PageRenderTime 58ms CodeModel.GetById 13ms app.highlight 35ms RepoModel.GetById 2ms app.codeStats 0ms

/contrib/bind9/lib/dns/include/dns/zone.h

https://bitbucket.org/freebsd/freebsd-head/
C++ Header | 1903 lines | 436 code | 181 blank | 1286 comment | 0 complexity | 0020730989caf10490b696c49f240f5c MD5 | raw file
   1/*
   2 * Copyright (C) 2004-2012  Internet Systems Consortium, Inc. ("ISC")
   3 * Copyright (C) 1999-2003  Internet Software Consortium.
   4 *
   5 * Permission to use, copy, modify, and/or distribute this software for any
   6 * purpose with or without fee is hereby granted, provided that the above
   7 * copyright notice and this permission notice appear in all copies.
   8 *
   9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
  10 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
  11 * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
  12 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
  13 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
  14 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  15 * PERFORMANCE OF THIS SOFTWARE.
  16 */
  17
  18/* $Id$ */
  19
  20#ifndef DNS_ZONE_H
  21#define DNS_ZONE_H 1
  22
  23/*! \file dns/zone.h */
  24
  25/***
  26 ***	Imports
  27 ***/
  28
  29#include <stdio.h>
  30
  31#include <isc/formatcheck.h>
  32#include <isc/lang.h>
  33#include <isc/rwlock.h>
  34
  35#include <dns/masterdump.h>
  36#include <dns/rdatastruct.h>
  37#include <dns/types.h>
  38
  39typedef enum {
  40	dns_zone_none,
  41	dns_zone_master,
  42	dns_zone_slave,
  43	dns_zone_stub,
  44	dns_zone_staticstub,
  45	dns_zone_key,
  46	dns_zone_dlz
  47} dns_zonetype_t;
  48
  49#define DNS_ZONEOPT_SERVERS	  0x00000001U	/*%< perform server checks */
  50#define DNS_ZONEOPT_PARENTS	  0x00000002U	/*%< perform parent checks */
  51#define DNS_ZONEOPT_CHILDREN	  0x00000004U	/*%< perform child checks */
  52#define DNS_ZONEOPT_NOTIFY	  0x00000008U	/*%< perform NOTIFY */
  53#define DNS_ZONEOPT_MANYERRORS	  0x00000010U	/*%< return many errors on load */
  54#define DNS_ZONEOPT_IXFRFROMDIFFS 0x00000020U	/*%< calculate differences */
  55#define DNS_ZONEOPT_NOMERGE	  0x00000040U	/*%< don't merge journal */
  56#define DNS_ZONEOPT_CHECKNS	  0x00000080U	/*%< check if NS's are addresses */
  57#define DNS_ZONEOPT_FATALNS	  0x00000100U	/*%< DNS_ZONEOPT_CHECKNS is fatal */
  58#define DNS_ZONEOPT_MULTIMASTER	  0x00000200U	/*%< this zone has multiple masters */
  59#define DNS_ZONEOPT_USEALTXFRSRC  0x00000400U	/*%< use alternate transfer sources */
  60#define DNS_ZONEOPT_CHECKNAMES	  0x00000800U	/*%< check-names */
  61#define DNS_ZONEOPT_CHECKNAMESFAIL 0x00001000U	/*%< fatal check-name failures */
  62#define DNS_ZONEOPT_CHECKWILDCARD 0x00002000U	/*%< check for internal wildcards */
  63#define DNS_ZONEOPT_CHECKMX	  0x00004000U	/*%< check-mx */
  64#define DNS_ZONEOPT_CHECKMXFAIL   0x00008000U	/*%< fatal check-mx failures */
  65#define DNS_ZONEOPT_CHECKINTEGRITY 0x00010000U	/*%< perform integrity checks */
  66#define DNS_ZONEOPT_CHECKSIBLING  0x00020000U	/*%< perform sibling glue checks */
  67#define DNS_ZONEOPT_NOCHECKNS	  0x00040000U	/*%< disable IN NS address checks */
  68#define DNS_ZONEOPT_WARNMXCNAME	  0x00080000U	/*%< warn on MX CNAME check */
  69#define DNS_ZONEOPT_IGNOREMXCNAME 0x00100000U	/*%< ignore MX CNAME check */
  70#define DNS_ZONEOPT_WARNSRVCNAME  0x00200000U	/*%< warn on SRV CNAME check */
  71#define DNS_ZONEOPT_IGNORESRVCNAME 0x00400000U	/*%< ignore SRV CNAME check */
  72#define DNS_ZONEOPT_UPDATECHECKKSK 0x00800000U	/*%< check dnskey KSK flag */
  73#define DNS_ZONEOPT_TRYTCPREFRESH 0x01000000U	/*%< try tcp refresh on udp failure */
  74#define DNS_ZONEOPT_NOTIFYTOSOA	  0x02000000U	/*%< Notify the SOA MNAME */
  75#define DNS_ZONEOPT_NSEC3TESTZONE 0x04000000U	/*%< nsec3-test-zone */
  76#define DNS_ZONEOPT_SECURETOINSECURE 0x08000000U /*%< dnssec-secure-to-insecure */
  77#define DNS_ZONEOPT_DNSKEYKSKONLY 0x10000000U	/*%< dnssec-dnskey-kskonly */
  78#define DNS_ZONEOPT_CHECKDUPRR	  0x20000000U   /*%< check-dup-records */
  79#define DNS_ZONEOPT_CHECKDUPRRFAIL 0x40000000U	/*%< fatal check-dup-records failures */
  80
  81#ifndef NOMINUM_PUBLIC
  82/*
  83 * Nominum specific options build down.
  84 */
  85#define DNS_ZONEOPT_NOTIFYFORWARD 0x80000000U	/* forward notify to master */
  86#endif /* NOMINUM_PUBLIC */
  87
  88/*
  89 * Zone key maintenance options
  90 */
  91#define DNS_ZONEKEY_ALLOW	0x00000001U	/*%< fetch keys on command */
  92#define DNS_ZONEKEY_MAINTAIN	0x00000002U	/*%< publish/sign on schedule */
  93#define DNS_ZONEKEY_CREATE	0x00000004U	/*%< make keys when needed */
  94#define DNS_ZONEKEY_FULLSIGN    0x00000008U     /*%< roll to new keys immediately */
  95
  96#ifndef DNS_ZONE_MINREFRESH
  97#define DNS_ZONE_MINREFRESH		    300	/*%< 5 minutes */
  98#endif
  99#ifndef DNS_ZONE_MAXREFRESH
 100#define DNS_ZONE_MAXREFRESH		2419200	/*%< 4 weeks */
 101#endif
 102#ifndef DNS_ZONE_DEFAULTREFRESH
 103#define DNS_ZONE_DEFAULTREFRESH		   3600	/*%< 1 hour */
 104#endif
 105#ifndef DNS_ZONE_MINRETRY
 106#define DNS_ZONE_MINRETRY		    300	/*%< 5 minutes */
 107#endif
 108#ifndef DNS_ZONE_MAXRETRY
 109#define DNS_ZONE_MAXRETRY		1209600	/*%< 2 weeks */
 110#endif
 111#ifndef DNS_ZONE_DEFAULTRETRY
 112#define DNS_ZONE_DEFAULTRETRY		     60	/*%< 1 minute, subject to
 113						   exponential backoff */
 114#endif
 115
 116#define DNS_ZONESTATE_XFERRUNNING	1
 117#define DNS_ZONESTATE_XFERDEFERRED	2
 118#define DNS_ZONESTATE_SOAQUERY		3
 119#define DNS_ZONESTATE_ANY		4
 120
 121ISC_LANG_BEGINDECLS
 122
 123/***
 124 ***	Functions
 125 ***/
 126
 127isc_result_t
 128dns_zone_create(dns_zone_t **zonep, isc_mem_t *mctx);
 129/*%<
 130 *	Creates a new empty zone and attach '*zonep' to it.
 131 *
 132 * Requires:
 133 *\li	'zonep' to point to a NULL pointer.
 134 *\li	'mctx' to be a valid memory context.
 135 *
 136 * Ensures:
 137 *\li	'*zonep' refers to a valid zone.
 138 *
 139 * Returns:
 140 *\li	#ISC_R_SUCCESS
 141 *\li	#ISC_R_NOMEMORY
 142 *\li	#ISC_R_UNEXPECTED
 143 */
 144
 145void
 146dns_zone_setclass(dns_zone_t *zone, dns_rdataclass_t rdclass);
 147/*%<
 148 *	Sets the class of a zone.  This operation can only be performed
 149 *	once on a zone.
 150 *
 151 * Require:
 152 *\li	'zone' to be a valid zone.
 153 *\li	dns_zone_setclass() not to have been called since the zone was
 154 *	created.
 155 *\li	'rdclass' != dns_rdataclass_none.
 156 */
 157
 158dns_rdataclass_t
 159dns_zone_getclass(dns_zone_t *zone);
 160/*%<
 161 *	Returns the current zone class.
 162 *
 163 * Requires:
 164 *\li	'zone' to be a valid zone.
 165 */
 166
 167isc_result_t
 168dns_zone_getserial2(dns_zone_t *zone, isc_uint32_t *serialp);
 169
 170isc_uint32_t
 171dns_zone_getserial(dns_zone_t *zone);
 172/*%<
 173 *	Returns the current serial number of the zone.  On success, the SOA
 174 *	serial of the zone will be copied into '*serialp'.
 175 *	dns_zone_getserial() cannot catch failure cases and is deprecated by
 176 *	dns_zone_getserial2().
 177 *
 178 * Requires:
 179 *\li	'zone' to be a valid zone.
 180 *\li	'serialp' to be non NULL
 181 *
 182 * Returns:
 183 *\li	#ISC_R_SUCCESS
 184 *\li	#DNS_R_NOTLOADED	zone DB is not loaded
 185 */
 186
 187void
 188dns_zone_settype(dns_zone_t *zone, dns_zonetype_t type);
 189/*%<
 190 *	Sets the zone type. This operation can only be performed once on
 191 *	a zone.
 192 *
 193 * Requires:
 194 *\li	'zone' to be a valid zone.
 195 *\li	dns_zone_settype() not to have been called since the zone was
 196 *	created.
 197 *\li	'type' != dns_zone_none
 198 */
 199
 200void
 201dns_zone_setview(dns_zone_t *zone, dns_view_t *view);
 202/*%<
 203 *	Associate the zone with a view.
 204 *
 205 * Require:
 206 *\li	'zone' to be a valid zone.
 207 */
 208
 209dns_view_t *
 210dns_zone_getview(dns_zone_t *zone);
 211/*%<
 212 *	Returns the zone's associated view.
 213 *
 214 * Requires:
 215 *\li	'zone' to be a valid zone.
 216 */
 217
 218isc_result_t
 219dns_zone_setorigin(dns_zone_t *zone, const dns_name_t *origin);
 220/*%<
 221 *	Sets the zones origin to 'origin'.
 222 *
 223 * Require:
 224 *\li	'zone' to be a valid zone.
 225 *\li	'origin' to be non NULL.
 226 *
 227 * Returns:
 228 *\li	#ISC_R_SUCCESS
 229 *\li 	#ISC_R_NOMEMORY
 230 */
 231
 232dns_name_t *
 233dns_zone_getorigin(dns_zone_t *zone);
 234/*%<
 235 *	Returns the value of the origin.
 236 *
 237 * Require:
 238 *\li	'zone' to be a valid zone.
 239 */
 240
 241isc_result_t
 242dns_zone_setfile(dns_zone_t *zone, const char *file);
 243
 244isc_result_t
 245dns_zone_setfile2(dns_zone_t *zone, const char *file,
 246		  dns_masterformat_t format);
 247/*%<
 248 *    Sets the name of the master file in the format of 'format' from which
 249 *    the zone loads its database to 'file'.
 250 *
 251 *    For zones that have no associated master file, 'file' will be NULL.
 252 *
 253 *	For zones with persistent databases, the file name
 254 *	setting is ignored.
 255 *
 256 *    dns_zone_setfile() is a backward-compatible form of
 257 *    dns_zone_setfile2(), which always specifies the
 258 *    dns_masterformat_text (RFC1035) format.
 259 *
 260 * Require:
 261 *\li	'zone' to be a valid zone.
 262 *
 263 * Returns:
 264 *\li	#ISC_R_NOMEMORY
 265 *\li	#ISC_R_SUCCESS
 266 */
 267
 268const char *
 269dns_zone_getfile(dns_zone_t *zone);
 270/*%<
 271 * 	Gets the name of the zone's master file, if any.
 272 *
 273 * Requires:
 274 *\li	'zone' to be valid initialised zone.
 275 *
 276 * Returns:
 277 *\li	Pointer to null-terminated file name, or NULL.
 278 */
 279
 280isc_result_t
 281dns_zone_load(dns_zone_t *zone);
 282
 283isc_result_t
 284dns_zone_loadnew(dns_zone_t *zone);
 285
 286isc_result_t
 287dns_zone_loadandthaw(dns_zone_t *zone);
 288/*%<
 289 *	Cause the database to be loaded from its backing store.
 290 *	Confirm that the minimum requirements for the zone type are
 291 *	met, otherwise DNS_R_BADZONE is returned.
 292 *
 293 *	dns_zone_loadnew() only loads zones that are not yet loaded.
 294 *	dns_zone_load() also loads zones that are already loaded and
 295 *	and whose master file has changed since the last load.
 296 *	dns_zone_loadandthaw() is similar to dns_zone_load() but will
 297 *	also re-enable DNS UPDATEs when the load completes.
 298 *
 299 * Require:
 300 *\li	'zone' to be a valid zone.
 301 *
 302 * Returns:
 303 *\li	#ISC_R_UNEXPECTED
 304 *\li	#ISC_R_SUCCESS
 305 *\li	DNS_R_CONTINUE	  Incremental load has been queued.
 306 *\li	DNS_R_UPTODATE	  The zone has already been loaded based on
 307 *			  file system timestamps.
 308 *\li	DNS_R_BADZONE
 309 *\li	Any result value from dns_db_load().
 310 */
 311
 312void
 313dns_zone_attach(dns_zone_t *source, dns_zone_t **target);
 314/*%<
 315 *	Attach '*target' to 'source' incrementing its external
 316 * 	reference count.
 317 *
 318 * Require:
 319 *\li	'zone' to be a valid zone.
 320 *\li	'target' to be non NULL and '*target' to be NULL.
 321 */
 322
 323void
 324dns_zone_detach(dns_zone_t **zonep);
 325/*%<
 326 *	Detach from a zone decrementing its external reference count.
 327 *	If this was the last external reference to the zone it will be
 328 * 	shut down and eventually freed.
 329 *
 330 * Require:
 331 *\li	'zonep' to point to a valid zone.
 332 */
 333
 334void
 335dns_zone_iattach(dns_zone_t *source, dns_zone_t **target);
 336/*%<
 337 *	Attach '*target' to 'source' incrementing its internal
 338 * 	reference count.  This is intended for use by operations
 339 * 	such as zone transfers that need to prevent the zone
 340 * 	object from being freed but not from shutting down.
 341 *
 342 * Require:
 343 *\li	The caller is running in the context of the zone's task.
 344 *\li	'zone' to be a valid zone.
 345 *\li	'target' to be non NULL and '*target' to be NULL.
 346 */
 347
 348void
 349dns_zone_idetach(dns_zone_t **zonep);
 350/*%<
 351 *	Detach from a zone decrementing its internal reference count.
 352 *	If there are no more internal or external references to the
 353 * 	zone, it will be freed.
 354 *
 355 * Require:
 356 *\li	The caller is running in the context of the zone's task.
 357 *\li	'zonep' to point to a valid zone.
 358 */
 359
 360void
 361dns_zone_setflag(dns_zone_t *zone, unsigned int flags, isc_boolean_t value);
 362/*%<
 363 *	Sets ('value' == 'ISC_TRUE') / clears ('value' == 'IS_FALSE')
 364 *	zone flags.  Valid flag bits are DNS_ZONE_F_*.
 365 *
 366 * Requires
 367 *\li	'zone' to be a valid zone.
 368 */
 369
 370isc_result_t
 371dns_zone_getdb(dns_zone_t *zone, dns_db_t **dbp);
 372/*%<
 373 * 	Attach '*dbp' to the database to if it exists otherwise
 374 *	return DNS_R_NOTLOADED.
 375 *
 376 * Require:
 377 *\li	'zone' to be a valid zone.
 378 *\li	'dbp' to be != NULL && '*dbp' == NULL.
 379 *
 380 * Returns:
 381 *\li	#ISC_R_SUCCESS
 382 *\li	DNS_R_NOTLOADED
 383 */
 384
 385void
 386dns_zone_setdb(dns_zone_t *zone, dns_db_t *db);
 387/*%<
 388 *	Sets the zone database to 'db'.
 389 *
 390 *	This function is expected to be used to configure a zone with a
 391 *	database which is not loaded from a file or zone transfer.
 392 *	It can be used for a general purpose zone, but right now its use
 393 *	is limited to static-stub zones to avoid possible undiscovered
 394 *	problems in the general cases.
 395 *
 396 * Require:
 397 *\li	'zone' to be a valid zone of static-stub.
 398 *\li	zone doesn't have a database.
 399 */
 400
 401isc_result_t
 402dns_zone_setdbtype(dns_zone_t *zone,
 403		   unsigned int dbargc, const char * const *dbargv);
 404/*%<
 405 *	Sets the database type to dbargv[0] and database arguments
 406 *	to subsequent dbargv elements.
 407 *	'db_type' is not checked to see if it is a valid database type.
 408 *
 409 * Require:
 410 *\li	'zone' to be a valid zone.
 411 *\li	'database' to be non NULL.
 412 *\li	'dbargc' to be >= 1
 413 *\li	'dbargv' to point to dbargc NULL-terminated strings
 414 *
 415 * Returns:
 416 *\li	#ISC_R_NOMEMORY
 417 *\li	#ISC_R_SUCCESS
 418 */
 419
 420isc_result_t
 421dns_zone_getdbtype(dns_zone_t *zone, char ***argv, isc_mem_t *mctx);
 422/*%<
 423 *	Returns the current dbtype.  isc_mem_free() should be used
 424 * 	to free 'argv' after use.
 425 *
 426 * Require:
 427 *\li	'zone' to be a valid zone.
 428 *\li	'argv' to be non NULL and *argv to be NULL.
 429 *\li	'mctx' to be valid.
 430 *
 431 * Returns:
 432 *\li	#ISC_R_NOMEMORY
 433 *\li	#ISC_R_SUCCESS
 434 */
 435
 436void
 437dns_zone_markdirty(dns_zone_t *zone);
 438/*%<
 439 *	Mark a zone as 'dirty'.
 440 *
 441 * Require:
 442 *\li	'zone' to be a valid zone.
 443 */
 444
 445void
 446dns_zone_expire(dns_zone_t *zone);
 447/*%<
 448 *	Mark the zone as expired.  If the zone requires dumping cause it to
 449 *	be initiated.  Set the refresh and retry intervals to there default
 450 *	values and unload the zone.
 451 *
 452 * Require
 453 *\li	'zone' to be a valid zone.
 454 */
 455
 456void
 457dns_zone_refresh(dns_zone_t *zone);
 458/*%<
 459 *	Initiate zone up to date checks.  The zone must already be being
 460 *	managed.
 461 *
 462 * Require
 463 *\li	'zone' to be a valid zone.
 464 */
 465
 466isc_result_t
 467dns_zone_flush(dns_zone_t *zone);
 468/*%<
 469 *	Write the zone to database if there are uncommitted changes.
 470 *
 471 * Require:
 472 *\li	'zone' to be a valid zone.
 473 */
 474
 475isc_result_t
 476dns_zone_dump(dns_zone_t *zone);
 477/*%<
 478 *	Write the zone to database.
 479 *
 480 * Require:
 481 *\li	'zone' to be a valid zone.
 482 */
 483
 484isc_result_t
 485dns_zone_dumptostream(dns_zone_t *zone, FILE *fd);
 486
 487isc_result_t
 488dns_zone_dumptostream2(dns_zone_t *zone, FILE *fd, dns_masterformat_t format,
 489		       const dns_master_style_t *style);
 490/*%<
 491 *    Write the zone to stream 'fd' in the specified 'format'.
 492 *    If the 'format' is dns_masterformat_text (RFC1035), 'style' also
 493 *    specifies the file style (e.g., &dns_master_style_default).
 494 *
 495 *    dns_zone_dumptostream() is a backward-compatible form of
 496 *    dns_zone_dumptostream2(), which always uses the dns_masterformat_text
 497 *    format and the dns_master_style_default style.
 498 *
 499 *    Note that dns_zone_dumptostream2() is the most flexible form.  It
 500 *    can also provide the functionality of dns_zone_fulldumptostream().
 501 *
 502 * Require:
 503 *\li	'zone' to be a valid zone.
 504 *\li	'fd' to be a stream open for writing.
 505 */
 506
 507isc_result_t
 508dns_zone_fulldumptostream(dns_zone_t *zone, FILE *fd);
 509/*%<
 510 *	The same as dns_zone_dumptostream, but dumps the zone with
 511 *	different dump settings (dns_master_style_full).
 512 *
 513 * Require:
 514 *\li	'zone' to be a valid zone.
 515 *\li	'fd' to be a stream open for writing.
 516 */
 517
 518void
 519dns_zone_maintenance(dns_zone_t *zone);
 520/*%<
 521 *	Perform regular maintenance on the zone.  This is called as a
 522 *	result of a zone being managed.
 523 *
 524 * Require
 525 *\li	'zone' to be a valid zone.
 526 */
 527
 528isc_result_t
 529dns_zone_setmasters(dns_zone_t *zone, const isc_sockaddr_t *masters,
 530		    isc_uint32_t count);
 531isc_result_t
 532dns_zone_setmasterswithkeys(dns_zone_t *zone,
 533			    const isc_sockaddr_t *masters,
 534			    dns_name_t **keynames,
 535			    isc_uint32_t count);
 536/*%<
 537 *	Set the list of master servers for the zone.
 538 *
 539 * Require:
 540 *\li	'zone' to be a valid zone.
 541 *\li	'masters' array of isc_sockaddr_t with port set or NULL.
 542 *\li	'count' the number of masters.
 543 *\li      'keynames' array of dns_name_t's for tsig keys or NULL.
 544 *
 545 *  \li    dns_zone_setmasters() is just a wrapper to setmasterswithkeys(),
 546 *      passing NULL in the keynames field.
 547 *
 548 * \li	If 'masters' is NULL then 'count' must be zero.
 549 *
 550 * Returns:
 551 *\li	#ISC_R_SUCCESS
 552 *\li	#ISC_R_NOMEMORY
 553 *\li      Any result dns_name_dup() can return, if keynames!=NULL
 554 */
 555
 556isc_result_t
 557dns_zone_setalsonotify(dns_zone_t *zone, const isc_sockaddr_t *notify,
 558		       isc_uint32_t count);
 559/*%<
 560 *	Set the list of additional servers to be notified when
 561 *	a zone changes.	 To clear the list use 'count = 0'.
 562 *
 563 * Require:
 564 *\li	'zone' to be a valid zone.
 565 *\li	'notify' to be non-NULL if count != 0.
 566 *\li	'count' to be the number of notifiees.
 567 *
 568 * Returns:
 569 *\li	#ISC_R_SUCCESS
 570 *\li	#ISC_R_NOMEMORY
 571 */
 572
 573void
 574dns_zone_unload(dns_zone_t *zone);
 575/*%<
 576 *	detach the database from the zone structure.
 577 *
 578 * Require:
 579 *\li	'zone' to be a valid zone.
 580 */
 581
 582void
 583dns_zone_setoption(dns_zone_t *zone, unsigned int option, isc_boolean_t value);
 584/*%<
 585 *	Set given options on ('value' == ISC_TRUE) or off ('value' ==
 586 *	#ISC_FALSE).
 587 *
 588 * Require:
 589 *\li	'zone' to be a valid zone.
 590 */
 591
 592unsigned int
 593dns_zone_getoptions(dns_zone_t *zone);
 594/*%<
 595 *	Returns the current zone options.
 596 *
 597 * Require:
 598 *\li	'zone' to be a valid zone.
 599 */
 600
 601void
 602dns_zone_setkeyopt(dns_zone_t *zone, unsigned int option, isc_boolean_t value);
 603/*%<
 604 *	Set key options on ('value' == ISC_TRUE) or off ('value' ==
 605 *	#ISC_FALSE).
 606 *
 607 * Require:
 608 *\li	'zone' to be a valid zone.
 609 */
 610
 611unsigned int
 612dns_zone_getkeyopts(dns_zone_t *zone);
 613/*%<
 614 *	Returns the current zone key options.
 615 *
 616 * Require:
 617 *\li	'zone' to be a valid zone.
 618 */
 619
 620void
 621dns_zone_setminrefreshtime(dns_zone_t *zone, isc_uint32_t val);
 622/*%<
 623 *	Set the minimum refresh time.
 624 *
 625 * Requires:
 626 *\li	'zone' is valid.
 627 *\li	val > 0.
 628 */
 629
 630void
 631dns_zone_setmaxrefreshtime(dns_zone_t *zone, isc_uint32_t val);
 632/*%<
 633 *	Set the maximum refresh time.
 634 *
 635 * Requires:
 636 *\li	'zone' is valid.
 637 *\li	val > 0.
 638 */
 639
 640void
 641dns_zone_setminretrytime(dns_zone_t *zone, isc_uint32_t val);
 642/*%<
 643 *	Set the minimum retry time.
 644 *
 645 * Requires:
 646 *\li	'zone' is valid.
 647 *\li	val > 0.
 648 */
 649
 650void
 651dns_zone_setmaxretrytime(dns_zone_t *zone, isc_uint32_t val);
 652/*%<
 653 *	Set the maximum retry time.
 654 *
 655 * Requires:
 656 *\li	'zone' is valid.
 657 *	val > 0.
 658 */
 659
 660isc_result_t
 661dns_zone_setxfrsource4(dns_zone_t *zone, const isc_sockaddr_t *xfrsource);
 662isc_result_t
 663dns_zone_setaltxfrsource4(dns_zone_t *zone,
 664			  const isc_sockaddr_t *xfrsource);
 665/*%<
 666 * 	Set the source address to be used in IPv4 zone transfers.
 667 *
 668 * Require:
 669 *\li	'zone' to be a valid zone.
 670 *\li	'xfrsource' to contain the address.
 671 *
 672 * Returns:
 673 *\li	#ISC_R_SUCCESS
 674 */
 675
 676isc_sockaddr_t *
 677dns_zone_getxfrsource4(dns_zone_t *zone);
 678isc_sockaddr_t *
 679dns_zone_getaltxfrsource4(dns_zone_t *zone);
 680/*%<
 681 *	Returns the source address set by a previous dns_zone_setxfrsource4
 682 *	call, or the default of inaddr_any, port 0.
 683 *
 684 * Require:
 685 *\li	'zone' to be a valid zone.
 686 */
 687
 688isc_result_t
 689dns_zone_setxfrsource6(dns_zone_t *zone, const isc_sockaddr_t *xfrsource);
 690isc_result_t
 691dns_zone_setaltxfrsource6(dns_zone_t *zone,
 692			  const isc_sockaddr_t *xfrsource);
 693/*%<
 694 * 	Set the source address to be used in IPv6 zone transfers.
 695 *
 696 * Require:
 697 *\li	'zone' to be a valid zone.
 698 *\li	'xfrsource' to contain the address.
 699 *
 700 * Returns:
 701 *\li	#ISC_R_SUCCESS
 702 */
 703
 704isc_sockaddr_t *
 705dns_zone_getxfrsource6(dns_zone_t *zone);
 706isc_sockaddr_t *
 707dns_zone_getaltxfrsource6(dns_zone_t *zone);
 708/*%<
 709 *	Returns the source address set by a previous dns_zone_setxfrsource6
 710 *	call, or the default of in6addr_any, port 0.
 711 *
 712 * Require:
 713 *\li	'zone' to be a valid zone.
 714 */
 715
 716isc_result_t
 717dns_zone_setnotifysrc4(dns_zone_t *zone, const isc_sockaddr_t *notifysrc);
 718/*%<
 719 * 	Set the source address to be used with IPv4 NOTIFY messages.
 720 *
 721 * Require:
 722 *\li	'zone' to be a valid zone.
 723 *\li	'notifysrc' to contain the address.
 724 *
 725 * Returns:
 726 *\li	#ISC_R_SUCCESS
 727 */
 728
 729isc_sockaddr_t *
 730dns_zone_getnotifysrc4(dns_zone_t *zone);
 731/*%<
 732 *	Returns the source address set by a previous dns_zone_setnotifysrc4
 733 *	call, or the default of inaddr_any, port 0.
 734 *
 735 * Require:
 736 *\li	'zone' to be a valid zone.
 737 */
 738
 739isc_result_t
 740dns_zone_setnotifysrc6(dns_zone_t *zone, const isc_sockaddr_t *notifysrc);
 741/*%<
 742 * 	Set the source address to be used with IPv6 NOTIFY messages.
 743 *
 744 * Require:
 745 *\li	'zone' to be a valid zone.
 746 *\li	'notifysrc' to contain the address.
 747 *
 748 * Returns:
 749 *\li	#ISC_R_SUCCESS
 750 */
 751
 752isc_sockaddr_t *
 753dns_zone_getnotifysrc6(dns_zone_t *zone);
 754/*%<
 755 *	Returns the source address set by a previous dns_zone_setnotifysrc6
 756 *	call, or the default of in6addr_any, port 0.
 757 *
 758 * Require:
 759 *\li	'zone' to be a valid zone.
 760 */
 761
 762void
 763dns_zone_setnotifyacl(dns_zone_t *zone, dns_acl_t *acl);
 764/*%<
 765 *	Sets the notify acl list for the zone.
 766 *
 767 * Require:
 768 *\li	'zone' to be a valid zone.
 769 *\li	'acl' to be a valid acl.
 770 */
 771
 772void
 773dns_zone_setqueryacl(dns_zone_t *zone, dns_acl_t *acl);
 774/*%<
 775 *	Sets the query acl list for the zone.
 776 *
 777 * Require:
 778 *\li	'zone' to be a valid zone.
 779 *\li	'acl' to be a valid acl.
 780 */
 781
 782void
 783dns_zone_setqueryonacl(dns_zone_t *zone, dns_acl_t *acl);
 784/*%<
 785 *	Sets the query-on acl list for the zone.
 786 *
 787 * Require:
 788 *\li	'zone' to be a valid zone.
 789 *\li	'acl' to be a valid acl.
 790 */
 791
 792void
 793dns_zone_setupdateacl(dns_zone_t *zone, dns_acl_t *acl);
 794/*%<
 795 *	Sets the update acl list for the zone.
 796 *
 797 * Require:
 798 *\li	'zone' to be a valid zone.
 799 *\li	'acl' to be valid acl.
 800 */
 801
 802void
 803dns_zone_setforwardacl(dns_zone_t *zone, dns_acl_t *acl);
 804/*%<
 805 *	Sets the forward unsigned updates acl list for the zone.
 806 *
 807 * Require:
 808 *\li	'zone' to be a valid zone.
 809 *\li	'acl' to be valid acl.
 810 */
 811
 812void
 813dns_zone_setxfracl(dns_zone_t *zone, dns_acl_t *acl);
 814/*%<
 815 *	Sets the transfer acl list for the zone.
 816 *
 817 * Require:
 818 *\li	'zone' to be a valid zone.
 819 *\li	'acl' to be valid acl.
 820 */
 821
 822dns_acl_t *
 823dns_zone_getnotifyacl(dns_zone_t *zone);
 824/*%<
 825 * 	Returns the current notify acl or NULL.
 826 *
 827 * Require:
 828 *\li	'zone' to be a valid zone.
 829 *
 830 * Returns:
 831 *\li	acl a pointer to the acl.
 832 *\li	NULL
 833 */
 834
 835dns_acl_t *
 836dns_zone_getqueryacl(dns_zone_t *zone);
 837/*%<
 838 * 	Returns the current query acl or NULL.
 839 *
 840 * Require:
 841 *\li	'zone' to be a valid zone.
 842 *
 843 * Returns:
 844 *\li	acl a pointer to the acl.
 845 *\li	NULL
 846 */
 847
 848dns_acl_t *
 849dns_zone_getqueryonacl(dns_zone_t *zone);
 850/*%<
 851 * 	Returns the current query-on acl or NULL.
 852 *
 853 * Require:
 854 *\li	'zone' to be a valid zone.
 855 *
 856 * Returns:
 857 *\li	acl a pointer to the acl.
 858 *\li	NULL
 859 */
 860
 861dns_acl_t *
 862dns_zone_getupdateacl(dns_zone_t *zone);
 863/*%<
 864 * 	Returns the current update acl or NULL.
 865 *
 866 * Require:
 867 *\li	'zone' to be a valid zone.
 868 *
 869 * Returns:
 870 *\li	acl a pointer to the acl.
 871 *\li	NULL
 872 */
 873
 874dns_acl_t *
 875dns_zone_getforwardacl(dns_zone_t *zone);
 876/*%<
 877 * 	Returns the current forward unsigned updates acl or NULL.
 878 *
 879 * Require:
 880 *\li	'zone' to be a valid zone.
 881 *
 882 * Returns:
 883 *\li	acl a pointer to the acl.
 884 *\li	NULL
 885 */
 886
 887dns_acl_t *
 888dns_zone_getxfracl(dns_zone_t *zone);
 889/*%<
 890 * 	Returns the current transfer acl or NULL.
 891 *
 892 * Require:
 893 *\li	'zone' to be a valid zone.
 894 *
 895 * Returns:
 896 *\li	acl a pointer to the acl.
 897 *\li	NULL
 898 */
 899
 900void
 901dns_zone_clearupdateacl(dns_zone_t *zone);
 902/*%<
 903 *	Clear the current update acl.
 904 *
 905 * Require:
 906 *\li	'zone' to be a valid zone.
 907 */
 908
 909void
 910dns_zone_clearforwardacl(dns_zone_t *zone);
 911/*%<
 912 *	Clear the current forward unsigned updates acl.
 913 *
 914 * Require:
 915 *\li	'zone' to be a valid zone.
 916 */
 917
 918void
 919dns_zone_clearnotifyacl(dns_zone_t *zone);
 920/*%<
 921 *	Clear the current notify acl.
 922 *
 923 * Require:
 924 *\li	'zone' to be a valid zone.
 925 */
 926
 927void
 928dns_zone_clearqueryacl(dns_zone_t *zone);
 929/*%<
 930 *	Clear the current query acl.
 931 *
 932 * Require:
 933 *\li	'zone' to be a valid zone.
 934 */
 935
 936void
 937dns_zone_clearqueryonacl(dns_zone_t *zone);
 938/*%<
 939 *	Clear the current query-on acl.
 940 *
 941 * Require:
 942 *\li	'zone' to be a valid zone.
 943 */
 944
 945void
 946dns_zone_clearxfracl(dns_zone_t *zone);
 947/*%<
 948 *	Clear the current transfer acl.
 949 *
 950 * Require:
 951 *\li	'zone' to be a valid zone.
 952 */
 953
 954isc_boolean_t
 955dns_zone_getupdatedisabled(dns_zone_t *zone);
 956/*%<
 957 * Return update disabled.
 958 * Transient unless called when running in isc_task_exclusive() mode.
 959 */
 960
 961void
 962dns_zone_setupdatedisabled(dns_zone_t *zone, isc_boolean_t state);
 963/*%<
 964 * Set update disabled.
 965 * Should only be called only when running in isc_task_exclusive() mode.
 966 * Failure to do so may result in updates being committed after the
 967 * call has been made.
 968 */
 969
 970isc_boolean_t
 971dns_zone_getzeronosoattl(dns_zone_t *zone);
 972/*%<
 973 * Return zero-no-soa-ttl status.
 974 */
 975
 976void
 977dns_zone_setzeronosoattl(dns_zone_t *zone, isc_boolean_t state);
 978/*%<
 979 * Set zero-no-soa-ttl status.
 980 */
 981
 982void
 983dns_zone_setchecknames(dns_zone_t *zone, dns_severity_t severity);
 984/*%<
 985 * 	Set the severity of name checking when loading a zone.
 986 *
 987 * Require:
 988 * \li     'zone' to be a valid zone.
 989 */
 990
 991dns_severity_t
 992dns_zone_getchecknames(dns_zone_t *zone);
 993/*%<
 994 *	Return the current severity of name checking.
 995 *
 996 * Require:
 997 *\li	'zone' to be a valid zone.
 998 */
 999
1000void
1001dns_zone_setjournalsize(dns_zone_t *zone, isc_int32_t size);
1002/*%<
1003 *	Sets the journal size for the zone.
1004 *
1005 * Requires:
1006 *\li	'zone' to be a valid zone.
1007 */
1008
1009isc_int32_t
1010dns_zone_getjournalsize(dns_zone_t *zone);
1011/*%<
1012 *	Return the journal size as set with a previous call to
1013 *	dns_zone_setjournalsize().
1014 *
1015 * Requires:
1016 *\li	'zone' to be a valid zone.
1017 */
1018
1019isc_result_t
1020dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from,
1021		       dns_message_t *msg);
1022/*%<
1023 *	Tell the zone that it has received a NOTIFY message from another
1024 *	server.  This may cause some zone maintenance activity to occur.
1025 *
1026 * Requires:
1027 *\li	'zone' to be a valid zone.
1028 *\li	'*from' to contain the address of the server from which 'msg'
1029 *		was received.
1030 *\li	'msg' a message with opcode NOTIFY and qr clear.
1031 *
1032 * Returns:
1033 *\li	DNS_R_REFUSED
1034 *\li	DNS_R_NOTIMP
1035 *\li	DNS_R_FORMERR
1036 *\li	DNS_R_SUCCESS
1037 */
1038
1039void
1040dns_zone_setmaxxfrin(dns_zone_t *zone, isc_uint32_t maxxfrin);
1041/*%<
1042 * Set the maximum time (in seconds) that a zone transfer in (AXFR/IXFR)
1043 * of this zone will use before being aborted.
1044 *
1045 * Requires:
1046 * \li	'zone' to be valid initialised zone.
1047 */
1048
1049isc_uint32_t
1050dns_zone_getmaxxfrin(dns_zone_t *zone);
1051/*%<
1052 * Returns the maximum transfer time for this zone.  This will be
1053 * either the value set by the last call to dns_zone_setmaxxfrin() or
1054 * the default value of 1 hour.
1055 *
1056 * Requires:
1057 *\li	'zone' to be valid initialised zone.
1058 */
1059
1060void
1061dns_zone_setmaxxfrout(dns_zone_t *zone, isc_uint32_t maxxfrout);
1062/*%<
1063 * Set the maximum time (in seconds) that a zone transfer out (AXFR/IXFR)
1064 * of this zone will use before being aborted.
1065 *
1066 * Requires:
1067 * \li	'zone' to be valid initialised zone.
1068 */
1069
1070isc_uint32_t
1071dns_zone_getmaxxfrout(dns_zone_t *zone);
1072/*%<
1073 * Returns the maximum transfer time for this zone.  This will be
1074 * either the value set by the last call to dns_zone_setmaxxfrout() or
1075 * the default value of 1 hour.
1076 *
1077 * Requires:
1078 *\li	'zone' to be valid initialised zone.
1079 */
1080
1081isc_result_t
1082dns_zone_setjournal(dns_zone_t *zone, const char *journal);
1083/*%<
1084 * Sets the filename used for journaling updates / IXFR transfers.
1085 * The default journal name is set by dns_zone_setfile() to be
1086 * "file.jnl".  If 'journal' is NULL, the zone will have no
1087 * journal name.
1088 *
1089 * Requires:
1090 *\li	'zone' to be a valid zone.
1091 *
1092 * Returns:
1093 *\li	#ISC_R_SUCCESS
1094 *\li	#ISC_R_NOMEMORY
1095 */
1096
1097char *
1098dns_zone_getjournal(dns_zone_t *zone);
1099/*%<
1100 * Returns the journal name associated with this zone.
1101 * If no journal has been set this will be NULL.
1102 *
1103 * Requires:
1104 *\li	'zone' to be valid initialised zone.
1105 */
1106
1107dns_zonetype_t
1108dns_zone_gettype(dns_zone_t *zone);
1109/*%<
1110 * Returns the type of the zone (master/slave/etc.)
1111 *
1112 * Requires:
1113 *\li	'zone' to be valid initialised zone.
1114 */
1115
1116void
1117dns_zone_settask(dns_zone_t *zone, isc_task_t *task);
1118/*%<
1119 * Give a zone a task to work with.  Any current task will be detached.
1120 *
1121 * Requires:
1122 *\li	'zone' to be valid.
1123 *\li	'task' to be valid.
1124 */
1125
1126void
1127dns_zone_gettask(dns_zone_t *zone, isc_task_t **target);
1128/*%<
1129 * Attach '*target' to the zone's task.
1130 *
1131 * Requires:
1132 *\li	'zone' to be valid initialised zone.
1133 *\li	'zone' to have a task.
1134 *\li	'target' to be != NULL && '*target' == NULL.
1135 */
1136
1137void
1138dns_zone_notify(dns_zone_t *zone);
1139/*%<
1140 * Generate notify events for this zone.
1141 *
1142 * Requires:
1143 *\li	'zone' to be a valid zone.
1144 */
1145
1146isc_result_t
1147dns_zone_replacedb(dns_zone_t *zone, dns_db_t *db, isc_boolean_t dump);
1148/*%<
1149 * Replace the database of "zone" with a new database "db".
1150 *
1151 * If "dump" is ISC_TRUE, then the new zone contents are dumped
1152 * into to the zone's master file for persistence.  When replacing
1153 * a zone database by one just loaded from a master file, set
1154 * "dump" to ISC_FALSE to avoid a redundant redump of the data just
1155 * loaded.  Otherwise, it should be set to ISC_TRUE.
1156 *
1157 * If the "diff-on-reload" option is enabled in the configuration file,
1158 * the differences between the old and the new database are added to the
1159 * journal file, and the master file dump is postponed.
1160 *
1161 * Requires:
1162 * \li	'zone' to be a valid zone.
1163 *
1164 * Returns:
1165 * \li	DNS_R_SUCCESS
1166 * \li	DNS_R_BADZONE	zone failed basic consistency checks:
1167 *			* a single SOA must exist
1168 *			* some NS records must exist.
1169 *	Others
1170 */
1171
1172isc_uint32_t
1173dns_zone_getidlein(dns_zone_t *zone);
1174/*%<
1175 * Requires:
1176 * \li	'zone' to be a valid zone.
1177 *
1178 * Returns:
1179 * \li	number of seconds of idle time before we abort the transfer in.
1180 */
1181
1182void
1183dns_zone_setidlein(dns_zone_t *zone, isc_uint32_t idlein);
1184/*%<
1185 * \li	Set the idle timeout for transfer the.
1186 * \li	Zero set the default value, 1 hour.
1187 *
1188 * Requires:
1189 * \li	'zone' to be a valid zone.
1190 */
1191
1192isc_uint32_t
1193dns_zone_getidleout(dns_zone_t *zone);
1194/*%<
1195 *
1196 * Requires:
1197 * \li	'zone' to be a valid zone.
1198 *
1199 * Returns:
1200 * \li	number of seconds of idle time before we abort a transfer out.
1201 */
1202
1203void
1204dns_zone_setidleout(dns_zone_t *zone, isc_uint32_t idleout);
1205/*%<
1206 * \li	Set the idle timeout for transfers out.
1207 * \li	Zero set the default value, 1 hour.
1208 *
1209 * Requires:
1210 * \li	'zone' to be a valid zone.
1211 */
1212
1213void
1214dns_zone_getssutable(dns_zone_t *zone, dns_ssutable_t **table);
1215/*%<
1216 * Get the simple-secure-update policy table.
1217 *
1218 * Requires:
1219 * \li	'zone' to be a valid zone.
1220 */
1221
1222void
1223dns_zone_setssutable(dns_zone_t *zone, dns_ssutable_t *table);
1224/*%<
1225 * Set / clear the simple-secure-update policy table.
1226 *
1227 * Requires:
1228 * \li	'zone' to be a valid zone.
1229 */
1230
1231isc_mem_t *
1232dns_zone_getmctx(dns_zone_t *zone);
1233/*%<
1234 * Get the memory context of a zone.
1235 *
1236 * Requires:
1237 * \li	'zone' to be a valid zone.
1238 */
1239
1240dns_zonemgr_t *
1241dns_zone_getmgr(dns_zone_t *zone);
1242/*%<
1243 *	If 'zone' is managed return the zone manager otherwise NULL.
1244 *
1245 * Requires:
1246 * \li	'zone' to be a valid zone.
1247 */
1248
1249void
1250dns_zone_setsigvalidityinterval(dns_zone_t *zone, isc_uint32_t interval);
1251/*%<
1252 * Set the zone's RRSIG validity interval.  This is the length of time
1253 * for which DNSSEC signatures created as a result of dynamic updates
1254 * to secure zones will remain valid, in seconds.
1255 *
1256 * Requires:
1257 * \li	'zone' to be a valid zone.
1258 */
1259
1260isc_uint32_t
1261dns_zone_getsigvalidityinterval(dns_zone_t *zone);
1262/*%<
1263 * Get the zone's RRSIG validity interval.
1264 *
1265 * Requires:
1266 * \li	'zone' to be a valid zone.
1267 */
1268
1269void
1270dns_zone_setsigresigninginterval(dns_zone_t *zone, isc_uint32_t interval);
1271/*%<
1272 * Set the zone's RRSIG re-signing interval.  A dynamic zone's RRSIG's
1273 * will be re-signed 'interval' amount of time before they expire.
1274 *
1275 * Requires:
1276 * \li	'zone' to be a valid zone.
1277 */
1278
1279isc_uint32_t
1280dns_zone_getsigresigninginterval(dns_zone_t *zone);
1281/*%<
1282 * Get the zone's RRSIG re-signing interval.
1283 *
1284 * Requires:
1285 * \li	'zone' to be a valid zone.
1286 */
1287
1288void
1289dns_zone_setnotifytype(dns_zone_t *zone, dns_notifytype_t notifytype);
1290/*%<
1291 * Sets zone notify method to "notifytype"
1292 */
1293
1294isc_result_t
1295dns_zone_forwardupdate(dns_zone_t *zone, dns_message_t *msg,
1296		       dns_updatecallback_t callback, void *callback_arg);
1297/*%<
1298 * Forward 'msg' to each master in turn until we get an answer or we
1299 * have exhausted the list of masters. 'callback' will be called with
1300 * ISC_R_SUCCESS if we get an answer and the returned message will be
1301 * passed as 'answer_message', otherwise a non ISC_R_SUCCESS result code
1302 * will be passed and answer_message will be NULL.  The callback function
1303 * is responsible for destroying 'answer_message'.
1304 *		(callback)(callback_arg, result, answer_message);
1305 *
1306 * Require:
1307 *\li	'zone' to be valid
1308 *\li	'msg' to be valid.
1309 *\li	'callback' to be non NULL.
1310 * Returns:
1311 *\li	#ISC_R_SUCCESS if the message has been forwarded,
1312 *\li	#ISC_R_NOMEMORY
1313 *\li	Others
1314 */
1315
1316isc_result_t
1317dns_zone_next(dns_zone_t *zone, dns_zone_t **next);
1318/*%<
1319 * Find the next zone in the list of managed zones.
1320 *
1321 * Requires:
1322 *\li	'zone' to be valid
1323 *\li	The zone manager for the indicated zone MUST be locked
1324 *	by the caller.  This is not checked.
1325 *\li	'next' be non-NULL, and '*next' be NULL.
1326 *
1327 * Ensures:
1328 *\li	'next' points to a valid zone (result ISC_R_SUCCESS) or to NULL
1329 *	(result ISC_R_NOMORE).
1330 */
1331
1332
1333
1334isc_result_t
1335dns_zone_first(dns_zonemgr_t *zmgr, dns_zone_t **first);
1336/*%<
1337 * Find the first zone in the list of managed zones.
1338 *
1339 * Requires:
1340 *\li	'zonemgr' to be valid
1341 *\li	The zone manager for the indicated zone MUST be locked
1342 *	by the caller.  This is not checked.
1343 *\li	'first' be non-NULL, and '*first' be NULL
1344 *
1345 * Ensures:
1346 *\li	'first' points to a valid zone (result ISC_R_SUCCESS) or to NULL
1347 *	(result ISC_R_NOMORE).
1348 */
1349
1350isc_result_t
1351dns_zone_setkeydirectory(dns_zone_t *zone, const char *directory);
1352/*%<
1353 *	Sets the name of the directory where private keys used for
1354 *	online signing of dynamic zones are found.
1355 *
1356 * Require:
1357 *\li	'zone' to be a valid zone.
1358 *
1359 * Returns:
1360 *\li	#ISC_R_NOMEMORY
1361 *\li	#ISC_R_SUCCESS
1362 */
1363
1364const char *
1365dns_zone_getkeydirectory(dns_zone_t *zone);
1366/*%<
1367 * 	Gets the name of the directory where private keys used for
1368 *	online signing of dynamic zones are found.
1369 *
1370 * Requires:
1371 *\li	'zone' to be valid initialised zone.
1372 *
1373 * Returns:
1374 *	Pointer to null-terminated file name, or NULL.
1375 */
1376
1377
1378isc_result_t
1379dns_zonemgr_create(isc_mem_t *mctx, isc_taskmgr_t *taskmgr,
1380		   isc_timermgr_t *timermgr, isc_socketmgr_t *socketmgr,
1381		   dns_zonemgr_t **zmgrp);
1382/*%<
1383 * Create a zone manager.  Note: the zone manager will not be able to
1384 * manage any zones until dns_zonemgr_setsize() has been run.
1385 *
1386 * Requires:
1387 *\li	'mctx' to be a valid memory context.
1388 *\li	'taskmgr' to be a valid task manager.
1389 *\li	'timermgr' to be a valid timer manager.
1390 *\li	'zmgrp'	to point to a NULL pointer.
1391 */
1392
1393isc_result_t
1394dns_zonemgr_setsize(dns_zonemgr_t *zmgr, int num_zones);
1395/*%<
1396 *	Set the size of the zone manager task pool.  This must be run
1397 *	before zmgr can be used for managing zones.  Currently, it can only
1398 *	be run once; the task pool cannot be resized.
1399 *
1400 * Requires:
1401 *\li	zmgr is a valid zone manager.
1402 *\li	zmgr->zonetasks has been initialized.
1403 */
1404
1405isc_result_t
1406dns_zonemgr_managezone(dns_zonemgr_t *zmgr, dns_zone_t *zone);
1407/*%<
1408 *	Bring the zone under control of a zone manager.
1409 *
1410 * Require:
1411 *\li	'zmgr' to be a valid zone manager.
1412 *\li	'zone' to be a valid zone.
1413 */
1414
1415isc_result_t
1416dns_zonemgr_forcemaint(dns_zonemgr_t *zmgr);
1417/*%<
1418 * Force zone maintenance of all zones managed by 'zmgr' at its
1419 * earliest convenience.
1420 */
1421
1422void
1423dns_zonemgr_resumexfrs(dns_zonemgr_t *zmgr);
1424/*%<
1425 * Attempt to start any stalled zone transfers.
1426 */
1427
1428void
1429dns_zonemgr_shutdown(dns_zonemgr_t *zmgr);
1430/*%<
1431 *	Shut down the zone manager.
1432 *
1433 * Requires:
1434 *\li	'zmgr' to be a valid zone manager.
1435 */
1436
1437void
1438dns_zonemgr_attach(dns_zonemgr_t *source, dns_zonemgr_t **target);
1439/*%<
1440 *	Attach '*target' to 'source' incrementing its external
1441 * 	reference count.
1442 *
1443 * Require:
1444 *\li	'zone' to be a valid zone.
1445 *\li	'target' to be non NULL and '*target' to be NULL.
1446 */
1447
1448void
1449dns_zonemgr_detach(dns_zonemgr_t **zmgrp);
1450/*%<
1451 *	 Detach from a zone manager.
1452 *
1453 * Requires:
1454 *\li	'*zmgrp' is a valid, non-NULL zone manager pointer.
1455 *
1456 * Ensures:
1457 *\li	'*zmgrp' is NULL.
1458 */
1459
1460void
1461dns_zonemgr_releasezone(dns_zonemgr_t *zmgr, dns_zone_t *zone);
1462/*%<
1463 *	Release 'zone' from the managed by 'zmgr'.  'zmgr' is implicitly
1464 *	detached from 'zone'.
1465 *
1466 * Requires:
1467 *\li	'zmgr' to be a valid zone manager.
1468 *\li	'zone' to be a valid zone.
1469 *\li	'zmgr' == 'zone->zmgr'
1470 *
1471 * Ensures:
1472 *\li	'zone->zmgr' == NULL;
1473 */
1474
1475void
1476dns_zonemgr_settransfersin(dns_zonemgr_t *zmgr, isc_uint32_t value);
1477/*%<
1478 *	Set the maximum number of simultaneous transfers in allowed by
1479 *	the zone manager.
1480 *
1481 * Requires:
1482 *\li	'zmgr' to be a valid zone manager.
1483 */
1484
1485isc_uint32_t
1486dns_zonemgr_getttransfersin(dns_zonemgr_t *zmgr);
1487/*%<
1488 *	Return the maximum number of simultaneous transfers in allowed.
1489 *
1490 * Requires:
1491 *\li	'zmgr' to be a valid zone manager.
1492 */
1493
1494void
1495dns_zonemgr_settransfersperns(dns_zonemgr_t *zmgr, isc_uint32_t value);
1496/*%<
1497 *	Set the number of zone transfers allowed per nameserver.
1498 *
1499 * Requires:
1500 *\li	'zmgr' to be a valid zone manager
1501 */
1502
1503isc_uint32_t
1504dns_zonemgr_getttransfersperns(dns_zonemgr_t *zmgr);
1505/*%<
1506 *	Return the number of transfers allowed per nameserver.
1507 *
1508 * Requires:
1509 *\li	'zmgr' to be a valid zone manager.
1510 */
1511
1512void
1513dns_zonemgr_setiolimit(dns_zonemgr_t *zmgr, isc_uint32_t iolimit);
1514/*%<
1515 *	Set the number of simultaneous file descriptors available for
1516 *	reading and writing masterfiles.
1517 *
1518 * Requires:
1519 *\li	'zmgr' to be a valid zone manager.
1520 *\li	'iolimit' to be positive.
1521 */
1522
1523isc_uint32_t
1524dns_zonemgr_getiolimit(dns_zonemgr_t *zmgr);
1525/*%<
1526 *	Get the number of simultaneous file descriptors available for
1527 *	reading and writing masterfiles.
1528 *
1529 * Requires:
1530 *\li	'zmgr' to be a valid zone manager.
1531 */
1532
1533void
1534dns_zonemgr_setserialqueryrate(dns_zonemgr_t *zmgr, unsigned int value);
1535/*%<
1536 *	Set the number of SOA queries sent per second.
1537 *
1538 * Requires:
1539 *\li	'zmgr' to be a valid zone manager
1540 */
1541
1542unsigned int
1543dns_zonemgr_getserialqueryrate(dns_zonemgr_t *zmgr);
1544/*%<
1545 *	Return the number of SOA queries sent per second.
1546 *
1547 * Requires:
1548 *\li	'zmgr' to be a valid zone manager.
1549 */
1550
1551unsigned int
1552dns_zonemgr_getcount(dns_zonemgr_t *zmgr, int state);
1553/*%<
1554 *	Returns the number of zones in the specified state.
1555 *
1556 * Requires:
1557 *\li	'zmgr' to be a valid zone manager.
1558 *\li	'state' to be a valid DNS_ZONESTATE_ constant.
1559 */
1560
1561void
1562dns_zonemgr_unreachableadd(dns_zonemgr_t *zmgr, isc_sockaddr_t *remote,
1563			   isc_sockaddr_t *local, isc_time_t *now);
1564/*%<
1565 *	Add the pair of addresses to the unreachable cache.
1566 *
1567 * Requires:
1568 *\li	'zmgr' to be a valid zone manager.
1569 *\li	'remote' to be a valid sockaddr.
1570 *\li	'local' to be a valid sockaddr.
1571 */
1572
1573isc_boolean_t
1574dns_zonemgr_unreachable(dns_zonemgr_t *zmgr, isc_sockaddr_t *remote,
1575			isc_sockaddr_t *local, isc_time_t *now);
1576/*%<
1577 *	Returns ISC_TRUE if the given local/remote address pair
1578 *	is found in the zone maanger's unreachable cache.
1579 *
1580 * Requires:
1581 *\li	'zmgr' to be a valid zone manager.
1582 *\li	'remote' to be a valid sockaddr.
1583 *\li	'local' to be a valid sockaddr.
1584 *\li	'now' != NULL
1585 */
1586
1587void
1588dns_zonemgr_unreachabledel(dns_zonemgr_t *zmgr, isc_sockaddr_t *remote,
1589			   isc_sockaddr_t *local);
1590/*%<
1591 *	Remove the pair of addresses from the unreachable cache.
1592 *
1593 * Requires:
1594 *\li	'zmgr' to be a valid zone manager.
1595 *\li	'remote' to be a valid sockaddr.
1596 *\li	'local' to be a valid sockaddr.
1597 */
1598
1599void
1600dns_zone_forcereload(dns_zone_t *zone);
1601/*%<
1602 *      Force a reload of specified zone.
1603 *
1604 * Requires:
1605 *\li      'zone' to be a valid zone.
1606 */
1607
1608isc_boolean_t
1609dns_zone_isforced(dns_zone_t *zone);
1610/*%<
1611 *      Check if the zone is waiting a forced reload.
1612 *
1613 * Requires:
1614 * \li     'zone' to be a valid zone.
1615 */
1616
1617isc_result_t
1618dns_zone_setstatistics(dns_zone_t *zone, isc_boolean_t on);
1619/*%<
1620 * This function is obsoleted by dns_zone_setrequeststats().
1621 */
1622
1623isc_uint64_t *
1624dns_zone_getstatscounters(dns_zone_t *zone);
1625/*%<
1626 * This function is obsoleted by dns_zone_getrequeststats().
1627 */
1628
1629void
1630dns_zone_setstats(dns_zone_t *zone, isc_stats_t *stats);
1631/*%<
1632 * Set a general zone-maintenance statistics set 'stats' for 'zone'.  This
1633 * function is expected to be called only on zone creation (when necessary).
1634 * Once installed, it cannot be removed or replaced.  Also, there is no
1635 * interface to get the installed stats from the zone; the caller must keep the
1636 * stats to reference (e.g. dump) it later.
1637 *
1638 * Requires:
1639 * \li	'zone' to be a valid zone and does not have a statistics set already
1640 *	installed.
1641 *
1642 *\li	stats is a valid statistics supporting zone statistics counters
1643 *	(see dns/stats.h).
1644 */
1645
1646void
1647dns_zone_setrequeststats(dns_zone_t *zone, isc_stats_t *stats);
1648/*%<
1649 * Set an additional statistics set to zone.  It is attached in the zone
1650 * but is not counted in the zone module; only the caller updates the counters.
1651 *
1652 * Requires:
1653 * \li	'zone' to be a valid zone.
1654 *
1655 *\li	stats is a valid statistics.
1656 */
1657
1658isc_stats_t *
1659dns_zone_getrequeststats(dns_zone_t *zone);
1660/*%<
1661 * Get the additional statistics for zone, if one is installed.
1662 *
1663 * Requires:
1664 * \li	'zone' to be a valid zone.
1665 *
1666 * Returns:
1667 * \li	when available, a pointer to the statistics set installed in zone;
1668 *	otherwise NULL.
1669 */
1670
1671void
1672dns_zone_dialup(dns_zone_t *zone);
1673/*%<
1674 * Perform dialup-time maintenance on 'zone'.
1675 */
1676
1677void
1678dns_zone_setdialup(dns_zone_t *zone, dns_dialuptype_t dialup);
1679/*%<
1680 * Set the dialup type of 'zone' to 'dialup'.
1681 *
1682 * Requires:
1683 * \li	'zone' to be valid initialised zone.
1684 *\li	'dialup' to be a valid dialup type.
1685 */
1686
1687void
1688dns_zone_log(dns_zone_t *zone, int level, const char *msg, ...)
1689	ISC_FORMAT_PRINTF(3, 4);
1690/*%<
1691 * Log the message 'msg...' at 'level', including text that identifies
1692 * the message as applying to 'zone'.
1693 */
1694
1695void
1696dns_zone_logc(dns_zone_t *zone, isc_logcategory_t *category, int level,
1697	      const char *msg, ...) ISC_FORMAT_PRINTF(4, 5);
1698/*%<
1699 * Log the message 'msg...' at 'level', including text that identifies
1700 * the message as applying to 'zone'.
1701 */
1702
1703void
1704dns_zone_name(dns_zone_t *zone, char *buf, size_t len);
1705/*%<
1706 * Return the name of the zone with class and view.
1707 *
1708 * Requires:
1709 *\li	'zone' to be valid.
1710 *\li	'buf' to be non NULL.
1711 */
1712
1713isc_result_t
1714dns_zone_checknames(dns_zone_t *zone, dns_name_t *name, dns_rdata_t *rdata);
1715/*%<
1716 * Check if this record meets the check-names policy.
1717 *
1718 * Requires:
1719 *	'zone' to be valid.
1720 *	'name' to be valid.
1721 *	'rdata' to be valid.
1722 *
1723 * Returns:
1724 *	DNS_R_SUCCESS		passed checks.
1725 *	DNS_R_BADOWNERNAME	failed ownername checks.
1726 *	DNS_R_BADNAME		failed rdata checks.
1727 */
1728
1729void
1730dns_zone_setacache(dns_zone_t *zone, dns_acache_t *acache);
1731/*%<
1732 *	Associate the zone with an additional cache.
1733 *
1734 * Require:
1735 *	'zone' to be a valid zone.
1736 *	'acache' to be a non NULL pointer.
1737 *
1738 * Ensures:
1739 *	'zone' will have a reference to 'acache'
1740 */
1741
1742void
1743dns_zone_setcheckmx(dns_zone_t *zone, dns_checkmxfunc_t checkmx);
1744/*%<
1745 *	Set the post load integrity callback function 'checkmx'.
1746 *	'checkmx' will be called if the MX TARGET is not within the zone.
1747 *
1748 * Require:
1749 *	'zone' to be a valid zone.
1750 */
1751
1752void
1753dns_zone_setchecksrv(dns_zone_t *zone, dns_checkmxfunc_t checksrv);
1754/*%<
1755 *	Set the post load integrity callback function 'checksrv'.
1756 *	'checksrv' will be called if the SRV TARGET is not within the zone.
1757 *
1758 * Require:
1759 *	'zone' to be a valid zone.
1760 */
1761
1762void
1763dns_zone_setcheckns(dns_zone_t *zone, dns_checknsfunc_t checkns);
1764/*%<
1765 *	Set the post load integrity callback function 'checkns'.
1766 *	'checkns' will be called if the NS TARGET is not within the zone.
1767 *
1768 * Require:
1769 *	'zone' to be a valid zone.
1770 */
1771
1772void
1773dns_zone_setnotifydelay(dns_zone_t *zone, isc_uint32_t delay);
1774/*%<
1775 * Set the minimum delay between sets of notify messages.
1776 *
1777 * Requires:
1778 *	'zone' to be valid.
1779 */
1780
1781isc_uint32_t
1782dns_zone_getnotifydelay(dns_zone_t *zone);
1783/*%<
1784 * Get the minimum delay between sets of notify messages.
1785 *
1786 * Requires:
1787 *	'zone' to be valid.
1788 */
1789
1790void
1791dns_zone_setisself(dns_zone_t *zone, dns_isselffunc_t isself, void *arg);
1792/*%<
1793 * Set the isself callback function and argument.
1794 *
1795 * isc_boolean_t
1796 * isself(dns_view_t *myview, dns_tsigkey_t *mykey, isc_netaddr_t *srcaddr,
1797 *	  isc_netaddr_t *destaddr, dns_rdataclass_t rdclass, void *arg);
1798 *
1799 * 'isself' returns ISC_TRUE if a non-recursive query from 'srcaddr' to
1800 * 'destaddr' with optional key 'mykey' for class 'rdclass' would be
1801 * delivered to 'myview'.
1802 */
1803
1804void
1805dns_zone_setnodes(dns_zone_t *zone, isc_uint32_t nodes);
1806/*%<
1807 * Set the number of nodes that will be checked per quantum.
1808 */
1809
1810void
1811dns_zone_setsignatures(dns_zone_t *zone, isc_uint32_t signatures);
1812/*%<
1813 * Set the number of signatures that will be generated per quantum.
1814 */
1815
1816isc_result_t
1817dns_zone_signwithkey(dns_zone_t *zone, dns_secalg_t algorithm,
1818		     isc_uint16_t keyid, isc_boolean_t delete);
1819/*%<
1820 * Initiate/resume signing of the entire zone with the zone DNSKEY(s)
1821 * that match the given algorithm and keyid.
1822 */
1823
1824isc_result_t
1825dns_zone_addnsec3chain(dns_zone_t *zone, dns_rdata_nsec3param_t *nsec3param);
1826/*%<
1827 * Incrementally add a NSEC3 chain that corresponds to 'nsec3param'.
1828 */
1829
1830void
1831dns_zone_setprivatetype(dns_zone_t *zone, dns_rdatatype_t type);
1832dns_rdatatype_t
1833dns_zone_getprivatetype(dns_zone_t *zone);
1834/*
1835 * Get/Set the private record type.  It is expected that these interfaces
1836 * will not be permanent.
1837 */
1838
1839void
1840dns_zone_rekey(dns_zone_t *zone, isc_boolean_t fullsign);
1841/*%<
1842 * Update the zone's DNSKEY set from the key repository.
1843 *
1844 * If 'fullsign' is true, trigger an immediate full signing of
1845 * the zone with the new key.  Otherwise, if there are no keys or
1846 * if the new keys are for algorithms that have already signed the
1847 * zone, then the zone can be re-signed incrementally.
1848 */
1849
1850isc_result_t
1851dns_zone_nscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version,
1852		 unsigned int *errors);
1853/*%
1854 * Check if the name servers for the zone are sane (have address, don't
1855 * refer to CNAMEs/DNAMEs.  The number of constiancy errors detected in
1856 * returned in '*errors'
1857 *
1858 * Requires:
1859 * \li	'zone' to be valid.
1860 * \li	'db' to be valid.
1861 * \li	'version' to be valid or NULL.
1862 * \li	'errors' to be non NULL.
1863 *
1864 * Returns:
1865 * 	ISC_R_SUCCESS if there were no errors examining the zone contents.
1866 */
1867
1868void
1869dns_zone_setadded(dns_zone_t *zone, isc_boolean_t added);
1870/*%
1871 * Sets the value of zone->added, which should be ISC_TRUE for
1872 * zones that were originally added by "rndc addzone".
1873 *
1874 * Requires:
1875 * \li	'zone' to be valid.
1876 */
1877
1878isc_boolean_t
1879dns_zone_getadded(dns_zone_t *zone);
1880/*%
1881 * Returns ISC_TRUE if the zone was originally added at runtime
1882 * using "rndc addzone".
1883 *
1884 * Requires:
1885 * \li	'zone' to be valid.
1886 */
1887
1888isc_result_t
1889dns_zone_dlzpostload(dns_zone_t *zone, dns_db_t *db);
1890/*%
1891 * Load the origin names for a writeable DLZ database.
1892 */
1893
1894isc_result_t
1895dns_zone_synckeyzone(dns_zone_t *zone);
1896/*%
1897 * Force the managed key zone to synchronize, and start the key
1898 * maintenance timer.
1899 */
1900
1901ISC_LANG_ENDDECLS
1902
1903#endif /* DNS_ZONE_H */