1 /* $NetBSD: zone.h,v 1.16 2026/01/29 18:37:51 christos Exp $ */ 2 3 /* 4 * Copyright (C) Internet Systems Consortium, Inc. ("ISC") 5 * 6 * SPDX-License-Identifier: MPL-2.0 7 * 8 * This Source Code Form is subject to the terms of the Mozilla Public 9 * License, v. 2.0. If a copy of the MPL was not distributed with this 10 * file, you can obtain one at https://mozilla.org/MPL/2.0/. 11 * 12 * See the COPYRIGHT file distributed with this work for additional 13 * information regarding copyright ownership. 14 */ 15 16 #pragma once 17 18 /*! \file dns/zone.h */ 19 20 /*** 21 *** Imports 22 ***/ 23 24 #include <inttypes.h> 25 #include <stdbool.h> 26 #include <stdio.h> 27 28 #include <isc/formatcheck.h> 29 #include <isc/lang.h> 30 #include <isc/rwlock.h> 31 #include <isc/tls.h> 32 33 #include <dns/catz.h> 34 #include <dns/diff.h> 35 #include <dns/master.h> 36 #include <dns/masterdump.h> 37 #include <dns/rdatastruct.h> 38 #include <dns/rpz.h> 39 #include <dns/skr.h> 40 #include <dns/types.h> 41 #include <dns/xfrin.h> 42 #include <dns/zt.h> 43 44 /* Add -DDNS_ZONE_TRACE=1 to CFLAGS for detailed reference tracing */ 45 46 typedef enum { 47 dns_zone_none, 48 dns_zone_primary, 49 dns_zone_secondary, 50 dns_zone_mirror, 51 dns_zone_stub, 52 dns_zone_staticstub, 53 dns_zone_key, 54 dns_zone_dlz, 55 dns_zone_redirect 56 } dns_zonetype_t; 57 58 #ifndef dns_zone_master 59 #define dns_zone_master dns_zone_primary 60 #endif /* dns_zone_master */ 61 62 #ifndef dns_zone_slave 63 #define dns_zone_slave dns_zone_secondary 64 #endif /* dns_zone_slave */ 65 66 typedef enum { 67 dns_zonestat_none = 0, 68 dns_zonestat_terse, 69 dns_zonestat_full 70 } dns_zonestat_level_t; 71 72 typedef enum { 73 DNS_ZONEOPT_MANYERRORS = 1 << 0, /*%< return many errors on load */ 74 DNS_ZONEOPT_IXFRFROMDIFFS = 1 << 1, /*%< calculate differences */ 75 DNS_ZONEOPT_NOMERGE = 1 << 2, /*%< don't merge journal */ 76 DNS_ZONEOPT_CHECKNS = 1 << 3, /*%< check if NS's are addresses */ 77 DNS_ZONEOPT_FATALNS = 1 << 4, /*%< DNS_ZONEOPT_CHECKNS is fatal */ 78 DNS_ZONEOPT_MULTIMASTER = 1 << 5, /*%< this zone has multiple 79 primaries */ 80 DNS_ZONEOPT_USEALTXFRSRC = 1 << 6, /*%< use alternate transfer sources. 81 Obsoleted. */ 82 DNS_ZONEOPT_CHECKNAMES = 1 << 7, /*%< check-names */ 83 DNS_ZONEOPT_CHECKNAMESFAIL = 1 << 8, /*%< fatal check-name failures */ 84 DNS_ZONEOPT_CHECKWILDCARD = 1 << 9, /*%< check for internal wildcards */ 85 DNS_ZONEOPT_CHECKMX = 1 << 10, /*%< check-mx */ 86 DNS_ZONEOPT_CHECKMXFAIL = 1 << 11, /*%< fatal check-mx failures */ 87 DNS_ZONEOPT_CHECKINTEGRITY = 1 << 12, /*%< perform integrity checks */ 88 DNS_ZONEOPT_CHECKSIBLING = 1 << 13, /*%< perform sibling glue checks */ 89 DNS_ZONEOPT_NOCHECKNS = 1 << 14, /*%< disable IN NS address checks */ 90 DNS_ZONEOPT_WARNMXCNAME = 1 << 15, /*%< warn on MX CNAME check */ 91 DNS_ZONEOPT_IGNOREMXCNAME = 1 << 16, /*%< ignore MX CNAME check */ 92 DNS_ZONEOPT_WARNSRVCNAME = 1 << 17, /*%< warn on SRV CNAME check */ 93 DNS_ZONEOPT_IGNORESRVCNAME = 1 << 18, /*%< ignore SRV CNAME check */ 94 DNS_ZONEOPT_UPDATECHECKKSK = 1 << 19, /*%< check dnskey KSK flag */ 95 DNS_ZONEOPT_TRYTCPREFRESH = 1 << 20, /*%< try tcp refresh on udp failure 96 */ 97 DNS_ZONEOPT_NOTIFYTOSOA = 1 << 21, /*%< Notify the SOA MNAME */ 98 DNS_ZONEOPT_NSEC3TESTZONE = 1 << 22, /*%< nsec3-test-zone */ 99 /* DNS_ZONEOPT_SECURETOINSECURE = 1 << 23, */ 100 DNS_ZONEOPT_DNSKEYKSKONLY = 1 << 24, /*%< dnssec-dnskey-kskonly */ 101 DNS_ZONEOPT_CHECKDUPRR = 1 << 25, /*%< check-dup-records */ 102 DNS_ZONEOPT_CHECKDUPRRFAIL = 1 << 26, /*%< fatal check-dup-records 103 * failures */ 104 DNS_ZONEOPT_CHECKSPF = 1 << 27, /*%< check SPF records */ 105 DNS_ZONEOPT_CHECKTTL = 1 << 28, /*%< check max-zone-ttl */ 106 DNS_ZONEOPT_AUTOEMPTY = 1 << 29, /*%< automatic empty zone */ 107 DNS_ZONEOPT_CHECKSVCB = 1 << 30, /*%< check SVBC records */ 108 DNS_ZONEOPT_FORCEKEYMGR = 1ULL << 31, /*%< force keymgr step */ 109 DNS_ZONEOPT___MAX = UINT64_MAX, /* trick to make the ENUM 64-bit wide */ 110 } dns_zoneopt_t; 111 112 /* 113 * Zone key maintenance options 114 */ 115 typedef enum { 116 DNS_ZONEKEY_ALLOW = 0x00000001U, /*%< fetch keys on command */ 117 DNS_ZONEKEY_MAINTAIN = 0x00000002U, /*%< publish/sign on schedule */ 118 DNS_ZONEKEY_CREATE = 0x00000004U, /*%< make keys when needed */ 119 DNS_ZONEKEY_FULLSIGN = 0x00000008U, /*%< roll to new keys immediately */ 120 DNS_ZONEKEY___MAX = UINT64_MAX, /* trick to make the ENUM 64-bit wide */ 121 } dns_zonekey_t; 122 123 /* 124 * Zone states 125 */ 126 typedef enum { 127 DNS_ZONESTATE_XFERRUNNING = 1, 128 DNS_ZONESTATE_XFERDEFERRED, 129 DNS_ZONESTATE_XFERFIRSTREFRESH, 130 DNS_ZONESTATE_SOAQUERY, 131 DNS_ZONESTATE_ANY, 132 DNS_ZONESTATE_AUTOMATIC, 133 } dns_zonestate_t; 134 135 #ifndef DNS_ZONE_MINREFRESH 136 #define DNS_ZONE_MINREFRESH 300 /*%< 5 minutes */ 137 #endif /* ifndef DNS_ZONE_MINREFRESH */ 138 #ifndef DNS_ZONE_MAXREFRESH 139 #define DNS_ZONE_MAXREFRESH 2419200 /*%< 4 weeks */ 140 #endif /* ifndef DNS_ZONE_MAXREFRESH */ 141 #ifndef DNS_ZONE_DEFAULTREFRESH 142 #define DNS_ZONE_DEFAULTREFRESH 3600 /*%< 1 hour */ 143 #endif /* ifndef DNS_ZONE_DEFAULTREFRESH */ 144 #ifndef DNS_ZONE_MINRETRY 145 #define DNS_ZONE_MINRETRY 300 /*%< 5 minutes */ 146 #endif /* ifndef DNS_ZONE_MINRETRY */ 147 #ifndef DNS_ZONE_MAXRETRY 148 #define DNS_ZONE_MAXRETRY 1209600 /*%< 2 weeks */ 149 #endif /* ifndef DNS_ZONE_MAXRETRY */ 150 #ifndef DNS_ZONE_DEFAULTRETRY 151 #define DNS_ZONE_DEFAULTRETRY \ 152 60 /*%< 1 minute, subject to \ 153 * exponential backoff */ 154 #endif /* ifndef DNS_ZONE_DEFAULTRETRY */ 155 156 ISC_LANG_BEGINDECLS 157 158 /*** 159 *** Functions 160 ***/ 161 162 void 163 dns_zone_create(dns_zone_t **zonep, isc_mem_t *mctx, unsigned int tid); 164 /*%< 165 * Creates a new empty zone and attach '*zonep' to it. 166 * 167 * Requires: 168 *\li 'zonep' to point to a NULL pointer. 169 *\li 'mctx' to be a valid memory context. 170 * 171 * Ensures: 172 *\li '*zonep' refers to a valid zone. 173 */ 174 175 isc_result_t 176 dns_zone_makedb(dns_zone_t *zone, dns_db_t **dbp); 177 /*%< 178 * Creates a new empty database for the 'zone'. 179 * 180 * Requires: 181 *\li 'zone' to be a valid zone. 182 *\li 'dbp' to point to NULL pointer. 183 * 184 * Returns: 185 *\li dns_db_create() error codes. 186 */ 187 188 void 189 dns_zone_setclass(dns_zone_t *zone, dns_rdataclass_t rdclass); 190 /*%< 191 * Sets the class of a zone. This operation can only be performed 192 * once on a zone. 193 * 194 * Require: 195 *\li 'zone' to be a valid zone. 196 *\li dns_zone_setclass() not to have been called since the zone was 197 * created. 198 *\li 'rdclass' != dns_rdataclass_none. 199 */ 200 201 dns_rdataclass_t 202 dns_zone_getclass(dns_zone_t *zone); 203 /*%< 204 * Returns the current zone class. 205 * 206 * Requires: 207 *\li 'zone' to be a valid zone. 208 */ 209 210 isc_result_t 211 dns_zone_getserial(dns_zone_t *zone, uint32_t *serialp); 212 /*%< 213 * Returns the current serial number of the zone. On success, the SOA 214 * serial of the zone will be copied into '*serialp'. 215 * 216 * Requires: 217 *\li 'zone' to be a valid zone. 218 *\li 'serialp' to be non NULL 219 * 220 * Returns: 221 *\li #ISC_R_SUCCESS 222 *\li #DNS_R_NOTLOADED zone DB is not loaded 223 */ 224 225 void 226 dns_zone_settype(dns_zone_t *zone, dns_zonetype_t type); 227 /*%< 228 * Sets the zone type. This operation can only be performed once on 229 * a zone. 230 * 231 * Requires: 232 *\li 'zone' to be a valid zone. 233 *\li dns_zone_settype() not to have been called since the zone was 234 * created. 235 *\li 'type' != dns_zone_none 236 */ 237 238 void 239 dns_zone_setview(dns_zone_t *zone, dns_view_t *view); 240 /*%< 241 * Associate the zone with a view. 242 * 243 * Require: 244 *\li 'zone' to be a valid zone. 245 */ 246 247 dns_view_t * 248 dns_zone_getview(dns_zone_t *zone); 249 /*%< 250 * Returns the zone's associated view. 251 * 252 * Requires: 253 *\li 'zone' to be a valid zone. 254 */ 255 256 void 257 dns_zone_setviewcommit(dns_zone_t *zone); 258 /*%< 259 * Commit the previous view saved internally via dns_zone_setview(). 260 * 261 * Require: 262 *\li 'zone' to be a valid zone. 263 */ 264 265 void 266 dns_zone_setviewrevert(dns_zone_t *zone); 267 /*%< 268 * Revert the most recent dns_zone_setview() on this zone, 269 * restoring the previous view. 270 * 271 * Require: 272 *\li 'zone' to be a valid zone. 273 */ 274 275 isc_result_t 276 dns_zone_setorigin(dns_zone_t *zone, const dns_name_t *origin); 277 /*%< 278 * Sets the zones origin to 'origin'. 279 * 280 * Require: 281 *\li 'zone' to be a valid zone. 282 *\li 'origin' to be non NULL. 283 * 284 * Returns: 285 *\li #ISC_R_SUCCESS 286 *\li #ISC_R_NOMEMORY 287 */ 288 289 dns_name_t * 290 dns_zone_getorigin(dns_zone_t *zone); 291 /*%< 292 * Returns the value of the origin. 293 * 294 * Require: 295 *\li 'zone' to be a valid zone. 296 */ 297 298 isc_result_t 299 dns_zone_setfile(dns_zone_t *zone, const char *file, dns_masterformat_t format, 300 const dns_master_style_t *style); 301 /*%< 302 * Sets the name of the master file in the format of 'format' from which 303 * the zone loads its database to 'file'. 304 * 305 * For zones that have no associated master file, 'file' will be NULL. 306 * 307 * For zones with persistent databases, the file name 308 * setting is ignored. 309 * 310 * Require: 311 *\li 'zone' to be a valid zone. 312 * 313 * Returns: 314 *\li #ISC_R_NOMEMORY 315 *\li #ISC_R_SUCCESS 316 */ 317 318 const char * 319 dns_zone_getfile(dns_zone_t *zone); 320 /*%< 321 * Gets the name of the zone's master file, if any. 322 * 323 * Requires: 324 *\li 'zone' to be valid initialised zone. 325 * 326 * Returns: 327 *\li Pointer to null-terminated file name, or NULL. 328 */ 329 330 isc_result_t 331 dns_zone_setstream(dns_zone_t *zone, const FILE *stream, 332 dns_masterformat_t format, const dns_master_style_t *style); 333 /*%< 334 * Sets the source stream from which the zone will load its database. 335 * 336 * Requires: 337 *\li 'zone' to be a valid zone. 338 *\li 'stream' to be a valid and open FILE *. 339 *\li 'zone->masterfile' to be NULL, since we should load data either from 340 * 'stream' or from a master file, but not both. 341 * 342 * Returns: 343 *\li #ISC_R_NOMEMORY 344 *\li #ISC_R_SUCCESS 345 */ 346 347 void 348 dns_zone_setmaxrecords(dns_zone_t *zone, uint32_t records); 349 /*%< 350 * Sets the maximum number of records permitted in a zone. 351 * 0 implies unlimited. 352 * 353 * Requires: 354 *\li 'zone' to be valid initialised zone. 355 * 356 * Returns: 357 *\li void 358 */ 359 360 uint32_t 361 dns_zone_getmaxrecords(dns_zone_t *zone); 362 /*%< 363 * Gets the maximum number of records permitted in a zone. 364 * 0 implies unlimited. 365 * 366 * Requires: 367 *\li 'zone' to be valid initialised zone. 368 * 369 * Returns: 370 *\li uint32_t maxrecords. 371 */ 372 373 void 374 dns_zone_setmaxrrperset(dns_zone_t *zone, uint32_t maxrrperset); 375 /*%< 376 * Sets the maximum number of records per rrset permitted in a zone. 377 * 0 implies unlimited. 378 * 379 * Requires: 380 *\li 'zone' to be valid initialised zone. 381 * 382 * Returns: 383 *\li void 384 */ 385 386 void 387 dns_zone_setmaxtypepername(dns_zone_t *zone, uint32_t maxtypepername); 388 /*%< 389 * Sets the maximum number of resource record types per owner name 390 * permitted in a zone. 0 implies unlimited. 391 * 392 * Requires: 393 *\li 'zone' to be valid initialised zone. 394 * 395 * Returns: 396 *\li void 397 */ 398 399 void 400 dns_zone_setmaxttl(dns_zone_t *zone, uint32_t maxttl); 401 /*%< 402 * Sets the max ttl of the zone. 403 * 404 * Requires: 405 *\li 'zone' to be valid initialised zone. 406 * 407 * Returns: 408 *\li void 409 */ 410 411 dns_ttl_t 412 dns_zone_getmaxttl(dns_zone_t *zone); 413 /*%< 414 * Gets the max ttl of the zone. 415 * 416 * Requires: 417 *\li 'zone' to be valid initialised zone. 418 * 419 * Returns: 420 *\li dns_ttl_t maxttl. 421 */ 422 423 void 424 dns_zone_lock_keyfiles(dns_zone_t *zone); 425 /*%< 426 * Lock associated keyfiles for this zone. 427 * 428 * Require: 429 *\li 'zone' to be a valid zone. 430 */ 431 432 void 433 dns_zone_unlock_keyfiles(dns_zone_t *zone); 434 /*%< 435 * Unlock associated keyfiles for this zone. 436 * 437 * Require: 438 *\li 'zone' to be a valid zone. 439 */ 440 441 isc_result_t 442 dns_zone_dnskey_inuse(dns_zone_t *zone, dns_rdata_t *rdata, bool *inuse); 443 /*%< 444 * Check if the DNSKEY record 'rdata' is used by 'zone' for zone signing. 445 * Store the result in 'inuse'. 446 * 447 * Require: 448 *\li 'zone' to be a valid zone. 449 *\li 'rdata' to represent a DNSKEY, CDNSKEY, or CDS record. 450 * 451 * Returns: 452 *\li #ISC_R_SUCCESS 453 *\li Any error result from dns_dnssec_keyfromrdata, dns_rdata_tostruct, 454 * dns_dnssec_make_dnskey, dns_ds_buildrdata, or 455 * dns_dnssec_findmatchingkeys. 456 * 457 */ 458 459 isc_result_t 460 dns_zone_load(dns_zone_t *zone, bool newonly); 461 462 isc_result_t 463 dns_zone_loadandthaw(dns_zone_t *zone); 464 465 /*%< 466 * Cause the database to be loaded from its backing store. 467 * Confirm that the minimum requirements for the zone type are 468 * met, otherwise DNS_R_BADZONE is returned. 469 * 470 * If newonly is set dns_zone_load() only loads new zones. 471 * dns_zone_loadandthaw() is similar to dns_zone_load() but will 472 * also re-enable DNS UPDATEs when the load completes. 473 * 474 * Require: 475 *\li 'zone' to be a valid zone. 476 * 477 * Returns: 478 *\li #ISC_R_UNEXPECTED 479 *\li #ISC_R_SUCCESS 480 *\li DNS_R_CONTINUE Incremental load has been queued. 481 *\li DNS_R_UPTODATE The zone has already been loaded based on 482 * file system timestamps. 483 *\li DNS_R_BADZONE 484 *\li Any result value from dns_db_load(). 485 */ 486 487 isc_result_t 488 dns_zone_asyncload(dns_zone_t *zone, bool newonly, dns_zt_callback_t done, 489 void *arg); 490 /*%< 491 * Cause the database to be loaded from its backing store asynchronously. 492 * Other zone maintenance functions are suspended until this is complete. 493 * When finished, 'done' is called to inform the caller, with 'arg' as 494 * its argument. (Normally, 'arg' is expected to point to the zone table 495 * but is left undefined for testing purposes.) 496 * 497 * Require: 498 *\li 'zone' to be a valid zone. 499 * 500 * Returns: 501 *\li #ISC_R_ALREADYRUNNING 502 *\li #ISC_R_SUCCESS 503 *\li #ISC_R_FAILURE 504 *\li #ISC_R_NOMEMORY 505 */ 506 507 bool 508 dns__zone_loadpending(dns_zone_t *zone); 509 /*%< 510 * Indicates whether the zone is waiting to be loaded asynchronously. 511 * (Not currently intended for use outside of this module and associated 512 * tests.) 513 */ 514 515 void 516 dns_zone_iattach(dns_zone_t *source, dns_zone_t **target); 517 /*%< 518 * Attach '*target' to 'source' incrementing its internal 519 * reference count. This is intended for use by operations 520 * such as zone transfers that need to prevent the zone 521 * object from being freed but not from shutting down. 522 * 523 * Require: 524 *\li The caller is running in the context of the zone's loop. 525 *\li 'zone' to be a valid zone. 526 *\li 'target' to be non NULL and '*target' to be NULL. 527 */ 528 529 void 530 dns_zone_idetach(dns_zone_t **zonep); 531 /*%< 532 * Detach from a zone decrementing its internal reference count. 533 * If there are no more internal or external references to the 534 * zone, it will be freed. 535 * 536 * Require: 537 *\li The caller is running in the context of the zone's loop. 538 *\li 'zonep' to point to a valid zone. 539 */ 540 541 isc_result_t 542 dns_zone_getdb(dns_zone_t *zone, dns_db_t **dbp); 543 /*%< 544 * Attach '*dbp' to the database to if it exists otherwise 545 * return DNS_R_NOTLOADED. 546 * 547 * Require: 548 *\li 'zone' to be a valid zone. 549 *\li 'dbp' to be != NULL && '*dbp' == NULL. 550 * 551 * Returns: 552 *\li #ISC_R_SUCCESS 553 *\li DNS_R_NOTLOADED 554 */ 555 556 void 557 dns_zone_setdb(dns_zone_t *zone, dns_db_t *db); 558 /*%< 559 * Sets the zone database to 'db'. 560 * 561 * This function is expected to be used to configure a zone with a 562 * database which is not loaded from a file or zone transfer. 563 * It can be used for a general purpose zone, but right now its use 564 * is limited to static-stub zones to avoid possible undiscovered 565 * problems in the general cases. 566 * 567 * Require: 568 *\li 'zone' to be a valid zone of static-stub. 569 *\li zone doesn't have a database. 570 */ 571 572 void 573 dns_zone_setdbtype(dns_zone_t *zone, unsigned int dbargc, 574 const char *const *dbargv); 575 /*%< 576 * Sets the database type to dbargv[0] and database arguments 577 * to subsequent dbargv elements. 578 * 'db_type' is not checked to see if it is a valid database type. 579 * 580 * Require: 581 *\li 'zone' to be a valid zone. 582 *\li 'database' to be non NULL. 583 *\li 'dbargc' to be >= 1 584 *\li 'dbargv' to point to dbargc NULL-terminated strings 585 */ 586 587 isc_result_t 588 dns_zone_getdbtype(dns_zone_t *zone, char ***argv, isc_mem_t *mctx); 589 /*%< 590 * Returns the current dbtype. isc_mem_free() should be used 591 * to free 'argv' after use. 592 * 593 * Require: 594 *\li 'zone' to be a valid zone. 595 *\li 'argv' to be non NULL and *argv to be NULL. 596 *\li 'mctx' to be valid. 597 * 598 * Returns: 599 *\li #ISC_R_NOMEMORY 600 *\li #ISC_R_SUCCESS 601 */ 602 603 void 604 dns_zone_markdirty(dns_zone_t *zone); 605 /*%< 606 * Mark a zone as 'dirty'. 607 * 608 * Require: 609 *\li 'zone' to be a valid zone. 610 */ 611 612 void 613 dns_zone_expire(dns_zone_t *zone); 614 /*%< 615 * Mark the zone as expired. If the zone requires dumping cause it to 616 * be initiated. Set the refresh and retry intervals to there default 617 * values and unload the zone. 618 * 619 * Require 620 *\li 'zone' to be a valid zone. 621 */ 622 623 void 624 dns_zone_refresh(dns_zone_t *zone); 625 /*%< 626 * Initiate zone up to date checks. The zone must already be being 627 * managed. 628 * 629 * Require 630 *\li 'zone' to be a valid zone. 631 */ 632 633 isc_result_t 634 dns_zone_flush(dns_zone_t *zone); 635 /*%< 636 * Write the zone to database if there are uncommitted changes. 637 * 638 * Require: 639 *\li 'zone' to be a valid zone. 640 */ 641 642 isc_result_t 643 dns_zone_dump(dns_zone_t *zone); 644 /*%< 645 * Write the zone to database. 646 * 647 * Require: 648 *\li 'zone' to be a valid zone. 649 */ 650 651 isc_result_t 652 dns_zone_dumptostream(dns_zone_t *zone, FILE *fd, dns_masterformat_t format, 653 const dns_master_style_t *style, 654 const uint32_t rawversion); 655 /*%< 656 * Write the zone to stream 'fd' in the specified 'format'. 657 * If the 'format' is dns_masterformat_text (RFC1035), 'style' also 658 * specifies the file style (e.g., &dns_master_style_default). 659 * 660 * dns_zone_dumptostream() is a backward-compatible form of 661 * dns_zone_dumptostream2(), which always uses the dns_masterformat_text 662 * format and the dns_master_style_default style. 663 * 664 * dns_zone_dumptostream2() is a backward-compatible form of 665 * dns_zone_dumptostream3(), which always uses the current 666 * default raw file format version. 667 * 668 * Note that dns_zone_dumptostream3() is the most flexible form. It 669 * can also provide the functionality of dns_zone_fulldumptostream(). 670 * 671 * Require: 672 *\li 'zone' to be a valid zone. 673 *\li 'fd' to be a stream open for writing. 674 */ 675 676 void 677 dns_zone_setprimaries(dns_zone_t *zone, isc_sockaddr_t *addresses, 678 isc_sockaddr_t *sources, dns_name_t **keynames, 679 dns_name_t **tlsnames, uint32_t count); 680 /*%< 681 * Set the list of primary servers for the zone. 682 * 683 * Require: 684 *\li 'zone' to be a valid zone. 685 *\li 'addresses' array of isc_sockaddr_t with port set or NULL. 686 *\li 'count' the number of primaries. 687 *\li 'keynames' array of dns_name_t's for tsig keys or NULL. 688 * 689 *\li If 'addresses' is NULL then 'count' must be zero. 690 * 691 * Returns: 692 *\li #ISC_R_SUCCESS 693 *\li #ISC_R_NOMEMORY 694 *\li Any result dns_name_dup() can return, if keynames!=NULL 695 */ 696 697 void 698 dns_zone_setparentals(dns_zone_t *zone, isc_sockaddr_t *addresses, 699 isc_sockaddr_t *sources, dns_name_t **keynames, 700 dns_name_t **tlsnames, uint32_t count); 701 /*%< 702 * Set the list of parental agents for the zone. 703 * 704 * Require: 705 *\li 'zone' to be a valid zone. 706 *\li 'addresses' array of isc_sockaddr_t with port set or NULL. 707 *\li 'count' the number of primaries. 708 *\li 'keynames' array of dns_name_t's for tsig keys or NULL. 709 * 710 *\li If 'addresses' is NULL then 'count' must be zero. 711 * 712 * Returns: 713 *\li #ISC_R_SUCCESS 714 *\li #ISC_R_NOMEMORY 715 *\li Any result dns_name_dup() can return, if keynames!=NULL 716 */ 717 718 void 719 dns_zone_setalsonotify(dns_zone_t *zone, isc_sockaddr_t *addresses, 720 isc_sockaddr_t *sources, dns_name_t **keynames, 721 dns_name_t **tlsnames, uint32_t count); 722 /*%< 723 * Set the list of additional servers to be notified when 724 * a zone changes. To clear the list use 'count = 0'. 725 * 726 * dns_zone_alsonotifywithkeys() allows each notify address to 727 * be associated with a TSIG key. 728 * 729 * Require: 730 *\li 'zone' to be a valid zone. 731 *\li 'addresses' to be non-NULL if count != 0. 732 *\li 'count' to be the number of notifiees. 733 * 734 * Returns: 735 *\li #ISC_R_SUCCESS 736 *\li #ISC_R_NOMEMORY 737 */ 738 739 void 740 dns_zone_unload(dns_zone_t *zone); 741 /*%< 742 * detach the database from the zone structure. 743 * 744 * Require: 745 *\li 'zone' to be a valid zone. 746 */ 747 748 dns_kasp_t * 749 dns_zone_getkasp(dns_zone_t *zone); 750 /*%< 751 * Returns the current kasp. 752 * 753 * Require: 754 *\li 'zone' to be a valid zone. 755 */ 756 757 void 758 dns_zone_setkasp(dns_zone_t *zone, dns_kasp_t *kasp); 759 void 760 dns_zone_setdefaultkasp(dns_zone_t *zone, dns_kasp_t *kasp); 761 /*%< 762 * Set kasp for zone. If a kasp is already set, it will be detached. 763 * 764 * Requires: 765 *\li 'zone' to be a valid zone. 766 */ 767 768 dns_skrbundle_t * 769 dns_zone_getskrbundle(dns_zone_t *zone); 770 /*%< 771 * Returns the current SKR bundle. 772 * 773 * Require: 774 *\li 'zone' to be a valid zone. 775 */ 776 777 void 778 dns_zone_setoption(dns_zone_t *zone, dns_zoneopt_t option, bool value); 779 /*%< 780 * Set the given options on ('value' == true) or off 781 * ('value' == #false). 782 * 783 * Require: 784 *\li 'zone' to be a valid zone. 785 */ 786 787 dns_zoneopt_t 788 dns_zone_getoptions(dns_zone_t *zone); 789 /*%< 790 * Returns the current zone options. 791 * 792 * Require: 793 *\li 'zone' to be a valid zone. 794 */ 795 796 void 797 dns_zone_setkeyopt(dns_zone_t *zone, unsigned int option, bool value); 798 /*%< 799 * Set key options on ('value' == true) or off ('value' == 800 * #false). 801 * 802 * Require: 803 *\li 'zone' to be a valid zone. 804 */ 805 806 unsigned int 807 dns_zone_getkeyopts(dns_zone_t *zone); 808 /*%< 809 * Returns the current zone key options. 810 * 811 * Require: 812 *\li 'zone' to be a valid zone. 813 */ 814 815 void 816 dns_zone_setminrefreshtime(dns_zone_t *zone, uint32_t val); 817 /*%< 818 * Set the minimum refresh time. 819 * 820 * Requires: 821 *\li 'zone' is valid. 822 *\li val > 0. 823 */ 824 825 void 826 dns_zone_setmaxrefreshtime(dns_zone_t *zone, uint32_t val); 827 /*%< 828 * Set the maximum refresh time. 829 * 830 * Requires: 831 *\li 'zone' is valid. 832 *\li val > 0. 833 */ 834 835 void 836 dns_zone_setminretrytime(dns_zone_t *zone, uint32_t val); 837 /*%< 838 * Set the minimum retry time. 839 * 840 * Requires: 841 *\li 'zone' is valid. 842 *\li val > 0. 843 */ 844 845 void 846 dns_zone_setmaxretrytime(dns_zone_t *zone, uint32_t val); 847 /*%< 848 * Set the maximum retry time. 849 * 850 * Requires: 851 *\li 'zone' is valid. 852 * val > 0. 853 */ 854 855 void 856 dns_zone_setxfrsource4(dns_zone_t *zone, const isc_sockaddr_t *xfrsource); 857 /*%< 858 * Set the source address to be used in IPv4 zone transfers. 859 * 860 * Require: 861 *\li 'zone' to be a valid zone. 862 *\li 'xfrsource' to contain the address. 863 */ 864 865 void 866 dns_zone_getxfrsource4(dns_zone_t *zone, isc_sockaddr_t *xfrsource); 867 /*%< 868 * Returns the source address set by a previous dns_zone_setxfrsource4 869 * call, or the default of inaddr_any, port 0. 870 * 871 * Require: 872 *\li 'zone' to be a valid zone. 873 *\li 'xfrsource' to not be NULL 874 */ 875 876 void 877 dns_zone_setxfrsource6(dns_zone_t *zone, const isc_sockaddr_t *xfrsource); 878 /*%< 879 * Set the source address to be used in IPv6 zone transfers. 880 * 881 * Require: 882 *\li 'zone' to be a valid zone. 883 *\li 'xfrsource' to contain the address. 884 */ 885 886 void 887 dns_zone_getxfrsource6(dns_zone_t *zone, isc_sockaddr_t *xfrsource); 888 /*%< 889 * Returns the source address set by a previous dns_zone_setxfrsource6 890 * call, or the default of in6addr_any, port 0. 891 * 892 * Require: 893 *\li 'zone' to be a valid zone. 894 *\li 'xfrsource' to not be NULL 895 */ 896 897 void 898 dns_zone_setparentalsrc4(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc); 899 /*%< 900 * Set the source address to be used with IPv4 parental DS queries. 901 * 902 * Require: 903 *\li 'zone' to be a valid zone. 904 *\li 'parentalsrc' to contain the address. 905 */ 906 907 void 908 dns_zone_getparentalsrc4(dns_zone_t *zone, isc_sockaddr_t *parentalsrc); 909 /*%< 910 * Returns the source address set by a previous dns_zone_setparentalsrc4 911 * call, or the default of inaddr_any, port 0. 912 * 913 * Require: 914 *\li 'zone' to be a valid zone. 915 *\li 'parentalsrc' to be non NULL. 916 */ 917 918 void 919 dns_zone_setparentalsrc6(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc); 920 /*%< 921 * Set the source address to be used with IPv6 parental DS queries. 922 * 923 * Require: 924 *\li 'zone' to be a valid zone. 925 *\li 'parentalsrc' to contain the address. 926 */ 927 928 void 929 dns_zone_getparentalsrc6(dns_zone_t *zone, isc_sockaddr_t *parentalsrc); 930 /*%< 931 * Returns the source address set by a previous dns_zone_setparentalsrc6 932 * call, or the default of in6addr_any, port 0. 933 * 934 * Require: 935 *\li 'zone' to be a valid zone. 936 *\li 'parentalsrc' to be non NULL. 937 */ 938 939 void 940 dns_zone_setnotifysrc4(dns_zone_t *zone, const isc_sockaddr_t *notifysrc); 941 /*%< 942 * Set the source address to be used with IPv4 NOTIFY messages. 943 * 944 * Require: 945 *\li 'zone' to be a valid zone. 946 *\li 'notifysrc' to contain the address. 947 */ 948 949 void 950 dns_zone_getnotifysrc4(dns_zone_t *zone, isc_sockaddr_t *notifysrc); 951 /*%< 952 * Returns the source address set by a previous dns_zone_setnotifysrc4 953 * call, or the default of inaddr_any, port 0. 954 * 955 * Require: 956 *\li 'zone' to be a valid zone. 957 *\li 'notifysrc' to be non NULL. 958 */ 959 960 void 961 dns_zone_setnotifysrc6(dns_zone_t *zone, const isc_sockaddr_t *notifysrc); 962 /*%< 963 * Set the source address to be used with IPv6 NOTIFY messages. 964 * 965 * Require: 966 *\li 'zone' to be a valid zone. 967 *\li 'notifysrc' to contain the address. 968 */ 969 970 void 971 dns_zone_getnotifysrc6(dns_zone_t *zone, isc_sockaddr_t *notifysrc); 972 /*%< 973 * Returns the source address set by a previous dns_zone_setnotifysrc6 974 * call, or the default of in6addr_any, port 0. 975 * 976 * Require: 977 *\li 'zone' to be a valid zone. 978 *\li 'notifysrc' to be non NULL. 979 */ 980 981 void 982 dns_zone_setnotifyacl(dns_zone_t *zone, dns_acl_t *acl); 983 /*%< 984 * Sets the notify acl list for the zone. 985 * 986 * Require: 987 *\li 'zone' to be a valid zone. 988 *\li 'acl' to be a valid acl. 989 */ 990 991 void 992 dns_zone_setqueryacl(dns_zone_t *zone, dns_acl_t *acl); 993 /*%< 994 * Sets the query acl list for the zone. 995 * 996 * Require: 997 *\li 'zone' to be a valid zone. 998 *\li 'acl' to be a valid acl. 999 */ 1000 1001 void 1002 dns_zone_setqueryonacl(dns_zone_t *zone, dns_acl_t *acl); 1003 /*%< 1004 * Sets the query-on acl list for the zone. 1005 * 1006 * Require: 1007 *\li 'zone' to be a valid zone. 1008 *\li 'acl' to be a valid acl. 1009 */ 1010 1011 void 1012 dns_zone_setupdateacl(dns_zone_t *zone, dns_acl_t *acl); 1013 /*%< 1014 * Sets the update acl list for the zone. 1015 * 1016 * Require: 1017 *\li 'zone' to be a valid zone. 1018 *\li 'acl' to be valid acl. 1019 */ 1020 1021 void 1022 dns_zone_setforwardacl(dns_zone_t *zone, dns_acl_t *acl); 1023 /*%< 1024 * Sets the forward unsigned updates acl list for the zone. 1025 * 1026 * Require: 1027 *\li 'zone' to be a valid zone. 1028 *\li 'acl' to be valid acl. 1029 */ 1030 1031 void 1032 dns_zone_setxfracl(dns_zone_t *zone, dns_acl_t *acl); 1033 /*%< 1034 * Sets the transfer acl list for the zone. 1035 * 1036 * Require: 1037 *\li 'zone' to be a valid zone. 1038 *\li 'acl' to be valid acl. 1039 */ 1040 1041 dns_acl_t * 1042 dns_zone_getnotifyacl(dns_zone_t *zone); 1043 /*%< 1044 * Returns the current notify acl or NULL. 1045 * 1046 * Require: 1047 *\li 'zone' to be a valid zone. 1048 * 1049 * Returns: 1050 *\li acl a pointer to the acl. 1051 *\li NULL 1052 */ 1053 1054 dns_acl_t * 1055 dns_zone_getqueryacl(dns_zone_t *zone); 1056 /*%< 1057 * Returns the current query acl or NULL. 1058 * 1059 * Require: 1060 *\li 'zone' to be a valid zone. 1061 * 1062 * Returns: 1063 *\li acl a pointer to the acl. 1064 *\li NULL 1065 */ 1066 1067 dns_acl_t * 1068 dns_zone_getqueryonacl(dns_zone_t *zone); 1069 /*%< 1070 * Returns the current query-on acl or NULL. 1071 * 1072 * Require: 1073 *\li 'zone' to be a valid zone. 1074 * 1075 * Returns: 1076 *\li acl a pointer to the acl. 1077 *\li NULL 1078 */ 1079 1080 dns_acl_t * 1081 dns_zone_getupdateacl(dns_zone_t *zone); 1082 /*%< 1083 * Returns the current update acl or NULL. 1084 * 1085 * Require: 1086 *\li 'zone' to be a valid zone. 1087 * 1088 * Returns: 1089 *\li acl a pointer to the acl. 1090 *\li NULL 1091 */ 1092 1093 dns_acl_t * 1094 dns_zone_getforwardacl(dns_zone_t *zone); 1095 /*%< 1096 * Returns the current forward unsigned updates acl or NULL. 1097 * 1098 * Require: 1099 *\li 'zone' to be a valid zone. 1100 * 1101 * Returns: 1102 *\li acl a pointer to the acl. 1103 *\li NULL 1104 */ 1105 1106 dns_acl_t * 1107 dns_zone_getxfracl(dns_zone_t *zone); 1108 /*%< 1109 * Returns the current transfer acl or NULL. 1110 * 1111 * Require: 1112 *\li 'zone' to be a valid zone. 1113 * 1114 * Returns: 1115 *\li acl a pointer to the acl. 1116 *\li NULL 1117 */ 1118 1119 void 1120 dns_zone_clearupdateacl(dns_zone_t *zone); 1121 /*%< 1122 * Clear the current update acl. 1123 * 1124 * Require: 1125 *\li 'zone' to be a valid zone. 1126 */ 1127 1128 void 1129 dns_zone_clearforwardacl(dns_zone_t *zone); 1130 /*%< 1131 * Clear the current forward unsigned updates acl. 1132 * 1133 * Require: 1134 *\li 'zone' to be a valid zone. 1135 */ 1136 1137 void 1138 dns_zone_clearnotifyacl(dns_zone_t *zone); 1139 /*%< 1140 * Clear the current notify acl. 1141 * 1142 * Require: 1143 *\li 'zone' to be a valid zone. 1144 */ 1145 1146 void 1147 dns_zone_clearqueryacl(dns_zone_t *zone); 1148 /*%< 1149 * Clear the current query acl. 1150 * 1151 * Require: 1152 *\li 'zone' to be a valid zone. 1153 */ 1154 1155 void 1156 dns_zone_clearqueryonacl(dns_zone_t *zone); 1157 /*%< 1158 * Clear the current query-on acl. 1159 * 1160 * Require: 1161 *\li 'zone' to be a valid zone. 1162 */ 1163 1164 void 1165 dns_zone_clearxfracl(dns_zone_t *zone); 1166 /*%< 1167 * Clear the current transfer acl. 1168 * 1169 * Require: 1170 *\li 'zone' to be a valid zone. 1171 */ 1172 1173 bool 1174 dns_zone_getupdatedisabled(dns_zone_t *zone); 1175 /*%< 1176 * Return true if updates are disabled. 1177 */ 1178 1179 void 1180 dns_zone_setupdatedisabled(dns_zone_t *zone, bool state); 1181 /*%< 1182 * Enable or disable updates. 1183 * 1184 * This should only be called when running in exclusive mode; 1185 * otherwise, updates that were already in progress could be 1186 * committed after disabling. 1187 */ 1188 1189 bool 1190 dns_zone_getzeronosoattl(dns_zone_t *zone); 1191 /*%< 1192 * Return zero-no-soa-ttl status. 1193 */ 1194 1195 void 1196 dns_zone_setzeronosoattl(dns_zone_t *zone, bool state); 1197 /*%< 1198 * Set zero-no-soa-ttl status. 1199 */ 1200 1201 void 1202 dns_zone_setchecknames(dns_zone_t *zone, dns_severity_t severity); 1203 /*%< 1204 * Set the severity of name checking when loading a zone. 1205 * 1206 * Require: 1207 * \li 'zone' to be a valid zone. 1208 */ 1209 1210 dns_severity_t 1211 dns_zone_getchecknames(dns_zone_t *zone); 1212 /*%< 1213 * Return the current severity of name checking. 1214 * 1215 * Require: 1216 *\li 'zone' to be a valid zone. 1217 */ 1218 1219 void 1220 dns_zone_setjournalsize(dns_zone_t *zone, int32_t size); 1221 /*%< 1222 * Sets the journal size for the zone. 1223 * 1224 * Requires: 1225 *\li 'zone' to be a valid zone. 1226 */ 1227 1228 int32_t 1229 dns_zone_getjournalsize(dns_zone_t *zone); 1230 /*%< 1231 * Return the journal size as set with a previous call to 1232 * dns_zone_setjournalsize(). 1233 * 1234 * Requires: 1235 *\li 'zone' to be a valid zone. 1236 */ 1237 1238 isc_result_t 1239 dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from, 1240 isc_sockaddr_t *to, dns_message_t *msg); 1241 /*%< 1242 * Tell the zone that it has received a NOTIFY message from another 1243 * server. This may cause some zone maintenance activity to occur. 1244 * 1245 * Requires: 1246 *\li 'zone' to be a valid zone. 1247 *\li '*from' to contain the address of the server from which 'msg' 1248 * was received. 1249 *\li 'msg' a message with opcode NOTIFY and qr clear. 1250 * 1251 * Returns: 1252 *\li DNS_R_REFUSED 1253 *\li DNS_R_NOTIMP 1254 *\li DNS_R_FORMERR 1255 *\li DNS_R_SUCCESS 1256 */ 1257 1258 void 1259 dns_zone_setminxfrratein(dns_zone_t *zone, uint32_t bytes, uint32_t seconds); 1260 /*%< 1261 * Set the minumum traffic rate (in bytes per seconds) that a zone transfer in 1262 * (AXFR/IXFR) of this zone will use before being aborted. 1263 * 1264 * Requires: 1265 * \li 'zone' to be valid initialised zone. 1266 */ 1267 1268 uint32_t 1269 dns_zone_getminxfrratebytesin(dns_zone_t *zone); 1270 /*%< 1271 * Returns the 'bytes' portion of the minimum traffic rate for the transfer in 1272 * for this zone. 1273 * 1274 * Requires: 1275 *\li 'zone' to be valid initialised zone. 1276 */ 1277 1278 uint32_t 1279 dns_zone_getminxfrratesecondsin(dns_zone_t *zone); 1280 /*%< 1281 * Returns the 'seconds' portion of the minimum traffic rate for the transfer in 1282 * for this zone. 1283 * 1284 * Requires: 1285 *\li 'zone' to be valid initialised zone. 1286 */ 1287 1288 void 1289 dns_zone_setmaxxfrin(dns_zone_t *zone, uint32_t maxxfrin); 1290 /*%< 1291 * Set the maximum time (in seconds) that a zone transfer in (AXFR/IXFR) 1292 * of this zone will use before being aborted. 1293 * 1294 * Requires: 1295 * \li 'zone' to be valid initialised zone. 1296 */ 1297 1298 uint32_t 1299 dns_zone_getmaxxfrin(dns_zone_t *zone); 1300 /*%< 1301 * Returns the maximum transfer time for this zone. This will be 1302 * either the value set by the last call to dns_zone_setmaxxfrin() or 1303 * the default value of 1 hour. 1304 * 1305 * Requires: 1306 *\li 'zone' to be valid initialised zone. 1307 */ 1308 1309 void 1310 dns_zone_setmaxxfrout(dns_zone_t *zone, uint32_t maxxfrout); 1311 /*%< 1312 * Set the maximum time (in seconds) that a zone transfer out (AXFR/IXFR) 1313 * of this zone will use before being aborted. 1314 * 1315 * Requires: 1316 * \li 'zone' to be valid initialised zone. 1317 */ 1318 1319 uint32_t 1320 dns_zone_getmaxxfrout(dns_zone_t *zone); 1321 /*%< 1322 * Returns the maximum transfer time for this zone. This will be 1323 * either the value set by the last call to dns_zone_setmaxxfrout() or 1324 * the default value of 1 hour. 1325 * 1326 * Requires: 1327 *\li 'zone' to be valid initialised zone. 1328 */ 1329 1330 isc_result_t 1331 dns_zone_setjournal(dns_zone_t *zone, const char *myjournal); 1332 /*%< 1333 * Sets the filename used for journaling updates / IXFR transfers. 1334 * The default journal name is set by dns_zone_setfile() to be 1335 * "file.jnl". If 'myjournal' is NULL, the zone will have no 1336 * journal name. 1337 * 1338 * Requires: 1339 *\li 'zone' to be a valid zone. 1340 * 1341 * Returns: 1342 *\li #ISC_R_SUCCESS 1343 *\li #ISC_R_NOMEMORY 1344 */ 1345 1346 char * 1347 dns_zone_getjournal(dns_zone_t *zone); 1348 /*%< 1349 * Returns the journal name associated with this zone. 1350 * If no journal has been set this will be NULL. 1351 * 1352 * Requires: 1353 *\li 'zone' to be valid initialised zone. 1354 */ 1355 1356 dns_zonetype_t 1357 dns_zone_gettype(dns_zone_t *zone); 1358 /*%< 1359 * Returns the type of the zone (primary/secondary/etc.) 1360 * 1361 * Requires: 1362 *\li 'zone' to be valid initialised zone. 1363 */ 1364 1365 dns_zonetype_t 1366 dns_zone_getredirecttype(dns_zone_t *zone); 1367 /*%< 1368 * Returns whether the redirect zone is configured as a primary or a 1369 * secondary zone. 1370 * 1371 * Requires: 1372 *\li 'zone' to be valid initialised zone. 1373 *\li 'zone' to be a redirect zone. 1374 * 1375 * Returns: 1376 *\li 'dns_zone_primary' 1377 *\li 'dns_zone_secondary' 1378 */ 1379 1380 void 1381 dns_zone_notify(dns_zone_t *zone, bool nodefer); 1382 /*%< 1383 * Generate notify events for this zone. If 'nodefer' is true, the 1384 * 'notify-defer' configuration option is ingored. 1385 * 1386 * Requires: 1387 *\li 'zone' to be a valid zone. 1388 */ 1389 1390 isc_result_t 1391 dns_zone_replacedb(dns_zone_t *zone, dns_db_t *db, bool dump); 1392 /*%< 1393 * Replace the database of "zone" with a new database "db". 1394 * 1395 * If "dump" is true, then the new zone contents are dumped 1396 * into to the zone's master file for persistence. When replacing 1397 * a zone database by one just loaded from a master file, set 1398 * "dump" to false to avoid a redundant redump of the data just 1399 * loaded. Otherwise, it should be set to true. 1400 * 1401 * If the "diff-on-reload" option is enabled in the configuration file, 1402 * the differences between the old and the new database are added to the 1403 * journal file, and the master file dump is postponed. 1404 * 1405 * Requires: 1406 * \li 'zone' to be a valid zone. 1407 * 1408 * Returns: 1409 * \li DNS_R_SUCCESS 1410 * \li DNS_R_BADZONE zone failed basic consistency checks: 1411 * * a single SOA must exist 1412 * * some NS records must exist. 1413 * Others 1414 */ 1415 1416 uint32_t 1417 dns_zone_getidlein(dns_zone_t *zone); 1418 /*%< 1419 * Requires: 1420 * \li 'zone' to be a valid zone. 1421 * 1422 * Returns: 1423 * \li number of seconds of idle time before we abort the transfer in. 1424 */ 1425 1426 void 1427 dns_zone_setidlein(dns_zone_t *zone, uint32_t idlein); 1428 /*%< 1429 * \li Set the idle timeout for transfer the. 1430 * \li Zero set the default value, 1 hour. 1431 * 1432 * Requires: 1433 * \li 'zone' to be a valid zone. 1434 */ 1435 1436 uint32_t 1437 dns_zone_getidleout(dns_zone_t *zone); 1438 /*%< 1439 * 1440 * Requires: 1441 * \li 'zone' to be a valid zone. 1442 * 1443 * Returns: 1444 * \li number of seconds of idle time before we abort a transfer out. 1445 */ 1446 1447 void 1448 dns_zone_setidleout(dns_zone_t *zone, uint32_t idleout); 1449 /*%< 1450 * \li Set the idle timeout for transfers out. 1451 * \li Zero set the default value, 1 hour. 1452 * 1453 * Requires: 1454 * \li 'zone' to be a valid zone. 1455 */ 1456 1457 void 1458 dns_zone_getssutable(dns_zone_t *zone, dns_ssutable_t **table); 1459 /*%< 1460 * Get the simple-secure-update policy table. 1461 * 1462 * Requires: 1463 * \li 'zone' to be a valid zone. 1464 */ 1465 1466 void 1467 dns_zone_setssutable(dns_zone_t *zone, dns_ssutable_t *table); 1468 /*%< 1469 * Set / clear the simple-secure-update policy table. 1470 * 1471 * Requires: 1472 * \li 'zone' to be a valid zone. 1473 */ 1474 1475 isc_mem_t * 1476 dns_zone_getmctx(dns_zone_t *zone); 1477 /*%< 1478 * Get the memory context of a zone. 1479 * 1480 * Requires: 1481 * \li 'zone' to be a valid zone. 1482 */ 1483 1484 dns_zonemgr_t * 1485 dns_zone_getmgr(dns_zone_t *zone); 1486 /*%< 1487 * If 'zone' is managed return the zone manager otherwise NULL. 1488 * 1489 * Requires: 1490 * \li 'zone' to be a valid zone. 1491 */ 1492 1493 void 1494 dns_zone_setsigvalidityinterval(dns_zone_t *zone, uint32_t interval); 1495 /*%< 1496 * Set the zone's general signature validity interval. This is the length 1497 * of time for which DNSSEC signatures created as a result of dynamic 1498 * updates to secure zones will remain valid, in seconds. 1499 * 1500 * Requires: 1501 * \li 'zone' to be a valid zone. 1502 */ 1503 1504 uint32_t 1505 dns_zone_getsigvalidityinterval(dns_zone_t *zone); 1506 /*%< 1507 * Get the zone's general signature validity interval. 1508 * 1509 * Requires: 1510 * \li 'zone' to be a valid zone. 1511 */ 1512 1513 void 1514 dns_zone_setkeyvalidityinterval(dns_zone_t *zone, uint32_t interval); 1515 /*%< 1516 * Set the zone's DNSKEY signature validity interval. This is the length 1517 * of time for which DNSSEC signatures created for DNSKEY records 1518 * will remain valid, in seconds. 1519 * 1520 * If this value is set to zero, then the regular signature validity 1521 * interval (see dns_zone_setsigvalidityinterval(), above) is used 1522 * for all RRSIGs. However, if this value is nonzero, then it is used 1523 * as the validity interval for RRSIGs covering DNSKEY and CDNSKEY 1524 * RRsets. 1525 * 1526 * Requires: 1527 * \li 'zone' to be a valid zone. 1528 */ 1529 1530 uint32_t 1531 dns_zone_getkeyvalidityinterval(dns_zone_t *zone); 1532 /*%< 1533 * Get the zone's DNSKEY signature validity interval. 1534 * 1535 * Requires: 1536 * \li 'zone' to be a valid zone. 1537 */ 1538 1539 void 1540 dns_zone_setsigresigninginterval(dns_zone_t *zone, uint32_t interval); 1541 /*%< 1542 * Set the zone's RRSIG re-signing interval. A dynamic zone's RRSIG's 1543 * will be re-signed 'interval' amount of time before they expire. 1544 * 1545 * Requires: 1546 * \li 'zone' to be a valid zone. 1547 */ 1548 1549 uint32_t 1550 dns_zone_getsigresigninginterval(dns_zone_t *zone); 1551 /*%< 1552 * Get the zone's RRSIG re-signing interval. 1553 * 1554 * Requires: 1555 * \li 'zone' to be a valid zone. 1556 */ 1557 1558 void 1559 dns_zone_getsourceaddr(dns_zone_t *zone, isc_sockaddr_t *sourceaddr); 1560 /*%< 1561 * Get the zone's source address from which it has last contacted the current 1562 * primary server. 1563 * 1564 * Requires: 1565 * \li 'zone' to be a valid zone. 1566 * \li 'zone' has a non-empty primaries list. 1567 * \li 'sourceaddr' to be non-NULL. 1568 */ 1569 1570 isc_result_t 1571 dns_zone_getprimaryaddr(dns_zone_t *zone, isc_sockaddr_t *primaryaddr); 1572 /*%< 1573 * Get the zone's current primary server into '*primaryaddr'. 1574 * 1575 * Requires: 1576 * \li 'zone' to be a valid zone. 1577 * \li 'zone' has a non-empty primaries list. 1578 * \li 'primaryaddr' to be non-NULL. 1579 * 1580 * Returns: 1581 *\li #ISC_R_SUCCESS if the current primary server was found 1582 *\li #ISC_R_NOMORE if all the primaries were already iterated over 1583 */ 1584 1585 isc_time_t 1586 dns_zone_getxfrintime(dns_zone_t *zone); 1587 /*%< 1588 * Get the start time of the zone's latest major step before an incoming zone 1589 * transfer is initiated. The time is set to the current time before the 1590 * precursory SOA query is queued, then it gets reset when the query starts, 1591 * when the query restarts (using another transport or another primary server), 1592 * when an incoming zone transfer is initated and deferred, and, finally, when 1593 * it gets started. 1594 * 1595 * Requires: 1596 * \li 'zone' to be a valid zone. 1597 */ 1598 1599 dns_transport_type_t 1600 dns_zone_getrequesttransporttype(dns_zone_t *zone); 1601 /*%< 1602 * Get the transport type used for the SOA query to the current primary server 1603 * before an ongoing incoming zone transfer is lanunched. When the transfer is 1604 * already running, this information should be retrieved from the xfrin object 1605 * instead, using the dns_xfrin_gettransporttype() function. 1606 * 1607 * Requires: 1608 * \li 'zone' to be a valid zone. 1609 */ 1610 1611 void 1612 dns_zone_setnotifytype(dns_zone_t *zone, dns_notifytype_t notifytype); 1613 /*%< 1614 * Sets zone notify method to "notifytype" 1615 */ 1616 1617 void 1618 dns_zone_setcheckdstype(dns_zone_t *zone, dns_checkdstype_t checkdstype); 1619 /*%< 1620 * Sets zone checkds method to "checkdstype" 1621 */ 1622 1623 isc_result_t 1624 dns_zone_forwardupdate(dns_zone_t *zone, dns_message_t *msg, 1625 dns_updatecallback_t callback, void *callback_arg); 1626 /*%< 1627 * Forward 'msg' to each primary in turn until we get an answer or we 1628 * have exhausted the list of primaries. 'callback' will be called with 1629 * ISC_R_SUCCESS if we get an answer and the returned message will be 1630 * passed as 'answer_message', otherwise a non ISC_R_SUCCESS result code 1631 * will be passed and answer_message will be NULL. The callback function 1632 * is responsible for destroying 'answer_message'. 1633 * (callback)(callback_arg, result, answer_message); 1634 * 1635 * Require: 1636 *\li 'zone' to be valid 1637 *\li 'msg' to be valid. 1638 *\li 'callback' to be non NULL. 1639 * Returns: 1640 *\li #ISC_R_SUCCESS if the message has been forwarded, 1641 *\li #ISC_R_NOMEMORY 1642 *\li Others 1643 */ 1644 1645 isc_result_t 1646 dns_zone_next(dns_zone_t *zone, dns_zone_t **next); 1647 /*%< 1648 * Find the next zone in the list of managed zones. 1649 * 1650 * Requires: 1651 *\li 'zone' to be valid 1652 *\li The zone manager for the indicated zone MUST be locked 1653 * by the caller. This is not checked. 1654 *\li 'next' be non-NULL, and '*next' be NULL. 1655 * 1656 * Ensures: 1657 *\li 'next' points to a valid zone (result ISC_R_SUCCESS) or to NULL 1658 * (result ISC_R_NOMORE). 1659 */ 1660 1661 isc_result_t 1662 dns_zone_first(dns_zonemgr_t *zmgr, dns_zone_t **first); 1663 /*%< 1664 * Find the first zone in the list of managed zones. 1665 * 1666 * Requires: 1667 *\li 'zonemgr' to be valid 1668 *\li The zone manager for the indicated zone MUST be locked 1669 * by the caller. This is not checked. 1670 *\li 'first' be non-NULL, and '*first' be NULL 1671 * 1672 * Ensures: 1673 *\li 'first' points to a valid zone (result ISC_R_SUCCESS) or to NULL 1674 * (result ISC_R_NOMORE). 1675 */ 1676 1677 isc_result_t 1678 dns_zone_setkeydirectory(dns_zone_t *zone, const char *directory); 1679 /*%< 1680 * Sets the name of the directory where private keys used for 1681 * online signing or dynamic zones are found. 1682 * 1683 * Require: 1684 *\li 'zone' to be a valid zone. 1685 * 1686 * Returns: 1687 *\li #ISC_R_NOMEMORY 1688 *\li #ISC_R_SUCCESS 1689 */ 1690 1691 const char * 1692 dns_zone_getkeydirectory(dns_zone_t *zone); 1693 /*%< 1694 * Gets the name of the directory where private keys used for 1695 * online signing of dynamic zones are found. 1696 * 1697 * Requires: 1698 *\li 'zone' to be valid initialised zone. 1699 * 1700 * Returns: 1701 * Pointer to null-terminated file name, or NULL. 1702 */ 1703 1704 void 1705 dns_zone_setkeystores(dns_zone_t *zone, dns_keystorelist_t *keystores); 1706 /*%< 1707 * Sets the keystore list where private keys used for 1708 * online signing or dynamic zones are found. 1709 * 1710 * Require: 1711 *\li 'zone' to be a valid zone. 1712 */ 1713 1714 dns_keystorelist_t * 1715 dns_zone_getkeystores(dns_zone_t *zone); 1716 /*%< 1717 * Gets the keystore list where private keys used for 1718 * online signing or dynamic zones are found. 1719 * 1720 * Require: 1721 *\li 'zone' to be a valid zone. 1722 * 1723 * Returns: 1724 * Pointer to the keystore list, or NULL. 1725 */ 1726 1727 isc_result_t 1728 dns_zone_getdnsseckeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, 1729 isc_stdtime_t now, dns_dnsseckeylist_t *keys); 1730 /*%< 1731 * Find DNSSEC keys used for signing with dnssec-policy. Load these keys 1732 * into 'keys'. 1733 * 1734 * Requires: 1735 *\li 'zone' to be valid initialised zone. 1736 *\li 'keys' to be an initialised DNSSEC keylist. 1737 * 1738 * Returns: 1739 *\li #ISC_R_SUCCESS 1740 *\li Error 1741 */ 1742 1743 isc_result_t 1744 dns_zone_findkeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, 1745 isc_stdtime_t now, isc_mem_t *mctx, unsigned int maxkeys, 1746 dst_key_t **keys, unsigned int *nkeys); 1747 /*%< 1748 * Finds a set of zone keys. Searches in the applicable key stores for the 1749 * given 'zone' if there is a dnssec-policy attached, otherwise it looks up 1750 * the keys in the zone's key-directory. The found keys are loaded into 'keys'. 1751 * 1752 * Requires: 1753 *\li 'zone' to be a valid initialised zone. 1754 *\li 'mctx' is not NULL. 1755 *\li 'keys' is not NULL and has enough space form 'nkeys' keys. 1756 *\li 'nkeys' is not NULL. 1757 * 1758 * Returns: 1759 *\li #ISC_R_SUCCESS 1760 *\li Error 1761 */ 1762 1763 void 1764 dns_zone_prepare_shutdown(dns_zone_t *zone); 1765 /*%< 1766 * Prepare a zone for shutdown by setting the DNS_ZONEFLG_EXITING flag even 1767 * before the final reference is detached. Useful, because the zone object can 1768 * be kept around with a valid reference from the zonetable until qp garbage 1769 * collector runs, and we don't want, for example, zone maintenance to happen 1770 * while waiting for it. Note that the zone can not be used normally again after 1771 * this function is called. 1772 * 1773 * Requires: 1774 *\li 'zone' to be a valid initialised zone. 1775 */ 1776 1777 void 1778 dns_zonemgr_create(isc_mem_t *mctx, isc_nm_t *netmgr, dns_zonemgr_t **zmgrp); 1779 /*%< 1780 * Create a zone manager. 1781 * 1782 * Requires: 1783 *\li 'mctx' to be a valid memory context. 1784 *\li 'zmgrp' to point to a NULL pointer. 1785 */ 1786 1787 isc_result_t 1788 dns_zonemgr_createzone(dns_zonemgr_t *zmgr, dns_zone_t **zonep); 1789 /*%< 1790 * Allocate a new zone using a memory context from the 1791 * zone manager's memory context pool. 1792 * 1793 * Require: 1794 *\li 'zmgr' to be a valid zone manager. 1795 *\li 'zonep' != NULL and '*zonep' == NULL. 1796 */ 1797 1798 isc_result_t 1799 dns_zonemgr_managezone(dns_zonemgr_t *zmgr, dns_zone_t *zone); 1800 /*%< 1801 * Bring the zone under control of a zone manager. 1802 * 1803 * Require: 1804 *\li 'zmgr' to be a valid zone manager. 1805 *\li 'zone' to be a valid zone. 1806 */ 1807 1808 isc_result_t 1809 dns_zonemgr_forcemaint(dns_zonemgr_t *zmgr); 1810 /*%< 1811 * Force zone maintenance of all loaded zones managed by 'zmgr' 1812 * to take place at the system's earliest convenience. 1813 */ 1814 1815 void 1816 dns_zonemgr_resumexfrs(dns_zonemgr_t *zmgr); 1817 /*%< 1818 * Attempt to start any stalled zone transfers. 1819 */ 1820 1821 void 1822 dns_zonemgr_shutdown(dns_zonemgr_t *zmgr); 1823 /*%< 1824 * Shut down the zone manager. 1825 * 1826 * Requires: 1827 *\li 'zmgr' to be a valid zone manager. 1828 */ 1829 1830 void 1831 dns_zonemgr_attach(dns_zonemgr_t *source, dns_zonemgr_t **target); 1832 /*%< 1833 * Attach '*target' to 'source' incrementing its external 1834 * reference count. 1835 * 1836 * Require: 1837 *\li 'zone' to be a valid zone. 1838 *\li 'target' to be non NULL and '*target' to be NULL. 1839 */ 1840 1841 void 1842 dns_zonemgr_detach(dns_zonemgr_t **zmgrp); 1843 /*%< 1844 * Detach from a zone manager. 1845 * 1846 * Requires: 1847 *\li '*zmgrp' is a valid, non-NULL zone manager pointer. 1848 * 1849 * Ensures: 1850 *\li '*zmgrp' is NULL. 1851 */ 1852 1853 void 1854 dns_zonemgr_releasezone(dns_zonemgr_t *zmgr, dns_zone_t *zone); 1855 /*%< 1856 * Release 'zone' from the managed by 'zmgr'. 'zmgr' is implicitly 1857 * detached from 'zone'. 1858 * 1859 * Requires: 1860 *\li 'zmgr' to be a valid zone manager. 1861 *\li 'zone' to be a valid zone. 1862 *\li 'zmgr' == 'zone->zmgr' 1863 * 1864 * Ensures: 1865 *\li 'zone->zmgr' == NULL; 1866 */ 1867 1868 void 1869 dns_zonemgr_settransfersin(dns_zonemgr_t *zmgr, uint32_t value); 1870 /*%< 1871 * Set the maximum number of simultaneous transfers in allowed by 1872 * the zone manager. 1873 * 1874 * Requires: 1875 *\li 'zmgr' to be a valid zone manager. 1876 */ 1877 1878 uint32_t 1879 dns_zonemgr_gettransfersin(dns_zonemgr_t *zmgr); 1880 /*%< 1881 * Return the maximum number of simultaneous transfers in allowed. 1882 * 1883 * Requires: 1884 *\li 'zmgr' to be a valid zone manager. 1885 */ 1886 1887 void 1888 dns_zonemgr_settransfersperns(dns_zonemgr_t *zmgr, uint32_t value); 1889 /*%< 1890 * Set the number of zone transfers allowed per nameserver. 1891 * 1892 * Requires: 1893 *\li 'zmgr' to be a valid zone manager 1894 */ 1895 1896 uint32_t 1897 dns_zonemgr_gettransfersperns(dns_zonemgr_t *zmgr); 1898 /*%< 1899 * Return the number of transfers allowed per nameserver. 1900 * 1901 * Requires: 1902 *\li 'zmgr' to be a valid zone manager. 1903 */ 1904 1905 void 1906 dns_zonemgr_setcheckdsrate(dns_zonemgr_t *zmgr, unsigned int value); 1907 /*%< 1908 * Set the number of parental DS queries sent per second. 1909 * 1910 * Requires: 1911 *\li 'zmgr' to be a valid zone manager 1912 */ 1913 1914 void 1915 dns_zonemgr_setnotifyrate(dns_zonemgr_t *zmgr, unsigned int value); 1916 /*%< 1917 * Set the number of NOTIFY requests sent per second. 1918 * 1919 * Requires: 1920 *\li 'zmgr' to be a valid zone manager 1921 */ 1922 1923 void 1924 dns_zonemgr_setstartupnotifyrate(dns_zonemgr_t *zmgr, unsigned int value); 1925 /*%< 1926 * Set the number of startup NOTIFY requests sent per second. 1927 * 1928 * Requires: 1929 *\li 'zmgr' to be a valid zone manager 1930 */ 1931 1932 void 1933 dns_zonemgr_setserialqueryrate(dns_zonemgr_t *zmgr, unsigned int value); 1934 /*%< 1935 * Set the number of SOA queries sent per second. 1936 * 1937 * Requires: 1938 *\li 'zmgr' to be a valid zone manager 1939 */ 1940 1941 unsigned int 1942 dns_zonemgr_getnotifyrate(dns_zonemgr_t *zmgr); 1943 /*%< 1944 * Return the number of NOTIFY requests sent per second. 1945 * 1946 * Requires: 1947 *\li 'zmgr' to be a valid zone manager. 1948 */ 1949 1950 unsigned int 1951 dns_zonemgr_getstartupnotifyrate(dns_zonemgr_t *zmgr); 1952 /*%< 1953 * Return the number of startup NOTIFY requests sent per second. 1954 * 1955 * Requires: 1956 *\li 'zmgr' to be a valid zone manager. 1957 */ 1958 1959 unsigned int 1960 dns_zonemgr_getserialqueryrate(dns_zonemgr_t *zmgr); 1961 /*%< 1962 * Return the number of SOA queries sent per second. 1963 * 1964 * Requires: 1965 *\li 'zmgr' to be a valid zone manager. 1966 */ 1967 1968 unsigned int 1969 dns_zonemgr_getcount(dns_zonemgr_t *zmgr, dns_zonestate_t state); 1970 /*%< 1971 * Returns the number of zones in the specified state. 1972 * 1973 * Requires: 1974 *\li 'zmgr' to be a valid zone manager. 1975 *\li 'state' to be a valid DNS_ZONESTATE_ enum. 1976 */ 1977 1978 isc_result_t 1979 dns_zone_getxfr(dns_zone_t *zone, dns_xfrin_t **xfrp, bool *is_firstrefresh, 1980 bool *is_running, bool *is_deferred, bool *is_presoa, 1981 bool *is_pending, bool *needs_refresh); 1982 /*%< 1983 * Returns the xfrin associated with the zone (if any) with the current 1984 * transfer states (as booleans). When no longer needed, the returned xfrin 1985 * must be detached. 1986 * 1987 * Requires: 1988 *\li 'zone' to be a valid zone. 1989 *\li 'xfrp' to be non NULL and '*xfrp' to be NULL. 1990 *\li 'is_firstrefresh' to be non NULL. 1991 *\li 'is_running' to be non NULL. 1992 *\li 'is_deferred' to be non NULL. 1993 *\li 'is_presoa' to be non NULL. 1994 *\li 'is_pending' to be non NULL. 1995 *\li 'needs_refresh' to be non NULL. 1996 * 1997 * Returns: 1998 * ISC_R_SUCCESS transfer information is returned 1999 * ISC_R_FAILURE error while trying to get the transfer information 2000 */ 2001 2002 void 2003 dns_zonemgr_unreachableadd(dns_zonemgr_t *zmgr, isc_sockaddr_t *remote, 2004 isc_sockaddr_t *local, isc_time_t *now); 2005 /*%< 2006 * Add the pair of addresses to the unreachable cache. 2007 * 2008 * Requires: 2009 *\li 'zmgr' to be a valid zone manager. 2010 *\li 'remote' to be a valid sockaddr. 2011 *\li 'local' to be a valid sockaddr. 2012 */ 2013 2014 bool 2015 dns_zonemgr_unreachable(dns_zonemgr_t *zmgr, isc_sockaddr_t *remote, 2016 isc_sockaddr_t *local, isc_time_t *now); 2017 /*%< 2018 * Returns true if the given local/remote address pair 2019 * is found in the zone maanger's unreachable cache. 2020 * 2021 * Requires: 2022 *\li 'zmgr' to be a valid zone manager. 2023 *\li 'remote' to be a valid sockaddr. 2024 *\li 'local' to be a valid sockaddr. 2025 *\li 'now' != NULL 2026 */ 2027 2028 void 2029 dns_zonemgr_unreachabledel(dns_zonemgr_t *zmgr, isc_sockaddr_t *remote, 2030 isc_sockaddr_t *local); 2031 /*%< 2032 * Remove the pair of addresses from the unreachable cache. 2033 * 2034 * Requires: 2035 *\li 'zmgr' to be a valid zone manager. 2036 *\li 'remote' to be a valid sockaddr. 2037 *\li 'local' to be a valid sockaddr. 2038 */ 2039 2040 void 2041 dns_zonemgr_set_tlsctx_cache(dns_zonemgr_t *zmgr, 2042 isc_tlsctx_cache_t *tlsctx_cache); 2043 /*%< 2044 * Set the TLS client context cache used for zone transfers via 2045 * encrypted transports (e.g. XoT). 2046 * 2047 * Requires: 2048 *\li 'zmgr' is a valid zone manager. 2049 *\li 'tlsctx_cache' is a valid TLS context cache. 2050 */ 2051 2052 void 2053 dns_zone_stopxfr(dns_zone_t *zone); 2054 /*%< 2055 * If 'zone' has an ongoing active transfer, stop it. 2056 * 2057 * Requires: 2058 *\li 'zone' to be a valid zone. 2059 */ 2060 2061 void 2062 dns_zone_forcexfr(dns_zone_t *zone); 2063 /*%< 2064 * Force a zone transfer of the specified zone. 2065 * 2066 * Requires: 2067 *\li 'zone' to be a valid zone. 2068 */ 2069 2070 bool 2071 dns_zone_isforced(dns_zone_t *zone); 2072 /*%< 2073 * Check if the zone is waiting a forced reload. 2074 * 2075 * Requires: 2076 * \li 'zone' to be a valid zone. 2077 */ 2078 2079 isc_result_t 2080 dns_zone_setstatistics(dns_zone_t *zone, bool on); 2081 /*%< 2082 * This function is obsoleted by dns_zone_setrequeststats(). 2083 */ 2084 2085 uint64_t * 2086 dns_zone_getstatscounters(dns_zone_t *zone); 2087 /*%< 2088 * This function is obsoleted by dns_zone_getrequeststats(). 2089 */ 2090 2091 void 2092 dns_zone_setstats(dns_zone_t *zone, isc_stats_t *stats); 2093 /*%< 2094 * Set a general zone-maintenance statistics set 'stats' for 'zone'. This 2095 * function is expected to be called only on zone creation (when necessary). 2096 * Once installed, it cannot be removed or replaced. Also, there is no 2097 * interface to get the installed stats from the zone; the caller must keep the 2098 * stats to reference (e.g. dump) it later. 2099 * 2100 * Requires: 2101 * \li 'zone' to be a valid zone and does not have a statistics set already 2102 * installed. 2103 * 2104 *\li stats is a valid statistics supporting zone statistics counters 2105 * (see dns/stats.h). 2106 */ 2107 2108 void 2109 dns_zone_setrequeststats(dns_zone_t *zone, isc_stats_t *stats); 2110 2111 void 2112 dns_zone_setrcvquerystats(dns_zone_t *zone, dns_stats_t *stats); 2113 2114 void 2115 dns_zone_setdnssecsignstats(dns_zone_t *zone, dns_stats_t *stats); 2116 /*%< 2117 * Set additional statistics sets to zone. These are attached to the zone 2118 * but are not counted in the zone module; only the caller updates the 2119 * counters. 2120 * 2121 * Requires: 2122 * \li 'zone' to be a valid zone. 2123 * 2124 *\li stats is a valid statistics. 2125 */ 2126 2127 isc_stats_t * 2128 dns_zone_getrequeststats(dns_zone_t *zone); 2129 2130 dns_stats_t * 2131 dns_zone_getrcvquerystats(dns_zone_t *zone); 2132 2133 dns_stats_t * 2134 dns_zone_getdnssecsignstats(dns_zone_t *zone); 2135 /*%< 2136 * Get the additional statistics for zone, if one is installed. 2137 * 2138 * Requires: 2139 * \li 'zone' to be a valid zone. 2140 * 2141 * Returns: 2142 * \li when available, a pointer to the statistics set installed in zone; 2143 * otherwise NULL. 2144 */ 2145 2146 void 2147 dns_zone_dialup(dns_zone_t *zone); 2148 /*%< 2149 * Perform dialup-time maintenance on 'zone'. 2150 */ 2151 2152 void 2153 dns_zone_setdialup(dns_zone_t *zone, dns_dialuptype_t dialup); 2154 /*%< 2155 * Set the dialup type of 'zone' to 'dialup'. 2156 * 2157 * Requires: 2158 * \li 'zone' to be valid initialised zone. 2159 *\li 'dialup' to be a valid dialup type. 2160 */ 2161 2162 void 2163 dns_zone_logv(dns_zone_t *zone, isc_logcategory_t *category, int level, 2164 const char *prefix, const char *msg, va_list ap); 2165 /*%< 2166 * Log the message 'msg...' at 'level' using log category 'category', including 2167 * text that identifies the message as applying to 'zone'. If the (optional) 2168 * 'prefix' is not NULL, it will be placed at the start of the entire log line. 2169 */ 2170 2171 void 2172 dns_zone_log(dns_zone_t *zone, int level, const char *msg, ...) 2173 ISC_FORMAT_PRINTF(3, 4); 2174 /*%< 2175 * Log the message 'msg...' at 'level', including text that identifies 2176 * the message as applying to 'zone'. 2177 */ 2178 2179 void 2180 dns_zone_logc(dns_zone_t *zone, isc_logcategory_t *category, int level, 2181 const char *msg, ...) ISC_FORMAT_PRINTF(4, 5); 2182 /*%< 2183 * Log the message 'msg...' at 'level', including text that identifies 2184 * the message as applying to 'zone'. 2185 */ 2186 2187 void 2188 dns_zone_name(dns_zone_t *zone, char *buf, size_t len); 2189 /*%< 2190 * Return the name of the zone with class and view. 2191 * 2192 * Requires: 2193 *\li 'zone' to be valid. 2194 *\li 'buf' to be non NULL. 2195 */ 2196 2197 void 2198 dns_zone_nameonly(dns_zone_t *zone, char *buf, size_t len); 2199 /*%< 2200 * Return the name of the zone only. 2201 * 2202 * Requires: 2203 *\li 'zone' to be valid. 2204 *\li 'buf' to be non NULL. 2205 */ 2206 2207 isc_result_t 2208 dns_zone_checknames(dns_zone_t *zone, const dns_name_t *name, 2209 dns_rdata_t *rdata); 2210 /*%< 2211 * Check if this record meets the check-names policy. 2212 * 2213 * Requires: 2214 * 'zone' to be valid. 2215 * 'name' to be valid. 2216 * 'rdata' to be valid. 2217 * 2218 * Returns: 2219 * DNS_R_SUCCESS passed checks. 2220 * DNS_R_BADOWNERNAME failed ownername checks. 2221 * DNS_R_BADNAME failed rdata checks. 2222 */ 2223 2224 void 2225 dns_zone_setcheckmx(dns_zone_t *zone, dns_checkmxfunc_t checkmx); 2226 /*%< 2227 * Set the post load integrity callback function 'checkmx'. 2228 * 'checkmx' will be called if the MX TARGET is not within the zone. 2229 * 2230 * Require: 2231 * 'zone' to be a valid zone. 2232 */ 2233 2234 void 2235 dns_zone_setchecksrv(dns_zone_t *zone, dns_checkmxfunc_t checksrv); 2236 /*%< 2237 * Set the post load integrity callback function 'checksrv'. 2238 * 'checksrv' will be called if the SRV TARGET is not within the zone. 2239 * 2240 * Require: 2241 * 'zone' to be a valid zone. 2242 */ 2243 2244 void 2245 dns_zone_setcheckns(dns_zone_t *zone, dns_checknsfunc_t checkns); 2246 /*%< 2247 * Set the post load integrity callback function 'checkns'. 2248 * 'checkns' will be called if the NS TARGET is not within the zone. 2249 * 2250 * Require: 2251 * 'zone' to be a valid zone. 2252 */ 2253 2254 void 2255 dns_zone_setnotifydefer(dns_zone_t *zone, uint32_t defer); 2256 /*%< 2257 * Set the wait/defer time (in seconds) before notify messages are sent when 2258 * they are ready. 2259 * 2260 * Requires: 2261 * 'zone' to be valid. 2262 */ 2263 2264 void 2265 dns_zone_setnotifydelay(dns_zone_t *zone, uint32_t delay); 2266 /*%< 2267 * Set the minimum delay (in seconds) between sets of notify messages. 2268 * 2269 * Requires: 2270 * 'zone' to be valid. 2271 */ 2272 2273 void 2274 dns_zone_setisself(dns_zone_t *zone, dns_isselffunc_t isself, void *arg); 2275 /*%< 2276 * Set the isself callback function and argument. 2277 * 2278 * bool 2279 * isself(dns_view_t *myview, dns_tsigkey_t *mykey, 2280 * const isc_netaddr_t *srcaddr, const isc_netaddr_t *destaddr, 2281 * dns_rdataclass_t rdclass, void *arg); 2282 * 2283 * 'isself' returns true if a non-recursive query from 'srcaddr' to 2284 * 'destaddr' with optional key 'mykey' for class 'rdclass' would be 2285 * delivered to 'myview'. 2286 */ 2287 2288 void 2289 dns_zone_setnodes(dns_zone_t *zone, uint32_t nodes); 2290 /*%< 2291 * Set the number of nodes that will be checked per quantum. 2292 */ 2293 2294 void 2295 dns_zone_setsignatures(dns_zone_t *zone, uint32_t signatures); 2296 /*%< 2297 * Set the number of signatures that will be generated per quantum. 2298 */ 2299 2300 uint32_t 2301 dns_zone_getsignatures(dns_zone_t *zone); 2302 /*%< 2303 * Get the number of signatures that will be generated per quantum. 2304 */ 2305 2306 isc_result_t 2307 dns_zone_addnsec3chain(dns_zone_t *zone, dns_rdata_nsec3param_t *nsec3param); 2308 /*%< 2309 * Incrementally add a NSEC3 chain that corresponds to 'nsec3param'. 2310 */ 2311 2312 void 2313 dns_zone_setprivatetype(dns_zone_t *zone, dns_rdatatype_t type); 2314 dns_rdatatype_t 2315 dns_zone_getprivatetype(dns_zone_t *zone); 2316 /* 2317 * Get/Set the private record type. It is expected that these interfaces 2318 * will not be permanent. 2319 */ 2320 2321 void 2322 dns_zone_rekey(dns_zone_t *zone, bool fullsign, bool forcekeymgr); 2323 /*%< 2324 * Update the zone's DNSKEY set from the key repository. 2325 * 2326 * If 'fullsign' is true, trigger an immediate full signing of 2327 * the zone with the new key. Otherwise, if there are no keys or 2328 * if the new keys are for algorithms that have already signed the 2329 * zone, then the zone can be re-signed incrementally. 2330 * 2331 * If 'forcekeymgr' is true, trigger a rekey event and allow the 2332 * next steps in the run to happen. 2333 */ 2334 2335 isc_result_t 2336 dns_zone_nscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version, 2337 unsigned int *errors); 2338 /*% 2339 * Check if the name servers for the zone are sane (have address, don't 2340 * refer to CNAMEs/DNAMEs. The number of constiancy errors detected in 2341 * returned in '*errors' 2342 * 2343 * Requires: 2344 * \li 'zone' to be valid. 2345 * \li 'db' to be valid. 2346 * \li 'version' to be valid or NULL. 2347 * \li 'errors' to be non NULL. 2348 * 2349 * Returns: 2350 * ISC_R_SUCCESS if there were no errors examining the zone contents. 2351 */ 2352 2353 isc_result_t 2354 dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version); 2355 /*% 2356 * Check if CSD, CDNSKEY and DNSKEY are consistent. 2357 * 2358 * Requires: 2359 * \li 'zone' to be valid. 2360 * \li 'db' to be valid. 2361 * \li 'version' to be valid or NULL. 2362 * 2363 * Returns: 2364 *\li #ISC_R_SUCCESS 2365 *\li #DNS_R_BADCDS 2366 *\li #DNS_R_BADCDNSKEY 2367 * Others 2368 */ 2369 2370 void 2371 dns_zone_setadded(dns_zone_t *zone, bool added); 2372 /*% 2373 * Sets the value of zone->added, which should be true for 2374 * zones that were originally added by "rndc addzone". 2375 * 2376 * Requires: 2377 * \li 'zone' to be valid. 2378 */ 2379 2380 bool 2381 dns_zone_getadded(dns_zone_t *zone); 2382 /*% 2383 * Returns true if the zone was originally added at runtime 2384 * using "rndc addzone". 2385 * 2386 * Requires: 2387 * \li 'zone' to be valid. 2388 */ 2389 2390 void 2391 dns_zone_setautomatic(dns_zone_t *zone, bool automatic); 2392 /*% 2393 * Sets the value of zone->automatic, which should be true for 2394 * zones that were automatically added by named. 2395 * 2396 * Requires: 2397 * \li 'zone' to be valid. 2398 */ 2399 2400 bool 2401 dns_zone_getautomatic(dns_zone_t *zone); 2402 /*% 2403 * Returns true if the zone was added automatically by named. 2404 * 2405 * Requires: 2406 * \li 'zone' to be valid. 2407 */ 2408 2409 isc_result_t 2410 dns_zone_dlzpostload(dns_zone_t *zone, dns_db_t *db); 2411 /*% 2412 * Load the origin names for a writeable DLZ database. 2413 */ 2414 2415 bool 2416 dns_zone_isdynamic(dns_zone_t *zone, bool ignore_freeze); 2417 /*% 2418 * Return true iff the zone is "dynamic", in the sense that the zone's 2419 * master file (if any) is written by the server, rather than being 2420 * updated manually and read by the server. 2421 * 2422 * This is true for secondary zones, stub zones, key zones, and zones that 2423 * allow dynamic updates either by having an update policy ("ssutable") 2424 * or an "allow-update" ACL with a value other than exactly "{ none; }". 2425 * 2426 * If 'ignore_freeze' is true, then the zone which has had updates disabled 2427 * will still report itself to be dynamic. 2428 * 2429 * Requires: 2430 * \li 'zone' to be valid. 2431 */ 2432 2433 isc_result_t 2434 dns_zone_setrefreshkeyinterval(dns_zone_t *zone, uint32_t interval); 2435 /*% 2436 * Sets the frequency, in minutes, with which the key repository will be 2437 * checked to see if the keys for this zone have been updated. Any value 2438 * higher than 1440 minutes (24 hours) will be silently reduced. A 2439 * value of zero will return an out-of-range error. 2440 * 2441 * Requires: 2442 * \li 'zone' to be valid. 2443 */ 2444 2445 bool 2446 dns_zone_getrequestexpire(dns_zone_t *zone); 2447 /*% 2448 * Returns the true/false value of the request-expire option in the zone. 2449 * 2450 * Requires: 2451 * \li 'zone' to be valid. 2452 */ 2453 2454 void 2455 dns_zone_setrequestexpire(dns_zone_t *zone, bool flag); 2456 /*% 2457 * Sets the request-expire option for the zone. Either true or false. The 2458 * default value is determined by the setting of this option in the view. 2459 * 2460 * Requires: 2461 * \li 'zone' to be valid. 2462 */ 2463 2464 bool 2465 dns_zone_getrequestixfr(dns_zone_t *zone); 2466 /*% 2467 * Returns the true/false value of the request-ixfr option in the zone. 2468 * 2469 * Requires: 2470 * \li 'zone' to be valid. 2471 */ 2472 2473 void 2474 dns_zone_setrequestixfr(dns_zone_t *zone, bool flag); 2475 /*% 2476 * Sets the request-ixfr option for the zone. Either true or false. The 2477 * default value is determined by the setting of this option in the view. 2478 * 2479 * Requires: 2480 * \li 'zone' to be valid. 2481 */ 2482 2483 uint32_t 2484 dns_zone_getixfrratio(dns_zone_t *zone); 2485 /*% 2486 * Returns the zone's current IXFR ratio. 2487 * 2488 * Requires: 2489 * \li 'zone' to be valid. 2490 */ 2491 2492 void 2493 dns_zone_setixfrratio(dns_zone_t *zone, uint32_t ratio); 2494 /*% 2495 * Sets the ratio of IXFR size to zone size above which we use an AXFR 2496 * response, expressed as a percentage. Cannot exceed 100. 2497 * 2498 * Requires: 2499 * \li 'zone' to be valid. 2500 */ 2501 2502 void 2503 dns_zone_setserialupdatemethod(dns_zone_t *zone, dns_updatemethod_t method); 2504 /*% 2505 * Sets the update method to use when incrementing the zone serial number 2506 * due to a DDNS update. Valid options are dns_updatemethod_increment 2507 * and dns_updatemethod_unixtime. 2508 * 2509 * Requires: 2510 * \li 'zone' to be valid. 2511 */ 2512 2513 dns_updatemethod_t 2514 dns_zone_getserialupdatemethod(dns_zone_t *zone); 2515 /*%< 2516 * Returns the update method to be used when incrementing the zone serial 2517 * number due to a DDNS update. 2518 * 2519 * Requires: 2520 * \li 'zone' to be valid. 2521 */ 2522 2523 isc_result_t 2524 dns_zone_link(dns_zone_t *zone, dns_zone_t *raw); 2525 2526 void 2527 dns_zone_getraw(dns_zone_t *zone, dns_zone_t **raw); 2528 2529 bool 2530 dns_zone_israw(dns_zone_t *zone); 2531 2532 bool 2533 dns_zone_issecure(dns_zone_t *zone); 2534 2535 isc_result_t 2536 dns_zone_keydone(dns_zone_t *zone, const char *data); 2537 /*%< 2538 * Delete the private-type record from the top of the zone 2539 * which indicates that signing is complete with the key matching 2540 * 'data'; this is invoked by 'rndc signing -clear'. 2541 * 2542 * Requires: 2543 * \li 'zone' to be valid. 2544 */ 2545 2546 isc_result_t 2547 dns_zone_setnsec3param(dns_zone_t *zone, uint8_t hash, uint8_t flags, 2548 uint16_t iter, uint8_t saltlen, unsigned char *salt, 2549 bool replace, bool resalt); 2550 /*%< 2551 * Set the NSEC3 parameters for the zone. 2552 * 2553 * If 'replace' is true, then the existing NSEC3 chain, if any, will 2554 * be replaced with the new one. If 'hash' is zero, then the replacement 2555 * chain will be NSEC rather than NSEC3. If 'resalt' is true, or if 'salt' 2556 * is NULL, generate a new salt with the given salt length. 2557 * 2558 * Requires: 2559 * \li 'zone' to be valid. 2560 */ 2561 2562 void 2563 dns_zone_setrawdata(dns_zone_t *zone, dns_masterrawheader_t *header); 2564 /*% 2565 * Set the data to be included in the header when the zone is dumped in 2566 * binary format. 2567 */ 2568 2569 isc_result_t 2570 dns_zone_synckeyzone(dns_zone_t *zone); 2571 /*% 2572 * Force the managed key zone to synchronize, and start the key 2573 * maintenance timer. 2574 */ 2575 2576 isc_result_t 2577 dns_zone_getloadtime(dns_zone_t *zone, isc_time_t *loadtime); 2578 /*% 2579 * Return the time when the zone was last loaded. 2580 */ 2581 2582 isc_result_t 2583 dns_zone_getrefreshtime(dns_zone_t *zone, isc_time_t *refreshtime); 2584 /*% 2585 * Return the time when the (secondary) zone will need to be refreshed. 2586 */ 2587 2588 isc_result_t 2589 dns_zone_getexpiretime(dns_zone_t *zone, isc_time_t *expiretime); 2590 /*% 2591 * Return the time when the (secondary) zone will expire. 2592 */ 2593 2594 isc_result_t 2595 dns_zone_getrefreshkeytime(dns_zone_t *zone, isc_time_t *refreshkeytime); 2596 /*% 2597 * Return the time of the next scheduled DNSSEC key event. 2598 */ 2599 2600 unsigned int 2601 dns_zone_getincludes(dns_zone_t *zone, char ***includesp); 2602 /*% 2603 * Return the number include files that were encountered 2604 * during load. If the number is greater than zero, 'includesp' 2605 * will point to an array containing the filenames. 2606 * 2607 * The array and its contents need to be freed using isc_mem_free. 2608 */ 2609 2610 isc_result_t 2611 dns_zone_rpz_enable(dns_zone_t *zone, dns_rpz_zones_t *rpzs, 2612 dns_rpz_num_t rpz_num); 2613 /*% 2614 * Set the response policy associated with a zone. 2615 */ 2616 2617 void 2618 dns_zone_rpz_enable_db(dns_zone_t *zone, dns_db_t *db); 2619 /*% 2620 * If a zone is a response policy zone, mark its new database. 2621 */ 2622 2623 dns_rpz_num_t 2624 dns_zone_get_rpz_num(dns_zone_t *zone); 2625 2626 void 2627 dns_zone_catz_enable(dns_zone_t *zone, dns_catz_zones_t *catzs); 2628 /*%< 2629 * Enable zone as catalog zone. 2630 * 2631 * Requires: 2632 * 2633 * \li 'zone' is a valid zone object 2634 * \li 'catzs' is not NULL 2635 * \li prior to calling, zone->catzs is NULL or is equal to 'catzs' 2636 */ 2637 2638 void 2639 dns_zone_catz_disable(dns_zone_t *zone); 2640 /*%< 2641 * Disable zone as catalog zone, if it is one. Also disables any 2642 * registered callbacks for the catalog zone. 2643 * 2644 * Requires: 2645 * 2646 * \li 'zone' is a valid zone object 2647 */ 2648 2649 bool 2650 dns_zone_catz_is_enabled(dns_zone_t *zone); 2651 /*%< 2652 * Return a boolean indicating whether the zone is enabled as catalog zone. 2653 * 2654 * Requires: 2655 * 2656 * \li 'zone' is a valid zone object 2657 */ 2658 2659 void 2660 dns_zone_catz_enable_db(dns_zone_t *zone, dns_db_t *db); 2661 /*%< 2662 * If 'zone' is a catalog zone, then set up a notify-on-update trigger 2663 * in its database. (If not a catalog zone, this function has no effect.) 2664 * 2665 * Requires: 2666 * 2667 * \li 'zone' is a valid zone object 2668 * \li 'db' is not NULL 2669 */ 2670 void 2671 dns_zone_set_parentcatz(dns_zone_t *zone, dns_catz_zone_t *catz); 2672 /*%< 2673 * Set parent catalog zone for this zone 2674 * 2675 * Requires: 2676 * 2677 * \li 'zone' is a valid zone object 2678 * \li 'catz' is not NULL 2679 */ 2680 2681 dns_catz_zone_t * 2682 dns_zone_get_parentcatz(dns_zone_t *zone); 2683 /*%< 2684 * Get parent catalog zone for this zone 2685 * 2686 * Requires: 2687 * 2688 * \li 'zone' is a valid zone object 2689 */ 2690 2691 void 2692 dns_zone_setstatlevel(dns_zone_t *zone, dns_zonestat_level_t level); 2693 2694 dns_zonestat_level_t 2695 dns_zone_getstatlevel(dns_zone_t *zone); 2696 /*% 2697 * Set and get the statistics reporting level for the zone; 2698 * full, terse, or none. 2699 */ 2700 2701 isc_result_t 2702 dns_zone_setserial(dns_zone_t *zone, uint32_t serial); 2703 /*% 2704 * Set the zone's serial to 'serial'. 2705 */ 2706 ISC_LANG_ENDDECLS 2707 2708 isc_stats_t * 2709 dns_zone_getgluecachestats(dns_zone_t *zone); 2710 /*%< 2711 * Get the glue cache statistics for zone. 2712 * 2713 * Requires: 2714 * \li 'zone' to be a valid zone. 2715 * 2716 * Returns: 2717 * \li if present, a pointer to the statistics set installed in zone; 2718 * otherwise NULL. 2719 */ 2720 2721 bool 2722 dns_zone_isloaded(dns_zone_t *zone); 2723 /*%< 2724 * Return true if 'zone' was loaded and has not expired yet, return 2725 * false otherwise. 2726 */ 2727 2728 isc_result_t 2729 dns_zone_verifydb(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver); 2730 /*%< 2731 * If 'zone' is a mirror zone, perform DNSSEC validation of version 'ver' of 2732 * its database, 'db'. Ensure that the DNSKEY RRset at zone apex is signed by 2733 * at least one trust anchor specified for the view that 'zone' is assigned to. 2734 * If 'ver' is NULL, use the current version of 'db'. 2735 * 2736 * If 'zone' is not a mirror zone, return ISC_R_SUCCESS immediately. 2737 * 2738 * Returns: 2739 * 2740 * \li #ISC_R_SUCCESS either 'zone' is not a mirror zone or 'zone' is 2741 * a mirror zone and all DNSSEC checks succeeded 2742 * and the DNSKEY RRset at zone apex is signed by 2743 * a trusted key 2744 * 2745 * \li #DNS_R_VERIFYFAILURE any other case 2746 */ 2747 2748 const char * 2749 dns_zonetype_name(dns_zonetype_t type); 2750 /*%< 2751 * Return the name of the zone type 'type'. 2752 */ 2753 2754 isc_mem_t * 2755 dns_zone_getmem(dns_zone_t *zone); 2756 /**< 2757 * \brief Return memory context associated with the zone. 2758 * 2759 * \param zone valid dns_zone_t object. 2760 * 2761 * \return memory context associated with the zone 2762 */ 2763 2764 unsigned int 2765 dns_zone_gettid(dns_zone_t *zone); 2766 /**< 2767 * \brief Return thread-id associated with the zone. 2768 * 2769 * \param valid dns_zone_t object 2770 * 2771 * \return thread id associated with the zone 2772 */ 2773 2774 isc_loop_t * 2775 dns_zone_getloop(dns_zone_t *zone); 2776 /**< 2777 * \brief Return loop associated with the zone. 2778 * 2779 * \param valid dns_zone_t object 2780 * 2781 * \return loop associated with the zone 2782 */ 2783 2784 bool 2785 dns_zone_check_dnskey_nsec3(dns_zone_t *zone, dns_db_t *db, 2786 dns_dbversion_t *ver, dns_diff_t *diff, 2787 dst_key_t **keys, unsigned int numkeys); 2788 /**< 2789 * Return whether the zone would enter an inconsistent state where NSEC only 2790 * DNSKEYs are present along NSEC3 chains. 2791 * 2792 * Requires: 2793 * \li 'zone' to be a valid zone. 2794 * \li 'db' is not NULL. 2795 * 2796 * Returns: 2797 * \li 'true' if the check passes, that is the zone remains consistent, 2798 * 'false' if the zone would have NSEC only DNSKEYs and an NSEC3 chain. 2799 */ 2800 2801 isc_result_t 2802 dns_zone_import_skr(dns_zone_t *zone, const char *file); 2803 /**< 2804 * Import a Signed Key Response (SKR) from file. 2805 * 2806 * Requires: 2807 * \li 'zone' to be a valid zone. 2808 * \li 'file' is not NULL. 2809 * 2810 * Returns: 2811 * \li ISC_R_SUCCESS if there were no errors loading the SKR. 2812 */ 2813 2814 #if DNS_ZONE_TRACE 2815 #define dns_zone_ref(ptr) dns_zone__ref(ptr, __func__, __FILE__, __LINE__) 2816 #define dns_zone_unref(ptr) dns_zone__unref(ptr, __func__, __FILE__, __LINE__) 2817 #define dns_zone_attach(ptr, ptrp) \ 2818 dns_zone__attach(ptr, ptrp, __func__, __FILE__, __LINE__) 2819 #define dns_zone_detach(ptrp) \ 2820 dns_zone__detach(ptrp, __func__, __FILE__, __LINE__) 2821 ISC_REFCOUNT_TRACE_DECL(dns_zone); 2822 #else 2823 ISC_REFCOUNT_DECL(dns_zone); 2824 #endif 2825
Indexes created Fri Jun 12 00:25:51 UTC 2026