1 /*
2  * Copyright (c) 2009 NLNet Labs. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
15  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
17  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
19  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
21  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
22  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
23  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24  *
25  */
26 
27 #ifndef SIGNER_SIGNCONF_H
28 #define SIGNER_SIGNCONF_H
29 
30 #include <ldns/ldns.h>
31 #include <time.h>
32 
33 typedef struct signconf_struct signconf_type;
34 
35 #include "scheduler/task.h"
36 #include "status.h"
37 #include "duration.h"
38 #include "signer/keys.h"
39 #include "signer/nsec3params.h"
40 
41 struct signconf_struct {
42     /* Zone */
43     const char* name;
44     int passthrough;
45     /* Signatures */
46     duration_type* sig_resign_interval;
47     duration_type* sig_refresh_interval;
48     duration_type* sig_validity_default;
49     duration_type* sig_validity_denial;
50     duration_type* sig_validity_keyset;
51     duration_type* sig_jitter;
52     duration_type* sig_inception_offset;
53     /* Denial of existence */
54     duration_type* nsec3param_ttl;
55     ldns_rr_type nsec_type;
56     int nsec3_optout;
57     uint32_t nsec3_algo;
58     uint32_t nsec3_iterations;
59     const char* nsec3_salt;
60     nsec3params_type* nsec3params;
61     /* Keys */
62     duration_type* dnskey_ttl;
63     const char** dnskey_signature; /* may be NULL and must be NULL terminated */
64     keylist_type* keys;
65     /* Source of authority */
66     duration_type* soa_ttl;
67     duration_type* soa_min;
68     const char* soa_serial;
69     /* Other useful information */
70     duration_type* max_zone_ttl;
71     const char* filename;
72     time_t last_modified;
73 };
74 
75 /**
76  * Create a new signer configuration with the 'empty' settings.
77  * \return signconf_type* signer configuration
78  *
79  */
80 extern signconf_type* signconf_create(void);
81 
82 /**
83  * Update signer configuration.
84  * \param[out] signconf signer configuration
85  * \param[in] scfile signer configuration file name
86  * \param[in] last_modified last known modification
87  * \return ods_status status
88  *
89  */
90 extern ods_status signconf_update(signconf_type** signconf, const char* scfile,
91     time_t last_modified);
92 
93 /**
94  * Backup signer configuration.
95  * \param[in] fd file descriptor
96  * \param[in] sc signer configuration settings
97  * \param[in] version version string
98  *
99  */
100 void signconf_backup(FILE* fd, signconf_type* sc, const char* version);
101 
102 /**
103  * Check signer configuration.
104  * \param signconf signer configuration
105  * \return ods_status status
106  *
107  */
108 extern ods_status signconf_check(signconf_type* signconf);
109 
110 /**
111  * Compare signer configurations on denial of existence material.
112  * \param[in] a a signer configuration
113  * \param[in] b another signer configuration
114  * \return task_id what task needs to be scheduled
115  *
116  */
117 extern task_id signconf_compare_denial(signconf_type* a, signconf_type* b);
118 
119 /**
120  * Log signer configuration.
121  * \param[in] sc signconf to log
122  * \param[in] name zone name
123  *
124  */
125 extern void signconf_log(signconf_type* sc, const char* name);
126 
127 /**
128  * Clean up signer configuration.
129  * \param[in] sc signconf to cleanup
130  *
131  */
132 extern void signconf_cleanup(signconf_type* sc);
133 
134 #endif /* SIGNER_SIGNCONF_H */
135