1 /* $NetBSD: server.h,v 1.11 2025/05/21 14:47:36 christos Exp $ */ 2 3 /* 4 * Copyright (C) Internet Systems Consortium, Inc. ("ISC") 5 * 6 * SPDX-License-Identifier: MPL-2.0 7 * 8 * This Source Code Form is subject to the terms of the Mozilla Public 9 * License, v. 2.0. If a copy of the MPL was not distributed with this 10 * file, you can obtain one at https://mozilla.org/MPL/2.0/. 11 * 12 * See the COPYRIGHT file distributed with this work for additional 13 * information regarding copyright ownership. 14 */ 15 16 #pragma once 17 18 /*! \file */ 19 20 #include <inttypes.h> 21 #include <stdbool.h> 22 23 #include <isc/log.h> 24 #include <isc/magic.h> 25 #include <isc/quota.h> 26 #include <isc/signal.h> 27 #include <isc/sockaddr.h> 28 #include <isc/tls.h> 29 #include <isc/types.h> 30 31 #include <dns/acl.h> 32 #include <dns/dnstap.h> 33 #include <dns/stats.h> 34 #include <dns/types.h> 35 36 #include <ns/interfacemgr.h> 37 #include <ns/server.h> 38 #include <ns/stats.h> 39 #include <ns/types.h> 40 41 #include <named/types.h> 42 43 /*% 44 * Name server state. Better here than in lots of separate global variables. 45 */ 46 struct named_server { 47 unsigned int magic; 48 isc_mem_t *mctx; 49 50 ns_server_t *sctx; 51 52 char *statsfile; /*%< Statistics file name */ 53 char *dumpfile; /*%< Dump file name */ 54 char *secrootsfile; /*%< Secroots file name */ 55 char *bindkeysfile; /*%< bind.keys file name */ 56 char *recfile; /*%< Recursive file name */ 57 bool version_set; /*%< User has set version */ 58 char *version; /*%< User-specified version */ 59 bool hostname_set; /*%< User has set hostname */ 60 char *hostname; /*%< User-specified hostname */ 61 #ifdef USE_DNSRPS 62 char *dnsrpslib; 63 #endif /* ifdef USE_DNSRPS */ 64 65 /* Server data structures. */ 66 dns_loadmgr_t *loadmgr; 67 dns_zonemgr_t *zonemgr; 68 dns_viewlist_t viewlist; 69 dns_kasplist_t kasplist; 70 dns_keystorelist_t keystorelist; 71 ns_interfacemgr_t *interfacemgr; 72 dns_db_t *in_roothints; 73 74 isc_timer_t *interface_timer; 75 isc_timer_t *heartbeat_timer; 76 isc_timer_t *pps_timer; 77 isc_timer_t *tat_timer; 78 79 uint32_t interface_interval; 80 uint32_t heartbeat_interval; 81 82 atomic_int reload_status; 83 84 bool flushonshutdown; 85 86 named_cachelist_t cachelist; /*%< Possibly shared caches 87 * */ 88 isc_stats_t *zonestats; /*% Zone management stats */ 89 isc_stats_t *resolverstats; /*% Resolver stats */ 90 isc_stats_t *sockstats; /*%< Socket stats */ 91 92 named_controls_t *controls; /*%< Control channels */ 93 unsigned int dispatchgen; 94 named_dispatchlist_t dispatches; 95 96 named_statschannellist_t statschannels; 97 98 dst_key_t *sessionkey; 99 char *session_keyfile; 100 dns_name_t *session_keyname; 101 unsigned int session_keyalg; 102 uint16_t session_keybits; 103 bool interface_auto; 104 unsigned char secret[32]; /*%< Server Cookie Secret */ 105 ns_cookiealg_t cookiealg; 106 107 dns_dtenv_t *dtenv; /*%< Dnstap environment */ 108 109 isc_tlsctx_cache_t *tlsctx_server_cache; 110 isc_tlsctx_cache_t *tlsctx_client_cache; 111 112 isc_signal_t *sighup; 113 }; 114 115 #define NAMED_SERVER_MAGIC ISC_MAGIC('S', 'V', 'E', 'R') 116 #define NAMED_SERVER_VALID(s) ISC_MAGIC_VALID(s, NAMED_SERVER_MAGIC) 117 118 void 119 named_server_create(isc_mem_t *mctx, named_server_t **serverp); 120 /*%< 121 * Create a server object with default settings. 122 * This function either succeeds or causes the program to exit 123 * with a fatal error. 124 */ 125 126 void 127 named_server_destroy(named_server_t **serverp); 128 /*%< 129 * Destroy a server object, freeing its memory. 130 */ 131 132 void 133 named_server_reloadwanted(void *arg, int signum); 134 /*%< 135 * Inform a server that a reload is wanted. This function 136 * may be called asynchronously, from outside the server's task. 137 * If a reload is already scheduled or in progress, the call 138 * is ignored. 139 */ 140 141 void 142 named_server_scan_interfaces(named_server_t *server); 143 /*%< 144 * Trigger a interface scan. 145 * Must only be called when running under server->task. 146 */ 147 148 void 149 named_server_flushonshutdown(named_server_t *server, bool flush); 150 /*%< 151 * Inform the server that the zones should be flushed to disk on shutdown. 152 */ 153 154 isc_result_t 155 named_server_reloadcommand(named_server_t *server, isc_lex_t *lex, 156 isc_buffer_t **text); 157 /*%< 158 * Act on a "reload" command from the command channel. 159 */ 160 161 isc_result_t 162 named_server_resetstatscommand(named_server_t *server, isc_lex_t *lex, 163 isc_buffer_t **text); 164 /*%< 165 * Act on a "reset-stats" command from the command channel. 166 */ 167 168 isc_result_t 169 named_server_reconfigcommand(named_server_t *server); 170 /*%< 171 * Act on a "reconfig" command from the command channel. 172 */ 173 174 isc_result_t 175 named_server_notifycommand(named_server_t *server, isc_lex_t *lex, 176 isc_buffer_t **text); 177 /*%< 178 * Act on a "notify" command from the command channel. 179 */ 180 181 isc_result_t 182 named_server_refreshcommand(named_server_t *server, isc_lex_t *lex, 183 isc_buffer_t **text); 184 /*%< 185 * Act on a "refresh" command from the command channel. 186 */ 187 188 isc_result_t 189 named_server_retransfercommand(named_server_t *server, isc_lex_t *lex, 190 isc_buffer_t **text); 191 /*%< 192 * Act on a "retransfer" command from the command channel. 193 */ 194 195 isc_result_t 196 named_server_setortoggle(named_server_t *server, const char *optname, 197 unsigned int option, isc_lex_t *lex); 198 /*%< 199 * Enable/disable, or toggle, a server option via the command channel. 200 * 'option' is the option value to be changed (for example, 201 * NS_SERVER_LOGQUERIES or NS_SERVER_LOGRESPOSNES) and 'optname' is the 202 * option's human-readable name for logging purposes ("query logging" 203 * or "response logging"). 204 * 205 * If an explicit argument to enable the option was provided 206 * (i.e., "on", "enable", "true", or "yes") or an explicit argument 207 * to disable it ("off", "disable", "false", or "no"), it will be used. 208 * 209 * If no argument is provided, the option's current state will be reversed. 210 */ 211 212 /*% 213 * Save the current NTAs for all views to files. 214 */ 215 isc_result_t 216 named_server_saventa(named_server_t *server); 217 218 /*% 219 * Load NTAs for all views from files. 220 */ 221 isc_result_t 222 named_server_loadnta(named_server_t *server); 223 224 /*% 225 * Dump the current statistics to the statistics file. 226 */ 227 isc_result_t 228 named_server_dumpstats(named_server_t *server); 229 230 /*% 231 * Dump the current cache to the dump file. 232 */ 233 isc_result_t 234 named_server_dumpdb(named_server_t *server, isc_lex_t *lex, 235 isc_buffer_t **text); 236 237 /*% 238 * Dump the current security roots to the secroots file. 239 */ 240 isc_result_t 241 named_server_dumpsecroots(named_server_t *server, isc_lex_t *lex, 242 isc_buffer_t **text); 243 244 /*% 245 * Change or increment the server debug level. 246 */ 247 isc_result_t 248 named_server_setdebuglevel(named_server_t *server, isc_lex_t *lex); 249 250 /*% 251 * Flush the server's cache(s) 252 */ 253 isc_result_t 254 named_server_flushcache(named_server_t *server, isc_lex_t *lex); 255 256 /*% 257 * Flush a particular name from the server's cache. If 'tree' is false, 258 * also flush the name from the ADB and badcache. If 'tree' is true, also 259 * flush all the names under the specified name. 260 */ 261 isc_result_t 262 named_server_flushnode(named_server_t *server, isc_lex_t *lex, bool tree); 263 264 /*% 265 * Report the server's status. 266 */ 267 isc_result_t 268 named_server_status(named_server_t *server, isc_buffer_t **text); 269 270 /*% 271 * Enable or disable updates for a zone. 272 */ 273 isc_result_t 274 named_server_freeze(named_server_t *server, bool freeze, isc_lex_t *lex, 275 isc_buffer_t **text); 276 277 /*% 278 * Dump zone updates to disk, optionally removing the journal file 279 */ 280 isc_result_t 281 named_server_sync(named_server_t *server, isc_lex_t *lex, isc_buffer_t **text); 282 283 /*% 284 * Update a zone's DNSKEY set from the key repository. If 285 * the command that triggered the call to this function was "sign", 286 * then force a full signing of the zone. If it was "loadkeys", 287 * then don't sign the zone; any needed changes to signatures can 288 * take place incrementally. 289 */ 290 isc_result_t 291 named_server_rekey(named_server_t *server, isc_lex_t *lex, isc_buffer_t **text); 292 293 /*% 294 * Dump the current recursive queries. 295 */ 296 isc_result_t 297 named_server_dumprecursing(named_server_t *server); 298 299 /*% 300 * Enable or disable dnssec validation. 301 */ 302 isc_result_t 303 named_server_validation(named_server_t *server, isc_lex_t *lex, 304 isc_buffer_t **text); 305 306 /*% 307 * Add a zone to a running process, or modify an existing zone 308 */ 309 isc_result_t 310 named_server_changezone(named_server_t *server, char *command, 311 isc_buffer_t **text); 312 313 /*% 314 * Deletes a zone from a running process 315 */ 316 isc_result_t 317 named_server_delzone(named_server_t *server, isc_lex_t *lex, 318 isc_buffer_t **text); 319 320 /*% 321 * Show current configuration for a given zone 322 */ 323 isc_result_t 324 named_server_showzone(named_server_t *server, isc_lex_t *lex, 325 isc_buffer_t **text); 326 327 /*% 328 * Lists the status of the signing records for a given zone. 329 */ 330 isc_result_t 331 named_server_signing(named_server_t *server, isc_lex_t *lex, 332 isc_buffer_t **text); 333 334 /*% 335 * Lists the DNSSEC status for a given zone. 336 */ 337 isc_result_t 338 named_server_dnssec(named_server_t *server, isc_lex_t *lex, 339 isc_buffer_t **text); 340 341 /*% 342 * Lists status information for a given zone (e.g., name, type, files, 343 * load time, expiry, etc). 344 */ 345 isc_result_t 346 named_server_zonestatus(named_server_t *server, isc_lex_t *lex, 347 isc_buffer_t **text); 348 349 /*% 350 * Adds/updates a Negative Trust Anchor (NTA) for a specified name and 351 * duration, in a particular view if specified, or in all views. 352 */ 353 isc_result_t 354 named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly, 355 isc_buffer_t **text); 356 357 /*% 358 * Generates a test sequence that is only for use in system tests. The 359 * argument is the size of required output in bytes. 360 */ 361 isc_result_t 362 named_server_testgen(isc_lex_t *lex, isc_buffer_t **text); 363 364 /*% 365 * Force fefresh or print status for managed keys zones. 366 */ 367 isc_result_t 368 named_server_mkeys(named_server_t *server, isc_lex_t *lex, isc_buffer_t **text); 369 370 /*% 371 * Close and reopen DNSTAP output file. 372 */ 373 isc_result_t 374 named_server_dnstap(named_server_t *server, isc_lex_t *lex, 375 isc_buffer_t **text); 376 377 /*% 378 * Display or update tcp-{initial,idle,keepalive,advertised}-timeout options. 379 */ 380 isc_result_t 381 named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t **text); 382 383 /*% 384 * Control whether stale answers are served or not when configured in 385 * named.conf. 386 */ 387 isc_result_t 388 named_server_servestale(named_server_t *server, isc_lex_t *lex, 389 isc_buffer_t **text); 390 391 /*% 392 * Report fetch-limited ADB server addresses. 393 */ 394 isc_result_t 395 named_server_fetchlimit(named_server_t *server, isc_lex_t *lex, 396 isc_buffer_t **text); 397 398 /*% 399 * Import SKR file for offline KSK signing. 400 */ 401 isc_result_t 402 named_server_skr(named_server_t *server, isc_lex_t *lex, isc_buffer_t **text); 403 404 /*% 405 * Toggle memory profiling if supported. 406 */ 407 isc_result_t 408 named_server_togglememprof(isc_lex_t *lex); 409 410 /*% 411 * Get status of memory profiling. 412 */ 413 const char * 414 named_server_getmemprof(void); 415
Indexes created Fri Jun 12 00:25:51 UTC 2026