2 * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC")
3 * Copyright (C) 1999-2003 Internet Software Consortium.
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15 * PERFORMANCE OF THIS SOFTWARE.
18 /* $Id: view.c,v 1.172 2010/12/09 04:53:48 marka Exp $ */
26 #include <isc/stats.h>
27 #include <isc/string.h> /* Required for HP/UX (and others?) */
31 #include <dns/acache.h>
34 #include <dns/cache.h>
38 #include <dns/dns64.h>
40 #include <dns/dnssec.h>
41 #include <dns/events.h>
42 #include <dns/forward.h>
43 #include <dns/keytable.h>
44 #include <dns/keyvalues.h>
45 #include <dns/master.h>
46 #include <dns/masterdump.h>
47 #include <dns/order.h>
50 #include <dns/rdataset.h>
51 #include <dns/request.h>
52 #include <dns/resolver.h>
53 #include <dns/result.h>
54 #include <dns/stats.h>
59 #define RESSHUTDOWN(v) (((v)->attributes & DNS_VIEWATTR_RESSHUTDOWN) != 0)
60 #define ADBSHUTDOWN(v) (((v)->attributes & DNS_VIEWATTR_ADBSHUTDOWN) != 0)
61 #define REQSHUTDOWN(v) (((v)->attributes & DNS_VIEWATTR_REQSHUTDOWN) != 0)
63 #define DNS_VIEW_DELONLYHASH 111
65 static void resolver_shutdown(isc_task_t *task, isc_event_t *event);
66 static void adb_shutdown(isc_task_t *task, isc_event_t *event);
67 static void req_shutdown(isc_task_t *task, isc_event_t *event);
70 dns_view_create(isc_mem_t *mctx, dns_rdataclass_t rdclass,
71 const char *name, dns_view_t **viewp)
80 REQUIRE(name != NULL);
81 REQUIRE(viewp != NULL && *viewp == NULL);
83 view = isc_mem_get(mctx, sizeof(*view));
85 return (ISC_R_NOMEMORY);
86 view->name = isc_mem_strdup(mctx, name);
87 if (view->name == NULL) {
88 result = ISC_R_NOMEMORY;
91 result = isc_mutex_init(&view->lock);
92 if (result != ISC_R_SUCCESS)
96 view->zonetable = NULL;
97 result = dns_zt_create(mctx, rdclass, &view->zonetable);
98 if (result != ISC_R_SUCCESS) {
99 UNEXPECTED_ERROR(__FILE__, __LINE__,
100 "dns_zt_create() failed: %s",
101 isc_result_totext(result));
102 result = ISC_R_UNEXPECTED;
106 view->secroots_priv = NULL;
107 view->fwdtable = NULL;
108 result = dns_fwdtable_create(mctx, &view->fwdtable);
109 if (result != ISC_R_SUCCESS) {
110 UNEXPECTED_ERROR(__FILE__, __LINE__,
111 "dns_fwdtable_create() failed: %s",
112 isc_result_totext(result));
113 result = ISC_R_UNEXPECTED;
119 view->cachedb = NULL;
120 view->dlzdatabase = NULL;
122 view->resolver = NULL;
124 view->requestmgr = NULL;
126 view->rdclass = rdclass;
127 view->frozen = ISC_FALSE;
129 result = isc_refcount_init(&view->references, 1);
130 if (result != ISC_R_SUCCESS)
131 goto cleanup_fwdtable;
133 view->attributes = (DNS_VIEWATTR_RESSHUTDOWN|DNS_VIEWATTR_ADBSHUTDOWN|
134 DNS_VIEWATTR_REQSHUTDOWN);
135 view->statickeys = NULL;
136 view->dynamickeys = NULL;
137 view->matchclients = NULL;
138 view->matchdestinations = NULL;
139 view->matchrecursiveonly = ISC_FALSE;
140 result = dns_tsigkeyring_create(view->mctx, &view->dynamickeys);
141 if (result != ISC_R_SUCCESS)
142 goto cleanup_references;
145 view->delonly = NULL;
146 view->rootdelonly = ISC_FALSE;
147 view->rootexclude = NULL;
148 view->resstats = NULL;
149 view->resquerystats = NULL;
150 view->cacheshared = ISC_FALSE;
151 ISC_LIST_INIT(view->dns64);
155 * Initialize configuration data with default values.
157 view->recursion = ISC_TRUE;
158 view->auth_nxdomain = ISC_FALSE; /* Was true in BIND 8 */
159 view->additionalfromcache = ISC_TRUE;
160 view->additionalfromauth = ISC_TRUE;
161 view->enablednssec = ISC_TRUE;
162 view->enablevalidation = ISC_TRUE;
163 view->acceptexpired = ISC_FALSE;
164 view->minimalresponses = ISC_FALSE;
165 view->transfer_format = dns_one_answer;
166 view->cacheacl = NULL;
167 view->cacheonacl = NULL;
168 view->queryacl = NULL;
169 view->queryonacl = NULL;
170 view->recursionacl = NULL;
171 view->recursiononacl = NULL;
172 view->sortlist = NULL;
173 view->transferacl = NULL;
174 view->notifyacl = NULL;
175 view->updateacl = NULL;
176 view->upfwdacl = NULL;
177 view->denyansweracl = NULL;
178 view->answeracl_exclude = NULL;
179 view->denyanswernames = NULL;
180 view->answernames_exclude = NULL;
181 view->requestixfr = ISC_TRUE;
182 view->provideixfr = ISC_TRUE;
183 view->maxcachettl = 7 * 24 * 3600;
184 view->maxncachettl = 3 * 3600;
186 view->preferred_glue = 0;
187 view->flush = ISC_FALSE;
190 view->v4_aaaa = dns_v4_aaaa_ok;
191 view->v4_aaaa_acl = NULL;
192 dns_fixedname_init(&view->dlv_fixed);
193 view->managed_keys = NULL;
195 view->new_zone_file = NULL;
196 view->new_zone_config = NULL;
197 view->cfg_destroy = NULL;
199 result = dns_order_create(view->mctx, &view->order);
200 if (result != ISC_R_SUCCESS)
201 goto cleanup_dynkeys;
204 result = dns_peerlist_new(view->mctx, &view->peers);
205 if (result != ISC_R_SUCCESS)
208 result = dns_aclenv_init(view->mctx, &view->aclenv);
209 if (result != ISC_R_SUCCESS)
210 goto cleanup_peerlist;
212 ISC_LINK_INIT(view, link);
213 ISC_EVENT_INIT(&view->resevent, sizeof(view->resevent), 0, NULL,
214 DNS_EVENT_VIEWRESSHUTDOWN, resolver_shutdown,
215 view, NULL, NULL, NULL);
216 ISC_EVENT_INIT(&view->adbevent, sizeof(view->adbevent), 0, NULL,
217 DNS_EVENT_VIEWADBSHUTDOWN, adb_shutdown,
218 view, NULL, NULL, NULL);
219 ISC_EVENT_INIT(&view->reqevent, sizeof(view->reqevent), 0, NULL,
220 DNS_EVENT_VIEWREQSHUTDOWN, req_shutdown,
221 view, NULL, NULL, NULL);
222 view->magic = DNS_VIEW_MAGIC;
226 return (ISC_R_SUCCESS);
229 dns_peerlist_detach(&view->peers);
233 dns_order_detach(&view->order);
237 dns_tsigkeyring_destroy(&view->dynamickeys);
240 isc_refcount_destroy(&view->references);
243 dns_fwdtable_destroy(&view->fwdtable);
247 dns_zt_detach(&view->zonetable);
251 DESTROYLOCK(&view->lock);
254 isc_mem_free(mctx, view->name);
257 isc_mem_put(mctx, view, sizeof(*view));
263 destroy(dns_view_t *view) {
268 REQUIRE(!ISC_LINK_LINKED(view, link));
269 REQUIRE(isc_refcount_current(&view->references) == 0);
270 REQUIRE(view->weakrefs == 0);
271 REQUIRE(RESSHUTDOWN(view));
272 REQUIRE(ADBSHUTDOWN(view));
273 REQUIRE(REQSHUTDOWN(view));
276 if (view->order != NULL)
277 dns_order_detach(&view->order);
279 if (view->peers != NULL)
280 dns_peerlist_detach(&view->peers);
281 if (view->dynamickeys != NULL)
282 dns_tsigkeyring_destroy(&view->dynamickeys);
283 if (view->statickeys != NULL)
284 dns_tsigkeyring_destroy(&view->statickeys);
285 if (view->adb != NULL)
286 dns_adb_detach(&view->adb);
287 if (view->resolver != NULL)
288 dns_resolver_detach(&view->resolver);
290 if (view->acache != NULL) {
291 if (view->cachedb != NULL)
292 dns_acache_putdb(view->acache, view->cachedb);
293 dns_acache_detach(&view->acache);
296 if (view->requestmgr != NULL)
297 dns_requestmgr_detach(&view->requestmgr);
298 if (view->task != NULL)
299 isc_task_detach(&view->task);
300 if (view->hints != NULL)
301 dns_db_detach(&view->hints);
302 if (view->dlzdatabase != NULL)
303 dns_dlzdestroy(&view->dlzdatabase);
304 if (view->cachedb != NULL)
305 dns_db_detach(&view->cachedb);
306 if (view->cache != NULL)
307 dns_cache_detach(&view->cache);
308 if (view->matchclients != NULL)
309 dns_acl_detach(&view->matchclients);
310 if (view->matchdestinations != NULL)
311 dns_acl_detach(&view->matchdestinations);
312 if (view->cacheacl != NULL)
313 dns_acl_detach(&view->cacheacl);
314 if (view->cacheonacl != NULL)
315 dns_acl_detach(&view->cacheonacl);
316 if (view->queryacl != NULL)
317 dns_acl_detach(&view->queryacl);
318 if (view->queryonacl != NULL)
319 dns_acl_detach(&view->queryonacl);
320 if (view->recursionacl != NULL)
321 dns_acl_detach(&view->recursionacl);
322 if (view->recursiononacl != NULL)
323 dns_acl_detach(&view->recursiononacl);
324 if (view->sortlist != NULL)
325 dns_acl_detach(&view->sortlist);
326 if (view->transferacl != NULL)
327 dns_acl_detach(&view->transferacl);
328 if (view->notifyacl != NULL)
329 dns_acl_detach(&view->notifyacl);
330 if (view->updateacl != NULL)
331 dns_acl_detach(&view->updateacl);
332 if (view->upfwdacl != NULL)
333 dns_acl_detach(&view->upfwdacl);
334 if (view->denyansweracl != NULL)
335 dns_acl_detach(&view->denyansweracl);
336 if (view->v4_aaaa_acl != NULL)
337 dns_acl_detach(&view->v4_aaaa_acl);
338 if (view->answeracl_exclude != NULL)
339 dns_rbt_destroy(&view->answeracl_exclude);
340 if (view->denyanswernames != NULL)
341 dns_rbt_destroy(&view->denyanswernames);
342 if (view->answernames_exclude != NULL)
343 dns_rbt_destroy(&view->answernames_exclude);
344 if (view->delonly != NULL) {
348 for (i = 0; i < DNS_VIEW_DELONLYHASH; i++) {
349 name = ISC_LIST_HEAD(view->delonly[i]);
350 while (name != NULL) {
351 ISC_LIST_UNLINK(view->delonly[i], name, link);
352 dns_name_free(name, view->mctx);
353 isc_mem_put(view->mctx, name, sizeof(*name));
354 name = ISC_LIST_HEAD(view->delonly[i]);
357 isc_mem_put(view->mctx, view->delonly, sizeof(dns_namelist_t) *
358 DNS_VIEW_DELONLYHASH);
359 view->delonly = NULL;
361 if (view->rootexclude != NULL) {
365 for (i = 0; i < DNS_VIEW_DELONLYHASH; i++) {
366 name = ISC_LIST_HEAD(view->rootexclude[i]);
367 while (name != NULL) {
368 ISC_LIST_UNLINK(view->rootexclude[i],
370 dns_name_free(name, view->mctx);
371 isc_mem_put(view->mctx, name, sizeof(*name));
372 name = ISC_LIST_HEAD(view->rootexclude[i]);
375 isc_mem_put(view->mctx, view->rootexclude,
376 sizeof(dns_namelist_t) * DNS_VIEW_DELONLYHASH);
377 view->rootexclude = NULL;
379 if (view->resstats != NULL)
380 isc_stats_detach(&view->resstats);
381 if (view->resquerystats != NULL)
382 dns_stats_detach(&view->resquerystats);
383 if (view->secroots_priv != NULL)
384 dns_keytable_detach(&view->secroots_priv);
386 for (dns64 = ISC_LIST_HEAD(view->dns64);
388 dns64 = ISC_LIST_HEAD(view->dns64)) {
389 dns_dns64_unlink(&view->dns64, dns64);
390 dns_dns64_destroy(&dns64);
392 if (view->managed_keys != NULL)
393 dns_zone_detach(&view->managed_keys);
394 dns_view_setnewzones(view, ISC_FALSE, NULL, NULL);
396 dns_fwdtable_destroy(&view->fwdtable);
397 dns_aclenv_destroy(&view->aclenv);
398 DESTROYLOCK(&view->lock);
399 isc_refcount_destroy(&view->references);
400 isc_mem_free(view->mctx, view->name);
401 isc_mem_put(view->mctx, view, sizeof(*view));
405 * Return true iff 'view' may be freed.
406 * The caller must be holding the view lock.
409 all_done(dns_view_t *view) {
411 if (isc_refcount_current(&view->references) == 0 &&
412 view->weakrefs == 0 &&
413 RESSHUTDOWN(view) && ADBSHUTDOWN(view) && REQSHUTDOWN(view))
420 dns_view_attach(dns_view_t *source, dns_view_t **targetp) {
422 REQUIRE(DNS_VIEW_VALID(source));
423 REQUIRE(targetp != NULL && *targetp == NULL);
425 isc_refcount_increment(&source->references, NULL);
431 view_flushanddetach(dns_view_t **viewp, isc_boolean_t flush) {
434 isc_boolean_t done = ISC_FALSE;
436 REQUIRE(viewp != NULL);
438 REQUIRE(DNS_VIEW_VALID(view));
441 view->flush = ISC_TRUE;
442 isc_refcount_decrement(&view->references, &refs);
445 if (!RESSHUTDOWN(view))
446 dns_resolver_shutdown(view->resolver);
447 if (!ADBSHUTDOWN(view))
448 dns_adb_shutdown(view->adb);
449 if (!REQSHUTDOWN(view))
450 dns_requestmgr_shutdown(view->requestmgr);
452 if (view->acache != NULL)
453 dns_acache_shutdown(view->acache);
455 dns_zt_flushanddetach(&view->zonetable);
457 dns_zt_detach(&view->zonetable);
458 if (view->managed_keys != NULL) {
460 dns_zone_flush(view->managed_keys);
461 dns_zone_detach(&view->managed_keys);
464 done = all_done(view);
475 dns_view_flushanddetach(dns_view_t **viewp) {
476 view_flushanddetach(viewp, ISC_TRUE);
480 dns_view_detach(dns_view_t **viewp) {
481 view_flushanddetach(viewp, ISC_FALSE);
486 dialup(dns_zone_t *zone, void *dummy) {
488 dns_zone_dialup(zone);
489 return (ISC_R_SUCCESS);
493 dns_view_dialup(dns_view_t *view) {
494 REQUIRE(DNS_VIEW_VALID(view));
495 (void)dns_zt_apply(view->zonetable, ISC_FALSE, dialup, NULL);
500 dns_view_weakattach(dns_view_t *source, dns_view_t **targetp) {
502 REQUIRE(DNS_VIEW_VALID(source));
503 REQUIRE(targetp != NULL && *targetp == NULL);
507 UNLOCK(&source->lock);
513 dns_view_weakdetach(dns_view_t **viewp) {
515 isc_boolean_t done = ISC_FALSE;
517 REQUIRE(viewp != NULL);
519 REQUIRE(DNS_VIEW_VALID(view));
523 INSIST(view->weakrefs > 0);
525 done = all_done(view);
536 resolver_shutdown(isc_task_t *task, isc_event_t *event) {
537 dns_view_t *view = event->ev_arg;
540 REQUIRE(event->ev_type == DNS_EVENT_VIEWRESSHUTDOWN);
541 REQUIRE(DNS_VIEW_VALID(view));
542 REQUIRE(view->task == task);
548 view->attributes |= DNS_VIEWATTR_RESSHUTDOWN;
549 done = all_done(view);
553 isc_event_free(&event);
560 adb_shutdown(isc_task_t *task, isc_event_t *event) {
561 dns_view_t *view = event->ev_arg;
564 REQUIRE(event->ev_type == DNS_EVENT_VIEWADBSHUTDOWN);
565 REQUIRE(DNS_VIEW_VALID(view));
566 REQUIRE(view->task == task);
572 view->attributes |= DNS_VIEWATTR_ADBSHUTDOWN;
573 done = all_done(view);
577 isc_event_free(&event);
584 req_shutdown(isc_task_t *task, isc_event_t *event) {
585 dns_view_t *view = event->ev_arg;
588 REQUIRE(event->ev_type == DNS_EVENT_VIEWREQSHUTDOWN);
589 REQUIRE(DNS_VIEW_VALID(view));
590 REQUIRE(view->task == task);
596 view->attributes |= DNS_VIEWATTR_REQSHUTDOWN;
597 done = all_done(view);
601 isc_event_free(&event);
608 dns_view_createresolver(dns_view_t *view,
609 isc_taskmgr_t *taskmgr, unsigned int ntasks,
610 isc_socketmgr_t *socketmgr,
611 isc_timermgr_t *timermgr,
612 unsigned int options,
613 dns_dispatchmgr_t *dispatchmgr,
614 dns_dispatch_t *dispatchv4,
615 dns_dispatch_t *dispatchv6)
619 isc_mem_t *mctx = NULL;
621 REQUIRE(DNS_VIEW_VALID(view));
622 REQUIRE(!view->frozen);
623 REQUIRE(view->resolver == NULL);
625 result = isc_task_create(taskmgr, 0, &view->task);
626 if (result != ISC_R_SUCCESS)
628 isc_task_setname(view->task, "view", view);
630 result = dns_resolver_create(view, taskmgr, ntasks, socketmgr,
631 timermgr, options, dispatchmgr,
632 dispatchv4, dispatchv6,
634 if (result != ISC_R_SUCCESS) {
635 isc_task_detach(&view->task);
638 event = &view->resevent;
639 dns_resolver_whenshutdown(view->resolver, view->task, &event);
640 view->attributes &= ~DNS_VIEWATTR_RESSHUTDOWN;
642 result = isc_mem_create(0, 0, &mctx);
643 if (result != ISC_R_SUCCESS) {
644 dns_resolver_shutdown(view->resolver);
648 result = dns_adb_create(mctx, view, timermgr, taskmgr, &view->adb);
649 isc_mem_setname(mctx, "ADB", NULL);
650 isc_mem_detach(&mctx);
651 if (result != ISC_R_SUCCESS) {
652 dns_resolver_shutdown(view->resolver);
655 event = &view->adbevent;
656 dns_adb_whenshutdown(view->adb, view->task, &event);
657 view->attributes &= ~DNS_VIEWATTR_ADBSHUTDOWN;
659 result = dns_requestmgr_create(view->mctx, timermgr, socketmgr,
660 dns_resolver_taskmgr(view->resolver),
661 dns_resolver_dispatchmgr(view->resolver),
662 dns_resolver_dispatchv4(view->resolver),
663 dns_resolver_dispatchv6(view->resolver),
665 if (result != ISC_R_SUCCESS) {
666 dns_adb_shutdown(view->adb);
667 dns_resolver_shutdown(view->resolver);
670 event = &view->reqevent;
671 dns_requestmgr_whenshutdown(view->requestmgr, view->task, &event);
672 view->attributes &= ~DNS_VIEWATTR_REQSHUTDOWN;
674 return (ISC_R_SUCCESS);
678 dns_view_setcache(dns_view_t *view, dns_cache_t *cache) {
679 dns_view_setcache2(view, cache, ISC_FALSE);
683 dns_view_setcache2(dns_view_t *view, dns_cache_t *cache, isc_boolean_t shared) {
684 REQUIRE(DNS_VIEW_VALID(view));
685 REQUIRE(!view->frozen);
687 view->cacheshared = shared;
688 if (view->cache != NULL) {
690 if (view->acache != NULL)
691 dns_acache_putdb(view->acache, view->cachedb);
693 dns_db_detach(&view->cachedb);
694 dns_cache_detach(&view->cache);
696 dns_cache_attach(cache, &view->cache);
697 dns_cache_attachdb(cache, &view->cachedb);
698 INSIST(DNS_DB_VALID(view->cachedb));
701 if (view->acache != NULL)
702 dns_acache_setdb(view->acache, view->cachedb);
707 dns_view_iscacheshared(dns_view_t *view) {
708 REQUIRE(DNS_VIEW_VALID(view));
710 return (view->cacheshared);
714 dns_view_sethints(dns_view_t *view, dns_db_t *hints) {
715 REQUIRE(DNS_VIEW_VALID(view));
716 REQUIRE(!view->frozen);
717 REQUIRE(view->hints == NULL);
718 REQUIRE(dns_db_iszone(hints));
720 dns_db_attach(hints, &view->hints);
724 dns_view_setkeyring(dns_view_t *view, dns_tsig_keyring_t *ring) {
725 REQUIRE(DNS_VIEW_VALID(view));
726 REQUIRE(ring != NULL);
727 if (view->statickeys != NULL)
728 dns_tsigkeyring_destroy(&view->statickeys);
729 view->statickeys = ring;
733 dns_view_setdstport(dns_view_t *view, in_port_t dstport) {
734 REQUIRE(DNS_VIEW_VALID(view));
735 view->dstport = dstport;
739 dns_view_freeze(dns_view_t *view) {
740 REQUIRE(DNS_VIEW_VALID(view));
741 REQUIRE(!view->frozen);
743 if (view->resolver != NULL) {
744 INSIST(view->cachedb != NULL);
745 dns_resolver_freeze(view->resolver);
747 view->frozen = ISC_TRUE;
752 dns_view_thaw(dns_view_t *view) {
753 REQUIRE(DNS_VIEW_VALID(view));
754 REQUIRE(view->frozen);
756 view->frozen = ISC_FALSE;
760 dns_view_addzone(dns_view_t *view, dns_zone_t *zone) {
763 REQUIRE(DNS_VIEW_VALID(view));
764 REQUIRE(!view->frozen);
766 result = dns_zt_mount(view->zonetable, zone);
774 dns_view_findzone(dns_view_t *view, dns_name_t *name, dns_zone_t **zonep) {
777 REQUIRE(DNS_VIEW_VALID(view));
779 result = dns_zt_find(view->zonetable, name, 0, NULL, zonep);
780 if (result == DNS_R_PARTIALMATCH) {
781 dns_zone_detach(zonep);
782 result = ISC_R_NOTFOUND;
790 dns_view_find(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type,
791 isc_stdtime_t now, unsigned int options, isc_boolean_t use_hints,
792 dns_db_t **dbp, dns_dbnode_t **nodep, dns_name_t *foundname,
793 dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset)
797 dns_dbnode_t *node, *znode;
798 isc_boolean_t is_cache;
799 dns_rdataset_t zrdataset, zsigrdataset;
807 * Find an rdataset whose owner name is 'name', and whose type is
811 REQUIRE(DNS_VIEW_VALID(view));
812 REQUIRE(view->frozen);
813 REQUIRE(type != dns_rdatatype_rrsig);
814 REQUIRE(rdataset != NULL); /* XXXBEW - remove this */
815 REQUIRE(nodep == NULL || *nodep == NULL);
820 dns_rdataset_init(&zrdataset);
821 dns_rdataset_init(&zsigrdataset);
826 * Find a database to answer the query.
832 result = dns_zt_find(view->zonetable, name, 0, NULL, &zone);
833 if (result == ISC_R_SUCCESS || result == DNS_R_PARTIALMATCH) {
834 result = dns_zone_getdb(zone, &db);
835 if (result != ISC_R_SUCCESS && view->cachedb != NULL)
836 dns_db_attach(view->cachedb, &db);
837 else if (result != ISC_R_SUCCESS)
839 } else if (result == ISC_R_NOTFOUND && view->cachedb != NULL)
840 dns_db_attach(view->cachedb, &db);
842 result = ISC_R_NOTFOUND;
843 if (view->cachedb != NULL)
844 dns_db_attach(view->cachedb, &db);
849 is_cache = dns_db_iscache(db);
853 * Now look for an answer in the database.
855 result = dns_db_find(db, name, NULL, type, options,
856 now, &node, foundname, rdataset, sigrdataset);
858 if (result == DNS_R_DELEGATION ||
859 result == ISC_R_NOTFOUND) {
860 if (dns_rdataset_isassociated(rdataset))
861 dns_rdataset_disassociate(rdataset);
862 if (sigrdataset != NULL &&
863 dns_rdataset_isassociated(sigrdataset))
864 dns_rdataset_disassociate(sigrdataset);
866 dns_db_detachnode(db, &node);
869 if (view->cachedb != NULL) {
871 * Either the answer is in the cache, or we
875 dns_db_attach(view->cachedb, &db);
880 * We don't have the data in the cache. If we've got
881 * glue from the zone, use it.
883 if (dns_rdataset_isassociated(&zrdataset)) {
884 dns_rdataset_clone(&zrdataset, rdataset);
885 if (sigrdataset != NULL &&
886 dns_rdataset_isassociated(&zsigrdataset))
887 dns_rdataset_clone(&zsigrdataset,
892 dns_db_attach(zdb, &db);
893 dns_db_attachnode(db, znode, &node);
898 * We don't know the answer.
900 result = ISC_R_NOTFOUND;
901 } else if (result == DNS_R_GLUE) {
902 if (view->cachedb != NULL) {
904 * We found an answer, but the cache may be better.
905 * Remember what we've got and go look in the cache.
908 dns_rdataset_clone(rdataset, &zrdataset);
909 dns_rdataset_disassociate(rdataset);
910 if (sigrdataset != NULL &&
911 dns_rdataset_isassociated(sigrdataset)) {
912 dns_rdataset_clone(sigrdataset, &zsigrdataset);
913 dns_rdataset_disassociate(sigrdataset);
915 dns_db_attach(db, &zdb);
916 dns_db_attachnode(zdb, node, &znode);
917 dns_db_detachnode(db, &node);
919 dns_db_attach(view->cachedb, &db);
923 * Otherwise, the glue is the best answer.
925 result = ISC_R_SUCCESS;
929 if (result == ISC_R_NOTFOUND && use_hints && view->hints != NULL) {
930 if (dns_rdataset_isassociated(rdataset))
931 dns_rdataset_disassociate(rdataset);
932 if (sigrdataset != NULL &&
933 dns_rdataset_isassociated(sigrdataset))
934 dns_rdataset_disassociate(sigrdataset);
937 dns_db_detachnode(db, &node);
940 result = dns_db_find(view->hints, name, NULL, type, options,
941 now, &node, foundname,
942 rdataset, sigrdataset);
943 if (result == ISC_R_SUCCESS || result == DNS_R_GLUE) {
945 * We just used a hint. Let the resolver know it
946 * should consider priming.
948 dns_resolver_prime(view->resolver);
949 dns_db_attach(view->hints, &db);
951 } else if (result == DNS_R_NXRRSET) {
952 dns_db_attach(view->hints, &db);
953 result = DNS_R_HINTNXRRSET;
954 } else if (result == DNS_R_NXDOMAIN)
955 result = ISC_R_NOTFOUND;
958 * Cleanup if non-standard hints are used.
960 if (db == NULL && node != NULL)
961 dns_db_detachnode(view->hints, &node);
966 if (dns_rdataset_isassociated(&zrdataset)) {
967 dns_rdataset_disassociate(&zrdataset);
968 if (dns_rdataset_isassociated(&zsigrdataset))
969 dns_rdataset_disassociate(&zsigrdataset);
974 dns_db_detachnode(zdb, &znode);
983 dns_db_detachnode(db, &node);
990 INSIST(node == NULL);
994 dns_zone_detach(&zone);
1001 dns_view_simplefind(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type,
1002 isc_stdtime_t now, unsigned int options,
1003 isc_boolean_t use_hints,
1004 dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset)
1006 isc_result_t result;
1007 dns_fixedname_t foundname;
1009 dns_fixedname_init(&foundname);
1010 result = dns_view_find(view, name, type, now, options, use_hints,
1011 NULL, NULL, dns_fixedname_name(&foundname),
1012 rdataset, sigrdataset);
1013 if (result == DNS_R_NXDOMAIN) {
1015 * The rdataset and sigrdataset of the relevant NSEC record
1016 * may be returned, but the caller cannot use them because
1017 * foundname is not returned by this simplified API. We
1018 * disassociate them here to prevent any misuse by the caller.
1020 if (dns_rdataset_isassociated(rdataset))
1021 dns_rdataset_disassociate(rdataset);
1022 if (sigrdataset != NULL &&
1023 dns_rdataset_isassociated(sigrdataset))
1024 dns_rdataset_disassociate(sigrdataset);
1025 } else if (result != ISC_R_SUCCESS &&
1026 result != DNS_R_GLUE &&
1027 result != DNS_R_HINT &&
1028 result != DNS_R_NCACHENXDOMAIN &&
1029 result != DNS_R_NCACHENXRRSET &&
1030 result != DNS_R_NXRRSET &&
1031 result != DNS_R_HINTNXRRSET &&
1032 result != ISC_R_NOTFOUND) {
1033 if (dns_rdataset_isassociated(rdataset))
1034 dns_rdataset_disassociate(rdataset);
1035 if (sigrdataset != NULL &&
1036 dns_rdataset_isassociated(sigrdataset))
1037 dns_rdataset_disassociate(sigrdataset);
1038 result = ISC_R_NOTFOUND;
1045 dns_view_findzonecut(dns_view_t *view, dns_name_t *name, dns_name_t *fname,
1046 isc_stdtime_t now, unsigned int options,
1047 isc_boolean_t use_hints,
1048 dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset)
1050 return(dns_view_findzonecut2(view, name, fname, now, options,
1051 use_hints, ISC_TRUE,
1052 rdataset, sigrdataset));
1056 dns_view_findzonecut2(dns_view_t *view, dns_name_t *name, dns_name_t *fname,
1057 isc_stdtime_t now, unsigned int options,
1058 isc_boolean_t use_hints, isc_boolean_t use_cache,
1059 dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset)
1061 isc_result_t result;
1063 isc_boolean_t is_cache, use_zone, try_hints;
1066 dns_rdataset_t zrdataset, zsigrdataset;
1067 dns_fixedname_t zfixedname;
1069 REQUIRE(DNS_VIEW_VALID(view));
1070 REQUIRE(view->frozen);
1074 use_zone = ISC_FALSE;
1075 try_hints = ISC_FALSE;
1081 dns_fixedname_init(&zfixedname);
1082 dns_rdataset_init(&zrdataset);
1083 dns_rdataset_init(&zsigrdataset);
1086 * Find the right database.
1089 result = dns_zt_find(view->zonetable, name, 0, NULL, &zone);
1090 if (result == ISC_R_SUCCESS || result == DNS_R_PARTIALMATCH)
1091 result = dns_zone_getdb(zone, &db);
1093 result = ISC_R_NOTFOUND;
1095 if (result == ISC_R_NOTFOUND) {
1097 * We're not directly authoritative for this query name, nor
1098 * is it a subdomain of any zone for which we're
1101 if (use_cache && view->cachedb != NULL) {
1103 * We have a cache; try it.
1105 dns_db_attach(view->cachedb, &db);
1108 * Maybe we have hints...
1110 try_hints = ISC_TRUE;
1113 } else if (result != ISC_R_SUCCESS) {
1115 * Something is broken.
1119 is_cache = dns_db_iscache(db);
1123 * Look for the zonecut.
1126 result = dns_db_find(db, name, NULL, dns_rdatatype_ns, options,
1127 now, NULL, fname, rdataset, sigrdataset);
1128 if (result == DNS_R_DELEGATION)
1129 result = ISC_R_SUCCESS;
1130 else if (result != ISC_R_SUCCESS)
1132 if (use_cache && view->cachedb != NULL && db != view->hints) {
1134 * We found an answer, but the cache may be better.
1136 zfname = dns_fixedname_name(&zfixedname);
1137 result = dns_name_copy(fname, zfname, NULL);
1138 if (result != ISC_R_SUCCESS)
1140 dns_rdataset_clone(rdataset, &zrdataset);
1141 dns_rdataset_disassociate(rdataset);
1142 if (sigrdataset != NULL &&
1143 dns_rdataset_isassociated(sigrdataset)) {
1144 dns_rdataset_clone(sigrdataset, &zsigrdataset);
1145 dns_rdataset_disassociate(sigrdataset);
1148 dns_db_attach(view->cachedb, &db);
1149 is_cache = ISC_TRUE;
1153 result = dns_db_findzonecut(db, name, options, now, NULL,
1154 fname, rdataset, sigrdataset);
1155 if (result == ISC_R_SUCCESS) {
1156 if (zfname != NULL &&
1157 !dns_name_issubdomain(fname, zfname)) {
1159 * We found a zonecut in the cache, but our
1160 * zone delegation is better.
1162 use_zone = ISC_TRUE;
1164 } else if (result == ISC_R_NOTFOUND) {
1165 if (zfname != NULL) {
1167 * We didn't find anything in the cache, but we
1168 * have a zone delegation, so use it.
1170 use_zone = ISC_TRUE;
1173 * Maybe we have hints...
1175 try_hints = ISC_TRUE;
1179 * Something bad happened.
1187 if (dns_rdataset_isassociated(rdataset)) {
1188 dns_rdataset_disassociate(rdataset);
1189 if (sigrdataset != NULL &&
1190 dns_rdataset_isassociated(sigrdataset))
1191 dns_rdataset_disassociate(sigrdataset);
1193 result = dns_name_copy(zfname, fname, NULL);
1194 if (result != ISC_R_SUCCESS)
1196 dns_rdataset_clone(&zrdataset, rdataset);
1197 if (sigrdataset != NULL &&
1198 dns_rdataset_isassociated(&zrdataset))
1199 dns_rdataset_clone(&zsigrdataset, sigrdataset);
1200 } else if (try_hints && use_hints && view->hints != NULL) {
1202 * We've found nothing so far, but we have hints.
1204 result = dns_db_find(view->hints, dns_rootname, NULL,
1205 dns_rdatatype_ns, 0, now, NULL, fname,
1207 if (result != ISC_R_SUCCESS) {
1209 * We can't even find the hints for the root
1212 if (dns_rdataset_isassociated(rdataset))
1213 dns_rdataset_disassociate(rdataset);
1214 result = ISC_R_NOTFOUND;
1219 if (dns_rdataset_isassociated(&zrdataset)) {
1220 dns_rdataset_disassociate(&zrdataset);
1221 if (dns_rdataset_isassociated(&zsigrdataset))
1222 dns_rdataset_disassociate(&zsigrdataset);
1228 dns_zone_detach(&zone);
1235 dns_viewlist_find(dns_viewlist_t *list, const char *name,
1236 dns_rdataclass_t rdclass, dns_view_t **viewp)
1240 REQUIRE(list != NULL);
1242 for (view = ISC_LIST_HEAD(*list);
1244 view = ISC_LIST_NEXT(view, link)) {
1245 if (strcmp(view->name, name) == 0 && view->rdclass == rdclass)
1249 return (ISC_R_NOTFOUND);
1251 dns_view_attach(view, viewp);
1253 return (ISC_R_SUCCESS);
1258 dns_viewlist_findzone(dns_viewlist_t *list, dns_name_t *name,
1259 isc_boolean_t allclasses, dns_rdataclass_t rdclass,
1263 isc_result_t result;
1264 dns_zone_t *zone1 = NULL, *zone2 = NULL;
1265 dns_zone_t **zp = NULL;;
1267 REQUIRE(list != NULL);
1268 for (view = ISC_LIST_HEAD(*list);
1270 view = ISC_LIST_NEXT(view, link)) {
1271 if (allclasses == ISC_FALSE && view->rdclass != rdclass)
1275 * If the zone is defined in more than one view,
1276 * treat it as not found.
1278 zp = (zone1 == NULL) ? &zone1 : &zone2;
1279 result = dns_zt_find(view->zonetable, name, 0, NULL, zp);
1280 INSIST(result == ISC_R_SUCCESS ||
1281 result == ISC_R_NOTFOUND ||
1282 result == DNS_R_PARTIALMATCH);
1284 /* Treat a partial match as no match */
1285 if (result == DNS_R_PARTIALMATCH) {
1286 dns_zone_detach(zp);
1287 result = ISC_R_NOTFOUND;
1290 if (zone2 != NULL) {
1291 dns_zone_detach(&zone1);
1292 dns_zone_detach(&zone2);
1293 return (ISC_R_NOTFOUND);
1297 if (zone1 != NULL) {
1298 dns_zone_attach(zone1, zonep);
1299 dns_zone_detach(&zone1);
1300 return (ISC_R_SUCCESS);
1303 return (ISC_R_NOTFOUND);
1307 dns_view_load(dns_view_t *view, isc_boolean_t stop) {
1309 REQUIRE(DNS_VIEW_VALID(view));
1311 return (dns_zt_load(view->zonetable, stop));
1315 dns_view_loadnew(dns_view_t *view, isc_boolean_t stop) {
1317 REQUIRE(DNS_VIEW_VALID(view));
1319 return (dns_zt_loadnew(view->zonetable, stop));
1324 dns_view_gettsig(dns_view_t *view, dns_name_t *keyname, dns_tsigkey_t **keyp)
1326 isc_result_t result;
1327 REQUIRE(keyp != NULL && *keyp == NULL);
1329 result = dns_tsigkey_find(keyp, keyname, NULL,
1331 if (result == ISC_R_NOTFOUND)
1332 result = dns_tsigkey_find(keyp, keyname, NULL,
1338 dns_view_getpeertsig(dns_view_t *view, isc_netaddr_t *peeraddr,
1339 dns_tsigkey_t **keyp)
1341 isc_result_t result;
1342 dns_name_t *keyname = NULL;
1343 dns_peer_t *peer = NULL;
1345 result = dns_peerlist_peerbyaddr(view->peers, peeraddr, &peer);
1346 if (result != ISC_R_SUCCESS)
1349 result = dns_peer_getkey(peer, &keyname);
1350 if (result != ISC_R_SUCCESS)
1353 result = dns_view_gettsig(view, keyname, keyp);
1354 return ((result == ISC_R_NOTFOUND) ? ISC_R_FAILURE : result);
1358 dns_view_checksig(dns_view_t *view, isc_buffer_t *source, dns_message_t *msg) {
1359 REQUIRE(DNS_VIEW_VALID(view));
1360 REQUIRE(source != NULL);
1362 return (dns_tsig_verify(source, msg, view->statickeys,
1363 view->dynamickeys));
1368 dns_view_dumpdbtostream(dns_view_t *view, FILE *fp) {
1369 isc_result_t result;
1371 REQUIRE(DNS_VIEW_VALID(view));
1373 (void)fprintf(fp, ";\n; Cache dump of view '%s'\n;\n", view->name);
1374 result = dns_master_dumptostream(view->mctx, view->cachedb, NULL,
1375 &dns_master_style_cache, fp);
1376 if (result != ISC_R_SUCCESS)
1378 dns_adb_dump(view->adb, fp);
1379 dns_resolver_printbadcache(view->resolver, fp);
1380 return (ISC_R_SUCCESS);
1385 dns_view_flushcache(dns_view_t *view) {
1386 return (dns_view_flushcache2(view, ISC_FALSE));
1390 dns_view_flushcache2(dns_view_t *view, isc_boolean_t fixuponly) {
1391 isc_result_t result;
1393 REQUIRE(DNS_VIEW_VALID(view));
1395 if (view->cachedb == NULL)
1396 return (ISC_R_SUCCESS);
1398 result = dns_cache_flush(view->cache);
1399 if (result != ISC_R_SUCCESS)
1403 if (view->acache != NULL)
1404 dns_acache_putdb(view->acache, view->cachedb);
1406 dns_db_detach(&view->cachedb);
1407 dns_cache_attachdb(view->cache, &view->cachedb);
1409 if (view->acache != NULL)
1410 dns_acache_setdb(view->acache, view->cachedb);
1411 if (view->resolver != NULL)
1412 dns_resolver_flushbadcache(view->resolver, NULL);
1415 dns_adb_flush(view->adb);
1416 return (ISC_R_SUCCESS);
1420 dns_view_flushname(dns_view_t *view, dns_name_t *name) {
1422 REQUIRE(DNS_VIEW_VALID(view));
1424 if (view->adb != NULL)
1425 dns_adb_flushname(view->adb, name);
1426 if (view->cache == NULL)
1427 return (ISC_R_SUCCESS);
1428 if (view->resolver != NULL)
1429 dns_resolver_flushbadcache(view->resolver, name);
1430 return (dns_cache_flushname(view->cache, name));
1434 dns_view_adddelegationonly(dns_view_t *view, dns_name_t *name) {
1435 isc_result_t result;
1439 REQUIRE(DNS_VIEW_VALID(view));
1441 if (view->delonly == NULL) {
1442 view->delonly = isc_mem_get(view->mctx,
1443 sizeof(dns_namelist_t) *
1444 DNS_VIEW_DELONLYHASH);
1445 if (view->delonly == NULL)
1446 return (ISC_R_NOMEMORY);
1447 for (hash = 0; hash < DNS_VIEW_DELONLYHASH; hash++)
1448 ISC_LIST_INIT(view->delonly[hash]);
1450 hash = dns_name_hash(name, ISC_FALSE) % DNS_VIEW_DELONLYHASH;
1451 new = ISC_LIST_HEAD(view->delonly[hash]);
1452 while (new != NULL && !dns_name_equal(new, name))
1453 new = ISC_LIST_NEXT(new, link);
1455 return (ISC_R_SUCCESS);
1456 new = isc_mem_get(view->mctx, sizeof(*new));
1458 return (ISC_R_NOMEMORY);
1459 dns_name_init(new, NULL);
1460 result = dns_name_dup(name, view->mctx, new);
1461 if (result == ISC_R_SUCCESS)
1462 ISC_LIST_APPEND(view->delonly[hash], new, link);
1464 isc_mem_put(view->mctx, new, sizeof(*new));
1469 dns_view_excludedelegationonly(dns_view_t *view, dns_name_t *name) {
1470 isc_result_t result;
1474 REQUIRE(DNS_VIEW_VALID(view));
1476 if (view->rootexclude == NULL) {
1477 view->rootexclude = isc_mem_get(view->mctx,
1478 sizeof(dns_namelist_t) *
1479 DNS_VIEW_DELONLYHASH);
1480 if (view->rootexclude == NULL)
1481 return (ISC_R_NOMEMORY);
1482 for (hash = 0; hash < DNS_VIEW_DELONLYHASH; hash++)
1483 ISC_LIST_INIT(view->rootexclude[hash]);
1485 hash = dns_name_hash(name, ISC_FALSE) % DNS_VIEW_DELONLYHASH;
1486 new = ISC_LIST_HEAD(view->rootexclude[hash]);
1487 while (new != NULL && !dns_name_equal(new, name))
1488 new = ISC_LIST_NEXT(new, link);
1490 return (ISC_R_SUCCESS);
1491 new = isc_mem_get(view->mctx, sizeof(*new));
1493 return (ISC_R_NOMEMORY);
1494 dns_name_init(new, NULL);
1495 result = dns_name_dup(name, view->mctx, new);
1496 if (result == ISC_R_SUCCESS)
1497 ISC_LIST_APPEND(view->rootexclude[hash], new, link);
1499 isc_mem_put(view->mctx, new, sizeof(*new));
1504 dns_view_isdelegationonly(dns_view_t *view, dns_name_t *name) {
1508 REQUIRE(DNS_VIEW_VALID(view));
1510 if (!view->rootdelonly && view->delonly == NULL)
1513 hash = dns_name_hash(name, ISC_FALSE) % DNS_VIEW_DELONLYHASH;
1514 if (view->rootdelonly && dns_name_countlabels(name) <= 2) {
1515 if (view->rootexclude == NULL)
1517 new = ISC_LIST_HEAD(view->rootexclude[hash]);
1518 while (new != NULL && !dns_name_equal(new, name))
1519 new = ISC_LIST_NEXT(new, link);
1524 if (view->delonly == NULL)
1527 new = ISC_LIST_HEAD(view->delonly[hash]);
1528 while (new != NULL && !dns_name_equal(new, name))
1529 new = ISC_LIST_NEXT(new, link);
1536 dns_view_setrootdelonly(dns_view_t *view, isc_boolean_t value) {
1537 REQUIRE(DNS_VIEW_VALID(view));
1538 view->rootdelonly = value;
1542 dns_view_getrootdelonly(dns_view_t *view) {
1543 REQUIRE(DNS_VIEW_VALID(view));
1544 return (view->rootdelonly);
1549 dns_view_freezezones(dns_view_t *view, isc_boolean_t value) {
1550 REQUIRE(DNS_VIEW_VALID(view));
1551 return (dns_zt_freezezones(view->zonetable, value));
1556 dns_view_setresstats(dns_view_t *view, isc_stats_t *stats) {
1557 REQUIRE(DNS_VIEW_VALID(view));
1558 REQUIRE(!view->frozen);
1559 REQUIRE(view->resstats == NULL);
1561 isc_stats_attach(stats, &view->resstats);
1565 dns_view_getresstats(dns_view_t *view, isc_stats_t **statsp) {
1566 REQUIRE(DNS_VIEW_VALID(view));
1567 REQUIRE(statsp != NULL && *statsp == NULL);
1569 if (view->resstats != NULL)
1570 isc_stats_attach(view->resstats, statsp);
1574 dns_view_setresquerystats(dns_view_t *view, dns_stats_t *stats) {
1575 REQUIRE(DNS_VIEW_VALID(view));
1576 REQUIRE(!view->frozen);
1577 REQUIRE(view->resquerystats == NULL);
1579 dns_stats_attach(stats, &view->resquerystats);
1583 dns_view_getresquerystats(dns_view_t *view, dns_stats_t **statsp) {
1584 REQUIRE(DNS_VIEW_VALID(view));
1585 REQUIRE(statsp != NULL && *statsp == NULL);
1587 if (view->resquerystats != NULL)
1588 dns_stats_attach(view->resquerystats, statsp);
1592 dns_view_initsecroots(dns_view_t *view, isc_mem_t *mctx) {
1593 REQUIRE(DNS_VIEW_VALID(view));
1594 if (view->secroots_priv != NULL)
1595 dns_keytable_detach(&view->secroots_priv);
1596 return (dns_keytable_create(mctx, &view->secroots_priv));
1600 dns_view_getsecroots(dns_view_t *view, dns_keytable_t **ktp) {
1601 REQUIRE(DNS_VIEW_VALID(view));
1602 REQUIRE(ktp != NULL && *ktp == NULL);
1603 if (view->secroots_priv == NULL)
1604 return (ISC_R_NOTFOUND);
1605 dns_keytable_attach(view->secroots_priv, ktp);
1606 return (ISC_R_SUCCESS);
1610 dns_view_issecuredomain(dns_view_t *view, dns_name_t *name,
1611 isc_boolean_t *secure_domain) {
1612 REQUIRE(DNS_VIEW_VALID(view));
1613 return (dns_keytable_issecuredomain(view->secroots_priv, name,
1618 dns_view_untrust(dns_view_t *view, dns_name_t *keyname,
1619 dns_rdata_dnskey_t *dnskey, isc_mem_t *mctx)
1621 isc_result_t result;
1622 unsigned char data[4096];
1623 dns_rdata_t rdata = DNS_RDATA_INIT;
1624 isc_buffer_t buffer;
1625 dst_key_t *key = NULL;
1626 dns_keytable_t *sr = NULL;
1629 * Clear the revoke bit, if set, so that the key will match what's
1632 dnskey->flags &= ~DNS_KEYFLAG_REVOKE;
1634 /* Convert dnskey to DST key. */
1635 isc_buffer_init(&buffer, data, sizeof(data));
1636 dns_rdata_fromstruct(&rdata, dnskey->common.rdclass,
1637 dns_rdatatype_dnskey, dnskey, &buffer);
1638 result = dns_dnssec_keyfromrdata(keyname, &rdata, mctx, &key);
1639 if (result != ISC_R_SUCCESS)
1641 result = dns_view_getsecroots(view, &sr);
1642 if (result == ISC_R_SUCCESS) {
1643 dns_keytable_deletekeynode(sr, key);
1644 dns_keytable_detach(&sr);
1652 dns_view_setnewzones(dns_view_t *view, isc_boolean_t allow, void *cfgctx,
1653 void (*cfg_destroy)(void **))
1655 REQUIRE(DNS_VIEW_VALID(view));
1656 REQUIRE((cfgctx != NULL && cfg_destroy != NULL) || !allow);
1659 if (view->new_zone_file != NULL) {
1660 isc_mem_free(view->mctx, view->new_zone_file);
1661 view->new_zone_file = NULL;
1664 if (view->new_zone_config != NULL) {
1665 view->cfg_destroy(&view->new_zone_config);
1666 view->cfg_destroy = NULL;
1670 char buffer[ISC_SHA256_DIGESTSTRINGLENGTH + sizeof(NZF)];
1671 isc_sha256_data((void *)view->name, strlen(view->name), buffer);
1672 /* Truncate the hash at 16 chars; full length is overkill */
1673 isc_string_printf(buffer + 16, sizeof(NZF), "%s", NZF);
1674 view->new_zone_file = isc_mem_strdup(view->mctx, buffer);
1675 view->new_zone_config = cfgctx;
1676 view->cfg_destroy = cfg_destroy;
1681 UNUSED(cfg_destroy);