1 /*	$NetBSD: server.h,v 1.9 2014/12/10 04:37:52 christos Exp $	*/
2 
3 /*
4  * Copyright (C) 2004-2014  Internet Systems Consortium, Inc. ("ISC")
5  * Copyright (C) 1999-2003  Internet Software Consortium.
6  *
7  * Permission to use, copy, modify, and/or distribute this software for any
8  * purpose with or without fee is hereby granted, provided that the above
9  * copyright notice and this permission notice appear in all copies.
10  *
11  * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
12  * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
13  * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
14  * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
15  * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
16  * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
17  * PERFORMANCE OF THIS SOFTWARE.
18  */
19 
20 /* Id: server.h,v 1.118 2012/01/31 23:47:31 tbox Exp  */
21 
22 #ifndef NAMED_SERVER_H
23 #define NAMED_SERVER_H 1
24 
25 /*! \file */
26 
27 #include <isc/log.h>
28 #include <isc/magic.h>
29 #include <isc/quota.h>
30 #include <isc/sockaddr.h>
31 #include <isc/types.h>
32 #include <isc/xml.h>
33 
34 #include <dns/acl.h>
35 #include <dns/types.h>
36 
37 #include <named/types.h>
38 
39 #define NS_EVENTCLASS		ISC_EVENTCLASS(0x4E43)
40 #define NS_EVENT_RELOAD		(NS_EVENTCLASS + 0)
41 #define NS_EVENT_CLIENTCONTROL	(NS_EVENTCLASS + 1)
42 
43 /*%
44  * Name server state.  Better here than in lots of separate global variables.
45  */
46 struct ns_server {
47 	unsigned int		magic;
48 	isc_mem_t *		mctx;
49 
50 	isc_task_t *		task;
51 
52 	/* Configurable data. */
53 	isc_quota_t		xfroutquota;
54 	isc_quota_t		tcpquota;
55 	isc_quota_t		recursionquota;
56 	dns_acl_t		*blackholeacl;
57 	char *			statsfile;	/*%< Statistics file name */
58 	char *			dumpfile;	/*%< Dump file name */
59 	char *			secrootsfile;	/*%< Secroots file name */
60 	char *			bindkeysfile;	/*%< bind.keys file name */
61 	char *			recfile;	/*%< Recursive file name */
62 	isc_boolean_t		version_set;	/*%< User has set version */
63 	char *			version;	/*%< User-specified version */
64 	isc_boolean_t		hostname_set;	/*%< User has set hostname */
65 	char *			hostname;	/*%< User-specified hostname */
66 	/*% Use hostname for server id */
67 	isc_boolean_t		server_usehostname;
68 	char *			server_id;	/*%< User-specified server id */
69 
70 	/*%
71 	 * Current ACL environment.  This defines the
72 	 * current values of the localhost and localnets
73 	 * ACLs.
74 	 */
75 	dns_aclenv_t		aclenv;
76 
77 	/* Server data structures. */
78 	dns_loadmgr_t *		loadmgr;
79 	dns_zonemgr_t *		zonemgr;
80 	dns_viewlist_t		viewlist;
81 	ns_interfacemgr_t *	interfacemgr;
82 	dns_db_t *		in_roothints;
83 	dns_tkeyctx_t *		tkeyctx;
84 
85 	isc_timer_t *		interface_timer;
86 	isc_timer_t *		heartbeat_timer;
87 	isc_timer_t *		pps_timer;
88 
89 	isc_uint32_t		interface_interval;
90 	isc_uint32_t		heartbeat_interval;
91 
92 	isc_mutex_t		reload_event_lock;
93 	isc_event_t *		reload_event;
94 
95 	isc_boolean_t		flushonshutdown;
96 	isc_boolean_t		log_queries;	/*%< For BIND 8 compatibility */
97 
98 	ns_cachelist_t		cachelist;	/*%< Possibly shared caches */
99 	isc_stats_t *		nsstats;	/*%< Server stats */
100 	dns_stats_t *		rcvquerystats;	/*% Incoming query stats */
101 	dns_stats_t *		opcodestats;	/*%< Incoming message stats */
102 	isc_stats_t *		zonestats;	/*% Zone management stats */
103 	isc_stats_t  *		resolverstats;	/*% Resolver stats */
104 	isc_stats_t *		sockstats;	/*%< Socket stats */
105 
106 	ns_controls_t *		controls;	/*%< Control channels */
107 	unsigned int		dispatchgen;
108 	ns_dispatchlist_t	dispatches;
109 
110 	dns_acache_t		*acache;
111 
112 	ns_statschannellist_t	statschannels;
113 
114 	dns_tsigkey_t		*sessionkey;
115 	char			*session_keyfile;
116 	dns_name_t		*session_keyname;
117 	unsigned int		session_keyalg;
118 	isc_uint16_t		session_keybits;
119 	isc_boolean_t		interface_auto;
120 	unsigned char		secret[32];	/*%< Source Identity Token */
121 };
122 
123 #define NS_SERVER_MAGIC			ISC_MAGIC('S','V','E','R')
124 #define NS_SERVER_VALID(s)		ISC_MAGIC_VALID(s, NS_SERVER_MAGIC)
125 
126 /*%
127  * Server statistics counters.  Used as isc_statscounter_t values.
128  */
129 enum {
130 	dns_nsstatscounter_requestv4 = 0,
131 	dns_nsstatscounter_requestv6 = 1,
132 	dns_nsstatscounter_edns0in = 2,
133 	dns_nsstatscounter_badednsver = 3,
134 	dns_nsstatscounter_tsigin = 4,
135 	dns_nsstatscounter_sig0in = 5,
136 	dns_nsstatscounter_invalidsig = 6,
137 	dns_nsstatscounter_requesttcp = 7,
138 
139 	dns_nsstatscounter_authrej = 8,
140 	dns_nsstatscounter_recurserej = 9,
141 	dns_nsstatscounter_xfrrej = 10,
142 	dns_nsstatscounter_updaterej = 11,
143 
144 	dns_nsstatscounter_response = 12,
145 	dns_nsstatscounter_truncatedresp = 13,
146 	dns_nsstatscounter_edns0out = 14,
147 	dns_nsstatscounter_tsigout = 15,
148 	dns_nsstatscounter_sig0out = 16,
149 
150 	dns_nsstatscounter_success = 17,
151 	dns_nsstatscounter_authans = 18,
152 	dns_nsstatscounter_nonauthans = 19,
153 	dns_nsstatscounter_referral = 20,
154 	dns_nsstatscounter_nxrrset = 21,
155 	dns_nsstatscounter_servfail = 22,
156 	dns_nsstatscounter_formerr = 23,
157 	dns_nsstatscounter_nxdomain = 24,
158 	dns_nsstatscounter_recursion = 25,
159 	dns_nsstatscounter_duplicate = 26,
160 	dns_nsstatscounter_dropped = 27,
161 	dns_nsstatscounter_failure = 28,
162 
163 	dns_nsstatscounter_xfrdone = 29,
164 
165 	dns_nsstatscounter_updatereqfwd = 30,
166 	dns_nsstatscounter_updaterespfwd = 31,
167 	dns_nsstatscounter_updatefwdfail = 32,
168 	dns_nsstatscounter_updatedone = 33,
169 	dns_nsstatscounter_updatefail = 34,
170 	dns_nsstatscounter_updatebadprereq = 35,
171 
172 	dns_nsstatscounter_recursclients = 36,
173 
174 	dns_nsstatscounter_dns64 = 37,
175 
176 	dns_nsstatscounter_ratedropped = 38,
177 	dns_nsstatscounter_rateslipped = 39,
178 
179 	dns_nsstatscounter_rpz_rewrites = 40,
180 
181 	dns_nsstatscounter_udp = 41,
182 	dns_nsstatscounter_tcp = 42,
183 
184 	dns_nsstatscounter_nsidopt = 43,
185 	dns_nsstatscounter_expireopt = 44,
186 	dns_nsstatscounter_otheropt = 45,
187 
188 #ifdef ISC_PLATFORM_USESIT
189 	dns_nsstatscounter_sitopt = 46,
190 	dns_nsstatscounter_sitbadsize = 47,
191 	dns_nsstatscounter_sitbadtime = 48,
192 	dns_nsstatscounter_sitnomatch = 49,
193 	dns_nsstatscounter_sitmatch = 50,
194 	dns_nsstatscounter_sitnew = 51,
195 
196 	dns_nsstatscounter_max = 52
197 #else
198 	dns_nsstatscounter_max = 46
199 #endif
200 };
201 
202 void
203 ns_server_create(isc_mem_t *mctx, ns_server_t **serverp);
204 /*%<
205  * Create a server object with default settings.
206  * This function either succeeds or causes the program to exit
207  * with a fatal error.
208  */
209 
210 void
211 ns_server_destroy(ns_server_t **serverp);
212 /*%<
213  * Destroy a server object, freeing its memory.
214  */
215 
216 void
217 ns_server_reloadwanted(ns_server_t *server);
218 /*%<
219  * Inform a server that a reload is wanted.  This function
220  * may be called asynchronously, from outside the server's task.
221  * If a reload is already scheduled or in progress, the call
222  * is ignored.
223  */
224 
225 void
226 ns_server_scan_interfaces(ns_server_t *server);
227 /*%<
228  * Trigger a interface scan.
229  * Must only be called when running under server->task.
230  */
231 
232 void
233 ns_server_flushonshutdown(ns_server_t *server, isc_boolean_t flush);
234 /*%<
235  * Inform the server that the zones should be flushed to disk on shutdown.
236  */
237 
238 isc_result_t
239 ns_server_reloadcommand(ns_server_t *server, char *args, isc_buffer_t *text);
240 /*%<
241  * Act on a "reload" command from the command channel.
242  */
243 
244 isc_result_t
245 ns_server_reconfigcommand(ns_server_t *server, char *args);
246 /*%<
247  * Act on a "reconfig" command from the command channel.
248  */
249 
250 isc_result_t
251 ns_server_notifycommand(ns_server_t *server, char *args, isc_buffer_t *text);
252 /*%<
253  * Act on a "notify" command from the command channel.
254  */
255 
256 isc_result_t
257 ns_server_refreshcommand(ns_server_t *server, char *args, isc_buffer_t *text);
258 /*%<
259  * Act on a "refresh" command from the command channel.
260  */
261 
262 isc_result_t
263 ns_server_retransfercommand(ns_server_t *server, char *args,
264 			    isc_buffer_t *text);
265 /*%<
266  * Act on a "retransfer" command from the command channel.
267  */
268 
269 isc_result_t
270 ns_server_togglequerylog(ns_server_t *server, char *args);
271 /*%<
272  * Enable/disable logging of queries.  (Takes "yes" or "no" argument,
273  * but can also be used as a toggle for backward comptibility.)
274  */
275 
276 /*%
277  * Dump the current statistics to the statistics file.
278  */
279 isc_result_t
280 ns_server_dumpstats(ns_server_t *server);
281 
282 /*%
283  * Dump the current cache to the dump file.
284  */
285 isc_result_t
286 ns_server_dumpdb(ns_server_t *server, char *args);
287 
288 /*%
289  * Dump the current security roots to the secroots file.
290  */
291 isc_result_t
292 ns_server_dumpsecroots(ns_server_t *server, char *args);
293 
294 /*%
295  * Change or increment the server debug level.
296  */
297 isc_result_t
298 ns_server_setdebuglevel(ns_server_t *server, char *args);
299 
300 /*%
301  * Flush the server's cache(s)
302  */
303 isc_result_t
304 ns_server_flushcache(ns_server_t *server, char *args);
305 
306 /*%
307  * Flush a particular name from the server's cache.  If 'tree' is false,
308  * also flush the name from the ADB and badcache.  If 'tree' is true, also
309  * flush all the names under the specified name.
310  */
311 isc_result_t
312 ns_server_flushnode(ns_server_t *server, char *args, isc_boolean_t tree);
313 
314 /*%
315  * Report the server's status.
316  */
317 isc_result_t
318 ns_server_status(ns_server_t *server, isc_buffer_t *text);
319 
320 /*%
321  * Report a list of dynamic and static tsig keys, per view.
322  */
323 isc_result_t
324 ns_server_tsiglist(ns_server_t *server, isc_buffer_t *text);
325 
326 /*%
327  * Delete a specific key (with optional view).
328  */
329 isc_result_t
330 ns_server_tsigdelete(ns_server_t *server, char *command, isc_buffer_t *text);
331 
332 /*%
333  * Enable or disable updates for a zone.
334  */
335 isc_result_t
336 ns_server_freeze(ns_server_t *server, isc_boolean_t freeze, char *args,
337 		 isc_buffer_t *text);
338 
339 /*%
340  * Dump zone updates to disk, optionally removing the journal file
341  */
342 isc_result_t
343 ns_server_sync(ns_server_t *server, char *args, isc_buffer_t *text);
344 
345 /*%
346  * Update a zone's DNSKEY set from the key repository.  If
347  * the command that triggered the call to this function was "sign",
348  * then force a full signing of the zone.  If it was "loadkeys",
349  * then don't sign the zone; any needed changes to signatures can
350  * take place incrementally.
351  */
352 isc_result_t
353 ns_server_rekey(ns_server_t *server, char *args, isc_buffer_t *text);
354 
355 /*%
356  * Dump the current recursive queries.
357  */
358 isc_result_t
359 ns_server_dumprecursing(ns_server_t *server);
360 
361 /*%
362  * Maintain a list of dispatches that require reserved ports.
363  */
364 void
365 ns_add_reserved_dispatch(ns_server_t *server, const isc_sockaddr_t *addr);
366 
367 /*%
368  * Enable or disable dnssec validation.
369  */
370 isc_result_t
371 ns_server_validation(ns_server_t *server, char *args, isc_buffer_t *text);
372 
373 /*%
374  * Add a zone to a running process
375  */
376 isc_result_t
377 ns_server_add_zone(ns_server_t *server, char *args, isc_buffer_t *text);
378 
379 /*%
380  * Deletes a zone from a running process
381  */
382 isc_result_t
383 ns_server_del_zone(ns_server_t *server, char *args, isc_buffer_t *text);
384 
385 /*%
386  * Lists the status of the signing records for a given zone.
387  */
388 isc_result_t
389 ns_server_signing(ns_server_t *server, char *args, isc_buffer_t *text);
390 
391 /*%
392  * Lists status information for a given zone (e.g., name, type, files,
393  * load time, expiry, etc).
394  */
395 isc_result_t
396 ns_server_zonestatus(ns_server_t *server, char *args, isc_buffer_t *text);
397 #endif /* NAMED_SERVER_H */
398