1 /***************************************************************** 2 ** 3 ** @(#) zconf.h 4 ** 5 ** Copyright (c) Jan 2005, Jeroen Masar, Holger Zuleger. 6 ** All rights reserved. 7 ** 8 ** This software is open source. 9 ** 10 ** Redistribution and use in source and binary forms, with or without 11 ** modification, are permitted provided that the following conditions 12 ** are met: 13 ** 14 ** Redistributions of source code must retain the above copyright notice, 15 ** this list of conditions and the following disclaimer. 16 ** 17 ** Redistributions in binary form must reproduce the above copyright notice, 18 ** this list of conditions and the following disclaimer in the documentation 19 ** and/or other materials provided with the distribution. 20 ** 21 ** Neither the name of Jeroen Masar and Holger Zuleger nor the 22 ** names of its contributors may be used to endorse or promote products 23 ** derived from this software without specific prior written permission. 24 ** 25 ** THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 26 ** "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 27 ** TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 28 ** PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE 29 ** LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 30 ** CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 31 ** SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 32 ** INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 33 ** CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 34 ** ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 35 ** POSSIBILITY OF SUCH DAMAGE. 36 ** 37 *****************************************************************/ 38 #ifndef ZCONF_H 39 # define ZCONF_H 40 41 42 # define MINSEC 60L 43 # define HOURSEC (MINSEC * 60) 44 # define DAYSEC (HOURSEC * 24) 45 # define WEEKSEC (DAYSEC * 7) 46 # define YEARSEC (DAYSEC * 365) 47 # define DAY (1) 48 # define WEEK (DAY * 7) 49 # define MONTH (DAY * 30) 50 # define YEAR (DAY * 365) 51 52 # define SIG_VALID_DAYS (21) /* 3 Weeks */ 53 # define SIG_VALIDITY (SIG_VALID_DAYS * DAYSEC) 54 # define MAX_TTL ( 8 * HOURSEC) /* default value of maximum ttl time */ 55 # define KEY_TTL ( 4 * HOURSEC) /* default value of KEY TTL */ 56 # define PROPTIME ( 5 * MINSEC) /* expected slave propagation time */ 57 /* should be small if notify is used */ 58 #if defined (DEF_TTL) 59 # define DEF_TTL (MAX_TTL/2) /* currently not used */ 60 #endif 61 62 # define RESIGN_INT ((SIG_VALID_DAYS - (SIG_VALID_DAYS / 3)) * DAYSEC) 63 # define KSK_LIFETIME (2 * YEARSEC) 64 #if 1 65 # define ZSK_LIFETIME ((SIG_VALID_DAYS * 3) * DAYSEC) /* set to three times the sig validity */ 66 #else 67 # define ZSK_LIFETIME (12 * WEEKSEC) /* set fixed to 3 month */ 68 #endif 69 70 /* # define KSK_ALGO (DK_ALGO_RSASHA1) KSK_ALGO renamed to KEY_ALGO (v0.99) */ 71 # define KEY_ALGO (DK_ALGO_RSASHA1) /* general KEY_ALGO used for both ksk and zsk */ 72 # define ADDITIONAL_KEY_ALGO 0 73 # define KSK_BITS (1300) 74 # define KSK_RANDOM NULL 75 /* # define ZSK_ALGO (DK_ALGO_RSASHA1) ZSK_ALGO has to be the same as KSK, so this is no longer used (v0.99) */ 76 # define ZSK_BITS (512) 77 # define ZSK_ALWAYS 0 78 # define ZSK_RANDOM "/dev/urandom" 79 # define NSEC3 0 /* by default nsec3 is off */ 80 # define SALTLEN 24 /* salt length in bits (resolution is 4 bits)*/ 81 82 #if 0 83 # define ZONEDIR "." 84 #else 85 # define ZONEDIR CONFIG_PATH 86 #endif 87 # define RECURSIVE 0 88 # define PRINTTIME 1 89 # define PRINTAGE 0 90 # define LJUST 0 91 # define LSCOLORTERM NULL /* or "" */ 92 # define KEYSETDIR ".." /* keysets */ 93 # define LOGFILE "" 94 # define LOGLEVEL "error" 95 # define LOGDOMAINDIR "" 96 # define SYSLOGFACILITY "none" 97 # define SYSLOGLEVEL "notice" 98 # define VERBOSELOG 0 99 # define ZONEFILE "zone.db" 100 # define DNSKEYFILE "dnskey.db" 101 # define LOOKASIDEDOMAIN "" /* "dlv.trusted-keys.de" */ 102 # define SIG_RANDOM NULL /* "/dev/urandom" */ 103 # define SIG_PSEUDO 0 104 # define SIG_GENDS 1 105 # define SIG_DNSKEY_KSK 0 /* Sign DNSKEY RR with KSK only */ 106 # define SIG_PARAM "" 107 # define DEPENDFILES "" 108 # define DIST_CMD NULL /* default is to run "rndc reload" */ 109 # define NAMED_CHROOT NULL /* default is none */ 110 111 #ifndef CONFIG_PATH 112 # define CONFIG_PATH "/var/named/" 113 #endif 114 # define CONFIG_FILE CONFIG_PATH "dnssec.conf" 115 # define LOCALCONF_FILE "dnssec.conf" 116 117 /* external command execution path (should be set via config.h) */ 118 #ifndef BIND_UTIL_PATH 119 # define BIND_UTIL_PATH "/usr/local/sbin/" /* beware of trailing '/' */ 120 #endif 121 # define SIGNCMD BIND_UTIL_PATH "dnssec-signzone" 122 # define KEYGENCMD BIND_UTIL_PATH "dnssec-keygen" 123 # define RELOADCMD BIND_UTIL_PATH "rndc" 124 125 /* macros */ 126 # define isflistdelim(c) ( (c) == ':' || (c) == ',' || isspace (c) ) 127 128 typedef enum { 129 Unixtime = 1, 130 Incremental 131 } serial_form_t; 132 133 typedef enum { 134 NSEC3_OFF = 0, 135 NSEC3_ON, 136 NSEC3_OPTOUT 137 } nsec3_t; 138 139 typedef enum { 140 none = 0, 141 user, 142 local0, local1, local2, local3, local4, local5, local6, local7 143 } syslog_facility_t; 144 145 typedef struct zconf { 146 char *zonedir; 147 int recursive; 148 int printtime; 149 int printage; 150 int ljust; 151 char *colorterm; 152 long sigvalidity; /* should be less than expire time */ 153 long max_ttl; /* should be set to the maximum used ttl in the zone */ 154 long key_ttl; 155 long proptime; /* expected time offset for zone propagation */ 156 #if defined (DEF_TTL) 157 long def_ttl; /* default ttl set in soa record */ 158 #endif 159 serial_form_t serialform; /* format of serial no */ 160 long resign; /* resign interval */ 161 162 int k_algo; 163 int k2_algo; 164 long k_life; 165 int k_bits; 166 char *k_random; 167 long z_life; 168 /* int z_algo; no longer used; renamed to k2_algo (v0.99) */ 169 int z_bits; 170 int z_always; /* always pre-publish zsk ? */ 171 char *z_random; 172 nsec3_t nsec3; /* 0 == off; 1 == on; 2 == on with optout */ 173 int saltbits; 174 175 char *view; 176 int noexec; 177 // char *errlog; 178 char *logfile; 179 char *loglevel; 180 char *logdomaindir; 181 char *syslogfacility; 182 char *sysloglevel; 183 int verboselog; 184 int verbosity; 185 char *keyfile; 186 char *zonefile; 187 char *keysetdir; 188 char *lookaside; 189 char *sig_random; 190 int sig_pseudo; 191 int sig_gends; 192 int sig_dnskeyksk; 193 char *sig_param; 194 char *dependfiles; 195 char *dist_cmd; /* cmd to run instead of "rndc reload" */ 196 char *chroot_dir; /* chroot directory of named */ 197 } zconf_t; 198 199 extern const char *timeint2str (unsigned long val); 200 extern zconf_t *loadconfig (const char *filename, zconf_t *z); 201 extern zconf_t *loadconfig_fromstr (const char *str, zconf_t *z); 202 extern zconf_t *dupconfig (const zconf_t *conf); 203 extern zconf_t *freeconfig (zconf_t *conf); 204 extern int setconfigpar (zconf_t *conf, char *entry, const void *pval); 205 extern int printconfig (const char *fname, const zconf_t *cp); 206 extern int printconfigdiff (const char *fname, const zconf_t *ref, const zconf_t *z); 207 extern int checkconfig (const zconf_t *z); 208 extern void setconfigversion (int version); 209 210 #endif 211