be valid. 456 */ 457 458void 459dns_resolver_setudpsize(dns_resolver_t *resolver, uint16_t udpsize); 460/*%< 461 * Set the EDNS UDP buffer size advertised by the server. 462 */ 463 464uint16_t 465dns_resolver_getudpsize(dns_resolver_t *resolver); 466/*%< 467 * Get the current EDNS UDP buffer size. 468 */ 469 470void 471dns_resolver_reset_algorithms(dns_resolver_t *resolver); 472/*%< 473 * Clear the disabled DNSSEC algorithms. 474 */ 475 476void 477dns_resolver_reset_ds_digests(dns_resolver_t *resolver); 478/*%< 479 * Clear the disabled DS digest types. 480 */ 481 482isc_result_t 483dns_resolver_disable_algorithm(dns_resolver_t *resolver, const dns_name_t *name, 484 unsigned int alg); 485/*%< 486 * Mark the given DNSSEC algorithm as disabled and below 'name'. 487 * Valid algorithms are less than 256. 488 * 489 * Returns: 490 *\li #ISC_R_SUCCESS 491 *\li #ISC_R_RANGE 492 *\li #ISC_R_NOMEMORY 493 */ 494 495isc_result_t 496dns_resolver_disable_ds_digest(dns_resolver_t *resolver, const dns_name_t *name, 497 unsigned int digest_type); 498/*%< 499 * Mark the given DS digest type as disabled and below 'name'. 500 * Valid types are less than 256. 501 * 502 * Returns: 503 *\li #ISC_R_SUCCESS 504 *\li #ISC_R_RANGE 505 *\li #ISC_R_NOMEMORY 506 */ 507 508bool 509dns_resolver_algorithm_supported(dns_resolver_t *resolver, 510 const dns_name_t *name, unsigned int alg); 511/*%< 512 * Check if the given algorithm is supported by this resolver. 513 * This checks whether the algorithm has been disabled via 514 * dns_resolver_disable_algorithm(), then checks the underlying 515 * crypto libraries if it was not specifically disabled. 516 */ 517 518bool 519dns_resolver_ds_digest_supported(dns_resolver_t *resolver, 520 const dns_name_t *name, 521 unsigned int digest_type); 522/*%< 523 * Check if the given digest type is supported by this resolver. 524 * This checks whether the digest type has been disabled via 525 * dns_resolver_disable_ds_digest(), then checks the underlying 526 * crypto libraries if it was not specifically disabled. 527 */ 528 529void 530dns_resolver_resetmustbesecure(dns_resolver_t *resolver); 531 532isc_result_t 533dns_resolver_setmustbesecure(dns_resolver_t *resolver, const dns_name_t *name, 534 bool value); 535 536bool 537dns_resolver_getmustbesecure(dns_resolver_t *resolver, const dns_name_t *name); 538 539void 540dns_resolver_settimeout(dns_resolver_t *resolver, unsigned int timeout); 541/*%< 542 * Set the length of time the resolver will work on a query, in milliseconds. 543 * 544 * 'timeout' was originally defined in seconds, and later redefined to be in 545 * milliseconds. Values less than or equal to 300 are treated as seconds. 546 * 547 * If timeout is 0, the default timeout will be applied. 548 * 549 * Requires: 550 * \li resolver to be valid. 551 */ 552 553unsigned int 554dns_resolver_gettimeout(dns_resolver_t *resolver); 555/*%< 556 * Get the current length of time the resolver will work on a query, 557 * in milliseconds. 558 * 559 * Requires: 560 * \li resolver to be valid. 561 */ 562 563void 564dns_resolver_setclientsperquery(dns_resolver_t *resolver, uint32_t min, 565 uint32_t max); 566void 567dns_resolver_setfetchesperzone(dns_resolver_t *resolver, uint32_t clients); 568 569void 570dns_resolver_getclientsperquery(dns_resolver_t *resolver, uint32_t *cur, 571 uint32_t *min, uint32_t *max); 572 573bool 574dns_resolver_getzeronosoattl(dns_resolver_t *resolver); 575 576void 577dns_resolver_setzeronosoattl(dns_resolver_t *resolver, bool state); 578 579unsigned int 580dns_resolver_getretryinterval(dns_resolver_t *resolver); 581 582void 583dns_resolver_setretryinterval(dns_resolver_t *resolver, unsigned int interval); 584/*%< 585 * Sets the amount of time, in milliseconds, that is waited for a reply 586 * to a server before another server is tried. Interacts with the 587 * value of dns_resolver_getnonbackofftries() by trying that number of times 588 * at this interval, before doing exponential backoff and doubling the interval 589 * on each subsequent try, to a maximum of 10 seconds. Defaults to 800 ms; 590 * silently capped at 2000 ms. 591 * 592 * Requires: 593 * \li resolver to be valid. 594 * \li interval > 0. 595 */ 596 597unsigned int 598dns_resolver_getnonbackofftries(dns_resolver_t *resolver); 599 600void 601dns_resolver_setnonbackofftries(dns_resolver_t *resolver, unsigned int tries); 602/*%< 603 * Sets the number of failures of getting a reply from remote servers for 604 * a query before backing off by doubling the retry interval for each 605 * subsequent request sent. Defaults to 3. 606 * 607 * Requires: 608 * \li resolver to be valid. 609 * \li tries > 0. 610 */ 611 612unsigned int 613dns_resolver_getoptions(dns_resolver_t *resolver); 614/*%< 615 * Get the resolver options. 616 * 617 * Requires: 618 * \li resolver to be valid. 619 */ 620 621void 622dns_resolver_addbadcache(dns_resolver_t *resolver, const dns_name_t *name, 623 dns_rdatatype_t type, isc_time_t *expire); 624/*%< 625 * Add a entry to the bad cache for <name,type> that will expire at 'expire'. 626 * 627 * Requires: 628 * \li resolver to be valid. 629 * \li name to be valid. 630 */ 631 632bool 633dns_resolver_getbadcache(dns_resolver_t *resolver, const dns_name_t *name, 634 dns_rdatatype_t type, isc_time_t *now); 635/*%< 636 * Check to see if there is a unexpired entry in the bad cache for 637 * <name,type>. 638 * 639 * Requires: 640 * \li resolver to be valid. 641 * \li name to be valid. 642 */ 643 644void 645dns_resolver_flushbadcache(dns_resolver_t *resolver, const dns_name_t *name); 646/*%< 647 * Flush the bad cache of all entries at 'name' if 'name' is non NULL. 648 * Flush the entire bad cache if 'name' is NULL. 649 * 650 * Requires: 651 * \li resolver to be valid. 652 */ 653 654void 655dns_resolver_flushbadnames(dns_resolver_t *resolver, const dns_name_t *name); 656/*%< 657 * Flush the bad cache of all entries at or below 'name'. 658 * 659 * Requires: 660 * \li resolver to be valid. 661 * \li name != NULL 662 */ 663 664void 665dns_resolver_printbadcache(dns_resolver_t *resolver, FILE *fp); 666/*% 667 * Print out the contents of the bad cache to 'fp'. 668 * 669 * Requires: 670 * \li resolver to be valid. 671 */ 672 673void 674dns_resolver_setquerydscp4(dns_resolver_t *resolver, isc_dscp_t dscp); 675isc_dscp_t 676dns_resolver_getquerydscp4(dns_resolver_t *resolver); 677 678void 679dns_resolver_setquerydscp6(dns_resolver_t *resolver, isc_dscp_t dscp); 680isc_dscp_t 681dns_resolver_getquerydscp6(dns_resolver_t *resolver); 682/*% 683 * Get and set the DSCP values for the resolver's IPv4 and IPV6 query 684 * sources. 685 * 686 * Requires: 687 * \li resolver to be valid. 688 */ 689 690void 691dns_resolver_setmaxdepth(dns_resolver_t *resolver, unsigned int maxdepth); 692unsigned int 693dns_resolver_getmaxdepth(dns_resolver_t *resolver); 694/*% 695 * Get and set how many NS indirections will be followed when looking for 696 * nameserver addresses. 697 * 698 * Requires: 699 * \li resolver to be valid. 700 */ 701 702void 703dns_resolver_setmaxqueries(dns_resolver_t *resolver, unsigned int queries); 704unsigned int 705dns_resolver_getmaxqueries(dns_resolver_t *resolver); 706/*% 707 * Get and set how many iterative queries will be allowed before 708 * terminating a recursive query. 709 * 710 * Requires: 711 * \li resolver to be valid. 712 */ 713 714void 715dns_resolver_setquotaresponse(dns_resolver_t *resolver, dns_quotatype_t which, 716 isc_result_t resp); 717isc_result_t 718dns_resolver_getquotaresponse(dns_resolver_t *resolver, dns_quotatype_t which); 719/*% 720 * Get and set the result code that will be used when quotas 721 * are exceeded. If 'which' is set to quotatype "zone", then the 722 * result specified in 'resp' will be used when the fetches-per-zone 723 * quota is exceeded by a fetch. If 'which' is set to quotatype "server", 724 * then the result specified in 'resp' will be used when the 725 * fetches-per-server quota has been exceeded for all the 726 * authoritative servers for a zone. Valid choices are 727 * DNS_R_DROP or DNS_R_SERVFAIL. 728 * 729 * Requires: 730 * \li 'resolver' to be valid. 731 * \li 'which' to be dns_quotatype_zone or dns_quotatype_server 732 * \li 'resp' to be DNS_R_DROP or DNS_R_SERVFAIL. 733 */ 734 735void 736dns_resolver_dumpfetches(dns_resolver_t *resolver, isc_statsformat_t format, 737 FILE *fp); 738 739#ifdef ENABLE_AFL 740/*% 741 * Enable fuzzing of resolver, changes behaviour and eliminates retries 742 */ 743void 744dns_resolver_setfuzzing(void); 745#endif /* ifdef ENABLE_AFL */ 746 747ISC_LANG_ENDDECLS 748 749#endif /* DNS_RESOLVER_H */ 750