1 /* 2 * Copyright (c) 2009 NLNet Labs. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 15 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 17 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE 19 * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 20 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER 21 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 22 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN 23 * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 * 25 */ 26 27 #ifndef SIGNER_ZONE_H 28 #define SIGNER_ZONE_H 29 30 #include "config.h" 31 #include <ldns/ldns.h> 32 33 enum zone_zl_status_enum { 34 ZONE_ZL_OK = 0, 35 ZONE_ZL_ADDED, 36 ZONE_ZL_UPDATED, 37 ZONE_ZL_REMOVED 38 }; 39 typedef enum zone_zl_status_enum zone_zl_status; 40 41 typedef struct zone_struct zone_type; 42 43 #include "adapter/adapter.h" 44 #include "scheduler/schedule.h" 45 #include "locks.h" 46 #include "status.h" 47 #include "signer/ixfr.h" 48 #include "signer/namedb.h" 49 #include "signer/signconf.h" 50 #include "signer/stats.h" 51 #include "signer/rrset.h" 52 #include "wire/buffer.h" 53 #include "wire/notify.h" 54 #include "wire/xfrd.h" 55 #include "datastructure.h" 56 #include "daemon/engine.h" 57 58 struct schedule_struct; 59 60 struct zone_struct { 61 ldns_rdf* apex; /* wire format zone name */ 62 ldns_rr_class klass; /* class */ 63 uint32_t default_ttl; /* ttl */ 64 /* from conf.xml */ 65 char *notify_command; /* placeholder for the whole notify command */ 66 const char* notify_ns; /* master name server reload command */ 67 char** notify_args; /* reload command arguments */ 68 /* from zonelist.xml */ 69 const char* name; /* string format zone name */ 70 const char* policy_name; /* policy identifier */ 71 const char* signconf_filename; /* signconf filename */ 72 zone_zl_status zl_status; /* zonelist status */ 73 /* adapters */ 74 adapter_type* adinbound; /* inbound adapter */ 75 adapter_type* adoutbound; /* outbound adapter */ 76 /* from signconf.xml */ 77 signconf_type* signconf; /* signer configuration values */ 78 /* zone data */ 79 namedb_type* db; 80 ixfr_type* ixfr; 81 /* zone transfers */ 82 xfrd_type* xfrd; 83 notify_type* notify; 84 /* statistics */ 85 stats_type* stats; 86 pthread_mutex_t zone_lock; 87 pthread_mutex_t xfr_lock; 88 /* backing store for rrsigs (both domain as denial) */ 89 collection_class rrstore; 90 int zoneconfigvalid; /* flag indicating whether the signconf has at least once been read */ 91 }; 92 93 94 /** 95 * Create a new zone. 96 * \param[in] name zone name 97 * \param[in] klass zone class 98 * \return zone_type* zone 99 * 100 */ 101 extern zone_type* zone_create(char* name, ldns_rr_class klass); 102 103 /** 104 * Load signer configuration for zone. 105 * \param[in] zone zone 106 * \param[out] new_signconf new signer configuration 107 * \return ods_status status 108 * ODS_STATUS_OK: new signer configuration loaded 109 * ODS_STATUS_UNCHANGED: signer configuration has not changed 110 * other: signer configuration not loaded, error occurred 111 * 112 */ 113 extern ods_status zone_load_signconf(zone_type* zone, signconf_type** new_signconf); 114 115 /** 116 * Reschedule task for zone. 117 * \param[in] zone zone 118 * \param[in] taskq task queue 119 * \param[in] what new task identifier 120 * \return ods_status status 121 * 122 */ 123 extern ods_status zone_reschedule_task(zone_type* zone, schedule_type* taskq, 124 task_id what); 125 126 /** 127 * Publish the keys as indicated by the signer configuration. 128 * \param[in] zone zone 129 * \return ods_status status 130 * 131 */ 132 extern ods_status zone_publish_dnskeys(zone_type* zone, int skip_hsm_access); 133 134 /** 135 * Unlink DNSKEY RRs. 136 * \param[in] zone zone 137 * 138 */ 139 extern void zone_rollback_dnskeys(zone_type* zone); 140 141 /** 142 * Publish the NSEC3 parameters as indicated by the signer configuration. 143 * \param[in] zone zone 144 * \return ods_status status 145 * 146 */ 147 extern ods_status zone_publish_nsec3param(zone_type* zone); 148 149 /** 150 * Unlink NSEC3PARAM RR. 151 * \param[in] zone zone 152 * 153 */ 154 extern void zone_rollback_nsec3param(zone_type* zone); 155 156 /** 157 * Prepare keys for signing. 158 * \param[in] zone zone 159 * \return ods_status status 160 * 161 */ 162 extern ods_status zone_prepare_keys(zone_type* zone); 163 164 /** 165 * Update serial. 166 * \param[in] zone zone 167 * \return ods_status status 168 * 169 */ 170 extern ods_status zone_update_serial(zone_type* zone); 171 172 /** 173 * Lookup RRset. 174 * \param[in] zone zone 175 * \param[in] owner RRset owner 176 * \param[in] type RRtype 177 * \return rrset_type* RRset, if found 178 * 179 */ 180 extern rrset_type* zone_lookup_rrset(zone_type* zone, ldns_rdf* owner, 181 ldns_rr_type type); 182 183 /** 184 * Add RR. 185 * \param[in] zone zone 186 * \param[in] rr rr 187 * \param[in] do_stats true if we need to maintain statistics 188 * \return ods_status status 189 * ODS_STATUS_OK: rr to be added to zone 190 * ODS_STATUS_UNCHANGED: rr not added to zone, rr already exists 191 * other: rr not added to zone, error occurred 192 * 193 */ 194 extern ods_status zone_add_rr(zone_type* zone, ldns_rr* rr, int do_stats); 195 196 /** 197 * Delete RR. 198 * \param[in] zone zone 199 * \param[in] rr rr 200 * \param[in] do_stats true if we need to maintain statistics 201 * \return ods_status status 202 * ODS_STATUS_OK: rr to be removed from zone 203 * ODS_STATUS_UNCHANGED: rr not removed from zone, rr does not exist 204 * other: rr not removed from zone, error occurred 205 * 206 */ 207 extern ods_status zone_del_rr(zone_type* zone, ldns_rr* rr, int do_stats); 208 209 /** 210 * Remove all NSEC3PARAM RRs from the zone 211 * \return ODS_STATUS_UNCHANGED or ODS_STATUS_OK 212 */ 213 extern ods_status zone_del_nsec3params(zone_type* zone); 214 215 /** 216 * Merge zones. Values that are merged: 217 * - policy name 218 * - signconf filename 219 * - input and output adapter 220 * 221 * \param[in] z1 zone 222 * \param[in] z2 zone with new values 223 * 224 */ 225 extern void zone_merge(zone_type* z1, zone_type* z2); 226 227 /** 228 * Clean up zone. 229 * \param[in] zone zone 230 * 231 */ 232 extern void zone_cleanup(zone_type* zone); 233 234 /** 235 * Backup zone. 236 * \param[in] zone corresponding zone 237 * \return ods_status status 238 * 239 */ 240 extern ods_status zone_backup2(zone_type* zone, time_t nextResign); 241 242 /** 243 * Recover zone from backup. 244 * \param[in] zone corresponding zone 245 * 246 */ 247 extern ods_status zone_recover2(engine_type* engine, zone_type* zone); 248 249 #endif /* SIGNER_ZONE_H */ 250