1 /* 2 * Copyright (C) 2004-2013, 2015 Internet Systems Consortium, Inc. ("ISC") 3 * Copyright (C) 1999-2003 Internet Software Consortium. 4 * 5 * Permission to use, copy, modify, and/or distribute this software for any 6 * purpose with or without fee is hereby granted, provided that the above 7 * copyright notice and this permission notice appear in all copies. 8 * 9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 10 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 11 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 12 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 13 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 14 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 15 * PERFORMANCE OF THIS SOFTWARE. 16 */ 17 18 /* $Id$ */ 19 20 #ifndef DNS_ZONE_H 21 #define DNS_ZONE_H 1 22 23 /*! \file dns/zone.h */ 24 25 /*** 26 *** Imports 27 ***/ 28 29 #include <stdio.h> 30 31 #include <isc/formatcheck.h> 32 #include <isc/lang.h> 33 #include <isc/rwlock.h> 34 35 #include <dns/master.h> 36 #include <dns/masterdump.h> 37 #include <dns/rdatastruct.h> 38 #include <dns/rpz.h> 39 #include <dns/types.h> 40 #include <dns/zt.h> 41 42 typedef enum { 43 dns_zone_none, 44 dns_zone_master, 45 dns_zone_slave, 46 dns_zone_stub, 47 dns_zone_staticstub, 48 dns_zone_key, 49 dns_zone_dlz, 50 dns_zone_redirect 51 } dns_zonetype_t; 52 53 typedef enum { 54 dns_zonestat_none = 0, 55 dns_zonestat_terse, 56 dns_zonestat_full 57 } dns_zonestat_level_t; 58 59 #define DNS_ZONEOPT_SERVERS 0x00000001U /*%< perform server checks */ 60 #define DNS_ZONEOPT_PARENTS 0x00000002U /*%< perform parent checks */ 61 #define DNS_ZONEOPT_CHILDREN 0x00000004U /*%< perform child checks */ 62 #define DNS_ZONEOPT_NOTIFY 0x00000008U /*%< perform NOTIFY */ 63 #define DNS_ZONEOPT_MANYERRORS 0x00000010U /*%< return many errors on load */ 64 #define DNS_ZONEOPT_IXFRFROMDIFFS 0x00000020U /*%< calculate differences */ 65 #define DNS_ZONEOPT_NOMERGE 0x00000040U /*%< don't merge journal */ 66 #define DNS_ZONEOPT_CHECKNS 0x00000080U /*%< check if NS's are addresses */ 67 #define DNS_ZONEOPT_FATALNS 0x00000100U /*%< DNS_ZONEOPT_CHECKNS is fatal */ 68 #define DNS_ZONEOPT_MULTIMASTER 0x00000200U /*%< this zone has multiple masters */ 69 #define DNS_ZONEOPT_USEALTXFRSRC 0x00000400U /*%< use alternate transfer sources */ 70 #define DNS_ZONEOPT_CHECKNAMES 0x00000800U /*%< check-names */ 71 #define DNS_ZONEOPT_CHECKNAMESFAIL 0x00001000U /*%< fatal check-name failures */ 72 #define DNS_ZONEOPT_CHECKWILDCARD 0x00002000U /*%< check for internal wildcards */ 73 #define DNS_ZONEOPT_CHECKMX 0x00004000U /*%< check-mx */ 74 #define DNS_ZONEOPT_CHECKMXFAIL 0x00008000U /*%< fatal check-mx failures */ 75 #define DNS_ZONEOPT_CHECKINTEGRITY 0x00010000U /*%< perform integrity checks */ 76 #define DNS_ZONEOPT_CHECKSIBLING 0x00020000U /*%< perform sibling glue checks */ 77 #define DNS_ZONEOPT_NOCHECKNS 0x00040000U /*%< disable IN NS address checks */ 78 #define DNS_ZONEOPT_WARNMXCNAME 0x00080000U /*%< warn on MX CNAME check */ 79 #define DNS_ZONEOPT_IGNOREMXCNAME 0x00100000U /*%< ignore MX CNAME check */ 80 #define DNS_ZONEOPT_WARNSRVCNAME 0x00200000U /*%< warn on SRV CNAME check */ 81 #define DNS_ZONEOPT_IGNORESRVCNAME 0x00400000U /*%< ignore SRV CNAME check */ 82 #define DNS_ZONEOPT_UPDATECHECKKSK 0x00800000U /*%< check dnskey KSK flag */ 83 #define DNS_ZONEOPT_TRYTCPREFRESH 0x01000000U /*%< try tcp refresh on udp failure */ 84 #define DNS_ZONEOPT_NOTIFYTOSOA 0x02000000U /*%< Notify the SOA MNAME */ 85 #define DNS_ZONEOPT_NSEC3TESTZONE 0x04000000U /*%< nsec3-test-zone */ 86 #define DNS_ZONEOPT_SECURETOINSECURE 0x08000000U /*%< dnssec-secure-to-insecure */ 87 #define DNS_ZONEOPT_DNSKEYKSKONLY 0x10000000U /*%< dnssec-dnskey-kskonly */ 88 #define DNS_ZONEOPT_CHECKDUPRR 0x20000000U /*%< check-dup-records */ 89 #define DNS_ZONEOPT_CHECKDUPRRFAIL 0x40000000U /*%< fatal check-dup-records failures */ 90 #define DNS_ZONEOPT_CHECKSPF 0x80000000U /*%< check SPF records */ 91 92 #ifndef NOMINUM_PUBLIC 93 /* 94 * Nominum specific options build down. 95 */ 96 #define DNS_ZONEOPT_NOTIFYFORWARD 0x80000000U /* forward notify to master */ 97 #endif /* NOMINUM_PUBLIC */ 98 99 /* 100 * Zone key maintenance options 101 */ 102 #define DNS_ZONEKEY_ALLOW 0x00000001U /*%< fetch keys on command */ 103 #define DNS_ZONEKEY_MAINTAIN 0x00000002U /*%< publish/sign on schedule */ 104 #define DNS_ZONEKEY_CREATE 0x00000004U /*%< make keys when needed */ 105 #define DNS_ZONEKEY_FULLSIGN 0x00000008U /*%< roll to new keys immediately */ 106 #define DNS_ZONEKEY_NORESIGN 0x00000010U /*%< no automatic resigning */ 107 108 #ifndef DNS_ZONE_MINREFRESH 109 #define DNS_ZONE_MINREFRESH 300 /*%< 5 minutes */ 110 #endif 111 #ifndef DNS_ZONE_MAXREFRESH 112 #define DNS_ZONE_MAXREFRESH 2419200 /*%< 4 weeks */ 113 #endif 114 #ifndef DNS_ZONE_DEFAULTREFRESH 115 #define DNS_ZONE_DEFAULTREFRESH 3600 /*%< 1 hour */ 116 #endif 117 #ifndef DNS_ZONE_MINRETRY 118 #define DNS_ZONE_MINRETRY 300 /*%< 5 minutes */ 119 #endif 120 #ifndef DNS_ZONE_MAXRETRY 121 #define DNS_ZONE_MAXRETRY 1209600 /*%< 2 weeks */ 122 #endif 123 #ifndef DNS_ZONE_DEFAULTRETRY 124 #define DNS_ZONE_DEFAULTRETRY 60 /*%< 1 minute, subject to 125 exponential backoff */ 126 #endif 127 128 #define DNS_ZONESTATE_XFERRUNNING 1 129 #define DNS_ZONESTATE_XFERDEFERRED 2 130 #define DNS_ZONESTATE_SOAQUERY 3 131 #define DNS_ZONESTATE_ANY 4 132 133 ISC_LANG_BEGINDECLS 134 135 /*** 136 *** Functions 137 ***/ 138 139 isc_result_t 140 dns_zone_create(dns_zone_t **zonep, isc_mem_t *mctx); 141 /*%< 142 * Creates a new empty zone and attach '*zonep' to it. 143 * 144 * Requires: 145 *\li 'zonep' to point to a NULL pointer. 146 *\li 'mctx' to be a valid memory context. 147 * 148 * Ensures: 149 *\li '*zonep' refers to a valid zone. 150 * 151 * Returns: 152 *\li #ISC_R_SUCCESS 153 *\li #ISC_R_NOMEMORY 154 *\li #ISC_R_UNEXPECTED 155 */ 156 157 void 158 dns_zone_setclass(dns_zone_t *zone, dns_rdataclass_t rdclass); 159 /*%< 160 * Sets the class of a zone. This operation can only be performed 161 * once on a zone. 162 * 163 * Require: 164 *\li 'zone' to be a valid zone. 165 *\li dns_zone_setclass() not to have been called since the zone was 166 * created. 167 *\li 'rdclass' != dns_rdataclass_none. 168 */ 169 170 dns_rdataclass_t 171 dns_zone_getclass(dns_zone_t *zone); 172 /*%< 173 * Returns the current zone class. 174 * 175 * Requires: 176 *\li 'zone' to be a valid zone. 177 */ 178 179 isc_result_t 180 dns_zone_getserial2(dns_zone_t *zone, isc_uint32_t *serialp); 181 182 isc_uint32_t 183 dns_zone_getserial(dns_zone_t *zone); 184 /*%< 185 * Returns the current serial number of the zone. On success, the SOA 186 * serial of the zone will be copied into '*serialp'. 187 * dns_zone_getserial() cannot catch failure cases and is deprecated by 188 * dns_zone_getserial2(). 189 * 190 * Requires: 191 *\li 'zone' to be a valid zone. 192 *\li 'serialp' to be non NULL 193 * 194 * Returns: 195 *\li #ISC_R_SUCCESS 196 *\li #DNS_R_NOTLOADED zone DB is not loaded 197 */ 198 199 void 200 dns_zone_settype(dns_zone_t *zone, dns_zonetype_t type); 201 /*%< 202 * Sets the zone type. This operation can only be performed once on 203 * a zone. 204 * 205 * Requires: 206 *\li 'zone' to be a valid zone. 207 *\li dns_zone_settype() not to have been called since the zone was 208 * created. 209 *\li 'type' != dns_zone_none 210 */ 211 212 void 213 dns_zone_setview(dns_zone_t *zone, dns_view_t *view); 214 /*%< 215 * Associate the zone with a view. 216 * 217 * Require: 218 *\li 'zone' to be a valid zone. 219 */ 220 221 dns_view_t * 222 dns_zone_getview(dns_zone_t *zone); 223 /*%< 224 * Returns the zone's associated view. 225 * 226 * Requires: 227 *\li 'zone' to be a valid zone. 228 */ 229 230 isc_result_t 231 dns_zone_setorigin(dns_zone_t *zone, const dns_name_t *origin); 232 /*%< 233 * Sets the zones origin to 'origin'. 234 * 235 * Require: 236 *\li 'zone' to be a valid zone. 237 *\li 'origin' to be non NULL. 238 * 239 * Returns: 240 *\li #ISC_R_SUCCESS 241 *\li #ISC_R_NOMEMORY 242 */ 243 244 dns_name_t * 245 dns_zone_getorigin(dns_zone_t *zone); 246 /*%< 247 * Returns the value of the origin. 248 * 249 * Require: 250 *\li 'zone' to be a valid zone. 251 */ 252 253 isc_result_t 254 dns_zone_setfile(dns_zone_t *zone, const char *file); 255 256 isc_result_t 257 dns_zone_setfile2(dns_zone_t *zone, const char *file, 258 dns_masterformat_t format); 259 /*%< 260 * Sets the name of the master file in the format of 'format' from which 261 * the zone loads its database to 'file'. 262 * 263 * For zones that have no associated master file, 'file' will be NULL. 264 * 265 * For zones with persistent databases, the file name 266 * setting is ignored. 267 * 268 * dns_zone_setfile() is a backward-compatible form of 269 * dns_zone_setfile2(), which always specifies the 270 * dns_masterformat_text (RFC1035) format. 271 * 272 * Require: 273 *\li 'zone' to be a valid zone. 274 * 275 * Returns: 276 *\li #ISC_R_NOMEMORY 277 *\li #ISC_R_SUCCESS 278 */ 279 280 const char * 281 dns_zone_getfile(dns_zone_t *zone); 282 /*%< 283 * Gets the name of the zone's master file, if any. 284 * 285 * Requires: 286 *\li 'zone' to be valid initialised zone. 287 * 288 * Returns: 289 *\li Pointer to null-terminated file name, or NULL. 290 */ 291 292 isc_result_t 293 dns_zone_load(dns_zone_t *zone); 294 295 isc_result_t 296 dns_zone_loadnew(dns_zone_t *zone); 297 298 isc_result_t 299 dns_zone_loadandthaw(dns_zone_t *zone); 300 301 /*%< 302 * Cause the database to be loaded from its backing store. 303 * Confirm that the minimum requirements for the zone type are 304 * met, otherwise DNS_R_BADZONE is returned. 305 * 306 * dns_zone_loadnew() only loads zones that are not yet loaded. 307 * dns_zone_load() also loads zones that are already loaded and 308 * and whose master file has changed since the last load. 309 * dns_zone_loadandthaw() is similar to dns_zone_load() but will 310 * also re-enable DNS UPDATEs when the load completes. 311 * 312 * Require: 313 *\li 'zone' to be a valid zone. 314 * 315 * Returns: 316 *\li #ISC_R_UNEXPECTED 317 *\li #ISC_R_SUCCESS 318 *\li DNS_R_CONTINUE Incremental load has been queued. 319 *\li DNS_R_UPTODATE The zone has already been loaded based on 320 * file system timestamps. 321 *\li DNS_R_BADZONE 322 *\li Any result value from dns_db_load(). 323 */ 324 325 isc_result_t 326 dns_zone_asyncload(dns_zone_t *zone, dns_zt_zoneloaded_t done, void *arg); 327 /*%< 328 * Cause the database to be loaded from its backing store asynchronously. 329 * Other zone maintenance functions are suspended until this is complete. 330 * When finished, 'done' is called to inform the caller, with 'arg' as 331 * its first argument and 'zone' as its second. (Normally, 'arg' is 332 * expected to point to the zone table but is left undefined for testing 333 * purposes.) 334 * 335 * Require: 336 *\li 'zone' to be a valid zone. 337 * 338 * Returns: 339 *\li #ISC_R_ALREADYRUNNING 340 *\li #ISC_R_SUCCESS 341 *\li #ISC_R_FAILURE 342 *\li #ISC_R_NOMEMORY 343 */ 344 345 isc_boolean_t 346 dns__zone_loadpending(dns_zone_t *zone); 347 /*%< 348 * Indicates whether the zone is waiting to be loaded asynchronously. 349 * (Not currently intended for use outside of this module and associated 350 * tests.) 351 */ 352 353 void 354 dns_zone_attach(dns_zone_t *source, dns_zone_t **target); 355 /*%< 356 * Attach '*target' to 'source' incrementing its external 357 * reference count. 358 * 359 * Require: 360 *\li 'zone' to be a valid zone. 361 *\li 'target' to be non NULL and '*target' to be NULL. 362 */ 363 364 void 365 dns_zone_detach(dns_zone_t **zonep); 366 /*%< 367 * Detach from a zone decrementing its external reference count. 368 * If this was the last external reference to the zone it will be 369 * shut down and eventually freed. 370 * 371 * Require: 372 *\li 'zonep' to point to a valid zone. 373 */ 374 375 void 376 dns_zone_iattach(dns_zone_t *source, dns_zone_t **target); 377 /*%< 378 * Attach '*target' to 'source' incrementing its internal 379 * reference count. This is intended for use by operations 380 * such as zone transfers that need to prevent the zone 381 * object from being freed but not from shutting down. 382 * 383 * Require: 384 *\li The caller is running in the context of the zone's task. 385 *\li 'zone' to be a valid zone. 386 *\li 'target' to be non NULL and '*target' to be NULL. 387 */ 388 389 void 390 dns_zone_idetach(dns_zone_t **zonep); 391 /*%< 392 * Detach from a zone decrementing its internal reference count. 393 * If there are no more internal or external references to the 394 * zone, it will be freed. 395 * 396 * Require: 397 *\li The caller is running in the context of the zone's task. 398 *\li 'zonep' to point to a valid zone. 399 */ 400 401 void 402 dns_zone_setflag(dns_zone_t *zone, unsigned int flags, isc_boolean_t value); 403 /*%< 404 * Sets ('value' == 'ISC_TRUE') / clears ('value' == 'IS_FALSE') 405 * zone flags. Valid flag bits are DNS_ZONE_F_*. 406 * 407 * Requires 408 *\li 'zone' to be a valid zone. 409 */ 410 411 isc_result_t 412 dns_zone_getdb(dns_zone_t *zone, dns_db_t **dbp); 413 /*%< 414 * Attach '*dbp' to the database to if it exists otherwise 415 * return DNS_R_NOTLOADED. 416 * 417 * Require: 418 *\li 'zone' to be a valid zone. 419 *\li 'dbp' to be != NULL && '*dbp' == NULL. 420 * 421 * Returns: 422 *\li #ISC_R_SUCCESS 423 *\li DNS_R_NOTLOADED 424 */ 425 426 void 427 dns_zone_setdb(dns_zone_t *zone, dns_db_t *db); 428 /*%< 429 * Sets the zone database to 'db'. 430 * 431 * This function is expected to be used to configure a zone with a 432 * database which is not loaded from a file or zone transfer. 433 * It can be used for a general purpose zone, but right now its use 434 * is limited to static-stub zones to avoid possible undiscovered 435 * problems in the general cases. 436 * 437 * Require: 438 *\li 'zone' to be a valid zone of static-stub. 439 *\li zone doesn't have a database. 440 */ 441 442 isc_result_t 443 dns_zone_setdbtype(dns_zone_t *zone, 444 unsigned int dbargc, const char * const *dbargv); 445 /*%< 446 * Sets the database type to dbargv[0] and database arguments 447 * to subsequent dbargv elements. 448 * 'db_type' is not checked to see if it is a valid database type. 449 * 450 * Require: 451 *\li 'zone' to be a valid zone. 452 *\li 'database' to be non NULL. 453 *\li 'dbargc' to be >= 1 454 *\li 'dbargv' to point to dbargc NULL-terminated strings 455 * 456 * Returns: 457 *\li #ISC_R_NOMEMORY 458 *\li #ISC_R_SUCCESS 459 */ 460 461 isc_result_t 462 dns_zone_getdbtype(dns_zone_t *zone, char ***argv, isc_mem_t *mctx); 463 /*%< 464 * Returns the current dbtype. isc_mem_free() should be used 465 * to free 'argv' after use. 466 * 467 * Require: 468 *\li 'zone' to be a valid zone. 469 *\li 'argv' to be non NULL and *argv to be NULL. 470 *\li 'mctx' to be valid. 471 * 472 * Returns: 473 *\li #ISC_R_NOMEMORY 474 *\li #ISC_R_SUCCESS 475 */ 476 477 void 478 dns_zone_markdirty(dns_zone_t *zone); 479 /*%< 480 * Mark a zone as 'dirty'. 481 * 482 * Require: 483 *\li 'zone' to be a valid zone. 484 */ 485 486 void 487 dns_zone_expire(dns_zone_t *zone); 488 /*%< 489 * Mark the zone as expired. If the zone requires dumping cause it to 490 * be initiated. Set the refresh and retry intervals to there default 491 * values and unload the zone. 492 * 493 * Require 494 *\li 'zone' to be a valid zone. 495 */ 496 497 void 498 dns_zone_refresh(dns_zone_t *zone); 499 /*%< 500 * Initiate zone up to date checks. The zone must already be being 501 * managed. 502 * 503 * Require 504 *\li 'zone' to be a valid zone. 505 */ 506 507 isc_result_t 508 dns_zone_flush(dns_zone_t *zone); 509 /*%< 510 * Write the zone to database if there are uncommitted changes. 511 * 512 * Require: 513 *\li 'zone' to be a valid zone. 514 */ 515 516 isc_result_t 517 dns_zone_dump(dns_zone_t *zone); 518 /*%< 519 * Write the zone to database. 520 * 521 * Require: 522 *\li 'zone' to be a valid zone. 523 */ 524 525 isc_result_t 526 dns_zone_dumptostream(dns_zone_t *zone, FILE *fd); 527 528 isc_result_t 529 dns_zone_dumptostream2(dns_zone_t *zone, FILE *fd, dns_masterformat_t format, 530 const dns_master_style_t *style); 531 isc_result_t 532 dns_zone_dumptostream3(dns_zone_t *zone, FILE *fd, dns_masterformat_t format, 533 const dns_master_style_t *style, 534 const isc_uint32_t rawversion); 535 /*%< 536 * Write the zone to stream 'fd' in the specified 'format'. 537 * If the 'format' is dns_masterformat_text (RFC1035), 'style' also 538 * specifies the file style (e.g., &dns_master_style_default). 539 * 540 * dns_zone_dumptostream() is a backward-compatible form of 541 * dns_zone_dumptostream2(), which always uses the dns_masterformat_text 542 * format and the dns_master_style_default style. 543 * 544 * dns_zone_dumptostream2() is a backward-compatible form of 545 * dns_zone_dumptostream3(), which always uses the current 546 * default raw file format version. 547 * 548 * Note that dns_zone_dumptostream3() is the most flexible form. It 549 * can also provide the functionality of dns_zone_fulldumptostream(). 550 * 551 * Require: 552 *\li 'zone' to be a valid zone. 553 *\li 'fd' to be a stream open for writing. 554 */ 555 556 isc_result_t 557 dns_zone_fulldumptostream(dns_zone_t *zone, FILE *fd); 558 /*%< 559 * The same as dns_zone_dumptostream, but dumps the zone with 560 * different dump settings (dns_master_style_full). 561 * 562 * Require: 563 *\li 'zone' to be a valid zone. 564 *\li 'fd' to be a stream open for writing. 565 */ 566 567 void 568 dns_zone_maintenance(dns_zone_t *zone); 569 /*%< 570 * Perform regular maintenance on the zone. This is called as a 571 * result of a zone being managed. 572 * 573 * Require 574 *\li 'zone' to be a valid zone. 575 */ 576 577 isc_result_t 578 dns_zone_setmasters(dns_zone_t *zone, const isc_sockaddr_t *masters, 579 isc_uint32_t count); 580 isc_result_t 581 dns_zone_setmasterswithkeys(dns_zone_t *zone, 582 const isc_sockaddr_t *masters, 583 dns_name_t **keynames, 584 isc_uint32_t count); 585 /*%< 586 * Set the list of master servers for the zone. 587 * 588 * Require: 589 *\li 'zone' to be a valid zone. 590 *\li 'masters' array of isc_sockaddr_t with port set or NULL. 591 *\li 'count' the number of masters. 592 *\li 'keynames' array of dns_name_t's for tsig keys or NULL. 593 * 594 * \li dns_zone_setmasters() is just a wrapper to setmasterswithkeys(), 595 * passing NULL in the keynames field. 596 * 597 * \li If 'masters' is NULL then 'count' must be zero. 598 * 599 * Returns: 600 *\li #ISC_R_SUCCESS 601 *\li #ISC_R_NOMEMORY 602 *\li Any result dns_name_dup() can return, if keynames!=NULL 603 */ 604 605 isc_result_t 606 dns_zone_setalsonotify(dns_zone_t *zone, const isc_sockaddr_t *notify, 607 isc_uint32_t count); 608 isc_result_t 609 dns_zone_setalsonotifywithkeys(dns_zone_t *zone, const isc_sockaddr_t *notify, 610 dns_name_t **keynames, isc_uint32_t count); 611 /*%< 612 * Set the list of additional servers to be notified when 613 * a zone changes. To clear the list use 'count = 0'. 614 * 615 * dns_zone_alsonotifywithkeys() allows each notify address to 616 * be associated with a TSIG key. 617 * 618 * Require: 619 *\li 'zone' to be a valid zone. 620 *\li 'notify' to be non-NULL if count != 0. 621 *\li 'count' to be the number of notifiees. 622 * 623 * Returns: 624 *\li #ISC_R_SUCCESS 625 *\li #ISC_R_NOMEMORY 626 */ 627 628 void 629 dns_zone_unload(dns_zone_t *zone); 630 /*%< 631 * detach the database from the zone structure. 632 * 633 * Require: 634 *\li 'zone' to be a valid zone. 635 */ 636 637 void 638 dns_zone_setoption(dns_zone_t *zone, unsigned int option, isc_boolean_t value); 639 /*%< 640 * Set given options on ('value' == ISC_TRUE) or off ('value' == 641 * #ISC_FALSE). 642 * 643 * Require: 644 *\li 'zone' to be a valid zone. 645 */ 646 647 unsigned int 648 dns_zone_getoptions(dns_zone_t *zone); 649 /*%< 650 * Returns the current zone options. 651 * 652 * Require: 653 *\li 'zone' to be a valid zone. 654 */ 655 656 void 657 dns_zone_setkeyopt(dns_zone_t *zone, unsigned int option, isc_boolean_t value); 658 /*%< 659 * Set key options on ('value' == ISC_TRUE) or off ('value' == 660 * #ISC_FALSE). 661 * 662 * Require: 663 *\li 'zone' to be a valid zone. 664 */ 665 666 unsigned int 667 dns_zone_getkeyopts(dns_zone_t *zone); 668 /*%< 669 * Returns the current zone key options. 670 * 671 * Require: 672 *\li 'zone' to be a valid zone. 673 */ 674 675 void 676 dns_zone_setminrefreshtime(dns_zone_t *zone, isc_uint32_t val); 677 /*%< 678 * Set the minimum refresh time. 679 * 680 * Requires: 681 *\li 'zone' is valid. 682 *\li val > 0. 683 */ 684 685 void 686 dns_zone_setmaxrefreshtime(dns_zone_t *zone, isc_uint32_t val); 687 /*%< 688 * Set the maximum refresh time. 689 * 690 * Requires: 691 *\li 'zone' is valid. 692 *\li val > 0. 693 */ 694 695 void 696 dns_zone_setminretrytime(dns_zone_t *zone, isc_uint32_t val); 697 /*%< 698 * Set the minimum retry time. 699 * 700 * Requires: 701 *\li 'zone' is valid. 702 *\li val > 0. 703 */ 704 705 void 706 dns_zone_setmaxretrytime(dns_zone_t *zone, isc_uint32_t val); 707 /*%< 708 * Set the maximum retry time. 709 * 710 * Requires: 711 *\li 'zone' is valid. 712 * val > 0. 713 */ 714 715 isc_result_t 716 dns_zone_setxfrsource4(dns_zone_t *zone, const isc_sockaddr_t *xfrsource); 717 isc_result_t 718 dns_zone_setaltxfrsource4(dns_zone_t *zone, 719 const isc_sockaddr_t *xfrsource); 720 /*%< 721 * Set the source address to be used in IPv4 zone transfers. 722 * 723 * Require: 724 *\li 'zone' to be a valid zone. 725 *\li 'xfrsource' to contain the address. 726 * 727 * Returns: 728 *\li #ISC_R_SUCCESS 729 */ 730 731 isc_sockaddr_t * 732 dns_zone_getxfrsource4(dns_zone_t *zone); 733 isc_sockaddr_t * 734 dns_zone_getaltxfrsource4(dns_zone_t *zone); 735 /*%< 736 * Returns the source address set by a previous dns_zone_setxfrsource4 737 * call, or the default of inaddr_any, port 0. 738 * 739 * Require: 740 *\li 'zone' to be a valid zone. 741 */ 742 743 isc_result_t 744 dns_zone_setxfrsource6(dns_zone_t *zone, const isc_sockaddr_t *xfrsource); 745 isc_result_t 746 dns_zone_setaltxfrsource6(dns_zone_t *zone, 747 const isc_sockaddr_t *xfrsource); 748 /*%< 749 * Set the source address to be used in IPv6 zone transfers. 750 * 751 * Require: 752 *\li 'zone' to be a valid zone. 753 *\li 'xfrsource' to contain the address. 754 * 755 * Returns: 756 *\li #ISC_R_SUCCESS 757 */ 758 759 isc_sockaddr_t * 760 dns_zone_getxfrsource6(dns_zone_t *zone); 761 isc_sockaddr_t * 762 dns_zone_getaltxfrsource6(dns_zone_t *zone); 763 /*%< 764 * Returns the source address set by a previous dns_zone_setxfrsource6 765 * call, or the default of in6addr_any, port 0. 766 * 767 * Require: 768 *\li 'zone' to be a valid zone. 769 */ 770 771 isc_result_t 772 dns_zone_setnotifysrc4(dns_zone_t *zone, const isc_sockaddr_t *notifysrc); 773 /*%< 774 * Set the source address to be used with IPv4 NOTIFY messages. 775 * 776 * Require: 777 *\li 'zone' to be a valid zone. 778 *\li 'notifysrc' to contain the address. 779 * 780 * Returns: 781 *\li #ISC_R_SUCCESS 782 */ 783 784 isc_sockaddr_t * 785 dns_zone_getnotifysrc4(dns_zone_t *zone); 786 /*%< 787 * Returns the source address set by a previous dns_zone_setnotifysrc4 788 * call, or the default of inaddr_any, port 0. 789 * 790 * Require: 791 *\li 'zone' to be a valid zone. 792 */ 793 794 isc_result_t 795 dns_zone_setnotifysrc6(dns_zone_t *zone, const isc_sockaddr_t *notifysrc); 796 /*%< 797 * Set the source address to be used with IPv6 NOTIFY messages. 798 * 799 * Require: 800 *\li 'zone' to be a valid zone. 801 *\li 'notifysrc' to contain the address. 802 * 803 * Returns: 804 *\li #ISC_R_SUCCESS 805 */ 806 807 isc_sockaddr_t * 808 dns_zone_getnotifysrc6(dns_zone_t *zone); 809 /*%< 810 * Returns the source address set by a previous dns_zone_setnotifysrc6 811 * call, or the default of in6addr_any, port 0. 812 * 813 * Require: 814 *\li 'zone' to be a valid zone. 815 */ 816 817 void 818 dns_zone_setnotifyacl(dns_zone_t *zone, dns_acl_t *acl); 819 /*%< 820 * Sets the notify acl list for the zone. 821 * 822 * Require: 823 *\li 'zone' to be a valid zone. 824 *\li 'acl' to be a valid acl. 825 */ 826 827 void 828 dns_zone_setqueryacl(dns_zone_t *zone, dns_acl_t *acl); 829 /*%< 830 * Sets the query acl list for the zone. 831 * 832 * Require: 833 *\li 'zone' to be a valid zone. 834 *\li 'acl' to be a valid acl. 835 */ 836 837 void 838 dns_zone_setqueryonacl(dns_zone_t *zone, dns_acl_t *acl); 839 /*%< 840 * Sets the query-on acl list for the zone. 841 * 842 * Require: 843 *\li 'zone' to be a valid zone. 844 *\li 'acl' to be a valid acl. 845 */ 846 847 void 848 dns_zone_setupdateacl(dns_zone_t *zone, dns_acl_t *acl); 849 /*%< 850 * Sets the update acl list for the zone. 851 * 852 * Require: 853 *\li 'zone' to be a valid zone. 854 *\li 'acl' to be valid acl. 855 */ 856 857 void 858 dns_zone_setforwardacl(dns_zone_t *zone, dns_acl_t *acl); 859 /*%< 860 * Sets the forward unsigned updates acl list for the zone. 861 * 862 * Require: 863 *\li 'zone' to be a valid zone. 864 *\li 'acl' to be valid acl. 865 */ 866 867 void 868 dns_zone_setxfracl(dns_zone_t *zone, dns_acl_t *acl); 869 /*%< 870 * Sets the transfer acl list for the zone. 871 * 872 * Require: 873 *\li 'zone' to be a valid zone. 874 *\li 'acl' to be valid acl. 875 */ 876 877 dns_acl_t * 878 dns_zone_getnotifyacl(dns_zone_t *zone); 879 /*%< 880 * Returns the current notify acl or NULL. 881 * 882 * Require: 883 *\li 'zone' to be a valid zone. 884 * 885 * Returns: 886 *\li acl a pointer to the acl. 887 *\li NULL 888 */ 889 890 dns_acl_t * 891 dns_zone_getqueryacl(dns_zone_t *zone); 892 /*%< 893 * Returns the current query acl or NULL. 894 * 895 * Require: 896 *\li 'zone' to be a valid zone. 897 * 898 * Returns: 899 *\li acl a pointer to the acl. 900 *\li NULL 901 */ 902 903 dns_acl_t * 904 dns_zone_getqueryonacl(dns_zone_t *zone); 905 /*%< 906 * Returns the current query-on acl or NULL. 907 * 908 * Require: 909 *\li 'zone' to be a valid zone. 910 * 911 * Returns: 912 *\li acl a pointer to the acl. 913 *\li NULL 914 */ 915 916 dns_acl_t * 917 dns_zone_getupdateacl(dns_zone_t *zone); 918 /*%< 919 * Returns the current update acl or NULL. 920 * 921 * Require: 922 *\li 'zone' to be a valid zone. 923 * 924 * Returns: 925 *\li acl a pointer to the acl. 926 *\li NULL 927 */ 928 929 dns_acl_t * 930 dns_zone_getforwardacl(dns_zone_t *zone); 931 /*%< 932 * Returns the current forward unsigned updates acl or NULL. 933 * 934 * Require: 935 *\li 'zone' to be a valid zone. 936 * 937 * Returns: 938 *\li acl a pointer to the acl. 939 *\li NULL 940 */ 941 942 dns_acl_t * 943 dns_zone_getxfracl(dns_zone_t *zone); 944 /*%< 945 * Returns the current transfer acl or NULL. 946 * 947 * Require: 948 *\li 'zone' to be a valid zone. 949 * 950 * Returns: 951 *\li acl a pointer to the acl. 952 *\li NULL 953 */ 954 955 void 956 dns_zone_clearupdateacl(dns_zone_t *zone); 957 /*%< 958 * Clear the current update acl. 959 * 960 * Require: 961 *\li 'zone' to be a valid zone. 962 */ 963 964 void 965 dns_zone_clearforwardacl(dns_zone_t *zone); 966 /*%< 967 * Clear the current forward unsigned updates acl. 968 * 969 * Require: 970 *\li 'zone' to be a valid zone. 971 */ 972 973 void 974 dns_zone_clearnotifyacl(dns_zone_t *zone); 975 /*%< 976 * Clear the current notify acl. 977 * 978 * Require: 979 *\li 'zone' to be a valid zone. 980 */ 981 982 void 983 dns_zone_clearqueryacl(dns_zone_t *zone); 984 /*%< 985 * Clear the current query acl. 986 * 987 * Require: 988 *\li 'zone' to be a valid zone. 989 */ 990 991 void 992 dns_zone_clearqueryonacl(dns_zone_t *zone); 993 /*%< 994 * Clear the current query-on acl. 995 * 996 * Require: 997 *\li 'zone' to be a valid zone. 998 */ 999 1000 void 1001 dns_zone_clearxfracl(dns_zone_t *zone); 1002 /*%< 1003 * Clear the current transfer acl. 1004 * 1005 * Require: 1006 *\li 'zone' to be a valid zone. 1007 */ 1008 1009 isc_boolean_t 1010 dns_zone_getupdatedisabled(dns_zone_t *zone); 1011 /*%< 1012 * Return update disabled. 1013 * Transient unless called when running in isc_task_exclusive() mode. 1014 */ 1015 1016 void 1017 dns_zone_setupdatedisabled(dns_zone_t *zone, isc_boolean_t state); 1018 /*%< 1019 * Set update disabled. 1020 * Should only be called only when running in isc_task_exclusive() mode. 1021 * Failure to do so may result in updates being committed after the 1022 * call has been made. 1023 */ 1024 1025 isc_boolean_t 1026 dns_zone_getzeronosoattl(dns_zone_t *zone); 1027 /*%< 1028 * Return zero-no-soa-ttl status. 1029 */ 1030 1031 void 1032 dns_zone_setzeronosoattl(dns_zone_t *zone, isc_boolean_t state); 1033 /*%< 1034 * Set zero-no-soa-ttl status. 1035 */ 1036 1037 void 1038 dns_zone_setchecknames(dns_zone_t *zone, dns_severity_t severity); 1039 /*%< 1040 * Set the severity of name checking when loading a zone. 1041 * 1042 * Require: 1043 * \li 'zone' to be a valid zone. 1044 */ 1045 1046 dns_severity_t 1047 dns_zone_getchecknames(dns_zone_t *zone); 1048 /*%< 1049 * Return the current severity of name checking. 1050 * 1051 * Require: 1052 *\li 'zone' to be a valid zone. 1053 */ 1054 1055 void 1056 dns_zone_setjournalsize(dns_zone_t *zone, isc_int32_t size); 1057 /*%< 1058 * Sets the journal size for the zone. 1059 * 1060 * Requires: 1061 *\li 'zone' to be a valid zone. 1062 */ 1063 1064 isc_int32_t 1065 dns_zone_getjournalsize(dns_zone_t *zone); 1066 /*%< 1067 * Return the journal size as set with a previous call to 1068 * dns_zone_setjournalsize(). 1069 * 1070 * Requires: 1071 *\li 'zone' to be a valid zone. 1072 */ 1073 1074 isc_result_t 1075 dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from, 1076 dns_message_t *msg); 1077 /*%< 1078 * Tell the zone that it has received a NOTIFY message from another 1079 * server. This may cause some zone maintenance activity to occur. 1080 * 1081 * Requires: 1082 *\li 'zone' to be a valid zone. 1083 *\li '*from' to contain the address of the server from which 'msg' 1084 * was received. 1085 *\li 'msg' a message with opcode NOTIFY and qr clear. 1086 * 1087 * Returns: 1088 *\li DNS_R_REFUSED 1089 *\li DNS_R_NOTIMP 1090 *\li DNS_R_FORMERR 1091 *\li DNS_R_SUCCESS 1092 */ 1093 1094 void 1095 dns_zone_setmaxxfrin(dns_zone_t *zone, isc_uint32_t maxxfrin); 1096 /*%< 1097 * Set the maximum time (in seconds) that a zone transfer in (AXFR/IXFR) 1098 * of this zone will use before being aborted. 1099 * 1100 * Requires: 1101 * \li 'zone' to be valid initialised zone. 1102 */ 1103 1104 isc_uint32_t 1105 dns_zone_getmaxxfrin(dns_zone_t *zone); 1106 /*%< 1107 * Returns the maximum transfer time for this zone. This will be 1108 * either the value set by the last call to dns_zone_setmaxxfrin() or 1109 * the default value of 1 hour. 1110 * 1111 * Requires: 1112 *\li 'zone' to be valid initialised zone. 1113 */ 1114 1115 void 1116 dns_zone_setmaxxfrout(dns_zone_t *zone, isc_uint32_t maxxfrout); 1117 /*%< 1118 * Set the maximum time (in seconds) that a zone transfer out (AXFR/IXFR) 1119 * of this zone will use before being aborted. 1120 * 1121 * Requires: 1122 * \li 'zone' to be valid initialised zone. 1123 */ 1124 1125 isc_uint32_t 1126 dns_zone_getmaxxfrout(dns_zone_t *zone); 1127 /*%< 1128 * Returns the maximum transfer time for this zone. This will be 1129 * either the value set by the last call to dns_zone_setmaxxfrout() or 1130 * the default value of 1 hour. 1131 * 1132 * Requires: 1133 *\li 'zone' to be valid initialised zone. 1134 */ 1135 1136 isc_result_t 1137 dns_zone_setjournal(dns_zone_t *zone, const char *journal); 1138 /*%< 1139 * Sets the filename used for journaling updates / IXFR transfers. 1140 * The default journal name is set by dns_zone_setfile() to be 1141 * "file.jnl". If 'journal' is NULL, the zone will have no 1142 * journal name. 1143 * 1144 * Requires: 1145 *\li 'zone' to be a valid zone. 1146 * 1147 * Returns: 1148 *\li #ISC_R_SUCCESS 1149 *\li #ISC_R_NOMEMORY 1150 */ 1151 1152 char * 1153 dns_zone_getjournal(dns_zone_t *zone); 1154 /*%< 1155 * Returns the journal name associated with this zone. 1156 * If no journal has been set this will be NULL. 1157 * 1158 * Requires: 1159 *\li 'zone' to be valid initialised zone. 1160 */ 1161 1162 dns_zonetype_t 1163 dns_zone_gettype(dns_zone_t *zone); 1164 /*%< 1165 * Returns the type of the zone (master/slave/etc.) 1166 * 1167 * Requires: 1168 *\li 'zone' to be valid initialised zone. 1169 */ 1170 1171 void 1172 dns_zone_settask(dns_zone_t *zone, isc_task_t *task); 1173 /*%< 1174 * Give a zone a task to work with. Any current task will be detached. 1175 * 1176 * Requires: 1177 *\li 'zone' to be valid. 1178 *\li 'task' to be valid. 1179 */ 1180 1181 void 1182 dns_zone_gettask(dns_zone_t *zone, isc_task_t **target); 1183 /*%< 1184 * Attach '*target' to the zone's task. 1185 * 1186 * Requires: 1187 *\li 'zone' to be valid initialised zone. 1188 *\li 'zone' to have a task. 1189 *\li 'target' to be != NULL && '*target' == NULL. 1190 */ 1191 1192 void 1193 dns_zone_notify(dns_zone_t *zone); 1194 /*%< 1195 * Generate notify events for this zone. 1196 * 1197 * Requires: 1198 *\li 'zone' to be a valid zone. 1199 */ 1200 1201 isc_result_t 1202 dns_zone_replacedb(dns_zone_t *zone, dns_db_t *db, isc_boolean_t dump); 1203 /*%< 1204 * Replace the database of "zone" with a new database "db". 1205 * 1206 * If "dump" is ISC_TRUE, then the new zone contents are dumped 1207 * into to the zone's master file for persistence. When replacing 1208 * a zone database by one just loaded from a master file, set 1209 * "dump" to ISC_FALSE to avoid a redundant redump of the data just 1210 * loaded. Otherwise, it should be set to ISC_TRUE. 1211 * 1212 * If the "diff-on-reload" option is enabled in the configuration file, 1213 * the differences between the old and the new database are added to the 1214 * journal file, and the master file dump is postponed. 1215 * 1216 * Requires: 1217 * \li 'zone' to be a valid zone. 1218 * 1219 * Returns: 1220 * \li DNS_R_SUCCESS 1221 * \li DNS_R_BADZONE zone failed basic consistency checks: 1222 * * a single SOA must exist 1223 * * some NS records must exist. 1224 * Others 1225 */ 1226 1227 isc_uint32_t 1228 dns_zone_getidlein(dns_zone_t *zone); 1229 /*%< 1230 * Requires: 1231 * \li 'zone' to be a valid zone. 1232 * 1233 * Returns: 1234 * \li number of seconds of idle time before we abort the transfer in. 1235 */ 1236 1237 void 1238 dns_zone_setidlein(dns_zone_t *zone, isc_uint32_t idlein); 1239 /*%< 1240 * \li Set the idle timeout for transfer the. 1241 * \li Zero set the default value, 1 hour. 1242 * 1243 * Requires: 1244 * \li 'zone' to be a valid zone. 1245 */ 1246 1247 isc_uint32_t 1248 dns_zone_getidleout(dns_zone_t *zone); 1249 /*%< 1250 * 1251 * Requires: 1252 * \li 'zone' to be a valid zone. 1253 * 1254 * Returns: 1255 * \li number of seconds of idle time before we abort a transfer out. 1256 */ 1257 1258 void 1259 dns_zone_setidleout(dns_zone_t *zone, isc_uint32_t idleout); 1260 /*%< 1261 * \li Set the idle timeout for transfers out. 1262 * \li Zero set the default value, 1 hour. 1263 * 1264 * Requires: 1265 * \li 'zone' to be a valid zone. 1266 */ 1267 1268 void 1269 dns_zone_getssutable(dns_zone_t *zone, dns_ssutable_t **table); 1270 /*%< 1271 * Get the simple-secure-update policy table. 1272 * 1273 * Requires: 1274 * \li 'zone' to be a valid zone. 1275 */ 1276 1277 void 1278 dns_zone_setssutable(dns_zone_t *zone, dns_ssutable_t *table); 1279 /*%< 1280 * Set / clear the simple-secure-update policy table. 1281 * 1282 * Requires: 1283 * \li 'zone' to be a valid zone. 1284 */ 1285 1286 isc_mem_t * 1287 dns_zone_getmctx(dns_zone_t *zone); 1288 /*%< 1289 * Get the memory context of a zone. 1290 * 1291 * Requires: 1292 * \li 'zone' to be a valid zone. 1293 */ 1294 1295 dns_zonemgr_t * 1296 dns_zone_getmgr(dns_zone_t *zone); 1297 /*%< 1298 * If 'zone' is managed return the zone manager otherwise NULL. 1299 * 1300 * Requires: 1301 * \li 'zone' to be a valid zone. 1302 */ 1303 1304 void 1305 dns_zone_setsigvalidityinterval(dns_zone_t *zone, isc_uint32_t interval); 1306 /*%< 1307 * Set the zone's RRSIG validity interval. This is the length of time 1308 * for which DNSSEC signatures created as a result of dynamic updates 1309 * to secure zones will remain valid, in seconds. 1310 * 1311 * Requires: 1312 * \li 'zone' to be a valid zone. 1313 */ 1314 1315 isc_uint32_t 1316 dns_zone_getsigvalidityinterval(dns_zone_t *zone); 1317 /*%< 1318 * Get the zone's RRSIG validity interval. 1319 * 1320 * Requires: 1321 * \li 'zone' to be a valid zone. 1322 */ 1323 1324 void 1325 dns_zone_setsigresigninginterval(dns_zone_t *zone, isc_uint32_t interval); 1326 /*%< 1327 * Set the zone's RRSIG re-signing interval. A dynamic zone's RRSIG's 1328 * will be re-signed 'interval' amount of time before they expire. 1329 * 1330 * Requires: 1331 * \li 'zone' to be a valid zone. 1332 */ 1333 1334 isc_uint32_t 1335 dns_zone_getsigresigninginterval(dns_zone_t *zone); 1336 /*%< 1337 * Get the zone's RRSIG re-signing interval. 1338 * 1339 * Requires: 1340 * \li 'zone' to be a valid zone. 1341 */ 1342 1343 void 1344 dns_zone_setnotifytype(dns_zone_t *zone, dns_notifytype_t notifytype); 1345 /*%< 1346 * Sets zone notify method to "notifytype" 1347 */ 1348 1349 isc_result_t 1350 dns_zone_forwardupdate(dns_zone_t *zone, dns_message_t *msg, 1351 dns_updatecallback_t callback, void *callback_arg); 1352 /*%< 1353 * Forward 'msg' to each master in turn until we get an answer or we 1354 * have exhausted the list of masters. 'callback' will be called with 1355 * ISC_R_SUCCESS if we get an answer and the returned message will be 1356 * passed as 'answer_message', otherwise a non ISC_R_SUCCESS result code 1357 * will be passed and answer_message will be NULL. The callback function 1358 * is responsible for destroying 'answer_message'. 1359 * (callback)(callback_arg, result, answer_message); 1360 * 1361 * Require: 1362 *\li 'zone' to be valid 1363 *\li 'msg' to be valid. 1364 *\li 'callback' to be non NULL. 1365 * Returns: 1366 *\li #ISC_R_SUCCESS if the message has been forwarded, 1367 *\li #ISC_R_NOMEMORY 1368 *\li Others 1369 */ 1370 1371 isc_result_t 1372 dns_zone_next(dns_zone_t *zone, dns_zone_t **next); 1373 /*%< 1374 * Find the next zone in the list of managed zones. 1375 * 1376 * Requires: 1377 *\li 'zone' to be valid 1378 *\li The zone manager for the indicated zone MUST be locked 1379 * by the caller. This is not checked. 1380 *\li 'next' be non-NULL, and '*next' be NULL. 1381 * 1382 * Ensures: 1383 *\li 'next' points to a valid zone (result ISC_R_SUCCESS) or to NULL 1384 * (result ISC_R_NOMORE). 1385 */ 1386 1387 1388 1389 isc_result_t 1390 dns_zone_first(dns_zonemgr_t *zmgr, dns_zone_t **first); 1391 /*%< 1392 * Find the first zone in the list of managed zones. 1393 * 1394 * Requires: 1395 *\li 'zonemgr' to be valid 1396 *\li The zone manager for the indicated zone MUST be locked 1397 * by the caller. This is not checked. 1398 *\li 'first' be non-NULL, and '*first' be NULL 1399 * 1400 * Ensures: 1401 *\li 'first' points to a valid zone (result ISC_R_SUCCESS) or to NULL 1402 * (result ISC_R_NOMORE). 1403 */ 1404 1405 isc_result_t 1406 dns_zone_setkeydirectory(dns_zone_t *zone, const char *directory); 1407 /*%< 1408 * Sets the name of the directory where private keys used for 1409 * online signing of dynamic zones are found. 1410 * 1411 * Require: 1412 *\li 'zone' to be a valid zone. 1413 * 1414 * Returns: 1415 *\li #ISC_R_NOMEMORY 1416 *\li #ISC_R_SUCCESS 1417 */ 1418 1419 const char * 1420 dns_zone_getkeydirectory(dns_zone_t *zone); 1421 /*%< 1422 * Gets the name of the directory where private keys used for 1423 * online signing of dynamic zones are found. 1424 * 1425 * Requires: 1426 *\li 'zone' to be valid initialised zone. 1427 * 1428 * Returns: 1429 * Pointer to null-terminated file name, or NULL. 1430 */ 1431 1432 1433 isc_result_t 1434 dns_zonemgr_create(isc_mem_t *mctx, isc_taskmgr_t *taskmgr, 1435 isc_timermgr_t *timermgr, isc_socketmgr_t *socketmgr, 1436 dns_zonemgr_t **zmgrp); 1437 /*%< 1438 * Create a zone manager. Note: the zone manager will not be able to 1439 * manage any zones until dns_zonemgr_setsize() has been run. 1440 * 1441 * Requires: 1442 *\li 'mctx' to be a valid memory context. 1443 *\li 'taskmgr' to be a valid task manager. 1444 *\li 'timermgr' to be a valid timer manager. 1445 *\li 'zmgrp' to point to a NULL pointer. 1446 */ 1447 1448 isc_result_t 1449 dns_zonemgr_setsize(dns_zonemgr_t *zmgr, int num_zones); 1450 /*%< 1451 * Set the size of the zone manager task pool. This must be run 1452 * before zmgr can be used for managing zones. Currently, it can only 1453 * be run once; the task pool cannot be resized. 1454 * 1455 * Requires: 1456 *\li zmgr is a valid zone manager. 1457 *\li zmgr->zonetasks has been initialized. 1458 */ 1459 1460 isc_result_t 1461 dns_zonemgr_createzone(dns_zonemgr_t *zmgr, dns_zone_t **zonep); 1462 /*%< 1463 * Allocate a new zone using a memory context from the 1464 * zone manager's memory context pool. 1465 * 1466 * Require: 1467 *\li 'zmgr' to be a valid zone manager. 1468 *\li 'zonep' != NULL and '*zonep' == NULL. 1469 */ 1470 1471 1472 isc_result_t 1473 dns_zonemgr_managezone(dns_zonemgr_t *zmgr, dns_zone_t *zone); 1474 /*%< 1475 * Bring the zone under control of a zone manager. 1476 * 1477 * Require: 1478 *\li 'zmgr' to be a valid zone manager. 1479 *\li 'zone' to be a valid zone. 1480 */ 1481 1482 isc_result_t 1483 dns_zonemgr_forcemaint(dns_zonemgr_t *zmgr); 1484 /*%< 1485 * Force zone maintenance of all zones managed by 'zmgr' at its 1486 * earliest convenience. 1487 */ 1488 1489 void 1490 dns__zonemgr_run(isc_task_t *task, isc_event_t *event); 1491 /*%< 1492 * Event handler to call dns_zonemgr_forcemaint(); used to start 1493 * zone operations from a unit test. Not intended for use outside 1494 * libdns or related tests. 1495 */ 1496 1497 void 1498 dns_zonemgr_resumexfrs(dns_zonemgr_t *zmgr); 1499 /*%< 1500 * Attempt to start any stalled zone transfers. 1501 */ 1502 1503 void 1504 dns_zonemgr_shutdown(dns_zonemgr_t *zmgr); 1505 /*%< 1506 * Shut down the zone manager. 1507 * 1508 * Requires: 1509 *\li 'zmgr' to be a valid zone manager. 1510 */ 1511 1512 void 1513 dns_zonemgr_attach(dns_zonemgr_t *source, dns_zonemgr_t **target); 1514 /*%< 1515 * Attach '*target' to 'source' incrementing its external 1516 * reference count. 1517 * 1518 * Require: 1519 *\li 'zone' to be a valid zone. 1520 *\li 'target' to be non NULL and '*target' to be NULL. 1521 */ 1522 1523 void 1524 dns_zonemgr_detach(dns_zonemgr_t **zmgrp); 1525 /*%< 1526 * Detach from a zone manager. 1527 * 1528 * Requires: 1529 *\li '*zmgrp' is a valid, non-NULL zone manager pointer. 1530 * 1531 * Ensures: 1532 *\li '*zmgrp' is NULL. 1533 */ 1534 1535 void 1536 dns_zonemgr_releasezone(dns_zonemgr_t *zmgr, dns_zone_t *zone); 1537 /*%< 1538 * Release 'zone' from the managed by 'zmgr'. 'zmgr' is implicitly 1539 * detached from 'zone'. 1540 * 1541 * Requires: 1542 *\li 'zmgr' to be a valid zone manager. 1543 *\li 'zone' to be a valid zone. 1544 *\li 'zmgr' == 'zone->zmgr' 1545 * 1546 * Ensures: 1547 *\li 'zone->zmgr' == NULL; 1548 */ 1549 1550 void 1551 dns_zonemgr_settransfersin(dns_zonemgr_t *zmgr, isc_uint32_t value); 1552 /*%< 1553 * Set the maximum number of simultaneous transfers in allowed by 1554 * the zone manager. 1555 * 1556 * Requires: 1557 *\li 'zmgr' to be a valid zone manager. 1558 */ 1559 1560 isc_uint32_t 1561 dns_zonemgr_getttransfersin(dns_zonemgr_t *zmgr); 1562 /*%< 1563 * Return the maximum number of simultaneous transfers in allowed. 1564 * 1565 * Requires: 1566 *\li 'zmgr' to be a valid zone manager. 1567 */ 1568 1569 void 1570 dns_zonemgr_settransfersperns(dns_zonemgr_t *zmgr, isc_uint32_t value); 1571 /*%< 1572 * Set the number of zone transfers allowed per nameserver. 1573 * 1574 * Requires: 1575 *\li 'zmgr' to be a valid zone manager 1576 */ 1577 1578 isc_uint32_t 1579 dns_zonemgr_getttransfersperns(dns_zonemgr_t *zmgr); 1580 /*%< 1581 * Return the number of transfers allowed per nameserver. 1582 * 1583 * Requires: 1584 *\li 'zmgr' to be a valid zone manager. 1585 */ 1586 1587 void 1588 dns_zonemgr_setiolimit(dns_zonemgr_t *zmgr, isc_uint32_t iolimit); 1589 /*%< 1590 * Set the number of simultaneous file descriptors available for 1591 * reading and writing masterfiles. 1592 * 1593 * Requires: 1594 *\li 'zmgr' to be a valid zone manager. 1595 *\li 'iolimit' to be positive. 1596 */ 1597 1598 isc_uint32_t 1599 dns_zonemgr_getiolimit(dns_zonemgr_t *zmgr); 1600 /*%< 1601 * Get the number of simultaneous file descriptors available for 1602 * reading and writing masterfiles. 1603 * 1604 * Requires: 1605 *\li 'zmgr' to be a valid zone manager. 1606 */ 1607 1608 void 1609 dns_zonemgr_setserialqueryrate(dns_zonemgr_t *zmgr, unsigned int value); 1610 /*%< 1611 * Set the number of SOA queries sent per second. 1612 * 1613 * Requires: 1614 *\li 'zmgr' to be a valid zone manager 1615 */ 1616 1617 unsigned int 1618 dns_zonemgr_getserialqueryrate(dns_zonemgr_t *zmgr); 1619 /*%< 1620 * Return the number of SOA queries sent per second. 1621 * 1622 * Requires: 1623 *\li 'zmgr' to be a valid zone manager. 1624 */ 1625 1626 unsigned int 1627 dns_zonemgr_getcount(dns_zonemgr_t *zmgr, int state); 1628 /*%< 1629 * Returns the number of zones in the specified state. 1630 * 1631 * Requires: 1632 *\li 'zmgr' to be a valid zone manager. 1633 *\li 'state' to be a valid DNS_ZONESTATE_ constant. 1634 */ 1635 1636 void 1637 dns_zonemgr_unreachableadd(dns_zonemgr_t *zmgr, isc_sockaddr_t *remote, 1638 isc_sockaddr_t *local, isc_time_t *now); 1639 /*%< 1640 * Add the pair of addresses to the unreachable cache. 1641 * 1642 * Requires: 1643 *\li 'zmgr' to be a valid zone manager. 1644 *\li 'remote' to be a valid sockaddr. 1645 *\li 'local' to be a valid sockaddr. 1646 */ 1647 1648 isc_boolean_t 1649 dns_zonemgr_unreachable(dns_zonemgr_t *zmgr, isc_sockaddr_t *remote, 1650 isc_sockaddr_t *local, isc_time_t *now); 1651 /*%< 1652 * Returns ISC_TRUE if the given local/remote address pair 1653 * is found in the zone maanger's unreachable cache. 1654 * 1655 * Requires: 1656 *\li 'zmgr' to be a valid zone manager. 1657 *\li 'remote' to be a valid sockaddr. 1658 *\li 'local' to be a valid sockaddr. 1659 *\li 'now' != NULL 1660 */ 1661 1662 void 1663 dns_zonemgr_unreachabledel(dns_zonemgr_t *zmgr, isc_sockaddr_t *remote, 1664 isc_sockaddr_t *local); 1665 /*%< 1666 * Remove the pair of addresses from the unreachable cache. 1667 * 1668 * Requires: 1669 *\li 'zmgr' to be a valid zone manager. 1670 *\li 'remote' to be a valid sockaddr. 1671 *\li 'local' to be a valid sockaddr. 1672 */ 1673 1674 void 1675 dns_zone_forcereload(dns_zone_t *zone); 1676 /*%< 1677 * Force a reload of specified zone. 1678 * 1679 * Requires: 1680 *\li 'zone' to be a valid zone. 1681 */ 1682 1683 isc_boolean_t 1684 dns_zone_isforced(dns_zone_t *zone); 1685 /*%< 1686 * Check if the zone is waiting a forced reload. 1687 * 1688 * Requires: 1689 * \li 'zone' to be a valid zone. 1690 */ 1691 1692 isc_result_t 1693 dns_zone_setstatistics(dns_zone_t *zone, isc_boolean_t on); 1694 /*%< 1695 * This function is obsoleted by dns_zone_setrequeststats(). 1696 */ 1697 1698 isc_uint64_t * 1699 dns_zone_getstatscounters(dns_zone_t *zone); 1700 /*%< 1701 * This function is obsoleted by dns_zone_getrequeststats(). 1702 */ 1703 1704 void 1705 dns_zone_setstats(dns_zone_t *zone, isc_stats_t *stats); 1706 /*%< 1707 * Set a general zone-maintenance statistics set 'stats' for 'zone'. This 1708 * function is expected to be called only on zone creation (when necessary). 1709 * Once installed, it cannot be removed or replaced. Also, there is no 1710 * interface to get the installed stats from the zone; the caller must keep the 1711 * stats to reference (e.g. dump) it later. 1712 * 1713 * Requires: 1714 * \li 'zone' to be a valid zone and does not have a statistics set already 1715 * installed. 1716 * 1717 *\li stats is a valid statistics supporting zone statistics counters 1718 * (see dns/stats.h). 1719 */ 1720 1721 void 1722 dns_zone_setrequeststats(dns_zone_t *zone, isc_stats_t *stats); 1723 1724 void 1725 dns_zone_setrcvquerystats(dns_zone_t *zone, dns_stats_t *stats); 1726 /*%< 1727 * Set additional statistics sets to zone. These are attached to the zone 1728 * but are not counted in the zone module; only the caller updates the 1729 * counters. 1730 * 1731 * Requires: 1732 * \li 'zone' to be a valid zone. 1733 * 1734 *\li stats is a valid statistics. 1735 */ 1736 1737 #ifdef NEWSTATS 1738 void 1739 dns_zone_setrcvquerystats(dns_zone_t *zone, dns_stats_t *stats); 1740 #endif 1741 1742 isc_stats_t * 1743 dns_zone_getrequeststats(dns_zone_t *zone); 1744 1745 #ifdef NEWSTATS 1746 dns_stats_t * 1747 dns_zone_getrcvquerystats(dns_zone_t *zone); 1748 #endif 1749 1750 /*%< 1751 * Get the additional statistics for zone, if one is installed. 1752 * 1753 * Requires: 1754 * \li 'zone' to be a valid zone. 1755 * 1756 * Returns: 1757 * \li when available, a pointer to the statistics set installed in zone; 1758 * otherwise NULL. 1759 */ 1760 1761 void 1762 dns_zone_dialup(dns_zone_t *zone); 1763 /*%< 1764 * Perform dialup-time maintenance on 'zone'. 1765 */ 1766 1767 void 1768 dns_zone_setdialup(dns_zone_t *zone, dns_dialuptype_t dialup); 1769 /*%< 1770 * Set the dialup type of 'zone' to 'dialup'. 1771 * 1772 * Requires: 1773 * \li 'zone' to be valid initialised zone. 1774 *\li 'dialup' to be a valid dialup type. 1775 */ 1776 1777 void 1778 dns_zone_log(dns_zone_t *zone, int level, const char *msg, ...) 1779 ISC_FORMAT_PRINTF(3, 4); 1780 /*%< 1781 * Log the message 'msg...' at 'level', including text that identifies 1782 * the message as applying to 'zone'. 1783 */ 1784 1785 void 1786 dns_zone_logc(dns_zone_t *zone, isc_logcategory_t *category, int level, 1787 const char *msg, ...) ISC_FORMAT_PRINTF(4, 5); 1788 /*%< 1789 * Log the message 'msg...' at 'level', including text that identifies 1790 * the message as applying to 'zone'. 1791 */ 1792 1793 void 1794 dns_zone_name(dns_zone_t *zone, char *buf, size_t len); 1795 /*%< 1796 * Return the name of the zone with class and view. 1797 * 1798 * Requires: 1799 *\li 'zone' to be valid. 1800 *\li 'buf' to be non NULL. 1801 */ 1802 1803 void 1804 dns_zone_nameonly(dns_zone_t *zone, char *buf, size_t len); 1805 /*%< 1806 * Return the name of the zone only. 1807 * 1808 * Requires: 1809 *\li 'zone' to be valid. 1810 *\li 'buf' to be non NULL. 1811 */ 1812 1813 isc_result_t 1814 dns_zone_checknames(dns_zone_t *zone, dns_name_t *name, dns_rdata_t *rdata); 1815 /*%< 1816 * Check if this record meets the check-names policy. 1817 * 1818 * Requires: 1819 * 'zone' to be valid. 1820 * 'name' to be valid. 1821 * 'rdata' to be valid. 1822 * 1823 * Returns: 1824 * DNS_R_SUCCESS passed checks. 1825 * DNS_R_BADOWNERNAME failed ownername checks. 1826 * DNS_R_BADNAME failed rdata checks. 1827 */ 1828 1829 void 1830 dns_zone_setacache(dns_zone_t *zone, dns_acache_t *acache); 1831 /*%< 1832 * Associate the zone with an additional cache. 1833 * 1834 * Require: 1835 * 'zone' to be a valid zone. 1836 * 'acache' to be a non NULL pointer. 1837 * 1838 * Ensures: 1839 * 'zone' will have a reference to 'acache' 1840 */ 1841 1842 void 1843 dns_zone_setcheckmx(dns_zone_t *zone, dns_checkmxfunc_t checkmx); 1844 /*%< 1845 * Set the post load integrity callback function 'checkmx'. 1846 * 'checkmx' will be called if the MX TARGET is not within the zone. 1847 * 1848 * Require: 1849 * 'zone' to be a valid zone. 1850 */ 1851 1852 void 1853 dns_zone_setchecksrv(dns_zone_t *zone, dns_checkmxfunc_t checksrv); 1854 /*%< 1855 * Set the post load integrity callback function 'checksrv'. 1856 * 'checksrv' will be called if the SRV TARGET is not within the zone. 1857 * 1858 * Require: 1859 * 'zone' to be a valid zone. 1860 */ 1861 1862 void 1863 dns_zone_setcheckns(dns_zone_t *zone, dns_checknsfunc_t checkns); 1864 /*%< 1865 * Set the post load integrity callback function 'checkns'. 1866 * 'checkns' will be called if the NS TARGET is not within the zone. 1867 * 1868 * Require: 1869 * 'zone' to be a valid zone. 1870 */ 1871 1872 void 1873 dns_zone_setnotifydelay(dns_zone_t *zone, isc_uint32_t delay); 1874 /*%< 1875 * Set the minimum delay between sets of notify messages. 1876 * 1877 * Requires: 1878 * 'zone' to be valid. 1879 */ 1880 1881 isc_uint32_t 1882 dns_zone_getnotifydelay(dns_zone_t *zone); 1883 /*%< 1884 * Get the minimum delay between sets of notify messages. 1885 * 1886 * Requires: 1887 * 'zone' to be valid. 1888 */ 1889 1890 void 1891 dns_zone_setisself(dns_zone_t *zone, dns_isselffunc_t isself, void *arg); 1892 /*%< 1893 * Set the isself callback function and argument. 1894 * 1895 * isc_boolean_t 1896 * isself(dns_view_t *myview, dns_tsigkey_t *mykey, isc_netaddr_t *srcaddr, 1897 * isc_netaddr_t *destaddr, dns_rdataclass_t rdclass, void *arg); 1898 * 1899 * 'isself' returns ISC_TRUE if a non-recursive query from 'srcaddr' to 1900 * 'destaddr' with optional key 'mykey' for class 'rdclass' would be 1901 * delivered to 'myview'. 1902 */ 1903 1904 void 1905 dns_zone_setnodes(dns_zone_t *zone, isc_uint32_t nodes); 1906 /*%< 1907 * Set the number of nodes that will be checked per quantum. 1908 */ 1909 1910 void 1911 dns_zone_setsignatures(dns_zone_t *zone, isc_uint32_t signatures); 1912 /*%< 1913 * Set the number of signatures that will be generated per quantum. 1914 */ 1915 1916 isc_uint32_t 1917 dns_zone_getsignatures(dns_zone_t *zone); 1918 /*%< 1919 * Get the number of signatures that will be generated per quantum. 1920 */ 1921 1922 isc_result_t 1923 dns_zone_signwithkey(dns_zone_t *zone, dns_secalg_t algorithm, 1924 isc_uint16_t keyid, isc_boolean_t deleteit); 1925 /*%< 1926 * Initiate/resume signing of the entire zone with the zone DNSKEY(s) 1927 * that match the given algorithm and keyid. 1928 */ 1929 1930 isc_result_t 1931 dns_zone_addnsec3chain(dns_zone_t *zone, dns_rdata_nsec3param_t *nsec3param); 1932 /*%< 1933 * Incrementally add a NSEC3 chain that corresponds to 'nsec3param'. 1934 */ 1935 1936 void 1937 dns_zone_setprivatetype(dns_zone_t *zone, dns_rdatatype_t type); 1938 dns_rdatatype_t 1939 dns_zone_getprivatetype(dns_zone_t *zone); 1940 /* 1941 * Get/Set the private record type. It is expected that these interfaces 1942 * will not be permanent. 1943 */ 1944 1945 void 1946 dns_zone_rekey(dns_zone_t *zone, isc_boolean_t fullsign); 1947 /*%< 1948 * Update the zone's DNSKEY set from the key repository. 1949 * 1950 * If 'fullsign' is true, trigger an immediate full signing of 1951 * the zone with the new key. Otherwise, if there are no keys or 1952 * if the new keys are for algorithms that have already signed the 1953 * zone, then the zone can be re-signed incrementally. 1954 */ 1955 1956 isc_result_t 1957 dns_zone_nscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version, 1958 unsigned int *errors); 1959 /*% 1960 * Check if the name servers for the zone are sane (have address, don't 1961 * refer to CNAMEs/DNAMEs. The number of constiancy errors detected in 1962 * returned in '*errors' 1963 * 1964 * Requires: 1965 * \li 'zone' to be valid. 1966 * \li 'db' to be valid. 1967 * \li 'version' to be valid or NULL. 1968 * \li 'errors' to be non NULL. 1969 * 1970 * Returns: 1971 * ISC_R_SUCCESS if there were no errors examining the zone contents. 1972 */ 1973 1974 isc_result_t 1975 dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version); 1976 /*% 1977 * Check if CSD, CDNSKEY and DNSKEY are consistent. 1978 * 1979 * Requires: 1980 * \li 'zone' to be valid. 1981 * \li 'db' to be valid. 1982 * \li 'version' to be valid or NULL. 1983 * 1984 * Returns: 1985 *\li #ISC_R_SUCCESS 1986 *\li #DNS_R_BADCDS 1987 *\li #DNS_R_BADCDNSKEY 1988 * Others 1989 */ 1990 1991 void 1992 dns_zone_setadded(dns_zone_t *zone, isc_boolean_t added); 1993 /*% 1994 * Sets the value of zone->added, which should be ISC_TRUE for 1995 * zones that were originally added by "rndc addzone". 1996 * 1997 * Requires: 1998 * \li 'zone' to be valid. 1999 */ 2000 2001 isc_boolean_t 2002 dns_zone_getadded(dns_zone_t *zone); 2003 /*% 2004 * Returns ISC_TRUE if the zone was originally added at runtime 2005 * using "rndc addzone". 2006 * 2007 * Requires: 2008 * \li 'zone' to be valid. 2009 */ 2010 2011 isc_result_t 2012 dns_zone_dlzpostload(dns_zone_t *zone, dns_db_t *db); 2013 /*% 2014 * Load the origin names for a writeable DLZ database. 2015 */ 2016 2017 isc_boolean_t 2018 dns_zone_isdynamic(dns_zone_t *zone, isc_boolean_t ignore_freeze); 2019 /*% 2020 * Return true iff the zone is "dynamic", in the sense that the zone's 2021 * master file (if any) is written by the server, rather than being 2022 * updated manually and read by the server. 2023 * 2024 * This is true for slave zones, stub zones, key zones, and zones that 2025 * allow dynamic updates either by having an update policy ("ssutable") 2026 * or an "allow-update" ACL with a value other than exactly "{ none; }". 2027 * 2028 * If 'ignore_freeze' is true, then the zone which has had updates disabled 2029 * will still report itself to be dynamic. 2030 * 2031 * Requires: 2032 * \li 'zone' to be valid. 2033 */ 2034 2035 isc_result_t 2036 dns_zone_setrefreshkeyinterval(dns_zone_t *zone, isc_uint32_t interval); 2037 /*% 2038 * Sets the frequency, in minutes, with which the key repository will be 2039 * checked to see if the keys for this zone have been updated. Any value 2040 * higher than 1440 minutes (24 hours) will be silently reduced. A 2041 * value of zero will return an out-of-range error. 2042 * 2043 * Requires: 2044 * \li 'zone' to be valid. 2045 */ 2046 2047 isc_boolean_t 2048 dns_zone_getrequestixfr(dns_zone_t *zone); 2049 /*% 2050 * Returns the true/false value of the request-ixfr option in the zone. 2051 * 2052 * Requires: 2053 * \li 'zone' to be valid. 2054 */ 2055 2056 void 2057 dns_zone_setrequestixfr(dns_zone_t *zone, isc_boolean_t flag); 2058 /*% 2059 * Sets the request-ixfr option for the zone. Either true or false. The 2060 * default value is determined by the setting of this option in the view. 2061 * 2062 * Requires: 2063 * \li 'zone' to be valid. 2064 */ 2065 2066 void 2067 dns_zone_setserialupdatemethod(dns_zone_t *zone, dns_updatemethod_t method); 2068 /*% 2069 * Sets the update method to use when incrementing the zone serial number 2070 * due to a DDNS update. Valid options are dns_updatemethod_increment 2071 * and dns_updatemethod_unixtime. 2072 * 2073 * Requires: 2074 * \li 'zone' to be valid. 2075 */ 2076 2077 dns_updatemethod_t 2078 dns_zone_getserialupdatemethod(dns_zone_t *zone); 2079 /*% 2080 * Returns the update method to be used when incrementing the zone serial 2081 * number due to a DDNS update. 2082 * 2083 * Requires: 2084 * \li 'zone' to be valid. 2085 */ 2086 2087 isc_result_t 2088 dns_zone_link(dns_zone_t *zone, dns_zone_t *raw); 2089 2090 void 2091 dns_zone_getraw(dns_zone_t *zone, dns_zone_t **raw); 2092 2093 isc_result_t 2094 dns_zone_keydone(dns_zone_t *zone, const char *data); 2095 2096 isc_result_t 2097 dns_zone_setnsec3param(dns_zone_t *zone, isc_uint8_t hash, isc_uint8_t flags, 2098 isc_uint16_t iter, isc_uint8_t saltlen, 2099 unsigned char *salt, isc_boolean_t replace); 2100 /*% 2101 * Set the NSEC3 parameters for the zone. 2102 * 2103 * If 'replace' is ISC_TRUE, then the existing NSEC3 chain, if any, will 2104 * be replaced with the new one. If 'hash' is zero, then the replacement 2105 * chain will be NSEC rather than NSEC3. 2106 * 2107 * Requires: 2108 * \li 'zone' to be valid. 2109 */ 2110 2111 void 2112 dns_zone_setrawdata(dns_zone_t *zone, dns_masterrawheader_t *header); 2113 /*% 2114 * Set the data to be included in the header when the zone is dumped in 2115 * binary format. 2116 */ 2117 2118 isc_result_t 2119 dns_zone_synckeyzone(dns_zone_t *zone); 2120 /*% 2121 * Force the managed key zone to synchronize, and start the key 2122 * maintenance timer. 2123 */ 2124 2125 isc_result_t 2126 dns_zone_rpz_enable(dns_zone_t *zone); 2127 /*% 2128 * Set the response policy associated with a zone. 2129 */ 2130 2131 isc_result_t 2132 dns_zone_rpz_enable_db(dns_zone_t *zone, dns_db_t *db); 2133 /*% 2134 * If a zone is a response policy zone, mark its new database. 2135 */ 2136 2137 isc_boolean_t 2138 dns_zone_get_rpz(dns_zone_t *zone); 2139 2140 void 2141 dns_zone_setstatlevel(dns_zone_t *zone, dns_zonestat_level_t level); 2142 2143 dns_zonestat_level_t 2144 dns_zone_getstatlevel(dns_zone_t *zone); 2145 /*% 2146 * Set and get the statistics reporting level for the zone; 2147 * full, terse, or none. 2148 */ 2149 2150 ISC_LANG_ENDDECLS 2151 2152 #endif /* DNS_ZONE_H */ 2153