1 /*------------------------------------------------------------------------------ 2 * 3 * Copyright (c) 2011-2021, EURid vzw. All rights reserved. 4 * The YADIFA TM software product is provided under the BSD 3-clause license: 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * * Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * * Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * * Neither the name of EURid nor the names of its contributors may be 16 * used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 20 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 23 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 * 31 *------------------------------------------------------------------------------ 32 * 33 */ 34 35 /** @defgroup dnsdbzone Zone related functions 36 * @ingroup dnsdb 37 * @brief Functions used to manipulate a zone 38 * 39 * Functions used to manipulate a zone 40 * 41 * @{ 42 */ 43 44 #pragma once 45 46 #include <dnsdb/zdb_types.h> 47 #include <dnscore/zone_reader.h> 48 #include <dnsdb/zdb_sanitize.h> 49 50 #ifdef __cplusplus 51 extern "C" 52 { 53 #endif 54 55 /** 56 * @brief Load a zone in the database. 57 * 58 * Load a zone in the database. 59 * This is clearly MASTER oriented. 60 * 61 * @param[in] db a pointer to the database 62 * @param[in] filename a pointer to the filename of the zone 63 * @param[out] zone_pointer_out will contains a pointer to the loaded zone if the call is successful 64 * 65 * @return an error code. 66 * 67 */ 68 69 #define ZDB_ZONE_NO_MAINTENANCE 0x01 // do not maintain the zone DNSSEC state 70 #define ZDB_ZONE_REPLAY_JOURNAL 0x02 // replay the journal after the load 71 #define ZDB_ZONE_DESTROY_JOURNAL 0x04 // destroys the journal after a successful load 72 #define ZDB_ZONE_IS_SLAVE 0x08 // any NSEC3 inconsistencies must trigger an AXFR reload 73 74 #define ZDB_ZONE_DNSSEC_SHIFT 4 75 #define ZDB_ZONE_DNSSEC_MASK 0x0070 76 #define ZDB_ZONE_NOSEC 0x0000 77 #define ZDB_ZONE_NSEC 0x0010 78 #define ZDB_ZONE_NSEC3 0x0020 79 #define ZDB_ZONE_NSEC3_OPTOUT 0x0030 80 81 struct zdb_zone_load_dnskey_id_fields 82 { 83 u16 tag; 84 u8 algorithm; 85 u8 must_be_zero; 86 }; 87 88 union zdb_zone_load_dnskey_id 89 { 90 u32 id; 91 struct zdb_zone_load_dnskey_id_fields fields; 92 }; 93 94 #define ZDB_ZONE_LOAD_DNSKEY_STATE_FLAG_HAS_PUBKEY 1 95 #define ZDB_ZONE_LOAD_DNSKEY_STATE_FLAG_HAS_PRIVKEY 2 96 #define ZDB_ZONE_LOAD_DNSKEY_STATE_FLAG_MISSING_SIGNATURES 4 97 98 #define ZDB_ZONE_LOAD_STATE_SANITIZE_FIELD_AVAIABLE 8 99 #define ZDB_ZONE_LOAD_STATE_SANITIZE_SUMMARY_AVAILABLE 16 100 #define ZDB_ZONE_LOAD_STATE_SANITIZE_SUMMARY_MAINTENANCE_REQUIRED 32 101 #define ZDB_ZONE_LOAD_STATE_SANITIZE_SUMMARY_NSEC3_CHAIN_FIXED 64 102 103 #define ZZLDSKEY_TAG 0x59454b53444c5a5a 104 105 struct zdb_zone_load_dnskey_state_for_key 106 { 107 s32 signed_until; 108 s32 signed_from; 109 u32 rrsig_count; 110 u16 key_flags; 111 u8 flags; 112 }; 113 114 typedef u32_set zdb_zone_load_dnskey_state; 115 116 struct zdb_zone_load_parms 117 { 118 zone_reader *zr; 119 const u8 *expected_origin; 120 zdb_zone_load_dnskey_state dnskey_state; 121 zdb_zone *out_zone; 122 struct zdb_sanitize_parms sanitize_parms; 123 ya_result result_code; 124 u16 flags; 125 u16 state; 126 u8 expected_dnssec; 127 }; 128 129 void zdb_zone_load_parms_init(struct zdb_zone_load_parms *parms, zone_reader *zr, const u8 *expected_origin, u16 flags); 130 void zdb_zone_load_parms_dnskey_add(struct zdb_zone_load_parms *parms, const u8 *dnskey_rdata, u16 dnskey_rdata_size); 131 u16 zdb_zone_load_parms_get_key_flags_from_rrsig_rdata(struct zdb_zone_load_parms *parms, const u8 *rrsig_rdata, u16 rrsig_rdata_size); 132 void zdb_zone_load_parms_rrsig_add(struct zdb_zone_load_parms *parms, const u8 *rrsig_rdata, u16 rrsig_rdata_size); 133 zdb_zone *zdb_zone_load_parms_zone_detach(struct zdb_zone_load_parms *parms); 134 zdb_zone *zdb_zone_load_parms_zone_get(struct zdb_zone_load_parms *parms); 135 ya_result zdb_zone_load_parms_result_code(struct zdb_zone_load_parms *parms); 136 void zdb_zone_load_parms_finalize(struct zdb_zone_load_parms *parms); 137 138 ya_result zdb_zone_load_ex(struct zdb_zone_load_parms *parms); 139 140 /** 141 * @brief Load a zone file. 142 * 143 * Load a zone file. 144 * 145 * @note It is not a good idea to scan the zone content in here. ie: getting the earliest signature expiration. (It's counter-productive and pointless) 146 * 147 * @param[in] db_UNUSED a pointer to the database, obsolete, should be set to NULL 148 * @param[in] zr a pointer to an opened zone_reader 149 * @param[in] zone_pointer_out a pointer to the pointer that will be set with the loaded zone 150 * @param[in] expected_origin the expected origin for the loaded file, can be set to NULL 151 * @param[in] flags various flags 152 * 153 * @return an error code. 154 * 155 */ 156 157 ya_result zdb_zone_load(zdb* db_UNUSED, zone_reader* zr, zdb_zone** zone_out, const u8 *expected_origin, u16 flags); 158 159 /** 160 * @brief Load the zone SOA. 161 * 162 * Load the zone SOA record 163 * This is meant mainly for the slave that could choose between, ie: zone file or axfr zone file 164 * The SOA MUST BE the first record 165 * 166 * @param[in] db a pointer to the database 167 * @param[in] zone_data a pointer to an opened zone_reader at its start 168 * @param[out] zone_pointer_out will contains a pointer to the loaded zone if the call is successful 169 * 170 * @return an error code. 171 * 172 */ 173 ya_result zdb_zone_get_soa(zone_reader *zone_data, u16 *rdata_size, u8 *rdata); 174 175 #ifdef __cplusplus 176 } 177 #endif 178 179 /** @} */ 180