1 /*
2  * Copyright (C) 2004-2015  Internet Systems Consortium, Inc. ("ISC")
3  * Copyright (C) 1999-2003  Internet Software Consortium.
4  *
5  * Permission to use, copy, modify, and/or distribute this software for any
6  * purpose with or without fee is hereby granted, provided that the above
7  * copyright notice and this permission notice appear in all copies.
8  *
9  * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10  * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11  * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12  * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13  * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14  * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15  * PERFORMANCE OF THIS SOFTWARE.
16  */
17 
18 #ifndef NAMED_SERVER_H
19 #define NAMED_SERVER_H 1
20 
21 /*! \file */
22 
23 #include <isc/log.h>
24 #include <isc/magic.h>
25 #include <isc/quota.h>
26 #include <isc/sockaddr.h>
27 #include <isc/types.h>
28 #include <isc/xml.h>
29 
30 #include <dns/acl.h>
31 #include <dns/types.h>
32 
33 #include <named/types.h>
34 
35 #define NS_EVENTCLASS		ISC_EVENTCLASS(0x4E43)
36 #define NS_EVENT_RELOAD		(NS_EVENTCLASS + 0)
37 #define NS_EVENT_CLIENTCONTROL	(NS_EVENTCLASS + 1)
38 
39 /*%
40  * Name server state.  Better here than in lots of separate global variables.
41  */
42 struct ns_server {
43 	unsigned int		magic;
44 	isc_mem_t *		mctx;
45 
46 	isc_task_t *		task;
47 
48 	/* Configurable data. */
49 	isc_quota_t		xfroutquota;
50 	isc_quota_t		tcpquota;
51 	isc_quota_t		recursionquota;
52 
53 	dns_acl_t		*blackholeacl;
54 	char *			statsfile;	/*%< Statistics file name */
55 	char *			dumpfile;	/*%< Dump file name */
56 	char *			secrootsfile;	/*%< Secroots file name */
57 	char *			bindkeysfile;	/*%< bind.keys file name */
58 	char *			recfile;	/*%< Recursive file name */
59 	isc_boolean_t		version_set;	/*%< User has set version */
60 	char *			version;	/*%< User-specified version */
61 	isc_boolean_t		hostname_set;	/*%< User has set hostname */
62 	char *			hostname;	/*%< User-specified hostname */
63 	/*% Use hostname for server id */
64 	isc_boolean_t		server_usehostname;
65 	char *			server_id;	/*%< User-specified server id */
66 
67 	/*%
68 	 * Current ACL environment.  This defines the
69 	 * current values of the localhost and localnets
70 	 * ACLs.
71 	 */
72 	dns_aclenv_t		aclenv;
73 
74 	/* Server data structures. */
75 	dns_loadmgr_t *		loadmgr;
76 	dns_zonemgr_t *		zonemgr;
77 	dns_viewlist_t		viewlist;
78 	ns_interfacemgr_t *	interfacemgr;
79 	dns_db_t *		in_roothints;
80 	dns_tkeyctx_t *		tkeyctx;
81 
82 	isc_timer_t *		interface_timer;
83 	isc_timer_t *		heartbeat_timer;
84 	isc_timer_t *		pps_timer;
85 
86 	isc_uint32_t		interface_interval;
87 	isc_uint32_t		heartbeat_interval;
88 
89 	isc_mutex_t		reload_event_lock;
90 	isc_event_t *		reload_event;
91 
92 	isc_boolean_t		flushonshutdown;
93 	isc_boolean_t		log_queries;	/*%< For BIND 8 compatibility */
94 
95 	ns_cachelist_t		cachelist;	/*%< Possibly shared caches */
96 	isc_stats_t *		nsstats;	/*%< Server stats */
97 	dns_stats_t *		rcvquerystats;	/*% Incoming query stats */
98 	dns_stats_t *		opcodestats;	/*%< Incoming message stats */
99 	isc_stats_t *		zonestats;	/*% Zone management stats */
100 	isc_stats_t  *		resolverstats;	/*% Resolver stats */
101 	isc_stats_t *		sockstats;	/*%< Socket stats */
102 
103 	ns_controls_t *		controls;	/*%< Control channels */
104 	unsigned int		dispatchgen;
105 	ns_dispatchlist_t	dispatches;
106 
107 	dns_acache_t		*acache;
108 
109 	ns_statschannellist_t	statschannels;
110 
111 	dns_tsigkey_t		*sessionkey;
112 	char			*session_keyfile;
113 	dns_name_t		*session_keyname;
114 	unsigned int		session_keyalg;
115 	isc_uint16_t		session_keybits;
116 };
117 
118 #define NS_SERVER_MAGIC			ISC_MAGIC('S','V','E','R')
119 #define NS_SERVER_VALID(s)		ISC_MAGIC_VALID(s, NS_SERVER_MAGIC)
120 
121 /*%
122  * Server statistics counters.  Used as isc_statscounter_t values.
123  */
124 enum {
125 	dns_nsstatscounter_requestv4 = 0,
126 	dns_nsstatscounter_requestv6 = 1,
127 	dns_nsstatscounter_edns0in = 2,
128 	dns_nsstatscounter_badednsver = 3,
129 	dns_nsstatscounter_tsigin = 4,
130 	dns_nsstatscounter_sig0in = 5,
131 	dns_nsstatscounter_invalidsig = 6,
132 	dns_nsstatscounter_requesttcp = 7,
133 
134 	dns_nsstatscounter_authrej = 8,
135 	dns_nsstatscounter_recurserej = 9,
136 	dns_nsstatscounter_xfrrej = 10,
137 	dns_nsstatscounter_updaterej = 11,
138 
139 	dns_nsstatscounter_response = 12,
140 	dns_nsstatscounter_truncatedresp = 13,
141 	dns_nsstatscounter_edns0out = 14,
142 	dns_nsstatscounter_tsigout = 15,
143 	dns_nsstatscounter_sig0out = 16,
144 
145 	dns_nsstatscounter_success = 17,
146 	dns_nsstatscounter_authans = 18,
147 	dns_nsstatscounter_nonauthans = 19,
148 	dns_nsstatscounter_referral = 20,
149 	dns_nsstatscounter_nxrrset = 21,
150 	dns_nsstatscounter_servfail = 22,
151 	dns_nsstatscounter_formerr = 23,
152 	dns_nsstatscounter_nxdomain = 24,
153 	dns_nsstatscounter_recursion = 25,
154 	dns_nsstatscounter_duplicate = 26,
155 	dns_nsstatscounter_dropped = 27,
156 	dns_nsstatscounter_failure = 28,
157 
158 	dns_nsstatscounter_xfrdone = 29,
159 
160 	dns_nsstatscounter_updatereqfwd = 30,
161 	dns_nsstatscounter_updaterespfwd = 31,
162 	dns_nsstatscounter_updatefwdfail = 32,
163 	dns_nsstatscounter_updatedone = 33,
164 	dns_nsstatscounter_updatefail = 34,
165 	dns_nsstatscounter_updatebadprereq = 35,
166 
167 	dns_nsstatscounter_recursclients = 36,
168 
169 	dns_nsstatscounter_dns64 = 37,
170 
171 	dns_nsstatscounter_ratedropped = 38,
172 	dns_nsstatscounter_rateslipped = 39,
173 
174 	dns_nsstatscounter_rpz_rewrites = 40,
175 
176 	dns_nsstatscounter_udp = 41,
177 	dns_nsstatscounter_tcp = 42,
178 
179 	dns_nsstatscounter_nsidopt = 43,
180 	dns_nsstatscounter_expireopt = 44,
181 	dns_nsstatscounter_otheropt = 45,
182 	dns_nsstatscounter_ecsopt = 46,
183 
184 	dns_nsstatscounter_sitopt = 47,
185 	dns_nsstatscounter_sitbadsize = 48,
186 	dns_nsstatscounter_sitbadtime = 49,
187 	dns_nsstatscounter_sitnomatch = 50,
188 	dns_nsstatscounter_sitmatch = 51,
189 	dns_nsstatscounter_sitnew = 52,
190 
191 	dns_nsstatscounter_max = 53
192 };
193 
194 void
195 ns_server_create(isc_mem_t *mctx, ns_server_t **serverp);
196 /*%<
197  * Create a server object with default settings.
198  * This function either succeeds or causes the program to exit
199  * with a fatal error.
200  */
201 
202 void
203 ns_server_destroy(ns_server_t **serverp);
204 /*%<
205  * Destroy a server object, freeing its memory.
206  */
207 
208 void
209 ns_server_reloadwanted(ns_server_t *server);
210 /*%<
211  * Inform a server that a reload is wanted.  This function
212  * may be called asynchronously, from outside the server's task.
213  * If a reload is already scheduled or in progress, the call
214  * is ignored.
215  */
216 
217 void
218 ns_server_flushonshutdown(ns_server_t *server, isc_boolean_t flush);
219 /*%<
220  * Inform the server that the zones should be flushed to disk on shutdown.
221  */
222 
223 isc_result_t
224 ns_server_reloadcommand(ns_server_t *server, isc_lex_t *lex,
225 			isc_buffer_t *text);
226 /*%<
227  * Act on a "reload" command from the command channel.
228  */
229 
230 isc_result_t
231 ns_server_reconfigcommand(ns_server_t *server);
232 /*%<
233  * Act on a "reconfig" command from the command channel.
234  */
235 
236 isc_result_t
237 ns_server_notifycommand(ns_server_t *server, isc_lex_t *lex,
238 			isc_buffer_t *text);
239 /*%<
240  * Act on a "notify" command from the command channel.
241  */
242 
243 isc_result_t
244 ns_server_refreshcommand(ns_server_t *server, isc_lex_t *lex,
245 			 isc_buffer_t *text);
246 /*%<
247  * Act on a "refresh" command from the command channel.
248  */
249 
250 isc_result_t
251 ns_server_retransfercommand(ns_server_t *server, isc_lex_t *lex,
252 			    isc_buffer_t *text);
253 /*%<
254  * Act on a "retransfer" command from the command channel.
255  */
256 
257 isc_result_t
258 ns_server_togglequerylog(ns_server_t *server, isc_lex_t *lex);
259 /*%<
260  * Enable/disable logging of queries.  (Takes "yes" or "no" argument,
261  * but can also be used as a toggle for backward comptibility.)
262  */
263 
264 /*%
265  * Dump the current statistics to the statistics file.
266  */
267 isc_result_t
268 ns_server_dumpstats(ns_server_t *server);
269 
270 /*%
271  * Dump the current cache to the dump file.
272  */
273 isc_result_t
274 ns_server_dumpdb(ns_server_t *server, isc_lex_t *lex);
275 
276 /*%
277  * Dump the current security roots to the secroots file.
278  */
279 isc_result_t
280 ns_server_dumpsecroots(ns_server_t *server, isc_lex_t *lex);
281 
282 /*%
283  * Change or increment the server debug level.
284  */
285 isc_result_t
286 ns_server_setdebuglevel(ns_server_t *server, isc_lex_t *lex);
287 
288 /*%
289  * Flush the server's cache(s)
290  */
291 isc_result_t
292 ns_server_flushcache(ns_server_t *server, isc_lex_t *lex);
293 
294 /*%
295  * Flush a particular name from the server's cache.  If 'tree' is false,
296  * also flush the name from the ADB and badcache.  If 'tree' is true, also
297  * flush all the names under the specified name.
298  */
299 isc_result_t
300 ns_server_flushnode(ns_server_t *server, isc_lex_t *lex,
301 		    isc_boolean_t tree);
302 
303 /*%
304  * Report the server's status.
305  */
306 isc_result_t
307 ns_server_status(ns_server_t *server, isc_buffer_t *text);
308 
309 /*%
310  * Report a list of dynamic and static tsig keys, per view.
311  */
312 isc_result_t
313 ns_server_tsiglist(ns_server_t *server, isc_buffer_t *text);
314 
315 /*%
316  * Delete a specific key (with optional view).
317  */
318 isc_result_t
319 ns_server_tsigdelete(ns_server_t *server, isc_lex_t *lex,
320 		     isc_buffer_t *text);
321 
322 /*%
323  * Enable or disable updates for a zone.
324  */
325 isc_result_t
326 ns_server_freeze(ns_server_t *server, isc_boolean_t freeze,
327 		 isc_lex_t *lex, isc_buffer_t *text);
328 
329 /*%
330  * Dump zone updates to disk, optionally removing the journal file
331  */
332 isc_result_t
333 ns_server_sync(ns_server_t *server, isc_lex_t *lex, isc_buffer_t *text);
334 
335 /*%
336  * Update a zone's DNSKEY set from the key repository.  If
337  * the command that triggered the call to this function was "sign",
338  * then force a full signing of the zone.  If it was "loadkeys",
339  * then don't sign the zone; any needed changes to signatures can
340  * take place incrementally.
341  */
342 isc_result_t
343 ns_server_rekey(ns_server_t *server, isc_lex_t *lex, isc_buffer_t *text);
344 
345 /*%
346  * Dump the current recursive queries.
347  */
348 isc_result_t
349 ns_server_dumprecursing(ns_server_t *server);
350 
351 /*%
352  * Maintain a list of dispatches that require reserved ports.
353  */
354 void
355 ns_add_reserved_dispatch(ns_server_t *server, const isc_sockaddr_t *addr);
356 
357 /*%
358  * Enable or disable dnssec validation.
359  */
360 isc_result_t
361 ns_server_validation(ns_server_t *server, isc_lex_t *lex);
362 
363 /*%
364  * Add a zone to a running process
365  */
366 isc_result_t
367 ns_server_add_zone(ns_server_t *server, char *args, isc_buffer_t *text);
368 
369 /*%
370  * Deletes a zone from a running process
371  */
372 isc_result_t
373 ns_server_del_zone(ns_server_t *server, isc_lex_t *lex, isc_buffer_t *text);
374 
375 /*%
376  * Lists the status of the signing records for a given zone.
377  */
378 isc_result_t
379 ns_server_signing(ns_server_t *server, isc_lex_t *lex, isc_buffer_t *text);
380 #endif /* NAMED_SERVER_H */
381