1 /*
2  * Copyright (c) 2009 NLNet Labs. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
15  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
17  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
19  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
21  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
22  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
23  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24  *
25  */
26 
27 #ifndef SIGNER_ZONE_H
28 #define SIGNER_ZONE_H
29 
30 #include "config.h"
31 #include <ldns/ldns.h>
32 
33 enum zone_zl_status_enum {
34     ZONE_ZL_OK = 0,
35     ZONE_ZL_ADDED,
36     ZONE_ZL_UPDATED,
37     ZONE_ZL_REMOVED
38 };
39 typedef enum zone_zl_status_enum zone_zl_status;
40 
41 typedef struct zone_struct zone_type;
42 
43 #include "adapter/adapter.h"
44 #include "scheduler/schedule.h"
45 #include "locks.h"
46 #include "status.h"
47 #include "signer/ixfr.h"
48 #include "signer/namedb.h"
49 #include "signer/signconf.h"
50 #include "signer/stats.h"
51 #include "signer/rrset.h"
52 #include "wire/buffer.h"
53 #include "wire/notify.h"
54 #include "wire/xfrd.h"
55 #include "datastructure.h"
56 #include "daemon/engine.h"
57 
58 struct schedule_struct;
59 
60 struct zone_struct {
61     ldns_rdf* apex; /* wire format zone name */
62     ldns_rr_class klass; /* class */
63     uint32_t default_ttl; /* ttl */
64     /* from conf.xml */
65     char *notify_command; /* placeholder for the whole notify command */
66     const char* notify_ns; /* master name server reload command */
67     char** notify_args; /* reload command arguments */
68     /* from zonelist.xml */
69     const char* name; /* string format zone name */
70     const char* policy_name; /* policy identifier */
71     const char* signconf_filename; /* signconf filename */
72     zone_zl_status zl_status; /* zonelist status */
73     /* adapters */
74     adapter_type* adinbound; /* inbound adapter */
75     adapter_type* adoutbound; /* outbound adapter */
76     /* from signconf.xml */
77     signconf_type* signconf; /* signer configuration values */
78     /* zone data */
79     namedb_type* db;
80     ixfr_type* ixfr;
81     /* zone transfers */
82     xfrd_type* xfrd;
83     notify_type* notify;
84     /* statistics */
85     stats_type* stats;
86     pthread_mutex_t zone_lock;
87     pthread_mutex_t xfr_lock;
88     /* backing store for rrsigs (both domain as denial) */
89     collection_class rrstore;
90     int zoneconfigvalid; /* flag indicating whether the signconf has at least once been read */
91 };
92 
93 
94 /**
95  * Create a new zone.
96  * \param[in] name zone name
97  * \param[in] klass zone class
98  * \return zone_type* zone
99  *
100  */
101 extern zone_type* zone_create(char* name, ldns_rr_class klass);
102 
103 /**
104  * Load signer configuration for zone.
105  * \param[in] zone zone
106  * \param[out] new_signconf new signer configuration
107  * \return ods_status status
108  *         ODS_STATUS_OK: new signer configuration loaded
109  *         ODS_STATUS_UNCHANGED: signer configuration has not changed
110  *         other: signer configuration not loaded, error occurred
111  *
112  */
113 extern ods_status zone_load_signconf(zone_type* zone, signconf_type** new_signconf);
114 
115 /**
116  * Reschedule task for zone.
117  * \param[in] zone zone
118  * \param[in] taskq task queue
119  * \param[in] what new task identifier
120  * \return ods_status status
121  *
122  */
123 extern ods_status zone_reschedule_task(zone_type* zone, schedule_type* taskq,
124     task_id what);
125 
126 /**
127  * Publish the keys as indicated by the signer configuration.
128  * \param[in] zone zone
129  * \return ods_status status
130  *
131  */
132 extern ods_status zone_publish_dnskeys(zone_type* zone, int skip_hsm_access);
133 
134 /**
135  * Unlink DNSKEY RRs.
136  * \param[in] zone zone
137  *
138  */
139 extern void zone_rollback_dnskeys(zone_type* zone);
140 
141 /**
142  * Publish the NSEC3 parameters as indicated by the signer configuration.
143  * \param[in] zone zone
144  * \return ods_status status
145  *
146  */
147 extern ods_status zone_publish_nsec3param(zone_type* zone);
148 
149 /**
150  * Unlink NSEC3PARAM RR.
151  * \param[in] zone zone
152  *
153  */
154 extern void zone_rollback_nsec3param(zone_type* zone);
155 
156 /**
157  * Prepare keys for signing.
158  * \param[in] zone zone
159  * \return ods_status status
160  *
161  */
162 extern ods_status zone_prepare_keys(zone_type* zone);
163 
164 /**
165  * Update serial.
166  * \param[in] zone zone
167  * \return ods_status status
168  *
169  */
170 extern ods_status zone_update_serial(zone_type* zone);
171 
172 /**
173  * Lookup RRset.
174  * \param[in] zone zone
175  * \param[in] owner RRset owner
176  * \param[in] type RRtype
177  * \return rrset_type* RRset, if found
178  *
179  */
180 extern rrset_type* zone_lookup_rrset(zone_type* zone, ldns_rdf* owner,
181     ldns_rr_type type);
182 
183 /**
184  * Add RR.
185  * \param[in] zone zone
186  * \param[in] rr rr
187  * \param[in] do_stats true if we need to maintain statistics
188  * \return ods_status status
189  *         ODS_STATUS_OK: rr to be added to zone
190  *         ODS_STATUS_UNCHANGED: rr not added to zone, rr already exists
191  *         other: rr not added to zone, error occurred
192  *
193  */
194 extern ods_status zone_add_rr(zone_type* zone, ldns_rr* rr, int do_stats);
195 
196 /**
197  * Delete RR.
198  * \param[in] zone zone
199  * \param[in] rr rr
200  * \param[in] do_stats true if we need to maintain statistics
201  * \return ods_status status
202  *         ODS_STATUS_OK: rr to be removed from zone
203  *         ODS_STATUS_UNCHANGED: rr not removed from zone, rr does not exist
204  *         other: rr not removed from zone, error occurred
205  *
206  */
207 extern ods_status zone_del_rr(zone_type* zone, ldns_rr* rr, int do_stats);
208 
209 /**
210  * Remove all NSEC3PARAM RRs from the zone
211  * \return ODS_STATUS_UNCHANGED or ODS_STATUS_OK
212  */
213 extern ods_status zone_del_nsec3params(zone_type* zone);
214 
215 /**
216  * Merge zones. Values that are merged:
217  * - policy name
218  * - signconf filename
219  * - input and output adapter
220  *
221  * \param[in] z1 zone
222  * \param[in] z2 zone with new values
223  *
224  */
225 extern void zone_merge(zone_type* z1, zone_type* z2);
226 
227 /**
228  * Clean up zone.
229  * \param[in] zone zone
230  *
231  */
232 extern void zone_cleanup(zone_type* zone);
233 
234 /**
235  * Backup zone.
236  * \param[in] zone corresponding zone
237  * \return ods_status status
238  *
239  */
240 extern ods_status zone_backup2(zone_type* zone, time_t nextResign);
241 
242 /**
243  * Recover zone from backup.
244  * \param[in] zone corresponding zone
245  *
246  */
247 extern ods_status zone_recover2(engine_type* engine, zone_type* zone);
248 
249 #endif /* SIGNER_ZONE_H */
250