2 * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC")
3 * Copyright (C) 1999-2003 Internet Software Consortium.
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15 * PERFORMANCE OF THIS SOFTWARE.
18 /* $Id: zone.h,v 1.174.4.4 2010/08/16 22:27:18 marka Exp $ */
23 /*! \file dns/zone.h */
31 #include <isc/formatcheck.h>
33 #include <isc/rwlock.h>
35 #include <dns/masterdump.h>
36 #include <dns/rdatastruct.h>
37 #include <dns/types.h>
47 #define DNS_ZONEOPT_SERVERS 0x00000001U /*%< perform server checks */
48 #define DNS_ZONEOPT_PARENTS 0x00000002U /*%< perform parent checks */
49 #define DNS_ZONEOPT_CHILDREN 0x00000004U /*%< perform child checks */
50 #define DNS_ZONEOPT_NOTIFY 0x00000008U /*%< perform NOTIFY */
51 #define DNS_ZONEOPT_MANYERRORS 0x00000010U /*%< return many errors on load */
52 #define DNS_ZONEOPT_IXFRFROMDIFFS 0x00000020U /*%< calculate differences */
53 #define DNS_ZONEOPT_NOMERGE 0x00000040U /*%< don't merge journal */
54 #define DNS_ZONEOPT_CHECKNS 0x00000080U /*%< check if NS's are addresses */
55 #define DNS_ZONEOPT_FATALNS 0x00000100U /*%< DNS_ZONEOPT_CHECKNS is fatal */
56 #define DNS_ZONEOPT_MULTIMASTER 0x00000200U /*%< this zone has multiple masters */
57 #define DNS_ZONEOPT_USEALTXFRSRC 0x00000400U /*%< use alternate transfer sources */
58 #define DNS_ZONEOPT_CHECKNAMES 0x00000800U /*%< check-names */
59 #define DNS_ZONEOPT_CHECKNAMESFAIL 0x00001000U /*%< fatal check-name failures */
60 #define DNS_ZONEOPT_CHECKWILDCARD 0x00002000U /*%< check for internal wildcards */
61 #define DNS_ZONEOPT_CHECKMX 0x00004000U /*%< check-mx */
62 #define DNS_ZONEOPT_CHECKMXFAIL 0x00008000U /*%< fatal check-mx failures */
63 #define DNS_ZONEOPT_CHECKINTEGRITY 0x00010000U /*%< perform integrity checks */
64 #define DNS_ZONEOPT_CHECKSIBLING 0x00020000U /*%< perform sibling glue checks */
65 #define DNS_ZONEOPT_NOCHECKNS 0x00040000U /*%< disable IN NS address checks */
66 #define DNS_ZONEOPT_WARNMXCNAME 0x00080000U /*%< warn on MX CNAME check */
67 #define DNS_ZONEOPT_IGNOREMXCNAME 0x00100000U /*%< ignore MX CNAME check */
68 #define DNS_ZONEOPT_WARNSRVCNAME 0x00200000U /*%< warn on SRV CNAME check */
69 #define DNS_ZONEOPT_IGNORESRVCNAME 0x00400000U /*%< ignore SRV CNAME check */
70 #define DNS_ZONEOPT_UPDATECHECKKSK 0x00800000U /*%< check dnskey KSK flag */
71 #define DNS_ZONEOPT_TRYTCPREFRESH 0x01000000U /*%< try tcp refresh on udp failure */
72 #define DNS_ZONEOPT_NOTIFYTOSOA 0x02000000U /*%< Notify the SOA MNAME */
73 #define DNS_ZONEOPT_NSEC3TESTZONE 0x04000000U /*%< nsec3-test-zone */
74 #define DNS_ZONEOPT_SECURETOINSECURE 0x08000000U /*%< dnssec-secure-to-insecure */
75 #define DNS_ZONEOPT_DNSKEYKSKONLY 0x10000000U /*%< dnssec-dnskey-kskonly */
76 #define DNS_ZONEOPT_CHECKDUPRR 0x20000000U /*%< check-dup-records */
77 #define DNS_ZONEOPT_CHECKDUPRRFAIL 0x40000000U /*%< fatal check-dup-records failures */
79 #ifndef NOMINUM_PUBLIC
81 * Nominum specific options build down.
83 #define DNS_ZONEOPT_NOTIFYFORWARD 0x80000000U /* forward notify to master */
84 #endif /* NOMINUM_PUBLIC */
87 * Zone key maintenance options
89 #define DNS_ZONEKEY_ALLOW 0x00000001U /*%< fetch keys on command */
90 #define DNS_ZONEKEY_MAINTAIN 0x00000002U /*%< publish/sign on schedule */
91 #define DNS_ZONEKEY_CREATE 0x00000004U /*%< make keys when needed */
92 #define DNS_ZONEKEY_FULLSIGN 0x00000008U /*%< roll to new keys immediately */
94 #ifndef DNS_ZONE_MINREFRESH
95 #define DNS_ZONE_MINREFRESH 300 /*%< 5 minutes */
97 #ifndef DNS_ZONE_MAXREFRESH
98 #define DNS_ZONE_MAXREFRESH 2419200 /*%< 4 weeks */
100 #ifndef DNS_ZONE_DEFAULTREFRESH
101 #define DNS_ZONE_DEFAULTREFRESH 3600 /*%< 1 hour */
103 #ifndef DNS_ZONE_MINRETRY
104 #define DNS_ZONE_MINRETRY 300 /*%< 5 minutes */
106 #ifndef DNS_ZONE_MAXRETRY
107 #define DNS_ZONE_MAXRETRY 1209600 /*%< 2 weeks */
109 #ifndef DNS_ZONE_DEFAULTRETRY
110 #define DNS_ZONE_DEFAULTRETRY 60 /*%< 1 minute, subject to
111 exponential backoff */
114 #define DNS_ZONESTATE_XFERRUNNING 1
115 #define DNS_ZONESTATE_XFERDEFERRED 2
116 #define DNS_ZONESTATE_SOAQUERY 3
117 #define DNS_ZONESTATE_ANY 4
126 dns_zone_create(dns_zone_t **zonep, isc_mem_t *mctx);
128 * Creates a new empty zone and attach '*zonep' to it.
131 *\li 'zonep' to point to a NULL pointer.
132 *\li 'mctx' to be a valid memory context.
135 *\li '*zonep' refers to a valid zone.
140 *\li #ISC_R_UNEXPECTED
144 dns_zone_setclass(dns_zone_t *zone, dns_rdataclass_t rdclass);
146 * Sets the class of a zone. This operation can only be performed
150 *\li 'zone' to be a valid zone.
151 *\li dns_zone_setclass() not to have been called since the zone was
153 *\li 'rdclass' != dns_rdataclass_none.
157 dns_zone_getclass(dns_zone_t *zone);
159 * Returns the current zone class.
162 *\li 'zone' to be a valid zone.
166 dns_zone_getserial2(dns_zone_t *zone, isc_uint32_t *serialp);
169 dns_zone_getserial(dns_zone_t *zone);
171 * Returns the current serial number of the zone. On success, the SOA
172 * serial of the zone will be copied into '*serialp'.
173 * dns_zone_getserial() cannot catch failure cases and is deprecated by
174 * dns_zone_getserial2().
177 *\li 'zone' to be a valid zone.
178 *\li 'serialp' to be non NULL
182 *\li #DNS_R_NOTLOADED zone DB is not loaded
186 dns_zone_settype(dns_zone_t *zone, dns_zonetype_t type);
188 * Sets the zone type. This operation can only be performed once on
192 *\li 'zone' to be a valid zone.
193 *\li dns_zone_settype() not to have been called since the zone was
195 *\li 'type' != dns_zone_none
199 dns_zone_setview(dns_zone_t *zone, dns_view_t *view);
201 * Associate the zone with a view.
204 *\li 'zone' to be a valid zone.
208 dns_zone_getview(dns_zone_t *zone);
210 * Returns the zone's associated view.
213 *\li 'zone' to be a valid zone.
217 dns_zone_setorigin(dns_zone_t *zone, const dns_name_t *origin);
219 * Sets the zones origin to 'origin'.
222 *\li 'zone' to be a valid zone.
223 *\li 'origin' to be non NULL.
231 dns_zone_getorigin(dns_zone_t *zone);
233 * Returns the value of the origin.
236 *\li 'zone' to be a valid zone.
240 dns_zone_setfile(dns_zone_t *zone, const char *file);
243 dns_zone_setfile2(dns_zone_t *zone, const char *file,
244 dns_masterformat_t format);
246 * Sets the name of the master file in the format of 'format' from which
247 * the zone loads its database to 'file'.
249 * For zones that have no associated master file, 'file' will be NULL.
251 * For zones with persistent databases, the file name
252 * setting is ignored.
254 * dns_zone_setfile() is a backward-compatible form of
255 * dns_zone_setfile2(), which always specifies the
256 * dns_masterformat_text (RFC1035) format.
259 *\li 'zone' to be a valid zone.
267 dns_zone_getfile(dns_zone_t *zone);
269 * Gets the name of the zone's master file, if any.
272 *\li 'zone' to be valid initialised zone.
275 *\li Pointer to null-terminated file name, or NULL.
279 dns_zone_load(dns_zone_t *zone);
282 dns_zone_loadnew(dns_zone_t *zone);
285 dns_zone_loadandthaw(dns_zone_t *zone);
287 * Cause the database to be loaded from its backing store.
288 * Confirm that the minimum requirements for the zone type are
289 * met, otherwise DNS_R_BADZONE is returned.
291 * dns_zone_loadnew() only loads zones that are not yet loaded.
292 * dns_zone_load() also loads zones that are already loaded and
293 * and whose master file has changed since the last load.
294 * dns_zone_loadandthaw() is similar to dns_zone_load() but will
295 * also re-enable DNS UPDATEs when the load completes.
298 *\li 'zone' to be a valid zone.
301 *\li #ISC_R_UNEXPECTED
303 *\li DNS_R_CONTINUE Incremental load has been queued.
304 *\li DNS_R_UPTODATE The zone has already been loaded based on
305 * file system timestamps.
307 *\li Any result value from dns_db_load().
311 dns_zone_attach(dns_zone_t *source, dns_zone_t **target);
313 * Attach '*target' to 'source' incrementing its external
317 *\li 'zone' to be a valid zone.
318 *\li 'target' to be non NULL and '*target' to be NULL.
322 dns_zone_detach(dns_zone_t **zonep);
324 * Detach from a zone decrementing its external reference count.
325 * If this was the last external reference to the zone it will be
326 * shut down and eventually freed.
329 *\li 'zonep' to point to a valid zone.
333 dns_zone_iattach(dns_zone_t *source, dns_zone_t **target);
335 * Attach '*target' to 'source' incrementing its internal
336 * reference count. This is intended for use by operations
337 * such as zone transfers that need to prevent the zone
338 * object from being freed but not from shutting down.
341 *\li The caller is running in the context of the zone's task.
342 *\li 'zone' to be a valid zone.
343 *\li 'target' to be non NULL and '*target' to be NULL.
347 dns_zone_idetach(dns_zone_t **zonep);
349 * Detach from a zone decrementing its internal reference count.
350 * If there are no more internal or external references to the
351 * zone, it will be freed.
354 *\li The caller is running in the context of the zone's task.
355 *\li 'zonep' to point to a valid zone.
359 dns_zone_setflag(dns_zone_t *zone, unsigned int flags, isc_boolean_t value);
361 * Sets ('value' == 'ISC_TRUE') / clears ('value' == 'IS_FALSE')
362 * zone flags. Valid flag bits are DNS_ZONE_F_*.
365 *\li 'zone' to be a valid zone.
369 dns_zone_getdb(dns_zone_t *zone, dns_db_t **dbp);
371 * Attach '*dbp' to the database to if it exists otherwise
372 * return DNS_R_NOTLOADED.
375 *\li 'zone' to be a valid zone.
376 *\li 'dbp' to be != NULL && '*dbp' == NULL.
384 dns_zone_setdbtype(dns_zone_t *zone,
385 unsigned int dbargc, const char * const *dbargv);
387 * Sets the database type to dbargv[0] and database arguments
388 * to subsequent dbargv elements.
389 * 'db_type' is not checked to see if it is a valid database type.
392 *\li 'zone' to be a valid zone.
393 *\li 'database' to be non NULL.
394 *\li 'dbargc' to be >= 1
395 *\li 'dbargv' to point to dbargc NULL-terminated strings
403 dns_zone_getdbtype(dns_zone_t *zone, char ***argv, isc_mem_t *mctx);
405 * Returns the current dbtype. isc_mem_free() should be used
406 * to free 'argv' after use.
409 *\li 'zone' to be a valid zone.
410 *\li 'argv' to be non NULL and *argv to be NULL.
411 *\li 'mctx' to be valid.
419 dns_zone_markdirty(dns_zone_t *zone);
421 * Mark a zone as 'dirty'.
424 *\li 'zone' to be a valid zone.
428 dns_zone_expire(dns_zone_t *zone);
430 * Mark the zone as expired. If the zone requires dumping cause it to
431 * be initiated. Set the refresh and retry intervals to there default
432 * values and unload the zone.
435 *\li 'zone' to be a valid zone.
439 dns_zone_refresh(dns_zone_t *zone);
441 * Initiate zone up to date checks. The zone must already be being
445 *\li 'zone' to be a valid zone.
449 dns_zone_flush(dns_zone_t *zone);
451 * Write the zone to database if there are uncommitted changes.
454 *\li 'zone' to be a valid zone.
458 dns_zone_dump(dns_zone_t *zone);
460 * Write the zone to database.
463 *\li 'zone' to be a valid zone.
467 dns_zone_dumptostream(dns_zone_t *zone, FILE *fd);
470 dns_zone_dumptostream2(dns_zone_t *zone, FILE *fd, dns_masterformat_t format,
471 const dns_master_style_t *style);
473 * Write the zone to stream 'fd' in the specified 'format'.
474 * If the 'format' is dns_masterformat_text (RFC1035), 'style' also
475 * specifies the file style (e.g., &dns_master_style_default).
477 * dns_zone_dumptostream() is a backward-compatible form of
478 * dns_zone_dumptostream2(), which always uses the dns_masterformat_text
479 * format and the dns_master_style_default style.
481 * Note that dns_zone_dumptostream2() is the most flexible form. It
482 * can also provide the functionality of dns_zone_fulldumptostream().
485 *\li 'zone' to be a valid zone.
486 *\li 'fd' to be a stream open for writing.
490 dns_zone_fulldumptostream(dns_zone_t *zone, FILE *fd);
492 * The same as dns_zone_dumptostream, but dumps the zone with
493 * different dump settings (dns_master_style_full).
496 *\li 'zone' to be a valid zone.
497 *\li 'fd' to be a stream open for writing.
501 dns_zone_maintenance(dns_zone_t *zone);
503 * Perform regular maintenance on the zone. This is called as a
504 * result of a zone being managed.
507 *\li 'zone' to be a valid zone.
511 dns_zone_setmasters(dns_zone_t *zone, const isc_sockaddr_t *masters,
514 dns_zone_setmasterswithkeys(dns_zone_t *zone,
515 const isc_sockaddr_t *masters,
516 dns_name_t **keynames,
519 * Set the list of master servers for the zone.
522 *\li 'zone' to be a valid zone.
523 *\li 'masters' array of isc_sockaddr_t with port set or NULL.
524 *\li 'count' the number of masters.
525 *\li 'keynames' array of dns_name_t's for tsig keys or NULL.
527 * \li dns_zone_setmasters() is just a wrapper to setmasterswithkeys(),
528 * passing NULL in the keynames field.
530 * \li If 'masters' is NULL then 'count' must be zero.
535 *\li Any result dns_name_dup() can return, if keynames!=NULL
539 dns_zone_setalsonotify(dns_zone_t *zone, const isc_sockaddr_t *notify,
542 * Set the list of additional servers to be notified when
543 * a zone changes. To clear the list use 'count = 0'.
546 *\li 'zone' to be a valid zone.
547 *\li 'notify' to be non-NULL if count != 0.
548 *\li 'count' to be the number of notifiees.
556 dns_zone_unload(dns_zone_t *zone);
558 * detach the database from the zone structure.
561 *\li 'zone' to be a valid zone.
565 dns_zone_setoption(dns_zone_t *zone, unsigned int option, isc_boolean_t value);
567 * Set given options on ('value' == ISC_TRUE) or off ('value' ==
571 *\li 'zone' to be a valid zone.
575 dns_zone_getoptions(dns_zone_t *zone);
577 * Returns the current zone options.
580 *\li 'zone' to be a valid zone.
584 dns_zone_setkeyopt(dns_zone_t *zone, unsigned int option, isc_boolean_t value);
586 * Set key options on ('value' == ISC_TRUE) or off ('value' ==
590 *\li 'zone' to be a valid zone.
594 dns_zone_getkeyopts(dns_zone_t *zone);
596 * Returns the current zone key options.
599 *\li 'zone' to be a valid zone.
603 dns_zone_setminrefreshtime(dns_zone_t *zone, isc_uint32_t val);
605 * Set the minimum refresh time.
608 *\li 'zone' is valid.
613 dns_zone_setmaxrefreshtime(dns_zone_t *zone, isc_uint32_t val);
615 * Set the maximum refresh time.
618 *\li 'zone' is valid.
623 dns_zone_setminretrytime(dns_zone_t *zone, isc_uint32_t val);
625 * Set the minimum retry time.
628 *\li 'zone' is valid.
633 dns_zone_setmaxretrytime(dns_zone_t *zone, isc_uint32_t val);
635 * Set the maximum retry time.
638 *\li 'zone' is valid.
643 dns_zone_setxfrsource4(dns_zone_t *zone, const isc_sockaddr_t *xfrsource);
645 dns_zone_setaltxfrsource4(dns_zone_t *zone,
646 const isc_sockaddr_t *xfrsource);
648 * Set the source address to be used in IPv4 zone transfers.
651 *\li 'zone' to be a valid zone.
652 *\li 'xfrsource' to contain the address.
659 dns_zone_getxfrsource4(dns_zone_t *zone);
661 dns_zone_getaltxfrsource4(dns_zone_t *zone);
663 * Returns the source address set by a previous dns_zone_setxfrsource4
664 * call, or the default of inaddr_any, port 0.
667 *\li 'zone' to be a valid zone.
671 dns_zone_setxfrsource6(dns_zone_t *zone, const isc_sockaddr_t *xfrsource);
673 dns_zone_setaltxfrsource6(dns_zone_t *zone,
674 const isc_sockaddr_t *xfrsource);
676 * Set the source address to be used in IPv6 zone transfers.
679 *\li 'zone' to be a valid zone.
680 *\li 'xfrsource' to contain the address.
687 dns_zone_getxfrsource6(dns_zone_t *zone);
689 dns_zone_getaltxfrsource6(dns_zone_t *zone);
691 * Returns the source address set by a previous dns_zone_setxfrsource6
692 * call, or the default of in6addr_any, port 0.
695 *\li 'zone' to be a valid zone.
699 dns_zone_setnotifysrc4(dns_zone_t *zone, const isc_sockaddr_t *notifysrc);
701 * Set the source address to be used with IPv4 NOTIFY messages.
704 *\li 'zone' to be a valid zone.
705 *\li 'notifysrc' to contain the address.
712 dns_zone_getnotifysrc4(dns_zone_t *zone);
714 * Returns the source address set by a previous dns_zone_setnotifysrc4
715 * call, or the default of inaddr_any, port 0.
718 *\li 'zone' to be a valid zone.
722 dns_zone_setnotifysrc6(dns_zone_t *zone, const isc_sockaddr_t *notifysrc);
724 * Set the source address to be used with IPv6 NOTIFY messages.
727 *\li 'zone' to be a valid zone.
728 *\li 'notifysrc' to contain the address.
735 dns_zone_getnotifysrc6(dns_zone_t *zone);
737 * Returns the source address set by a previous dns_zone_setnotifysrc6
738 * call, or the default of in6addr_any, port 0.
741 *\li 'zone' to be a valid zone.
745 dns_zone_setnotifyacl(dns_zone_t *zone, dns_acl_t *acl);
747 * Sets the notify acl list for the zone.
750 *\li 'zone' to be a valid zone.
751 *\li 'acl' to be a valid acl.
755 dns_zone_setqueryacl(dns_zone_t *zone, dns_acl_t *acl);
757 * Sets the query acl list for the zone.
760 *\li 'zone' to be a valid zone.
761 *\li 'acl' to be a valid acl.
765 dns_zone_setqueryonacl(dns_zone_t *zone, dns_acl_t *acl);
767 * Sets the query-on acl list for the zone.
770 *\li 'zone' to be a valid zone.
771 *\li 'acl' to be a valid acl.
775 dns_zone_setupdateacl(dns_zone_t *zone, dns_acl_t *acl);
777 * Sets the update acl list for the zone.
780 *\li 'zone' to be a valid zone.
781 *\li 'acl' to be valid acl.
785 dns_zone_setforwardacl(dns_zone_t *zone, dns_acl_t *acl);
787 * Sets the forward unsigned updates acl list for the zone.
790 *\li 'zone' to be a valid zone.
791 *\li 'acl' to be valid acl.
795 dns_zone_setxfracl(dns_zone_t *zone, dns_acl_t *acl);
797 * Sets the transfer acl list for the zone.
800 *\li 'zone' to be a valid zone.
801 *\li 'acl' to be valid acl.
805 dns_zone_getnotifyacl(dns_zone_t *zone);
807 * Returns the current notify acl or NULL.
810 *\li 'zone' to be a valid zone.
813 *\li acl a pointer to the acl.
818 dns_zone_getqueryacl(dns_zone_t *zone);
820 * Returns the current query acl or NULL.
823 *\li 'zone' to be a valid zone.
826 *\li acl a pointer to the acl.
831 dns_zone_getqueryonacl(dns_zone_t *zone);
833 * Returns the current query-on acl or NULL.
836 *\li 'zone' to be a valid zone.
839 *\li acl a pointer to the acl.
844 dns_zone_getupdateacl(dns_zone_t *zone);
846 * Returns the current update acl or NULL.
849 *\li 'zone' to be a valid zone.
852 *\li acl a pointer to the acl.
857 dns_zone_getforwardacl(dns_zone_t *zone);
859 * Returns the current forward unsigned updates acl or NULL.
862 *\li 'zone' to be a valid zone.
865 *\li acl a pointer to the acl.
870 dns_zone_getxfracl(dns_zone_t *zone);
872 * Returns the current transfer acl or NULL.
875 *\li 'zone' to be a valid zone.
878 *\li acl a pointer to the acl.
883 dns_zone_clearupdateacl(dns_zone_t *zone);
885 * Clear the current update acl.
888 *\li 'zone' to be a valid zone.
892 dns_zone_clearforwardacl(dns_zone_t *zone);
894 * Clear the current forward unsigned updates acl.
897 *\li 'zone' to be a valid zone.
901 dns_zone_clearnotifyacl(dns_zone_t *zone);
903 * Clear the current notify acl.
906 *\li 'zone' to be a valid zone.
910 dns_zone_clearqueryacl(dns_zone_t *zone);
912 * Clear the current query acl.
915 *\li 'zone' to be a valid zone.
919 dns_zone_clearqueryonacl(dns_zone_t *zone);
921 * Clear the current query-on acl.
924 *\li 'zone' to be a valid zone.
928 dns_zone_clearxfracl(dns_zone_t *zone);
930 * Clear the current transfer acl.
933 *\li 'zone' to be a valid zone.
937 dns_zone_getupdatedisabled(dns_zone_t *zone);
939 * Return update disabled.
940 * Transient unless called when running in isc_task_exclusive() mode.
944 dns_zone_setupdatedisabled(dns_zone_t *zone, isc_boolean_t state);
946 * Set update disabled.
947 * Should only be called only when running in isc_task_exclusive() mode.
948 * Failure to do so may result in updates being committed after the
949 * call has been made.
953 dns_zone_getzeronosoattl(dns_zone_t *zone);
955 * Return zero-no-soa-ttl status.
959 dns_zone_setzeronosoattl(dns_zone_t *zone, isc_boolean_t state);
961 * Set zero-no-soa-ttl status.
965 dns_zone_setchecknames(dns_zone_t *zone, dns_severity_t severity);
967 * Set the severity of name checking when loading a zone.
970 * \li 'zone' to be a valid zone.
974 dns_zone_getchecknames(dns_zone_t *zone);
976 * Return the current severity of name checking.
979 *\li 'zone' to be a valid zone.
983 dns_zone_setjournalsize(dns_zone_t *zone, isc_int32_t size);
985 * Sets the journal size for the zone.
988 *\li 'zone' to be a valid zone.
992 dns_zone_getjournalsize(dns_zone_t *zone);
994 * Return the journal size as set with a previous call to
995 * dns_zone_setjournalsize().
998 *\li 'zone' to be a valid zone.
1002 dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from,
1003 dns_message_t *msg);
1005 * Tell the zone that it has received a NOTIFY message from another
1006 * server. This may cause some zone maintenance activity to occur.
1009 *\li 'zone' to be a valid zone.
1010 *\li '*from' to contain the address of the server from which 'msg'
1012 *\li 'msg' a message with opcode NOTIFY and qr clear.
1022 dns_zone_setmaxxfrin(dns_zone_t *zone, isc_uint32_t maxxfrin);
1024 * Set the maximum time (in seconds) that a zone transfer in (AXFR/IXFR)
1025 * of this zone will use before being aborted.
1028 * \li 'zone' to be valid initialised zone.
1032 dns_zone_getmaxxfrin(dns_zone_t *zone);
1034 * Returns the maximum transfer time for this zone. This will be
1035 * either the value set by the last call to dns_zone_setmaxxfrin() or
1036 * the default value of 1 hour.
1039 *\li 'zone' to be valid initialised zone.
1043 dns_zone_setmaxxfrout(dns_zone_t *zone, isc_uint32_t maxxfrout);
1045 * Set the maximum time (in seconds) that a zone transfer out (AXFR/IXFR)
1046 * of this zone will use before being aborted.
1049 * \li 'zone' to be valid initialised zone.
1053 dns_zone_getmaxxfrout(dns_zone_t *zone);
1055 * Returns the maximum transfer time for this zone. This will be
1056 * either the value set by the last call to dns_zone_setmaxxfrout() or
1057 * the default value of 1 hour.
1060 *\li 'zone' to be valid initialised zone.
1064 dns_zone_setjournal(dns_zone_t *zone, const char *journal);
1066 * Sets the filename used for journaling updates / IXFR transfers.
1067 * The default journal name is set by dns_zone_setfile() to be
1068 * "file.jnl". If 'journal' is NULL, the zone will have no
1072 *\li 'zone' to be a valid zone.
1076 *\li #ISC_R_NOMEMORY
1080 dns_zone_getjournal(dns_zone_t *zone);
1082 * Returns the journal name associated with this zone.
1083 * If no journal has been set this will be NULL.
1086 *\li 'zone' to be valid initialised zone.
1090 dns_zone_gettype(dns_zone_t *zone);
1092 * Returns the type of the zone (master/slave/etc.)
1095 *\li 'zone' to be valid initialised zone.
1099 dns_zone_settask(dns_zone_t *zone, isc_task_t *task);
1101 * Give a zone a task to work with. Any current task will be detached.
1104 *\li 'zone' to be valid.
1105 *\li 'task' to be valid.
1109 dns_zone_gettask(dns_zone_t *zone, isc_task_t **target);
1111 * Attach '*target' to the zone's task.
1114 *\li 'zone' to be valid initialised zone.
1115 *\li 'zone' to have a task.
1116 *\li 'target' to be != NULL && '*target' == NULL.
1120 dns_zone_notify(dns_zone_t *zone);
1122 * Generate notify events for this zone.
1125 *\li 'zone' to be a valid zone.
1129 dns_zone_replacedb(dns_zone_t *zone, dns_db_t *db, isc_boolean_t dump);
1131 * Replace the database of "zone" with a new database "db".
1133 * If "dump" is ISC_TRUE, then the new zone contents are dumped
1134 * into to the zone's master file for persistence. When replacing
1135 * a zone database by one just loaded from a master file, set
1136 * "dump" to ISC_FALSE to avoid a redundant redump of the data just
1137 * loaded. Otherwise, it should be set to ISC_TRUE.
1139 * If the "diff-on-reload" option is enabled in the configuration file,
1140 * the differences between the old and the new database are added to the
1141 * journal file, and the master file dump is postponed.
1144 * \li 'zone' to be a valid zone.
1148 * \li DNS_R_BADZONE zone failed basic consistency checks:
1149 * * a single SOA must exist
1150 * * some NS records must exist.
1155 dns_zone_getidlein(dns_zone_t *zone);
1158 * \li 'zone' to be a valid zone.
1161 * \li number of seconds of idle time before we abort the transfer in.
1165 dns_zone_setidlein(dns_zone_t *zone, isc_uint32_t idlein);
1167 * \li Set the idle timeout for transfer the.
1168 * \li Zero set the default value, 1 hour.
1171 * \li 'zone' to be a valid zone.
1175 dns_zone_getidleout(dns_zone_t *zone);
1179 * \li 'zone' to be a valid zone.
1182 * \li number of seconds of idle time before we abort a transfer out.
1186 dns_zone_setidleout(dns_zone_t *zone, isc_uint32_t idleout);
1188 * \li Set the idle timeout for transfers out.
1189 * \li Zero set the default value, 1 hour.
1192 * \li 'zone' to be a valid zone.
1196 dns_zone_getssutable(dns_zone_t *zone, dns_ssutable_t **table);
1198 * Get the simple-secure-update policy table.
1201 * \li 'zone' to be a valid zone.
1205 dns_zone_setssutable(dns_zone_t *zone, dns_ssutable_t *table);
1207 * Set / clear the simple-secure-update policy table.
1210 * \li 'zone' to be a valid zone.
1214 dns_zone_getmctx(dns_zone_t *zone);
1216 * Get the memory context of a zone.
1219 * \li 'zone' to be a valid zone.
1223 dns_zone_getmgr(dns_zone_t *zone);
1225 * If 'zone' is managed return the zone manager otherwise NULL.
1228 * \li 'zone' to be a valid zone.
1232 dns_zone_setsigvalidityinterval(dns_zone_t *zone, isc_uint32_t interval);
1234 * Set the zone's RRSIG validity interval. This is the length of time
1235 * for which DNSSEC signatures created as a result of dynamic updates
1236 * to secure zones will remain valid, in seconds.
1239 * \li 'zone' to be a valid zone.
1243 dns_zone_getsigvalidityinterval(dns_zone_t *zone);
1245 * Get the zone's RRSIG validity interval.
1248 * \li 'zone' to be a valid zone.
1252 dns_zone_setsigresigninginterval(dns_zone_t *zone, isc_uint32_t interval);
1254 * Set the zone's RRSIG re-signing interval. A dynamic zone's RRSIG's
1255 * will be re-signed 'interval' amount of time before they expire.
1258 * \li 'zone' to be a valid zone.
1262 dns_zone_getsigresigninginterval(dns_zone_t *zone);
1264 * Get the zone's RRSIG re-signing interval.
1267 * \li 'zone' to be a valid zone.
1271 dns_zone_setnotifytype(dns_zone_t *zone, dns_notifytype_t notifytype);
1273 * Sets zone notify method to "notifytype"
1277 dns_zone_forwardupdate(dns_zone_t *zone, dns_message_t *msg,
1278 dns_updatecallback_t callback, void *callback_arg);
1280 * Forward 'msg' to each master in turn until we get an answer or we
1281 * have exhausted the list of masters. 'callback' will be called with
1282 * ISC_R_SUCCESS if we get an answer and the returned message will be
1283 * passed as 'answer_message', otherwise a non ISC_R_SUCCESS result code
1284 * will be passed and answer_message will be NULL. The callback function
1285 * is responsible for destroying 'answer_message'.
1286 * (callback)(callback_arg, result, answer_message);
1289 *\li 'zone' to be valid
1290 *\li 'msg' to be valid.
1291 *\li 'callback' to be non NULL.
1293 *\li #ISC_R_SUCCESS if the message has been forwarded,
1294 *\li #ISC_R_NOMEMORY
1299 dns_zone_next(dns_zone_t *zone, dns_zone_t **next);
1301 * Find the next zone in the list of managed zones.
1304 *\li 'zone' to be valid
1305 *\li The zone manager for the indicated zone MUST be locked
1306 * by the caller. This is not checked.
1307 *\li 'next' be non-NULL, and '*next' be NULL.
1310 *\li 'next' points to a valid zone (result ISC_R_SUCCESS) or to NULL
1311 * (result ISC_R_NOMORE).
1317 dns_zone_first(dns_zonemgr_t *zmgr, dns_zone_t **first);
1319 * Find the first zone in the list of managed zones.
1322 *\li 'zonemgr' to be valid
1323 *\li The zone manager for the indicated zone MUST be locked
1324 * by the caller. This is not checked.
1325 *\li 'first' be non-NULL, and '*first' be NULL
1328 *\li 'first' points to a valid zone (result ISC_R_SUCCESS) or to NULL
1329 * (result ISC_R_NOMORE).
1333 dns_zone_setkeydirectory(dns_zone_t *zone, const char *directory);
1335 * Sets the name of the directory where private keys used for
1336 * online signing of dynamic zones are found.
1339 *\li 'zone' to be a valid zone.
1342 *\li #ISC_R_NOMEMORY
1347 dns_zone_getkeydirectory(dns_zone_t *zone);
1349 * Gets the name of the directory where private keys used for
1350 * online signing of dynamic zones are found.
1353 *\li 'zone' to be valid initialised zone.
1356 * Pointer to null-terminated file name, or NULL.
1361 dns_zonemgr_create(isc_mem_t *mctx, isc_taskmgr_t *taskmgr,
1362 isc_timermgr_t *timermgr, isc_socketmgr_t *socketmgr,
1363 dns_zonemgr_t **zmgrp);
1365 * Create a zone manager.
1368 *\li 'mctx' to be a valid memory context.
1369 *\li 'taskmgr' to be a valid task manager.
1370 *\li 'timermgr' to be a valid timer manager.
1371 *\li 'zmgrp' to point to a NULL pointer.
1375 dns_zonemgr_managezone(dns_zonemgr_t *zmgr, dns_zone_t *zone);
1377 * Bring the zone under control of a zone manager.
1380 *\li 'zmgr' to be a valid zone manager.
1381 *\li 'zone' to be a valid zone.
1385 dns_zonemgr_forcemaint(dns_zonemgr_t *zmgr);
1387 * Force zone maintenance of all zones managed by 'zmgr' at its
1388 * earliest convenience.
1392 dns_zonemgr_resumexfrs(dns_zonemgr_t *zmgr);
1394 * Attempt to start any stalled zone transfers.
1398 dns_zonemgr_shutdown(dns_zonemgr_t *zmgr);
1400 * Shut down the zone manager.
1403 *\li 'zmgr' to be a valid zone manager.
1407 dns_zonemgr_attach(dns_zonemgr_t *source, dns_zonemgr_t **target);
1409 * Attach '*target' to 'source' incrementing its external
1413 *\li 'zone' to be a valid zone.
1414 *\li 'target' to be non NULL and '*target' to be NULL.
1418 dns_zonemgr_detach(dns_zonemgr_t **zmgrp);
1420 * Detach from a zone manager.
1423 *\li '*zmgrp' is a valid, non-NULL zone manager pointer.
1426 *\li '*zmgrp' is NULL.
1430 dns_zonemgr_releasezone(dns_zonemgr_t *zmgr, dns_zone_t *zone);
1432 * Release 'zone' from the managed by 'zmgr'. 'zmgr' is implicitly
1433 * detached from 'zone'.
1436 *\li 'zmgr' to be a valid zone manager.
1437 *\li 'zone' to be a valid zone.
1438 *\li 'zmgr' == 'zone->zmgr'
1441 *\li 'zone->zmgr' == NULL;
1445 dns_zonemgr_settransfersin(dns_zonemgr_t *zmgr, isc_uint32_t value);
1447 * Set the maximum number of simultaneous transfers in allowed by
1451 *\li 'zmgr' to be a valid zone manager.
1455 dns_zonemgr_getttransfersin(dns_zonemgr_t *zmgr);
1457 * Return the maximum number of simultaneous transfers in allowed.
1460 *\li 'zmgr' to be a valid zone manager.
1464 dns_zonemgr_settransfersperns(dns_zonemgr_t *zmgr, isc_uint32_t value);
1466 * Set the number of zone transfers allowed per nameserver.
1469 *\li 'zmgr' to be a valid zone manager
1473 dns_zonemgr_getttransfersperns(dns_zonemgr_t *zmgr);
1475 * Return the number of transfers allowed per nameserver.
1478 *\li 'zmgr' to be a valid zone manager.
1482 dns_zonemgr_setiolimit(dns_zonemgr_t *zmgr, isc_uint32_t iolimit);
1484 * Set the number of simultaneous file descriptors available for
1485 * reading and writing masterfiles.
1488 *\li 'zmgr' to be a valid zone manager.
1489 *\li 'iolimit' to be positive.
1493 dns_zonemgr_getiolimit(dns_zonemgr_t *zmgr);
1495 * Get the number of simultaneous file descriptors available for
1496 * reading and writing masterfiles.
1499 *\li 'zmgr' to be a valid zone manager.
1503 dns_zonemgr_setserialqueryrate(dns_zonemgr_t *zmgr, unsigned int value);
1505 * Set the number of SOA queries sent per second.
1508 *\li 'zmgr' to be a valid zone manager
1512 dns_zonemgr_getserialqueryrate(dns_zonemgr_t *zmgr);
1514 * Return the number of SOA queries sent per second.
1517 *\li 'zmgr' to be a valid zone manager.
1521 dns_zonemgr_getcount(dns_zonemgr_t *zmgr, int state);
1523 * Returns the number of zones in the specified state.
1526 *\li 'zmgr' to be a valid zone manager.
1527 *\li 'state' to be a valid DNS_ZONESTATE_ constant.
1531 dns_zonemgr_unreachableadd(dns_zonemgr_t *zmgr, isc_sockaddr_t *remote,
1532 isc_sockaddr_t *local, isc_time_t *now);
1534 * Add the pair of addresses to the unreachable cache.
1537 *\li 'zmgr' to be a valid zone manager.
1538 *\li 'remote' to be a valid sockaddr.
1539 *\li 'local' to be a valid sockaddr.
1543 dns_zone_forcereload(dns_zone_t *zone);
1545 * Force a reload of specified zone.
1548 *\li 'zone' to be a valid zone.
1552 dns_zone_isforced(dns_zone_t *zone);
1554 * Check if the zone is waiting a forced reload.
1557 * \li 'zone' to be a valid zone.
1561 dns_zone_setstatistics(dns_zone_t *zone, isc_boolean_t on);
1563 * This function is obsoleted by dns_zone_setrequeststats().
1567 dns_zone_getstatscounters(dns_zone_t *zone);
1569 * This function is obsoleted by dns_zone_getrequeststats().
1573 dns_zone_setstats(dns_zone_t *zone, isc_stats_t *stats);
1575 * Set a general zone-maintenance statistics set 'stats' for 'zone'. This
1576 * function is expected to be called only on zone creation (when necessary).
1577 * Once installed, it cannot be removed or replaced. Also, there is no
1578 * interface to get the installed stats from the zone; the caller must keep the
1579 * stats to reference (e.g. dump) it later.
1582 * \li 'zone' to be a valid zone and does not have a statistics set already
1585 *\li stats is a valid statistics supporting zone statistics counters
1586 * (see dns/stats.h).
1590 dns_zone_setrequeststats(dns_zone_t *zone, isc_stats_t *stats);
1592 * Set an additional statistics set to zone. It is attached in the zone
1593 * but is not counted in the zone module; only the caller updates the counters.
1596 * \li 'zone' to be a valid zone.
1598 *\li stats is a valid statistics.
1602 dns_zone_getrequeststats(dns_zone_t *zone);
1604 * Get the additional statistics for zone, if one is installed.
1607 * \li 'zone' to be a valid zone.
1610 * \li when available, a pointer to the statistics set installed in zone;
1615 dns_zone_dialup(dns_zone_t *zone);
1617 * Perform dialup-time maintenance on 'zone'.
1621 dns_zone_setdialup(dns_zone_t *zone, dns_dialuptype_t dialup);
1623 * Set the dialup type of 'zone' to 'dialup'.
1626 * \li 'zone' to be valid initialised zone.
1627 *\li 'dialup' to be a valid dialup type.
1631 dns_zone_log(dns_zone_t *zone, int level, const char *msg, ...)
1632 ISC_FORMAT_PRINTF(3, 4);
1634 * Log the message 'msg...' at 'level', including text that identifies
1635 * the message as applying to 'zone'.
1639 dns_zone_logc(dns_zone_t *zone, isc_logcategory_t *category, int level,
1640 const char *msg, ...) ISC_FORMAT_PRINTF(4, 5);
1642 * Log the message 'msg...' at 'level', including text that identifies
1643 * the message as applying to 'zone'.
1647 dns_zone_name(dns_zone_t *zone, char *buf, size_t len);
1649 * Return the name of the zone with class and view.
1652 *\li 'zone' to be valid.
1653 *\li 'buf' to be non NULL.
1657 dns_zone_checknames(dns_zone_t *zone, dns_name_t *name, dns_rdata_t *rdata);
1659 * Check if this record meets the check-names policy.
1662 * 'zone' to be valid.
1663 * 'name' to be valid.
1664 * 'rdata' to be valid.
1667 * DNS_R_SUCCESS passed checks.
1668 * DNS_R_BADOWNERNAME failed ownername checks.
1669 * DNS_R_BADNAME failed rdata checks.
1673 dns_zone_setacache(dns_zone_t *zone, dns_acache_t *acache);
1675 * Associate the zone with an additional cache.
1678 * 'zone' to be a valid zone.
1679 * 'acache' to be a non NULL pointer.
1682 * 'zone' will have a reference to 'acache'
1686 dns_zone_setcheckmx(dns_zone_t *zone, dns_checkmxfunc_t checkmx);
1688 * Set the post load integrity callback function 'checkmx'.
1689 * 'checkmx' will be called if the MX is not within the zone.
1692 * 'zone' to be a valid zone.
1696 dns_zone_setchecksrv(dns_zone_t *zone, dns_checkmxfunc_t checksrv);
1698 * Set the post load integrity callback function 'checksrv'.
1699 * 'checksrv' will be called if the SRV TARGET is not within the zone.
1702 * 'zone' to be a valid zone.
1706 dns_zone_setcheckns(dns_zone_t *zone, dns_checknsfunc_t checkns);
1708 * Set the post load integrity callback function 'checkmx'.
1709 * 'checkmx' will be called if the MX is not within the zone.
1712 * 'zone' to be a valid zone.
1716 dns_zone_setnotifydelay(dns_zone_t *zone, isc_uint32_t delay);
1718 * Set the minimum delay between sets of notify messages.
1721 * 'zone' to be valid.
1725 dns_zone_getnotifydelay(dns_zone_t *zone);
1727 * Get the minimum delay between sets of notify messages.
1730 * 'zone' to be valid.
1734 dns_zone_setisself(dns_zone_t *zone, dns_isselffunc_t isself, void *arg);
1736 * Set the isself callback function and argument.
1739 * isself(dns_view_t *myview, dns_tsigkey_t *mykey, isc_netaddr_t *srcaddr,
1740 * isc_netaddr_t *destaddr, dns_rdataclass_t rdclass, void *arg);
1742 * 'isself' returns ISC_TRUE if a non-recursive query from 'srcaddr' to
1743 * 'destaddr' with optional key 'mykey' for class 'rdclass' would be
1744 * delivered to 'myview'.
1748 dns_zone_setnodes(dns_zone_t *zone, isc_uint32_t nodes);
1750 * Set the number of nodes that will be checked per quantum.
1754 dns_zone_setsignatures(dns_zone_t *zone, isc_uint32_t signatures);
1756 * Set the number of signatures that will be generated per quantum.
1760 dns_zone_signwithkey(dns_zone_t *zone, dns_secalg_t algorithm,
1761 isc_uint16_t keyid, isc_boolean_t delete);
1763 * Initiate/resume signing of the entire zone with the zone DNSKEY(s)
1764 * that match the given algorithm and keyid.
1768 dns_zone_addnsec3chain(dns_zone_t *zone, dns_rdata_nsec3param_t *nsec3param);
1770 * Incrementally add a NSEC3 chain that corresponds to 'nsec3param'.
1774 dns_zone_setprivatetype(dns_zone_t *zone, dns_rdatatype_t type);
1776 dns_zone_getprivatetype(dns_zone_t *zone);
1778 * Get/Set the private record type. It is expected that these interfaces
1779 * will not be permanent.
1783 dns_zone_rekey(dns_zone_t *zone, isc_boolean_t fullsign);
1785 * Update the zone's DNSKEY set from the key repository.
1787 * If 'fullsign' is true, trigger an immediate full signing of
1788 * the zone with the new key. Otherwise, if there are no keys or
1789 * if the new keys are for algorithms that have already signed the
1790 * zone, then the zone can be re-signed incrementally.
1794 dns_zone_nscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version,
1795 unsigned int *errors);
1797 * Check if the name servers for the zone are sane (have address, don't
1798 * refer to CNAMEs/DNAMEs. The number of constiancy errors detected in
1799 * returned in '*errors'
1802 * \li 'zone' to be valid.
1803 * \li 'db' to be valid.
1804 * \li 'version' to be valid or NULL.
1805 * \li 'errors' to be non NULL.
1808 * ISC_R_SUCCESS if there were no errors examining the zone contents.
1812 dns_zone_setadded(dns_zone_t *zone, isc_boolean_t added);
1814 * Sets the value of zone->added, which should be ISC_TRUE for
1815 * zones that were originally added by "rndc addzone".
1818 * \li 'zone' to be valid.
1822 dns_zone_getadded(dns_zone_t *zone);
1824 * Returns ISC_TRUE if the zone was originally added at runtime
1825 * using "rndc addzone".
1828 * \li 'zone' to be valid.
1833 #endif /* DNS_ZONE_H */