diff --git a/bin/check/check-tool.c b/bin/check/check-tool.c index 0fd104c437..8d841cd758 100644 --- a/bin/check/check-tool.c +++ b/bin/check/check-tool.c @@ -41,6 +41,7 @@ #include #include #include +#include #include "check-tool.h" diff --git a/bin/named/nzd.c b/bin/named/nzd.c index f3707e497e..fe8e4d24c5 100644 --- a/bin/named/nzd.c +++ b/bin/named/nzd.c @@ -17,7 +17,7 @@ #include #include -#include +#include #include #include diff --git a/bin/named/server.c b/bin/named/server.c index 778486bfe5..d594d7dc6e 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -103,6 +103,7 @@ #include #include #include +#include #include #include @@ -6281,7 +6282,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, if (inline_signing) { dns_zone_getraw(zone, &raw); if (raw == NULL) { - dns_zone_create(&raw, dns_zone_getmem(zone), + dns_zone_create(&raw, dns_zone_getmctx(zone), dns_zone_gettid(zone)); dns_zone_setorigin(raw, origin); dns_zone_setview(raw, view); diff --git a/bin/named/statschannel.c b/bin/named/statschannel.c index 91642857f6..87b708b5e3 100644 --- a/bin/named/statschannel.c +++ b/bin/named/statschannel.c @@ -36,6 +36,7 @@ #include #include #include +#include #include #include @@ -1441,7 +1442,7 @@ zone_xmlrender(dns_zone_t *zone, void *arg) { * primary zones, only include the loaded time. For secondary zones, * also include the expire and refresh times. */ - CHECK(dns_zone_getloadtime(zone, ×tamp)); + dns_zone_getloadtime(zone, ×tamp); isc_time_formatISO8601(×tamp, buf, 64); TRY0(xmlTextWriterStartElement(writer, ISC_XMLCHAR "loaded")); @@ -1449,13 +1450,13 @@ zone_xmlrender(dns_zone_t *zone, void *arg) { TRY0(xmlTextWriterEndElement(writer)); if (dns_zone_gettype(zone) == dns_zone_secondary) { - CHECK(dns_zone_getexpiretime(zone, ×tamp)); + dns_zone_getexpiretime(zone, ×tamp); isc_time_formatISO8601(×tamp, buf, 64); TRY0(xmlTextWriterStartElement(writer, ISC_XMLCHAR "expires")); TRY0(xmlTextWriterWriteString(writer, ISC_XMLCHAR buf)); TRY0(xmlTextWriterEndElement(writer)); - CHECK(dns_zone_getrefreshtime(zone, ×tamp)); + dns_zone_getrefreshtime(zone, ×tamp); isc_time_formatISO8601(×tamp, buf, 64); TRY0(xmlTextWriterStartElement(writer, ISC_XMLCHAR "refresh")); TRY0(xmlTextWriterWriteString(writer, ISC_XMLCHAR buf)); @@ -2529,18 +2530,18 @@ zone_jsonrender(dns_zone_t *zone, void *arg) { * zones, also include the expire and refresh times. */ - CHECK(dns_zone_getloadtime(zone, ×tamp)); + dns_zone_getloadtime(zone, ×tamp); isc_time_formatISO8601(×tamp, buf, 64); json_object_object_add(zoneobj, "loaded", json_object_new_string(buf)); if (dns_zone_gettype(zone) == dns_zone_secondary) { - CHECK(dns_zone_getexpiretime(zone, ×tamp)); + dns_zone_getexpiretime(zone, ×tamp); isc_time_formatISO8601(×tamp, buf, 64); json_object_object_add(zoneobj, "expires", json_object_new_string(buf)); - CHECK(dns_zone_getrefreshtime(zone, ×tamp)); + dns_zone_getrefreshtime(zone, ×tamp); isc_time_formatISO8601(×tamp, buf, 64); json_object_object_add(zoneobj, "refresh", json_object_new_string(buf)); diff --git a/bin/named/zoneconf.c b/bin/named/zoneconf.c index 515e184913..9a87bae73b 100644 --- a/bin/named/zoneconf.c +++ b/bin/named/zoneconf.c @@ -41,7 +41,8 @@ #include #include #include -#include +#include /* WMM: remove include */ +#include #include #include diff --git a/bin/tests/system/dyndb/driver/syncptr.c b/bin/tests/system/dyndb/driver/syncptr.c index 490c460ab8..31174bcfab 100644 --- a/bin/tests/system/dyndb/driver/syncptr.c +++ b/bin/tests/system/dyndb/driver/syncptr.c @@ -42,6 +42,7 @@ #include #include #include +#include #include "instance.h" #include "util.h" diff --git a/bin/tests/system/dyndb/driver/zone.c b/bin/tests/system/dyndb/driver/zone.c index da6fef47f5..4a7d04d8e5 100644 --- a/bin/tests/system/dyndb/driver/zone.c +++ b/bin/tests/system/dyndb/driver/zone.c @@ -40,6 +40,7 @@ #include #include #include +#include #include "instance.h" #include "log.h" diff --git a/fuzz/dns_message_checksig.c b/fuzz/dns_message_checksig.c index 9beade4424..ba3ffb6db5 100644 --- a/fuzz/dns_message_checksig.c +++ b/fuzz/dns_message_checksig.c @@ -32,6 +32,7 @@ #include #include #include +#include #include "fuzz.h" diff --git a/lib/dns/dlz.c b/lib/dns/dlz.c index e9481c50d1..c758de7c4f 100644 --- a/lib/dns/dlz.c +++ b/lib/dns/dlz.c @@ -71,6 +71,7 @@ #include #include #include +#include #include "dlz_p.h" diff --git a/lib/dns/include/dns/zone.h b/lib/dns/include/dns/zone.h index 025282bea1..1ad5732191 100644 --- a/lib/dns/include/dns/zone.h +++ b/lib/dns/include/dns/zone.h @@ -25,7 +25,6 @@ #include #include -#include #include #include @@ -172,28 +171,6 @@ dns_zone_makedb(dns_zone_t *zone, dns_db_t **dbp); *\li dns_db_create() error codes. */ -void -dns_zone_setclass(dns_zone_t *zone, dns_rdataclass_t rdclass); -/*%< - * Sets the class of a zone. This operation can only be performed - * once on a zone. - * - * Require: - *\li 'zone' to be a valid zone. - *\li dns_zone_setclass() not to have been called since the zone was - * created. - *\li 'rdclass' != dns_rdataclass_none. - */ - -dns_rdataclass_t -dns_zone_getclass(dns_zone_t *zone); -/*%< - * Returns the current zone class. - * - * Requires: - *\li 'zone' to be a valid zone. - */ - isc_result_t dns_zone_getserial(dns_zone_t *zone, uint32_t *serialp); /*%< @@ -209,37 +186,6 @@ dns_zone_getserial(dns_zone_t *zone, uint32_t *serialp); *\li #DNS_R_NOTLOADED zone DB is not loaded */ -void -dns_zone_settype(dns_zone_t *zone, dns_zonetype_t type); -/*%< - * Sets the zone type. This operation can only be performed once on - * a zone. - * - * Requires: - *\li 'zone' to be a valid zone. - *\li dns_zone_settype() not to have been called since the zone was - * created. - *\li 'type' != dns_zone_none - */ - -void -dns_zone_setview(dns_zone_t *zone, dns_view_t *view); -/*%< - * Associate the zone with a view. - * - * Require: - *\li 'zone' to be a valid zone. - */ - -dns_view_t * -dns_zone_getview(dns_zone_t *zone); -/*%< - * Returns the zone's associated view. - * - * Requires: - *\li 'zone' to be a valid zone. - */ - void dns_zone_setviewcommit(dns_zone_t *zone); /*%< @@ -259,156 +205,6 @@ dns_zone_setviewrevert(dns_zone_t *zone); *\li 'zone' to be a valid zone. */ -void -dns_zone_setorigin(dns_zone_t *zone, const dns_name_t *origin); -/*%< - * Sets the zones origin to 'origin'. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'origin' to be non NULL. - * - * Returns: - *\li #ISC_R_SUCCESS - */ - -dns_name_t * -dns_zone_getorigin(dns_zone_t *zone); -/*%< - * Returns the value of the origin. - * - * Require: - *\li 'zone' to be a valid zone. - */ - -dns_rdataclass_t -dns_zone_getrdclass(dns_zone_t *zone); -/*%< - * Returns the value of the rdclass. - * - * Require: - *\li 'zone' to be a valid zone. - */ - -void -dns_zone_setfile(dns_zone_t *zone, const char *file, const char *initial_file, - dns_masterformat_t format, const dns_master_style_t *style); -/*%< - * Sets the name of the master file in the format of 'format' from which - * the zone loads its database to 'file'. - * - * For zones that have no associated master file, 'file' will be NULL. - * For some zone types, e.g. secondary zones, 'file' is optional, but - * for primary zones it is mandatory. If the master file does not exist - * during loading, then it will be copied into place from 'initial_file'. - * - * For zones with persistent databases, the file name setting is ignored. - * - * Require: - *\li 'zone' to be a valid zone. - */ - -const char * -dns_zone_getfile(dns_zone_t *zone); -/*%< - * Gets the name of the zone's master file, if any. - * - * Requires: - *\li 'zone' to be valid initialised zone. - * - * Returns: - *\li Pointer to null-terminated file name, or NULL. - */ - -void -dns_zone_setstream(dns_zone_t *zone, const FILE *stream, - dns_masterformat_t format, const dns_master_style_t *style); -/*%< - * Sets the source stream from which the zone will load its database. - * - * Requires: - *\li 'zone' to be a valid zone. - *\li 'stream' to be a valid and open FILE *. - *\li 'zone->masterfile' to be NULL, since we should load data either from - * 'stream' or from a master file, but not both. - */ - -void -dns_zone_setmaxrecords(dns_zone_t *zone, uint32_t records); -/*%< - * Sets the maximum number of records permitted in a zone. - * 0 implies unlimited. - * - * Requires: - *\li 'zone' to be valid initialised zone. - * - * Returns: - *\li void - */ - -uint32_t -dns_zone_getmaxrecords(dns_zone_t *zone); -/*%< - * Gets the maximum number of records permitted in a zone. - * 0 implies unlimited. - * - * Requires: - *\li 'zone' to be valid initialised zone. - * - * Returns: - *\li uint32_t maxrecords. - */ - -void -dns_zone_setmaxrrperset(dns_zone_t *zone, uint32_t maxrrperset); -/*%< - * Sets the maximum number of records per rrset permitted in a zone. - * 0 implies unlimited. - * - * Requires: - *\li 'zone' to be valid initialised zone. - * - * Returns: - *\li void - */ - -void -dns_zone_setmaxtypepername(dns_zone_t *zone, uint32_t maxtypepername); -/*%< - * Sets the maximum number of resource record types per owner name - * permitted in a zone. 0 implies unlimited. - * - * Requires: - *\li 'zone' to be valid initialised zone. - * - * Returns: - *\li void - */ - -void -dns_zone_setmaxttl(dns_zone_t *zone, uint32_t maxttl); -/*%< - * Sets the max ttl of the zone. - * - * Requires: - *\li 'zone' to be valid initialised zone. - * - * Returns: - *\li void - */ - -dns_ttl_t -dns_zone_getmaxttl(dns_zone_t *zone); -/*%< - * Gets the max ttl of the zone. - * - * Requires: - *\li 'zone' to be valid initialised zone. - * - * Returns: - *\li dns_ttl_t maxttl. - */ - void dns_zone_lock_keyfiles(dns_zone_t *zone); /*%< @@ -527,64 +323,6 @@ dns_zone_idetach(dns_zone_t **zonep); *\li 'zonep' to point to a valid zone. */ -isc_result_t -dns_zone_getdb(dns_zone_t *zone, dns_db_t **dbp); -/*%< - * Attach '*dbp' to the database to if it exists otherwise - * return DNS_R_NOTLOADED. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'dbp' to be != NULL && '*dbp' == NULL. - * - * Returns: - *\li #ISC_R_SUCCESS - *\li DNS_R_NOTLOADED - */ - -void -dns_zone_setdb(dns_zone_t *zone, dns_db_t *db); -/*%< - * Sets the zone database to 'db'. - * - * This function is expected to be used to configure a zone with a - * database which is not loaded from a file or zone transfer. - * It can be used for a general purpose zone, but right now its use - * is limited to static-stub zones to avoid possible undiscovered - * problems in the general cases. - * - * Require: - *\li 'zone' to be a valid zone of static-stub. - *\li zone doesn't have a database. - */ - -void -dns_zone_setdbtype(dns_zone_t *zone, unsigned int dbargc, - const char *const *dbargv); -/*%< - * Sets the database type to dbargv[0] and database arguments - * to subsequent dbargv elements. - * 'db_type' is not checked to see if it is a valid database type. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'database' to be non NULL. - *\li 'dbargc' to be >= 1 - *\li 'dbargv' to point to dbargc NULL-terminated strings - */ - -void -dns_zone_getdbtype(dns_zone_t *zone, char ***argv, isc_mem_t *mctx); -/*%< - * Returns the current dbtype. isc_mem_free() should be used - * to free 'argv' after use. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'argv' to be non NULL and *argv to be NULL. - *\li 'mctx' to be valid. - */ - void dns_zone_markdirty(dns_zone_t *zone); /*%< @@ -634,69 +372,6 @@ dns_zone_dumptostream(dns_zone_t *zone, FILE *fd, dns_masterformat_t format, *\li 'fd' to be a stream open for writing. */ -void -dns_zone_setprimaries(dns_zone_t *zone, isc_sockaddr_t *addresses, - isc_sockaddr_t *sources, dns_name_t **keynames, - dns_name_t **tlsnames, uint32_t count); -/*%< - * Set the list of primary servers for the zone. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'addresses' array of isc_sockaddr_t with port set or NULL. - *\li 'count' the number of primaries. - *\li 'keynames' array of dns_name_t's for tsig keys or NULL. - * - *\li If 'addresses' is NULL then 'count' must be zero. - */ - -void -dns_zone_setparentals(dns_zone_t *zone, isc_sockaddr_t *addresses, - isc_sockaddr_t *sources, dns_name_t **keynames, - dns_name_t **tlsnames, uint32_t count); -/*%< - * Set the list of parental agents for the zone. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'addresses' array of isc_sockaddr_t with port set or NULL. - *\li 'count' the number of primaries. - *\li 'keynames' array of dns_name_t's for tsig keys or NULL. - * - *\li If 'addresses' is NULL then 'count' must be zero. - */ - -void -dns_zone_setalsonotify(dns_zone_t *zone, isc_sockaddr_t *addresses, - isc_sockaddr_t *sources, dns_name_t **keynames, - dns_name_t **tlsnames, uint32_t count); -/*%< - * Set the list of additional servers to be notified when - * a zone changes. To clear the list use 'count = 0'. - * - * dns_zone_alsonotifywithkeys() allows each notify address to - * be associated with a TSIG key. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'addresses' to be non-NULL if count != 0. - *\li 'count' to be the number of notifiees. - */ - -void -dns_zone_setcdsendpoints(dns_zone_t *zone, isc_sockaddr_t *addresses, - isc_sockaddr_t *sources, dns_name_t **keynames, - dns_name_t **tlsnames, uint32_t count); -/*%< - * Set the list of servers to be notified when the zone changes - * its CDS/CDNSKEY RRset. To clear the list use 'count = 0'. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'addresses' to be non-NULL if count != 0. - *\li 'count' to be the number of notifiees. - */ - void dns_zone_unload(dns_zone_t *zone); /*%< @@ -728,26 +403,6 @@ dns_zone_dnssecstatus(dns_zone_t *zone, dns_kasp_t *kasp, * */ -dns_kasp_t * -dns_zone_getkasp(dns_zone_t *zone); -/*%< - * Returns the current kasp. - * - * Require: - *\li 'zone' to be a valid zone. - */ - -void -dns_zone_setkasp(dns_zone_t *zone, dns_kasp_t *kasp); -void -dns_zone_setdefaultkasp(dns_zone_t *zone, dns_kasp_t *kasp); -/*%< - * Set kasp for zone. If a kasp is already set, it will be detached. - * - * Requires: - *\li 'zone' to be a valid zone. - */ - dns_skrbundle_t * dns_zone_getskrbundle(dns_zone_t *zone); /*%< @@ -776,398 +431,6 @@ dns_zone_getoptions(dns_zone_t *zone); *\li 'zone' to be a valid zone. */ -void -dns_zone_setminrefreshtime(dns_zone_t *zone, uint32_t val); -/*%< - * Set the minimum refresh time. - * - * Requires: - *\li 'zone' is valid. - *\li val > 0. - */ - -void -dns_zone_setmaxrefreshtime(dns_zone_t *zone, uint32_t val); -/*%< - * Set the maximum refresh time. - * - * Requires: - *\li 'zone' is valid. - *\li val > 0. - */ - -void -dns_zone_setminretrytime(dns_zone_t *zone, uint32_t val); -/*%< - * Set the minimum retry time. - * - * Requires: - *\li 'zone' is valid. - *\li val > 0. - */ - -void -dns_zone_setmaxretrytime(dns_zone_t *zone, uint32_t val); -/*%< - * Set the maximum retry time. - * - * Requires: - *\li 'zone' is valid. - * val > 0. - */ - -void -dns_zone_setxfrsource4(dns_zone_t *zone, const isc_sockaddr_t *xfrsource); -/*%< - * Set the source address to be used in IPv4 zone transfers. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'xfrsource' to contain the address. - */ - -void -dns_zone_getxfrsource4(dns_zone_t *zone, isc_sockaddr_t *xfrsource); -/*%< - * Returns the source address set by a previous dns_zone_setxfrsource4 - * call, or the default of inaddr_any, port 0. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'xfrsource' to not be NULL - */ - -void -dns_zone_setxfrsource6(dns_zone_t *zone, const isc_sockaddr_t *xfrsource); -/*%< - * Set the source address to be used in IPv6 zone transfers. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'xfrsource' to contain the address. - */ - -void -dns_zone_getxfrsource6(dns_zone_t *zone, isc_sockaddr_t *xfrsource); -/*%< - * Returns the source address set by a previous dns_zone_setxfrsource6 - * call, or the default of in6addr_any, port 0. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'xfrsource' to not be NULL - */ - -void -dns_zone_setparentalsrc4(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc); -/*%< - * Set the source address to be used with IPv4 parental DS queries. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'parentalsrc' to contain the address. - */ - -void -dns_zone_getparentalsrc4(dns_zone_t *zone, isc_sockaddr_t *parentalsrc); -/*%< - * Returns the source address set by a previous dns_zone_setparentalsrc4 - * call, or the default of inaddr_any, port 0. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'parentalsrc' to be non NULL. - */ - -void -dns_zone_setparentalsrc6(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc); -/*%< - * Set the source address to be used with IPv6 parental DS queries. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'parentalsrc' to contain the address. - */ - -void -dns_zone_getparentalsrc6(dns_zone_t *zone, isc_sockaddr_t *parentalsrc); -/*%< - * Returns the source address set by a previous dns_zone_setparentalsrc6 - * call, or the default of in6addr_any, port 0. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'parentalsrc' to be non NULL. - */ - -void -dns_zone_setnotifysrc4(dns_zone_t *zone, dns_rdatatype_t type, - const isc_sockaddr_t *notifysrc); -/*%< - * Set the source address to be used with IPv4 NOTIFY messages. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'type' to be a valid notify RRtype. - *\li 'notifysrc' to contain the address. - */ - -void -dns_zone_setnotifysrc6(dns_zone_t *zone, dns_rdatatype_t type, - const isc_sockaddr_t *notifysrc); -/*%< - * Set the source address to be used with IPv6 NOTIFY messages. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'type' to be a valid notify RRtype. - *\li 'notifysrc' to contain the address. - */ - -void -dns_zone_setnotifyacl(dns_zone_t *zone, dns_acl_t *acl); -/*%< - * Sets the notify acl list for the zone. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'acl' to be a valid acl. - */ - -void -dns_zone_setqueryacl(dns_zone_t *zone, dns_acl_t *acl); -/*%< - * Sets the query acl list for the zone. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'acl' to be a valid acl. - */ - -void -dns_zone_setqueryonacl(dns_zone_t *zone, dns_acl_t *acl); -/*%< - * Sets the query-on acl list for the zone. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'acl' to be a valid acl. - */ - -void -dns_zone_setupdateacl(dns_zone_t *zone, dns_acl_t *acl); -/*%< - * Sets the update acl list for the zone. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'acl' to be valid acl. - */ - -void -dns_zone_setforwardacl(dns_zone_t *zone, dns_acl_t *acl); -/*%< - * Sets the forward unsigned updates acl list for the zone. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'acl' to be valid acl. - */ - -void -dns_zone_setxfracl(dns_zone_t *zone, dns_acl_t *acl); -/*%< - * Sets the transfer acl list for the zone. - * - * Require: - *\li 'zone' to be a valid zone. - *\li 'acl' to be valid acl. - */ - -dns_acl_t * -dns_zone_getqueryacl(dns_zone_t *zone); -/*%< - * Returns the current query acl or NULL. - * - * Require: - *\li 'zone' to be a valid zone. - * - * Returns: - *\li acl a pointer to the acl. - *\li NULL - */ - -dns_acl_t * -dns_zone_getqueryonacl(dns_zone_t *zone); -/*%< - * Returns the current query-on acl or NULL. - * - * Require: - *\li 'zone' to be a valid zone. - * - * Returns: - *\li acl a pointer to the acl. - *\li NULL - */ - -dns_acl_t * -dns_zone_getupdateacl(dns_zone_t *zone); -/*%< - * Returns the current update acl or NULL. - * - * Require: - *\li 'zone' to be a valid zone. - * - * Returns: - *\li acl a pointer to the acl. - *\li NULL - */ - -dns_acl_t * -dns_zone_getforwardacl(dns_zone_t *zone); -/*%< - * Returns the current forward unsigned updates acl or NULL. - * - * Require: - *\li 'zone' to be a valid zone. - * - * Returns: - *\li acl a pointer to the acl. - *\li NULL - */ - -dns_acl_t * -dns_zone_getxfracl(dns_zone_t *zone); -/*%< - * Returns the current transfer acl or NULL. - * - * Require: - *\li 'zone' to be a valid zone. - * - * Returns: - *\li acl a pointer to the acl. - *\li NULL - */ - -void -dns_zone_clearupdateacl(dns_zone_t *zone); -/*%< - * Clear the current update acl. - * - * Require: - *\li 'zone' to be a valid zone. - */ - -void -dns_zone_clearforwardacl(dns_zone_t *zone); -/*%< - * Clear the current forward unsigned updates acl. - * - * Require: - *\li 'zone' to be a valid zone. - */ - -void -dns_zone_clearnotifyacl(dns_zone_t *zone); -/*%< - * Clear the current notify acl. - * - * Require: - *\li 'zone' to be a valid zone. - */ - -void -dns_zone_clearqueryacl(dns_zone_t *zone); -/*%< - * Clear the current query acl. - * - * Require: - *\li 'zone' to be a valid zone. - */ - -void -dns_zone_clearqueryonacl(dns_zone_t *zone); -/*%< - * Clear the current query-on acl. - * - * Require: - *\li 'zone' to be a valid zone. - */ - -void -dns_zone_clearxfracl(dns_zone_t *zone); -/*%< - * Clear the current transfer acl. - * - * Require: - *\li 'zone' to be a valid zone. - */ - -bool -dns_zone_getupdatedisabled(dns_zone_t *zone); -/*%< - * Return true if updates are disabled. - */ - -void -dns_zone_setupdatedisabled(dns_zone_t *zone, bool state); -/*%< - * Enable or disable updates. - * - * This should only be called when running in exclusive mode; - * otherwise, updates that were already in progress could be - * committed after disabling. - */ - -bool -dns_zone_getzeronosoattl(dns_zone_t *zone); -/*%< - * Return zero-no-soa-ttl status. - */ - -void -dns_zone_setzeronosoattl(dns_zone_t *zone, bool state); -/*%< - * Set zero-no-soa-ttl status. - */ - -void -dns_zone_setchecknames(dns_zone_t *zone, dns_severity_t severity); -/*%< - * Set the severity of name checking when loading a zone. - * - * Require: - * \li 'zone' to be a valid zone. - */ - -dns_severity_t -dns_zone_getchecknames(dns_zone_t *zone); -/*%< - * Return the current severity of name checking. - * - * Require: - *\li 'zone' to be a valid zone. - */ - -void -dns_zone_setjournalsize(dns_zone_t *zone, int32_t size); -/*%< - * Sets the journal size for the zone. - * - * Requires: - *\li 'zone' to be a valid zone. - */ - -int32_t -dns_zone_getjournalsize(dns_zone_t *zone); -/*%< - * Return the journal size as set with a previous call to - * dns_zone_setjournalsize(). - * - * Requires: - *\li 'zone' to be a valid zone. - */ - isc_result_t dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from, isc_sockaddr_t *to, dns_message_t *msg); @@ -1188,109 +451,6 @@ dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from, *\li DNS_R_SUCCESS */ -void -dns_zone_setminxfrratein(dns_zone_t *zone, uint32_t bytes, uint32_t seconds); -/*%< - * Set the minumum traffic rate (in bytes per seconds) that a zone transfer in - * (AXFR/IXFR) of this zone will use before being aborted. - * - * Requires: - * \li 'zone' to be valid initialised zone. - */ - -uint32_t -dns_zone_getminxfrratebytesin(dns_zone_t *zone); -/*%< - * Returns the 'bytes' portion of the minimum traffic rate for the transfer in - * for this zone. - * - * Requires: - *\li 'zone' to be valid initialised zone. - */ - -uint32_t -dns_zone_getminxfrratesecondsin(dns_zone_t *zone); -/*%< - * Returns the 'seconds' portion of the minimum traffic rate for the transfer in - * for this zone. - * - * Requires: - *\li 'zone' to be valid initialised zone. - */ - -void -dns_zone_setmaxxfrin(dns_zone_t *zone, uint32_t maxxfrin); -/*%< - * Set the maximum time (in seconds) that a zone transfer in (AXFR/IXFR) - * of this zone will use before being aborted. - * - * Requires: - * \li 'zone' to be valid initialised zone. - */ - -uint32_t -dns_zone_getmaxxfrin(dns_zone_t *zone); -/*%< - * Returns the maximum transfer time for this zone. This will be - * either the value set by the last call to dns_zone_setmaxxfrin() or - * the default value of 1 hour. - * - * Requires: - *\li 'zone' to be valid initialised zone. - */ - -void -dns_zone_setmaxxfrout(dns_zone_t *zone, uint32_t maxxfrout); -/*%< - * Set the maximum time (in seconds) that a zone transfer out (AXFR/IXFR) - * of this zone will use before being aborted. - * - * Requires: - * \li 'zone' to be valid initialised zone. - */ - -uint32_t -dns_zone_getmaxxfrout(dns_zone_t *zone); -/*%< - * Returns the maximum transfer time for this zone. This will be - * either the value set by the last call to dns_zone_setmaxxfrout() or - * the default value of 1 hour. - * - * Requires: - *\li 'zone' to be valid initialised zone. - */ - -void -dns_zone_setjournal(dns_zone_t *zone, const char *myjournal); -/*%< - * Sets the filename used for journaling updates / IXFR transfers. - * The default journal name is set by dns_zone_setfile() to be - * "file.jnl". If 'myjournal' is NULL, the zone will have no - * journal name. - * - * Requires: - *\li 'zone' to be a valid zone. - */ - -char * -dns_zone_getjournal(dns_zone_t *zone); -/*%< - * Returns the journal name associated with this zone. - * If no journal has been set this will be NULL. - * - * Requires: - *\li 'zone' to be valid initialised zone. - */ - -dns_zonetype_t -dns_zone_gettype(dns_zone_t *zone); -/*%< - * Returns the type of the zone (primary/secondary/etc.) - * - * Requires: - *\li 'zone' to be valid initialised zone. - */ - dns_zonetype_t dns_zone_getredirecttype(dns_zone_t *zone); /*%< @@ -1342,189 +502,6 @@ dns_zone_replacedb(dns_zone_t *zone, dns_db_t *db, bool dump); * Others */ -uint32_t -dns_zone_getidlein(dns_zone_t *zone); -/*%< - * Requires: - * \li 'zone' to be a valid zone. - * - * Returns: - * \li number of seconds of idle time before we abort the transfer in. - */ - -void -dns_zone_setidlein(dns_zone_t *zone, uint32_t idlein); -/*%< - * \li Set the idle timeout for transfer the. - * \li Zero set the default value, 1 hour. - * - * Requires: - * \li 'zone' to be a valid zone. - */ - -uint32_t -dns_zone_getidleout(dns_zone_t *zone); -/*%< - * - * Requires: - * \li 'zone' to be a valid zone. - * - * Returns: - * \li number of seconds of idle time before we abort a transfer out. - */ - -void -dns_zone_setidleout(dns_zone_t *zone, uint32_t idleout); -/*%< - * \li Set the idle timeout for transfers out. - * \li Zero set the default value, 1 hour. - * - * Requires: - * \li 'zone' to be a valid zone. - */ - -void -dns_zone_getssutable(dns_zone_t *zone, dns_ssutable_t **table); -/*%< - * Get the simple-secure-update policy table. - * - * Requires: - * \li 'zone' to be a valid zone. - */ - -void -dns_zone_setssutable(dns_zone_t *zone, dns_ssutable_t *table); -/*%< - * Set / clear the simple-secure-update policy table. - * - * Requires: - * \li 'zone' to be a valid zone. - */ - -isc_mem_t * -dns_zone_getmctx(dns_zone_t *zone); -/*%< - * Get the memory context of a zone. - * - * Requires: - * \li 'zone' to be a valid zone. - */ - -dns_zonemgr_t * -dns_zone_getmgr(dns_zone_t *zone); -/*%< - * If 'zone' is managed return the zone manager otherwise NULL. - * - * Requires: - * \li 'zone' to be a valid zone. - */ - -void -dns_zone_setsigvalidityinterval(dns_zone_t *zone, uint32_t interval); -/*%< - * Set the zone's general signature validity interval. This is the length - * of time for which DNSSEC signatures created as a result of dynamic - * updates to secure zones will remain valid, in seconds. - * - * Requires: - * \li 'zone' to be a valid zone. - */ - -uint32_t -dns_zone_getsigvalidityinterval(dns_zone_t *zone); -/*%< - * Get the zone's general signature validity interval. - * - * Requires: - * \li 'zone' to be a valid zone. - */ - -void -dns_zone_setkeyvalidityinterval(dns_zone_t *zone, uint32_t interval); -/*%< - * Set the zone's DNSKEY signature validity interval. This is the length - * of time for which DNSSEC signatures created for DNSKEY records - * will remain valid, in seconds. - * - * If this value is set to zero, then the regular signature validity - * interval (see dns_zone_setsigvalidityinterval(), above) is used - * for all RRSIGs. However, if this value is nonzero, then it is used - * as the validity interval for RRSIGs covering DNSKEY and CDNSKEY - * RRsets. - * - * Requires: - * \li 'zone' to be a valid zone. - */ - -uint32_t -dns_zone_getkeyvalidityinterval(dns_zone_t *zone); -/*%< - * Get the zone's DNSKEY signature validity interval. - * - * Requires: - * \li 'zone' to be a valid zone. - */ - -void -dns_zone_setsigresigninginterval(dns_zone_t *zone, uint32_t interval); -/*%< - * Set the zone's RRSIG re-signing interval. A dynamic zone's RRSIG's - * will be re-signed 'interval' amount of time before they expire. - * - * Requires: - * \li 'zone' to be a valid zone. - */ - -uint32_t -dns_zone_getsigresigninginterval(dns_zone_t *zone); -/*%< - * Get the zone's RRSIG re-signing interval. - * - * Requires: - * \li 'zone' to be a valid zone. - */ - -void -dns_zone_getsourceaddr(dns_zone_t *zone, isc_sockaddr_t *sourceaddr); -/*%< - * Get the zone's source address from which it has last contacted the current - * primary server. - * - * Requires: - * \li 'zone' to be a valid zone. - * \li 'zone' has a non-empty primaries list. - * \li 'sourceaddr' to be non-NULL. - */ - -isc_result_t -dns_zone_getprimaryaddr(dns_zone_t *zone, isc_sockaddr_t *primaryaddr); -/*%< - * Get the zone's current primary server into '*primaryaddr'. - * - * Requires: - * \li 'zone' to be a valid zone. - * \li 'zone' has a non-empty primaries list. - * \li 'primaryaddr' to be non-NULL. - * - * Returns: - *\li #ISC_R_SUCCESS if the current primary server was found - *\li #ISC_R_NOMORE if all the primaries were already iterated over - */ - -isc_time_t -dns_zone_getxfrintime(dns_zone_t *zone); -/*%< - * Get the start time of the zone's latest major step before an incoming zone - * transfer is initiated. The time is set to the current time before the - * precursory SOA query is queued, then it gets reset when the query starts, - * when the query restarts (using another transport or another primary server), - * when an incoming zone transfer is initated and deferred, and, finally, when - * it gets started. - * - * Requires: - * \li 'zone' to be a valid zone. - */ - dns_transport_type_t dns_zone_getrequesttransporttype(dns_zone_t *zone); /*%< @@ -1537,19 +514,6 @@ dns_zone_getrequesttransporttype(dns_zone_t *zone); * \li 'zone' to be a valid zone. */ -void -dns_zone_setnotifytype(dns_zone_t *zone, dns_rdatatype_t type, - dns_notifytype_t notifytype); -/*%< - * Sets zone notify(type) method to "notifytype" - */ - -void -dns_zone_setcheckdstype(dns_zone_t *zone, dns_checkdstype_t checkdstype); -/*%< - * Sets zone checkds method to "checkdstype" - */ - isc_result_t dns_zone_forwardupdate(dns_zone_t *zone, dns_message_t *msg, dns_updatecallback_t callback, void *callback_arg); @@ -1603,29 +567,6 @@ dns_zone_first(dns_zonemgr_t *zmgr, dns_zone_t **first); * (result ISC_R_NOMORE). */ -void -dns_zone_setkeydirectory(dns_zone_t *zone, const char *directory); -/*%< - * Sets the name of the directory where private keys used for - * online signing or dynamic zones are found. - * - * Require: - *\li 'zone' to be a valid zone. - */ - -const char * -dns_zone_getkeydirectory(dns_zone_t *zone); -/*%< - * Gets the name of the directory where private keys used for - * online signing of dynamic zones are found. - * - * Requires: - *\li 'zone' to be valid initialised zone. - * - * Returns: - * Pointer to null-terminated file name, or NULL. - */ - isc_result_t dns_zone_getdnsseckeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, isc_stdtime_t now, dns_dnsseckeylist_t *keys); @@ -1934,73 +875,6 @@ dns_zone_isforced(dns_zone_t *zone); * \li 'zone' to be a valid zone. */ -isc_result_t -dns_zone_setstatistics(dns_zone_t *zone, bool on); -/*%< - * This function is obsoleted by dns_zone_setrequeststats(). - */ - -uint64_t * -dns_zone_getstatscounters(dns_zone_t *zone); -/*%< - * This function is obsoleted by dns_zone_getrequeststats(). - */ - -void -dns_zone_setstats(dns_zone_t *zone, isc_stats_t *stats); -/*%< - * Set a general zone-maintenance statistics set 'stats' for 'zone'. This - * function is expected to be called only on zone creation (when necessary). - * Once installed, it cannot be removed or replaced. Also, there is no - * interface to get the installed stats from the zone; the caller must keep the - * stats to reference (e.g. dump) it later. - * - * Requires: - * \li 'zone' to be a valid zone and does not have a statistics set already - * installed. - * - *\li stats is a valid statistics supporting zone statistics counters - * (see dns/stats.h). - */ - -void -dns_zone_setrequeststats(dns_zone_t *zone, isc_stats_t *stats); - -void -dns_zone_setrcvquerystats(dns_zone_t *zone, isc_statsmulti_t *stats); - -void -dns_zone_setdnssecsignstats(dns_zone_t *zone, dns_stats_t *stats); -/*%< - * Set additional statistics sets to zone. These are attached to the zone - * but are not counted in the zone module; only the caller updates the - * counters. - * - * Requires: - * \li 'zone' to be a valid zone. - * - *\li stats is a valid statistics. - */ - -isc_stats_t * -dns_zone_getrequeststats(dns_zone_t *zone); - -isc_statsmulti_t * -dns_zone_getrcvquerystats(dns_zone_t *zone); - -dns_stats_t * -dns_zone_getdnssecsignstats(dns_zone_t *zone); -/*%< - * Get the additional statistics for zone, if one is installed. - * - * Requires: - * \li 'zone' to be a valid zone. - * - * Returns: - * \li when available, a pointer to the statistics set installed in zone; - * otherwise NULL. - */ - void dns_zone_logv(dns_zone_t *zone, isc_logcategory_t category, int level, const char *prefix, const char *msg, va_list ap); @@ -2026,26 +900,6 @@ dns_zone_logc(dns_zone_t *zone, isc_logcategory_t category, int level, * the message as applying to 'zone'. */ -void -dns_zone_name(dns_zone_t *zone, char *buf, size_t len); -/*%< - * Return the name of the zone with class and view. - * - * Requires: - *\li 'zone' to be valid. - *\li 'buf' to be non NULL. - */ - -void -dns_zone_nameonly(dns_zone_t *zone, char *buf, size_t len); -/*%< - * Return the name of the zone only. - * - * Requires: - *\li 'zone' to be valid. - *\li 'buf' to be non NULL. - */ - isc_result_t dns_zone_checknames(dns_zone_t *zone, const dns_name_t *name, dns_rdata_t *rdata); @@ -2063,117 +917,12 @@ dns_zone_checknames(dns_zone_t *zone, const dns_name_t *name, * DNS_R_BADNAME failed rdata checks. */ -void -dns_zone_setcheckmx(dns_zone_t *zone, dns_checkmxfunc_t checkmx); -/*%< - * Set the post load integrity callback function 'checkmx'. - * 'checkmx' will be called if the MX TARGET is not within the zone. - * - * Require: - * 'zone' to be a valid zone. - */ - -void -dns_zone_setchecksrv(dns_zone_t *zone, dns_checkmxfunc_t checksrv); -/*%< - * Set the post load integrity callback function 'checksrv'. - * 'checksrv' will be called if the SRV TARGET is not within the zone. - * - * Require: - * 'zone' to be a valid zone. - */ - -void -dns_zone_setcheckns(dns_zone_t *zone, dns_checknsfunc_t checkns); -/*%< - * Set the post load integrity callback function 'checkns'. - * 'checkns' will be called if the NS TARGET is not within the zone. - * - * Require: - * 'zone' to be a valid zone. - */ - -void -dns_zone_setcheckisservedby(dns_zone_t *zone, - dns_checkisservedbyfunc_t checkisserverby); -/*%< - * Set the post load integrity callback function 'checkisserverby'. - * 'checkisserverby' will be called if the NS TARGET is not within - * the zone and there are A or AAAA records in the the zone. - * - * Require: - * 'zone' to be a valid zone. - */ - -void -dns_zone_setnotifydefer(dns_zone_t *zone, dns_rdatatype_t type, uint32_t defer); -/*%< - * Set the wait/defer time (in seconds) before notify messages are sent when - * they are ready. - * - * Requires: - * 'zone' to be valid. - * 'type' to be a valid notify RRtype. - */ - -void -dns_zone_setnotifydelay(dns_zone_t *zone, dns_rdatatype_t type, uint32_t delay); -/*%< - * Set the minimum delay (in seconds) between sets of notify messages. - * - * Requires: - * 'zone' to be valid. - * 'type' to be a valid notify RRtype. - */ - -void -dns_zone_setisself(dns_zone_t *zone, dns_isselffunc_t isself, void *arg); -/*%< - * Set the isself callback function and argument. - * - * bool - * isself(dns_view_t *myview, dns_tsigkey_t *mykey, - * const isc_netaddr_t *srcaddr, const isc_netaddr_t *destaddr, - * dns_rdataclass_t rdclass, void *arg); - * - * 'isself' returns true if a non-recursive query from 'srcaddr' to - * 'destaddr' with optional key 'mykey' for class 'rdclass' would be - * delivered to 'myview'. - */ - -void -dns_zone_setnodes(dns_zone_t *zone, uint32_t nodes); -/*%< - * Set the number of nodes that will be checked per quantum. - */ - -void -dns_zone_setsignatures(dns_zone_t *zone, uint32_t signatures); -/*%< - * Set the number of signatures that will be generated per quantum. - */ - -uint32_t -dns_zone_getsignatures(dns_zone_t *zone); -/*%< - * Get the number of signatures that will be generated per quantum. - */ - isc_result_t dns_zone_addnsec3chain(dns_zone_t *zone, dns_rdata_nsec3param_t *nsec3param); /*%< * Incrementally add a NSEC3 chain that corresponds to 'nsec3param'. */ -void -dns_zone_setprivatetype(dns_zone_t *zone, dns_rdatatype_t type); -dns_rdatatype_t -dns_zone_getprivatetype(dns_zone_t *zone); -/* - * Get/Set the private record type. It is expected that these interfaces - * will not be permanent. - */ - void dns_zone_rekey(dns_zone_t *zone, bool fullsign, bool forcekeymgr); /*%< @@ -2223,65 +972,6 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version); * Others */ -void -dns_zone_setadded(dns_zone_t *zone, bool added); -/*% - * Sets the value of zone->added, which should be true for - * zones that were originally added by "rndc addzone". - * - * Requires: - * \li 'zone' to be valid. - */ - -bool -dns_zone_getadded(dns_zone_t *zone); -/*% - * Returns true if the zone was originally added at runtime - * using "rndc addzone". - * - * Requires: - * \li 'zone' to be valid. - */ - -void -dns_zone_setmodded(dns_zone_t *zone, bool added); -/*% - * Sets the value of zone->modded, which should be true for - * zones that were modified by "rndc modzone". - * - * Requires: - * \li 'zone' to be valid. - */ - -bool -dns_zone_getmodded(dns_zone_t *zone); -/*% - * Returns true if the zone was modified at runtime - * using "rndc modzone". - * - * Requires: - * \li 'zone' to be valid. - */ - -void -dns_zone_setautomatic(dns_zone_t *zone, bool automatic); -/*% - * Sets the value of zone->automatic, which should be true for - * zones that were automatically added by named. - * - * Requires: - * \li 'zone' to be valid. - */ - -bool -dns_zone_getautomatic(dns_zone_t *zone); -/*% - * Returns true if the zone was added automatically by named. - * - * Requires: - * \li 'zone' to be valid. - */ - isc_result_t dns_zone_dlzpostload(dns_zone_t *zone, dns_db_t *db); /*% @@ -2306,115 +996,6 @@ dns_zone_isdynamic(dns_zone_t *zone, bool ignore_freeze); * \li 'zone' to be valid. */ -isc_result_t -dns_zone_setrefreshkeyinterval(dns_zone_t *zone, uint32_t interval); -/*% - * Sets the frequency, in minutes, with which the key repository will be - * checked to see if the keys for this zone have been updated. Any value - * higher than 1440 minutes (24 hours) will be silently reduced. A - * value of zero will return an out-of-range error. - * - * Requires: - * \li 'zone' to be valid. - */ - -bool -dns_zone_getrequestexpire(dns_zone_t *zone); -/*% - * Returns the true/false value of the request-expire option in the zone. - * - * Requires: - * \li 'zone' to be valid. - */ - -void -dns_zone_setrequestexpire(dns_zone_t *zone, bool flag); -/*% - * Sets the request-expire option for the zone. Either true or false. The - * default value is determined by the setting of this option in the view. - * - * Requires: - * \li 'zone' to be valid. - */ - -bool -dns_zone_getrequestixfr(dns_zone_t *zone); -/*% - * Returns the true/false value of the request-ixfr option in the zone. - * - * Requires: - * \li 'zone' to be valid. - */ - -void -dns_zone_setrequestixfr(dns_zone_t *zone, bool flag); -/*% - * Sets the request-ixfr option for the zone. Either true or false. The - * default value is determined by the setting of this option in the view. - * - * Requires: - * \li 'zone' to be valid. - */ - -bool -dns_zone_getrequestixfrmaxdiffs(dns_zone_t *zone); -/*% - * Returns the value of the request-ixfr-max-diffs option in the zone. - * - * Requires: - * \li 'zone' to be valid. - */ - -void -dns_zone_setrequestixfrmaxdiffs(dns_zone_t *zone, uint32_t maxmsgs); -/*% - * Sets the request-ixfr-max-diffs option for the zone. 0 means unlimited. The - * default value is determined by the setting of this option in the view. - * - * Requires: - * \li 'zone' to be valid. - */ - -uint32_t -dns_zone_getixfrratio(dns_zone_t *zone); -/*% - * Returns the zone's current IXFR ratio. - * - * Requires: - * \li 'zone' to be valid. - */ - -void -dns_zone_setixfrratio(dns_zone_t *zone, uint32_t ratio); -/*% - * Sets the ratio of IXFR size to zone size above which we use an AXFR - * response, expressed as a percentage. Cannot exceed 100. - * - * Requires: - * \li 'zone' to be valid. - */ - -void -dns_zone_setserialupdatemethod(dns_zone_t *zone, dns_updatemethod_t method); -/*% - * Sets the update method to use when incrementing the zone serial number - * due to a DDNS update. Valid options are dns_updatemethod_increment - * and dns_updatemethod_unixtime. - * - * Requires: - * \li 'zone' to be valid. - */ - -dns_updatemethod_t -dns_zone_getserialupdatemethod(dns_zone_t *zone); -/*%< - * Returns the update method to be used when incrementing the zone serial - * number due to a DDNS update. - * - * Requires: - * \li 'zone' to be valid. - */ - isc_result_t dns_zone_link(dns_zone_t *zone, dns_zone_t *raw); @@ -2468,30 +1049,6 @@ dns_zone_synckeyzone(dns_zone_t *zone); * maintenance timer. */ -isc_result_t -dns_zone_getloadtime(dns_zone_t *zone, isc_time_t *loadtime); -/*% - * Return the time when the zone was last loaded. - */ - -isc_result_t -dns_zone_getrefreshtime(dns_zone_t *zone, isc_time_t *refreshtime); -/*% - * Return the time when the (secondary) zone will need to be refreshed. - */ - -isc_result_t -dns_zone_getexpiretime(dns_zone_t *zone, isc_time_t *expiretime); -/*% - * Return the time when the (secondary) zone will expire. - */ - -isc_result_t -dns_zone_getrefreshkeytime(dns_zone_t *zone, isc_time_t *refreshkeytime); -/*% - * Return the time of the next scheduled DNSSEC key event. - */ - unsigned int dns_zone_getincludes(dns_zone_t *zone, char ***includesp); /*% @@ -2583,16 +1140,6 @@ dns_zone_get_parentcatz(dns_zone_t *zone); * \li 'zone' is a valid zone object */ -void -dns_zone_setstatlevel(dns_zone_t *zone, dns_zonestat_level_t level); - -dns_zonestat_level_t -dns_zone_getstatlevel(dns_zone_t *zone); -/*% - * Set and get the statistics reporting level for the zone; - * full, terse, or none. - */ - isc_result_t dns_zone_setserial(dns_zone_t *zone, uint32_t serial); /*% @@ -2645,36 +1192,6 @@ dns_zonetype_name(dns_zonetype_t type); * Return the name of the zone type 'type'. */ -isc_mem_t * -dns_zone_getmem(dns_zone_t *zone); -/**< - * \brief Return memory context associated with the zone. - * - * \param zone valid dns_zone_t object. - * - * \return memory context associated with the zone - */ - -unsigned int -dns_zone_gettid(dns_zone_t *zone); -/**< - * \brief Return thread-id associated with the zone. - * - * \param valid dns_zone_t object - * - * \return thread id associated with the zone - */ - -isc_loop_t * -dns_zone_getloop(dns_zone_t *zone); -/**< - * \brief Return loop associated with the zone. - * - * \param valid dns_zone_t object - * - * \return loop associated with the zone - */ - bool dns_zone_check_dnskey_nsec3(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_diff_t *diff, @@ -2705,26 +1222,6 @@ dns_zone_import_skr(dns_zone_t *zone, const char *file); * \li ISC_R_SUCCESS if there were no errors loading the SKR. */ -void -dns_zone_setrad(dns_zone_t *zone, dns_name_t *name); -/**< - * \brief Set the per zone RAD - * - * Requires: - * \li 'zone' to be a valid zone. - * \li 'name' is NULL or a valid name. - */ - -isc_result_t -dns_zone_getrad(dns_zone_t *zone, dns_name_t *name); -/**< - * \brief get the per zone RAD - * - * Requires: - * \li 'zone' to be a valid zone. - * \li 'name' is a valid name with a buffer. - */ - isc_result_t dns_zone_getzoneversion(dns_zone_t *zone, isc_buffer_t *b); /**< @@ -2761,27 +1258,6 @@ dns_zone_getkeystores(dns_zone_t *zone); * initialized. */ -void * -dns_zone_gethooktable(dns_zone_t *zone); -/**< - * Returns the zone hooktable - * - * Requires: - * \li 'zone' to be a valid zone. - */ - -void -dns_zone_sethooktable(dns_zone_t *zone, void *hooktable, - void (*hooktable_free)(isc_mem_t *, void **)); -/**< - * Initialize zone hooktable and free callback - * - * Requires: - * \li 'zone' to be a valid zone. - * \li 'hooktable' to be initialized. - * \li 'hooktable_free' to be valid. - */ - void dns_zone_setplugins(dns_zone_t *zone, void *plugins, void (*plugins_free)(isc_mem_t *, void **)); @@ -2804,26 +1280,6 @@ dns_zone_unloadplugins(dns_zone_t *zone); * \li 'zone' to be a valid zone. */ -void -dns_zone_setcfg(dns_zone_t *zone, const char *cfg); -/*%< - * Save a copy of the configuration text for 'zone', which can be - * used later to dump the configuration status. - * - * Requires: - * \li 'zone' to be a valid zone. - */ - -const char * -dns_zone_getcfg(dns_zone_t *zone); -/*%< - * Return a pointer to the configuration text for 'zone', that was - * previously saved using _setcfg(). - * - * Requires: - * \li 'zone' to be a valid zone. - */ - bool dns_zone_isexpired(dns_zone_t *zone); /*%< diff --git a/lib/dns/include/dns/zoneproperties.h b/lib/dns/include/dns/zoneproperties.h new file mode 100644 index 0000000000..a492453271 --- /dev/null +++ b/lib/dns/include/dns/zoneproperties.h @@ -0,0 +1,1527 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +#pragma once + +/*! \file dns/zoneproperties.h */ + +#include + +#include +#include + +void +dns_zone_setclass(dns_zone_t *zone, dns_rdataclass_t rdclass); +/*%< + * Sets the class of a zone. This operation can only be performed + * once on a zone. + * + * Require: + *\li 'zone' to be a valid zone. + *\li dns_zone_setclass() not to have been called since the zone was + * created. + *\li 'rdclass' != dns_rdataclass_none. + */ + +dns_rdataclass_t +dns_zone_getclass(dns_zone_t *zone); +/*%< + * Returns the current zone class. + * + * Requires: + *\li 'zone' to be a valid zone. + */ + +void +dns_zone_settype(dns_zone_t *zone, dns_zonetype_t type); +/*%< + * Sets the zone type. This operation can only be performed once on + * a zone. + * + * Requires: + *\li 'zone' to be a valid zone. + *\li dns_zone_settype() not to have been called since the zone was + * created. + *\li 'type' != dns_zone_none + */ + +void +dns_zone_setview(dns_zone_t *zone, dns_view_t *view); +/*%< + * Associate the zone with a view. + * + * Require: + *\li 'zone' to be a valid zone. + */ + +dns_view_t * +dns_zone_getview(dns_zone_t *zone); +/*%< + * Returns the zone's associated view. + * + * Requires: + *\li 'zone' to be a valid zone. + */ + +void +dns_zone_setorigin(dns_zone_t *zone, const dns_name_t *origin); +/*%< + * Sets the zones origin to 'origin'. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'origin' to be non NULL. + */ + +dns_name_t * +dns_zone_getorigin(dns_zone_t *zone); +/*%< + * Returns the value of the origin. + * + * Require: + *\li 'zone' to be a valid zone. + */ + +void +dns_zone_setfile(dns_zone_t *zone, const char *file, const char *initial_file, + dns_masterformat_t format, const dns_master_style_t *style); +/*%< + * Sets the name of the master file in the format of 'format' from which + * the zone loads its database to 'file'. + * + * For zones that have no associated master file, 'file' will be NULL. + * For some zone types, e.g. secondary zones, 'file' is optional, but + * for primary zones it is mandatory. If the master file does not exist + * during loading, then it will be copied into place from 'initial_file'. + * + * For zones with persistent databases, the file name setting is ignored. + * + * Require: + *\li 'zone' to be a valid zone. + */ + +const char * +dns_zone_getfile(dns_zone_t *zone); +/*%< + * Gets the name of the zone's master file, if any. + * + * Requires: + *\li 'zone' to be valid initialised zone. + * + * Returns: + *\li Pointer to null-terminated file name, or NULL. + */ + +void +dns_zone_setstream(dns_zone_t *zone, const FILE *stream, + dns_masterformat_t format, const dns_master_style_t *style); +/*%< + * Sets the source stream from which the zone will load its database. + * + * Requires: + *\li 'zone' to be a valid zone. + *\li 'stream' to be a valid and open FILE *. + *\li 'zone->masterfile' to be NULL, since we should load data either from + * 'stream' or from a master file, but not both. + */ + +void +dns_zone_setmaxrecords(dns_zone_t *zone, uint32_t records); +/*%< + * Sets the maximum number of records permitted in a zone. + * 0 implies unlimited. + * + * Requires: + *\li 'zone' to be valid initialised zone. + * + * Returns: + *\li void + */ + +uint32_t +dns_zone_getmaxrecords(dns_zone_t *zone); +/*%< + * Gets the maximum number of records permitted in a zone. + * 0 implies unlimited. + * + * Requires: + *\li 'zone' to be valid initialised zone. + * + * Returns: + *\li uint32_t maxrecords. + */ + +void +dns_zone_setmaxrrperset(dns_zone_t *zone, uint32_t maxrrperset); +/*%< + * Sets the maximum number of records per rrset permitted in a zone. + * 0 implies unlimited. + * + * Requires: + *\li 'zone' to be valid initialised zone. + * + * Returns: + *\li void + */ + +void +dns_zone_setmaxtypepername(dns_zone_t *zone, uint32_t maxtypepername); +/*%< + * Sets the maximum number of resource record types per owner name + * permitted in a zone. 0 implies unlimited. + * + * Requires: + *\li 'zone' to be valid initialised zone. + * + * Returns: + *\li void + */ + +void +dns_zone_setmaxttl(dns_zone_t *zone, uint32_t maxttl); +/*%< + * Sets the max ttl of the zone. + * + * Requires: + *\li 'zone' to be valid initialised zone. + * + * Returns: + *\li void + */ + +dns_ttl_t +dns_zone_getmaxttl(dns_zone_t *zone); +/*%< + * Gets the max ttl of the zone. + * + * Requires: + *\li 'zone' to be valid initialised zone. + * + * Returns: + *\li dns_ttl_t maxttl. + */ + +isc_result_t +dns_zone_getdb(dns_zone_t *zone, dns_db_t **dbp); +/*%< + * Attach '*dbp' to the database to if it exists otherwise + * return DNS_R_NOTLOADED. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'dbp' to be != NULL && '*dbp' == NULL. + * + * Returns: + *\li #ISC_R_SUCCESS + *\li DNS_R_NOTLOADED + */ + +void +dns_zone_setdb(dns_zone_t *zone, dns_db_t *db); +/*%< + * Sets the zone database to 'db'. + * + * This function is expected to be used to configure a zone with a + * database which is not loaded from a file or zone transfer. + * It can be used for a general purpose zone, but right now its use + * is limited to static-stub zones to avoid possible undiscovered + * problems in the general cases. + * + * Require: + *\li 'zone' to be a valid zone of static-stub. + *\li zone doesn't have a database. + */ + +void +dns_zone_setdbtype(dns_zone_t *zone, unsigned int dbargc, + const char *const *dbargv); +/*%< + * Sets the database type to dbargv[0] and database arguments + * to subsequent dbargv elements. + * 'db_type' is not checked to see if it is a valid database type. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'database' to be non NULL. + *\li 'dbargc' to be >= 1 + *\li 'dbargv' to point to dbargc NULL-terminated strings + */ + +void +dns_zone_getdbtype(dns_zone_t *zone, char ***argv, isc_mem_t *mctx); +/*%< + * Returns the current dbtype. isc_mem_free() should be used + * to free 'argv' after use. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'argv' to be non NULL and *argv to be NULL. + *\li 'mctx' to be valid. + */ + +void +dns_zone_setprimaries(dns_zone_t *zone, isc_sockaddr_t *addresses, + isc_sockaddr_t *sources, dns_name_t **keynames, + dns_name_t **tlsnames, uint32_t count); +/*%< + * Set the list of primary servers for the zone. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'addresses' array of isc_sockaddr_t with port set or NULL. + *\li 'count' the number of primaries. + *\li 'keynames' array of dns_name_t's for tsig keys or NULL. + * + *\li If 'addresses' is NULL then 'count' must be zero. + */ + +void +dns_zone_setparentals(dns_zone_t *zone, isc_sockaddr_t *addresses, + isc_sockaddr_t *sources, dns_name_t **keynames, + dns_name_t **tlsnames, uint32_t count); +/*%< + * Set the list of parental agents for the zone. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'addresses' array of isc_sockaddr_t with port set or NULL. + *\li 'count' the number of primaries. + *\li 'keynames' array of dns_name_t's for tsig keys or NULL. + * + *\li If 'addresses' is NULL then 'count' must be zero. + */ + +void +dns_zone_setalsonotify(dns_zone_t *zone, isc_sockaddr_t *addresses, + isc_sockaddr_t *sources, dns_name_t **keynames, + dns_name_t **tlsnames, uint32_t count); +/*%< + * Set the list of additional servers to be notified when + * a zone changes. To clear the list use 'count = 0'. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'addresses' to be non-NULL if count != 0. + *\li 'count' to be the number of notifiees. + */ + +void +dns_zone_setcdsendpoints(dns_zone_t *zone, isc_sockaddr_t *addresses, + isc_sockaddr_t *sources, dns_name_t **keynames, + dns_name_t **tlsnames, uint32_t count); +/*%< + * Set the list of servers to be notified when the zone changes + * its CDS/CDNSKEY RRset. To clear the list use 'count = 0'. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'addresses' to be non-NULL if count != 0. + *\li 'count' to be the number of notifiees. + */ + +dns_kasp_t * +dns_zone_getkasp(dns_zone_t *zone); +/*%< + * Returns the current kasp. + * + * Require: + *\li 'zone' to be a valid zone. + */ + +void +dns_zone_setkasp(dns_zone_t *zone, dns_kasp_t *kasp); +void +dns_zone_setdefaultkasp(dns_zone_t *zone, dns_kasp_t *kasp); +/*%< + * Set kasp for zone. If a kasp is already set, it will be detached. + * + * Requires: + *\li 'zone' to be a valid zone. + */ + +void +dns_zone_setminrefreshtime(dns_zone_t *zone, uint32_t val); +/*%< + * Set the minimum refresh time. + * + * Requires: + *\li 'zone' is valid. + *\li val > 0. + */ + +void +dns_zone_setmaxrefreshtime(dns_zone_t *zone, uint32_t val); +/*%< + * Set the maximum refresh time. + * + * Requires: + *\li 'zone' is valid. + *\li val > 0. + */ + +void +dns_zone_setminretrytime(dns_zone_t *zone, uint32_t val); +/*%< + * Set the minimum retry time. + * + * Requires: + *\li 'zone' is valid. + *\li val > 0. + */ + +void +dns_zone_setmaxretrytime(dns_zone_t *zone, uint32_t val); +/*%< + * Set the maximum retry time. + * + * Requires: + *\li 'zone' is valid. + * val > 0. + */ + +void +dns_zone_setxfrsource4(dns_zone_t *zone, const isc_sockaddr_t *xfrsource); +/*%< + * Set the source address to be used in IPv4 zone transfers. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'xfrsource' to contain the address. + */ + +void +dns_zone_getxfrsource4(dns_zone_t *zone, isc_sockaddr_t *xfrsource); +/*%< + * Returns the source address set by a previous dns_zone_setxfrsource4 + * call, or the default of inaddr_any, port 0. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'xfrsource' to not be NULL + */ + +void +dns_zone_setxfrsource6(dns_zone_t *zone, const isc_sockaddr_t *xfrsource); +/*%< + * Set the source address to be used in IPv6 zone transfers. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'xfrsource' to contain the address. + */ + +void +dns_zone_getxfrsource6(dns_zone_t *zone, isc_sockaddr_t *xfrsource); +/*%< + * Returns the source address set by a previous dns_zone_setxfrsource6 + * call, or the default of in6addr_any, port 0. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'xfrsource' to not be NULL + */ + +void +dns_zone_setparentalsrc4(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc); +/*%< + * Set the source address to be used with IPv4 parental DS queries. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'parentalsrc' to contain the address. + */ + +void +dns_zone_getparentalsrc4(dns_zone_t *zone, isc_sockaddr_t *parentalsrc); +/*%< + * Returns the source address set by a previous dns_zone_setparentalsrc4 + * call, or the default of inaddr_any, port 0. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'parentalsrc' to be non NULL. + */ + +void +dns_zone_setparentalsrc6(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc); +/*%< + * Set the source address to be used with IPv6 parental DS queries. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'parentalsrc' to contain the address. + */ + +void +dns_zone_getparentalsrc6(dns_zone_t *zone, isc_sockaddr_t *parentalsrc); +/*%< + * Returns the source address set by a previous dns_zone_setparentalsrc6 + * call, or the default of in6addr_any, port 0. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'parentalsrc' to be non NULL. + */ + +void +dns_zone_setnotifysrc4(dns_zone_t *zone, dns_rdatatype_t type, + const isc_sockaddr_t *notifysrc); +/*%< + * Set the source address to be used with IPv4 NOTIFY messages. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'type' to be a valid notify RRtype. + *\li 'notifysrc' to contain the address. + */ + +void +dns_zone_setnotifysrc6(dns_zone_t *zone, dns_rdatatype_t type, + const isc_sockaddr_t *notifysrc); +/*%< + * Set the source address to be used with IPv6 NOTIFY messages. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'type' to be a valid notify RRtype. + *\li 'notifysrc' to contain the address. + */ + +void +dns_zone_setnotifyacl(dns_zone_t *zone, dns_acl_t *acl); +/*%< + * Sets the notify acl list for the zone. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'acl' to be a valid acl. + */ + +void +dns_zone_setqueryacl(dns_zone_t *zone, dns_acl_t *acl); +/*%< + * Sets the query acl list for the zone. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'acl' to be a valid acl. + */ + +void +dns_zone_setqueryonacl(dns_zone_t *zone, dns_acl_t *acl); +/*%< + * Sets the query-on acl list for the zone. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'acl' to be a valid acl. + */ + +void +dns_zone_setupdateacl(dns_zone_t *zone, dns_acl_t *acl); +/*%< + * Sets the update acl list for the zone. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'acl' to be valid acl. + */ + +void +dns_zone_setforwardacl(dns_zone_t *zone, dns_acl_t *acl); +/*%< + * Sets the forward unsigned updates acl list for the zone. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'acl' to be valid acl. + */ + +void +dns_zone_setxfracl(dns_zone_t *zone, dns_acl_t *acl); +/*%< + * Sets the transfer acl list for the zone. + * + * Require: + *\li 'zone' to be a valid zone. + *\li 'acl' to be valid acl. + */ + +dns_acl_t * +dns_zone_getqueryacl(dns_zone_t *zone); +/*%< + * Returns the current query acl or NULL. + * + * Require: + *\li 'zone' to be a valid zone. + * + * Returns: + *\li acl a pointer to the acl. + *\li NULL + */ + +dns_acl_t * +dns_zone_getqueryonacl(dns_zone_t *zone); +/*%< + * Returns the current query-on acl or NULL. + * + * Require: + *\li 'zone' to be a valid zone. + * + * Returns: + *\li acl a pointer to the acl. + *\li NULL + */ + +dns_acl_t * +dns_zone_getupdateacl(dns_zone_t *zone); +/*%< + * Returns the current update acl or NULL. + * + * Require: + *\li 'zone' to be a valid zone. + * + * Returns: + *\li acl a pointer to the acl. + *\li NULL + */ + +dns_acl_t * +dns_zone_getforwardacl(dns_zone_t *zone); +/*%< + * Returns the current forward unsigned updates acl or NULL. + * + * Require: + *\li 'zone' to be a valid zone. + * + * Returns: + *\li acl a pointer to the acl. + *\li NULL + */ + +dns_acl_t * +dns_zone_getxfracl(dns_zone_t *zone); +/*%< + * Returns the current transfer acl or NULL. + * + * Require: + *\li 'zone' to be a valid zone. + * + * Returns: + *\li acl a pointer to the acl. + *\li NULL + */ + +void +dns_zone_clearupdateacl(dns_zone_t *zone); +/*%< + * Clear the current update acl. + * + * Require: + *\li 'zone' to be a valid zone. + */ + +void +dns_zone_clearforwardacl(dns_zone_t *zone); +/*%< + * Clear the current forward unsigned updates acl. + * + * Require: + *\li 'zone' to be a valid zone. + */ + +void +dns_zone_clearnotifyacl(dns_zone_t *zone); +/*%< + * Clear the current notify acl. + * + * Require: + *\li 'zone' to be a valid zone. + */ + +void +dns_zone_clearqueryacl(dns_zone_t *zone); +/*%< + * Clear the current query acl. + * + * Require: + *\li 'zone' to be a valid zone. + */ + +void +dns_zone_clearqueryonacl(dns_zone_t *zone); +/*%< + * Clear the current query-on acl. + * + * Require: + *\li 'zone' to be a valid zone. + */ + +void +dns_zone_clearxfracl(dns_zone_t *zone); +/*%< + * Clear the current transfer acl. + * + * Require: + *\li 'zone' to be a valid zone. + */ + +bool +dns_zone_getupdatedisabled(dns_zone_t *zone); +/*%< + * Return true if updates are disabled. + */ + +void +dns_zone_setupdatedisabled(dns_zone_t *zone, bool state); +/*%< + * Enable or disable updates. + * + * This should only be called when running in exclusive mode; + * otherwise, updates that were already in progress could be + * committed after disabling. + */ + +bool +dns_zone_getzeronosoattl(dns_zone_t *zone); +/*%< + * Return zero-no-soa-ttl status. + */ + +void +dns_zone_setzeronosoattl(dns_zone_t *zone, bool state); +/*%< + * Set zero-no-soa-ttl status. + */ + +void +dns_zone_setchecknames(dns_zone_t *zone, dns_severity_t severity); +/*%< + * Set the severity of name checking when loading a zone. + * + * Require: + * \li 'zone' to be a valid zone. + */ + +dns_severity_t +dns_zone_getchecknames(dns_zone_t *zone); +/*%< + * Return the current severity of name checking. + * + * Require: + *\li 'zone' to be a valid zone. + */ + +void +dns_zone_setjournalsize(dns_zone_t *zone, int32_t size); +/*%< + * Sets the journal size for the zone. + * + * Requires: + *\li 'zone' to be a valid zone. + */ + +int32_t +dns_zone_getjournalsize(dns_zone_t *zone); +/*%< + * Return the journal size as set with a previous call to + * dns_zone_setjournalsize(). + * + * Requires: + *\li 'zone' to be a valid zone. + */ + +void +dns_zone_setminxfrratein(dns_zone_t *zone, uint32_t bytes, uint32_t seconds); +/*%< + * Set the minumum traffic rate (in bytes per seconds) that a zone transfer in + * (AXFR/IXFR) of this zone will use before being aborted. + * + * Requires: + * \li 'zone' to be valid initialised zone. + */ + +uint32_t +dns_zone_getminxfrratebytesin(dns_zone_t *zone); +/*%< + * Returns the 'bytes' portion of the minimum traffic rate for the transfer in + * for this zone. + * + * Requires: + *\li 'zone' to be valid initialised zone. + */ + +uint32_t +dns_zone_getminxfrratesecondsin(dns_zone_t *zone); +/*%< + * Returns the 'seconds' portion of the minimum traffic rate for the transfer in + * for this zone. + * + * Requires: + *\li 'zone' to be valid initialised zone. + */ + +void +dns_zone_setmaxxfrin(dns_zone_t *zone, uint32_t maxxfrin); +/*%< + * Set the maximum time (in seconds) that a zone transfer in (AXFR/IXFR) + * of this zone will use before being aborted. + * + * Requires: + * \li 'zone' to be valid initialised zone. + */ + +uint32_t +dns_zone_getmaxxfrin(dns_zone_t *zone); +/*%< + * Returns the maximum transfer time for this zone. This will be + * either the value set by the last call to dns_zone_setmaxxfrin() or + * the default value of 1 hour. + * + * Requires: + *\li 'zone' to be valid initialised zone. + */ + +void +dns_zone_setmaxxfrout(dns_zone_t *zone, uint32_t maxxfrout); +/*%< + * Set the maximum time (in seconds) that a zone transfer out (AXFR/IXFR) + * of this zone will use before being aborted. + * + * Requires: + * \li 'zone' to be valid initialised zone. + */ + +uint32_t +dns_zone_getmaxxfrout(dns_zone_t *zone); +/*%< + * Returns the maximum transfer time for this zone. This will be + * either the value set by the last call to dns_zone_setmaxxfrout() or + * the default value of 1 hour. + * + * Requires: + *\li 'zone' to be valid initialised zone. + */ + +void +dns_zone_setjournal(dns_zone_t *zone, const char *myjournal); +/*%< + * Sets the filename used for journaling updates / IXFR transfers. + * The default journal name is set by dns_zone_setfile() to be + * "file.jnl". If 'myjournal' is NULL, the zone will have no + * journal name. + * + * Requires: + *\li 'zone' to be a valid zone. + */ + +char * +dns_zone_getjournal(dns_zone_t *zone); +/*%< + * Returns the journal name associated with this zone. + * If no journal has been set this will be NULL. + * + * Requires: + *\li 'zone' to be valid initialised zone. + */ + +dns_zonetype_t +dns_zone_gettype(dns_zone_t *zone); +/*%< + * Returns the type of the zone (primary/secondary/etc.) + * + * Requires: + *\li 'zone' to be valid initialised zone. + */ + +uint32_t +dns_zone_getidlein(dns_zone_t *zone); +/*%< + * Requires: + * \li 'zone' to be a valid zone. + * + * Returns: + * \li number of seconds of idle time before we abort the transfer in. + */ + +void +dns_zone_setidlein(dns_zone_t *zone, uint32_t idlein); +/*%< + * \li Set the idle timeout for transfer the. + * \li Zero set the default value, 1 hour. + * + * Requires: + * \li 'zone' to be a valid zone. + */ + +uint32_t +dns_zone_getidleout(dns_zone_t *zone); +/*%< + * + * Requires: + * \li 'zone' to be a valid zone. + * + * Returns: + * \li number of seconds of idle time before we abort a transfer out. + */ + +void +dns_zone_setidleout(dns_zone_t *zone, uint32_t idleout); +/*%< + * \li Set the idle timeout for transfers out. + * \li Zero set the default value, 1 hour. + * + * Requires: + * \li 'zone' to be a valid zone. + */ + +void +dns_zone_getssutable(dns_zone_t *zone, dns_ssutable_t **table); +/*%< + * Get the simple-secure-update policy table. + * + * Requires: + * \li 'zone' to be a valid zone. + */ + +void +dns_zone_setssutable(dns_zone_t *zone, dns_ssutable_t *table); +/*%< + * Set / clear the simple-secure-update policy table. + * + * Requires: + * \li 'zone' to be a valid zone. + */ + +isc_mem_t * +dns_zone_getmctx(dns_zone_t *zone); +/*%< + * Get the memory context of a zone. + * + * Requires: + * \li 'zone' to be a valid zone. + */ + +dns_zonemgr_t * +dns_zone_getmgr(dns_zone_t *zone); +/*%< + * If 'zone' is managed return the zone manager otherwise NULL. + * + * Requires: + * \li 'zone' to be a valid zone. + */ + +void +dns_zone_setsigvalidityinterval(dns_zone_t *zone, uint32_t interval); +/*%< + * Set the zone's general signature validity interval. This is the length + * of time for which DNSSEC signatures created as a result of dynamic + * updates to secure zones will remain valid, in seconds. + * + * Requires: + * \li 'zone' to be a valid zone. + */ + +uint32_t +dns_zone_getsigvalidityinterval(dns_zone_t *zone); +/*%< + * Get the zone's general signature validity interval. + * + * Requires: + * \li 'zone' to be a valid zone. + */ + +void +dns_zone_setkeyvalidityinterval(dns_zone_t *zone, uint32_t interval); +/*%< + * Set the zone's DNSKEY signature validity interval. This is the length + * of time for which DNSSEC signatures created for DNSKEY records + * will remain valid, in seconds. + * + * If this value is set to zero, then the regular signature validity + * interval (see dns_zone_setsigvalidityinterval(), above) is used + * for all RRSIGs. However, if this value is nonzero, then it is used + * as the validity interval for RRSIGs covering DNSKEY and CDNSKEY + * RRsets. + * + * Requires: + * \li 'zone' to be a valid zone. + */ + +uint32_t +dns_zone_getkeyvalidityinterval(dns_zone_t *zone); +/*%< + * Get the zone's DNSKEY signature validity interval. + * + * Requires: + * \li 'zone' to be a valid zone. + */ + +void +dns_zone_setsigresigninginterval(dns_zone_t *zone, uint32_t interval); +/*%< + * Set the zone's RRSIG re-signing interval. A dynamic zone's RRSIG's + * will be re-signed 'interval' amount of time before they expire. + * + * Requires: + * \li 'zone' to be a valid zone. + */ + +uint32_t +dns_zone_getsigresigninginterval(dns_zone_t *zone); +/*%< + * Get the zone's RRSIG re-signing interval. + * + * Requires: + * \li 'zone' to be a valid zone. + */ + +void +dns_zone_getsourceaddr(dns_zone_t *zone, isc_sockaddr_t *sourceaddr); +/*%< + * Get the zone's source address from which it has last contacted the current + * primary server. + * + * Requires: + * \li 'zone' to be a valid zone. + * \li 'zone' has a non-empty primaries list. + * \li 'sourceaddr' to be non-NULL. + */ + +isc_result_t +dns_zone_getprimaryaddr(dns_zone_t *zone, isc_sockaddr_t *primaryaddr); +/*%< + * Get the zone's current primary server into '*primaryaddr'. + * + * Requires: + * \li 'zone' to be a valid zone. + * \li 'zone' has a non-empty primaries list. + * \li 'primaryaddr' to be non-NULL. + * + * Returns: + *\li #ISC_R_SUCCESS if the current primary server was found + *\li #ISC_R_NOMORE if all the primaries were already iterated over + */ + +isc_time_t +dns_zone_getxfrintime(dns_zone_t *zone); +/*%< + * Get the start time of the zone's latest major step before an incoming zone + * transfer is initiated. The time is set to the current time before the + * precursory SOA query is queued, then it gets reset when the query starts, + * when the query restarts (using another transport or another primary server), + * when an incoming zone transfer is initated and deferred, and, finally, when + * it gets started. + * + * Requires: + * \li 'zone' to be a valid zone. + */ + +void +dns_zone_setnotifytype(dns_zone_t *zone, dns_rdatatype_t type, + dns_notifytype_t notifytype); +/*%< + * Sets zone notify(type) method to "notifytype" + */ + +void +dns_zone_setcheckdstype(dns_zone_t *zone, dns_checkdstype_t checkdstype); +/*%< + * Sets zone checkds method to "checkdstype" + */ + +void +dns_zone_setkeydirectory(dns_zone_t *zone, const char *directory); +/*%< + * Sets the name of the directory where private keys used for + * online signing or dynamic zones are found. + * + * Require: + *\li 'zone' to be a valid zone. + */ + +const char * +dns_zone_getkeydirectory(dns_zone_t *zone); +/*%< + * Gets the name of the directory where private keys used for + * online signing of dynamic zones are found. + * + * Requires: + *\li 'zone' to be valid initialised zone. + * + * Returns: + * Pointer to null-terminated file name, or NULL. + */ + +void +dns_zone_setstats(dns_zone_t *zone, isc_stats_t *stats); +/*%< + * Set a general zone-maintenance statistics set 'stats' for 'zone'. This + * function is expected to be called only on zone creation (when necessary). + * Once installed, it cannot be removed or replaced. Also, there is no + * interface to get the installed stats from the zone; the caller must keep the + * stats to reference (e.g. dump) it later. + * + * Requires: + * \li 'zone' to be a valid zone and does not have a statistics set already + * installed. + * + *\li stats is a valid statistics supporting zone statistics counters + * (see dns/stats.h). + */ + +void +dns_zone_setrequeststats(dns_zone_t *zone, isc_stats_t *stats); + +void +dns_zone_setrcvquerystats(dns_zone_t *zone, isc_statsmulti_t *stats); + +void +dns_zone_setdnssecsignstats(dns_zone_t *zone, dns_stats_t *stats); +/*%< + * Set additional statistics sets to zone. These are attached to the zone + * but are not counted in the zone module; only the caller updates the + * counters. + * + * Requires: + * \li 'zone' to be a valid zone. + * + *\li stats is a valid statistics. + */ + +isc_stats_t * +dns_zone_getrequeststats(dns_zone_t *zone); + +isc_statsmulti_t * +dns_zone_getrcvquerystats(dns_zone_t *zone); + +dns_stats_t * +dns_zone_getdnssecsignstats(dns_zone_t *zone); +/*%< + * Get the additional statistics for zone, if one is installed. + * + * Requires: + * \li 'zone' to be a valid zone. + * + * Returns: + * \li when available, a pointer to the statistics set installed in zone; + * otherwise NULL. + */ + +void +dns_zone_name(dns_zone_t *zone, char *buf, size_t len); +/*%< + * Return the name of the zone with class and view. + * + * Requires: + *\li 'zone' to be valid. + *\li 'buf' to be non NULL. + */ + +void +dns_zone_nameonly(dns_zone_t *zone, char *buf, size_t len); +/*%< + * Return the name of the zone only. + * + * Requires: + *\li 'zone' to be valid. + *\li 'buf' to be non NULL. + */ + +void +dns_zone_setcheckmx(dns_zone_t *zone, dns_checkmxfunc_t checkmx); +/*%< + * Set the post load integrity callback function 'checkmx'. + * 'checkmx' will be called if the MX TARGET is not within the zone. + * + * Require: + * 'zone' to be a valid zone. + */ + +void +dns_zone_setchecksrv(dns_zone_t *zone, dns_checkmxfunc_t checksrv); +/*%< + * Set the post load integrity callback function 'checksrv'. + * 'checksrv' will be called if the SRV TARGET is not within the zone. + * + * Require: + * 'zone' to be a valid zone. + */ + +void +dns_zone_setcheckns(dns_zone_t *zone, dns_checknsfunc_t checkns); +/*%< + * Set the post load integrity callback function 'checkns'. + * 'checkns' will be called if the NS TARGET is not within the zone. + * + * Require: + * 'zone' to be a valid zone. + */ + +void +dns_zone_setcheckisservedby(dns_zone_t *zone, + dns_checkisservedbyfunc_t checkisserverby); +/*%< + * Set the post load integrity callback function 'checkisserverby'. + * 'checkisserverby' will be called if the NS TARGET is not within + * the zone and there are A or AAAA records in the the zone. + * + * Require: + * 'zone' to be a valid zone. + */ + +void +dns_zone_setnotifydefer(dns_zone_t *zone, dns_rdatatype_t type, uint32_t defer); +/*%< + * Set the wait/defer time (in seconds) before notify messages are sent when + * they are ready. + * + * Requires: + * 'zone' to be valid. + * 'type' to be a valid notify RRtype. + */ + +void +dns_zone_setnotifydelay(dns_zone_t *zone, dns_rdatatype_t type, uint32_t delay); +/*%< + * Set the minimum delay (in seconds) between sets of notify messages. + * + * Requires: + * 'zone' to be valid. + * 'type' to be a valid notify RRtype. + */ + +void +dns_zone_setisself(dns_zone_t *zone, dns_isselffunc_t isself, void *arg); +/*%< + * Set the isself callback function and argument. + * + * bool + * isself(dns_view_t *myview, dns_tsigkey_t *mykey, + * const isc_netaddr_t *srcaddr, const isc_netaddr_t *destaddr, + * dns_rdataclass_t rdclass, void *arg); + * + * 'isself' returns true if a non-recursive query from 'srcaddr' to + * 'destaddr' with optional key 'mykey' for class 'rdclass' would be + * delivered to 'myview'. + */ + +void +dns_zone_setnodes(dns_zone_t *zone, uint32_t nodes); +/*%< + * Set the number of nodes that will be checked per quantum. + */ + +void +dns_zone_setsignatures(dns_zone_t *zone, uint32_t signatures); +/*%< + * Set the number of signatures that will be generated per quantum. + */ + +uint32_t +dns_zone_getsignatures(dns_zone_t *zone); +/*%< + * Get the number of signatures that will be generated per quantum. + */ + +void +dns_zone_setprivatetype(dns_zone_t *zone, dns_rdatatype_t type); +dns_rdatatype_t +dns_zone_getprivatetype(dns_zone_t *zone); +/* + * Get/Set the private record type. It is expected that these interfaces + * will not be permanent. + */ + +void +dns_zone_setadded(dns_zone_t *zone, bool added); +/*% + * Sets the value of zone->added, which should be true for + * zones that were originally added by "rndc addzone". + * + * Requires: + * \li 'zone' to be valid. + */ + +bool +dns_zone_getadded(dns_zone_t *zone); +/*% + * Returns true if the zone was originally added at runtime + * using "rndc addzone". + * + * Requires: + * \li 'zone' to be valid. + */ + +void +dns_zone_setmodded(dns_zone_t *zone, bool added); +/*% + * Sets the value of zone->modded, which should be true for + * zones that were modified by "rndc modzone". + * + * Requires: + * \li 'zone' to be valid. + */ + +bool +dns_zone_getmodded(dns_zone_t *zone); +/*% + * Returns true if the zone was modified at runtime + * using "rndc modzone". + * + * Requires: + * \li 'zone' to be valid. + */ + +void +dns_zone_setautomatic(dns_zone_t *zone, bool automatic); +/*% + * Sets the value of zone->automatic, which should be true for + * zones that were automatically added by named. + * + * Requires: + * \li 'zone' to be valid. + */ + +bool +dns_zone_getautomatic(dns_zone_t *zone); +/*% + * Returns true if the zone was added automatically by named. + * + * Requires: + * \li 'zone' to be valid. + */ + +isc_result_t +dns_zone_setrefreshkeyinterval(dns_zone_t *zone, uint32_t interval); +/*% + * Sets the frequency, in minutes, with which the key repository will be + * checked to see if the keys for this zone have been updated. Any value + * higher than 1440 minutes (24 hours) will be silently reduced. A + * value of zero will return an out-of-range error. + * + * Requires: + * \li 'zone' to be valid. + */ + +bool +dns_zone_getrequestexpire(dns_zone_t *zone); +/*% + * Returns the true/false value of the request-expire option in the zone. + * + * Requires: + * \li 'zone' to be valid. + */ + +void +dns_zone_setrequestexpire(dns_zone_t *zone, bool flag); +/*% + * Sets the request-expire option for the zone. Either true or false. The + * default value is determined by the setting of this option in the view. + * + * Requires: + * \li 'zone' to be valid. + */ + +bool +dns_zone_getrequestixfr(dns_zone_t *zone); +/*% + * Returns the true/false value of the request-ixfr option in the zone. + * + * Requires: + * \li 'zone' to be valid. + */ + +void +dns_zone_setrequestixfr(dns_zone_t *zone, bool flag); +/*% + * Sets the request-ixfr option for the zone. Either true or false. The + * default value is determined by the setting of this option in the view. + * + * Requires: + * \li 'zone' to be valid. + */ + +bool +dns_zone_getrequestixfrmaxdiffs(dns_zone_t *zone); +/*% + * Returns the value of the request-ixfr-max-diffs option in the zone. + * + * Requires: + * \li 'zone' to be valid. + */ + +void +dns_zone_setrequestixfrmaxdiffs(dns_zone_t *zone, uint32_t maxmsgs); +/*% + * Sets the request-ixfr-max-diffs option for the zone. 0 means unlimited. The + * default value is determined by the setting of this option in the view. + * + * Requires: + * \li 'zone' to be valid. + */ + +uint32_t +dns_zone_getixfrratio(dns_zone_t *zone); +/*% + * Returns the zone's current IXFR ratio. + * + * Requires: + * \li 'zone' to be valid. + */ + +void +dns_zone_setixfrratio(dns_zone_t *zone, uint32_t ratio); +/*% + * Sets the ratio of IXFR size to zone size above which we use an AXFR + * response, expressed as a percentage. Cannot exceed 100. + * + * Requires: + * \li 'zone' to be valid. + */ + +void +dns_zone_setserialupdatemethod(dns_zone_t *zone, dns_updatemethod_t method); +/*% + * Sets the update method to use when incrementing the zone serial number + * due to a DDNS update. Valid options are dns_updatemethod_increment + * and dns_updatemethod_unixtime. + * + * Requires: + * \li 'zone' to be valid. + */ + +dns_updatemethod_t +dns_zone_getserialupdatemethod(dns_zone_t *zone); +/*%< + * Returns the update method to be used when incrementing the zone serial + * number due to a DDNS update. + * + * Requires: + * \li 'zone' to be valid. + */ + +void +dns_zone_getloadtime(dns_zone_t *zone, isc_time_t *loadtime); +/*% + * Return the time when the zone was last loaded. + */ + +void +dns_zone_getrefreshtime(dns_zone_t *zone, isc_time_t *refreshtime); +/*% + * Return the time when the (secondary) zone will need to be refreshed. + */ + +void +dns_zone_getexpiretime(dns_zone_t *zone, isc_time_t *expiretime); +/*% + * Return the time when the (secondary) zone will expire. + */ + +void +dns_zone_getrefreshkeytime(dns_zone_t *zone, isc_time_t *refreshkeytime); +/*% + * Return the time of the next scheduled DNSSEC key event. + */ + +void +dns_zone_setstatlevel(dns_zone_t *zone, dns_zonestat_level_t level); + +dns_zonestat_level_t +dns_zone_getstatlevel(dns_zone_t *zone); +/*% + * Set and get the statistics reporting level for the zone; + * full, terse, or none. + */ + +unsigned int +dns_zone_gettid(dns_zone_t *zone); +/**< + * \brief Return thread-id associated with the zone. + * + * \param valid dns_zone_t object + * + * \return thread id associated with the zone + */ + +isc_loop_t * +dns_zone_getloop(dns_zone_t *zone); +/**< + * \brief Return loop associated with the zone. + * + * \param valid dns_zone_t object + * + * \return loop associated with the zone + */ + +void +dns_zone_setrad(dns_zone_t *zone, dns_name_t *name); +/**< + * \brief Set the per zone RAD + * + * Requires: + * \li 'zone' to be a valid zone. + * \li 'name' is NULL or a valid name. + */ + +isc_result_t +dns_zone_getrad(dns_zone_t *zone, dns_name_t *name); +/**< + * \brief get the per zone RAD + * + * Requires: + * \li 'zone' to be a valid zone. + * \li 'name' is a valid name with a buffer. + */ + +void * +dns_zone_gethooktable(dns_zone_t *zone); +/**< + * Returns the zone hooktable + * + * Requires: + * \li 'zone' to be a valid zone. + */ + +void +dns_zone_sethooktable(dns_zone_t *zone, void *hooktable, + void (*hooktable_free)(isc_mem_t *, void **)); +/**< + * Initialize zone hooktable and free callback + * + * Requires: + * \li 'zone' to be a valid zone. + * \li 'hooktable' to be initialized. + * \li 'hooktable_free' to be valid. + */ + +void +dns_zone_setcfg(dns_zone_t *zone, const char *cfg); +/*%< + * Save a copy of the configuration text for 'zone', which can be + * used later to dump the configuration status. + * + * Requires: + * \li 'zone' to be a valid zone. + */ + +const char * +dns_zone_getcfg(dns_zone_t *zone); +/*%< + * Return a pointer to the configuration text for 'zone', that was + * previously saved using _setcfg(). + * + * Requires: + * \li 'zone' to be a valid zone. + */ diff --git a/lib/dns/meson.build b/lib/dns/meson.build index 42b9268cae..96168d5e36 100644 --- a/lib/dns/meson.build +++ b/lib/dns/meson.build @@ -168,6 +168,7 @@ dns_srcset.add( 'view.c', 'zone.c', 'zonefetch.c', + 'zoneproperties.c', 'zoneverify.c', 'zt.c', ), diff --git a/lib/dns/notify.c b/lib/dns/notify.c index 98396c25aa..46766ea711 100644 --- a/lib/dns/notify.c +++ b/lib/dns/notify.c @@ -26,6 +26,7 @@ #include #include #include +#include #include "zone_p.h" @@ -215,7 +216,7 @@ notify_createmessage(dns_notify_t *notify, dns_message_t **messagep) { message->opcode = dns_opcode_notify; message->flags |= DNS_MESSAGEFLAG_AA; - message->rdclass = dns_zone_getrdclass(notify->zone); + message->rdclass = dns_zone_getclass(notify->zone); dns_message_gettempname(message, &tempname); dns_message_gettemprdataset(message, &temprdataset); @@ -224,8 +225,7 @@ notify_createmessage(dns_notify_t *notify, dns_message_t **messagep) { * Make question. */ dns_name_clone(dns_zone_getorigin(notify->zone), tempname); - dns_rdataset_makequestion(temprdataset, - dns_zone_getrdclass(notify->zone), + dns_rdataset_makequestion(temprdataset, dns_zone_getclass(notify->zone), dns_rdatatype_soa); ISC_LIST_APPEND(tempname->list, temprdataset, link); dns_message_addname(message, tempname, DNS_SECTION_QUESTION); @@ -648,7 +648,7 @@ notify_isself(dns_notify_t *notify, isc_sockaddr_t *dst) { return false; } isself = (isselffunc)(view, key, &src, dst, - dns_zone_getrdclass(notify->zone), isselfarg); + dns_zone_getclass(notify->zone), isselfarg); if (key != NULL) { dns_tsigkey_detach(&key); } diff --git a/lib/dns/nsec3.c b/lib/dns/nsec3.c index 867aa2b26d..f19f45439f 100644 --- a/lib/dns/nsec3.c +++ b/lib/dns/nsec3.c @@ -38,6 +38,7 @@ #include #include #include +#include #include diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index 25ba14bd73..64135c2bf0 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -77,6 +77,7 @@ #include #include #include +#include #include "dns/view.h" diff --git a/lib/dns/rrl.c b/lib/dns/rrl.c index 9a5d568aa0..38405165e8 100644 --- a/lib/dns/rrl.c +++ b/lib/dns/rrl.c @@ -37,6 +37,7 @@ #include #include #include +#include static void log_end(dns_rrl_t *rrl, dns_rrl_entry_t *e, bool early, char *log_buf, diff --git a/lib/dns/update.c b/lib/dns/update.c index f05330e25a..e1cb886713 100644 --- a/lib/dns/update.c +++ b/lib/dns/update.c @@ -53,6 +53,7 @@ #include #include #include +#include #include /**************************************************************************/ diff --git a/lib/dns/view.c b/lib/dns/view.c index eca63fae9e..6208a1bfc4 100644 --- a/lib/dns/view.c +++ b/lib/dns/view.c @@ -61,6 +61,7 @@ #include #include #include +#include #include #define DNS_VIEW_DELONLYHASH 111 diff --git a/lib/dns/xfrin.c b/lib/dns/xfrin.c index 3ecac75281..20bd836ef4 100644 --- a/lib/dns/xfrin.c +++ b/lib/dns/xfrin.c @@ -46,6 +46,7 @@ #include #include #include +#include #include diff --git a/lib/dns/zone.c b/lib/dns/zone.c index 919613050a..cd1cf63dc4 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -95,6 +95,7 @@ #include #include #include +#include #include #include @@ -102,24 +103,6 @@ #include "zone_p.h" -#define ZONE_MAGIC ISC_MAGIC('Z', 'O', 'N', 'E') -#define DNS_ZONE_VALID(zone) ISC_MAGIC_VALID(zone, ZONE_MAGIC) - -#define CHECKDS_MAGIC ISC_MAGIC('C', 'h', 'D', 'S') -#define DNS_CHECKDS_VALID(checkds) ISC_MAGIC_VALID(checkds, CHECKDS_MAGIC) - -#define STUB_MAGIC ISC_MAGIC('S', 't', 'u', 'b') -#define DNS_STUB_VALID(stub) ISC_MAGIC_VALID(stub, STUB_MAGIC) - -#define ZONEMGR_MAGIC ISC_MAGIC('Z', 'm', 'g', 'r') -#define DNS_ZONEMGR_VALID(stub) ISC_MAGIC_VALID(stub, ZONEMGR_MAGIC) - -#define FORWARD_MAGIC ISC_MAGIC('F', 'o', 'r', 'w') -#define DNS_FORWARD_VALID(load) ISC_MAGIC_VALID(load, FORWARD_MAGIC) - -#define IO_MAGIC ISC_MAGIC('Z', 'm', 'I', 'O') -#define DNS_IO_VALID(load) ISC_MAGIC_VALID(load, IO_MAGIC) - /*% * Ensure 'a' is at least 'min' but not more than 'max'. */ @@ -148,71 +131,9 @@ UNLOCK(&((k)->lock)); \ } -/* - * Default values. - */ -#define DNS_DEFAULT_IDLEIN 3600 /*%< 1 hour */ -#define DNS_DEFAULT_IDLEOUT 3600 /*%< 1 hour */ -#define MAX_XFER_TIME (2 * 3600) /*%< Documented default is 2 hours */ -#define RESIGN_DELAY 3600 /*%< 1 hour */ - -#ifndef DNS_MAX_EXPIRE -#define DNS_MAX_EXPIRE 14515200 /*%< 24 weeks */ -#endif /* ifndef DNS_MAX_EXPIRE */ - -#ifndef DNS_DUMP_DELAY -#define DNS_DUMP_DELAY 900 /*%< 15 minutes */ -#endif /* ifndef DNS_DUMP_DELAY */ - -typedef struct dns_checkds dns_checkds_t; typedef struct dns_stub dns_stub_t; typedef struct dns_load dns_load_t; -typedef struct dns_forward dns_forward_t; -typedef ISC_LIST(dns_forward_t) dns_forwardlist_t; -typedef struct dns_signing dns_signing_t; -typedef ISC_LIST(dns_signing_t) dns_signinglist_t; -typedef struct dns_nsec3chain dns_nsec3chain_t; -typedef ISC_LIST(dns_nsec3chain_t) dns_nsec3chainlist_t; typedef struct dns_asyncload dns_asyncload_t; -typedef struct dns_include dns_include_t; - -#define DNS_ZONE_CHECKLOCK -#ifdef DNS_ZONE_CHECKLOCK -#define LOCK_ZONE(z) \ - do { \ - LOCK(&(z)->lock); \ - INSIST(!(z)->locked); \ - (z)->locked = true; \ - } while (0) -#define UNLOCK_ZONE(z) \ - do { \ - INSIST((z)->locked); \ - (z)->locked = false; \ - UNLOCK(&(z)->lock); \ - } while (0) -#define LOCKED_ZONE(z) ((z)->locked) -#define TRYLOCK_ZONE(result, z) \ - do { \ - result = isc_mutex_trylock(&(z)->lock); \ - if (result == ISC_R_SUCCESS) { \ - INSIST(!(z)->locked); \ - (z)->locked = true; \ - } \ - } while (0) -#else /* ifdef DNS_ZONE_CHECKLOCK */ -#define LOCK_ZONE(z) LOCK(&(z)->lock) -#define UNLOCK_ZONE(z) UNLOCK(&(z)->lock) -#define LOCKED_ZONE(z) true -#define TRYLOCK_ZONE(result, z) \ - do { \ - result = isc_mutex_trylock(&(z)->lock); \ - } while (0) -#endif /* ifdef DNS_ZONE_CHECKLOCK */ - -#define ZONEDB_INITLOCK(l) isc_rwlock_init(l) -#define ZONEDB_DESTROYLOCK(l) isc_rwlock_destroy(l) -#define ZONEDB_LOCK(l, t) RWLOCK((l), (t)) -#define ZONEDB_UNLOCK(l, t) RWUNLOCK((l), (t)) #ifdef ENABLE_AFL extern bool dns_fuzzing_resolver; @@ -229,290 +150,6 @@ typedef struct dns_keymgmt_bucket { static dns_keymgmt_bucket_t keymgmt_buckets_g[1024]; -typedef struct dns_rad { - isc_mem_t *mctx; - struct rcu_head rcu_head; - dns_fixedname_t fname; -} dns_rad_t; - -static void -free_rad_rcu(struct rcu_head *rcu_head) { - dns_rad_t *rad = caa_container_of(rcu_head, dns_rad_t, rcu_head); - dns_fixedname_invalidate(&rad->fname); - - isc_mem_putanddetach(&rad->mctx, rad, sizeof(*rad)); -} - -struct dns_zone { - /* Unlocked */ - unsigned int magic; - isc_mutex_t lock; -#ifdef DNS_ZONE_CHECKLOCK - bool locked; -#endif /* ifdef DNS_ZONE_CHECKLOCK */ - isc_mem_t *mctx; - isc_refcount_t references; - - isc_rwlock_t dblock; - dns_db_t *db; /* Locked by dblock */ - - isc_tid_t tid; - - /* Locked */ - dns_zonemgr_t *zmgr; - ISC_LINK(dns_zone_t) link; /* Used by zmgr. */ - isc_loop_t *loop; - isc_timer_t *timer; - isc_refcount_t irefs; - dns_name_t origin; - dns_rad_t *rad; - char *masterfile; - char *initfile; - const FILE *stream; /* loading from a stream? */ - ISC_LIST(dns_include_t) includes; /* Include files */ - ISC_LIST(dns_include_t) newincludes; /* Loading */ - unsigned int nincludes; - dns_masterformat_t masterformat; - const dns_master_style_t *masterstyle; - char *journal; - int32_t journalsize; - dns_rdataclass_t rdclass; - dns_zonetype_t type; - atomic_uint_fast64_t flags; - atomic_uint_fast64_t options; - unsigned int db_argc; - char **db_argv; - isc_time_t expiretime; - isc_time_t refreshtime; - isc_time_t dumptime; - isc_time_t loadtime; - isc_time_t notifytime; - isc_time_t resigntime; - isc_time_t keywarntime; - isc_time_t signingtime; - isc_time_t nsec3chaintime; - isc_time_t refreshkeytime; - isc_time_t xfrintime; - uint32_t refreshkeyinterval; - uint32_t refresh; - uint32_t retry; - uint32_t expire; - uint32_t minimum; - isc_stdtime_t key_expiry; - isc_stdtime_t log_key_expired_timer; - char *keydirectory; - dns_xfrin_t *xfr; - - uint32_t maxrefresh; - uint32_t minrefresh; - uint32_t maxretry; - uint32_t minretry; - - uint32_t maxrecords; - uint32_t maxrrperset; - uint32_t maxtypepername; - - dns_remote_t primaries; - - dns_remote_t parentals; - dns_dnsseckeylist_t checkds_ok; - dns_checkdstype_t checkdstype; - uint32_t parent_nscount; - - uint32_t fetchcount[ZONEFETCHTYPE_COUNT]; - - dns_remote_t alsonotify; - dns_notifyctx_t notifysoa; - - dns_remote_t cds_endpoints; - dns_notifyctx_t notifycds; - - isc_sockaddr_t parentalsrc4; - isc_sockaddr_t parentalsrc6; - isc_sockaddr_t xfrsource4; - isc_sockaddr_t xfrsource6; - isc_sockaddr_t sourceaddr; - dns_tsigkey_t *tsigkey; /* key used for xfr */ - dns_transport_t *transport; /* transport used for xfr */ - /* Access Control Lists */ - dns_acl_t *update_acl; - dns_acl_t *forward_acl; - dns_acl_t *query_acl; - dns_acl_t *queryon_acl; - dns_acl_t *xfr_acl; - bool update_disabled; - bool zero_no_soa_ttl; - dns_severity_t check_names; - - ISC_LIST(dns_checkds_t) checkds_requests; - dns_request_t *request; - dns_loadctx_t *loadctx; - dns_dumpctx_t *dumpctx; - uint32_t minxfrratebytesin; - uint32_t minxfrratesecondsin; - uint32_t maxxfrin; - uint32_t maxxfrout; - uint32_t idlein; - uint32_t idleout; - dns_ssutable_t *ssutable; - uint32_t sigvalidityinterval; - uint32_t keyvalidityinterval; - uint32_t sigresigninginterval; - dns_view_t *view; - dns_view_t *prev_view; - dns_kasp_t *kasp; - dns_kasp_t *defaultkasp; - dns_dnsseckeylist_t keyring; - dns_checkmxfunc_t checkmx; - dns_checksrvfunc_t checksrv; - dns_checknsfunc_t checkns; - dns_checkisservedbyfunc_t checkisservedby; - /*% - * Zones in certain states such as "waiting for zone transfer" - * or "zone transfer in progress" are kept on per-state linked lists - * in the zone manager using the 'statelink' field. The 'statelist' - * field points at the list the zone is currently on. It the zone - * is not on any such list, statelist is NULL. - */ - ISC_LINK(dns_zone_t) statelink; - dns_zonelist_t *statelist; - /*% - * Statistics counters about zone management. - */ - isc_stats_t *stats; - /*% - * Optional per-zone statistics counters. Counted outside of this - * module. - */ - dns_zonestat_level_t statlevel; - bool requeststats_on; - isc_stats_t *requeststats; - isc_statsmulti_t *rcvquerystats; - dns_stats_t *dnssecsignstats; - dns_isselffunc_t isself; - void *isselfarg; - - char *strnamerd; - char *strname; - char *strrdclass; - char *strviewname; - - /*% - * Serial number for deferred journal compaction. - */ - uint32_t compact_serial; - /*% - * Keys that are signing the zone for the first time. - */ - dns_signinglist_t signing; - dns_nsec3chainlist_t nsec3chain; - /*% - * List of outstanding NSEC3PARAM change requests. - */ - ISC_LIST(struct np3) setnsec3param_queue; - /*% - * Signing / re-signing quantum stopping parameters. - */ - uint32_t signatures; - uint32_t nodes; - dns_rdatatype_t privatetype; - - /*% - * True if added by "rndc addzone" - */ - bool added; - - /*% - * True if modded by "rndc modzone" - */ - bool modded; - - /*% - * True if added by automatically by named. - */ - bool automatic; - - /*% - * response policy data to be relayed to the database - */ - dns_rpz_zones_t *rpzs; - dns_rpz_num_t rpz_num; - - /*% - * catalog zone data - */ - dns_catz_zones_t *catzs; - - /*% - * parent catalog zone - */ - dns_catz_zone_t *parentcatz; - - /*% - * Serial number update method. - */ - dns_updatemethod_t updatemethod; - - /*% - * whether ixfr is requested - */ - bool requestixfr; - uint32_t requestixfr_maxdiffs; - uint32_t ixfr_ratio; - - /*% - * whether EDNS EXPIRE is requested - */ - bool requestexpire; - - /*% - * Outstanding forwarded UPDATE requests. - */ - dns_forwardlist_t forwards; - - dns_zone_t *raw; - dns_zone_t *secure; - - bool sourceserialset; - uint32_t sourceserial; - - /*% - * soa and maximum zone ttl - */ - dns_ttl_t soattl; - dns_ttl_t maxttl; - - /* - * Inline zone signing state. - */ - dns_diff_t rss_diff; - dns_dbversion_t *rss_newver; - dns_dbversion_t *rss_oldver; - dns_db_t *rss_db; - dns_zone_t *rss_raw; - struct rss *rss; - dns_update_state_t *rss_state; - - isc_stats_t *gluecachestats; - - /*% - * Offline KSK signed key responses. - */ - dns_skr_t *skr; - dns_skrbundle_t *skrbundle; - - /* - * Plugin-related data structures - */ - void *plugins; - void (*plugins_free)(isc_mem_t *, void **); - void *hooktable; - void (*hooktable_free)(isc_mem_t *, void **); - - /* Configuration text */ - char *cfg; -}; - #define zonediff_init(z, d) \ do { \ dns__zonediff_t *_z = (z); \ @@ -520,64 +157,6 @@ struct dns_zone { (_z)->offline = false; \ } while (0) -#define DNS_ZONE_FLAG(z, f) ((atomic_load_relaxed(&(z)->flags) & (f)) != 0) -#define DNS_ZONE_SETFLAG(z, f) atomic_fetch_or(&(z)->flags, (f)) -#define DNS_ZONE_CLRFLAG(z, f) atomic_fetch_and(&(z)->flags, ~(f)) -typedef enum { - DNS_ZONEFLG_REFRESH = 1U << 0, /*%< refresh check in progress */ - DNS_ZONEFLG_NEEDDUMP = 1U << 1, /*%< zone need consolidation */ - DNS_ZONEFLG_USEVC = 1U << 2, /*%< use tcp for refresh query */ - DNS_ZONEFLG_DUMPING = 1U << 3, /*%< a dump is in progress */ - DNS_ZONEFLG_HASINCLUDE = 1U << 4, /*%< $INCLUDE in zone file */ - DNS_ZONEFLG_LOADED = 1U << 5, /*%< database has loaded */ - DNS_ZONEFLG_EXITING = 1U << 6, /*%< zone is being destroyed */ - DNS_ZONEFLG_EXPIRED = 1U << 7, /*%< zone has expired */ - DNS_ZONEFLG_NEEDREFRESH = 1U << 8, /*%< refresh check needed */ - DNS_ZONEFLG_UPTODATE = 1U << 9, /*%< zone contents are - * up-to-date */ - DNS_ZONEFLG_NEEDNOTIFY = 1U << 10, /*%< need to send out notify - * messages */ - DNS_ZONEFLG_FIXJOURNAL = 1U << 11, /*%< journal file had - * recoverable error, - * needs rewriting */ - DNS_ZONEFLG_NOPRIMARIES = 1U << 12, /*%< an attempt to refresh a - * zone with no primaries - * occurred */ - DNS_ZONEFLG_LOADING = 1U << 13, /*%< load from disk in progress*/ - DNS_ZONEFLG_HAVETIMERS = 1U << 14, /*%< timer values have been set - * from SOA (if not set, we - * are still using - * default timer values) */ - DNS_ZONEFLG_FORCEXFER = 1U << 15, /*%< Force a zone xfer */ - DNS_ZONEFLG_SHUTDOWN = 1U << 16, - DNS_ZONEFLG_NOIXFR = 1U << 17, /*%< IXFR failed, force AXFR */ - DNS_ZONEFLG_FLUSH = 1U << 18, - DNS_ZONEFLG_NOEDNS = 1U << 19, - DNS_ZONEFLG_USEALTXFRSRC = 1U << 20, /*%< Obsoleted. */ - DNS_ZONEFLG_SOABEFOREAXFR = 1U << 21, - DNS_ZONEFLG_NEEDCOMPACT = 1U << 22, - DNS_ZONEFLG_REFRESHING = 1U << 23, /*%< Refreshing keydata */ - DNS_ZONEFLG_THAW = 1U << 24, - DNS_ZONEFLG_LOADPENDING = 1U << 25, /*%< Loading scheduled */ - DNS_ZONEFLG_NODELAY = 1U << 26, - DNS_ZONEFLG_SENDSECURE = 1U << 27, - DNS_ZONEFLG_NEEDSTARTUPNOTIFY = 1U << 28, /*%< need to send out - * notify due to the zone - * just being loaded for - * the first time. */ - DNS_ZONEFLG_NOTIFYNODEFER = 1U << 29, /*%< ignore the - * notify-defer option. */ - DNS_ZONEFLG_NOTIFYDEFERRED = 1U << 30, /*%< notify was deferred - * according to the - * notify-defer option. */ - DNS_ZONEFLG_FIRSTREFRESH = 1U << 31, /*%< First refresh pending */ - DNS_ZONEFLG___MAX = UINT64_MAX, /* trick to make the ENUM 64-bit wide */ -} dns_zoneflg_t; - -#define DNS_ZONE_OPTION(z, o) ((atomic_load_relaxed(&(z)->options) & (o)) != 0) -#define DNS_ZONE_SETOPTION(z, o) atomic_fetch_or(&(z)->options, (o)) -#define DNS_ZONE_CLROPTION(z, o) atomic_fetch_and(&(z)->options, ~(o)) - /* Flags for zone_load() */ typedef enum { DNS_ZONELOADFLAG_NOSTAT = 0x00000001U, /* Do not stat() master files */ @@ -617,25 +196,6 @@ struct dns_zonemgr { isc_rwlock_t tlsctx_cache_rwlock; }; -/*% - * Hold checkds state. - */ -struct dns_checkds { - unsigned int magic; - dns_notify_flags_t flags; - isc_mem_t *mctx; - dns_zone_t *zone; - dns_adbfind_t *find; - dns_request_t *request; - dns_name_t ns; - isc_sockaddr_t src; - isc_sockaddr_t dst; - dns_tsigkey_t *key; - dns_transport_t *transport; - ISC_LINK(dns_checkds_t) link; - isc_rlevent_t *rlevent; -}; - /*% * dns_stub holds state while performing a 'stub' transfer. * 'db' is the zone's 'db' or a new one if this is the initial @@ -661,75 +221,6 @@ struct dns_load { dns_rdatacallbacks_t callbacks; }; -/*% - * Hold forward state. - */ -struct dns_forward { - unsigned int magic; - isc_mem_t *mctx; - dns_zone_t *zone; - isc_buffer_t *msgbuf; - dns_request_t *request; - uint32_t which; - isc_sockaddr_t addr; - dns_transport_t *transport; - dns_updatecallback_t callback; - void *callback_arg; - unsigned int options; - ISC_LINK(dns_forward_t) link; -}; - -/*% - * Hold state for when we are signing a zone with a new - * DNSKEY as result of an update. - */ -struct dns_signing { - unsigned int magic; - dns_db_t *db; - dns_dbiterator_t *dbiterator; - dst_algorithm_t algorithm; - uint16_t keyid; - bool deleteit; - bool fullsign; - bool done; - ISC_LINK(dns_signing_t) link; -}; - -struct dns_nsec3chain { - unsigned int magic; - dns_db_t *db; - dns_dbiterator_t *dbiterator; - dns_rdata_nsec3param_t nsec3param; - unsigned char salt[255]; - bool done; - bool seen_nsec; - bool delete_nsec; - bool save_delete_nsec; - ISC_LINK(dns_nsec3chain_t) link; -}; - -/*%< - * 'dbiterator' contains a iterator for the database. If we are creating - * a NSEC3 chain only the non-NSEC3 nodes will be iterated. If we are - * removing a NSEC3 chain then both NSEC3 and non-NSEC3 nodes will be - * iterated. - * - * 'nsec3param' contains the parameters of the NSEC3 chain being created - * or removed. - * - * 'salt' is buffer space and is referenced via 'nsec3param.salt'. - * - * 'seen_nsec' will be set to true if, while iterating the zone to create a - * NSEC3 chain, a NSEC record is seen. - * - * 'delete_nsec' will be set to true if, at the completion of the creation - * of a NSEC3 chain, 'seen_nsec' is true. If 'delete_nsec' is true then we - * are in the process of deleting the NSEC chain. - * - * 'save_delete_nsec' is used to store the initial state of 'delete_nsec' - * so it can be recovered in the event of a error. - */ - /*% * Hold state for an asynchronous load */ @@ -740,15 +231,6 @@ struct dns_asyncload { void *loaded_arg; }; -/*% - * Reference to an include file encountered during loading - */ -struct dns_include { - char *name; - isc_time_t filetime; - ISC_LINK(dns_include_t) link; -}; - /* * These can be overridden by the -T mkeytimers option on the command * line, so that we can test with shorter periods than specified in @@ -766,13 +248,6 @@ unsigned int dns_zone_mkey_month = MONTH; static void zone_timer_set(dns_zone_t *zone, isc_time_t *next, isc_time_t *now); -typedef struct zone_settimer { - dns_zone_t *zone; - isc_time_t now; -} zone_settimer_t; - -static void -zone_settimer(dns_zone_t *, isc_time_t *); static void cancel_refresh(dns_zone_t *); static void @@ -812,8 +287,6 @@ zone_catz_enable(dns_zone_t *zone, dns_catz_zones_t *catzs); static void zone_catz_disable(dns_zone_t *zone); static void -default_journal(dns_zone_t *zone); -static void zone_xfrdone(dns_zone_t *zone, uint32_t *expireopt, isc_result_t result); static isc_result_t zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, @@ -829,10 +302,6 @@ zone_startload(dns_db_t *db, dns_zone_t *zone, isc_time_t loadtime); static void zone_namerd_tostr(dns_zone_t *zone, char *buf, size_t length); static void -zone_name_tostr(dns_zone_t *zone, char *buf, size_t length); -static void -zone_rdclass_tostr(dns_zone_t *zone, char *buf, size_t length); -static void zone_viewname_tostr(dns_zone_t *zone, char *buf, size_t length); static isc_result_t zone_send_secureserial(dns_zone_t *zone, uint32_t serial); @@ -881,8 +350,6 @@ zone_get_from_db(dns_zone_t *zone, dns_db_t *db, unsigned int *nscount, uint32_t *refresh, uint32_t *retry, uint32_t *expire, uint32_t *minimum, unsigned int *errors); -static void -zone_freedbargs(dns_zone_t *zone); static void forward_callback(void *arg); static void @@ -1222,7 +689,7 @@ dns__zone_free(dns_zone_t *zone) { if (zone->catzs != NULL) { dns_catz_zones_detach(&zone->catzs); } - zone_freedbargs(zone); + dns__zone_freedbargs(zone); dns_zone_setparentals(zone, NULL, NULL, NULL, NULL, 0); dns_zone_setprimaries(zone, NULL, NULL, NULL, NULL, 0); @@ -1287,9 +754,10 @@ dns__zone_free(dns_zone_t *zone) { * Returns true iff this the signed side of an inline-signing zone. * Caller should hold zone lock. */ -static bool -inline_secure(dns_zone_t *zone) { +bool +dns__zone_inline_secure(dns_zone_t *zone) { REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(LOCKED_ZONE(zone)); if (zone->raw != NULL) { return true; } @@ -1300,89 +768,16 @@ inline_secure(dns_zone_t *zone) { * Returns true iff this the unsigned side of an inline-signing zone * Caller should hold zone lock. */ -static bool -inline_raw(dns_zone_t *zone) { +bool +dns__zone_inline_raw(dns_zone_t *zone) { REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(LOCKED_ZONE(zone)); if (zone->secure != NULL) { return true; } return false; } -/* - * Single shot. - */ -void -dns_zone_setclass(dns_zone_t *zone, dns_rdataclass_t rdclass) { - char namebuf[1024]; - - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(rdclass != dns_rdataclass_none); - - /* - * Test and set. - */ - LOCK_ZONE(zone); - INSIST(zone != zone->raw); - REQUIRE(zone->rdclass == dns_rdataclass_none || - zone->rdclass == rdclass); - zone->rdclass = rdclass; - - if (zone->strnamerd != NULL) { - isc_mem_free(zone->mctx, zone->strnamerd); - } - if (zone->strrdclass != NULL) { - isc_mem_free(zone->mctx, zone->strrdclass); - } - - zone_namerd_tostr(zone, namebuf, sizeof namebuf); - zone->strnamerd = isc_mem_strdup(zone->mctx, namebuf); - zone_rdclass_tostr(zone, namebuf, sizeof namebuf); - zone->strrdclass = isc_mem_strdup(zone->mctx, namebuf); - - if (inline_secure(zone)) { - dns_zone_setclass(zone->raw, rdclass); - } - UNLOCK_ZONE(zone); -} - -dns_rdataclass_t -dns_zone_getclass(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->rdclass; -} - -void -dns_zone_setnotifytype(dns_zone_t *zone, dns_rdatatype_t type, - dns_notifytype_t notifytype) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - switch (type) { - case dns_rdatatype_soa: - zone->notifysoa.notifytype = notifytype; - break; - case dns_rdatatype_cds: - INSIST(notifytype == dns_notifytype_no || - notifytype == dns_notifytype_yes); - zone->notifycds.notifytype = notifytype; - break; - default: - UNREACHABLE(); - } - UNLOCK_ZONE(zone); -} - -void -dns_zone_setcheckdstype(dns_zone_t *zone, dns_checkdstype_t checkdstype) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - zone->checkdstype = checkdstype; - UNLOCK_ZONE(zone); -} - isc_result_t dns_zone_getserial(dns_zone_t *zone, uint32_t *serialp) { isc_result_t result; @@ -1459,34 +854,8 @@ dns_zone_getzoneversion(dns_zone_t *zone, isc_buffer_t *b) { return result; } -/* - * Single shot. - */ void -dns_zone_settype(dns_zone_t *zone, dns_zonetype_t type) { - char namebuf[1024]; - - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(type != dns_zone_none); - - /* - * Test and set. - */ - LOCK_ZONE(zone); - REQUIRE(zone->type == dns_zone_none || zone->type == type); - zone->type = type; - - if (zone->strnamerd != NULL) { - isc_mem_free(zone->mctx, zone->strnamerd); - } - - zone_namerd_tostr(zone, namebuf, sizeof namebuf); - zone->strnamerd = isc_mem_strdup(zone->mctx, namebuf); - UNLOCK_ZONE(zone); -} - -static void -zone_freedbargs(dns_zone_t *zone) { +dns__zone_freedbargs(dns_zone_t *zone) { unsigned int i; /* Free the old database argument list. */ @@ -1502,69 +871,7 @@ zone_freedbargs(dns_zone_t *zone) { } void -dns_zone_getdbtype(dns_zone_t *zone, char ***argv, isc_mem_t *mctx) { - size_t size = 0; - unsigned int i; - void *mem; - char **tmp, *tmp2, *base; - - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(argv != NULL && *argv == NULL); - - LOCK_ZONE(zone); - size = ISC_CHECKED_MUL(zone->db_argc + 1, sizeof(char *)); - for (i = 0; i < zone->db_argc; i++) { - size += strlen(zone->db_argv[i]) + 1; - } - mem = isc_mem_allocate(mctx, size); - { - tmp = mem; - tmp2 = mem; - base = mem; - tmp2 += ISC_CHECKED_MUL(zone->db_argc + 1, sizeof(char *)); - for (i = 0; i < zone->db_argc; i++) { - *tmp++ = tmp2; - strlcpy(tmp2, zone->db_argv[i], size - (tmp2 - base)); - tmp2 += strlen(tmp2) + 1; - } - *tmp = NULL; - } - UNLOCK_ZONE(zone); - *argv = mem; -} - -void -dns_zone_setdbtype(dns_zone_t *zone, unsigned int dbargc, - const char *const *dbargv) { - char **argv = NULL; - unsigned int i; - - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(dbargc >= 1); - REQUIRE(dbargv != NULL); - - LOCK_ZONE(zone); - - /* Set up a new database argument list. */ - argv = isc_mem_cget(zone->mctx, dbargc, sizeof(*argv)); - for (i = 0; i < dbargc; i++) { - argv[i] = NULL; - } - for (i = 0; i < dbargc; i++) { - argv[i] = isc_mem_strdup(zone->mctx, dbargv[i]); - } - - /* Free the old list. */ - zone_freedbargs(zone); - - zone->db_argc = dbargc; - zone->db_argv = argv; - - UNLOCK_ZONE(zone); -} - -static void -dns_zone_setview_helper(dns_zone_t *zone, dns_view_t *view) { +dns__zone_setview_helper(dns_zone_t *zone, dns_view_t *view) { char namebuf[1024]; if (zone->prev_view == NULL && zone->view != NULL) { @@ -1591,27 +898,11 @@ dns_zone_setview_helper(dns_zone_t *zone, dns_view_t *view) { zone_viewname_tostr(zone, namebuf, sizeof namebuf); zone->strviewname = isc_mem_strdup(zone->mctx, namebuf); - if (inline_secure(zone)) { + if (dns__zone_inline_secure(zone)) { dns_zone_setview(zone->raw, view); } } -void -dns_zone_setview(dns_zone_t *zone, dns_view_t *view) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - dns_zone_setview_helper(zone, view); - UNLOCK_ZONE(zone); -} - -dns_view_t * -dns_zone_getview(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->view; -} - void dns_zone_setviewcommit(dns_zone_t *zone) { REQUIRE(DNS_ZONE_VALID(zone)); @@ -1620,7 +911,7 @@ dns_zone_setviewcommit(dns_zone_t *zone) { if (zone->prev_view != NULL) { dns_view_weakdetach(&zone->prev_view); } - if (inline_secure(zone)) { + if (dns__zone_inline_secure(zone)) { dns_zone_setviewcommit(zone->raw); } UNLOCK_ZONE(zone); @@ -1632,402 +923,18 @@ dns_zone_setviewrevert(dns_zone_t *zone) { LOCK_ZONE(zone); if (zone->prev_view != NULL) { - dns_zone_setview_helper(zone, zone->prev_view); + dns__zone_setview_helper(zone, zone->prev_view); dns_view_weakdetach(&zone->prev_view); } if (zone->catzs != NULL) { zone_catz_enable(zone, zone->catzs); } - if (inline_secure(zone)) { + if (dns__zone_inline_secure(zone)) { dns_zone_setviewrevert(zone->raw); } UNLOCK_ZONE(zone); } -void -dns_zone_setorigin(dns_zone_t *zone, const dns_name_t *origin) { - char namebuf[1024]; - - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(origin != NULL); - - LOCK_ZONE(zone); - INSIST(zone != zone->raw); - if (dns_name_dynamic(&zone->origin)) { - dns_name_free(&zone->origin, zone->mctx); - dns_name_init(&zone->origin); - } - dns_name_dup(origin, zone->mctx, &zone->origin); - - if (zone->strnamerd != NULL) { - isc_mem_free(zone->mctx, zone->strnamerd); - } - if (zone->strname != NULL) { - isc_mem_free(zone->mctx, zone->strname); - } - - zone_namerd_tostr(zone, namebuf, sizeof namebuf); - zone->strnamerd = isc_mem_strdup(zone->mctx, namebuf); - zone_name_tostr(zone, namebuf, sizeof namebuf); - zone->strname = isc_mem_strdup(zone->mctx, namebuf); - - if (inline_secure(zone)) { - dns_zone_setorigin(zone->raw, origin); - } - UNLOCK_ZONE(zone); -} - -static void -setstring(dns_zone_t *zone, char **field, const char *value) { - char *copy; - - if (value != NULL) { - copy = isc_mem_strdup(zone->mctx, value); - } else { - copy = NULL; - } - - if (*field != NULL) { - isc_mem_free(zone->mctx, *field); - } - - *field = copy; -} - -typedef struct foundtoken foundtoken_t; -typedef isc_result_t (*tokenparse_t)(const dns_zone_t *zone, - const foundtoken_t *token, - isc_buffer_t *b); -struct foundtoken { - const char *pos; - size_t len; - tokenparse_t parse; -}; - -static int -foundtoken_order(const void *a, const void *b) { - /* sort char pointers in order of which occurs first in memory */ - return ((foundtoken_t *)a)->pos - ((foundtoken_t *)b)->pos; -} - -static isc_result_t -putmem(isc_buffer_t *b, const char *base, size_t length) { - size_t space = isc_buffer_availablelength(b) - 1; - if (space < length) { - isc_buffer_putmem(b, (const unsigned char *)base, space); - return ISC_R_NOSPACE; - } - - isc_buffer_putmem(b, (const unsigned char *)base, length); - return ISC_R_SUCCESS; -} - -static isc_result_t -tokenparse_type(const dns_zone_t *zone, const foundtoken_t *token, - isc_buffer_t *b) { - const char *typename = dns_zonetype_name(zone->type); - - UNUSED(token); - - return putmem(b, typename, strlen(typename)); -} - -static isc_result_t -tokenparse_name(const dns_zone_t *zone, const foundtoken_t *token, - isc_buffer_t *b) { - isc_result_t result; - char buf[DNS_NAME_FORMATSIZE]; - dns_fixedname_t fn; - dns_name_t *name = dns_fixedname_initname(&fn); - - UNUSED(token); - - result = dns_name_downcase(&zone->origin, name); - RUNTIME_CHECK(result == ISC_R_SUCCESS); - dns_name_format(name, buf, sizeof(buf)); - result = putmem(b, buf, strlen(buf)); - - return result; -} - -static isc_result_t -tokenparse_view(const dns_zone_t *zone, const foundtoken_t *token, - isc_buffer_t *b) { - UNUSED(token); - - return putmem(b, zone->view->name, strlen(zone->view->name)); -} - -static isc_result_t -tokenparse_char(const dns_zone_t *zone, const foundtoken_t *token, - isc_buffer_t *b) { - isc_result_t result; - char buf[DNS_NAME_FORMATSIZE]; - dns_fixedname_t fn; - dns_name_t *name = dns_fixedname_initname(&fn); - size_t chartokidx; - char c; - - result = dns_name_downcase(&zone->origin, name); - RUNTIME_CHECK(result == ISC_R_SUCCESS); - dns_name_format(name, buf, sizeof(buf)); - - chartokidx = token->pos[token->len - 1] - '1'; - INSIST(chartokidx <= 2); - if (chartokidx < strlen(buf)) { - c = buf[chartokidx]; - } else { - c = '.'; - } - result = putmem(b, &c, 1); - - return result; -} - -static isc_result_t -tokenparse_label(const dns_zone_t *zone, const foundtoken_t *token, - isc_buffer_t *b) { - isc_result_t result; - char buf[DNS_NAME_FORMATSIZE]; - dns_fixedname_t fn; - dns_name_t *name = dns_fixedname_initname(&fn); - unsigned int labels = dns_name_countlabels(&zone->origin); - char labeltokidx; - int ilabel = -1; - - result = dns_name_fromstring(name, ".", NULL, 0, NULL); - INSIST(result == ISC_R_SUCCESS); - - labeltokidx = token->pos[token->len - 1]; - if (token->len == 2) { - /* - * %z, %y, %x pattern - */ - INSIST(labeltokidx >= 'x' && labeltokidx <= 'z'); - } else { - /* - * $label1, $label2, $label3 pattern - */ - INSIST(labeltokidx >= '1' && labeltokidx <= '3'); - } - - /* - * Even if implicit, the root label counts as one label. - */ - if (labeltokidx == '1' || labeltokidx == 'z') { - ilabel = labels - 2; - } else if (labeltokidx == '2' || labeltokidx == 'y') { - ilabel = labels - 3; - } else if (labeltokidx == '3' || labeltokidx == 'x') { - ilabel = labels - 4; - } - - if (ilabel >= 0) { - dns_name_getlabelsequence(&zone->origin, ilabel, 1, name); - result = dns_name_downcase(name, name); - RUNTIME_CHECK(result == ISC_R_SUCCESS); - } - dns_name_format(name, buf, sizeof(buf)); - result = putmem(b, buf, strlen(buf)); - - return result; -} - -typedef struct { - const char *name; - tokenparse_t parse; -} token_t; -static const token_t tokens[] = { - { "$type", tokenparse_type }, { "$name", tokenparse_name }, - { "$view", tokenparse_view }, { "$char1", tokenparse_char }, - { "$char2", tokenparse_char }, { "$char3", tokenparse_char }, - { "$label1", tokenparse_label }, { "$label2", tokenparse_label }, - { "$label3", tokenparse_label }, { "%t", tokenparse_type }, - { "%s", tokenparse_name }, { "%v", tokenparse_view }, - { "%1", tokenparse_char }, { "%2", tokenparse_char }, - { "%3", tokenparse_char }, { "%z", tokenparse_label }, - { "%y", tokenparse_label }, { "%x", tokenparse_label } -}; - -/* - * Set the masterfile field, expanding: - * - * - $name or "%s" to the zone name - * - $type or "%t" to the zone type - * - $view or "%v" to the view name. - * - $char1 or "%1" to the first character of the zone name - * - $char2 or "%2" to the second character of the zone name (or a dot if - * there is no second character) - * - $char3 or "%3" to the third character of the zone name (or a dot if - * there is no third character) - * - $label1 or "%z" to the toplevel domain of the zone (or a dot if it is - * the TLD) - * - $label2 or "%y" to the next label under the toplevel domain (or a dot if - * there is no next label) - * - $label2 or "%x" to the next-next label under the toplevel domain (or a - * dot if there is no next-next label) - * - * Cap the length at PATH_MAX. - */ -static void -setfilename(dns_zone_t *zone, char **field, const char *value) { - isc_result_t result; - foundtoken_t founds[ARRAY_SIZE(tokens)]; - char filename[PATH_MAX]; - isc_buffer_t b; - size_t tags = 0; - - if (value == NULL) { - *field = NULL; - return; - } - - for (size_t i = 0; i < ARRAY_SIZE(tokens); i++) { - const token_t *token = &tokens[i]; - const char *p = strcasestr(value, token->name); - - if (p != NULL) { - founds[tags++] = - (foundtoken_t){ .pos = p, - .len = strlen(token->name), - .parse = token->parse }; - } - } - - if (tags == 0) { - setstring(zone, field, value); - return; - } - - isc_buffer_init(&b, filename, sizeof(filename)); - - /* sort the tag offsets in order of occurrence */ - qsort(founds, tags, sizeof(foundtoken_t), foundtoken_order); - - const char *p = value; - for (size_t i = 0; i < tags; i++) { - foundtoken_t *token = &founds[i]; - - CHECK(putmem(&b, p, token->pos - p)); - - p = token->pos; - INSIST(p != NULL); - CHECK(token->parse(zone, token, &b)); - - /* Advance the input pointer past the token */ - p += founds[i].len; - } - - const char *end = value + strlen(value); - putmem(&b, p, end - p); - -cleanup: - isc_buffer_putuint8(&b, 0); - setstring(zone, field, filename); -} - -void -dns_zone_setfile(dns_zone_t *zone, const char *file, const char *initial_file, - dns_masterformat_t format, const dns_master_style_t *style) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(zone->stream == NULL); - - LOCK_ZONE(zone); - setfilename(zone, &zone->masterfile, file); - setstring(zone, &zone->initfile, initial_file); - zone->masterformat = format; - if (format == dns_masterformat_text) { - zone->masterstyle = style; - } - default_journal(zone); - UNLOCK_ZONE(zone); -} - -const char * -dns_zone_getfile(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->masterfile; -} - -void -dns_zone_setstream(dns_zone_t *zone, const FILE *stream, - dns_masterformat_t format, const dns_master_style_t *style) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(stream != NULL); - REQUIRE(zone->masterfile == NULL); - - LOCK_ZONE(zone); - zone->stream = stream; - zone->masterformat = format; - if (format == dns_masterformat_text) { - zone->masterstyle = style; - } - default_journal(zone); - UNLOCK_ZONE(zone); -} - -dns_ttl_t -dns_zone_getmaxttl(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->maxttl; -} - -void -dns_zone_setmaxttl(dns_zone_t *zone, dns_ttl_t maxttl) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - if (maxttl != 0) { - DNS_ZONE_SETOPTION(zone, DNS_ZONEOPT_CHECKTTL); - } else { - DNS_ZONE_CLROPTION(zone, DNS_ZONEOPT_CHECKTTL); - } - zone->maxttl = maxttl; - UNLOCK_ZONE(zone); - - return; -} - -static void -default_journal(dns_zone_t *zone) { - char *journal; - - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(LOCKED_ZONE(zone)); - - if (zone->masterfile != NULL) { - /* Calculate string length including '\0'. */ - int len = strlen(zone->masterfile) + sizeof(".jnl"); - journal = isc_mem_allocate(zone->mctx, len); - strlcpy(journal, zone->masterfile, len); - strlcat(journal, ".jnl", len); - } else { - journal = NULL; - } - setstring(zone, &zone->journal, journal); - if (journal != NULL) { - isc_mem_free(zone->mctx, journal); - } -} - -void -dns_zone_setjournal(dns_zone_t *zone, const char *myjournal) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - setstring(zone, &zone->journal, myjournal); - UNLOCK_ZONE(zone); -} - -char * -dns_zone_getjournal(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->journal; -} - /* * Return true iff the zone is "dynamic", in the sense that the zone's * master file (if any) is written by the server, rather than being @@ -2296,7 +1203,7 @@ zone_load(dns_zone_t *zone, unsigned int flags, bool locked) { } INSIST(zone != zone->raw); - hasraw = inline_secure(zone); + hasraw = dns__zone_inline_secure(zone); if (hasraw) { /* * We are trying to load an inline-signed zone. First call @@ -2509,7 +1416,7 @@ zone_load(dns_zone_t *zone, unsigned int flags, bool locked) { } zone->refreshtime = now; if (zone->loop != NULL) { - zone_settimer(zone, &now); + dns__zone_settimer(zone, &now); } result = ISC_R_SUCCESS; goto cleanup; @@ -2660,8 +1567,13 @@ dns__zone_loadpending(dns_zone_t *zone) { isc_result_t dns_zone_loadandthaw(dns_zone_t *zone) { isc_result_t result; + bool inline_raw; - if (inline_raw(zone)) { + LOCK_ZONE(zone); + inline_raw = dns__zone_inline_raw(zone); + UNLOCK_ZONE(zone); + + if (inline_raw) { result = zone_load(zone->secure, DNS_ZONELOADFLAG_THAW, false); } else { /* @@ -4145,7 +3057,7 @@ zone_addnsec3chain(dns_zone_t *zone, dns_rdata_nsec3param_t *nsec3param) { now = isc_time_now(); zone->nsec3chaintime = now; if (zone->loop != NULL) { - zone_settimer(zone, &now); + dns__zone_settimer(zone, &now); } } } @@ -4269,8 +3181,8 @@ cleanup: } } -static void -set_resigntime(dns_zone_t *zone) { +void +dns__zone_set_resigntime(dns_zone_t *zone) { dns_fixedname_t fixed; isc_stdtime_t resign; isc_result_t result; @@ -4278,14 +3190,15 @@ set_resigntime(dns_zone_t *zone) { dns_db_t *db = NULL; dns_typepair_t typepair; - INSIST(LOCKED_ZONE(zone)); + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(LOCKED_ZONE(zone)); /* We only re-sign zones that can be dynamically updated */ if (!dns_zone_isdynamic(zone, false)) { return; } - if (inline_raw(zone)) { + if (dns__zone_inline_raw(zone)) { return; } @@ -4458,7 +3371,7 @@ set_refreshkeytimer(dns_zone_t *zone, dns_rdata_keydata_t *key, isc_time_formattimestamp(&zone->refreshkeytime, timebuf, 80); dns_zone_log(zone, ISC_LOG_DEBUG(1), "next key refresh: %s", timebuf); - zone_settimer(zone, &timenow); + dns__zone_settimer(zone, &timenow); } /* @@ -5209,7 +4122,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, bool is_dynamic = false; INSIST(LOCKED_ZONE(zone)); - if (inline_raw(zone)) { + if (dns__zone_inline_raw(zone)) { INSIST(LOCKED_ZONE(zone->secure)); } @@ -5240,7 +4153,8 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, isc_result_totext(result)); } } else if (zone->type == dns_zone_primary && - inline_secure(zone) && result == ISC_R_FILENOTFOUND) + dns__zone_inline_secure(zone) && + result == ISC_R_FILENOTFOUND) { dns_zone_logc(zone, DNS_LOGCATEGORY_ZONELOAD, ISC_LOG_DEBUG(1), @@ -5587,7 +4501,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_LOADED | DNS_ZONEFLG_NEEDSTARTUPNOTIFY); if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_SENDSECURE) && - inline_raw(zone)) + dns__zone_inline_raw(zone)) { if (zone->secure->db == NULL) { zone_send_securedb(zone, db); @@ -5601,7 +4515,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, * Finished loading inline-signing zone; need to get status * from the raw side now. */ - if (zone->type == dns_zone_primary && inline_secure(zone)) { + if (zone->type == dns_zone_primary && dns__zone_inline_secure(zone)) { maybe_send_secure(zone); } @@ -5621,14 +4535,14 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, if (zone->loop != NULL) { if (zone->type == dns_zone_primary) { - set_resigntime(zone); + dns__zone_set_resigntime(zone); resume_signingwithkey(zone); resume_addnsec3chain(zone); } is_dynamic = dns_zone_isdynamic(zone, false); if (zone->type == dns_zone_primary && is_dynamic && - dns_db_issecure(db) && !inline_raw(zone)) + dns_db_issecure(db) && !dns__zone_inline_raw(zone)) { isc_stdtime_t resign; dns_name_t *name; @@ -5663,7 +4577,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, } } - zone_settimer(zone, &now); + dns__zone_settimer(zone, &now); } /* @@ -5727,13 +4641,15 @@ cleanup: /* Mark the zone for immediate refresh. */ zone->refreshtime = now; if (zone->loop != NULL) { - zone_settimer(zone, &now); + dns__zone_settimer(zone, &now); } result = ISC_R_SUCCESS; } else if (zone->type == dns_zone_primary || zone->type == dns_zone_redirect) { - if (!(inline_secure(zone) && result == ISC_R_FILENOTFOUND)) { + if (!(dns__zone_inline_secure(zone) && + result == ISC_R_FILENOTFOUND)) + { dns_zone_logc(zone, DNS_LOGCATEGORY_ZONELOAD, ISC_LOG_ERROR, "not loaded due to errors."); @@ -5753,7 +4669,8 @@ done: * dealing with by consulting the DNS_ZONEFLG_LOADED flag for the * secure zone: if it is set, this must be a reload. */ - if (inline_raw(zone) && DNS_ZONE_FLAG(zone->secure, DNS_ZONEFLG_LOADED)) + if (dns__zone_inline_raw(zone) && + DNS_ZONE_FLAG(zone->secure, DNS_ZONEFLG_LOADED)) { DNS_ZONE_CLRFLAG(zone->secure, DNS_ZONEFLG_LOADPENDING); /* @@ -5762,7 +4679,7 @@ done: * zone_maintenance was called. */ if (zone->secure->loop != NULL) { - zone_settimer(zone->secure, &now); + dns__zone_settimer(zone->secure, &now); } } @@ -6138,13 +5055,6 @@ dns_zone_idetach(dns_zone_t **zonep) { } } -isc_mem_t * -dns_zone_getmctx(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->mctx; -} - isc_refcount_t * dns__zone_irefs(dns_zone_t *zone) { REQUIRE(DNS_ZONE_VALID(zone)); @@ -6152,58 +5062,6 @@ dns__zone_irefs(dns_zone_t *zone) { return &zone->irefs; } -dns_zonemgr_t * -dns_zone_getmgr(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->zmgr; -} - -void -dns_zone_setkasp(dns_zone_t *zone, dns_kasp_t *kasp) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - if (zone->kasp != NULL) { - dns_kasp_detach(&zone->kasp); - } - if (kasp != NULL) { - dns_kasp_attach(kasp, &zone->kasp); - } - UNLOCK_ZONE(zone); -} - -void -dns_zone_setdefaultkasp(dns_zone_t *zone, dns_kasp_t *kasp) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - if (zone->defaultkasp != NULL) { - dns_kasp_detach(&zone->defaultkasp); - } - if (kasp != NULL) { - dns_kasp_attach(kasp, &zone->defaultkasp); - } - UNLOCK_ZONE(zone); -} - -dns_kasp_t * -dns_zone_getkasp(dns_zone_t *zone) { - dns_kasp_t *kasp = NULL; - - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - if (inline_raw(zone) && zone->secure != NULL) { - kasp = zone->secure->kasp; - } else { - kasp = zone->kasp; - } - UNLOCK_ZONE(zone); - - return kasp; -} - static void dns_zone_setskr(dns_zone_t *zone, dns_skr_t *skr) { REQUIRE(DNS_ZONE_VALID(zone)); @@ -6226,7 +5084,7 @@ dns_zone_getskrbundle(dns_zone_t *zone) { REQUIRE(DNS_ZONE_VALID(zone)); LOCK_ZONE(zone); - if (inline_raw(zone) && zone->secure != NULL) { + if (dns__zone_inline_raw(zone) && zone->secure != NULL) { bundle = zone->secure->skrbundle; } else { bundle = zone->skrbundle; @@ -6254,283 +5112,6 @@ dns_zone_getoptions(dns_zone_t *zone) { return atomic_load_relaxed(&zone->options); } -void -dns_zone_setxfrsource4(dns_zone_t *zone, const isc_sockaddr_t *xfrsource) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(xfrsource != NULL); - - LOCK_ZONE(zone); - zone->xfrsource4 = *xfrsource; - UNLOCK_ZONE(zone); -} - -void -dns_zone_getxfrsource4(dns_zone_t *zone, isc_sockaddr_t *xfrsource) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(xfrsource != NULL); - - LOCK_ZONE(zone); - *xfrsource = zone->xfrsource4; - UNLOCK_ZONE(zone); -} - -void -dns_zone_setxfrsource6(dns_zone_t *zone, const isc_sockaddr_t *xfrsource) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(xfrsource != NULL); - - LOCK_ZONE(zone); - zone->xfrsource6 = *xfrsource; - UNLOCK_ZONE(zone); -} - -void -dns_zone_getxfrsource6(dns_zone_t *zone, isc_sockaddr_t *xfrsource) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(xfrsource != NULL); - - LOCK_ZONE(zone); - *xfrsource = zone->xfrsource6; - UNLOCK_ZONE(zone); -} - -void -dns_zone_setparentalsrc4(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(parentalsrc != NULL); - - LOCK_ZONE(zone); - zone->parentalsrc4 = *parentalsrc; - UNLOCK_ZONE(zone); -} - -void -dns_zone_getparentalsrc4(dns_zone_t *zone, isc_sockaddr_t *parentalsrc) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(parentalsrc != NULL); - - LOCK_ZONE(zone); - *parentalsrc = zone->parentalsrc4; - UNLOCK_ZONE(zone); -} - -void -dns_zone_setparentalsrc6(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - zone->parentalsrc6 = *parentalsrc; - UNLOCK_ZONE(zone); -} - -void -dns_zone_getparentalsrc6(dns_zone_t *zone, isc_sockaddr_t *parentalsrc) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(parentalsrc != NULL); - - LOCK_ZONE(zone); - *parentalsrc = zone->parentalsrc6; - UNLOCK_ZONE(zone); -} - -void -dns_zone_setnotifysrc4(dns_zone_t *zone, dns_rdatatype_t type, - const isc_sockaddr_t *notifysrc) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(notifysrc != NULL); - - LOCK_ZONE(zone); - switch (type) { - case dns_rdatatype_soa: - zone->notifysoa.notifysrc4 = *notifysrc; - break; - case dns_rdatatype_cds: - zone->notifycds.notifysrc4 = *notifysrc; - break; - default: - UNREACHABLE(); - } - UNLOCK_ZONE(zone); -} - -void -dns_zone_setnotifysrc6(dns_zone_t *zone, dns_rdatatype_t type, - const isc_sockaddr_t *notifysrc) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(notifysrc != NULL); - - LOCK_ZONE(zone); - switch (type) { - case dns_rdatatype_soa: - zone->notifysoa.notifysrc6 = *notifysrc; - break; - case dns_rdatatype_cds: - zone->notifycds.notifysrc6 = *notifysrc; - break; - default: - UNREACHABLE(); - } - UNLOCK_ZONE(zone); -} - -static bool -has_pf(isc_sockaddr_t *addresses, size_t count, int pf) { - for (size_t i = 0; i < count; i++) { - if (isc_sockaddr_pf(&addresses[i]) == pf) { - return true; - } - } - return false; -} - -static void -report_no_active_addresses(dns_zone_t *zone, isc_sockaddr_t *addresses, - size_t count, const char *what) { - if (isc_net_probeipv4() == ISC_R_DISABLED) { - if (!has_pf(addresses, count, AF_INET6)) { - dns_zone_log(zone, ISC_LOG_NOTICE, - "IPv4 disabled and no IPv6 %s", what); - } - } else if (isc_net_probeipv6() == ISC_R_DISABLED) { - if (!has_pf(addresses, count, AF_INET)) { - dns_zone_log(zone, ISC_LOG_NOTICE, - "IPv6 disabled and no IPv4 %s", what); - } - } -} - -static void -setremote(dns_zone_t *zone, dns_remote_t *remote, const char *remotestr, - isc_sockaddr_t *addresses, isc_sockaddr_t *sources, - dns_name_t **keynames, dns_name_t **tlsnames, bool refresh, - bool report, uint32_t count) { - dns_remote_t newremote; - - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(DNS_REMOTE_VALID(remote)); - - newremote.magic = DNS_REMOTE_MAGIC; - newremote.addresses = addresses; - newremote.sources = sources; - newremote.keynames = keynames; - newremote.tlsnames = tlsnames; - newremote.addrcnt = count; - - if (dns_remote_equal(remote, &newremote)) { - return; - } - - /* - * The refresh code assumes that 'servers' wouldn't change under it. - * If it will change then kill off any current refresh in progress - * and update the primaries info. If it won't change then we can just - * unlock and exit. - */ - if (zone->request != NULL && refresh) { - dns_request_cancel(zone->request); - } - - dns_remote_clear(remote); - - /* - * If count == 0, don't allocate any space for servers. - */ - if (count == 0) { - return; - } - - /* - * Now set up the address and key lists. - */ - if (report) { - report_no_active_addresses(zone, addresses, count, remotestr); - } - - dns_remote_init(remote, count, addresses, sources, keynames, tlsnames, - true, zone->mctx); -} - -void -dns_zone_setalsonotify(dns_zone_t *zone, isc_sockaddr_t *addresses, - isc_sockaddr_t *sources, dns_name_t **keynames, - dns_name_t **tlsnames, uint32_t count) { - bool refresh = false; - bool report = false; - - LOCK_ZONE(zone); - setremote(zone, &zone->alsonotify, "also-notify", addresses, sources, - keynames, tlsnames, refresh, report, count); - UNLOCK_ZONE(zone); -} - -void -dns_zone_setprimaries(dns_zone_t *zone, isc_sockaddr_t *addresses, - isc_sockaddr_t *sources, dns_name_t **keynames, - dns_name_t **tlsnames, uint32_t count) { - bool refresh = true; - bool report = true; - - LOCK_ZONE(zone); - setremote(zone, &zone->primaries, "primaries", addresses, sources, - keynames, tlsnames, refresh, report, count); - DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_NOPRIMARIES); - UNLOCK_ZONE(zone); -} - -void -dns_zone_setparentals(dns_zone_t *zone, isc_sockaddr_t *addresses, - isc_sockaddr_t *sources, dns_name_t **keynames, - dns_name_t **tlsnames, uint32_t count) { - bool refresh = false; - bool report = true; - - LOCK_ZONE(zone); - setremote(zone, &zone->parentals, "parental-agents", addresses, sources, - keynames, tlsnames, refresh, report, count); - UNLOCK_ZONE(zone); -} - -void -dns_zone_setcdsendpoints(dns_zone_t *zone, isc_sockaddr_t *addresses, - isc_sockaddr_t *sources, dns_name_t **keynames, - dns_name_t **tlsnames, uint32_t count) { - bool refresh = false; - bool report = false; - - LOCK_ZONE(zone); - setremote(zone, &zone->cds_endpoints, "cds-endpoints", addresses, - sources, keynames, tlsnames, refresh, report, count); - UNLOCK_ZONE(zone); -} - -isc_result_t -dns_zone_getdb(dns_zone_t *zone, dns_db_t **dpb) { - isc_result_t result = ISC_R_SUCCESS; - - REQUIRE(DNS_ZONE_VALID(zone)); - - ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); - if (zone->db == NULL) { - result = DNS_R_NOTLOADED; - } else { - dns_db_attach(zone->db, dpb); - } - ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); - - return result; -} - -void -dns_zone_setdb(dns_zone_t *zone, dns_db_t *db) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(zone->type == dns_zone_staticstub); - - ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_write); - REQUIRE(zone->db == NULL); - dns_db_attach(db, &zone->db); - ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_write); -} - static bool was_dumping(dns_zone_t *zone) { REQUIRE(LOCKED_ZONE(zone)); @@ -7648,7 +6229,7 @@ cleanup: LOCK_ZONE(zone); if (result == ISC_R_SUCCESS) { - set_resigntime(zone); + dns__zone_set_resigntime(zone); zone_needdump(zone, DNS_DUMP_DELAY); DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_NEEDNOTIFY); } else { @@ -9342,7 +7923,7 @@ closeversion: } LOCK_ZONE(zone); - set_resigntime(zone); + dns__zone_set_resigntime(zone); UNLOCK_ZONE(zone); cleanup: @@ -10110,7 +8691,7 @@ pauseall: } LOCK_ZONE(zone); - set_resigntime(zone); + dns__zone_set_resigntime(zone); if (commit) { DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_NEEDNOTIFY); zone_needdump(zone, DNS_DUMP_DELAY); @@ -10501,7 +9082,7 @@ keyfetch_cancel(dns_zonefetch_t *fetch) { timenow = isc_time_now(); DNS_ZONE_TIME_ADD(&timenow, dns_zone_mkey_hour, &timethen); zone->refreshkeytime = timethen; - zone_settimer(zone, &timenow); + dns__zone_settimer(zone, &timenow); isc_time_formattimestamp(&zone->refreshkeytime, timebuf, 80); dnssec_log(zone, ISC_LOG_DEBUG(1), "retry key refresh: %s", @@ -11534,7 +10115,7 @@ zone_maintenance(dns_zone_t *zone) { break; } LOCK_ZONE(zone); - zone_settimer(zone, &now); + dns__zone_settimer(zone, &now); UNLOCK_ZONE(zone); } @@ -11552,7 +10133,7 @@ dns_zone_markdirty(dns_zone_t *zone) { again: LOCK_ZONE(zone); if (zone->type == dns_zone_primary) { - if (inline_raw(zone)) { + if (dns__zone_inline_raw(zone)) { unsigned int soacount; secure = zone->secure; INSIST(secure != zone); @@ -11580,11 +10161,11 @@ again: /* XXXMPA make separate call back */ if (result == ISC_R_SUCCESS) { - set_resigntime(zone); + dns__zone_set_resigntime(zone); if (zone->loop != NULL) { isc_time_t now; now = isc_time_now(); - zone_settimer(zone, &now); + dns__zone_settimer(zone, &now); } } } @@ -11730,7 +10311,7 @@ zone_journal_rollforward(dns_zone_t *zone, dns_db_t *db, bool *needdump, isc_result_t result; if (zone->type == dns_zone_primary && - (inline_secure(zone) || + (dns__zone_inline_secure(zone) || (zone->update_acl != NULL || zone->ssutable != NULL))) { options = DNS_JOURNALOPT_RESIGN; @@ -11807,7 +10388,7 @@ zone_journal_compact(dns_zone_t *zone, dns_db_t *db, uint32_t serial) { uint32_t options = 0; INSIST(LOCKED_ZONE(zone)); - if (inline_raw(zone)) { + if (dns__zone_inline_raw(zone)) { INSIST(LOCKED_ZONE(zone->secure)); } @@ -11909,7 +10490,7 @@ zone_needdump(dns_zone_t *zone, unsigned int delay) { zone->dumptime = dumptime; } if (zone->loop != NULL) { - zone_settimer(zone, &now); + dns__zone_settimer(zone, &now); } } @@ -11957,7 +10538,7 @@ dump_done(void *arg, isc_result_t result) { */ again: LOCK_ZONE(zone); - if (inline_raw(zone)) { + if (dns__zone_inline_raw(zone)) { secure = zone->secure; INSIST(secure != zone); TRYLOCK_ZONE(result, secure); @@ -12063,6 +10644,7 @@ zone_dump(dns_zone_t *zone, bool compact) { dns_masterformat_t masterformat = dns_masterformat_none; const dns_master_style_t *masterstyle = NULL; dns_masterrawheader_t rawdata; + bool inline_secure; /* * 'compact' MUST only be set if we are loop locked. @@ -12103,7 +10685,11 @@ redo: dns_master_initrawheader(&rawdata); - if (inline_secure(zone)) { + LOCK_ZONE(zone); + inline_secure = dns__zone_inline_secure(zone); + UNLOCK_ZONE(zone); + + if (inline_secure) { get_raw_serial(zone->raw, &rawdata); } @@ -12197,6 +10783,7 @@ dumptostream(dns_zone_t *zone, FILE *fd, const dns_master_style_t *style, dns_dbversion_t *version = NULL; dns_db_t *db = NULL; dns_masterrawheader_t rawdata; + bool inline_secure; REQUIRE(DNS_ZONE_VALID(zone)); @@ -12209,11 +10796,15 @@ dumptostream(dns_zone_t *zone, FILE *fd, const dns_master_style_t *style, return DNS_R_NOTLOADED; } + LOCK_ZONE(zone); + inline_secure = dns__zone_inline_secure(zone); + UNLOCK_ZONE(zone); + dns_db_currentversion(db, &version); dns_master_initrawheader(&rawdata); if (rawversion == 0) { rawdata.flags |= DNS_MASTERRAW_COMPAT; - } else if (inline_secure(zone)) { + } else if (inline_secure) { get_raw_serial(zone->raw, &rawdata); } else if (zone->sourceserialset) { rawdata.flags = DNS_MASTERRAW_SOURCESERIALSET; @@ -12303,72 +10894,6 @@ zone_unload(dns_zone_t *zone) { } } -void -dns_zone_setminrefreshtime(dns_zone_t *zone, uint32_t val) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(val > 0); - - zone->minrefresh = val; -} - -void -dns_zone_setmaxrefreshtime(dns_zone_t *zone, uint32_t val) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(val > 0); - - zone->maxrefresh = val; -} - -void -dns_zone_setminretrytime(dns_zone_t *zone, uint32_t val) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(val > 0); - - zone->minretry = val; -} - -void -dns_zone_setmaxretrytime(dns_zone_t *zone, uint32_t val) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(val > 0); - - zone->maxretry = val; -} - -uint32_t -dns_zone_getmaxrecords(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->maxrecords; -} - -void -dns_zone_setmaxrecords(dns_zone_t *zone, uint32_t val) { - REQUIRE(DNS_ZONE_VALID(zone)); - - zone->maxrecords = val; -} - -void -dns_zone_setmaxrrperset(dns_zone_t *zone, uint32_t val) { - REQUIRE(DNS_ZONE_VALID(zone)); - - zone->maxrrperset = val; - if (zone->db != NULL) { - dns_db_setmaxrrperset(zone->db, val); - } -} - -void -dns_zone_setmaxtypepername(dns_zone_t *zone, uint32_t val) { - REQUIRE(DNS_ZONE_VALID(zone)); - - zone->maxtypepername = val; - if (zone->db != NULL) { - dns_db_setmaxtypepername(zone->db, val); - } -} - void dns_zone_notify(dns_zone_t *zone, bool nodefer) { isc_time_t now; @@ -12392,7 +10917,7 @@ dns_zone_notify(dns_zone_t *zone, bool nodefer) { DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_NOTIFYNODEFER); } now = isc_time_now(); - zone_settimer(zone, &now); + dns__zone_settimer(zone, &now); UNLOCK_ZONE(zone); } @@ -12768,7 +11293,7 @@ stub_finish_zone_update(dns_stub_t *stub, isc_time_t now) { zone_needdump(zone, 0); } - zone_settimer(zone, &now); + dns__zone_settimer(zone, &now); } /* @@ -13406,7 +11931,7 @@ next_primary: DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_NOEDNS); if (exiting || dns_remote_done(&zone->primaries)) { DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_REFRESH); - zone_settimer(zone, &now); + dns__zone_settimer(zone, &now); goto free_stub; } queue_soa_query(zone); @@ -13926,7 +12451,7 @@ next_primary: DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_NEEDREFRESH); zone->refreshtime = now; } - zone_settimer(zone, &now); + dns__zone_settimer(zone, &now); goto detach; } @@ -13943,7 +12468,7 @@ exiting: */ DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_REFRESH); zone->refreshtime = now; - zone_settimer(zone, &now); + dns__zone_settimer(zone, &now); dns_request_destroy(&zone->request); goto detach; @@ -14611,11 +13136,13 @@ zone_shutdown(void *arg) { * stored in the raw-format dump of the secure zone. In this scenario, * dump_done() takes care of cleaning up the zone->raw reference. */ - if (inline_secure(zone) && !DNS_ZONE_FLAG(zone, DNS_ZONEFLG_DUMPING)) { + if (dns__zone_inline_secure(zone) && + !DNS_ZONE_FLAG(zone, DNS_ZONEFLG_DUMPING)) + { raw = zone->raw; zone->raw = NULL; } - if (inline_raw(zone)) { + if (dns__zone_inline_raw(zone)) { secure = zone->secure; zone->secure = NULL; } @@ -14841,8 +13368,8 @@ free: } } -static void -zone_settimer(dns_zone_t *zone, isc_time_t *now) { +void +dns__zone_settimer(dns_zone_t *zone, isc_time_t *now) { if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_EXITING)) { return; } @@ -14871,7 +13398,7 @@ cancel_refresh(dns_zone_t *zone) { DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_REFRESH); now = isc_time_now(); - zone_settimer(zone, &now); + dns__zone_settimer(zone, &now); } isc_result_t @@ -14919,7 +13446,7 @@ dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from, */ LOCK_ZONE(zone); INSIST(zone != zone->raw); - if (inline_secure(zone)) { + if (dns__zone_inline_secure(zone)) { result = dns_zone_notifyreceive(zone->raw, from, to, msg); UNLOCK_ZONE(zone); return result; @@ -15086,364 +13613,6 @@ dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from, return ISC_R_SUCCESS; } -void -dns_zone_setnotifyacl(dns_zone_t *zone, dns_acl_t *acl) { - REQUIRE(DNS_ZONE_VALID(zone)); - - dns_zone_clearnotifyacl(zone); - - LOCK_ZONE(zone); - dns_acl_attach(acl, &zone->notifysoa.notify_acl); - dns_acl_attach(acl, &zone->notifycds.notify_acl); - UNLOCK_ZONE(zone); -} - -void -dns_zone_setqueryacl(dns_zone_t *zone, dns_acl_t *acl) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - if (zone->query_acl != NULL) { - dns_acl_detach(&zone->query_acl); - } - dns_acl_attach(acl, &zone->query_acl); - UNLOCK_ZONE(zone); -} - -void -dns_zone_setqueryonacl(dns_zone_t *zone, dns_acl_t *acl) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - if (zone->queryon_acl != NULL) { - dns_acl_detach(&zone->queryon_acl); - } - dns_acl_attach(acl, &zone->queryon_acl); - UNLOCK_ZONE(zone); -} - -void -dns_zone_setupdateacl(dns_zone_t *zone, dns_acl_t *acl) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - if (zone->update_acl != NULL) { - dns_acl_detach(&zone->update_acl); - } - dns_acl_attach(acl, &zone->update_acl); - UNLOCK_ZONE(zone); -} - -void -dns_zone_setforwardacl(dns_zone_t *zone, dns_acl_t *acl) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - if (zone->forward_acl != NULL) { - dns_acl_detach(&zone->forward_acl); - } - dns_acl_attach(acl, &zone->forward_acl); - UNLOCK_ZONE(zone); -} - -void -dns_zone_setxfracl(dns_zone_t *zone, dns_acl_t *acl) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - if (zone->xfr_acl != NULL) { - dns_acl_detach(&zone->xfr_acl); - } - dns_acl_attach(acl, &zone->xfr_acl); - UNLOCK_ZONE(zone); -} - -dns_acl_t * -dns_zone_getqueryacl(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->query_acl; -} - -dns_acl_t * -dns_zone_getqueryonacl(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->queryon_acl; -} - -dns_acl_t * -dns_zone_getupdateacl(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->update_acl; -} - -dns_acl_t * -dns_zone_getforwardacl(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->forward_acl; -} - -dns_acl_t * -dns_zone_getxfracl(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->xfr_acl; -} - -void -dns_zone_clearupdateacl(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - if (zone->update_acl != NULL) { - dns_acl_detach(&zone->update_acl); - } - UNLOCK_ZONE(zone); -} - -void -dns_zone_clearforwardacl(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - if (zone->forward_acl != NULL) { - dns_acl_detach(&zone->forward_acl); - } - UNLOCK_ZONE(zone); -} - -void -dns_zone_clearnotifyacl(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - if (zone->notifysoa.notify_acl != NULL) { - dns_acl_detach(&zone->notifysoa.notify_acl); - } - if (zone->notifycds.notify_acl != NULL) { - dns_acl_detach(&zone->notifycds.notify_acl); - } - UNLOCK_ZONE(zone); -} - -void -dns_zone_clearqueryacl(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - if (zone->query_acl != NULL) { - dns_acl_detach(&zone->query_acl); - } - UNLOCK_ZONE(zone); -} - -void -dns_zone_clearqueryonacl(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - if (zone->queryon_acl != NULL) { - dns_acl_detach(&zone->queryon_acl); - } - UNLOCK_ZONE(zone); -} - -void -dns_zone_clearxfracl(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - if (zone->xfr_acl != NULL) { - dns_acl_detach(&zone->xfr_acl); - } - UNLOCK_ZONE(zone); -} - -bool -dns_zone_getupdatedisabled(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - return zone->update_disabled; -} - -void -dns_zone_setupdatedisabled(dns_zone_t *zone, bool state) { - REQUIRE(DNS_ZONE_VALID(zone)); - zone->update_disabled = state; -} - -bool -dns_zone_getzeronosoattl(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - return zone->zero_no_soa_ttl; -} - -void -dns_zone_setzeronosoattl(dns_zone_t *zone, bool state) { - REQUIRE(DNS_ZONE_VALID(zone)); - zone->zero_no_soa_ttl = state; -} - -void -dns_zone_setchecknames(dns_zone_t *zone, dns_severity_t severity) { - REQUIRE(DNS_ZONE_VALID(zone)); - - zone->check_names = severity; -} - -dns_severity_t -dns_zone_getchecknames(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->check_names; -} - -void -dns_zone_setjournalsize(dns_zone_t *zone, int32_t size) { - REQUIRE(DNS_ZONE_VALID(zone)); - - zone->journalsize = size; -} - -int32_t -dns_zone_getjournalsize(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->journalsize; -} - -static void -zone_namerd_tostr(dns_zone_t *zone, char *buf, size_t length) { - isc_result_t result = ISC_R_FAILURE; - isc_buffer_t buffer; - - REQUIRE(buf != NULL); - REQUIRE(length > 1U); - - /* - * Leave space for terminating '\0'. - */ - isc_buffer_init(&buffer, buf, (unsigned int)length - 1); - if (zone->type != dns_zone_redirect && zone->type != dns_zone_key) { - if (dns_name_dynamic(&zone->origin)) { - result = dns_name_totext( - &zone->origin, DNS_NAME_OMITFINALDOT, &buffer); - } - if (result != ISC_R_SUCCESS && - isc_buffer_availablelength(&buffer) >= - (sizeof("") - 1)) - { - isc_buffer_putstr(&buffer, ""); - } - - if (isc_buffer_availablelength(&buffer) > 0) { - isc_buffer_putstr(&buffer, "/"); - } - (void)dns_rdataclass_totext(zone->rdclass, &buffer); - } - - if (zone->view != NULL && strcmp(zone->view->name, "_bind") != 0 && - strcmp(zone->view->name, "_default") != 0 && - strlen(zone->view->name) < isc_buffer_availablelength(&buffer)) - { - isc_buffer_putstr(&buffer, "/"); - isc_buffer_putstr(&buffer, zone->view->name); - } - if (inline_secure(zone) && 9U < isc_buffer_availablelength(&buffer)) { - isc_buffer_putstr(&buffer, " (signed)"); - } - if (inline_raw(zone) && 11U < isc_buffer_availablelength(&buffer)) { - isc_buffer_putstr(&buffer, " (unsigned)"); - } - - buf[isc_buffer_usedlength(&buffer)] = '\0'; -} - -static void -zone_name_tostr(dns_zone_t *zone, char *buf, size_t length) { - isc_result_t result = ISC_R_FAILURE; - isc_buffer_t buffer; - - REQUIRE(buf != NULL); - REQUIRE(length > 1U); - - /* - * Leave space for terminating '\0'. - */ - isc_buffer_init(&buffer, buf, (unsigned int)length - 1); - if (dns_name_dynamic(&zone->origin)) { - result = dns_name_totext(&zone->origin, DNS_NAME_OMITFINALDOT, - &buffer); - } - if (result != ISC_R_SUCCESS && - isc_buffer_availablelength(&buffer) >= (sizeof("") - 1)) - { - isc_buffer_putstr(&buffer, ""); - } - - buf[isc_buffer_usedlength(&buffer)] = '\0'; -} - -static void -zone_rdclass_tostr(dns_zone_t *zone, char *buf, size_t length) { - isc_buffer_t buffer; - - REQUIRE(buf != NULL); - REQUIRE(length > 1U); - - /* - * Leave space for terminating '\0'. - */ - isc_buffer_init(&buffer, buf, (unsigned int)length - 1); - (void)dns_rdataclass_totext(zone->rdclass, &buffer); - - buf[isc_buffer_usedlength(&buffer)] = '\0'; -} - -static void -zone_viewname_tostr(dns_zone_t *zone, char *buf, size_t length) { - isc_buffer_t buffer; - - REQUIRE(buf != NULL); - REQUIRE(length > 1U); - - /* - * Leave space for terminating '\0'. - */ - isc_buffer_init(&buffer, buf, (unsigned int)length - 1); - - if (zone->view == NULL) { - isc_buffer_putstr(&buffer, "_none"); - } else if (strlen(zone->view->name) < - isc_buffer_availablelength(&buffer)) - { - isc_buffer_putstr(&buffer, zone->view->name); - } else { - isc_buffer_putstr(&buffer, "_toolong"); - } - - buf[isc_buffer_usedlength(&buffer)] = '\0'; -} - -void -dns_zone_name(dns_zone_t *zone, char *buf, size_t length) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(buf != NULL); - - LOCK_ZONE(zone); - zone_namerd_tostr(zone, buf, length); - UNLOCK_ZONE(zone); -} - -void -dns_zone_nameonly(dns_zone_t *zone, char *buf, size_t length) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(buf != NULL); - zone_name_tostr(zone, buf, length); -} - void dns_zone_logv(dns_zone_t *zone, isc_logcategory_t category, int level, const char *prefix, const char *fmt, va_list ap) { @@ -15539,62 +13708,6 @@ message_count(dns_message_t *msg, dns_section_t section, dns_rdatatype_t type) { return count; } -void -dns_zone_setminxfrratein(dns_zone_t *zone, uint32_t bytes, uint32_t seconds) { - REQUIRE(DNS_ZONE_VALID(zone)); - - zone->minxfrratebytesin = bytes; - zone->minxfrratesecondsin = seconds; -} - -uint32_t -dns_zone_getminxfrratebytesin(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->minxfrratebytesin; -} - -uint32_t -dns_zone_getminxfrratesecondsin(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->minxfrratesecondsin; -} - -void -dns_zone_setmaxxfrin(dns_zone_t *zone, uint32_t maxxfrin) { - REQUIRE(DNS_ZONE_VALID(zone)); - - zone->maxxfrin = maxxfrin; -} - -uint32_t -dns_zone_getmaxxfrin(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->maxxfrin; -} - -void -dns_zone_setmaxxfrout(dns_zone_t *zone, uint32_t maxxfrout) { - REQUIRE(DNS_ZONE_VALID(zone)); - zone->maxxfrout = maxxfrout; -} - -uint32_t -dns_zone_getmaxxfrout(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->maxxfrout; -} - -dns_zonetype_t -dns_zone_gettype(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->type; -} - const char * dns_zonetype_name(dns_zonetype_t type) { switch (type) { @@ -15631,20 +13744,6 @@ dns_zone_getredirecttype(dns_zone_t *zone) { : dns_zone_secondary; } -dns_name_t * -dns_zone_getorigin(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return &zone->origin; -} - -dns_rdataclass_t -dns_zone_getrdclass(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->rdclass; -} - dns_notifyctx_t * dns__zone_getnotifyctx(dns_zone_t *zone, dns_rdatatype_t type) { REQUIRE(DNS_ZONE_VALID(zone)); @@ -15660,37 +13759,6 @@ dns__zone_getnotifyctx(dns_zone_t *zone, dns_rdatatype_t type) { return NULL; } -void -dns_zone_setidlein(dns_zone_t *zone, uint32_t idlein) { - REQUIRE(DNS_ZONE_VALID(zone)); - - if (idlein == 0) { - idlein = DNS_DEFAULT_IDLEIN; - } - zone->idlein = idlein; -} - -uint32_t -dns_zone_getidlein(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->idlein; -} - -void -dns_zone_setidleout(dns_zone_t *zone, uint32_t idleout) { - REQUIRE(DNS_ZONE_VALID(zone)); - - zone->idleout = idleout; -} - -uint32_t -dns_zone_getidleout(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->idleout; -} - void dns__zone_stats_increment(dns_zone_t *zone, isc_statscounter_t counter) { REQUIRE(DNS_ZONE_VALID(zone)); @@ -16489,9 +14557,9 @@ receive_secure_serial(void *arg) { * Set resign time to make sure it is set to the earliest * signature expiration. */ - set_resigntime(zone); + dns__zone_set_resigntime(zone); timenow = isc_time_now(); - zone_settimer(zone, &timenow); + dns__zone_settimer(zone, &timenow); UNLOCK_ZONE(zone); dns_db_closeversion(zone->rss_db, &zone->rss_oldver, false); @@ -16511,9 +14579,9 @@ cleanup: } if (result != ISC_R_SUCCESS) { LOCK_ZONE(zone); - set_resigntime(zone); + dns__zone_set_resigntime(zone); timenow = isc_time_now(); - zone_settimer(zone, &timenow); + dns__zone_settimer(zone, &timenow); UNLOCK_ZONE(zone); if (result == DNS_R_UNCHANGED) { level = ISC_LOG_INFO; @@ -16882,7 +14950,9 @@ receive_secure_db(void *arg) { ISC_LIST_INIT(nsec3list); LOCK_ZONE(zone); - if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_EXITING) || !inline_secure(zone)) { + if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_EXITING) || + !dns__zone_inline_secure(zone)) + { CLEANUP(ISC_R_SHUTTINGDOWN); } @@ -17003,7 +15073,7 @@ dns_zone_replacedb(dns_zone_t *zone, dns_db_t *db, bool dump) { REQUIRE(DNS_ZONE_VALID(zone)); again: LOCK_ZONE(zone); - if (inline_raw(zone)) { + if (dns__zone_inline_raw(zone)) { secure = zone->secure; INSIST(secure != zone); TRYLOCK_ZONE(result, secure); @@ -17036,7 +15106,7 @@ zone_replacedb(dns_zone_t *zone, dns_db_t *db, bool dump) { */ REQUIRE(DNS_ZONE_VALID(zone)); REQUIRE(LOCKED_ZONE(zone)); - if (inline_raw(zone)) { + if (dns__zone_inline_raw(zone)) { REQUIRE(LOCKED_ZONE(zone->secure)); } @@ -17128,7 +15198,9 @@ zone_replacedb(dns_zone_t *zone, dns_db_t *db, bool dump) { } else { zone_journal_compact(zone, zone->db, serial); } - if (zone->type == dns_zone_primary && inline_raw(zone)) { + if (zone->type == dns_zone_primary && + dns__zone_inline_raw(zone)) + { zone_send_secureserial(zone, serial); } } else { @@ -17183,7 +15255,7 @@ zone_replacedb(dns_zone_t *zone, dns_db_t *db, bool dump) { } } - if (inline_raw(zone)) { + if (dns__zone_inline_raw(zone)) { zone_send_securedb(zone, db); } } @@ -17250,7 +15322,7 @@ zone_xfrdone(dns_zone_t *zone, uint32_t *expireopt, isc_result_t result) { */ again: LOCK_ZONE(zone); - if (inline_raw(zone)) { + if (dns__zone_inline_raw(zone)) { secure = zone->secure; INSIST(secure != zone); TRYLOCK_ZONE(result, secure); @@ -17384,7 +15456,7 @@ again: dns_zone_logc(zone, DNS_LOGCATEGORY_XFER_IN, ISC_LOG_INFO, "transferred serial %u%s", serial, buf); - if (inline_raw(zone)) { + if (dns__zone_inline_raw(zone)) { zone_send_secureserial(zone, serial); } } @@ -17474,7 +15546,7 @@ again: inc_stats(zone, dns_zonestatscounter_xfrfail); break; } - zone_settimer(zone, &now); + dns__zone_settimer(zone, &now); /* * We are called as the done callback of a zone @@ -17573,9 +15645,9 @@ zone_loaddone(void *arg, isc_result_t result) { again: LOCK_ZONE(zone); INSIST(zone != zone->raw); - if (inline_secure(zone)) { + if (dns__zone_inline_secure(zone)) { LOCK_ZONE(zone->raw); - } else if (inline_raw(zone)) { + } else if (dns__zone_inline_raw(zone)) { secure = zone->secure; TRYLOCK_ZONE(tresult, secure); if (tresult != ISC_R_SUCCESS) { @@ -17597,7 +15669,7 @@ again: zone->update_disabled = false; } DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_THAW); - if (inline_secure(zone)) { + if (dns__zone_inline_secure(zone)) { UNLOCK_ZONE(zone->raw); } else if (secure != NULL) { UNLOCK_ZONE(secure); @@ -17613,126 +15685,6 @@ again: dns_zone_idetach(&zone); } -void -dns_zone_getssutable(dns_zone_t *zone, dns_ssutable_t **table) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(table != NULL); - REQUIRE(*table == NULL); - - LOCK_ZONE(zone); - if (zone->ssutable != NULL) { - dns_ssutable_attach(zone->ssutable, table); - } - UNLOCK_ZONE(zone); -} - -void -dns_zone_setssutable(dns_zone_t *zone, dns_ssutable_t *table) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - if (zone->ssutable != NULL) { - dns_ssutable_detach(&zone->ssutable); - } - if (table != NULL) { - dns_ssutable_attach(table, &zone->ssutable); - } - UNLOCK_ZONE(zone); -} - -void -dns_zone_setsigvalidityinterval(dns_zone_t *zone, uint32_t interval) { - REQUIRE(DNS_ZONE_VALID(zone)); - - zone->sigvalidityinterval = interval; -} - -uint32_t -dns_zone_getsigvalidityinterval(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->sigvalidityinterval; -} - -void -dns_zone_setkeyvalidityinterval(dns_zone_t *zone, uint32_t interval) { - REQUIRE(DNS_ZONE_VALID(zone)); - - zone->keyvalidityinterval = interval; -} - -uint32_t -dns_zone_getkeyvalidityinterval(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->keyvalidityinterval; -} - -void -dns_zone_setsigresigninginterval(dns_zone_t *zone, uint32_t interval) { - isc_time_t now; - - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - zone->sigresigninginterval = interval; - set_resigntime(zone); - if (zone->loop != NULL) { - now = isc_time_now(); - zone_settimer(zone, &now); - } - UNLOCK_ZONE(zone); -} - -uint32_t -dns_zone_getsigresigninginterval(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->sigresigninginterval; -} - -void -dns_zone_getsourceaddr(dns_zone_t *zone, isc_sockaddr_t *sourceaddr) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(sourceaddr != NULL); - - LOCK_ZONE(zone); - INSIST(dns_remote_count(&zone->primaries) > 0); - *sourceaddr = zone->sourceaddr; - UNLOCK_ZONE(zone); -} - -isc_result_t -dns_zone_getprimaryaddr(dns_zone_t *zone, isc_sockaddr_t *primaryaddr) { - isc_result_t result = ISC_R_NOMORE; - - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(primaryaddr != NULL); - - LOCK_ZONE(zone); - INSIST(dns_remote_count(&zone->primaries) > 0); - if (!dns_remote_done(&zone->primaries)) { - *primaryaddr = dns_remote_curraddr(&zone->primaries); - result = ISC_R_SUCCESS; - } - UNLOCK_ZONE(zone); - - return result; -} - -isc_time_t -dns_zone_getxfrintime(dns_zone_t *zone) { - isc_time_t xfrintime; - - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - xfrintime = zone->xfrintime; - UNLOCK_ZONE(zone); - - return xfrintime; -} - static void queue_xfrin(dns_zone_t *zone) { isc_result_t result; @@ -18540,7 +16492,7 @@ dns_zonemgr_forcemaint(dns_zonemgr_t *zmgr) { LOCK_ZONE(zone); now = isc_time_now(); - zone_settimer(zone, &now); + dns__zone_settimer(zone, &now); UNLOCK_ZONE(zone); } RWUNLOCK(&zmgr->rwlock, isc_rwlocktype_read); @@ -18948,128 +16900,80 @@ dns_zone_isforced(dns_zone_t *zone) { return DNS_ZONE_FLAG(zone, DNS_ZONEFLG_FORCEXFER); } -isc_result_t -dns_zone_setstatistics(dns_zone_t *zone, bool on) { +static void +zone_namerd_tostr(dns_zone_t *zone, char *buf, size_t length) { + isc_result_t result = ISC_R_FAILURE; + isc_buffer_t buffer; + + REQUIRE(buf != NULL); + REQUIRE(length > 1U); + /* - * This function is obsoleted. + * Leave space for terminating '\0'. */ - UNUSED(zone); - UNUSED(on); - return ISC_R_NOTIMPLEMENTED; -} - -uint64_t * -dns_zone_getstatscounters(dns_zone_t *zone) { - /* - * This function is obsoleted. - */ - UNUSED(zone); - return NULL; -} - -void -dns_zone_setstats(dns_zone_t *zone, isc_stats_t *stats) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(zone->stats == NULL); - - LOCK_ZONE(zone); - zone->stats = NULL; - isc_stats_attach(stats, &zone->stats); - UNLOCK_ZONE(zone); -} - -void -dns_zone_setrequeststats(dns_zone_t *zone, isc_stats_t *stats) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - if (zone->requeststats_on && stats == NULL) { - zone->requeststats_on = false; - } else if (!zone->requeststats_on && stats != NULL) { - if (zone->requeststats == NULL) { - isc_stats_attach(stats, &zone->requeststats); + isc_buffer_init(&buffer, buf, (unsigned int)length - 1); + if (zone->type != dns_zone_redirect && zone->type != dns_zone_key) { + if (dns_name_dynamic(&zone->origin)) { + result = dns_name_totext( + &zone->origin, DNS_NAME_OMITFINALDOT, &buffer); } - zone->requeststats_on = true; - } - UNLOCK_ZONE(zone); -} - -void -dns_zone_setrcvquerystats(dns_zone_t *zone, isc_statsmulti_t *stats) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - if (zone->requeststats_on && stats != NULL) { - if (zone->rcvquerystats == NULL) { - isc_statsmulti_attach(stats, &zone->rcvquerystats); - zone->requeststats_on = true; + if (result != ISC_R_SUCCESS && + isc_buffer_availablelength(&buffer) >= + (sizeof("") - 1)) + { + isc_buffer_putstr(&buffer, ""); } + + if (isc_buffer_availablelength(&buffer) > 0) { + isc_buffer_putstr(&buffer, "/"); + } + (void)dns_rdataclass_totext(zone->rdclass, &buffer); } - UNLOCK_ZONE(zone); -} -void -dns_zone_setdnssecsignstats(dns_zone_t *zone, dns_stats_t *stats) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - if (stats != NULL && zone->dnssecsignstats == NULL) { - dns_stats_attach(stats, &zone->dnssecsignstats); + if (zone->view != NULL && strcmp(zone->view->name, "_bind") != 0 && + strcmp(zone->view->name, "_default") != 0 && + strlen(zone->view->name) < isc_buffer_availablelength(&buffer)) + { + isc_buffer_putstr(&buffer, "/"); + isc_buffer_putstr(&buffer, zone->view->name); } - UNLOCK_ZONE(zone); + if (dns__zone_inline_secure(zone) && + 9U < isc_buffer_availablelength(&buffer)) + { + isc_buffer_putstr(&buffer, " (signed)"); + } + if (dns__zone_inline_raw(zone) && + 11U < isc_buffer_availablelength(&buffer)) + { + isc_buffer_putstr(&buffer, " (unsigned)"); + } + + buf[isc_buffer_usedlength(&buffer)] = '\0'; } -dns_stats_t * -dns_zone_getdnssecsignstats(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); +static void +zone_viewname_tostr(dns_zone_t *zone, char *buf, size_t length) { + isc_buffer_t buffer; - return zone->dnssecsignstats; -} + REQUIRE(buf != NULL); + REQUIRE(length > 1U); -isc_stats_t * -dns_zone_getrequeststats(dns_zone_t *zone) { /* - * We don't lock zone for efficiency reason. This is not catastrophic - * because requeststats must always be valid when requeststats_on is - * true. - * Some counters may be incremented while requeststats_on is becoming - * false, or some cannot be incremented just after the statistics are - * installed, but it shouldn't matter much in practice. + * Leave space for terminating '\0'. */ - if (zone->requeststats_on) { - return zone->requeststats; + isc_buffer_init(&buffer, buf, (unsigned int)length - 1); + + if (zone->view == NULL) { + isc_buffer_putstr(&buffer, "_none"); + } else if (strlen(zone->view->name) < + isc_buffer_availablelength(&buffer)) + { + isc_buffer_putstr(&buffer, zone->view->name); } else { - return NULL; + isc_buffer_putstr(&buffer, "_toolong"); } -} -/* - * Return the received query stats bucket - * see note from dns_zone_getrequeststats() - */ -isc_statsmulti_t * -dns_zone_getrcvquerystats(dns_zone_t *zone) { - if (zone->requeststats_on) { - return zone->rcvquerystats; - } else { - return NULL; - } -} - -void -dns_zone_setkeydirectory(dns_zone_t *zone, const char *directory) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - setstring(zone, &zone->keydirectory, directory); - UNLOCK_ZONE(zone); -} - -const char * -dns_zone_getkeydirectory(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->keydirectory; + buf[isc_buffer_usedlength(&buffer)] = '\0'; } unsigned int @@ -19273,91 +17177,6 @@ dns_zone_checknames(dns_zone_t *zone, const dns_name_t *name, return ISC_R_SUCCESS; } -void -dns_zone_setcheckmx(dns_zone_t *zone, dns_checkmxfunc_t checkmx) { - REQUIRE(DNS_ZONE_VALID(zone)); - zone->checkmx = checkmx; -} - -void -dns_zone_setchecksrv(dns_zone_t *zone, dns_checksrvfunc_t checksrv) { - REQUIRE(DNS_ZONE_VALID(zone)); - zone->checksrv = checksrv; -} - -void -dns_zone_setcheckns(dns_zone_t *zone, dns_checknsfunc_t checkns) { - REQUIRE(DNS_ZONE_VALID(zone)); - zone->checkns = checkns; -} - -void -dns_zone_setcheckisservedby(dns_zone_t *zone, - dns_checkisservedbyfunc_t checkisservedby) { - REQUIRE(DNS_ZONE_VALID(zone)); - zone->checkisservedby = checkisservedby; -} - -void -dns_zone_setisself(dns_zone_t *zone, dns_isselffunc_t isself, void *arg) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - zone->isself = isself; - zone->isselfarg = arg; - UNLOCK_ZONE(zone); -} - -void -dns__zone_getisself(dns_zone_t *zone, dns_isselffunc_t *isself, void **arg) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(isself != NULL); - REQUIRE(arg != NULL && *arg == NULL); - - *isself = zone->isself; - *arg = zone->isselfarg; -} - -void -dns_zone_setnotifydefer(dns_zone_t *zone, dns_rdatatype_t type, - uint32_t defer) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - switch (type) { - case dns_rdatatype_soa: - zone->notifysoa.notifydefer = defer; - break; - case dns_rdatatype_cds: - /* not applicable to NOTIFY(CDS), unused */ - zone->notifycds.notifydefer = defer; - break; - default: - UNREACHABLE(); - } - UNLOCK_ZONE(zone); -} - -void -dns_zone_setnotifydelay(dns_zone_t *zone, dns_rdatatype_t type, - uint32_t delay) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - switch (type) { - case dns_rdatatype_soa: - zone->notifysoa.notifydelay = delay; - break; - case dns_rdatatype_cds: - /* not applicable to NOTIFY(CDS), unused */ - zone->notifycds.notifydelay = delay; - break; - default: - UNREACHABLE(); - } - UNLOCK_ZONE(zone); -} - /* * Called when a dynamic update for an NSEC3PARAM record is received. * @@ -19383,50 +17202,6 @@ dns_zone_addnsec3chain(dns_zone_t *zone, dns_rdata_nsec3param_t *nsec3param) { return result; } -void -dns_zone_setnodes(dns_zone_t *zone, uint32_t nodes) { - REQUIRE(DNS_ZONE_VALID(zone)); - - if (nodes == 0) { - nodes = 1; - } - zone->nodes = nodes; -} - -void -dns_zone_setsignatures(dns_zone_t *zone, uint32_t signatures) { - REQUIRE(DNS_ZONE_VALID(zone)); - - /* - * We treat signatures as a signed value so explicitly - * limit its range here. - */ - if (signatures > INT32_MAX) { - signatures = INT32_MAX; - } else if (signatures == 0) { - signatures = 1; - } - zone->signatures = signatures; -} - -uint32_t -dns_zone_getsignatures(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - return zone->signatures; -} - -void -dns_zone_setprivatetype(dns_zone_t *zone, dns_rdatatype_t type) { - REQUIRE(DNS_ZONE_VALID(zone)); - zone->privatetype = type; -} - -dns_rdatatype_t -dns_zone_getprivatetype(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - return zone->privatetype; -} - static isc_result_t zone_signwithkey(dns_zone_t *zone, dst_algorithm_t algorithm, uint16_t keyid, bool deleteit, bool fullsign) { @@ -19485,7 +17260,7 @@ zone_signwithkey(dns_zone_t *zone, dst_algorithm_t algorithm, uint16_t keyid, if (isc_time_isepoch(&zone->signingtime)) { zone->signingtime = now; if (zone->loop != NULL) { - zone_settimer(zone, &now); + dns__zone_settimer(zone, &now); } } } @@ -22011,7 +19786,7 @@ zone_rekey(dns_zone_t *zone) { zone_needdump(zone, DNS_DUMP_DELAY); - zone_settimer(zone, &timenow); + dns__zone_settimer(zone, &timenow); /* Remove any signatures from removed keys. */ ISC_LIST_FOREACH(rmkeys, key, link) { @@ -22157,7 +19932,7 @@ zone_rekey(dns_zone_t *zone) { /* * Schedule the next resigning event */ - set_resigntime(zone); + dns__zone_set_resigntime(zone); } isc_time_settoepoch(&zone->refreshkeytime); @@ -22182,7 +19957,7 @@ zone_rekey(dns_zone_t *zone) { DNS_ZONE_TIME_ADD(&timenow, nexttime_seconds, &timenext); zone->refreshkeytime = timenext; - zone_settimer(zone, &timenow); + dns__zone_settimer(zone, &timenow); isc_time_formattimestamp(&zone->refreshkeytime, timebuf, 80); dnssec_log(zone, ISC_LOG_DEBUG(3), @@ -22216,7 +19991,7 @@ zone_rekey(dns_zone_t *zone) { } } - zone_settimer(zone, &timenow); + dns__zone_settimer(zone, &timenow); isc_time_formattimestamp(&zone->refreshkeytime, timebuf, 80); dnssec_log(zone, ISC_LOG_INFO, "next key event: %s", timebuf); @@ -22322,7 +20097,7 @@ dns_zone_rekey(dns_zone_t *zone, bool fullsign, bool forcekeymgr) { now = isc_time_now(); zone->refreshkeytime = now; - zone_settimer(zone, &now); + dns__zone_settimer(zone, &now); UNLOCK_ZONE(zone); } @@ -22611,51 +20386,6 @@ cleanup: return result; } -void -dns_zone_setautomatic(dns_zone_t *zone, bool automatic) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - zone->automatic = automatic; - UNLOCK_ZONE(zone); -} - -bool -dns_zone_getautomatic(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - return zone->automatic; -} - -void -dns_zone_setadded(dns_zone_t *zone, bool added) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - zone->added = added; - UNLOCK_ZONE(zone); -} - -bool -dns_zone_getadded(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - return zone->added; -} - -void -dns_zone_setmodded(dns_zone_t *zone, bool modded) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - zone->modded = modded; - UNLOCK_ZONE(zone); -} - -bool -dns_zone_getmodded(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - return zone->modded; -} - isc_result_t dns_zone_dlzpostload(dns_zone_t *zone, dns_db_t *db) { isc_time_t loadtime; @@ -22670,9 +20400,9 @@ dns_zone_dlzpostload(dns_zone_t *zone, dns_db_t *db) { again: LOCK_ZONE(zone); INSIST(zone != zone->raw); - if (inline_secure(zone)) { + if (dns__zone_inline_secure(zone)) { LOCK_ZONE(zone->raw); - } else if (inline_raw(zone)) { + } else if (dns__zone_inline_raw(zone)) { secure = zone->secure; TRYLOCK_ZONE(result, secure); if (result != ISC_R_SUCCESS) { @@ -22683,7 +20413,7 @@ again: } } result = zone_postload(zone, db, loadtime, ISC_R_SUCCESS); - if (inline_secure(zone)) { + if (dns__zone_inline_secure(zone)) { UNLOCK_ZONE(zone->raw); } else if (secure != NULL) { UNLOCK_ZONE(secure); @@ -22692,81 +20422,6 @@ again: return result; } -isc_result_t -dns_zone_setrefreshkeyinterval(dns_zone_t *zone, uint32_t interval) { - REQUIRE(DNS_ZONE_VALID(zone)); - if (interval == 0) { - return ISC_R_RANGE; - } - /* Maximum value: 24 hours (3600 minutes) */ - if (interval > (24 * 60)) { - interval = (24 * 60); - } - /* Multiply by 60 for seconds */ - zone->refreshkeyinterval = interval * 60; - return ISC_R_SUCCESS; -} - -void -dns_zone_setrequestixfr(dns_zone_t *zone, bool flag) { - REQUIRE(DNS_ZONE_VALID(zone)); - zone->requestixfr = flag; -} - -bool -dns_zone_getrequestixfr(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - return zone->requestixfr; -} - -void -dns_zone_setrequestixfrmaxdiffs(dns_zone_t *zone, uint32_t maxdiffs) { - REQUIRE(DNS_ZONE_VALID(zone)); - zone->requestixfr_maxdiffs = maxdiffs; -} - -bool -dns_zone_getrequestixfrmaxdiffs(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - return zone->requestixfr_maxdiffs; -} - -void -dns_zone_setixfrratio(dns_zone_t *zone, uint32_t ratio) { - REQUIRE(DNS_ZONE_VALID(zone)); - zone->ixfr_ratio = ratio; -} - -uint32_t -dns_zone_getixfrratio(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - return zone->ixfr_ratio; -} - -void -dns_zone_setrequestexpire(dns_zone_t *zone, bool flag) { - REQUIRE(DNS_ZONE_VALID(zone)); - zone->requestexpire = flag; -} - -bool -dns_zone_getrequestexpire(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - return zone->requestexpire; -} - -void -dns_zone_setserialupdatemethod(dns_zone_t *zone, dns_updatemethod_t method) { - REQUIRE(DNS_ZONE_VALID(zone)); - zone->updatemethod = method; -} - -dns_updatemethod_t -dns_zone_getserialupdatemethod(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - return zone->updatemethod; -} - /* * Lock hierarchy: zmgr, zone, raw. */ @@ -23632,50 +21287,6 @@ cleanup: return result; } -isc_result_t -dns_zone_getloadtime(dns_zone_t *zone, isc_time_t *loadtime) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(loadtime != NULL); - - LOCK_ZONE(zone); - *loadtime = zone->loadtime; - UNLOCK_ZONE(zone); - return ISC_R_SUCCESS; -} - -isc_result_t -dns_zone_getexpiretime(dns_zone_t *zone, isc_time_t *expiretime) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(expiretime != NULL); - - LOCK_ZONE(zone); - *expiretime = zone->expiretime; - UNLOCK_ZONE(zone); - return ISC_R_SUCCESS; -} - -isc_result_t -dns_zone_getrefreshtime(dns_zone_t *zone, isc_time_t *refreshtime) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(refreshtime != NULL); - - LOCK_ZONE(zone); - *refreshtime = zone->refreshtime; - UNLOCK_ZONE(zone); - return ISC_R_SUCCESS; -} - -isc_result_t -dns_zone_getrefreshkeytime(dns_zone_t *zone, isc_time_t *refreshkeytime) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(refreshkeytime != NULL); - - LOCK_ZONE(zone); - *refreshkeytime = zone->refreshkeytime; - UNLOCK_ZONE(zone); - return ISC_R_SUCCESS; -} - unsigned int dns_zone_getincludes(dns_zone_t *zone, char ***includesp) { char **array = NULL; @@ -23702,20 +21313,6 @@ done: return n; } -void -dns_zone_setstatlevel(dns_zone_t *zone, dns_zonestat_level_t level) { - REQUIRE(DNS_ZONE_VALID(zone)); - - zone->statlevel = level; -} - -dns_zonestat_level_t -dns_zone_getstatlevel(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->statlevel; -} - static void setserial(void *arg) { uint32_t oldserial, desired; @@ -23831,7 +21428,7 @@ dns_zone_setserial(dns_zone_t *zone, uint32_t serial) { LOCK_ZONE(zone); - if (!inline_secure(zone)) { + if (!dns__zone_inline_secure(zone)) { if (!dns_zone_isdynamic(zone, true)) { CLEANUP(DNS_R_NOTDYNAMIC); } @@ -23952,21 +21549,6 @@ dns__zonemgr_tlsctx_attach(dns_zonemgr_t *zmgr, RWUNLOCK(&zmgr->tlsctx_cache_rwlock, isc_rwlocktype_read); } -isc_mem_t * -dns_zone_getmem(dns_zone_t *zone) { - return zone->mctx; -} - -unsigned int -dns_zone_gettid(dns_zone_t *zone) { - return zone->tid; -} - -isc_loop_t * -dns_zone_getloop(dns_zone_t *zone) { - return zone->loop; -} - isc_result_t dns_zone_makedb(dns_zone_t *zone, dns_db_t **dbp) { REQUIRE(DNS_ZONE_VALID(zone)); @@ -24031,65 +21613,6 @@ cleanup: return result; } -isc_result_t -dns_zone_getrad(dns_zone_t *zone, dns_name_t *name) { - isc_result_t result = ISC_R_NOTFOUND; - - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(DNS_NAME_VALID(name)); - - rcu_read_lock(); - dns_rad_t *rad = rcu_dereference(zone->rad); - if (rad != NULL) { - dns_name_t *inner = dns_fixedname_name(&rad->fname); - dns_name_copy(inner, name); - result = ISC_R_SUCCESS; - } - rcu_read_unlock(); - - return result; -} - -void -dns_zone_setrad(dns_zone_t *zone, dns_name_t *name) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(name == NULL || DNS_NAME_VALID(name)); - - rcu_read_lock(); - dns_rad_t *new_rad = NULL; - if (name != NULL) { - new_rad = isc_mem_get(zone->mctx, sizeof(*new_rad)); - *new_rad = (dns_rad_t){}; - dns_fixedname_init(&new_rad->fname); - - isc_mem_attach(zone->mctx, &new_rad->mctx); - dns_name_copy(name, dns_fixedname_name(&new_rad->fname)); - } - dns_rad_t *xchg_rad = rcu_xchg_pointer(&zone->rad, new_rad); - - if (xchg_rad != NULL) { - call_rcu(&xchg_rad->rcu_head, free_rad_rcu); - } - rcu_read_unlock(); -} - -void * -dns_zone_gethooktable(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - return zone->hooktable; -} - -void -dns_zone_sethooktable(dns_zone_t *zone, void *hooktable, - void (*hooktable_free)(isc_mem_t *, void **)) { - REQUIRE(DNS_ZONE_VALID(zone)); - REQUIRE(zone->hooktable == NULL); - REQUIRE(zone->hooktable_free == NULL); - - zone->hooktable = hooktable; - zone->hooktable_free = hooktable_free; -} - void dns_zone_setplugins(dns_zone_t *zone, void *plugins, void (*plugins_free)(isc_mem_t *, void **)) { @@ -24118,25 +21641,6 @@ dns_zone_unloadplugins(dns_zone_t *zone) { } } -void -dns_zone_setcfg(dns_zone_t *zone, const char *cfg) { - REQUIRE(DNS_ZONE_VALID(zone)); - - if (zone->cfg != NULL) { - isc_mem_free(zone->mctx, zone->cfg); - } - if (cfg != NULL) { - zone->cfg = isc_mem_strdup(zone->mctx, cfg); - } -} - -const char * -dns_zone_getcfg(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - - return zone->cfg; -} - bool dns_zone_isexpired(dns_zone_t *zone) { REQUIRE(DNS_ZONE_VALID(zone)); diff --git a/lib/dns/zone_p.h b/lib/dns/zone_p.h index ef89186958..143b65a7b1 100644 --- a/lib/dns/zone_p.h +++ b/lib/dns/zone_p.h @@ -13,20 +13,562 @@ #pragma once +/*! \file */ + #include -/*! \file */ +#include +#include +#include +#include +#include +#include /*% * Types and functions below meant to be used for internal zone * modules only, and associated unit tests. */ +#define ZONE_MAGIC ISC_MAGIC('Z', 'O', 'N', 'E') +#define DNS_ZONE_VALID(zone) ISC_MAGIC_VALID(zone, ZONE_MAGIC) + +#define CHECKDS_MAGIC ISC_MAGIC('C', 'h', 'D', 'S') +#define DNS_CHECKDS_VALID(checkds) ISC_MAGIC_VALID(checkds, CHECKDS_MAGIC) + +#define STUB_MAGIC ISC_MAGIC('S', 't', 'u', 'b') +#define DNS_STUB_VALID(stub) ISC_MAGIC_VALID(stub, STUB_MAGIC) + +#define ZONEMGR_MAGIC ISC_MAGIC('Z', 'm', 'g', 'r') +#define DNS_ZONEMGR_VALID(stub) ISC_MAGIC_VALID(stub, ZONEMGR_MAGIC) + +#define FORWARD_MAGIC ISC_MAGIC('F', 'o', 'r', 'w') +#define DNS_FORWARD_VALID(load) ISC_MAGIC_VALID(load, FORWARD_MAGIC) + +#define IO_MAGIC ISC_MAGIC('Z', 'm', 'I', 'O') +#define DNS_IO_VALID(load) ISC_MAGIC_VALID(load, IO_MAGIC) + +/* + * Default values. + */ +#define DNS_DEFAULT_IDLEIN 3600 /*%< 1 hour */ +#define DNS_DEFAULT_IDLEOUT 3600 /*%< 1 hour */ +#define MAX_XFER_TIME (2 * 3600) /*%< Documented default is 2 hours */ +#define RESIGN_DELAY 3600 /*%< 1 hour */ + +#ifndef DNS_MAX_EXPIRE +#define DNS_MAX_EXPIRE 14515200 /*%< 24 weeks */ +#endif /* ifndef DNS_MAX_EXPIRE */ + +#ifndef DNS_DUMP_DELAY +#define DNS_DUMP_DELAY 900 /*%< 15 minutes */ +#endif /* ifndef DNS_DUMP_DELAY */ + +/*% + * Transport timeouts. + */ #define UDP_REQUEST_TIMEOUT 5 /*%< 5 seconds */ #define UDP_REQUEST_RETRIES 2 #define TCP_REQUEST_TIMEOUT \ (UDP_REQUEST_TIMEOUT * (UDP_REQUEST_RETRIES + 1) + 1) +/*% + * Zone locks. + */ +#define DNS_ZONE_CHECKLOCK +#ifdef DNS_ZONE_CHECKLOCK +#define LOCK_ZONE(z) \ + do { \ + LOCK(&(z)->lock); \ + INSIST(!(z)->locked); \ + (z)->locked = true; \ + } while (0) +#define UNLOCK_ZONE(z) \ + do { \ + INSIST((z)->locked); \ + (z)->locked = false; \ + UNLOCK(&(z)->lock); \ + } while (0) +#define LOCKED_ZONE(z) ((z)->locked) +#define TRYLOCK_ZONE(result, z) \ + do { \ + result = isc_mutex_trylock(&(z)->lock); \ + if (result == ISC_R_SUCCESS) { \ + INSIST(!(z)->locked); \ + (z)->locked = true; \ + } \ + } while (0) +#else /* ifdef DNS_ZONE_CHECKLOCK */ +#define LOCK_ZONE(z) LOCK(&(z)->lock) +#define UNLOCK_ZONE(z) UNLOCK(&(z)->lock) +#define LOCKED_ZONE(z) true +#define TRYLOCK_ZONE(result, z) \ + do { \ + result = isc_mutex_trylock(&(z)->lock); \ + } while (0) +#endif /* ifdef DNS_ZONE_CHECKLOCK */ + +#define ZONEDB_INITLOCK(l) isc_rwlock_init(l) +#define ZONEDB_DESTROYLOCK(l) isc_rwlock_destroy(l) +#define ZONEDB_LOCK(l, t) RWLOCK((l), (t)) +#define ZONEDB_UNLOCK(l, t) RWUNLOCK((l), (t)) + +/*% + * Zone flags. + */ +#define DNS_ZONE_FLAG(z, f) ((atomic_load_relaxed(&(z)->flags) & (f)) != 0) +#define DNS_ZONE_SETFLAG(z, f) atomic_fetch_or(&(z)->flags, (f)) +#define DNS_ZONE_CLRFLAG(z, f) atomic_fetch_and(&(z)->flags, ~(f)) +typedef enum { + DNS_ZONEFLG_REFRESH = 1U << 0, /*%< refresh check in progress */ + DNS_ZONEFLG_NEEDDUMP = 1U << 1, /*%< zone need consolidation */ + DNS_ZONEFLG_USEVC = 1U << 2, /*%< use tcp for refresh query */ + DNS_ZONEFLG_DUMPING = 1U << 3, /*%< a dump is in progress */ + DNS_ZONEFLG_HASINCLUDE = 1U << 4, /*%< $INCLUDE in zone file */ + DNS_ZONEFLG_LOADED = 1U << 5, /*%< database has loaded */ + DNS_ZONEFLG_EXITING = 1U << 6, /*%< zone is being destroyed */ + DNS_ZONEFLG_EXPIRED = 1U << 7, /*%< zone has expired */ + DNS_ZONEFLG_NEEDREFRESH = 1U << 8, /*%< refresh check needed */ + DNS_ZONEFLG_UPTODATE = 1U << 9, /*%< zone contents are + * up-to-date */ + DNS_ZONEFLG_NEEDNOTIFY = 1U << 10, /*%< need to send out notify + * messages */ + DNS_ZONEFLG_FIXJOURNAL = 1U << 11, /*%< journal file had + * recoverable error, + * needs rewriting */ + DNS_ZONEFLG_NOPRIMARIES = 1U << 12, /*%< an attempt to refresh a + * zone with no primaries + * occurred */ + DNS_ZONEFLG_LOADING = 1U << 13, /*%< load from disk in progress*/ + DNS_ZONEFLG_HAVETIMERS = 1U << 14, /*%< timer values have been set + * from SOA (if not set, we + * are still using + * default timer values) */ + DNS_ZONEFLG_FORCEXFER = 1U << 15, /*%< Force a zone xfer */ + DNS_ZONEFLG_SHUTDOWN = 1U << 16, + DNS_ZONEFLG_NOIXFR = 1U << 17, /*%< IXFR failed, force AXFR */ + DNS_ZONEFLG_FLUSH = 1U << 18, + DNS_ZONEFLG_NOEDNS = 1U << 19, + DNS_ZONEFLG_USEALTXFRSRC = 1U << 20, /*%< Obsoleted. */ + DNS_ZONEFLG_SOABEFOREAXFR = 1U << 21, + DNS_ZONEFLG_NEEDCOMPACT = 1U << 22, + DNS_ZONEFLG_REFRESHING = 1U << 23, /*%< Refreshing keydata */ + DNS_ZONEFLG_THAW = 1U << 24, + DNS_ZONEFLG_LOADPENDING = 1U << 25, /*%< Loading scheduled */ + DNS_ZONEFLG_NODELAY = 1U << 26, + DNS_ZONEFLG_SENDSECURE = 1U << 27, + DNS_ZONEFLG_NEEDSTARTUPNOTIFY = 1U << 28, /*%< need to send out + * notify due to the zone + * just being loaded for + * the first time. */ + DNS_ZONEFLG_NOTIFYNODEFER = 1U << 29, /*%< ignore the + * notify-defer option. */ + DNS_ZONEFLG_NOTIFYDEFERRED = 1U << 30, /*%< notify was deferred + * according to the + * notify-defer option. */ + DNS_ZONEFLG_FIRSTREFRESH = 1U << 31, /*%< First refresh pending */ + DNS_ZONEFLG___MAX = UINT64_MAX, /* trick to make the ENUM 64-bit wide */ +} dns_zoneflg_t; + +/*% + * Zone options. + */ +#define DNS_ZONE_OPTION(z, o) ((atomic_load_relaxed(&(z)->options) & (o)) != 0) +#define DNS_ZONE_SETOPTION(z, o) atomic_fetch_or(&(z)->options, (o)) +#define DNS_ZONE_CLROPTION(z, o) atomic_fetch_and(&(z)->options, ~(o)) + +/*% + * Zone specific structures. + */ +typedef struct dns_checkds dns_checkds_t; +typedef struct dns_forward dns_forward_t; +typedef ISC_LIST(dns_forward_t) dns_forwardlist_t; +typedef struct dns_signing dns_signing_t; +typedef ISC_LIST(dns_signing_t) dns_signinglist_t; +typedef struct dns_nsec3chain dns_nsec3chain_t; +typedef ISC_LIST(dns_nsec3chain_t) dns_nsec3chainlist_t; +typedef struct dns_include dns_include_t; + +/*% + * Hold checkds state. + */ +struct dns_checkds { + unsigned int magic; + dns_notify_flags_t flags; + isc_mem_t *mctx; + dns_zone_t *zone; + dns_adbfind_t *find; + dns_request_t *request; + dns_name_t ns; + isc_sockaddr_t src; + isc_sockaddr_t dst; + dns_tsigkey_t *key; + dns_transport_t *transport; + ISC_LINK(dns_checkds_t) link; + isc_rlevent_t *rlevent; +}; + +/*% + * Hold forward state. + */ +struct dns_forward { + unsigned int magic; + isc_mem_t *mctx; + dns_zone_t *zone; + isc_buffer_t *msgbuf; + dns_request_t *request; + uint32_t which; + isc_sockaddr_t addr; + dns_transport_t *transport; + dns_updatecallback_t callback; + void *callback_arg; + unsigned int options; + ISC_LINK(dns_forward_t) link; +}; + +/*% + * Hold state for when we are signing a zone with a new + * DNSKEY as result of an update. + */ +struct dns_signing { + unsigned int magic; + dns_db_t *db; + dns_dbiterator_t *dbiterator; + dst_algorithm_t algorithm; + uint16_t keyid; + bool deleteit; + bool fullsign; + bool done; + ISC_LINK(dns_signing_t) link; +}; + +struct dns_nsec3chain { + unsigned int magic; + dns_db_t *db; + dns_dbiterator_t *dbiterator; + dns_rdata_nsec3param_t nsec3param; + unsigned char salt[255]; + bool done; + bool seen_nsec; + bool delete_nsec; + bool save_delete_nsec; + ISC_LINK(dns_nsec3chain_t) link; +}; + +/*%< + * 'dbiterator' contains a iterator for the database. If we are creating + * a NSEC3 chain only the non-NSEC3 nodes will be iterated. If we are + * removing a NSEC3 chain then both NSEC3 and non-NSEC3 nodes will be + * iterated. + * + * 'nsec3param' contains the parameters of the NSEC3 chain being created + * or removed. + * + * 'salt' is buffer space and is referenced via 'nsec3param.salt'. + * + * 'seen_nsec' will be set to true if, while iterating the zone to create a + * NSEC3 chain, a NSEC record is seen. + * + * 'delete_nsec' will be set to true if, at the completion of the creation + * of a NSEC3 chain, 'seen_nsec' is true. If 'delete_nsec' is true then we + * are in the process of deleting the NSEC chain. + * + * 'save_delete_nsec' is used to store the initial state of 'delete_nsec' + * so it can be recovered in the event of a error. + */ + +/*% + * Reference to an include file encountered during loading + */ +struct dns_include { + char *name; + isc_time_t filetime; + ISC_LINK(dns_include_t) link; +}; + +typedef struct dns_rad { + isc_mem_t *mctx; + struct rcu_head rcu_head; + dns_fixedname_t fname; +} dns_rad_t; + +typedef struct zone_settimer { + dns_zone_t *zone; + isc_time_t now; +} zone_settimer_t; + +/*% + * Zone structure. + */ +struct dns_zone { + /* Unlocked */ + unsigned int magic; + isc_mutex_t lock; +#ifdef DNS_ZONE_CHECKLOCK + bool locked; +#endif /* ifdef DNS_ZONE_CHECKLOCK */ + isc_mem_t *mctx; + isc_refcount_t references; + + isc_rwlock_t dblock; + dns_db_t *db; /* Locked by dblock */ + + isc_tid_t tid; + /* Locked */ + dns_zonemgr_t *zmgr; + ISC_LINK(dns_zone_t) link; /* Used by zmgr. */ + isc_loop_t *loop; + isc_timer_t *timer; + isc_refcount_t irefs; + dns_name_t origin; + dns_rad_t *rad; + char *masterfile; + char *initfile; + const FILE *stream; /* loading from a stream? */ + ISC_LIST(dns_include_t) includes; /* Include files */ + ISC_LIST(dns_include_t) newincludes; /* Loading */ + unsigned int nincludes; + dns_masterformat_t masterformat; + const dns_master_style_t *masterstyle; + char *journal; + int32_t journalsize; + dns_rdataclass_t rdclass; + dns_zonetype_t type; + atomic_uint_fast64_t flags; + atomic_uint_fast64_t options; + unsigned int db_argc; + char **db_argv; + isc_time_t expiretime; + isc_time_t refreshtime; + isc_time_t dumptime; + isc_time_t loadtime; + isc_time_t notifytime; + isc_time_t resigntime; + isc_time_t keywarntime; + isc_time_t signingtime; + isc_time_t nsec3chaintime; + isc_time_t refreshkeytime; + isc_time_t xfrintime; + uint32_t refreshkeyinterval; + uint32_t refresh; + uint32_t retry; + uint32_t expire; + uint32_t minimum; + isc_stdtime_t key_expiry; + isc_stdtime_t log_key_expired_timer; + char *keydirectory; + dns_xfrin_t *xfr; + + uint32_t maxrefresh; + uint32_t minrefresh; + uint32_t maxretry; + uint32_t minretry; + + uint32_t maxrecords; + uint32_t maxrrperset; + uint32_t maxtypepername; + + dns_remote_t primaries; + + dns_remote_t parentals; + dns_dnsseckeylist_t checkds_ok; + dns_checkdstype_t checkdstype; + uint32_t parent_nscount; + + uint32_t fetchcount[ZONEFETCHTYPE_COUNT]; + + dns_remote_t alsonotify; + dns_notifyctx_t notifysoa; + + dns_remote_t cds_endpoints; + dns_notifyctx_t notifycds; + + isc_sockaddr_t parentalsrc4; + isc_sockaddr_t parentalsrc6; + isc_sockaddr_t xfrsource4; + isc_sockaddr_t xfrsource6; + isc_sockaddr_t sourceaddr; + dns_tsigkey_t *tsigkey; /* key used for xfr */ + dns_transport_t *transport; /* transport used for xfr */ + /* Access Control Lists */ + dns_acl_t *update_acl; + dns_acl_t *forward_acl; + dns_acl_t *query_acl; + dns_acl_t *queryon_acl; + dns_acl_t *xfr_acl; + bool update_disabled; + bool zero_no_soa_ttl; + dns_severity_t check_names; + + ISC_LIST(dns_checkds_t) checkds_requests; + dns_request_t *request; + dns_loadctx_t *loadctx; + dns_dumpctx_t *dumpctx; + uint32_t minxfrratebytesin; + uint32_t minxfrratesecondsin; + uint32_t maxxfrin; + uint32_t maxxfrout; + uint32_t idlein; + uint32_t idleout; + dns_ssutable_t *ssutable; + uint32_t sigvalidityinterval; + uint32_t keyvalidityinterval; + uint32_t sigresigninginterval; + dns_view_t *view; + dns_view_t *prev_view; + dns_kasp_t *kasp; + dns_kasp_t *defaultkasp; + dns_dnsseckeylist_t keyring; + dns_checkmxfunc_t checkmx; + dns_checksrvfunc_t checksrv; + dns_checknsfunc_t checkns; + dns_checkisservedbyfunc_t checkisservedby; + /*% + * Zones in certain states such as "waiting for zone transfer" + * or "zone transfer in progress" are kept on per-state linked lists + * in the zone manager using the 'statelink' field. The 'statelist' + * field points at the list the zone is currently on. It the zone + * is not on any such list, statelist is NULL. + */ + ISC_LINK(dns_zone_t) statelink; + dns_zonelist_t *statelist; + /*% + * Statistics counters about zone management. + */ + isc_stats_t *stats; + + /* + * Optional per-zone statistics counters. Counted outside of this + * module. + */ + dns_zonestat_level_t statlevel; + bool requeststats_on; + isc_stats_t *requeststats; + isc_statsmulti_t *rcvquerystats; + dns_stats_t *dnssecsignstats; + dns_isselffunc_t isself; + void *isselfarg; + + char *strnamerd; + char *strname; + char *strrdclass; + char *strviewname; + + /*% + * Serial number for deferred journal compaction. + */ + uint32_t compact_serial; + /*% + * Keys that are signing the zone for the first time. + */ + dns_signinglist_t signing; + dns_nsec3chainlist_t nsec3chain; + /*% + * List of outstanding NSEC3PARAM change requests. + */ + ISC_LIST(struct np3) setnsec3param_queue; + /*% + * Signing / re-signing quantum stopping parameters. + */ + uint32_t signatures; + uint32_t nodes; + dns_rdatatype_t privatetype; + + /*% + * True if added by "rndc addzone" + */ + bool added; + + /*% + * True if modded by "rndc modzone" + */ + bool modded; + + /*% + * True if added by automatically by named. + */ + bool automatic; + + /*% + * response policy data to be relayed to the database + */ + dns_rpz_zones_t *rpzs; + dns_rpz_num_t rpz_num; + + /*% + * catalog zone data + */ + dns_catz_zones_t *catzs; + + /*% + * parent catalog zone + */ + dns_catz_zone_t *parentcatz; + + /*% + * Serial number update method. + */ + dns_updatemethod_t updatemethod; + + /*% + * whether ixfr is requested + */ + bool requestixfr; + uint32_t requestixfr_maxdiffs; + uint32_t ixfr_ratio; + + /*% + * whether EDNS EXPIRE is requested + */ + bool requestexpire; + + /*% + * Outstanding forwarded UPDATE requests. + */ + dns_forwardlist_t forwards; + + dns_zone_t *raw; + dns_zone_t *secure; + + bool sourceserialset; + uint32_t sourceserial; + + /*% + * soa and maximum zone ttl + */ + dns_ttl_t soattl; + dns_ttl_t maxttl; + + /* + * Inline zone signing state. + */ + dns_diff_t rss_diff; + dns_dbversion_t *rss_newver; + dns_dbversion_t *rss_oldver; + dns_db_t *rss_db; + dns_zone_t *rss_raw; + struct rss *rss; + dns_update_state_t *rss_state; + + isc_stats_t *gluecachestats; + + /*% + * Offline KSK signed key responses. + */ + dns_skr_t *skr; + dns_skrbundle_t *skrbundle; + + /* + * Plugin-related data structures + */ + void *plugins; + void (*plugins_free)(isc_mem_t *, void **); + void *hooktable; + void (*hooktable_free)(isc_mem_t *, void **); + + /* Configuration text */ + char *cfg; +}; + typedef struct { dns_diff_t *diff; bool offline; @@ -219,3 +761,66 @@ dns__zone_keymgmt_shutdown(void); * Requires: * \li 'zone' to be a valid zone, locked. */ + +void +dns__zone_setview_helper(dns_zone_t *zone, dns_view_t *view); +/* + * Helper function to associate a zone with a view. + * + * Requires: + * + *\li 'zone' to be a valid zone, locked. + */ + +bool +dns__zone_inline_secure(dns_zone_t *zone); +/* + * Returns true iff this the signed side of an inline-signing zone. + * Caller should hold zone lock. + * + * Requires: + * + *\li 'zone' to be a valid zone, locked. + */ + +bool +dns__zone_inline_raw(dns_zone_t *zone); +/* + * Returns true iff this the signed side of an inline-signing zone. + * Caller should hold zone lock. + * + * Requires: + * + *\li 'zone' to be a valid zone, locked. + */ + +void +dns__zone_freedbargs(dns_zone_t *zone); +/*%< + * Free zone dbargs. + * + * Requires: + * + *\li 'zone' to be a valid zone. + */ + +void +dns__zone_settimer(dns_zone_t *zone, isc_time_t *now); +/*%< + * Sets zone timer to 'now' time. + * + * Requires: + * + *\li 'zone' to be a valid zone. + */ + +void +dns__zone_set_resigntime(dns_zone_t *zone); +/*%< + * Calculates the next resign time and sets zone timer + * accordingly. + * + * Requires: + * + *\li 'zone' to be a valid zone, locked. + */ diff --git a/lib/dns/zonefetch.c b/lib/dns/zonefetch.c index d73c6df6ef..b7f8491922 100644 --- a/lib/dns/zonefetch.c +++ b/lib/dns/zonefetch.c @@ -20,6 +20,7 @@ #include #include #include +#include #include "zone_p.h" diff --git a/lib/dns/zoneproperties.c b/lib/dns/zoneproperties.c new file mode 100644 index 0000000000..fc323068f8 --- /dev/null +++ b/lib/dns/zoneproperties.c @@ -0,0 +1,2050 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +/*! \file */ + +#include /* WMM: remove include */ +#include /* WMM: remove include */ + +#include +#include +#include +#include +#include +#include +#include + +#include "zone_p.h" + +static void +default_journal(dns_zone_t *zone); +static void +zone_namerd_tostr(dns_zone_t *zone, char *buf, size_t length); +static void +zone_name_tostr(dns_zone_t *zone, char *buf, size_t length); +static void +zone_rdclass_tostr(dns_zone_t *zone, char *buf, size_t length); + +static void +free_rad_rcu(struct rcu_head *rcu_head) { + dns_rad_t *rad = caa_container_of(rcu_head, dns_rad_t, rcu_head); + dns_fixedname_invalidate(&rad->fname); + + isc_mem_putanddetach(&rad->mctx, rad, sizeof(*rad)); +} + +/* + * Single shot. + */ +void +dns_zone_setclass(dns_zone_t *zone, dns_rdataclass_t rdclass) { + char namebuf[1024]; + + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(rdclass != dns_rdataclass_none); + + /* + * Test and set. + */ + LOCK_ZONE(zone); + INSIST(zone != zone->raw); + REQUIRE(zone->rdclass == dns_rdataclass_none || + zone->rdclass == rdclass); + zone->rdclass = rdclass; + + if (zone->strnamerd != NULL) { + isc_mem_free(zone->mctx, zone->strnamerd); + } + if (zone->strrdclass != NULL) { + isc_mem_free(zone->mctx, zone->strrdclass); + } + + zone_namerd_tostr(zone, namebuf, sizeof namebuf); + zone->strnamerd = isc_mem_strdup(zone->mctx, namebuf); + zone_rdclass_tostr(zone, namebuf, sizeof namebuf); + zone->strrdclass = isc_mem_strdup(zone->mctx, namebuf); + + if (dns__zone_inline_secure(zone)) { + dns_zone_setclass(zone->raw, rdclass); + } + UNLOCK_ZONE(zone); +} + +dns_rdataclass_t +dns_zone_getclass(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->rdclass; +} + +void +dns_zone_setnotifytype(dns_zone_t *zone, dns_rdatatype_t type, + dns_notifytype_t notifytype) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + switch (type) { + case dns_rdatatype_soa: + zone->notifysoa.notifytype = notifytype; + break; + case dns_rdatatype_cds: + INSIST(notifytype == dns_notifytype_no || + notifytype == dns_notifytype_yes); + zone->notifycds.notifytype = notifytype; + break; + default: + UNREACHABLE(); + } + UNLOCK_ZONE(zone); +} + +void +dns_zone_setcheckdstype(dns_zone_t *zone, dns_checkdstype_t checkdstype) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + zone->checkdstype = checkdstype; + UNLOCK_ZONE(zone); +} + +/* + * Single shot. + */ +void +dns_zone_settype(dns_zone_t *zone, dns_zonetype_t type) { + char namebuf[1024]; + + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(type != dns_zone_none); + + /* + * Test and set. + */ + LOCK_ZONE(zone); + REQUIRE(zone->type == dns_zone_none || zone->type == type); + zone->type = type; + + if (zone->strnamerd != NULL) { + isc_mem_free(zone->mctx, zone->strnamerd); + } + + zone_namerd_tostr(zone, namebuf, sizeof namebuf); + zone->strnamerd = isc_mem_strdup(zone->mctx, namebuf); + UNLOCK_ZONE(zone); +} + +void +dns_zone_getdbtype(dns_zone_t *zone, char ***argv, isc_mem_t *mctx) { + size_t size = 0; + unsigned int i; + void *mem; + char **tmp, *tmp2, *base; + + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(argv != NULL && *argv == NULL); + + LOCK_ZONE(zone); + size = ISC_CHECKED_MUL(zone->db_argc + 1, sizeof(char *)); + for (i = 0; i < zone->db_argc; i++) { + size += strlen(zone->db_argv[i]) + 1; + } + mem = isc_mem_allocate(mctx, size); + { + tmp = mem; + tmp2 = mem; + base = mem; + tmp2 += ISC_CHECKED_MUL(zone->db_argc + 1, sizeof(char *)); + for (i = 0; i < zone->db_argc; i++) { + *tmp++ = tmp2; + strlcpy(tmp2, zone->db_argv[i], size - (tmp2 - base)); + tmp2 += strlen(tmp2) + 1; + } + *tmp = NULL; + } + UNLOCK_ZONE(zone); + *argv = mem; +} + +void +dns_zone_setdbtype(dns_zone_t *zone, unsigned int dbargc, + const char *const *dbargv) { + char **argv = NULL; + unsigned int i; + + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(dbargc >= 1); + REQUIRE(dbargv != NULL); + + LOCK_ZONE(zone); + + /* Set up a new database argument list. */ + argv = isc_mem_cget(zone->mctx, dbargc, sizeof(*argv)); + for (i = 0; i < dbargc; i++) { + argv[i] = NULL; + } + for (i = 0; i < dbargc; i++) { + argv[i] = isc_mem_strdup(zone->mctx, dbargv[i]); + } + + /* Free the old list. */ + dns__zone_freedbargs(zone); + + zone->db_argc = dbargc; + zone->db_argv = argv; + + UNLOCK_ZONE(zone); +} + +void +dns_zone_setview(dns_zone_t *zone, dns_view_t *view) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + dns__zone_setview_helper(zone, view); + UNLOCK_ZONE(zone); +} + +dns_view_t * +dns_zone_getview(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->view; +} + +void +dns_zone_setorigin(dns_zone_t *zone, const dns_name_t *origin) { + char namebuf[1024]; + + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(origin != NULL); + + LOCK_ZONE(zone); + INSIST(zone != zone->raw); + if (dns_name_dynamic(&zone->origin)) { + dns_name_free(&zone->origin, zone->mctx); + dns_name_init(&zone->origin); + } + dns_name_dup(origin, zone->mctx, &zone->origin); + + if (zone->strnamerd != NULL) { + isc_mem_free(zone->mctx, zone->strnamerd); + } + if (zone->strname != NULL) { + isc_mem_free(zone->mctx, zone->strname); + } + + zone_namerd_tostr(zone, namebuf, sizeof namebuf); + zone->strnamerd = isc_mem_strdup(zone->mctx, namebuf); + zone_name_tostr(zone, namebuf, sizeof namebuf); + zone->strname = isc_mem_strdup(zone->mctx, namebuf); + + if (dns__zone_inline_secure(zone)) { + dns_zone_setorigin(zone->raw, origin); + } + UNLOCK_ZONE(zone); +} + +static void +setstring(dns_zone_t *zone, char **field, const char *value) { + char *copy; + + if (value != NULL) { + copy = isc_mem_strdup(zone->mctx, value); + } else { + copy = NULL; + } + + if (*field != NULL) { + isc_mem_free(zone->mctx, *field); + } + + *field = copy; +} + +typedef struct foundtoken foundtoken_t; +typedef isc_result_t (*tokenparse_t)(const dns_zone_t *zone, + const foundtoken_t *token, + isc_buffer_t *b); +struct foundtoken { + const char *pos; + size_t len; + tokenparse_t parse; +}; + +static int +foundtoken_order(const void *a, const void *b) { + /* sort char pointers in order of which occurs first in memory */ + return ((foundtoken_t *)a)->pos - ((foundtoken_t *)b)->pos; +} + +static isc_result_t +putmem(isc_buffer_t *b, const char *base, size_t length) { + size_t space = isc_buffer_availablelength(b) - 1; + if (space < length) { + isc_buffer_putmem(b, (const unsigned char *)base, space); + return ISC_R_NOSPACE; + } + + isc_buffer_putmem(b, (const unsigned char *)base, length); + return ISC_R_SUCCESS; +} + +static isc_result_t +tokenparse_type(const dns_zone_t *zone, const foundtoken_t *token, + isc_buffer_t *b) { + const char *typename = dns_zonetype_name(zone->type); + + UNUSED(token); + + return putmem(b, typename, strlen(typename)); +} + +static isc_result_t +tokenparse_name(const dns_zone_t *zone, const foundtoken_t *token, + isc_buffer_t *b) { + isc_result_t result; + char buf[DNS_NAME_FORMATSIZE]; + dns_fixedname_t fn; + dns_name_t *name = dns_fixedname_initname(&fn); + + UNUSED(token); + + result = dns_name_downcase(&zone->origin, name); + RUNTIME_CHECK(result == ISC_R_SUCCESS); + dns_name_format(name, buf, sizeof(buf)); + result = putmem(b, buf, strlen(buf)); + + return result; +} + +static isc_result_t +tokenparse_view(const dns_zone_t *zone, const foundtoken_t *token, + isc_buffer_t *b) { + UNUSED(token); + + return putmem(b, zone->view->name, strlen(zone->view->name)); +} + +static isc_result_t +tokenparse_char(const dns_zone_t *zone, const foundtoken_t *token, + isc_buffer_t *b) { + isc_result_t result; + char buf[DNS_NAME_FORMATSIZE]; + dns_fixedname_t fn; + dns_name_t *name = dns_fixedname_initname(&fn); + size_t chartokidx; + char c; + + result = dns_name_downcase(&zone->origin, name); + RUNTIME_CHECK(result == ISC_R_SUCCESS); + dns_name_format(name, buf, sizeof(buf)); + + chartokidx = token->pos[token->len - 1] - '1'; + INSIST(chartokidx <= 2); + if (chartokidx < strlen(buf)) { + c = buf[chartokidx]; + } else { + c = '.'; + } + result = putmem(b, &c, 1); + + return result; +} + +static isc_result_t +tokenparse_label(const dns_zone_t *zone, const foundtoken_t *token, + isc_buffer_t *b) { + isc_result_t result; + char buf[DNS_NAME_FORMATSIZE]; + dns_fixedname_t fn; + dns_name_t *name = dns_fixedname_initname(&fn); + unsigned int labels = dns_name_countlabels(&zone->origin); + char labeltokidx; + int ilabel = -1; + + result = dns_name_fromstring(name, ".", NULL, 0, NULL); + INSIST(result == ISC_R_SUCCESS); + + labeltokidx = token->pos[token->len - 1]; + if (token->len == 2) { + /* + * %z, %y, %x pattern + */ + INSIST(labeltokidx >= 'x' && labeltokidx <= 'z'); + } else { + /* + * $label1, $label2, $label3 pattern + */ + INSIST(labeltokidx >= '1' && labeltokidx <= '3'); + } + + /* + * Even if implicit, the root label counts as one label. + */ + if (labeltokidx == '1' || labeltokidx == 'z') { + ilabel = labels - 2; + } else if (labeltokidx == '2' || labeltokidx == 'y') { + ilabel = labels - 3; + } else if (labeltokidx == '3' || labeltokidx == 'x') { + ilabel = labels - 4; + } + + if (ilabel >= 0) { + dns_name_getlabelsequence(&zone->origin, ilabel, 1, name); + result = dns_name_downcase(name, name); + RUNTIME_CHECK(result == ISC_R_SUCCESS); + } + dns_name_format(name, buf, sizeof(buf)); + result = putmem(b, buf, strlen(buf)); + + return result; +} + +typedef struct { + const char *name; + tokenparse_t parse; +} token_t; +static const token_t tokens[] = { + { "$type", tokenparse_type }, { "$name", tokenparse_name }, + { "$view", tokenparse_view }, { "$char1", tokenparse_char }, + { "$char2", tokenparse_char }, { "$char3", tokenparse_char }, + { "$label1", tokenparse_label }, { "$label2", tokenparse_label }, + { "$label3", tokenparse_label }, { "%t", tokenparse_type }, + { "%s", tokenparse_name }, { "%v", tokenparse_view }, + { "%1", tokenparse_char }, { "%2", tokenparse_char }, + { "%3", tokenparse_char }, { "%z", tokenparse_label }, + { "%y", tokenparse_label }, { "%x", tokenparse_label } +}; + +/* + * Set the masterfile field, expanding: + * + * - $name or "%s" to the zone name + * - $type or "%t" to the zone type + * - $view or "%v" to the view name. + * - $char1 or "%1" to the first character of the zone name + * - $char2 or "%2" to the second character of the zone name (or a dot if + * there is no second character) + * - $char3 or "%3" to the third character of the zone name (or a dot if + * there is no third character) + * - $label1 or "%z" to the toplevel domain of the zone (or a dot if it is + * the TLD) + * - $label2 or "%y" to the next label under the toplevel domain (or a dot if + * there is no next label) + * - $label2 or "%x" to the next-next label under the toplevel domain (or a + * dot if there is no next-next label) + * + * Cap the length at PATH_MAX. + */ +static void +setfilename(dns_zone_t *zone, char **field, const char *value) { + isc_result_t result; + foundtoken_t founds[ARRAY_SIZE(tokens)]; + char filename[PATH_MAX]; + isc_buffer_t b; + size_t tags = 0; + + if (value == NULL) { + *field = NULL; + return; + } + + for (size_t i = 0; i < ARRAY_SIZE(tokens); i++) { + const token_t *token = &tokens[i]; + const char *p = strcasestr(value, token->name); + + if (p != NULL) { + founds[tags++] = + (foundtoken_t){ .pos = p, + .len = strlen(token->name), + .parse = token->parse }; + } + } + + if (tags == 0) { + setstring(zone, field, value); + return; + } + + isc_buffer_init(&b, filename, sizeof(filename)); + + /* sort the tag offsets in order of occurrence */ + qsort(founds, tags, sizeof(foundtoken_t), foundtoken_order); + + const char *p = value; + for (size_t i = 0; i < tags; i++) { + foundtoken_t *token = &founds[i]; + + CHECK(putmem(&b, p, token->pos - p)); + + p = token->pos; + INSIST(p != NULL); + CHECK(token->parse(zone, token, &b)); + + /* Advance the input pointer past the token */ + p += founds[i].len; + } + + const char *end = value + strlen(value); + putmem(&b, p, end - p); + +cleanup: + isc_buffer_putuint8(&b, 0); + setstring(zone, field, filename); +} + +void +dns_zone_setfile(dns_zone_t *zone, const char *file, const char *initial_file, + dns_masterformat_t format, const dns_master_style_t *style) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(zone->stream == NULL); + + LOCK_ZONE(zone); + setfilename(zone, &zone->masterfile, file); + setstring(zone, &zone->initfile, initial_file); + zone->masterformat = format; + if (format == dns_masterformat_text) { + zone->masterstyle = style; + } + default_journal(zone); + UNLOCK_ZONE(zone); +} + +const char * +dns_zone_getfile(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->masterfile; +} + +void +dns_zone_setstream(dns_zone_t *zone, const FILE *stream, + dns_masterformat_t format, const dns_master_style_t *style) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(stream != NULL); + REQUIRE(zone->masterfile == NULL); + + LOCK_ZONE(zone); + zone->stream = stream; + zone->masterformat = format; + if (format == dns_masterformat_text) { + zone->masterstyle = style; + } + default_journal(zone); + UNLOCK_ZONE(zone); +} + +dns_ttl_t +dns_zone_getmaxttl(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->maxttl; +} + +void +dns_zone_setmaxttl(dns_zone_t *zone, dns_ttl_t maxttl) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + if (maxttl != 0) { + DNS_ZONE_SETOPTION(zone, DNS_ZONEOPT_CHECKTTL); + } else { + DNS_ZONE_CLROPTION(zone, DNS_ZONEOPT_CHECKTTL); + } + zone->maxttl = maxttl; + UNLOCK_ZONE(zone); + + return; +} + +static void +default_journal(dns_zone_t *zone) { + char *journal; + + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(LOCKED_ZONE(zone)); + + if (zone->masterfile != NULL) { + /* Calculate string length including '\0'. */ + int len = strlen(zone->masterfile) + sizeof(".jnl"); + journal = isc_mem_allocate(zone->mctx, len); + strlcpy(journal, zone->masterfile, len); + strlcat(journal, ".jnl", len); + } else { + journal = NULL; + } + setstring(zone, &zone->journal, journal); + if (journal != NULL) { + isc_mem_free(zone->mctx, journal); + } +} + +void +dns_zone_setjournal(dns_zone_t *zone, const char *myjournal) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + setstring(zone, &zone->journal, myjournal); + UNLOCK_ZONE(zone); +} + +char * +dns_zone_getjournal(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->journal; +} + +isc_mem_t * +dns_zone_getmctx(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->mctx; +} + +dns_zonemgr_t * +dns_zone_getmgr(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->zmgr; +} + +void +dns_zone_setkasp(dns_zone_t *zone, dns_kasp_t *kasp) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + if (zone->kasp != NULL) { + dns_kasp_detach(&zone->kasp); + } + if (kasp != NULL) { + dns_kasp_attach(kasp, &zone->kasp); + } + UNLOCK_ZONE(zone); +} + +void +dns_zone_setdefaultkasp(dns_zone_t *zone, dns_kasp_t *kasp) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + if (zone->defaultkasp != NULL) { + dns_kasp_detach(&zone->defaultkasp); + } + if (kasp != NULL) { + dns_kasp_attach(kasp, &zone->defaultkasp); + } + UNLOCK_ZONE(zone); +} + +dns_kasp_t * +dns_zone_getkasp(dns_zone_t *zone) { + dns_kasp_t *kasp = NULL; + + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + if (dns__zone_inline_raw(zone) && zone->secure != NULL) { + kasp = zone->secure->kasp; + } else { + kasp = zone->kasp; + } + UNLOCK_ZONE(zone); + + return kasp; +} + +void +dns_zone_setxfrsource4(dns_zone_t *zone, const isc_sockaddr_t *xfrsource) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(xfrsource != NULL); + + LOCK_ZONE(zone); + zone->xfrsource4 = *xfrsource; + UNLOCK_ZONE(zone); +} + +void +dns_zone_getxfrsource4(dns_zone_t *zone, isc_sockaddr_t *xfrsource) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(xfrsource != NULL); + + LOCK_ZONE(zone); + *xfrsource = zone->xfrsource4; + UNLOCK_ZONE(zone); +} + +void +dns_zone_setxfrsource6(dns_zone_t *zone, const isc_sockaddr_t *xfrsource) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(xfrsource != NULL); + + LOCK_ZONE(zone); + zone->xfrsource6 = *xfrsource; + UNLOCK_ZONE(zone); +} + +void +dns_zone_getxfrsource6(dns_zone_t *zone, isc_sockaddr_t *xfrsource) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(xfrsource != NULL); + + LOCK_ZONE(zone); + *xfrsource = zone->xfrsource6; + UNLOCK_ZONE(zone); +} + +void +dns_zone_setparentalsrc4(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(parentalsrc != NULL); + + LOCK_ZONE(zone); + zone->parentalsrc4 = *parentalsrc; + UNLOCK_ZONE(zone); +} + +void +dns_zone_getparentalsrc4(dns_zone_t *zone, isc_sockaddr_t *parentalsrc) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(parentalsrc != NULL); + + LOCK_ZONE(zone); + *parentalsrc = zone->parentalsrc4; + UNLOCK_ZONE(zone); +} + +void +dns_zone_setparentalsrc6(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + zone->parentalsrc6 = *parentalsrc; + UNLOCK_ZONE(zone); +} + +void +dns_zone_getparentalsrc6(dns_zone_t *zone, isc_sockaddr_t *parentalsrc) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(parentalsrc != NULL); + + LOCK_ZONE(zone); + *parentalsrc = zone->parentalsrc6; + UNLOCK_ZONE(zone); +} + +void +dns_zone_setnotifysrc4(dns_zone_t *zone, dns_rdatatype_t type, + const isc_sockaddr_t *notifysrc) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(notifysrc != NULL); + + LOCK_ZONE(zone); + switch (type) { + case dns_rdatatype_soa: + zone->notifysoa.notifysrc4 = *notifysrc; + break; + case dns_rdatatype_cds: + zone->notifycds.notifysrc4 = *notifysrc; + break; + default: + UNREACHABLE(); + } + UNLOCK_ZONE(zone); +} + +void +dns_zone_setnotifysrc6(dns_zone_t *zone, dns_rdatatype_t type, + const isc_sockaddr_t *notifysrc) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(notifysrc != NULL); + + LOCK_ZONE(zone); + switch (type) { + case dns_rdatatype_soa: + zone->notifysoa.notifysrc6 = *notifysrc; + break; + case dns_rdatatype_cds: + zone->notifycds.notifysrc6 = *notifysrc; + break; + default: + UNREACHABLE(); + } + UNLOCK_ZONE(zone); +} + +static bool +has_pf(isc_sockaddr_t *addresses, size_t count, int pf) { + for (size_t i = 0; i < count; i++) { + if (isc_sockaddr_pf(&addresses[i]) == pf) { + return true; + } + } + return false; +} + +static void +report_no_active_addresses(dns_zone_t *zone, isc_sockaddr_t *addresses, + size_t count, const char *what) { + if (isc_net_probeipv4() == ISC_R_DISABLED) { + if (!has_pf(addresses, count, AF_INET6)) { + dns_zone_log(zone, ISC_LOG_NOTICE, + "IPv4 disabled and no IPv6 %s", what); + } + } else if (isc_net_probeipv6() == ISC_R_DISABLED) { + if (!has_pf(addresses, count, AF_INET)) { + dns_zone_log(zone, ISC_LOG_NOTICE, + "IPv6 disabled and no IPv4 %s", what); + } + } +} + +static void +setremote(dns_zone_t *zone, dns_remote_t *remote, const char *remotestr, + isc_sockaddr_t *addresses, isc_sockaddr_t *sources, + dns_name_t **keynames, dns_name_t **tlsnames, bool refresh, + bool report, uint32_t count) { + dns_remote_t newremote; + + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(DNS_REMOTE_VALID(remote)); + + newremote.magic = DNS_REMOTE_MAGIC; + newremote.addresses = addresses; + newremote.sources = sources; + newremote.keynames = keynames; + newremote.tlsnames = tlsnames; + newremote.addrcnt = count; + + if (dns_remote_equal(remote, &newremote)) { + return; + } + + /* + * The refresh code assumes that 'servers' wouldn't change under it. + * If it will change then kill off any current refresh in progress + * and update the primaries info. If it won't change then we can just + * unlock and exit. + */ + if (zone->request != NULL && refresh) { + dns_request_cancel(zone->request); + } + + dns_remote_clear(remote); + + /* + * If count == 0, don't allocate any space for servers. + */ + if (count == 0) { + return; + } + + /* + * Now set up the address and key lists. + */ + if (report) { + report_no_active_addresses(zone, addresses, count, remotestr); + } + + dns_remote_init(remote, count, addresses, sources, keynames, tlsnames, + true, zone->mctx); +} + +void +dns_zone_setalsonotify(dns_zone_t *zone, isc_sockaddr_t *addresses, + isc_sockaddr_t *sources, dns_name_t **keynames, + dns_name_t **tlsnames, uint32_t count) { + bool refresh = false; + bool report = false; + + LOCK_ZONE(zone); + setremote(zone, &zone->alsonotify, "also-notify", addresses, sources, + keynames, tlsnames, refresh, report, count); + UNLOCK_ZONE(zone); +} + +void +dns_zone_setprimaries(dns_zone_t *zone, isc_sockaddr_t *addresses, + isc_sockaddr_t *sources, dns_name_t **keynames, + dns_name_t **tlsnames, uint32_t count) { + bool refresh = true; + bool report = true; + + LOCK_ZONE(zone); + setremote(zone, &zone->primaries, "primaries", addresses, sources, + keynames, tlsnames, refresh, report, count); + DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_NOPRIMARIES); + UNLOCK_ZONE(zone); +} + +void +dns_zone_setparentals(dns_zone_t *zone, isc_sockaddr_t *addresses, + isc_sockaddr_t *sources, dns_name_t **keynames, + dns_name_t **tlsnames, uint32_t count) { + bool refresh = false; + bool report = true; + + LOCK_ZONE(zone); + setremote(zone, &zone->parentals, "parental-agents", addresses, sources, + keynames, tlsnames, refresh, report, count); + UNLOCK_ZONE(zone); +} + +void +dns_zone_setcdsendpoints(dns_zone_t *zone, isc_sockaddr_t *addresses, + isc_sockaddr_t *sources, dns_name_t **keynames, + dns_name_t **tlsnames, uint32_t count) { + bool refresh = false; + bool report = false; + + LOCK_ZONE(zone); + setremote(zone, &zone->cds_endpoints, "cds-endpoints", addresses, + sources, keynames, tlsnames, refresh, report, count); + UNLOCK_ZONE(zone); +} + +isc_result_t +dns_zone_getdb(dns_zone_t *zone, dns_db_t **dpb) { + isc_result_t result = ISC_R_SUCCESS; + + REQUIRE(DNS_ZONE_VALID(zone)); + + ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); + if (zone->db == NULL) { + result = DNS_R_NOTLOADED; + } else { + dns_db_attach(zone->db, dpb); + } + ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); + + return result; +} + +void +dns_zone_setdb(dns_zone_t *zone, dns_db_t *db) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(zone->type == dns_zone_staticstub); + + ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_write); + REQUIRE(zone->db == NULL); + dns_db_attach(db, &zone->db); + ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_write); +} + +void +dns_zone_setminrefreshtime(dns_zone_t *zone, uint32_t val) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(val > 0); + + zone->minrefresh = val; +} + +void +dns_zone_setmaxrefreshtime(dns_zone_t *zone, uint32_t val) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(val > 0); + + zone->maxrefresh = val; +} + +void +dns_zone_setminretrytime(dns_zone_t *zone, uint32_t val) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(val > 0); + + zone->minretry = val; +} + +void +dns_zone_setmaxretrytime(dns_zone_t *zone, uint32_t val) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(val > 0); + + zone->maxretry = val; +} + +uint32_t +dns_zone_getmaxrecords(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->maxrecords; +} + +void +dns_zone_setmaxrecords(dns_zone_t *zone, uint32_t val) { + REQUIRE(DNS_ZONE_VALID(zone)); + + zone->maxrecords = val; +} + +void +dns_zone_setmaxrrperset(dns_zone_t *zone, uint32_t val) { + REQUIRE(DNS_ZONE_VALID(zone)); + + zone->maxrrperset = val; + if (zone->db != NULL) { + dns_db_setmaxrrperset(zone->db, val); + } +} + +void +dns_zone_setmaxtypepername(dns_zone_t *zone, uint32_t val) { + REQUIRE(DNS_ZONE_VALID(zone)); + + zone->maxtypepername = val; + if (zone->db != NULL) { + dns_db_setmaxtypepername(zone->db, val); + } +} + +void +dns_zone_setnotifyacl(dns_zone_t *zone, dns_acl_t *acl) { + REQUIRE(DNS_ZONE_VALID(zone)); + + dns_zone_clearnotifyacl(zone); + + LOCK_ZONE(zone); + dns_acl_attach(acl, &zone->notifysoa.notify_acl); + dns_acl_attach(acl, &zone->notifycds.notify_acl); + UNLOCK_ZONE(zone); +} + +void +dns_zone_setqueryacl(dns_zone_t *zone, dns_acl_t *acl) { + REQUIRE(DNS_ZONE_VALID(zone)); + + dns_zone_clearqueryacl(zone); + + LOCK_ZONE(zone); + dns_acl_attach(acl, &zone->query_acl); + UNLOCK_ZONE(zone); +} + +void +dns_zone_setqueryonacl(dns_zone_t *zone, dns_acl_t *acl) { + REQUIRE(DNS_ZONE_VALID(zone)); + + dns_zone_clearqueryonacl(zone); + + LOCK_ZONE(zone); + dns_acl_attach(acl, &zone->queryon_acl); + UNLOCK_ZONE(zone); +} + +void +dns_zone_setupdateacl(dns_zone_t *zone, dns_acl_t *acl) { + REQUIRE(DNS_ZONE_VALID(zone)); + + dns_zone_clearupdateacl(zone); + + LOCK_ZONE(zone); + dns_acl_attach(acl, &zone->update_acl); + UNLOCK_ZONE(zone); +} + +void +dns_zone_setforwardacl(dns_zone_t *zone, dns_acl_t *acl) { + REQUIRE(DNS_ZONE_VALID(zone)); + + dns_zone_clearforwardacl(zone); + + LOCK_ZONE(zone); + dns_acl_attach(acl, &zone->forward_acl); + UNLOCK_ZONE(zone); +} + +void +dns_zone_setxfracl(dns_zone_t *zone, dns_acl_t *acl) { + REQUIRE(DNS_ZONE_VALID(zone)); + + dns_zone_clearxfracl(zone); + + LOCK_ZONE(zone); + dns_acl_attach(acl, &zone->xfr_acl); + UNLOCK_ZONE(zone); +} + +dns_acl_t * +dns_zone_getqueryacl(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->query_acl; +} + +dns_acl_t * +dns_zone_getqueryonacl(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->queryon_acl; +} + +dns_acl_t * +dns_zone_getupdateacl(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->update_acl; +} + +dns_acl_t * +dns_zone_getforwardacl(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->forward_acl; +} + +dns_acl_t * +dns_zone_getxfracl(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->xfr_acl; +} + +void +dns_zone_clearupdateacl(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + if (zone->update_acl != NULL) { + dns_acl_detach(&zone->update_acl); + } + UNLOCK_ZONE(zone); +} + +void +dns_zone_clearforwardacl(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + if (zone->forward_acl != NULL) { + dns_acl_detach(&zone->forward_acl); + } + UNLOCK_ZONE(zone); +} + +void +dns_zone_clearnotifyacl(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + if (zone->notifysoa.notify_acl != NULL) { + dns_acl_detach(&zone->notifysoa.notify_acl); + } + if (zone->notifycds.notify_acl != NULL) { + dns_acl_detach(&zone->notifycds.notify_acl); + } + UNLOCK_ZONE(zone); +} + +void +dns_zone_clearqueryacl(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + if (zone->query_acl != NULL) { + dns_acl_detach(&zone->query_acl); + } + UNLOCK_ZONE(zone); +} + +void +dns_zone_clearqueryonacl(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + if (zone->queryon_acl != NULL) { + dns_acl_detach(&zone->queryon_acl); + } + UNLOCK_ZONE(zone); +} + +void +dns_zone_clearxfracl(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + if (zone->xfr_acl != NULL) { + dns_acl_detach(&zone->xfr_acl); + } + UNLOCK_ZONE(zone); +} + +bool +dns_zone_getupdatedisabled(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + return zone->update_disabled; +} + +void +dns_zone_setupdatedisabled(dns_zone_t *zone, bool state) { + REQUIRE(DNS_ZONE_VALID(zone)); + zone->update_disabled = state; +} + +bool +dns_zone_getzeronosoattl(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + return zone->zero_no_soa_ttl; +} + +void +dns_zone_setzeronosoattl(dns_zone_t *zone, bool state) { + REQUIRE(DNS_ZONE_VALID(zone)); + zone->zero_no_soa_ttl = state; +} + +void +dns_zone_setchecknames(dns_zone_t *zone, dns_severity_t severity) { + REQUIRE(DNS_ZONE_VALID(zone)); + + zone->check_names = severity; +} + +dns_severity_t +dns_zone_getchecknames(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->check_names; +} + +void +dns_zone_setjournalsize(dns_zone_t *zone, int32_t size) { + REQUIRE(DNS_ZONE_VALID(zone)); + + zone->journalsize = size; +} + +int32_t +dns_zone_getjournalsize(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->journalsize; +} + +static void +zone_namerd_tostr(dns_zone_t *zone, char *buf, size_t length) { + isc_result_t result = ISC_R_FAILURE; + isc_buffer_t buffer; + + REQUIRE(buf != NULL); + REQUIRE(length > 1U); + + /* + * Leave space for terminating '\0'. + */ + isc_buffer_init(&buffer, buf, (unsigned int)length - 1); + if (zone->type != dns_zone_redirect && zone->type != dns_zone_key) { + if (dns_name_dynamic(&zone->origin)) { + result = dns_name_totext( + &zone->origin, DNS_NAME_OMITFINALDOT, &buffer); + } + if (result != ISC_R_SUCCESS && + isc_buffer_availablelength(&buffer) >= + (sizeof("") - 1)) + { + isc_buffer_putstr(&buffer, ""); + } + + if (isc_buffer_availablelength(&buffer) > 0) { + isc_buffer_putstr(&buffer, "/"); + } + (void)dns_rdataclass_totext(zone->rdclass, &buffer); + } + + if (zone->view != NULL && strcmp(zone->view->name, "_bind") != 0 && + strcmp(zone->view->name, "_default") != 0 && + strlen(zone->view->name) < isc_buffer_availablelength(&buffer)) + { + isc_buffer_putstr(&buffer, "/"); + isc_buffer_putstr(&buffer, zone->view->name); + } + if (dns__zone_inline_secure(zone) && + 9U < isc_buffer_availablelength(&buffer)) + { + isc_buffer_putstr(&buffer, " (signed)"); + } + if (dns__zone_inline_raw(zone) && + 11U < isc_buffer_availablelength(&buffer)) + { + isc_buffer_putstr(&buffer, " (unsigned)"); + } + + buf[isc_buffer_usedlength(&buffer)] = '\0'; +} + +static void +zone_name_tostr(dns_zone_t *zone, char *buf, size_t length) { + isc_result_t result = ISC_R_FAILURE; + isc_buffer_t buffer; + + REQUIRE(buf != NULL); + REQUIRE(length > 1U); + + /* + * Leave space for terminating '\0'. + */ + isc_buffer_init(&buffer, buf, (unsigned int)length - 1); + if (dns_name_dynamic(&zone->origin)) { + result = dns_name_totext(&zone->origin, DNS_NAME_OMITFINALDOT, + &buffer); + } + if (result != ISC_R_SUCCESS && + isc_buffer_availablelength(&buffer) >= (sizeof("") - 1)) + { + isc_buffer_putstr(&buffer, ""); + } + + buf[isc_buffer_usedlength(&buffer)] = '\0'; +} + +static void +zone_rdclass_tostr(dns_zone_t *zone, char *buf, size_t length) { + isc_buffer_t buffer; + + REQUIRE(buf != NULL); + REQUIRE(length > 1U); + + /* + * Leave space for terminating '\0'. + */ + isc_buffer_init(&buffer, buf, (unsigned int)length - 1); + (void)dns_rdataclass_totext(zone->rdclass, &buffer); + + buf[isc_buffer_usedlength(&buffer)] = '\0'; +} + +void +dns_zone_name(dns_zone_t *zone, char *buf, size_t length) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(buf != NULL); + + LOCK_ZONE(zone); + zone_namerd_tostr(zone, buf, length); + UNLOCK_ZONE(zone); +} + +void +dns_zone_nameonly(dns_zone_t *zone, char *buf, size_t length) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(buf != NULL); + zone_name_tostr(zone, buf, length); +} + +void +dns_zone_setminxfrratein(dns_zone_t *zone, uint32_t bytes, uint32_t seconds) { + REQUIRE(DNS_ZONE_VALID(zone)); + + zone->minxfrratebytesin = bytes; + zone->minxfrratesecondsin = seconds; +} + +uint32_t +dns_zone_getminxfrratebytesin(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->minxfrratebytesin; +} + +uint32_t +dns_zone_getminxfrratesecondsin(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->minxfrratesecondsin; +} + +void +dns_zone_setmaxxfrin(dns_zone_t *zone, uint32_t maxxfrin) { + REQUIRE(DNS_ZONE_VALID(zone)); + + zone->maxxfrin = maxxfrin; +} + +uint32_t +dns_zone_getmaxxfrin(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->maxxfrin; +} + +void +dns_zone_setmaxxfrout(dns_zone_t *zone, uint32_t maxxfrout) { + REQUIRE(DNS_ZONE_VALID(zone)); + zone->maxxfrout = maxxfrout; +} + +uint32_t +dns_zone_getmaxxfrout(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->maxxfrout; +} + +dns_zonetype_t +dns_zone_gettype(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->type; +} + +dns_name_t * +dns_zone_getorigin(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return &zone->origin; +} + +void +dns_zone_setidlein(dns_zone_t *zone, uint32_t idlein) { + REQUIRE(DNS_ZONE_VALID(zone)); + + if (idlein == 0) { + idlein = DNS_DEFAULT_IDLEIN; + } + zone->idlein = idlein; +} + +uint32_t +dns_zone_getidlein(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->idlein; +} + +void +dns_zone_setidleout(dns_zone_t *zone, uint32_t idleout) { + REQUIRE(DNS_ZONE_VALID(zone)); + + zone->idleout = idleout; +} + +uint32_t +dns_zone_getidleout(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->idleout; +} + +void +dns_zone_getssutable(dns_zone_t *zone, dns_ssutable_t **table) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(table != NULL); + REQUIRE(*table == NULL); + + LOCK_ZONE(zone); + if (zone->ssutable != NULL) { + dns_ssutable_attach(zone->ssutable, table); + } + UNLOCK_ZONE(zone); +} + +void +dns_zone_setssutable(dns_zone_t *zone, dns_ssutable_t *table) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + if (zone->ssutable != NULL) { + dns_ssutable_detach(&zone->ssutable); + } + if (table != NULL) { + dns_ssutable_attach(table, &zone->ssutable); + } + UNLOCK_ZONE(zone); +} + +void +dns_zone_setsigvalidityinterval(dns_zone_t *zone, uint32_t interval) { + REQUIRE(DNS_ZONE_VALID(zone)); + + zone->sigvalidityinterval = interval; +} + +uint32_t +dns_zone_getsigvalidityinterval(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->sigvalidityinterval; +} + +void +dns_zone_setkeyvalidityinterval(dns_zone_t *zone, uint32_t interval) { + REQUIRE(DNS_ZONE_VALID(zone)); + + zone->keyvalidityinterval = interval; +} + +uint32_t +dns_zone_getkeyvalidityinterval(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->keyvalidityinterval; +} + +void +dns_zone_setsigresigninginterval(dns_zone_t *zone, uint32_t interval) { + isc_time_t now; + + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + zone->sigresigninginterval = interval; + dns__zone_set_resigntime(zone); + if (zone->loop != NULL) { + now = isc_time_now(); + dns__zone_settimer(zone, &now); + } + UNLOCK_ZONE(zone); +} + +uint32_t +dns_zone_getsigresigninginterval(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->sigresigninginterval; +} + +void +dns_zone_getsourceaddr(dns_zone_t *zone, isc_sockaddr_t *sourceaddr) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(sourceaddr != NULL); + + LOCK_ZONE(zone); + INSIST(dns_remote_count(&zone->primaries) > 0); + *sourceaddr = zone->sourceaddr; + UNLOCK_ZONE(zone); +} + +isc_result_t +dns_zone_getprimaryaddr(dns_zone_t *zone, isc_sockaddr_t *primaryaddr) { + isc_result_t result = ISC_R_NOMORE; + + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(primaryaddr != NULL); + + LOCK_ZONE(zone); + INSIST(dns_remote_count(&zone->primaries) > 0); + if (!dns_remote_done(&zone->primaries)) { + *primaryaddr = dns_remote_curraddr(&zone->primaries); + result = ISC_R_SUCCESS; + } + UNLOCK_ZONE(zone); + + return result; +} + +isc_time_t +dns_zone_getxfrintime(dns_zone_t *zone) { + isc_time_t xfrintime; + + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + xfrintime = zone->xfrintime; + UNLOCK_ZONE(zone); + + return xfrintime; +} + +void +dns_zone_setstats(dns_zone_t *zone, isc_stats_t *stats) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(zone->stats == NULL); + + LOCK_ZONE(zone); + zone->stats = NULL; + isc_stats_attach(stats, &zone->stats); + UNLOCK_ZONE(zone); +} + +void +dns_zone_setrequeststats(dns_zone_t *zone, isc_stats_t *stats) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + if (zone->requeststats_on && stats == NULL) { + zone->requeststats_on = false; + } else if (!zone->requeststats_on && stats != NULL) { + if (zone->requeststats == NULL) { + isc_stats_attach(stats, &zone->requeststats); + } + zone->requeststats_on = true; + } + UNLOCK_ZONE(zone); +} + +void +dns_zone_setrcvquerystats(dns_zone_t *zone, isc_statsmulti_t *stats) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + if (zone->requeststats_on && stats != NULL) { + if (zone->rcvquerystats == NULL) { + isc_statsmulti_attach(stats, &zone->rcvquerystats); + zone->requeststats_on = true; + } + } + UNLOCK_ZONE(zone); +} + +void +dns_zone_setdnssecsignstats(dns_zone_t *zone, dns_stats_t *stats) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + if (stats != NULL && zone->dnssecsignstats == NULL) { + dns_stats_attach(stats, &zone->dnssecsignstats); + } + UNLOCK_ZONE(zone); +} + +dns_stats_t * +dns_zone_getdnssecsignstats(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->dnssecsignstats; +} + +isc_stats_t * +dns_zone_getrequeststats(dns_zone_t *zone) { + /* + * We don't lock zone for efficiency reason. This is not catastrophic + * because requeststats must always be valid when requeststats_on is + * true. + * Some counters may be incremented while requeststats_on is becoming + * false, or some cannot be incremented just after the statistics are + * installed, but it shouldn't matter much in practice. + */ + if (zone->requeststats_on) { + return zone->requeststats; + } else { + return NULL; + } +} + +/* + * Return the received query stats bucket + * see note from dns_zone_getrequeststats() + */ +isc_statsmulti_t * +dns_zone_getrcvquerystats(dns_zone_t *zone) { + if (zone->requeststats_on) { + return zone->rcvquerystats; + } else { + return NULL; + } +} + +void +dns_zone_setkeydirectory(dns_zone_t *zone, const char *directory) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + setstring(zone, &zone->keydirectory, directory); + UNLOCK_ZONE(zone); +} + +const char * +dns_zone_getkeydirectory(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->keydirectory; +} + +void +dns_zone_setcheckmx(dns_zone_t *zone, dns_checkmxfunc_t checkmx) { + REQUIRE(DNS_ZONE_VALID(zone)); + zone->checkmx = checkmx; +} + +void +dns_zone_setchecksrv(dns_zone_t *zone, dns_checksrvfunc_t checksrv) { + REQUIRE(DNS_ZONE_VALID(zone)); + zone->checksrv = checksrv; +} + +void +dns_zone_setcheckns(dns_zone_t *zone, dns_checknsfunc_t checkns) { + REQUIRE(DNS_ZONE_VALID(zone)); + zone->checkns = checkns; +} + +void +dns_zone_setcheckisservedby(dns_zone_t *zone, + dns_checkisservedbyfunc_t checkisservedby) { + REQUIRE(DNS_ZONE_VALID(zone)); + zone->checkisservedby = checkisservedby; +} + +void +dns_zone_setisself(dns_zone_t *zone, dns_isselffunc_t isself, void *arg) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + zone->isself = isself; + zone->isselfarg = arg; + UNLOCK_ZONE(zone); +} + +void +dns__zone_getisself(dns_zone_t *zone, dns_isselffunc_t *isself, void **arg) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(isself != NULL); + REQUIRE(arg != NULL && *arg == NULL); + + *isself = zone->isself; + *arg = zone->isselfarg; +} + +void +dns_zone_setnotifydefer(dns_zone_t *zone, dns_rdatatype_t type, + uint32_t defer) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + switch (type) { + case dns_rdatatype_soa: + zone->notifysoa.notifydefer = defer; + break; + case dns_rdatatype_cds: + /* not applicable to NOTIFY(CDS), unused */ + zone->notifycds.notifydefer = defer; + break; + default: + UNREACHABLE(); + } + UNLOCK_ZONE(zone); +} + +void +dns_zone_setnotifydelay(dns_zone_t *zone, dns_rdatatype_t type, + uint32_t delay) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + switch (type) { + case dns_rdatatype_soa: + zone->notifysoa.notifydelay = delay; + break; + case dns_rdatatype_cds: + /* not applicable to NOTIFY(CDS), unused */ + zone->notifycds.notifydelay = delay; + break; + default: + UNREACHABLE(); + } + UNLOCK_ZONE(zone); +} + +void +dns_zone_setnodes(dns_zone_t *zone, uint32_t nodes) { + REQUIRE(DNS_ZONE_VALID(zone)); + + if (nodes == 0) { + nodes = 1; + } + zone->nodes = nodes; +} + +void +dns_zone_setsignatures(dns_zone_t *zone, uint32_t signatures) { + REQUIRE(DNS_ZONE_VALID(zone)); + + /* + * We treat signatures as a signed value so explicitly + * limit its range here. + */ + if (signatures > INT32_MAX) { + signatures = INT32_MAX; + } else if (signatures == 0) { + signatures = 1; + } + zone->signatures = signatures; +} + +uint32_t +dns_zone_getsignatures(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + return zone->signatures; +} + +void +dns_zone_setprivatetype(dns_zone_t *zone, dns_rdatatype_t type) { + REQUIRE(DNS_ZONE_VALID(zone)); + zone->privatetype = type; +} + +dns_rdatatype_t +dns_zone_getprivatetype(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + return zone->privatetype; +} + +void +dns_zone_setautomatic(dns_zone_t *zone, bool automatic) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + zone->automatic = automatic; + UNLOCK_ZONE(zone); +} + +bool +dns_zone_getautomatic(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + return zone->automatic; +} + +void +dns_zone_setadded(dns_zone_t *zone, bool added) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + zone->added = added; + UNLOCK_ZONE(zone); +} + +bool +dns_zone_getadded(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + return zone->added; +} + +void +dns_zone_setmodded(dns_zone_t *zone, bool modded) { + REQUIRE(DNS_ZONE_VALID(zone)); + + LOCK_ZONE(zone); + zone->modded = modded; + UNLOCK_ZONE(zone); +} + +bool +dns_zone_getmodded(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + return zone->modded; +} + +isc_result_t +dns_zone_setrefreshkeyinterval(dns_zone_t *zone, uint32_t interval) { + REQUIRE(DNS_ZONE_VALID(zone)); + if (interval == 0) { + return ISC_R_RANGE; + } + /* Maximum value: 24 hours (3600 minutes) */ + if (interval > (24 * 60)) { + interval = (24 * 60); + } + /* Multiply by 60 for seconds */ + zone->refreshkeyinterval = interval * 60; + return ISC_R_SUCCESS; +} + +void +dns_zone_setrequestixfr(dns_zone_t *zone, bool flag) { + REQUIRE(DNS_ZONE_VALID(zone)); + zone->requestixfr = flag; +} + +bool +dns_zone_getrequestixfr(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + return zone->requestixfr; +} + +void +dns_zone_setrequestixfrmaxdiffs(dns_zone_t *zone, uint32_t maxdiffs) { + REQUIRE(DNS_ZONE_VALID(zone)); + zone->requestixfr_maxdiffs = maxdiffs; +} + +bool +dns_zone_getrequestixfrmaxdiffs(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + return zone->requestixfr_maxdiffs; +} + +void +dns_zone_setixfrratio(dns_zone_t *zone, uint32_t ratio) { + REQUIRE(DNS_ZONE_VALID(zone)); + zone->ixfr_ratio = ratio; +} + +uint32_t +dns_zone_getixfrratio(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + return zone->ixfr_ratio; +} + +void +dns_zone_setrequestexpire(dns_zone_t *zone, bool flag) { + REQUIRE(DNS_ZONE_VALID(zone)); + zone->requestexpire = flag; +} + +bool +dns_zone_getrequestexpire(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + return zone->requestexpire; +} + +void +dns_zone_setserialupdatemethod(dns_zone_t *zone, dns_updatemethod_t method) { + REQUIRE(DNS_ZONE_VALID(zone)); + zone->updatemethod = method; +} + +dns_updatemethod_t +dns_zone_getserialupdatemethod(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + return zone->updatemethod; +} + +void +dns_zone_getloadtime(dns_zone_t *zone, isc_time_t *loadtime) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(loadtime != NULL); + + LOCK_ZONE(zone); + *loadtime = zone->loadtime; + UNLOCK_ZONE(zone); +} + +void +dns_zone_getexpiretime(dns_zone_t *zone, isc_time_t *expiretime) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(expiretime != NULL); + + LOCK_ZONE(zone); + *expiretime = zone->expiretime; + UNLOCK_ZONE(zone); +} + +void +dns_zone_getrefreshtime(dns_zone_t *zone, isc_time_t *refreshtime) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(refreshtime != NULL); + + LOCK_ZONE(zone); + *refreshtime = zone->refreshtime; + UNLOCK_ZONE(zone); +} + +void +dns_zone_getrefreshkeytime(dns_zone_t *zone, isc_time_t *refreshkeytime) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(refreshkeytime != NULL); + + LOCK_ZONE(zone); + *refreshkeytime = zone->refreshkeytime; + UNLOCK_ZONE(zone); +} + +void +dns_zone_setstatlevel(dns_zone_t *zone, dns_zonestat_level_t level) { + REQUIRE(DNS_ZONE_VALID(zone)); + + zone->statlevel = level; +} + +dns_zonestat_level_t +dns_zone_getstatlevel(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->statlevel; +} + +unsigned int +dns_zone_gettid(dns_zone_t *zone) { + return zone->tid; +} + +isc_loop_t * +dns_zone_getloop(dns_zone_t *zone) { + return zone->loop; +} + +isc_result_t +dns_zone_getrad(dns_zone_t *zone, dns_name_t *name) { + isc_result_t result = ISC_R_NOTFOUND; + + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(DNS_NAME_VALID(name)); + + rcu_read_lock(); + dns_rad_t *rad = rcu_dereference(zone->rad); + if (rad != NULL) { + dns_name_t *inner = dns_fixedname_name(&rad->fname); + dns_name_copy(inner, name); + result = ISC_R_SUCCESS; + } + rcu_read_unlock(); + + return result; +} + +void +dns_zone_setrad(dns_zone_t *zone, dns_name_t *name) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(name == NULL || DNS_NAME_VALID(name)); + + rcu_read_lock(); + dns_rad_t *new_rad = NULL; + if (name != NULL) { + new_rad = isc_mem_get(zone->mctx, sizeof(*new_rad)); + *new_rad = (dns_rad_t){}; + dns_fixedname_init(&new_rad->fname); + + isc_mem_attach(zone->mctx, &new_rad->mctx); + dns_name_copy(name, dns_fixedname_name(&new_rad->fname)); + } + dns_rad_t *xchg_rad = rcu_xchg_pointer(&zone->rad, new_rad); + + if (xchg_rad != NULL) { + call_rcu(&xchg_rad->rcu_head, free_rad_rcu); + } + rcu_read_unlock(); +} + +void * +dns_zone_gethooktable(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + return zone->hooktable; +} + +void +dns_zone_sethooktable(dns_zone_t *zone, void *hooktable, + void (*hooktable_free)(isc_mem_t *, void **)) { + REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(zone->hooktable == NULL); + REQUIRE(zone->hooktable_free == NULL); + + zone->hooktable = hooktable; + zone->hooktable_free = hooktable_free; +} + +void +dns_zone_setcfg(dns_zone_t *zone, const char *cfg) { + REQUIRE(DNS_ZONE_VALID(zone)); + + if (zone->cfg != NULL) { + isc_mem_free(zone->mctx, zone->cfg); + } + if (cfg != NULL) { + zone->cfg = isc_mem_strdup(zone->mctx, cfg); + } +} + +const char * +dns_zone_getcfg(dns_zone_t *zone) { + REQUIRE(DNS_ZONE_VALID(zone)); + + return zone->cfg; +} diff --git a/lib/dns/zt.c b/lib/dns/zt.c index 7342fa2f79..524531dadf 100644 --- a/lib/dns/zt.c +++ b/lib/dns/zt.c @@ -31,6 +31,7 @@ #include #include #include +#include #include #define ZTMAGIC ISC_MAGIC('Z', 'T', 'b', 'l') diff --git a/lib/ns/client.c b/lib/ns/client.c index 6bdcbc3e62..7a4fd19771 100644 --- a/lib/ns/client.c +++ b/lib/ns/client.c @@ -55,6 +55,7 @@ #include #include #include +#include #include #include diff --git a/lib/ns/notify.c b/lib/ns/notify.c index 60753a4464..f28702574d 100644 --- a/lib/ns/notify.c +++ b/lib/ns/notify.c @@ -20,6 +20,7 @@ #include #include #include +#include #include #include diff --git a/lib/ns/query.c b/lib/ns/query.c index 0df029b949..b801b781e5 100644 --- a/lib/ns/query.c +++ b/lib/ns/query.c @@ -66,6 +66,7 @@ #include #include #include +#include #include #include diff --git a/lib/ns/update.c b/lib/ns/update.c index 0f959d1817..dd8173c79c 100644 --- a/lib/ns/update.c +++ b/lib/ns/update.c @@ -45,6 +45,7 @@ #include #include #include +#include #include #include diff --git a/lib/ns/xfrout.c b/lib/ns/xfrout.c index 66cc502dc5..98c7374b4f 100644 --- a/lib/ns/xfrout.c +++ b/lib/ns/xfrout.c @@ -40,6 +40,7 @@ #include #include #include +#include #include #include diff --git a/tests/dns/nsec3param_test.c b/tests/dns/nsec3param_test.c index b028f6a4d5..c8130d78bd 100644 --- a/tests/dns/nsec3param_test.c +++ b/tests/dns/nsec3param_test.c @@ -33,6 +33,7 @@ #include #include #include +#include #include "zone_p.h" diff --git a/tests/dns/sigs_test.c b/tests/dns/sigs_test.c index 040ca26abd..a8dfd32079 100644 --- a/tests/dns/sigs_test.c +++ b/tests/dns/sigs_test.c @@ -44,6 +44,7 @@ #include #include #include +#include #include diff --git a/tests/dns/zonefile_test.c b/tests/dns/zonefile_test.c index 58fad0a1aa..b3bbb9568e 100644 --- a/tests/dns/zonefile_test.c +++ b/tests/dns/zonefile_test.c @@ -29,6 +29,7 @@ #include #include +#include #include diff --git a/tests/dns/zonemgr_test.c b/tests/dns/zonemgr_test.c index 468019480b..def4a4e3a3 100644 --- a/tests/dns/zonemgr_test.c +++ b/tests/dns/zonemgr_test.c @@ -32,6 +32,7 @@ #include #include #include +#include #include diff --git a/tests/dns/zt_test.c b/tests/dns/zt_test.c index 02667afdcb..539ad0ced6 100644 --- a/tests/dns/zt_test.c +++ b/tests/dns/zt_test.c @@ -37,6 +37,7 @@ #include #include #include +#include #include #include diff --git a/tests/libtest/dns.c b/tests/libtest/dns.c index 1abd26c5e3..2da4a1a37c 100644 --- a/tests/libtest/dns.c +++ b/tests/libtest/dns.c @@ -48,6 +48,7 @@ #include #include #include +#include #include diff --git a/tests/libtest/ns.c b/tests/libtest/ns.c index d91c849bf3..9d81e013c9 100644 --- a/tests/libtest/ns.c +++ b/tests/libtest/ns.c @@ -43,6 +43,7 @@ #include #include #include +#include #include #include