1 /*	$NetBSD: zconf.h,v 1.1.1.1 2015/07/08 15:37:48 christos Exp $	*/
2 
3 /*****************************************************************
4 **
5 **	@(#) zconf.h
6 **
7 **	Copyright (c) Jan 2005, Jeroen Masar, Holger Zuleger.
8 **	All rights reserved.
9 **
10 **	This software is open source.
11 **
12 **	Redistribution and use in source and binary forms, with or without
13 **	modification, are permitted provided that the following conditions
14 **	are met:
15 **
16 **	Redistributions of source code must retain the above copyright notice,
17 **	this list of conditions and the following disclaimer.
18 **
19 **	Redistributions in binary form must reproduce the above copyright notice,
20 **	this list of conditions and the following disclaimer in the documentation
21 **	and/or other materials provided with the distribution.
22 **
23 **	Neither the name of Jeroen Masar and Holger Zuleger nor the
24 **	names of its contributors may be used to endorse or promote products
25 **	derived from this software without specific prior written permission.
26 **
27 **	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
28 **	"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
29 **	TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
30 **	PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
31 **	LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
32 **	CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
33 **	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
34 **	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
35 **	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
36 **	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
37 **	POSSIBILITY OF SUCH DAMAGE.
38 **
39 *****************************************************************/
40 #ifndef ZCONF_H
41 # define ZCONF_H
42 
43 
44 # define	MINSEC	60L
45 # define	HOURSEC	(MINSEC * 60)
46 # define	DAYSEC	(HOURSEC * 24)
47 # define	WEEKSEC	(DAYSEC * 7)
48 # define	YEARSEC	(DAYSEC * 365)
49 # define	DAY	(1)
50 # define	WEEK	(DAY * 7)
51 # define	MONTH	(DAY * 30)
52 # define	YEAR	(DAY * 365)
53 
54 # define	SIG_VALID_DAYS	(21)	/* 3 Weeks  */
55 # define	SIG_VALIDITY	(SIG_VALID_DAYS * DAYSEC)
56 # define	MAX_TTL		( 8 * HOURSEC)	/* default value of maximum ttl time */
57 # define	KEY_TTL		( 4 * HOURSEC)	/* default value of KEY TTL */
58 # define	PROPTIME	( 5 * MINSEC)	/* expected slave propagation time */
59 						/* should be small if notify is used  */
60 #if defined (DEF_TTL)
61 # define	DEF_TTL		(MAX_TTL/2)	/* currently not used */
62 #endif
63 
64 # define	RESIGN_INT	((SIG_VALID_DAYS - (SIG_VALID_DAYS / 3)) * DAYSEC)
65 # define	KSK_LIFETIME	(2 * YEARSEC)
66 #if 1
67 # define	ZSK_LIFETIME	((SIG_VALID_DAYS * 3) * DAYSEC)	/* set to three times the sig validity */
68 #else
69 # define	ZSK_LIFETIME	(12 * WEEKSEC)	/* set fixed to 3 month */
70 #endif
71 
72 /* # define	KSK_ALGO	(DK_ALGO_RSASHA1)	KSK_ALGO renamed to KEY_ALGO (v0.99) */
73 # define	KEY_ALGO	(DK_ALGO_RSASHA1)	/* general KEY_ALGO used for both ksk and zsk */
74 # define	ADDITIONAL_KEY_ALGO	0
75 # define	KSK_BITS	(1300)
76 # define	KSK_RANDOM	NULL
77 /* # define	ZSK_ALGO	(DK_ALGO_RSASHA1)	ZSK_ALGO has to be the same as KSK, so this is no longer used (v0.99) */
78 # define	ZSK_BITS	(512)
79 # define	ZSK_ALWAYS	0
80 # define	ZSK_RANDOM	"/dev/urandom"
81 # define	NSEC3		0		/* by default nsec3 is off */
82 # define	SALTLEN		24		/* salt length in bits (resolution is 4 bits)*/
83 
84 #if 0
85 # define	ZONEDIR		"."
86 #else
87 # define	ZONEDIR		CONFIG_PATH
88 #endif
89 # define	RECURSIVE	0
90 # define	PRINTTIME	1
91 # define	PRINTAGE	0
92 # define	LJUST		0
93 # define	LSCOLORTERM	NULL	/* or "" */
94 # define	KEYSETDIR	".."	/* keysets */
95 # define	LOGFILE		""
96 # define	LOGLEVEL	"error"
97 # define	LOGDOMAINDIR	""
98 # define	SYSLOGFACILITY	"none"
99 # define	SYSLOGLEVEL	"notice"
100 # define	VERBOSELOG	0
101 # define	ZONEFILE	"zone.db"
102 # define	DNSKEYFILE	"dnskey.db"
103 # define	LOOKASIDEDOMAIN	""	/* "dlv.trusted-keys.de" */
104 # define	SIG_RANDOM	NULL	/* "/dev/urandom" */
105 # define	SIG_PSEUDO	0
106 # define	SIG_GENDS	1
107 # define	SIG_DNSKEY_KSK	0	/* Sign DNSKEY RR with KSK only */
108 # define	SIG_PARAM	""
109 # define	DEPENDFILES	""
110 # define	DIST_CMD	NULL	/* default is to run "rndc reload" */
111 # define	NAMED_CHROOT	NULL	/* default is none */
112 
113 #ifndef CONFIG_PATH
114 # define	CONFIG_PATH	"/var/named/"
115 #endif
116 # define	CONFIG_FILE	CONFIG_PATH "dnssec.conf"
117 # define	LOCALCONF_FILE	"dnssec.conf"
118 
119 /* external command execution path (should be set via config.h) */
120 #ifndef BIND_UTIL_PATH
121 # define BIND_UTIL_PATH	"/usr/local/sbin/"	/* beware of trailing '/' */
122 #endif
123 # define	SIGNCMD		BIND_UTIL_PATH "dnssec-signzone"
124 # define	KEYGENCMD	BIND_UTIL_PATH "dnssec-keygen"
125 # define	RELOADCMD	BIND_UTIL_PATH "rndc"
126 
127 /* macros */
128 # define	isflistdelim(c)	( (c) == ':' || (c) == ',' || isspace (c) )
129 
130 typedef	enum {
131 	Unixtime = 1,
132 	Incremental
133 } serial_form_t;
134 
135 typedef	enum {
136 	NSEC3_OFF = 0,
137 	NSEC3_ON,
138 	NSEC3_OPTOUT
139 } nsec3_t;
140 
141 typedef	enum {
142 	none = 0,
143 	user,
144 	local0, local1, local2, local3, local4, local5, local6, local7
145 } syslog_facility_t;
146 
147 typedef	struct zconf	{
148 	char	*zonedir;
149 	int	recursive;
150 	int	printtime;
151 	int	printage;
152 	int	ljust;
153 	char	*colorterm;
154 	long	sigvalidity;	/* should be less than expire time */
155 	long	max_ttl;	/* should be set to the maximum used ttl in the zone */
156 	long	key_ttl;
157 	long	proptime;	/* expected time offset for zone propagation */
158 #if defined (DEF_TTL)
159 	long	def_ttl;	/* default ttl set in soa record  */
160 #endif
161 	serial_form_t	serialform;	/* format of serial no */
162 	long	resign;		/* resign interval */
163 
164 	int	k_algo;
165 	int	k2_algo;
166 	long	k_life;
167 	int	k_bits;
168 	char	*k_random;
169 	long	z_life;
170 	/* int	z_algo;		no longer used; renamed to k2_algo (v0.99) */
171 	int	z_bits;
172 	int	z_always;	/* always pre-publish zsk ? */
173 	char	*z_random;
174 	nsec3_t	nsec3;		/* 0 == off; 1 == on; 2 == on with optout */
175 	int	saltbits;
176 
177 	char	*view;
178 	int	noexec;
179 	// char	*errlog;
180 	char	*logfile;
181 	char	*loglevel;
182 	char	*logdomaindir;
183 	char	*syslogfacility;
184 	char	*sysloglevel;
185 	int	verboselog;
186 	int	verbosity;
187 	char	*keyfile;
188 	char	*zonefile;
189 	char	*keysetdir;
190 	char	*lookaside;
191 	char	*sig_random;
192 	int	sig_pseudo;
193 	int	sig_gends;
194 	int	sig_dnskeyksk;
195 	char	*sig_param;
196 	char	*dependfiles;
197 	char	*dist_cmd;	/* cmd to run instead of "rndc reload" */
198 	char	*chroot_dir;	/* chroot directory of named */
199 } zconf_t;
200 
201 extern	const char	*timeint2str (unsigned long val);
202 extern	zconf_t	*loadconfig (const char *filename, zconf_t *z);
203 extern	zconf_t	*loadconfig_fromstr (const char *str, zconf_t *z);
204 extern	zconf_t	*dupconfig (const zconf_t *conf);
205 extern	zconf_t	*freeconfig (zconf_t *conf);
206 extern	int	setconfigpar (zconf_t *conf, char *entry, const void *pval);
207 extern	int	printconfig (const char *fname, const zconf_t *cp);
208 extern	int	printconfigdiff (const char *fname, const zconf_t *ref, const zconf_t *z);
209 extern	int	checkconfig (const zconf_t *z);
210 extern	void	setconfigversion (int version);
211 
212 #endif
213