?????????? ?????????

?????????? ????????? - ??????????????? - /home/agenciai/public_html/cd38d8/bind9.tar

???????
bind9/check.h��0000644��00000002765�15125204630�0007007 0��ustar�00��/* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef BIND9_CHECK_H #define BIND9_CHECK_H 1 /! \file bind9/check.h / #include <isc/lang.h> #include <isc/types.h> #include <isccfg/cfg.h> #ifndef MAX_MIN_CACHE_TTL #define MAX_MIN_CACHE_TTL 90 #endif / MAX_MIN_CACHE_TTL / #ifndef MAX_MIN_NCACHE_TTL #define MAX_MIN_NCACHE_TTL 90 #endif / MAX_MIN_NCACHE_TTL / #ifndef MAX_MAX_NCACHE_TTL #define MAX_MAX_NCACHE_TTL 7 24 * 3600 #endif /* MAX_MAX_NCACHE_TTL / ISC_LANG_BEGINDECLS isc_result_t bind9_check_namedconf(const cfg_obj_t config, bool check_plugins, isc_log_t logctx, isc_mem_t mctx); /%< Check the syntactic validity of a configuration parse tree generated from * a named.conf file. * * If 'check_plugins' is true, load plugins and check the validity of their * parameters as well. * * Requires: \li config is a valid parse tree \li logctx is a valid logging context. * Returns: * \li #ISC_R_SUCCESS * \li #ISC_R_FAILURE / isc_result_t bind9_check_key(const cfg_obj_t config, isc_log_t logctx); /%< * Same as bind9_check_namedconf(), but for a single 'key' statement. / ISC_LANG_ENDDECLS #endif / BIND9_CHECK_H / ��bind9/getaddresses.h��0000644��00000003035�15125204630�0010376 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef BIND9_GETADDRESSES_H #define BIND9_GETADDRESSES_H 1 /! \file bind9/getaddresses.h / #include <isc/lang.h> #include <isc/net.h> #include <isc/types.h> ISC_LANG_BEGINDECLS isc_result_t bind9_getaddresses(const char hostname, in_port_t port, isc_sockaddr_t addrs, int addrsize, int addrcount); /%< Use the system resolver to get the addresses associated with a hostname. * If successful, the number of addresses found is returned in 'addrcount'. * If a hostname lookup is performed and addresses of an unknown family is * seen, it is ignored. If more than 'addrsize' addresses are seen, the * first 'addrsize' are returned and the remainder silently truncated. * * This routine may block. If called by a program using the isc_app * framework, it should be surrounded by isc_app_block()/isc_app_unblock(). * * Requires: \li 'hostname' is not NULL. \li 'addrs' is not NULL. \li 'addrsize' > 0 \li 'addrcount' is not NULL. * * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOTFOUND \li #ISC_R_FAMILYNOSUPPORT - 'hostname' is an IPv6 address, and IPv6 is not supported. / ISC_LANG_ENDDECLS #endif / BIND9_GETADDRESSES_H / ��bind9/version.h��0000644��00000000771�15125204630�0007412 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! \file bind9/version.h / #include <isc/platform.h> LIBBIND9_EXTERNAL_DATA extern const char bind9_version[]; ��isccfg/aclconf.h��0000644��00000005123�15125204630�0007557 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISCCFG_ACLCONF_H #define ISCCFG_ACLCONF_H 1 #include <inttypes.h> #include <isc/lang.h> #include <dns/geoip.h> #include <dns/types.h> #include <isccfg/cfg.h> typedef struct cfg_aclconfctx { ISC_LIST(dns_acl_t) named_acl_cache; isc_mem_t mctx; #if defined(HAVE_GEOIP2) dns_geoip_databases_t geoip; #endif / if defined(HAVE_GEOIP2) / isc_refcount_t references; } cfg_aclconfctx_t; / * Functions **/ ISC_LANG_BEGINDECLS isc_result_t cfg_aclconfctx_create(isc_mem_t mctx, cfg_aclconfctx_t *ret); / * Creates and initializes an ACL configuration context. / void cfg_aclconfctx_detach(cfg_aclconfctx_t actxp); / * Removes a reference to an ACL configuration context; when references * reaches zero, clears the contents and deallocate the structure. / void cfg_aclconfctx_attach(cfg_aclconfctx_t src, cfg_aclconfctx_t *dest); / * Attaches a pointer to an existing ACL configuration context. / isc_result_t cfg_acl_fromconfig(const cfg_obj_t caml, const cfg_obj_t cctx, isc_log_t lctx, cfg_aclconfctx_t ctx, isc_mem_t mctx, unsigned int nest_level, dns_acl_t *target); isc_result_t cfg_acl_fromconfig2(const cfg_obj_t caml, const cfg_obj_t cctx, isc_log_t lctx, cfg_aclconfctx_t ctx, isc_mem_t mctx, unsigned int nest_level, uint16_t family, dns_acl_t *target); / * Construct a new dns_acl_t from configuration data in 'caml' and * 'cctx'. Memory is allocated through 'mctx'. * * Any named ACLs referred to within 'caml' will be be converted * into nested dns_acl_t objects. Multiple references to the same * named ACLs will be converted into shared references to a single * nested dns_acl_t object when the referring objects were created * passing the same ACL configuration context 'ctx'. * * cfg_acl_fromconfig() is a backward-compatible version of * cfg_acl_fromconfig2(), which allows an address family to be * specified. If 'family' is not zero, then only addresses/prefixes * of a matching family (AF_INET or AF_INET6) may be configured. * * On success, attach 'target' to the new dns_acl_t object. * Require: * 'ctx' to be non NULL. * 'target' to be NULL or a valid dns_acl_t. / ISC_LANG_ENDDECLS #endif /* ISCCFG_ACLCONF_H / ��isccfg/log.h��0000644��00000002235�15125204630�0006734 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISCCFG_LOG_H #define ISCCFG_LOG_H 1 /! \file isccfg/log.h / #include <isc/lang.h> #include <isc/log.h> LIBISCCFG_EXTERNAL_DATA extern isc_logcategory_t cfg_categories[]; LIBISCCFG_EXTERNAL_DATA extern isc_logmodule_t cfg_modules[]; #define CFG_LOGCATEGORY_CONFIG (&cfg_categories[0]) #define CFG_LOGMODULE_PARSER (&cfg_modules[0]) ISC_LANG_BEGINDECLS void cfg_log_init(isc_log_t lctx); /%< Make the libisccfg categories and modules available for use with the * ISC logging library. * * Requires: \li lctx is a valid logging context. \li cfg_log_init() is called only once. * Ensures: * \li The categories and modules defined above are available for * use by isc_log_usechannnel() and isc_log_write(). / ISC_LANG_ENDDECLS #endif / ISCCFG_LOG_H / ��isccfg/cfg.h��0000644��00000040021�15125204630�0006705 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISCCFG_CFG_H #define ISCCFG_CFG_H 1 /** * Module Info **/ /! \file isccfg/cfg.h * \brief * This is the new, table-driven, YACC-free configuration file parser. / / * Imports */ #include <inttypes.h> #include <stdbool.h> #include <time.h> #include <isc/formatcheck.h> #include <isc/lang.h> #include <isc/list.h> #include <isc/refcount.h> #include <isc/types.h> /* * Types / /% * A configuration parser. / typedef struct cfg_parser cfg_parser_t; /% * A configuration type definition object. There is a single * static cfg_type_t object for each data type supported by * the configuration parser. / typedef struct cfg_type cfg_type_t; /% * A configuration object. This is the basic building block of the * configuration parse tree. It contains a value (which may be * of one of several types) and information identifying the file * and line number the value came from, for printing error * messages. / typedef struct cfg_obj cfg_obj_t; /% * A configuration object list element. / typedef struct cfg_listelt cfg_listelt_t; /% * A callback function to be called when parsing an option * that needs to be interpreted at parsing time, like * "directory". / typedef isc_result_t (cfg_parsecallback_t)(const char clausename, const cfg_obj_t obj, void arg); / * Functions **/ ISC_LANG_BEGINDECLS void cfg_parser_attach(cfg_parser_t src, cfg_parser_t *dest); /%< * Reference a parser object. / isc_result_t cfg_parser_create(isc_mem_t mctx, isc_log_t lctx, cfg_parser_t ret); /%< * Create a configuration file parser. Any warning and error * messages will be logged to 'lctx'. * * The parser object returned can be used for a single call * to cfg_parse_file() or cfg_parse_buffer(). It must not * be reused for parsing multiple files or buffers. / void cfg_parser_setflags(cfg_parser_t pctx, unsigned int flags, bool turn_on); /%< Set parser context flags. The flags are not checked for sensibility. * If 'turn_on' is 'true' the flags will be set, otherwise the flags will * be cleared. * * Requires: \li "pctx" is not NULL. / void cfg_parser_setcallback(cfg_parser_t pctx, cfg_parsecallback_t callback, void arg); /%< Make the parser call 'callback' whenever it encounters * a configuration clause with the callback attribute, * passing it the clause name, the clause value, * and 'arg' as arguments. * * To restore the default of not invoking callbacks, pass * callback==NULL and arg==NULL. / isc_result_t cfg_parse_file(cfg_parser_t pctx, const char file, const cfg_type_t type, cfg_obj_t *ret); isc_result_t cfg_parse_buffer(cfg_parser_t pctx, isc_buffer_t buffer, const char file, unsigned int line, const cfg_type_t type, unsigned int flags, cfg_obj_t ret); /%< * Read a configuration containing data of type 'type' * and make 'ret' point to its parse tree. * The configuration is read from the file 'filename' * (isc_parse_file()) or the buffer 'buffer' * (isc_parse_buffer()). * * If 'file' is not NULL, it is the name of the file, or a name to use * for the buffer in place of the filename, when logging errors. * * If 'line' is not 0, then it is the beginning line number to report * when logging errors. This is useful when passing text that has been * read from the middle of a file. * * Returns an error if the file or buffer does not parse correctly. * * Requires: \li "filename" is valid. \li "mem" is valid. \li "type" is valid. \li "cfg" is non-NULL and "cfg" is NULL. \li "flags" be one or more of CFG_PCTX_NODEPRECATED or zero. * * Returns: * \li #ISC_R_SUCCESS - success \li #ISC_R_NOMEMORY - no memory available \li #ISC_R_INVALIDFILE - file doesn't exist or is unreadable \li others - file contains errors / isc_result_t cfg_parser_mapadd(cfg_parser_t pctx, cfg_obj_t mapobj, cfg_obj_t obj, const char clause); /%< Add the object 'obj' to the specified clause in mapbody 'mapobj'. * Used for adding new zones. * * Require: * \li 'obj' is a valid cfg_obj_t. * \li 'mapobj' is a valid cfg_obj_t of type map. * \li 'pctx' is a valid cfg_parser_t. / void cfg_parser_reset(cfg_parser_t pctx); /%< Reset an existing parser so it can be re-used for a new file or * buffer. / void cfg_parser_destroy(cfg_parser_t pctxp); /%< * Remove a reference to a configuration parser; destroy it if there are no * more references. / bool cfg_obj_isvoid(const cfg_obj_t obj); /%< Return true iff 'obj' is of void type (e.g., an optional * value not specified). / bool cfg_obj_ismap(const cfg_obj_t obj); /%< Return true iff 'obj' is of a map type. / bool cfg_obj_isfixedpoint(const cfg_obj_t obj); /%< Return true iff 'obj' is of a fixedpoint type. / bool cfg_obj_ispercentage(const cfg_obj_t obj); /%< Return true iff 'obj' is of a percentage type. / isc_result_t cfg_map_get(const cfg_obj_t mapobj, const char name, const cfg_obj_t obj); /%< * Extract an element from a configuration object, which * must be of a map type. * * Requires: * \li 'mapobj' points to a valid configuration object of a map type. * \li 'name' points to a null-terminated string. * \li 'obj' is non-NULL and 'obj' is NULL. * Returns: * \li #ISC_R_SUCCESS - success * \li #ISC_R_NOTFOUND - name not found in map / const cfg_obj_t cfg_map_getname(const cfg_obj_t mapobj); /%< * Get the name of a named map object, like a server "key" clause. * * Requires: * \li 'mapobj' points to a valid configuration object of a map type. * * Returns: * \li A pointer to a configuration object naming the map object, * or NULL if the map object does not have a name. / unsigned int cfg_map_count(const cfg_obj_t mapobj); /%< Get the number of elements defined in the symbol table of a map object. * * Requires: * \li 'mapobj' points to a valid configuration object of a map type. * * Returns: * \li The number of elements in the map object. / bool cfg_obj_istuple(const cfg_obj_t obj); /%< Return true iff 'obj' is of a map type. / const cfg_obj_t cfg_tuple_get(const cfg_obj_t tupleobj, const char name); /%< Extract an element from a configuration object, which * must be of a tuple type. * * Requires: * \li 'tupleobj' points to a valid configuration object of a tuple type. * \li 'name' points to a null-terminated string naming one of the \li fields of said tuple type. / bool cfg_obj_isuint32(const cfg_obj_t obj); /%< * Return true iff 'obj' is of integer type. / uint32_t cfg_obj_asuint32(const cfg_obj_t obj); /%< Returns the value of a configuration object of 32-bit integer type. * * Requires: * \li 'obj' points to a valid configuration object of 32-bit integer type. * * Returns: * \li A 32-bit unsigned integer. / bool cfg_obj_isuint64(const cfg_obj_t obj); /%< Return true iff 'obj' is of integer type. / uint64_t cfg_obj_asuint64(const cfg_obj_t obj); /%< Returns the value of a configuration object of 64-bit integer type. * * Requires: * \li 'obj' points to a valid configuration object of 64-bit integer type. * * Returns: * \li A 64-bit unsigned integer. / uint32_t cfg_obj_asfixedpoint(const cfg_obj_t obj); /%< Returns the value of a configuration object of fixed point number. * * Requires: * \li 'obj' points to a valid configuration object of fixed point type. * * Returns: * \li A 32-bit unsigned integer. / uint32_t cfg_obj_aspercentage(const cfg_obj_t obj); /%< Returns the value of a configuration object of percentage * * Requires: * \li 'obj' points to a valid configuration object of percentage type. * * Returns: * \li A 32-bit unsigned integer. / bool cfg_obj_isduration(const cfg_obj_t obj); /%< Return true iff 'obj' is of duration type. / uint32_t cfg_obj_asduration(const cfg_obj_t obj); /%< Returns the value of a configuration object of duration * * Requires: * \li 'obj' points to a valid configuration object of duration type. * * Returns: * \li A duration in seconds. / bool cfg_obj_isstring(const cfg_obj_t obj); /%< Return true iff 'obj' is of string type. / const char cfg_obj_asstring(const cfg_obj_t obj); /%< * Returns the value of a configuration object of a string type * as a null-terminated string. * * Requires: * \li 'obj' points to a valid configuration object of a string type. * * Returns: * \li A pointer to a null terminated string. / bool cfg_obj_isboolean(const cfg_obj_t obj); /%< Return true iff 'obj' is of a boolean type. / bool cfg_obj_asboolean(const cfg_obj_t obj); /%< Returns the value of a configuration object of a boolean type. * * Requires: * \li 'obj' points to a valid configuration object of a boolean type. * * Returns: * \li A boolean value. / bool cfg_obj_issockaddr(const cfg_obj_t obj); /%< Return true iff 'obj' is a socket address. / const isc_sockaddr_t cfg_obj_assockaddr(const cfg_obj_t obj); /%< * Returns the value of a configuration object representing a socket address. * * Requires: * \li 'obj' points to a valid configuration object of a socket address * type. * * Returns: * \li A pointer to a sockaddr. The sockaddr must be copied by the caller * if necessary. / isc_dscp_t cfg_obj_getdscp(const cfg_obj_t obj); /%< Returns the DSCP value of a configuration object representing a * socket address. * * Requires: * \li 'obj' points to a valid configuration object of a * socket address type. * * Returns: * \li DSCP value associated with a sockaddr, or -1. / bool cfg_obj_isnetprefix(const cfg_obj_t obj); /%< Return true iff 'obj' is a network prefix. / void cfg_obj_asnetprefix(const cfg_obj_t obj, isc_netaddr_t netaddr, unsigned int prefixlen); /%< Gets the value of a configuration object representing a network * prefix. The network address is returned through 'netaddr' and the * prefix length in bits through 'prefixlen'. * * Requires: * \li 'obj' points to a valid configuration object of network prefix type. \li 'netaddr' and 'prefixlen' are non-NULL. / bool cfg_obj_islist(const cfg_obj_t obj); /%< * Return true iff 'obj' is of list type. / const cfg_listelt_t cfg_list_first(const cfg_obj_t obj); /%< * Returns the first list element in a configuration object of a list type. * * Requires: * \li 'obj' points to a valid configuration object of a list type or NULL. * * Returns: * \li A pointer to a cfg_listelt_t representing the first list element, * or NULL if the list is empty or nonexistent. / const cfg_listelt_t cfg_list_next(const cfg_listelt_t elt); /%< * Returns the next element of a list of configuration objects. * * Requires: * \li 'elt' points to cfg_listelt_t obtained from cfg_list_first() or * a previous call to cfg_list_next(). * * Returns: * \li A pointer to a cfg_listelt_t representing the next element, * or NULL if there are no more elements. / unsigned int cfg_list_length(const cfg_obj_t obj, bool recurse); /%< Returns the length of a list of configure objects. If obj is * not a list, returns 0. If recurse is true, add in the length of * all contained lists. / cfg_obj_t cfg_listelt_value(const cfg_listelt_t elt); /%< * Returns the configuration object associated with cfg_listelt_t. * * Requires: * \li 'elt' points to cfg_listelt_t obtained from cfg_list_first() or * cfg_list_next(). * * Returns: * \li A non-NULL pointer to a configuration object. / void cfg_print(const cfg_obj_t obj, void (f)(void closure, const char text, int textlen), void closure); void cfg_printx(const cfg_obj_t obj, unsigned int flags, void (f)(void closure, const char text, int textlen), void closure); #define CFG_PRINTER_XKEY 0x1 / '?' out shared keys. / #define CFG_PRINTER_ONELINE 0x2 / print config as a single line / #define CFG_PRINTER_ACTIVEONLY \ 0x4 / print only active configuration \ * options, omitting ancient, \ * obsolete, nonimplemented, \ * and test-only options. / /%< * Print the configuration object 'obj' by repeatedly calling the * function 'f', passing 'closure' and a region of text starting * at 'text' and comprising 'textlen' characters. * * If CFG_PRINTER_XKEY the contents of shared keys will be obscured * by replacing them with question marks ('?') / void cfg_print_grammar(const cfg_type_t type, unsigned int flags, void (f)(void closure, const char text, int textlen), void closure); /%< Print a summary of the grammar of the configuration type 'type'. / bool cfg_obj_istype(const cfg_obj_t obj, const cfg_type_t type); /%< * Return true iff 'obj' is of type 'type'. / void cfg_obj_attach(cfg_obj_t src, cfg_obj_t *dest); /%< * Reference a configuration object. / void cfg_obj_destroy(cfg_parser_t pctx, cfg_obj_t *obj); /%< * Delete a reference to a configuration object; destroy the object if * there are no more references. * * Require: * \li 'obj' is a valid cfg_obj_t. \li 'pctx' is a valid cfg_parser_t. / void cfg_obj_log(const cfg_obj_t obj, isc_log_t lctx, int level, const char fmt, ...) ISC_FORMAT_PRINTF(4, 5); /%< Log a message concerning configuration object 'obj' to the logging * channel of 'pctx', at log level 'level'. The message will be prefixed * with the file name(s) and line number where 'obj' was defined. / const char cfg_obj_file(const cfg_obj_t obj); /%< * Return the file that defined this object. / unsigned int cfg_obj_line(const cfg_obj_t obj); /%< Return the line in file where this object was defined. / const char cfg_map_firstclause(const cfg_type_t map, const void clauses, unsigned int idx); const char * cfg_map_nextclause(const cfg_type_t map, const void clauses, unsigned int idx); typedef isc_result_t(pluginlist_cb_t)(const cfg_obj_t config, const cfg_obj_t obj, const char plugin_path, const char parameters, void callback_data); /%< * Function prototype for the callback used with cfg_pluginlist_foreach(). * Called once for each element of the list passed to cfg_pluginlist_foreach(). * If this callback returns anything else than #ISC_R_SUCCESS, no further list * elements will be processed. * * \li 'config' - the 'config' object passed to cfg_pluginlist_foreach() * \li 'obj' - object representing the specific "plugin" stanza to be processed * \li 'plugin_path' - path to the shared object with plugin code * \li 'parameters' - configuration text for the plugin * \li 'callback_data' - the pointer passed to cfg_pluginlist_foreach() / isc_result_t cfg_pluginlist_foreach(const cfg_obj_t config, const cfg_obj_t list, isc_log_t lctx, pluginlist_cb_t callback, void callback_data); /%< For every "plugin" stanza present in 'list' (which in turn is a part of * 'config'), invoke the given 'callback', passing 'callback_data' to it along * with a fixed set of arguments (see the definition of the #pluginlist_cb_t * type). Use logging context 'lctx' for logging error messages. Interrupt * processing if 'callback' returns something else than #ISC_R_SUCCESS for any * element of 'list'. * * Requires: * * \li 'config' is not NULL * \li 'callback' is not NULL * * Returns: * * \li #ISC_R_SUCCESS if 'callback' returned #ISC_R_SUCCESS for all elements of * 'list' * \li first 'callback' return value which was not #ISC_R_SUCCESS otherwise / ISC_LANG_ENDDECLS #endif / ISCCFG_CFG_H / ��isccfg/namedconf.h��0000644��00000003236�15125204630�0010107 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISCCFG_NAMEDCONF_H #define ISCCFG_NAMEDCONF_H 1 /! \file isccfg/namedconf.h * \brief * This module defines the named.conf, rndc.conf, and rndc.key grammars. / #include <isccfg/cfg.h> / * Configuration object types. / LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_namedconf; /%< A complete named.conf file. / LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_bindkeys; /%< A bind.keys file. / LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_newzones; /%< A new-zones file (for zones added by 'rndc addzone'). / LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_addzoneconf; /%< A single zone passed via the addzone rndc command. / LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_rndcconf; /%< A complete rndc.conf file. / LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_rndckey; /%< A complete rndc.key file. / LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_sessionkey; /%< A complete session.key file. / LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_keyref; /%< A key reference, used as an ACL element / /%< Zone options / LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_zoneopts; /%< DNSSEC Key and Signing Policy options / LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_dnssecpolicyopts; #endif / ISCCFG_NAMEDCONF_H / ��isccfg/version.h��0000644��00000000771�15125204630�0007643 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! \file isccfg/version.h / #include <isc/platform.h> LIBISCCFG_EXTERNAL_DATA extern const char cfg_version[]; ��isccfg/kaspconf.h��0000644��00000002732�15125204630�0007761 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISCCFG_KASPCONF_H #define ISCCFG_KASPCONF_H 1 #include <isc/lang.h> #include <dns/types.h> #include <isccfg/cfg.h> / * Functions **/ ISC_LANG_BEGINDECLS isc_result_t cfg_kasp_fromconfig(const cfg_obj_t config, const char name, isc_mem_t mctx, isc_log_t logctx, dns_kasplist_t kasplist, dns_kasp_t *kaspp); /%< * Create and configure a KASP. If 'config' is NULL, a built-in configuration * is used, referred to by 'name'. If a 'kasplist' is provided, a lookup * happens and if a KASP already exists with the same name, no new KASP is * created, and no attach to 'kaspp' happens. * * Requires: * \li 'name' is either NULL, or a valid C string. \li 'mctx' is a valid memory context. \li 'logctx' is a valid logging context. \li kaspp != NULL && kaspp == NULL * * Returns: * \li #ISC_R_SUCCESS If creating and configuring the KASP succeeds. \li #ISC_R_EXISTS If 'kasplist' already has a kasp structure with 'name'. \li #ISC_R_NOMEMORY \li Other errors are possible. / ISC_LANG_ENDDECLS #endif /* ISCCFG_KASPCONF_H / ��isccfg/dnsconf.h��0000644��00000001331�15125204630�0007601 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISCCFG_DNSCONF_H #define ISCCFG_DNSCONF_H 1 /! \file * \brief * This module defines the named.conf, rndc.conf, and rndc.key grammars. / #include <isccfg/cfg.h> / * Configuration object types. / LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_dnsconf; /%< A complete dns.conf file. / #endif / ISCCFG_DNSCONF_H / ��isccfg/grammar.h��0000644��00000042004�15125204630�0007577 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISCCFG_GRAMMAR_H #define ISCCFG_GRAMMAR_H 1 /! \file isccfg/grammar.h / #include <inttypes.h> #include <stdbool.h> #include <isc/lex.h> #include <isc/netaddr.h> #include <isc/region.h> #include <isc/sockaddr.h> #include <isc/types.h> #include <isccfg/cfg.h> / * Definitions shared between the configuration parser * and the grammars; not visible to users of the parser. / /% Clause may occur multiple times (e.g., "zone") / #define CFG_CLAUSEFLAG_MULTI 0x00000001 /% Clause is obsolete (logs a warning, but is not a fatal error) / #define CFG_CLAUSEFLAG_OBSOLETE 0x00000002 /% Clause is not implemented, and may never be / #define CFG_CLAUSEFLAG_NOTIMP 0x00000004 /% Clause is not implemented yet / #define CFG_CLAUSEFLAG_NYI 0x00000008 /% Default value has changed since earlier release / #define CFG_CLAUSEFLAG_NEWDEFAULT 0x00000010 /% * Clause needs to be interpreted during parsing * by calling a callback function, like the * "directory" option. / #define CFG_CLAUSEFLAG_CALLBACK 0x00000020 /% A option that is only used in testing. / #define CFG_CLAUSEFLAG_TESTONLY 0x00000040 /% A configuration option that was not configured at compile time. / #define CFG_CLAUSEFLAG_NOTCONFIGURED 0x00000080 /% A option for a experimental feature. / #define CFG_CLAUSEFLAG_EXPERIMENTAL 0x00000100 /% A configuration option that is ineffective due to * compile time options, but is harmless. / #define CFG_CLAUSEFLAG_NOOP 0x00000200 /% Clause will be obsolete in a future release (logs a warning) / #define CFG_CLAUSEFLAG_DEPRECATED 0x00000400 /% Clause has been obsolete so long that it's now a fatal error / #define CFG_CLAUSEFLAG_ANCIENT 0x00000800 /% * Zone types for which a clause is valid: * These share space with CFG_CLAUSEFLAG values, but count * down from the top. / #define CFG_ZONE_PRIMARY 0x80000000 #define CFG_ZONE_SECONDARY 0x40000000 #define CFG_ZONE_STUB 0x20000000 #define CFG_ZONE_HINT 0x10000000 #define CFG_ZONE_FORWARD 0x08000000 #define CFG_ZONE_STATICSTUB 0x04000000 #define CFG_ZONE_REDIRECT 0x02000000 #define CFG_ZONE_DELEGATION 0x01000000 #define CFG_ZONE_INVIEW 0x00800000 #define CFG_ZONE_MIRROR 0x00400000 typedef struct cfg_clausedef cfg_clausedef_t; typedef struct cfg_tuplefielddef cfg_tuplefielddef_t; typedef struct cfg_printer cfg_printer_t; typedef ISC_LIST(cfg_listelt_t) cfg_list_t; typedef struct cfg_map cfg_map_t; typedef struct cfg_rep cfg_rep_t; typedef struct cfg_duration cfg_duration_t; #define CFG_DURATION_MAXLEN 64 / * Function types for configuration object methods / typedef isc_result_t (cfg_parsefunc_t)(cfg_parser_t , const cfg_type_t type, cfg_obj_t *); typedef void (cfg_printfunc_t)(cfg_printer_t , const cfg_obj_t ); typedef void (cfg_docfunc_t)(cfg_printer_t , const cfg_type_t ); typedef void (cfg_freefunc_t)(cfg_parser_t , cfg_obj_t ); /* * Structure definitions / /% * A configuration printer object. This is an abstract * interface to a destination to which text can be printed * by calling the function 'f'. / struct cfg_printer { void (f)(void closure, const char text, int textlen); void closure; int indent; int flags; }; /% A clause definition. / struct cfg_clausedef { const char name; cfg_type_t type; unsigned int flags; }; /% A tuple field definition. / struct cfg_tuplefielddef { const char name; cfg_type_t type; unsigned int flags; }; /% A configuration object type definition. / struct cfg_type { const char name; /%< For debugging purposes only / cfg_parsefunc_t parse; cfg_printfunc_t print; cfg_docfunc_t doc; /%< Print grammar description / cfg_rep_t rep; /%< Data representation / const void of; /%< Additional data for meta-types / }; /% A keyword-type definition, for things like "port <integer>". / typedef struct { const char name; const cfg_type_t type; } keyword_type_t; struct cfg_map { cfg_obj_t id; /%< Used for 'named maps' like * keys, zones, &c / const cfg_clausedef_t const clausesets; /%< The clauses that * can occur in this map; * used for printing / isc_symtab_t symtab; }; typedef struct cfg_netprefix cfg_netprefix_t; struct cfg_netprefix { isc_netaddr_t address; /* IP4/IP6 / unsigned int prefixlen; }; /% * A configuration object to store ISO 8601 durations. / struct cfg_duration { / * The duration is stored in multiple parts: * [0] Years * [1] Months * [2] Weeks * [3] Days * [4] Hours * [5] Minutes * [6] Seconds / uint32_t parts[7]; bool iso8601; bool unlimited; }; /% * A configuration data representation. / struct cfg_rep { const char name; /%< For debugging only / cfg_freefunc_t free; /%< How to free this kind of data. / }; /% A configuration object. This is the main building block * of the configuration parse tree. / struct cfg_obj { const cfg_type_t type; union { uint32_t uint32; uint64_t uint64; isc_textregion_t string; /%< null terminated, too / bool boolean; cfg_map_t map; cfg_list_t list; cfg_obj_t *tuple; isc_sockaddr_t sockaddr; struct { isc_sockaddr_t sockaddr; isc_dscp_t dscp; } sockaddrdscp; cfg_netprefix_t netprefix; cfg_duration_t duration; } value; isc_refcount_t references; /%< reference counter / const char file; unsigned int line; cfg_parser_t pctx; }; /% A list element. / struct cfg_listelt { cfg_obj_t obj; ISC_LINK(cfg_listelt_t) link; }; /% The parser object. / struct cfg_parser { isc_mem_t mctx; isc_log_t lctx; isc_lex_t lexer; unsigned int errors; unsigned int warnings; isc_token_t token; /% We are at the end of all input. / bool seen_eof; /% The current token has been pushed back. / bool ungotten; /% * The stack of currently active files, represented * as a configuration list of configuration strings. * The head is the top-level file, subsequent elements * (if any) are the nested include files, and the * last element is the file currently being parsed. / cfg_obj_t open_files; /% Names of files that we have parsed and closed * and were previously on the open_file list. * We keep these objects around after closing * the files because the file names may still be * referenced from other configuration objects * for use in reporting semantic errors after * parsing is complete. / cfg_obj_t closed_files; /% Name of a buffer being parsed; used only for * logging. / char const buf_name; /% Current line number. We maintain our own * copy of this so that it is available even * when a file has just been closed. / unsigned int line; /% * Parser context flags, used for maintaining state * from one token to the next. / unsigned int flags; /%< Reference counter / isc_refcount_t references; cfg_parsecallback_t callback; void callbackarg; }; /* Parser context flags / #define CFG_PCTX_SKIP 0x1 #define CFG_PCTX_NODEPRECATED 0x2 /@{/ /% * Flags defining whether to accept certain types of network addresses. / #define CFG_ADDR_V4OK 0x00000001 #define CFG_ADDR_V4PREFIXOK 0x00000002 #define CFG_ADDR_V6OK 0x00000004 #define CFG_ADDR_WILDOK 0x00000008 #define CFG_ADDR_DSCPOK 0x00000010 #define CFG_ADDR_MASK (CFG_ADDR_V6OK \| CFG_ADDR_V4OK) /@}/ /@{/ /% * Predefined data representation types. / LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_uint32; LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_uint64; LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_string; LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_boolean; LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_map; LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_list; LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_tuple; LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_sockaddr; LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_netprefix; LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_void; LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_fixedpoint; LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_percentage; LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_duration; /@}/ /@{/ /% * Predefined configuration object types. / LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_boolean; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_uint32; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_uint64; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_qstring; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_astring; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_ustring; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_sstring; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_bracketed_aml; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_bracketed_text; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_optional_bracketed_text; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_keyref; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_sockaddr; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_sockaddrdscp; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_netaddr; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_netaddr4; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_netaddr4wild; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_netaddr6; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_netaddr6wild; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_netprefix; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_void; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_token; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_unsupported; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_fixedpoint; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_percentage; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_duration; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_duration_or_unlimited; /@}/ isc_result_t cfg_gettoken(cfg_parser_t pctx, int options); isc_result_t cfg_peektoken(cfg_parser_t pctx, int options); void cfg_ungettoken(cfg_parser_t pctx); #define CFG_LEXOPT_QSTRING (ISC_LEXOPT_QSTRING \| ISC_LEXOPT_QSTRINGMULTILINE) isc_result_t cfg_create_obj(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t *objp); void cfg_print_rawuint(cfg_printer_t pctx, unsigned int u); isc_result_t cfg_parse_uint32(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t *ret); void cfg_print_uint32(cfg_printer_t pctx, const cfg_obj_t obj); void cfg_print_uint64(cfg_printer_t pctx, const cfg_obj_t obj); isc_result_t cfg_parse_qstring(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t ret); void cfg_print_ustring(cfg_printer_t pctx, const cfg_obj_t obj); isc_result_t cfg_parse_astring(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t ret); isc_result_t cfg_parse_sstring(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t ret); isc_result_t cfg_parse_rawaddr(cfg_parser_t pctx, unsigned int flags, isc_netaddr_t na); void cfg_print_rawaddr(cfg_printer_t pctx, const isc_netaddr_t na); bool cfg_lookingat_netaddr(cfg_parser_t pctx, unsigned int flags); isc_result_t cfg_parse_rawport(cfg_parser_t pctx, unsigned int flags, in_port_t port); isc_result_t cfg_parse_dscp(cfg_parser_t pctx, isc_dscp_t dscp); isc_result_t cfg_parse_sockaddr(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t *ret); isc_result_t cfg_parse_boolean(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t ret); void cfg_print_sockaddr(cfg_printer_t pctx, const cfg_obj_t obj); void cfg_print_boolean(cfg_printer_t pctx, const cfg_obj_t obj); void cfg_doc_sockaddr(cfg_printer_t pctx, const cfg_type_t type); isc_result_t cfg_parse_netprefix(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t ret); isc_result_t cfg_parse_special(cfg_parser_t pctx, int special); /%< Parse a required special character 'special'. / isc_result_t cfg_create_tuple(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t *objp); isc_result_t cfg_parse_tuple(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t ret); void cfg_print_tuple(cfg_printer_t pctx, const cfg_obj_t obj); void cfg_doc_tuple(cfg_printer_t pctx, const cfg_type_t type); isc_result_t cfg_create_list(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t objp); isc_result_t cfg_parse_listelt(cfg_parser_t pctx, const cfg_type_t elttype, cfg_listelt_t ret); isc_result_t cfg_parse_bracketed_list(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t ret); void cfg_print_bracketed_list(cfg_printer_t pctx, const cfg_obj_t obj); void cfg_doc_bracketed_list(cfg_printer_t pctx, const cfg_type_t type); isc_result_t cfg_parse_spacelist(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t ret); void cfg_print_spacelist(cfg_printer_t pctx, const cfg_obj_t obj); isc_result_t cfg_parse_enum(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t ret); void cfg_doc_enum(cfg_printer_t pctx, const cfg_type_t type); isc_result_t cfg_parse_enum_or_other(cfg_parser_t pctx, const cfg_type_t enumtype, const cfg_type_t othertype, cfg_obj_t *ret); void cfg_doc_enum_or_other(cfg_printer_t pctx, const cfg_type_t enumtype, const cfg_type_t othertype); void cfg_print_chars(cfg_printer_t pctx, const char text, int len); /%< Print 'len' characters at 'text' / void cfg_print_cstr(cfg_printer_t pctx, const char s); /%< Print the null-terminated string 's' / isc_result_t cfg_parse_map(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t *ret); isc_result_t cfg_parse_named_map(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t ret); isc_result_t cfg_parse_addressed_map(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t ret); isc_result_t cfg_parse_netprefix_map(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t ret); void cfg_print_map(cfg_printer_t pctx, const cfg_obj_t obj); void cfg_doc_map(cfg_printer_t pctx, const cfg_type_t type); isc_result_t cfg_parse_mapbody(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t ret); void cfg_print_mapbody(cfg_printer_t pctx, const cfg_obj_t obj); void cfg_doc_mapbody(cfg_printer_t pctx, const cfg_type_t type); isc_result_t cfg_parse_void(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t ret); void cfg_print_void(cfg_printer_t pctx, const cfg_obj_t obj); void cfg_doc_void(cfg_printer_t pctx, const cfg_type_t type); isc_result_t cfg_parse_fixedpoint(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t ret); void cfg_print_fixedpoint(cfg_printer_t pctx, const cfg_obj_t obj); isc_result_t cfg_parse_percentage(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t ret); void cfg_print_percentage(cfg_printer_t pctx, const cfg_obj_t obj); isc_result_t cfg_parse_duration(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t ret); void cfg_print_duration(cfg_printer_t pctx, const cfg_obj_t obj); isc_result_t cfg_parse_duration_or_unlimited(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t ret); void cfg_print_duration_or_unlimited(cfg_printer_t pctx, const cfg_obj_t obj); isc_result_t cfg_parse_obj(cfg_parser_t pctx, const cfg_type_t type, cfg_obj_t ret); void cfg_print_obj(cfg_printer_t pctx, const cfg_obj_t obj); void cfg_doc_obj(cfg_printer_t pctx, const cfg_type_t type); /%< * Print a description of the grammar of an arbitrary configuration * type 'type' / void cfg_doc_terminal(cfg_printer_t pctx, const cfg_type_t type); /%< * Document the type 'type' as a terminal by printing its * name in angle brackets, e.g., <uint32>. / void cfg_parser_error(cfg_parser_t pctx, unsigned int flags, const char fmt, ...) ISC_FORMAT_PRINTF(3, 4); /! * Pass one of these flags to cfg_parser_error() to include the * token text in log message. / #define CFG_LOG_NEAR 0x00000001 /%< Say "near <token>" / #define CFG_LOG_BEFORE 0x00000002 /%< Say "before <token>" / #define CFG_LOG_NOPREP 0x00000004 /%< Say just "<token>" / void cfg_parser_warning(cfg_parser_t pctx, unsigned int flags, const char fmt, ...) ISC_FORMAT_PRINTF(3, 4); bool cfg_is_enum(const char s, const char const enums); /%< Return true iff the string 's' is one of the strings in 'enums' / bool cfg_clause_validforzone(const char name, unsigned int ztype); /%< * Check whether an option is legal for the specified zone type. / void cfg_print_zonegrammar(const unsigned int zonetype, unsigned int flags, void (f)(void closure, const char text, int textlen), void closure); /%< * Print a summary of the grammar of the zone type represented by * 'zonetype'. / void cfg_print_clauseflags(cfg_printer_t pctx, unsigned int flags); /%< Print clause flags (e.g. "obsolete", "not implemented", etc) in * human readable form / void cfg_print_indent(cfg_printer_t pctx); /%< Print the necessary indent required by the current settings of 'pctx'. / #endif / ISCCFG_GRAMMAR_H / ��isccc/result.h��0000644��00000004201�15125204630�0007312 0��ustar�00��/ * Portions Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. * * Portions Copyright (C) 2001 Nominum, Inc. * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NOMINUM DISCLAIMS ALL * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. / #ifndef ISCCC_RESULT_H #define ISCCC_RESULT_H 1 /! \file isccc/result.h / #include <isc/lang.h> #include <isc/result.h> #include <isc/resultclass.h> #include <isccc/types.h> /% Unknown Version / #define ISCCC_R_UNKNOWNVERSION (ISC_RESULTCLASS_ISCCC + 0) /% Syntax Error / #define ISCCC_R_SYNTAX (ISC_RESULTCLASS_ISCCC + 1) /% Bad Authorization / #define ISCCC_R_BADAUTH (ISC_RESULTCLASS_ISCCC + 2) /% Expired / #define ISCCC_R_EXPIRED (ISC_RESULTCLASS_ISCCC + 3) /% Clock Skew / #define ISCCC_R_CLOCKSKEW (ISC_RESULTCLASS_ISCCC + 4) /% Duplicate / #define ISCCC_R_DUPLICATE (ISC_RESULTCLASS_ISCCC + 5) /% Maximum recursion depth / #define ISCCC_R_MAXDEPTH (ISC_RESULTCLASS_ISCCC + 6) #define ISCCC_R_NRESULTS 7 /%< Number of results / ISC_LANG_BEGINDECLS const char isccc_result_totext(isc_result_t result); /% Convert a isccc_result_t into a string message describing the result. / void isccc_result_register(void); ISC_LANG_ENDDECLS #endif / ISCCC_RESULT_H / ��isccc/base64.h��0000644��00000004610�15125204630�0007064 0��ustar�00��/ * Portions Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. * * Portions Copyright (C) 2001 Nominum, Inc. * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NOMINUM DISCLAIMS ALL * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. / #ifndef ISCCC_BASE64_H #define ISCCC_BASE64_H 1 /! \file isccc/base64.h / #include <isc/lang.h> #include <isccc/types.h> ISC_LANG_BEGINDECLS / * Functions **/ isc_result_t isccc_base64_encode(isccc_region_t source, int wordlength, const char wordbreak, isccc_region_t target); /%< Convert data into base64 encoded text. * * Notes: \li The base64 encoded text in 'target' will be divided into words of at most 'wordlength' characters, separated by * the 'wordbreak' string. No parentheses will surround * the text. * * Requires: \li 'source' is a region containing binary data. \li 'target' is a text region containing available space. \li 'wordbreak' points to a null-terminated string of zero or more whitespace characters. / isc_result_t isccc_base64_decode(const char cstr, isccc_region_t target); /%< * Decode a null-terminated base64 string. * * Requires: \li 'cstr' is non-null. \li 'target' is a valid region. * * Returns: \li #ISC_R_SUCCESS -- the entire decoded representation of 'cstring' fit in 'target'. \li #ISC_R_BADBASE64 -- 'cstr' is not a valid base64 encoding. \li #ISC_R_NOSPACE -- 'target' is not big enough. / ISC_LANG_ENDDECLS #endif / ISCCC_BASE64_H / ��isccc/alist.h��0000644��00000004556�15125204630�0007125 0��ustar�00��/ * Portions Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. * * Portions Copyright (C) 2001 Nominum, Inc. * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NOMINUM DISCLAIMS ALL * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. / #ifndef ISCCC_ALIST_H #define ISCCC_ALIST_H 1 /! \file isccc/alist.h / #include <stdbool.h> #include <stdio.h> #include <isc/lang.h> #include <isccc/types.h> ISC_LANG_BEGINDECLS isccc_sexpr_t isccc_alist_create(void); bool isccc_alist_alistp(isccc_sexpr_t alist); bool isccc_alist_emptyp(isccc_sexpr_t alist); isccc_sexpr_t * isccc_alist_first(isccc_sexpr_t alist); isccc_sexpr_t isccc_alist_assq(isccc_sexpr_t alist, const char key); void isccc_alist_delete(isccc_sexpr_t alist, const char key); isccc_sexpr_t * isccc_alist_define(isccc_sexpr_t alist, const char key, isccc_sexpr_t value); isccc_sexpr_t isccc_alist_definestring(isccc_sexpr_t alist, const char key, const char str); isccc_sexpr_t isccc_alist_definebinary(isccc_sexpr_t alist, const char key, isccc_region_t r); isccc_sexpr_t isccc_alist_lookup(isccc_sexpr_t alist, const char key); isc_result_t isccc_alist_lookupstring(isccc_sexpr_t alist, const char key, char *strp); isc_result_t isccc_alist_lookupbinary(isccc_sexpr_t alist, const char key, isccc_region_t r); void isccc_alist_prettyprint(isccc_sexpr_t sexpr, unsigned int indent, FILE stream); ISC_LANG_ENDDECLS #endif / ISCCC_ALIST_H / ��isccc/sexpr.h��0000644��00000005672�15125204630�0007152 0��ustar�00��/ * Portions Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. * * Portions Copyright (C) 2001 Nominum, Inc. * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NOMINUM DISCLAIMS ALL * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. / #ifndef ISCCC_SEXPR_H #define ISCCC_SEXPR_H 1 /! \file isccc/sexpr.h / #include <stdbool.h> #include <stdio.h> #include <isc/lang.h> #include <isccc/types.h> ISC_LANG_BEGINDECLS /% dotted pair structure / struct isccc_dottedpair { isccc_sexpr_t car; isccc_sexpr_t cdr; }; /% iscc_sexpr structure / struct isccc_sexpr { unsigned int type; union { char as_string; isccc_dottedpair_t as_dottedpair; isccc_region_t as_region; } value; }; #define ISCCC_SEXPRTYPE_NONE 0x00 /%< Illegal. / #define ISCCC_SEXPRTYPE_T 0x01 #define ISCCC_SEXPRTYPE_STRING 0x02 #define ISCCC_SEXPRTYPE_DOTTEDPAIR 0x03 #define ISCCC_SEXPRTYPE_BINARY 0x04 #define ISCCC_SEXPR_CAR(s) (s)->value.as_dottedpair.car #define ISCCC_SEXPR_CDR(s) (s)->value.as_dottedpair.cdr isccc_sexpr_t * isccc_sexpr_cons(isccc_sexpr_t car, isccc_sexpr_t cdr); isccc_sexpr_t * isccc_sexpr_tconst(void); isccc_sexpr_t * isccc_sexpr_fromstring(const char str); isccc_sexpr_t isccc_sexpr_frombinary(const isccc_region_t region); void isccc_sexpr_free(isccc_sexpr_t sexprp); void isccc_sexpr_print(isccc_sexpr_t sexpr, FILE stream); isccc_sexpr_t isccc_sexpr_car(isccc_sexpr_t list); isccc_sexpr_t isccc_sexpr_cdr(isccc_sexpr_t list); void isccc_sexpr_setcar(isccc_sexpr_t pair, isccc_sexpr_t car); void isccc_sexpr_setcdr(isccc_sexpr_t pair, isccc_sexpr_t cdr); isccc_sexpr_t isccc_sexpr_addtolist(isccc_sexpr_t *l1p, isccc_sexpr_t l2); bool isccc_sexpr_listp(isccc_sexpr_t sexpr); bool isccc_sexpr_emptyp(isccc_sexpr_t sexpr); bool isccc_sexpr_stringp(isccc_sexpr_t sexpr); bool isccc_sexpr_binaryp(isccc_sexpr_t sexpr); char * isccc_sexpr_tostring(isccc_sexpr_t sexpr); isccc_region_t isccc_sexpr_tobinary(isccc_sexpr_t sexpr); ISC_LANG_ENDDECLS #endif / ISCCC_SEXPR_H / ��isccc/cc.h��0000644��00000007157�15125204630�0006376 0��ustar�00��/ * Portions Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. * * Portions Copyright (C) 2001 Nominum, Inc. * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NOMINUM DISCLAIMS ALL * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. / #ifndef ISCCC_CC_H #define ISCCC_CC_H 1 /! \file isccc/cc.h / #include <inttypes.h> #include <stdbool.h> #include <isc/buffer.h> #include <isc/lang.h> #include <isccc/types.h> ISC_LANG_BEGINDECLS /% from lib/dns/include/dst/dst.h / #define ISCCC_ALG_UNKNOWN 0 #define ISCCC_ALG_HMACMD5 157 #define ISCCC_ALG_HMACSHA1 161 #define ISCCC_ALG_HMACSHA224 162 #define ISCCC_ALG_HMACSHA256 163 #define ISCCC_ALG_HMACSHA384 164 #define ISCCC_ALG_HMACSHA512 165 /% Maximum Datagram Package / #define ISCCC_CC_MAXDGRAMPACKET 4096 /% Message Type String / #define ISCCC_CCMSGTYPE_STRING 0x00 /% Message Type Binary Data / #define ISCCC_CCMSGTYPE_BINARYDATA 0x01 /% Message Type Table / #define ISCCC_CCMSGTYPE_TABLE 0x02 /% Message Type List / #define ISCCC_CCMSGTYPE_LIST 0x03 /% Send to Wire / isc_result_t isccc_cc_towire(isccc_sexpr_t alist, isc_buffer_t *buffer, uint32_t algorithm, isccc_region_t secret); /% Get From Wire / isc_result_t isccc_cc_fromwire(isccc_region_t source, isccc_sexpr_t alistp, uint32_t algorithm, isccc_region_t secret); /% Create Message / isc_result_t isccc_cc_createmessage(uint32_t version, const char from, const char to, uint32_t serial, isccc_time_t now, isccc_time_t expires, isccc_sexpr_t *alistp); /% Create Acknowledgment / isc_result_t isccc_cc_createack(isccc_sexpr_t message, bool ok, isccc_sexpr_t *ackp); /% Is Ack? / bool isccc_cc_isack(isccc_sexpr_t message); /% Is Reply? / bool isccc_cc_isreply(isccc_sexpr_t message); /% Create Response / isc_result_t isccc_cc_createresponse(isccc_sexpr_t message, isccc_time_t now, isccc_time_t expires, isccc_sexpr_t *alistp); /% Define String / isccc_sexpr_t isccc_cc_definestring(isccc_sexpr_t alist, const char key, const char str); /% Define uint 32 / isccc_sexpr_t isccc_cc_defineuint32(isccc_sexpr_t alist, const char key, uint32_t i); /% Lookup String / isc_result_t isccc_cc_lookupstring(isccc_sexpr_t alist, const char key, char *strp); /% Lookup uint 32 / isc_result_t isccc_cc_lookupuint32(isccc_sexpr_t alist, const char key, uint32_t uintp); /% Create Symbol Table / isc_result_t isccc_cc_createsymtab(isccc_symtab_t *symtabp); /% Clean up Symbol Table / void isccc_cc_cleansymtab(isccc_symtab_t symtab, isccc_time_t now); /% Check for Duplicates / isc_result_t isccc_cc_checkdup(isccc_symtab_t symtab, isccc_sexpr_t message, isccc_time_t now); ISC_LANG_ENDDECLS #endif /* ISCCC_CC_H / ��isccc/symtab.h��0000644��00000010253�15125204630�0007277 0��ustar�00��/ * Portions Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. * * Portions Copyright (C) 2001 Nominum, Inc. * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NOMINUM DISCLAIMS ALL * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. / #ifndef ISCCC_SYMTAB_H #define ISCCC_SYMTAB_H 1 /** * Module Info **/ /! \file isccc/symtab.h * \brief * Provides a simple memory-based symbol table. * * Keys are C strings. A type may be specified when looking up, * defining, or undefining. A type value of 0 means "match any type"; * any other value will only match the given type. * * It's possible that a client will attempt to define a <key, type, * value> tuple when a tuple with the given key and type already * exists in the table. What to do in this case is specified by the * client. Possible policies are: * \li isccc_symexists_reject Disallow the define, returning #ISC_R_EXISTS \li isccc_symexists_replace Replace the old value with the new. The * undefine action (if provided) will be called * with the old <key, type, value> tuple. \li isccc_symexists_add Add the new tuple, leaving the old tuple in the table. Subsequent lookups will retrieve * the most-recently-defined tuple. * * A lookup of a key using type 0 will return the most-recently * defined symbol with that key. An undefine of a key using type 0 * will undefine the most-recently defined symbol with that key. * Trying to define a key with type 0 is illegal. * * The symbol table library does not make a copy the key field, so the * caller must ensure that any key it passes to isccc_symtab_define() * will not change until it calls isccc_symtab_undefine() or * isccc_symtab_destroy(). * * A user-specified action will be called (if provided) when a symbol * is undefined. It can be used to free memory associated with keys * and/or values. / / * Imports. */ #include <stdbool.h> #include <isc/lang.h> #include <isccc/types.h> /* * Symbol Tables. / typedef union isccc_symvalue { void as_pointer; int as_integer; unsigned int as_uinteger; } isccc_symvalue_t; typedef void (isccc_symtabundefaction_t)(char key, unsigned int type, isccc_symvalue_t value, void userarg); typedef bool (isccc_symtabforeachaction_t)(char key, unsigned int type, isccc_symvalue_t value, void userarg); typedef enum { isccc_symexists_reject = 0, isccc_symexists_replace = 1, isccc_symexists_add = 2 } isccc_symexists_t; ISC_LANG_BEGINDECLS isc_result_t isccc_symtab_create(unsigned int size, isccc_symtabundefaction_t undefine_action, void undefine_arg, bool case_sensitive, isccc_symtab_t symtabp); void isccc_symtab_destroy(isccc_symtab_t symtabp); isc_result_t isccc_symtab_lookup(isccc_symtab_t symtab, const char key, unsigned int type, isccc_symvalue_t value); isc_result_t isccc_symtab_define(isccc_symtab_t symtab, char key, unsigned int type, isccc_symvalue_t value, isccc_symexists_t exists_policy); isc_result_t isccc_symtab_undefine(isccc_symtab_t symtab, const char key, unsigned int type); void isccc_symtab_foreach(isccc_symtab_t symtab, isccc_symtabforeachaction_t action, void arg); ISC_LANG_ENDDECLS #endif /* ISCCC_SYMTAB_H / ��isccc/symtype.h��0000644��00000002655�15125204630�0007521 0��ustar�00��/ * Portions Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. * * Portions Copyright (C) 2001 Nominum, Inc. * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NOMINUM DISCLAIMS ALL * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. / #ifndef ISCCC_SYMTYPE_H #define ISCCC_SYMTYPE_H 1 /! \file isccc/symtype.h / #define ISCCC_SYMTYPE_ZONESTATS 0x0001 #define ISCCC_SYMTYPE_CCDUP 0x0002 #define ISCCC_SYMTYPE_TELLSERVICE 0x0003 #define ISCCC_SYMTYPE_TELLRESPONSE 0x0004 #endif / ISCCC_SYMTYPE_H / ��isccc/ccmsg.h��0000644��00000007051�15125204630�0007076 0��ustar�00��/ * Portions Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. * * Portions Copyright (C) 2001 Nominum, Inc. * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NOMINUM DISCLAIMS ALL * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. / #ifndef ISCCC_CCMSG_H #define ISCCC_CCMSG_H 1 /! \file isccc/ccmsg.h / #include <inttypes.h> #include <isc/buffer.h> #include <isc/lang.h> #include <isc/socket.h> /% ISCCC Message Structure / typedef struct isccc_ccmsg { / private (don't touch!) / unsigned int magic; uint32_t size; isc_buffer_t buffer; unsigned int maxsize; isc_mem_t mctx; isc_socket_t sock; isc_task_t task; isc_taskaction_t action; void arg; isc_event_t event; / public (read-only) / isc_result_t result; isc_sockaddr_t address; } isccc_ccmsg_t; ISC_LANG_BEGINDECLS void isccc_ccmsg_init(isc_mem_t mctx, isc_socket_t sock, isccc_ccmsg_t ccmsg); /% Associate a cc message state with a given memory context and * TCP socket. * * Requires: * \li "mctx" and "sock" be non-NULL and valid types. \li "sock" be a read/write TCP socket. \li "ccmsg" be non-NULL and an uninitialized or invalidated structure. * Ensures: * \li "ccmsg" is a valid structure. / void isccc_ccmsg_setmaxsize(isccc_ccmsg_t ccmsg, unsigned int maxsize); /% * Set the maximum packet size to "maxsize" * * Requires: * \li "ccmsg" be valid. \li 512 <= "maxsize" <= 4294967296 / isc_result_t isccc_ccmsg_readmessage(isccc_ccmsg_t ccmsg, isc_task_t task, isc_taskaction_t action, void arg); /% * Schedule an event to be delivered when a command channel message is * readable, or when an error occurs on the socket. * * Requires: * \li "ccmsg" be valid. \li "task", "taskaction", and "arg" be valid. * Returns: * \li #ISC_R_SUCCESS -- no error \li Anything that the isc_socket_recv() call can return. XXXMLG * * Notes: * \li The event delivered is a fully generic event. It will contain no actual data. The sender will be a pointer to the isccc_ccmsg_t. * The result code inside that structure should be checked to see * what the final result was. / void isccc_ccmsg_cancelread(isccc_ccmsg_t ccmsg); /% Cancel a readmessage() call. The event will still be posted with a * CANCELED result code. * * Requires: * \li "ccmsg" be valid. / void isccc_ccmsg_invalidate(isccc_ccmsg_t ccmsg); /% * Clean up all allocated state, and invalidate the structure. * * Requires: * \li "ccmsg" be valid. * Ensures: * \li "ccmsg" is invalidated and disassociated with all memory contexts, sockets, etc. / ISC_LANG_ENDDECLS #endif / ISCCC_CCMSG_H / ��isccc/types.h��0000644��00000003320�15125204630�0007141 0��ustar�00��/ * Portions Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. * * Portions Copyright (C) 2001 Nominum, Inc. * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NOMINUM DISCLAIMS ALL * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. / #ifndef ISCCC_TYPES_H #define ISCCC_TYPES_H 1 /! \file isccc/types.h / #include <inttypes.h> #include <isc/result.h> /% isccc_time_t typedef / typedef uint32_t isccc_time_t; /% isccc_sexpr_t typedef / typedef struct isccc_sexpr isccc_sexpr_t; /% isccc_dottedpair_t typedef / typedef struct isccc_dottedpair isccc_dottedpair_t; /% isccc_symtab_t typedef / typedef struct isccc_symtab isccc_symtab_t; /% iscc region structure / typedef struct isccc_region { unsigned char rstart; unsigned char rend; } isccc_region_t; #endif / ISCCC_TYPES_H / ��isccc/version.h��0000644��00000000771�15125204630�0007471 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! \file isccc/version.h / #include <isc/platform.h> LIBISCCC_EXTERNAL_DATA extern const char isccc_version[]; ��isccc/events.h��0000644��00000002775�15125204630�0007316 0��ustar�00��/ * Portions Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. * * Portions Copyright (C) 2001 Nominum, Inc. * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NOMINUM DISCLAIMS ALL * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. / #ifndef ISCCC_EVENTS_H #define ISCCC_EVENTS_H 1 /! \file isccc/events.h / #include <isc/eventclass.h> /% * Registry of ISCCC event numbers. / #define ISCCC_EVENT_CCMSG (ISC_EVENTCLASS_ISCCC + 0) #define ISCCC_EVENT_FIRSTEVENT (ISC_EVENTCLASS_ISCCC + 0) #define ISCCC_EVENT_LASTEVENT (ISC_EVENTCLASS_ISCCC + 65535) #endif / ISCCC_EVENTS_H / ��isccc/util.h��0000644��00000015524�15125204630�0006763 0��ustar�00��/ * Portions Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. * * Portions Copyright (C) 2001 Nominum, Inc. * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NOMINUM DISCLAIMS ALL * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. / #ifndef ISCCC_UTIL_H #define ISCCC_UTIL_H 1 #include <inttypes.h> #include <isc/util.h> /! \file isccc/util.h * \brief * Macros for dealing with unaligned numbers. * * \note no side effects are allowed when invoking these macros! / #define GET8(v, w) \ do { \ v = w; \ w++; \ } while (0) #define GET16(v, w) \ do { \ v = (unsigned int)w[0] << 8; \ v \|= (unsigned int)w[1]; \ w += 2; \ } while (0) #define GET24(v, w) \ do { \ v = (unsigned int)w[0] << 16; \ v \|= (unsigned int)w[1] << 8; \ v \|= (unsigned int)w[2]; \ w += 3; \ } while (0) #define GET32(v, w) \ do { \ v = (unsigned int)w[0] << 24; \ v \|= (unsigned int)w[1] << 16; \ v \|= (unsigned int)w[2] << 8; \ v \|= (unsigned int)w[3]; \ w += 4; \ } while (0) #define GET64(v, w) \ do { \ v = (uint64_t)w[0] << 56; \ v \|= (uint64_t)w[1] << 48; \ v \|= (uint64_t)w[2] << 40; \ v \|= (uint64_t)w[3] << 32; \ v \|= (uint64_t)w[4] << 24; \ v \|= (uint64_t)w[5] << 16; \ v \|= (uint64_t)w[6] << 8; \ v \|= (uint64_t)w[7]; \ w += 8; \ } while (0) #define GETC16(v, w, d) \ do { \ GET8(v, w); \ if (v == 0) { \ d = ISCCC_TRUE; \ } else { \ d = ISCCC_FALSE; \ if (v == 255) \ GET16(v, w); \ } \ } while (0) #define GETC32(v, w) \ do { \ GET24(v, w); \ if (v == 0xffffffu) { \ GET32(v, w); \ } \ } while (0) #define GET_OFFSET(v, w) GET32(v, w) #define GET_MEM(v, c, w) \ do { \ memmove(v, w, c); \ w += c; \ } while (0) #define GET_TYPE(v, w) \ do { \ GET8(v, w); \ if (v > 127) { \ if (v < 255) { \ v = ((v & 0x7f) << 16) \| ISCCC_RDATATYPE_SIG; \ } else { \ GET32(v, w); \ } \ } \ } while (0) #define PUT8(v, w) \ do { \ w = (v & 0x000000ffU); \ w++; \ } while (0) #define PUT16(v, w) \ do { \ w[0] = (v & 0x0000ff00U) >> 8; \ w[1] = (v & 0x000000ffU); \ w += 2; \ } while (0) #define PUT24(v, w) \ do { \ w[0] = (v & 0x00ff0000U) >> 16; \ w[1] = (v & 0x0000ff00U) >> 8; \ w[2] = (v & 0x000000ffU); \ w += 3; \ } while (0) #define PUT32(v, w) \ do { \ w[0] = (v & 0xff000000U) >> 24; \ w[1] = (v & 0x00ff0000U) >> 16; \ w[2] = (v & 0x0000ff00U) >> 8; \ w[3] = (v & 0x000000ffU); \ w += 4; \ } while (0) #define PUT64(v, w) \ do { \ w[0] = (v & 0xff00000000000000ULL) >> 56; \ w[1] = (v & 0x00ff000000000000ULL) >> 48; \ w[2] = (v & 0x0000ff0000000000ULL) >> 40; \ w[3] = (v & 0x000000ff00000000ULL) >> 32; \ w[4] = (v & 0x00000000ff000000ULL) >> 24; \ w[5] = (v & 0x0000000000ff0000ULL) >> 16; \ w[6] = (v & 0x000000000000ff00ULL) >> 8; \ w[7] = (v & 0x00000000000000ffULL); \ w += 8; \ } while (0) #define PUTC16(v, w) \ do { \ if (v > 0 && v < 255) { \ PUT8(v, w); \ } else { \ PUT8(255, w); \ PUT16(v, w); \ } \ } while (0) #define PUTC32(v, w) \ do { \ if (v < 0xffffffU) { \ PUT24(v, w); \ } else { \ PUT24(0xffffffU, w); \ PUT32(v, w); \ } \ } while (0) #define PUT_OFFSET(v, w) PUT32(v, w) #include <string.h> #define PUT_MEM(s, c, w) \ do { \ memmove(w, s, c); \ w += c; \ } while (0) / * Regions. / #define REGION_SIZE(r) ((unsigned int)((r).rend - (r).rstart)) #define REGION_EMPTY(r) ((r).rstart == (r).rend) #define REGION_FROMSTRING(r, s) \ do { \ (r).rstart = (unsigned char )s; \ (r).rend = (r).rstart + strlen(s); \ } while (0) /% Use this to remove the const qualifier of a variable to assign it to * a non-const variable or pass it as a non-const function argument ... * but only when you are sure it won't then be changed! * This is necessary to sometimes shut up some compilers * (as with gcc -Wcast-qual) when there is just no other good way to avoid the * situation. / #define DE_CONST(konst, var) \ do { \ union { \ const void k; \ void v; \ } _u; \ _u.k = konst; \ var = _u.v; \ } while (0) #endif / ISCCC_UTIL_H / ��dns/rootns.h��0000644��00000001573�15125204631�0007032 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_ROOTNS_H #define DNS_ROOTNS_H 1 /! \file dns/rootns.h / #include <isc/lang.h> #include <dns/types.h> ISC_LANG_BEGINDECLS isc_result_t dns_rootns_create(isc_mem_t mctx, dns_rdataclass_t rdclass, const char filename, dns_db_t target); void dns_root_checkhints(dns_view_t view, dns_db_t hints, dns_db_t db); /* * Reports differences between hints and the real roots. * * Requires view, hints and (cache) db to be valid. / ISC_LANG_ENDDECLS #endif / DNS_ROOTNS_H / ��dns/private.h��0000644��00000003652�15125204631�0007160 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #include <stdbool.h> #include <isc/lang.h> #include <isc/types.h> #include <dns/db.h> #include <dns/types.h> #ifndef DNS_PRIVATE_H #define DNS_PRIVATE_H ISC_LANG_BEGINDECLS isc_result_t dns_private_chains(dns_db_t db, dns_dbversion_t ver, dns_rdatatype_t privatetype, bool build_nsec, bool build_nsec3); /%< * Examine the NSEC, NSEC3PARAM and privatetype RRsets at the apex of the * database to determine which of NSEC or NSEC3 chains we are currently * maintaining. In normal operations only one of NSEC or NSEC3 is being * maintained but when we are transitiong between NSEC and NSEC3 we need * to update both sets of chains. If 'privatetype' is zero then the * privatetype RRset will not be examined. * * Requires: * \li 'db' is valid. * \li 'version' is valid or NULL. * \li 'build_nsec' is a pointer to a bool or NULL. * \li 'build_nsec3' is a pointer to a bool or NULL. * * Returns: * \li ISC_R_SUCCESS, 'build_nsec' and 'build_nsec3' will be valid. * \li other on error / isc_result_t dns_private_totext(dns_rdata_t privaterdata, isc_buffer_t buffer); /%< * Convert a private-type RR 'privaterdata' to human-readable form, * and place the result in 'buffer'. The text should indicate * which action the private-type record specifies and whether the * action has been completed. * * Requires: * \li 'privaterdata' is a valid rdata containing at least five bytes * \li 'buffer' is a valid buffer * * Returns: * \li ISC_R_SUCCESS * \li other on error / ISC_LANG_ENDDECLS #endif / ifndef DNS_PRIVATE_H / ��dns/update.h��0000644��00000003724�15125204631�0006770 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_UPDATE_H #define DNS_UPDATE_H 1 /! \file dns/update.h / / * Imports **/ #include <inttypes.h> #include <isc/lang.h> #include <dns/diff.h> #include <dns/types.h> typedef struct { void (func)(void arg, dns_zone_t zone, int level, const char message); void arg; } dns_update_log_t; ISC_LANG_BEGINDECLS /* * Functions **/ uint32_t dns_update_soaserial(uint32_t serial, dns_updatemethod_t method, dns_updatemethod_t used); /%< Return the next serial number after 'serial', depending on the * update method 'method': * \li dns_updatemethod_increment increments the serial number by one \li dns_updatemethod_date sets the serial number to YYYYMMDD00 \li dns_updatemethod_unixtime sets the serial number to the current * time (seconds since UNIX epoch) \li dns_updatemethod_none just returns the given serial * * NOTE: The dns_updatemethod_increment will be used if dns_updatemethod_date or * dns_updatemethod_unixtime is used and the new serial number would be lower * than current serial number. * * Sets used to the method that was used. / isc_result_t dns_update_signatures(dns_update_log_t log, dns_zone_t zone, dns_db_t db, dns_dbversion_t oldver, dns_dbversion_t newver, dns_diff_t diff, uint32_t sigvalidityinterval); isc_result_t dns_update_signaturesinc(dns_update_log_t log, dns_zone_t zone, dns_db_t db, dns_dbversion_t oldver, dns_dbversion_t newver, dns_diff_t diff, uint32_t sigvalidityinterval, dns_update_state_t *state); ISC_LANG_ENDDECLS #endif / DNS_UPDATE_H / ��dns/result.h��0000644��00000021754�15125204631�0007027 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_RESULT_H #define DNS_RESULT_H 1 /! \file dns/result.h / #include <isc/lang.h> #include <isc/resultclass.h> #include <dns/types.h> / * Nothing in this file truly depends on <isc/result.h>, but the * DNS result codes are considered to be publicly derived from * the ISC result codes, so including this file buys you the ISC_R_ * namespace too. / #include <isc/result.h> / Contractual promise. / / * DNS library result codes / #define DNS_R_LABELTOOLONG (ISC_RESULTCLASS_DNS + 0) #define DNS_R_BADESCAPE (ISC_RESULTCLASS_DNS + 1) / * Since we dropped the support of bitstring labels, deprecate the related * result codes too. * #define DNS_R_BADBITSTRING (ISC_RESULTCLASS_DNS + 2) #define DNS_R_BITSTRINGTOOLONG (ISC_RESULTCLASS_DNS + 3) / #define DNS_R_EMPTYLABEL (ISC_RESULTCLASS_DNS + 4) #define DNS_R_BADDOTTEDQUAD (ISC_RESULTCLASS_DNS + 5) #define DNS_R_INVALIDNS (ISC_RESULTCLASS_DNS + 6) #define DNS_R_UNKNOWN (ISC_RESULTCLASS_DNS + 7) #define DNS_R_BADLABELTYPE (ISC_RESULTCLASS_DNS + 8) #define DNS_R_BADPOINTER (ISC_RESULTCLASS_DNS + 9) #define DNS_R_TOOMANYHOPS (ISC_RESULTCLASS_DNS + 10) #define DNS_R_DISALLOWED (ISC_RESULTCLASS_DNS + 11) #define DNS_R_EXTRATOKEN (ISC_RESULTCLASS_DNS + 12) #define DNS_R_EXTRADATA (ISC_RESULTCLASS_DNS + 13) #define DNS_R_TEXTTOOLONG (ISC_RESULTCLASS_DNS + 14) #define DNS_R_NOTZONETOP (ISC_RESULTCLASS_DNS + 15) #define DNS_R_SYNTAX (ISC_RESULTCLASS_DNS + 16) #define DNS_R_BADCKSUM (ISC_RESULTCLASS_DNS + 17) #define DNS_R_BADAAAA (ISC_RESULTCLASS_DNS + 18) #define DNS_R_NOOWNER (ISC_RESULTCLASS_DNS + 19) #define DNS_R_NOTTL (ISC_RESULTCLASS_DNS + 20) #define DNS_R_BADCLASS (ISC_RESULTCLASS_DNS + 21) #define DNS_R_NAMETOOLONG (ISC_RESULTCLASS_DNS + 22) #define DNS_R_PARTIALMATCH (ISC_RESULTCLASS_DNS + 23) #define DNS_R_NEWORIGIN (ISC_RESULTCLASS_DNS + 24) #define DNS_R_UNCHANGED (ISC_RESULTCLASS_DNS + 25) #define DNS_R_BADTTL (ISC_RESULTCLASS_DNS + 26) #define DNS_R_NOREDATA (ISC_RESULTCLASS_DNS + 27) #define DNS_R_CONTINUE (ISC_RESULTCLASS_DNS + 28) #define DNS_R_DELEGATION (ISC_RESULTCLASS_DNS + 29) #define DNS_R_GLUE (ISC_RESULTCLASS_DNS + 30) #define DNS_R_DNAME (ISC_RESULTCLASS_DNS + 31) #define DNS_R_CNAME (ISC_RESULTCLASS_DNS + 32) #define DNS_R_BADDB (ISC_RESULTCLASS_DNS + 33) #define DNS_R_ZONECUT (ISC_RESULTCLASS_DNS + 34) #define DNS_R_BADZONE (ISC_RESULTCLASS_DNS + 35) #define DNS_R_MOREDATA (ISC_RESULTCLASS_DNS + 36) #define DNS_R_UPTODATE (ISC_RESULTCLASS_DNS + 37) #define DNS_R_TSIGVERIFYFAILURE (ISC_RESULTCLASS_DNS + 38) #define DNS_R_TSIGERRORSET (ISC_RESULTCLASS_DNS + 39) #define DNS_R_SIGINVALID (ISC_RESULTCLASS_DNS + 40) #define DNS_R_SIGEXPIRED (ISC_RESULTCLASS_DNS + 41) #define DNS_R_SIGFUTURE (ISC_RESULTCLASS_DNS + 42) #define DNS_R_KEYUNAUTHORIZED (ISC_RESULTCLASS_DNS + 43) #define DNS_R_INVALIDTIME (ISC_RESULTCLASS_DNS + 44) #define DNS_R_EXPECTEDTSIG (ISC_RESULTCLASS_DNS + 45) #define DNS_R_UNEXPECTEDTSIG (ISC_RESULTCLASS_DNS + 46) #define DNS_R_INVALIDTKEY (ISC_RESULTCLASS_DNS + 47) #define DNS_R_HINT (ISC_RESULTCLASS_DNS + 48) #define DNS_R_DROP (ISC_RESULTCLASS_DNS + 49) #define DNS_R_NOTLOADED (ISC_RESULTCLASS_DNS + 50) #define DNS_R_NCACHENXDOMAIN (ISC_RESULTCLASS_DNS + 51) #define DNS_R_NCACHENXRRSET (ISC_RESULTCLASS_DNS + 52) #define DNS_R_WAIT (ISC_RESULTCLASS_DNS + 53) #define DNS_R_NOTVERIFIEDYET (ISC_RESULTCLASS_DNS + 54) #define DNS_R_NOIDENTITY (ISC_RESULTCLASS_DNS + 55) #define DNS_R_NOJOURNAL (ISC_RESULTCLASS_DNS + 56) #define DNS_R_ALIAS (ISC_RESULTCLASS_DNS + 57) #define DNS_R_USETCP (ISC_RESULTCLASS_DNS + 58) #define DNS_R_NOVALIDSIG (ISC_RESULTCLASS_DNS + 59) #define DNS_R_NOVALIDNSEC (ISC_RESULTCLASS_DNS + 60) #define DNS_R_NOTINSECURE (ISC_RESULTCLASS_DNS + 61) #define DNS_R_UNKNOWNSERVICE (ISC_RESULTCLASS_DNS + 62) #define DNS_R_RECOVERABLE (ISC_RESULTCLASS_DNS + 63) #define DNS_R_UNKNOWNOPT (ISC_RESULTCLASS_DNS + 64) #define DNS_R_UNEXPECTEDID (ISC_RESULTCLASS_DNS + 65) #define DNS_R_SEENINCLUDE (ISC_RESULTCLASS_DNS + 66) #define DNS_R_NOTEXACT (ISC_RESULTCLASS_DNS + 67) #define DNS_R_BLACKHOLED (ISC_RESULTCLASS_DNS + 68) #define DNS_R_BADALG (ISC_RESULTCLASS_DNS + 69) #define DNS_R_METATYPE (ISC_RESULTCLASS_DNS + 70) #define DNS_R_CNAMEANDOTHER (ISC_RESULTCLASS_DNS + 71) #define DNS_R_SINGLETON (ISC_RESULTCLASS_DNS + 72) #define DNS_R_HINTNXRRSET (ISC_RESULTCLASS_DNS + 73) #define DNS_R_NOMASTERFILE (ISC_RESULTCLASS_DNS + 74) #define DNS_R_UNKNOWNPROTO (ISC_RESULTCLASS_DNS + 75) #define DNS_R_CLOCKSKEW (ISC_RESULTCLASS_DNS + 76) #define DNS_R_BADIXFR (ISC_RESULTCLASS_DNS + 77) #define DNS_R_NOTAUTHORITATIVE (ISC_RESULTCLASS_DNS + 78) #define DNS_R_NOVALIDKEY (ISC_RESULTCLASS_DNS + 79) #define DNS_R_OBSOLETE (ISC_RESULTCLASS_DNS + 80) #define DNS_R_FROZEN (ISC_RESULTCLASS_DNS + 81) #define DNS_R_UNKNOWNFLAG (ISC_RESULTCLASS_DNS + 82) #define DNS_R_EXPECTEDRESPONSE (ISC_RESULTCLASS_DNS + 83) #define DNS_R_NOVALIDDS (ISC_RESULTCLASS_DNS + 84) #define DNS_R_NSISADDRESS (ISC_RESULTCLASS_DNS + 85) #define DNS_R_REMOTEFORMERR (ISC_RESULTCLASS_DNS + 86) #define DNS_R_TRUNCATEDTCP (ISC_RESULTCLASS_DNS + 87) #define DNS_R_LAME (ISC_RESULTCLASS_DNS + 88) #define DNS_R_UNEXPECTEDRCODE (ISC_RESULTCLASS_DNS + 89) #define DNS_R_UNEXPECTEDOPCODE (ISC_RESULTCLASS_DNS + 90) #define DNS_R_CHASEDSSERVERS (ISC_RESULTCLASS_DNS + 91) #define DNS_R_EMPTYNAME (ISC_RESULTCLASS_DNS + 92) #define DNS_R_EMPTYWILD (ISC_RESULTCLASS_DNS + 93) #define DNS_R_BADBITMAP (ISC_RESULTCLASS_DNS + 94) #define DNS_R_FROMWILDCARD (ISC_RESULTCLASS_DNS + 95) #define DNS_R_BADOWNERNAME (ISC_RESULTCLASS_DNS + 96) #define DNS_R_BADNAME (ISC_RESULTCLASS_DNS + 97) #define DNS_R_DYNAMIC (ISC_RESULTCLASS_DNS + 98) #define DNS_R_UNKNOWNCOMMAND (ISC_RESULTCLASS_DNS + 99) #define DNS_R_MUSTBESECURE (ISC_RESULTCLASS_DNS + 100) #define DNS_R_COVERINGNSEC (ISC_RESULTCLASS_DNS + 101) #define DNS_R_MXISADDRESS (ISC_RESULTCLASS_DNS + 102) #define DNS_R_DUPLICATE (ISC_RESULTCLASS_DNS + 103) #define DNS_R_INVALIDNSEC3 (ISC_RESULTCLASS_DNS + 104) #define DNS_R_NOTMASTER (ISC_RESULTCLASS_DNS + 105) #define DNS_R_BROKENCHAIN (ISC_RESULTCLASS_DNS + 106) #define DNS_R_EXPIRED (ISC_RESULTCLASS_DNS + 107) #define DNS_R_NOTDYNAMIC (ISC_RESULTCLASS_DNS + 108) #define DNS_R_BADEUI (ISC_RESULTCLASS_DNS + 109) #define DNS_R_NTACOVERED (ISC_RESULTCLASS_DNS + 110) #define DNS_R_BADCDS (ISC_RESULTCLASS_DNS + 111) #define DNS_R_BADCDNSKEY (ISC_RESULTCLASS_DNS + 112) #define DNS_R_OPTERR (ISC_RESULTCLASS_DNS + 113) #define DNS_R_BADDNSTAP (ISC_RESULTCLASS_DNS + 114) #define DNS_R_BADTSIG (ISC_RESULTCLASS_DNS + 115) #define DNS_R_BADSIG0 (ISC_RESULTCLASS_DNS + 116) #define DNS_R_TOOMANYRECORDS (ISC_RESULTCLASS_DNS + 117) #define DNS_R_VERIFYFAILURE (ISC_RESULTCLASS_DNS + 118) #define DNS_R_ATZONETOP (ISC_RESULTCLASS_DNS + 119) #define DNS_R_NOKEYMATCH (ISC_RESULTCLASS_DNS + 120) #define DNS_R_TOOMANYKEYS (ISC_RESULTCLASS_DNS + 121) #define DNS_R_KEYNOTACTIVE (ISC_RESULTCLASS_DNS + 122) #define DNS_R_NSEC3ITERRANGE (ISC_RESULTCLASS_DNS + 123) #define DNS_R_NSEC3SALTRANGE (ISC_RESULTCLASS_DNS + 124) #define DNS_R_NSEC3BADALG (ISC_RESULTCLASS_DNS + 125) #define DNS_R_NSEC3RESALT (ISC_RESULTCLASS_DNS + 126) #define DNS_R_INCONSISTENTRR (ISC_RESULTCLASS_DNS + 127) #define DNS_R_NRESULTS 128 /%< Number of results / / * DNS wire format rcodes. * * By making these their own class we can easily convert them into the * wire-format rcode value simply by masking off the resultclass. / #define DNS_R_NOERROR (ISC_RESULTCLASS_DNSRCODE + 0) #define DNS_R_FORMERR (ISC_RESULTCLASS_DNSRCODE + 1) #define DNS_R_SERVFAIL (ISC_RESULTCLASS_DNSRCODE + 2) #define DNS_R_NXDOMAIN (ISC_RESULTCLASS_DNSRCODE + 3) #define DNS_R_NOTIMP (ISC_RESULTCLASS_DNSRCODE + 4) #define DNS_R_REFUSED (ISC_RESULTCLASS_DNSRCODE + 5) #define DNS_R_YXDOMAIN (ISC_RESULTCLASS_DNSRCODE + 6) #define DNS_R_YXRRSET (ISC_RESULTCLASS_DNSRCODE + 7) #define DNS_R_NXRRSET (ISC_RESULTCLASS_DNSRCODE + 8) #define DNS_R_NOTAUTH (ISC_RESULTCLASS_DNSRCODE + 9) #define DNS_R_NOTZONE (ISC_RESULTCLASS_DNSRCODE + 10) #define DNS_R_RCODE11 (ISC_RESULTCLASS_DNSRCODE + 11) #define DNS_R_RCODE12 (ISC_RESULTCLASS_DNSRCODE + 12) #define DNS_R_RCODE13 (ISC_RESULTCLASS_DNSRCODE + 13) #define DNS_R_RCODE14 (ISC_RESULTCLASS_DNSRCODE + 14) #define DNS_R_RCODE15 (ISC_RESULTCLASS_DNSRCODE + 15) #define DNS_R_BADVERS (ISC_RESULTCLASS_DNSRCODE + 16) #define DNS_R_NRCODERESULTS 17 /%< Number of rcode results / #define DNS_RESULT_ISRCODE(result) \ (ISC_RESULTCLASS_INCLASS(ISC_RESULTCLASS_DNSRCODE, (result))) ISC_LANG_BEGINDECLS const char dns_result_totext(isc_result_t); void dns_result_register(void); dns_rcode_t dns_result_torcode(isc_result_t result); ISC_LANG_ENDDECLS #endif /* DNS_RESULT_H / ��dns/catz.h��0000644��00000027151�15125204631�0006447 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_CATZ_H #define DNS_CATZ_H 1 #include <inttypes.h> #include <stdbool.h> #include <isc/ht.h> #include <isc/lang.h> #include <isc/refcount.h> #include <isc/rwlock.h> #include <isc/time.h> #include <isc/timer.h> #include <dns/db.h> #include <dns/fixedname.h> #include <dns/ipkeylist.h> #include <dns/rdata.h> #include <dns/types.h> ISC_LANG_BEGINDECLS #define DNS_CATZ_ERROR_LEVEL ISC_LOG_WARNING #define DNS_CATZ_INFO_LEVEL ISC_LOG_INFO #define DNS_CATZ_DEBUG_LEVEL1 ISC_LOG_DEBUG(1) #define DNS_CATZ_DEBUG_LEVEL2 ISC_LOG_DEBUG(2) #define DNS_CATZ_DEBUG_LEVEL3 ISC_LOG_DEBUG(3) #define DNS_CATZ_DEBUG_QUIET (DNS_CATZ_DEBUG_LEVEL3 + 1) / * Catalog Zones functions and structures. / / * Options for a member zone in a catalog / struct dns_catz_entry_options { / * Options that can be overridden in catalog zone / / default-masters definition / dns_ipkeylist_t masters; / both as text in config format, NULL if none / isc_buffer_t allow_query; isc_buffer_t allow_transfer; / * Options that are only set in named.conf / / zone-directory definition / char zonedir; /* zone should not be stored on disk (no 'file' statement in def / bool in_memory; / * Minimal interval between catalog zone updates, if a new version * of catalog zone is received before this time the update will be * postponed. This is a global option for the whole catalog zone. / uint32_t min_update_interval; }; void dns_catz_options_init(dns_catz_options_t options); /%< Initialize 'options' to NULL values. * * Requires: * \li 'options' to be non NULL. / void dns_catz_options_free(dns_catz_options_t options, isc_mem_t mctx); /%< * Free 'options' contents into 'mctx'. ('options' itself is not freed.) * * Requires: * \li 'options' to be non NULL. * \li 'mctx' to be a valid memory context. / isc_result_t dns_catz_options_copy(isc_mem_t mctx, const dns_catz_options_t opts, dns_catz_options_t nopts); /%< Duplicate 'opts' into 'nopts', allocating space from 'mctx'. * * Requires: * \li 'mctx' to be a valid memory context. * \li 'options' to be non NULL and valid options. * \li 'nopts' to be non NULL. / isc_result_t dns_catz_options_setdefault(isc_mem_t mctx, const dns_catz_options_t defaults, dns_catz_options_t opts); /%< Replace empty values in 'opts' with values from 'defaults' * * Requires: * \li 'mctx' to be a valid memory context. * \li 'defaults' to be non NULL and valid options. * \li 'opts' to be non NULL. / dns_name_t dns_catz_entry_getname(dns_catz_entry_t entry); /%< * Get domain name for 'entry' * * Requires: * \li 'entry' to be non NULL. * * Returns: * \li domain name for entry. / isc_result_t dns_catz_entry_new(isc_mem_t mctx, const dns_name_t domain, dns_catz_entry_t nentryp); /%< * Allocate a new catz_entry on 'mctx', with the name 'domain' * * Requires: * \li 'mctx' to be a valid memory context. * \li 'domain' to be valid dns_name or NULL. * \li 'nentryp' to be non NULL, nentryp to be NULL. * Returns: * \li ISC_R_SUCCESS on success * \li ISC_R_NOMEMORY on allocation failure / isc_result_t dns_catz_entry_copy(dns_catz_zone_t zone, const dns_catz_entry_t entry, dns_catz_entry_t nentryp); /%< * Allocate a new catz_entry and deep copy 'entry' into 'nentryp'. * * Requires: * \li 'mctx' to be a valid memory context. * \li 'entry' to be non NULL. * \li 'nentryp' to be non NULL, nentryp to be NULL. * Returns: * \li ISC_R_SUCCESS on success * \li ISC_R_NOMEMORY on allocation failure / void dns_catz_entry_attach(dns_catz_entry_t entry, dns_catz_entry_t *entryp); /%< * Attach an entry * * Requires: * \li 'entry' is a valid dns_catz_entry_t. * \li 'entryp' is not NULL and 'entryp' is NULL. / void dns_catz_entry_detach(dns_catz_zone_t zone, dns_catz_entry_t entryp); /%< * Detach an entry, free if no further references * * Requires: * \li 'zone' is a valid dns_catz_zone_t. * \li 'entryp' is not NULL and 'entryp' is not NULL. / bool dns_catz_entry_validate(const dns_catz_entry_t entry); /%< * Validate whether entry is correct. * (NOT YET IMPLEMENTED: always returns true) * * Requires: \li 'entry' is a valid dns_catz_entry_t. / bool dns_catz_entry_cmp(const dns_catz_entry_t ea, const dns_catz_entry_t eb); /%< Deep compare two entries * * Requires: * \li 'ea' is a valid dns_catz_entry_t. * \li 'eb' is a valid dns_catz_entry_t. * * Returns: * \li 'true' if entries are the same. * \li 'false' if the entries differ. / void dns_catz_zone_attach(dns_catz_zone_t zone, dns_catz_zone_t *zonep); /%< * Attach a catzone * * Requires: * \li 'zone' is a valid dns_catz_zone_t. * \li 'zonep' is not NULL and 'zonep' is NULL. / void dns_catz_zone_detach(dns_catz_zone_t *zonep); /%< * Detach a zone, free if no further references * * Requires: * \li 'zonep' is not NULL and 'zonep' is not NULL. / isc_result_t dns_catz_new_zone(dns_catz_zones_t catzs, dns_catz_zone_t zonep, const dns_name_t name); /%< Allocate a new catz zone on catzs mctx * * Requires: * \li 'catzs' is a valid dns_catz_zones_t. * \li 'zonep' is not NULL and 'zonep' is NULL. \li 'name' is a valid dns_name_t. * / dns_name_t dns_catz_zone_getname(dns_catz_zone_t zone); /%< * Get catalog zone name * * Requires: * \li 'zone' is a valid dns_catz_zone_t. / dns_catz_options_t dns_catz_zone_getdefoptions(dns_catz_zone_t zone); /%< * Get default member zone options for catalog zone 'zone' * * Requires: * \li 'zone' is a valid dns_catz_zone_t. / void dns_catz_zone_resetdefoptions(dns_catz_zone_t zone); /%< Reset the default member zone options for catalog zone 'zone' to * the default values. * * Requires: * \li 'zone' is a valid dns_catz_zone_t. / isc_result_t dns_catz_zones_merge(dns_catz_zone_t target, dns_catz_zone_t newzone); /%< * Merge 'newzone' into 'target', calling addzone/delzone/modzone * (from zone->catzs->zmm) for appropriate member zones. * * Requires: * \li 'orig' is a valid dns_catz_zone_t. * \li 'newzone' is not NULL and 'newzone' is not NULL. / isc_result_t dns_catz_update_process(dns_catz_zones_t catzs, dns_catz_zone_t zone, const dns_name_t src_name, dns_rdataset_t rdataset); /%< * Process a single rdataset from a catalog zone 'zone' update, src_name is the * record name. * * Requires: * \li 'catzs' is a valid dns_catz_zones_t. * \li 'zone' is a valid dns_catz_zone_t. * \li 'src_name' is a valid dns_name_t. * \li 'rdataset' is valid rdataset. / isc_result_t dns_catz_generate_masterfilename(dns_catz_zone_t zone, dns_catz_entry_t entry, isc_buffer_t buffer); /%< * Generate master file name and put it into buffer (might be reallocated). The general format of the file name is: * __catz__catalog.zone.name__member_zone_name.db * But if it's too long it's shortened to: * __catz__unique_hash_generated_from_the_above.db * * Requires: * \li 'zone' is a valid dns_catz_zone_t. * \li 'entry' is a valid dns_catz_entry_t. * \li 'buffer' is not NULL and 'buffer' is not NULL. / isc_result_t dns_catz_generate_zonecfg(dns_catz_zone_t zone, dns_catz_entry_t entry, isc_buffer_t *buf); /%< * Generate a zone config entry (in text form) from dns_catz_entry and puts * it into buf. buf might be reallocated. * Requires: * \li 'zone' is a valid dns_catz_zone_t. * \li 'entry' is a valid dns_catz_entry_t. * \li 'buf' is not NULL and 'buf' is NULL. / / Methods provided by named to dynamically modify the member zones / / xxxwpk TODO config! / typedef isc_result_t (dns_catz_zoneop_fn_t)(dns_catz_entry_t entry, dns_catz_zone_t origin, dns_view_t view, isc_taskmgr_t taskmgr, void udata); struct dns_catz_zonemodmethods { dns_catz_zoneop_fn_t addzone; dns_catz_zoneop_fn_t modzone; dns_catz_zoneop_fn_t delzone; void udata; }; isc_result_t dns_catz_new_zones(dns_catz_zones_t *catzsp, dns_catz_zonemodmethods_t zmm, isc_mem_t mctx, isc_taskmgr_t taskmgr, isc_timermgr_t timermgr); /%< * Allocate a new catz_zones object, a collection storing all catalog zones * for a view. * * Requires: * \li 'catzsp' is not NULL and 'catzsp' is NULL. \li 'zmm' is not NULL. * / isc_result_t dns_catz_add_zone(dns_catz_zones_t catzs, const dns_name_t name, dns_catz_zone_t catzp); /%< * Allocate a new catz named 'name' and put it in 'catzs' collection. * * Requires: * \li 'catzs' is a valid dns_catz_zones_t. * \li 'name' is a valid dns_name_t. * \li 'zonep' is not NULL and zonep is NULL. / dns_catz_zone_t dns_catz_get_zone(dns_catz_zones_t catzs, const dns_name_t name); /%< Returns a zone named 'name' from collection 'catzs' * * Requires: * \li 'catzs' is a valid dns_catz_zones_t. * \li 'name' is a valid dns_name_t. / void dns_catz_catzs_attach(dns_catz_zones_t catzs, dns_catz_zones_t *catzsp); /%< * Attach 'catzs' to 'catzsp'. * * Requires: * \li 'catzs' is a valid dns_catz_zones_t. * \li 'catzsp' is not NULL and catzsp is NULL. / void dns_catz_catzs_detach(dns_catz_zones_t *catzsp); /%< * Detach 'catzsp', free if no further references. * * Requires: * \li 'catzsp' is not NULL and catzsp is not NULL. / void dns_catz_catzs_set_view(dns_catz_zones_t catzs, dns_view_t view); /%< Set a view for 'catzs'. * * Requires: * \li 'catzs' is a valid dns_catz_zones_t. * \li 'catzs->view' is NULL or 'catzs->view' == 'view'. / isc_result_t dns_catz_dbupdate_callback(dns_db_t db, void fn_arg); /%< * Callback for update of catalog zone database. * If there was no catalog zone update recently it launches an * update_taskaction immediately. * If there was an update recently it schedules update_taskaction for some time * in the future. * If there is an update scheduled it replaces old db version with a new one. * * Requires: * \li 'db' is a valid database. * \li 'fn_arg' is not NULL (casted to dns_catz_zones_t). / void dns_catz_update_taskaction(isc_task_t task, isc_event_t event); /%< Task that launches dns_catz_update_from_db. * * Requires: * \li 'event' is not NULL. / void dns_catz_update_from_db(dns_db_t db, dns_catz_zones_t catzs); /%< * Process an updated database for a catalog zone. * It creates a new catz, iterates over database to fill it with content, and * then merges new catz into old catz. * * Requires: * \li 'db' is a valid DB. * \li 'catzs' is a valid dns_catz_zones_t. * / void dns_catz_prereconfig(dns_catz_zones_t catzs); /%< Called before reconfig, clears 'active' flag on all the zones in set * * Requires: * \li 'catzs' is a valid dns_catz_zones_t. * / void dns_catz_postreconfig(dns_catz_zones_t catzs); /%< Called after reconfig, walks through all zones in set, removes those * inactive and force reload of those with changed configuration. * * Requires: * \li 'catzs' is a valid dns_catz_zones_t. / isc_result_t dns_catz_get_iterator(dns_catz_zone_t catz, isc_ht_iter_t *itp); /%< * Get the hashtable iterator on catalog zone members, point 'itp' to it. * Requires: * \li 'catzs' is a valid dns_catz_zones_t. * \li 'itp' is not NULL and 'itp' is NULL. * Returns: * \li #ISC_R_SUCCESS -- success * \li Any other value -- failure / ISC_LANG_ENDDECLS #endif / DNS_CATZ_H_ / ��dns/lookup.h��0000644��00000005551�15125204631�0007017 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_LOOKUP_H #define DNS_LOOKUP_H 1 /** * Module Info **/ /! \file dns/lookup.h * \brief * The lookup module performs simple DNS lookups. It implements * the full resolver algorithm, both looking for local data and * resolving external names as necessary. * * MP: \li The module ensures appropriate synchronization of data structures it creates and manipulates. * * Reliability: \li No anticipated impact. * Resources: \li TBS * Security: \li No anticipated impact. * Standards: \li RFCs: 1034, 1035, 2181, TBS \li Drafts: TBS / #include <isc/event.h> #include <isc/lang.h> #include <dns/types.h> ISC_LANG_BEGINDECLS /% * A 'dns_lookupevent_t' is returned when a lookup completes. * The sender field will be set to the lookup that completed. If 'result' * is ISC_R_SUCCESS, then 'names' will contain a list of names associated * with the address. The recipient of the event must not change the list * and must not refer to any of the name data after the event is freed. / typedef struct dns_lookupevent { ISC_EVENT_COMMON(struct dns_lookupevent); isc_result_t result; dns_name_t name; dns_rdataset_t rdataset; dns_rdataset_t sigrdataset; dns_db_t db; dns_dbnode_t node; } dns_lookupevent_t; isc_result_t dns_lookup_create(isc_mem_t mctx, const dns_name_t name, dns_rdatatype_t type, dns_view_t view, unsigned int options, isc_task_t task, isc_taskaction_t action, void arg, dns_lookup_t lookupp); /%< * Finds the rrsets matching 'name' and 'type'. * * Requires: * \li 'mctx' is a valid mctx. \li 'name' is a valid name. \li 'view' is a valid view which has a resolver. \li 'task' is a valid task. \li lookupp != NULL && lookupp == NULL * * Returns: * \li ISC_R_SUCCESS \li ISC_R_NOMEMORY * \li Any resolver-related error (e.g. ISC_R_SHUTTINGDOWN) may also be returned. / void dns_lookup_cancel(dns_lookup_t lookup); /%< Cancel 'lookup'. * * Notes: * \li If 'lookup' has not completed, post its LOOKUPDONE event with a result code of ISC_R_CANCELED. * * Requires: * \li 'lookup' is a valid lookup. / void dns_lookup_destroy(dns_lookup_t *lookupp); /%< * Destroy 'lookup'. * * Requires: * \li 'lookupp' is a valid lookup. * \li The caller has received the LOOKUPDONE event (either because the lookup completed or because dns_lookup_cancel() was called). * * Ensures: * \li lookupp == NULL. / ISC_LANG_ENDDECLS #endif / DNS_LOOKUP_H / ��dns/forward.h��0000644��00000005764�15125204631�0007160 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_FORWARD_H #define DNS_FORWARD_H 1 /! \file dns/forward.h / #include <isc/lang.h> #include <isc/result.h> #include <isc/sockaddr.h> #include <dns/types.h> ISC_LANG_BEGINDECLS struct dns_forwarder { isc_sockaddr_t addr; isc_dscp_t dscp; ISC_LINK(dns_forwarder_t) link; }; typedef ISC_LIST(struct dns_forwarder) dns_forwarderlist_t; struct dns_forwarders { dns_forwarderlist_t fwdrs; dns_fwdpolicy_t fwdpolicy; }; isc_result_t dns_fwdtable_create(isc_mem_t mctx, dns_fwdtable_t *fwdtablep); /%< * Creates a new forwarding table. * * Requires: * \li mctx is a valid memory context. * \li fwdtablep != NULL && fwdtablep == NULL * Returns: * \li #ISC_R_SUCCESS * \li #ISC_R_NOMEMORY / isc_result_t dns_fwdtable_addfwd(dns_fwdtable_t fwdtable, const dns_name_t name, dns_forwarderlist_t fwdrs, dns_fwdpolicy_t policy); isc_result_t dns_fwdtable_add(dns_fwdtable_t fwdtable, const dns_name_t name, isc_sockaddrlist_t addrs, dns_fwdpolicy_t policy); /%< * Adds an entry to the forwarding table. The entry associates * a domain with a list of forwarders and a forwarding policy. The * addrs/fwdrs list is copied if not empty, so the caller should free * its copy. * * Requires: * \li fwdtable is a valid forwarding table. * \li name is a valid name * \li addrs/fwdrs is a valid list of isc_sockaddr/dns_forwarder * structures, which may be empty. * * Returns: * \li #ISC_R_SUCCESS * \li #ISC_R_NOMEMORY / isc_result_t dns_fwdtable_delete(dns_fwdtable_t fwdtable, const dns_name_t name); /%< * Removes an entry for 'name' from the forwarding table. If an entry * that exactly matches 'name' does not exist, ISC_R_NOTFOUND will be returned. * * Requires: * \li fwdtable is a valid forwarding table. * \li name is a valid name * * Returns: * \li #ISC_R_SUCCESS * \li #ISC_R_NOTFOUND / isc_result_t dns_fwdtable_find(dns_fwdtable_t fwdtable, const dns_name_t name, dns_name_t foundname, dns_forwarders_t *forwardersp); /%< * Finds a domain in the forwarding table. The closest matching parent * domain is returned. * * Requires: * \li fwdtable is a valid forwarding table. * \li name is a valid name * \li forwardersp != NULL && forwardersp == NULL \li foundname to be NULL or a valid name with buffer. * * Returns: * \li #ISC_R_SUCCESS * \li #ISC_R_NOTFOUND / void dns_fwdtable_destroy(dns_fwdtable_t fwdtablep); /%< * Destroys a forwarding table. * * Requires: * \li fwtablep != NULL && fwtablep != NULL * Ensures: * \li all memory associated with the forwarding table is freed. / ISC_LANG_ENDDECLS #endif / DNS_FORWARD_H / ��dns/geoip.h��0000644��00000004444�15125204631�0006611 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_GEOIP_H #define DNS_GEOIP_H 1 /** * Module Info **/ /! \file dns/geoip.h * \brief * GeoIP/GeoIP2 data types and function prototypes. / #if defined(HAVE_GEOIP2) / * Imports */ #include <stdbool.h> #include <isc/lang.h> #include <isc/magic.h> #include <isc/netaddr.h> #include <isc/refcount.h> #include <dns/iptable.h> #include <dns/name.h> #include <dns/types.h> /* * Types / typedef enum { dns_geoip_countrycode, dns_geoip_countrycode3, dns_geoip_countryname, dns_geoip_continentcode, dns_geoip_continent, dns_geoip_region, dns_geoip_regionname, dns_geoip_country_code, dns_geoip_country_code3, dns_geoip_country_name, dns_geoip_country_continentcode, dns_geoip_country_continent, dns_geoip_region_countrycode, dns_geoip_region_code, dns_geoip_region_name, dns_geoip_city_countrycode, dns_geoip_city_countrycode3, dns_geoip_city_countryname, dns_geoip_city_region, dns_geoip_city_regionname, dns_geoip_city_name, dns_geoip_city_postalcode, dns_geoip_city_metrocode, dns_geoip_city_areacode, dns_geoip_city_continentcode, dns_geoip_city_continent, dns_geoip_city_timezonecode, dns_geoip_isp_name, dns_geoip_org_name, dns_geoip_as_asnum, dns_geoip_domain_name, dns_geoip_netspeed_id } dns_geoip_subtype_t; typedef struct dns_geoip_elem { dns_geoip_subtype_t subtype; void db; union { char as_string[256]; int as_int; }; } dns_geoip_elem_t; struct dns_geoip_databases { void country; / GeoIP2-Country or GeoLite2-Country / void city; /* GeoIP2-CIty or GeoLite2-City / void domain; /* GeoIP2-Domain / void isp; /* GeoIP2-ISP / void as; /* GeoIP2-ASN or GeoLite2-ASN / }; / * Functions **/ ISC_LANG_BEGINDECLS bool dns_geoip_match(const isc_netaddr_t reqaddr, const dns_geoip_databases_t geoip, const dns_geoip_elem_t elt); ISC_LANG_ENDDECLS #endif /* HAVE_GEOIP2 / #endif / DNS_GEOIP_H / ��dns/dnsrps.h��0000644��00000005014�15125204631�0007011 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_DNSRPS_H #define DNS_DNSRPS_H #include <inttypes.h> #include <stdbool.h> #include <isc/lang.h> #include <dns/types.h> #ifdef USE_DNSRPS #include <dns/librpz.h> #include <dns/rpz.h> / * Error message if dlopen(librpz) failed. / extern librpz_emsg_t librpz_lib_open_emsg; / * These shim BIND9 database, node, and rdataset are handles on RRs from librpz. * * All of these structures are used by a single thread and so need no locks. * * rpsdb_t holds the state for a set of RPZ queries. * * rpsnode_t is a link to the rpsdb_t for the set of RPZ queries * and a flag saying whether it is pretending to be a node with RRs for * the qname or the node with the SOA for the zone containing the rewritten * RRs or justifying NXDOMAIN. / typedef struct { uint8_t unused; } rpsnode_t; typedef struct rpsdb { dns_db_t common; int ref_cnt; librpz_result_id_t hit_id; librpz_result_t result; librpz_rsp_t rsp; librpz_domain_buf_t origin_buf; const dns_name_t qname; rpsnode_t origin_node; rpsnode_t data_node; } rpsdb_t; / * Convert a dnsrps policy to a classic BIND9 RPZ policy. / dns_rpz_policy_t dns_dnsrps_2policy(librpz_policy_t rps_policy); / * Convert a dnsrps trigger to a classic BIND9 RPZ rewrite or trigger type. / dns_rpz_type_t dns_dnsrps_trig2type(librpz_trig_t trig); / * Convert a classic BIND9 RPZ rewrite or trigger type to a librpz trigger type. / librpz_trig_t dns_dnsrps_type2trig(dns_rpz_type_t type); / * Start dnsrps for the entire server. / isc_result_t dns_dnsrps_server_create(void); / * Stop dnsrps for the entire server. / void dns_dnsrps_server_destroy(void); / * Ready dnsrps for a view. / isc_result_t dns_dnsrps_view_init(dns_rpz_zones_t new, char rps_cstr); / * Connect to and start the dnsrps daemon, dnsrpzd. / isc_result_t dns_dnsrps_connect(dns_rpz_zones_t rpzs); /* * Get ready to try dnsrps rewriting. / isc_result_t dns_dnsrps_rewrite_init(librpz_emsg_t emsg, dns_rpz_st_t st, dns_rpz_zones_t rpzs, const dns_name_t qname, isc_mem_t mctx, bool have_rd); #endif /* USE_DNSRPS / ISC_LANG_ENDDECLS #endif / DNS_DNSRPS_H / ��dns/request.h��0000644��00000021743�15125204631�0007177 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_REQUEST_H #define DNS_REQUEST_H 1 /** * Module Info **/ /! \file dns/request.h * * \brief * The request module provides simple request/response services useful for * sending SOA queries, DNS Notify messages, and dynamic update requests. * * MP: \li The module ensures appropriate synchronization of data structures it creates and manipulates. * * Resources: \li TBS * Security: \li No anticipated impact. / #include <stdbool.h> #include <isc/event.h> #include <isc/lang.h> #include <dns/types.h> #define DNS_REQUESTOPT_TCP 0x00000001U #define DNS_REQUESTOPT_CASE 0x00000002U #define DNS_REQUESTOPT_FIXEDID 0x00000004U #define DNS_REQUESTOPT_SHARE 0x00000008U typedef struct dns_requestevent { ISC_EVENT_COMMON(struct dns_requestevent); isc_result_t result; dns_request_t request; } dns_requestevent_t; ISC_LANG_BEGINDECLS isc_result_t dns_requestmgr_create(isc_mem_t mctx, isc_timermgr_t timermgr, isc_socketmgr_t socketmgr, isc_taskmgr_t taskmgr, dns_dispatchmgr_t dispatchmgr, dns_dispatch_t dispatchv4, dns_dispatch_t dispatchv6, dns_requestmgr_t *requestmgrp); /%< * Create a request manager. * * Requires: * \li 'mctx' is a valid memory context. \li 'timermgr' is a valid timer manager. \li 'socketmgr' is a valid socket manager. \li 'taskmgr' is a valid task manager. \li 'dispatchv4' is a valid dispatcher with an IPv4 UDP socket, or is NULL. \li 'dispatchv6' is a valid dispatcher with an IPv6 UDP socket, or is NULL. \li requestmgrp != NULL && requestmgrp == NULL * * Ensures: * \li On success, requestmgrp is a valid request manager. * * Returns: * \li ISC_R_SUCCESS \li Any other result indicates failure. / void dns_requestmgr_whenshutdown(dns_requestmgr_t requestmgr, isc_task_t task, isc_event_t *eventp); /%< * Send 'eventp' to 'task' when 'requestmgr' has completed shutdown. * Notes: * \li It is not safe to detach the last reference to 'requestmgr' until shutdown is complete. * * Requires: * \li 'requestmgr' is a valid request manager. \li 'task' is a valid task. \li eventp is a valid event. * * Ensures: * \li eventp == NULL. / void dns_requestmgr_shutdown(dns_requestmgr_t requestmgr); /%< Start the shutdown process for 'requestmgr'. * * Notes: * \li This call has no effect if the request manager is already shutting down. * * Requires: * \li 'requestmgr' is a valid requestmgr. / void dns_requestmgr_attach(dns_requestmgr_t source, dns_requestmgr_t targetp); /%< * Attach to the request manager. dns_requestmgr_shutdown() must not * have been called on 'source' prior to calling dns_requestmgr_attach(). * * Requires: * \li 'source' is a valid requestmgr. \li 'targetp' to be non NULL and 'targetp' to be NULL. / void dns_requestmgr_detach(dns_requestmgr_t requestmgrp); /%< * Detach from the given requestmgr. If this is the final detach * requestmgr will be destroyed. dns_requestmgr_shutdown() must * be called before the final detach. * * Requires: * \li 'requestmgrp' is a valid requestmgr. * * Ensures: \li 'requestmgrp' is NULL. / isc_result_t dns_request_create(dns_requestmgr_t requestmgr, dns_message_t message, const isc_sockaddr_t address, unsigned int options, dns_tsigkey_t key, unsigned int timeout, isc_task_t task, isc_taskaction_t action, void arg, dns_request_t requestp); /%< * Create and send a request. * * Notes: * \li 'message' will be rendered and sent to 'address'. If the #DNS_REQUESTOPT_TCP option is set, TCP will be used, * #DNS_REQUESTOPT_SHARE option is set too, connecting TCP * (vs. connected) will be shared too. The request * will timeout after 'timeout' seconds. * \li If the #DNS_REQUESTOPT_CASE option is set, use case sensitive compression. * \li When the request completes, successfully, due to a timeout, or because it was canceled, a completion event will be sent to 'task'. * * Requires: * \li 'message' is a valid DNS message. \li 'address' is a valid sockaddr. \li 'timeout' > 0 \li 'task' is a valid task. \li requestp != NULL && requestp == NULL / isc_result_t dns_request_createvia(dns_requestmgr_t requestmgr, dns_message_t message, const isc_sockaddr_t srcaddr, const isc_sockaddr_t destaddr, isc_dscp_t dscp, unsigned int options, dns_tsigkey_t key, unsigned int timeout, unsigned int udptimeout, unsigned int udpretries, isc_task_t task, isc_taskaction_t action, void arg, dns_request_t *requestp); /%< * Create and send a request. * * Notes: * \li 'message' will be rendered and sent to 'address'. If the #DNS_REQUESTOPT_TCP option is set, TCP will be used, * #DNS_REQUESTOPT_SHARE option is set too, connecting TCP * (vs. connected) will be shared too. The request * will timeout after 'timeout' seconds. UDP requests will be resent * at 'udptimeout' intervals if non-zero or 'udpretries' is non-zero. * \li If the #DNS_REQUESTOPT_CASE option is set, use case sensitive compression. * \li When the request completes, successfully, due to a timeout, or because it was canceled, a completion event will be sent to 'task'. * * Requires: * \li 'message' is a valid DNS message. \li 'dstaddr' is a valid sockaddr. \li 'srcaddr' is a valid sockaddr or NULL. \li 'srcaddr' and 'dstaddr' are the same protocol family. \li 'timeout' > 0 \li 'task' is a valid task. \li requestp != NULL && requestp == NULL / isc_result_t dns_request_createraw(dns_requestmgr_t requestmgr, isc_buffer_t msgbuf, const isc_sockaddr_t srcaddr, const isc_sockaddr_t destaddr, isc_dscp_t dscp, unsigned int options, unsigned int timeout, unsigned int udptimeout, unsigned int udpretries, isc_task_t task, isc_taskaction_t action, void arg, dns_request_t requestp); /!< * \brief Create and send a request. * * Notes: * \li 'msgbuf' will be sent to 'destaddr' after setting the id. If the #DNS_REQUESTOPT_TCP option is set, TCP will be used, * #DNS_REQUESTOPT_SHARE option is set too, connecting TCP * (vs. connected) will be shared too. The request * will timeout after 'timeout' seconds. UDP requests will be resent * at 'udptimeout' intervals if non-zero or if 'udpretries' is not zero. * \li When the request completes, successfully, due to a timeout, or because it was canceled, a completion event will be sent to 'task'. * * Requires: * \li 'msgbuf' is a valid DNS message in compressed wire format. \li 'destaddr' is a valid sockaddr. \li 'srcaddr' is a valid sockaddr or NULL. \li 'srcaddr' and 'dstaddr' are the same protocol family. \li 'timeout' > 0 \li 'task' is a valid task. \li requestp != NULL && requestp == NULL / void dns_request_cancel(dns_request_t request); /%< Cancel 'request'. * * Requires: * \li 'request' is a valid request. * Ensures: * \li If the completion event for 'request' has not yet been sent, it will be sent, and the result code will be ISC_R_CANCELED. / isc_result_t dns_request_getresponse(dns_request_t request, dns_message_t message, unsigned int options); /%< * Get the response to 'request' by filling in 'message'. * * 'options' is passed to dns_message_parse(). See dns_message_parse() * for more details. * * Requires: * \li 'request' is a valid request for which the caller has received the completion event. * \li The result code of the completion event was #ISC_R_SUCCESS. * Returns: * \li ISC_R_SUCCESS \li Any result that dns_message_parse() can return. / isc_buffer_t * dns_request_getanswer(dns_request_t request); / * Get the response to 'request' as a buffer. * * Requires: * \li 'request' is a valid request for which the caller has received the completion event. * * Returns: * \li a pointer to the answer buffer. / bool dns_request_usedtcp(dns_request_t request); /%< * Return whether this query used TCP or not. Setting #DNS_REQUESTOPT_TCP * in the call to dns_request_create() will cause the function to return * #true, otherwise the result is based on the query message size. * * Requires: \li 'request' is a valid request. * Returns: \li true if TCP was used. \li false if UDP was used. / void dns_request_destroy(dns_request_t requestp); /%< * Destroy 'request'. * * Requires: * \li 'request' is a valid request for which the caller has received the completion event. * * Ensures: * \li requestp == NULL / ISC_LANG_ENDDECLS #endif / DNS_REQUEST_H / ��dns/rdatastruct.h��0000644��00000172357�15125204631�0010057 0��ustar�00��/ * Copyright (C) 1998-2025 Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. / /************ *********** *********** THIS FILE IS AUTOMATICALLY GENERATED BY gen.c. *********** DO NOT EDIT! *********** ************/ /! \file / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_RDATASTRUCT_H #define DNS_RDATASTRUCT_H 1 #include <isc/lang.h> #include <isc/sockaddr.h> #include <dns/name.h> #include <dns/types.h> ISC_LANG_BEGINDECLS typedef struct dns_rdatacommon { dns_rdataclass_t rdclass; dns_rdatatype_t rdtype; ISC_LINK(struct dns_rdatacommon) link; } dns_rdatacommon_t; #define DNS_RDATACOMMON_INIT(_data, _rdtype, _rdclass) \ do { \ (_data)->common.rdtype = (_rdtype); \ (_data)->common.rdclass = (_rdclass); \ ISC_LINK_INIT(&(_data)->common, link); \ } while (0) / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef IN_1_A_1_H #define IN_1_A_1_H 1 typedef struct dns_rdata_in_a { dns_rdatacommon_t common; struct in_addr in_addr; } dns_rdata_in_a_t; #endif / IN_1_A_1_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / by Bjorn.Victor@it.uu.se, 2005-05-07 / / Based on generic/mx_15.h / #ifndef CH_3_A_1_H #define CH_3_A_1_H 1 typedef uint16_t ch_addr_t; typedef struct dns_rdata_ch_a { dns_rdatacommon_t common; isc_mem_t mctx; dns_name_t ch_addr_dom; /* ch-addr domain for back mapping * / ch_addr_t ch_addr; / chaos address (16 bit) network * order / } dns_rdata_ch_a_t; #endif / CH_3_A_1_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef HS_4_A_1_H #define HS_4_A_1_H 1 typedef struct dns_rdata_hs_a { dns_rdatacommon_t common; struct in_addr in_addr; } dns_rdata_hs_a_t; #endif / HS_4_A_1_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef GENERIC_NS_2_H #define GENERIC_NS_2_H 1 typedef struct dns_rdata_ns { dns_rdatacommon_t common; isc_mem_t mctx; dns_name_t name; } dns_rdata_ns_t; #endif /* GENERIC_NS_2_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef GENERIC_MD_3_H #define GENERIC_MD_3_H 1 typedef struct dns_rdata_md { dns_rdatacommon_t common; isc_mem_t mctx; dns_name_t md; } dns_rdata_md_t; #endif /* GENERIC_MD_3_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef GENERIC_MF_4_H #define GENERIC_MF_4_H 1 typedef struct dns_rdata_mf { dns_rdatacommon_t common; isc_mem_t mctx; dns_name_t mf; } dns_rdata_mf_t; #endif /* GENERIC_MF_4_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_CNAME_5_H #define GENERIC_CNAME_5_H 1 typedef struct dns_rdata_cname { dns_rdatacommon_t common; isc_mem_t mctx; dns_name_t cname; } dns_rdata_cname_t; #endif /* GENERIC_CNAME_5_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef GENERIC_SOA_6_H #define GENERIC_SOA_6_H 1 typedef struct dns_rdata_soa { dns_rdatacommon_t common; isc_mem_t mctx; dns_name_t origin; dns_name_t contact; uint32_t serial; /%< host order / uint32_t refresh; /%< host order / uint32_t retry; /%< host order / uint32_t expire; /%< host order / uint32_t minimum; /%< host order / } dns_rdata_soa_t; #endif /* GENERIC_SOA_6_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef GENERIC_MB_7_H #define GENERIC_MB_7_H 1 typedef struct dns_rdata_mb { dns_rdatacommon_t common; isc_mem_t mctx; dns_name_t mb; } dns_rdata_mb_t; #endif /* GENERIC_MB_7_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef GENERIC_MG_8_H #define GENERIC_MG_8_H 1 typedef struct dns_rdata_mg { dns_rdatacommon_t common; isc_mem_t mctx; dns_name_t mg; } dns_rdata_mg_t; #endif /* GENERIC_MG_8_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef GENERIC_MR_9_H #define GENERIC_MR_9_H 1 typedef struct dns_rdata_mr { dns_rdatacommon_t common; isc_mem_t mctx; dns_name_t mr; } dns_rdata_mr_t; #endif /* GENERIC_MR_9_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef GENERIC_NULL_10_H #define GENERIC_NULL_10_H 1 typedef struct dns_rdata_null { dns_rdatacommon_t common; isc_mem_t mctx; uint16_t length; unsigned char data; } dns_rdata_null_t; #endif / GENERIC_NULL_10_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef IN_1_WKS_11_H #define IN_1_WKS_11_H 1 typedef struct dns_rdata_in_wks { dns_rdatacommon_t common; isc_mem_t mctx; struct in_addr in_addr; uint16_t protocol; unsigned char map; uint16_t map_len; } dns_rdata_in_wks_t; #endif / IN_1_WKS_11_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef GENERIC_PTR_12_H #define GENERIC_PTR_12_H 1 typedef struct dns_rdata_ptr { dns_rdatacommon_t common; isc_mem_t mctx; dns_name_t ptr; } dns_rdata_ptr_t; #endif /* GENERIC_PTR_12_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_HINFO_13_H #define GENERIC_HINFO_13_H 1 typedef struct dns_rdata_hinfo { dns_rdatacommon_t common; isc_mem_t mctx; char cpu; char os; uint8_t cpu_len; uint8_t os_len; } dns_rdata_hinfo_t; #endif /* GENERIC_HINFO_13_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef GENERIC_MINFO_14_H #define GENERIC_MINFO_14_H 1 typedef struct dns_rdata_minfo { dns_rdatacommon_t common; isc_mem_t mctx; dns_name_t rmailbox; dns_name_t emailbox; } dns_rdata_minfo_t; #endif /* GENERIC_MINFO_14_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef GENERIC_MX_15_H #define GENERIC_MX_15_H 1 typedef struct dns_rdata_mx { dns_rdatacommon_t common; isc_mem_t mctx; uint16_t pref; dns_name_t mx; } dns_rdata_mx_t; #endif /* GENERIC_MX_15_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef GENERIC_TXT_16_H #define GENERIC_TXT_16_H 1 typedef struct dns_rdata_txt_string { uint8_t length; unsigned char data; } dns_rdata_txt_string_t; typedef struct dns_rdata_txt { dns_rdatacommon_t common; isc_mem_t mctx; unsigned char txt; uint16_t txt_len; /* private / uint16_t offset; } dns_rdata_txt_t; / * ISC_LANG_BEGINDECLS and ISC_LANG_ENDDECLS are already done * via rdatastructpre.h and rdatastructsuf.h. / isc_result_t dns_rdata_txt_first(dns_rdata_txt_t ); isc_result_t dns_rdata_txt_next(dns_rdata_txt_t ); isc_result_t dns_rdata_txt_current(dns_rdata_txt_t , dns_rdata_txt_string_t ); #endif / GENERIC_TXT_16_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_RP_17_H #define GENERIC_RP_17_H 1 /! * \brief Per RFC1183 / typedef struct dns_rdata_rp { dns_rdatacommon_t common; isc_mem_t mctx; dns_name_t mail; dns_name_t text; } dns_rdata_rp_t; #endif /* GENERIC_RP_17_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_AFSDB_18_H #define GENERIC_AFSDB_18_H 1 /! * \brief Per RFC1183 / typedef struct dns_rdata_afsdb { dns_rdatacommon_t common; isc_mem_t mctx; uint16_t subtype; dns_name_t server; } dns_rdata_afsdb_t; #endif /* GENERIC_AFSDB_18_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_X25_19_H #define GENERIC_X25_19_H 1 /! * \brief Per RFC1183 / typedef struct dns_rdata_x25 { dns_rdatacommon_t common; isc_mem_t mctx; unsigned char x25; uint8_t x25_len; } dns_rdata_x25_t; #endif / GENERIC_X25_19_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_ISDN_20_H #define GENERIC_ISDN_20_H 1 /! * \brief Per RFC1183 / typedef struct dns_rdata_isdn { dns_rdatacommon_t common; isc_mem_t mctx; char isdn; char subaddress; uint8_t isdn_len; uint8_t subaddress_len; } dns_rdata_isdn_t; #endif /* GENERIC_ISDN_20_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_RT_21_H #define GENERIC_RT_21_H 1 /! * \brief Per RFC1183 / typedef struct dns_rdata_rt { dns_rdatacommon_t common; isc_mem_t mctx; uint16_t preference; dns_name_t host; } dns_rdata_rt_t; #endif /* GENERIC_RT_21_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef IN_1_NSAP_22_H #define IN_1_NSAP_22_H 1 /! * \brief Per RFC1706 / typedef struct dns_rdata_in_nsap { dns_rdatacommon_t common; isc_mem_t mctx; unsigned char nsap; uint16_t nsap_len; } dns_rdata_in_nsap_t; #endif / IN_1_NSAP_22_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef IN_1_NSAP_PTR_23_H #define IN_1_NSAP_PTR_23_H 1 /! * \brief Per RFC1348. Obsoleted in RFC 1706 - use PTR instead. / typedef struct dns_rdata_in_nsap_ptr { dns_rdatacommon_t common; isc_mem_t mctx; dns_name_t owner; } dns_rdata_in_nsap_ptr_t; #endif /* IN_1_NSAP_PTR_23_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_SIG_24_H #define GENERIC_SIG_24_H 1 /! * \brief Per RFC2535 / typedef struct dns_rdata_sig_t { dns_rdatacommon_t common; isc_mem_t mctx; dns_rdatatype_t covered; dns_secalg_t algorithm; uint8_t labels; uint32_t originalttl; uint32_t timeexpire; uint32_t timesigned; uint16_t keyid; dns_name_t signer; uint16_t siglen; unsigned char signature; } dns_rdata_sig_t; #endif / GENERIC_SIG_24_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_KEY_25_H #define GENERIC_KEY_25_H 1 /! * \brief Per RFC2535 / typedef struct dns_rdata_key { dns_rdatacommon_t common; isc_mem_t mctx; uint16_t flags; dns_secproto_t protocol; dns_secalg_t algorithm; uint16_t datalen; unsigned char data; } dns_rdata_key_t; #endif / GENERIC_KEY_25_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef IN_1_PX_26_H #define IN_1_PX_26_H 1 /! * \brief Per RFC2163 / typedef struct dns_rdata_in_px { dns_rdatacommon_t common; isc_mem_t mctx; uint16_t preference; dns_name_t map822; dns_name_t mapx400; } dns_rdata_in_px_t; #endif /* IN_1_PX_26_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_GPOS_27_H #define GENERIC_GPOS_27_H 1 /! * \brief per RFC1712 / typedef struct dns_rdata_gpos { dns_rdatacommon_t common; isc_mem_t mctx; char longitude; char latitude; char altitude; uint8_t long_len; uint8_t lat_len; uint8_t alt_len; } dns_rdata_gpos_t; #endif / GENERIC_GPOS_27_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef IN_1_AAAA_28_H #define IN_1_AAAA_28_H 1 /! * \brief Per RFC1886 / typedef struct dns_rdata_in_aaaa { dns_rdatacommon_t common; struct in6_addr in6_addr; } dns_rdata_in_aaaa_t; #endif / IN_1_AAAA_28_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_LOC_29_H #define GENERIC_LOC_29_H 1 /! * \brief Per RFC1876 / typedef struct dns_rdata_loc_0 { uint8_t version; / must be first and zero / uint8_t size; uint8_t horizontal; uint8_t vertical; uint32_t latitude; uint32_t longitude; uint32_t altitude; } dns_rdata_loc_0_t; typedef struct dns_rdata_loc { dns_rdatacommon_t common; union { dns_rdata_loc_0_t v0; } v; } dns_rdata_loc_t; #endif / GENERIC_LOC_29_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_NXT_30_H #define GENERIC_NXT_30_H 1 /! * \brief RFC2535 / typedef struct dns_rdata_nxt { dns_rdatacommon_t common; isc_mem_t mctx; dns_name_t next; unsigned char typebits; uint16_t len; } dns_rdata_nxt_t; #endif / GENERIC_NXT_30_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef IN_1_EID_31_H #define IN_1_EID_31_H 1 /! * \brief http://ana-3.lcs.mit.edu/~jnc/nimrod/dns.txt / typedef struct dns_rdata_in_eid { dns_rdatacommon_t common; isc_mem_t mctx; unsigned char eid; uint16_t eid_len; } dns_rdata_in_eid_t; #endif / IN_1_EID_31_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef IN_1_NIMLOC_32_H #define IN_1_NIMLOC_32_H 1 /! * \brief http://ana-3.lcs.mit.edu/~jnc/nimrod/dns.txt / typedef struct dns_rdata_in_nimloc { dns_rdatacommon_t common; isc_mem_t mctx; unsigned char nimloc; uint16_t nimloc_len; } dns_rdata_in_nimloc_t; #endif / IN_1_NIMLOC_32_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef IN_1_SRV_33_H #define IN_1_SRV_33_H 1 /! * \brief Per RFC2782 / typedef struct dns_rdata_in_srv { dns_rdatacommon_t common; isc_mem_t mctx; uint16_t priority; uint16_t weight; uint16_t port; dns_name_t target; } dns_rdata_in_srv_t; #endif /* IN_1_SRV_33_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef IN_1_ATMA_22_H #define IN_1_ATMA_22_H 1 /! * \brief Per RFC1706 / typedef struct dns_rdata_in_atma { dns_rdatacommon_t common; isc_mem_t mctx; unsigned char format; unsigned char atma; uint16_t atma_len; } dns_rdata_in_atma_t; #endif / IN_1_ATMA_22_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_NAPTR_35_H #define GENERIC_NAPTR_35_H 1 /! * \brief Per RFC2915 / typedef struct dns_rdata_naptr { dns_rdatacommon_t common; isc_mem_t mctx; uint16_t order; uint16_t preference; char flags; uint8_t flags_len; char service; uint8_t service_len; char regexp; uint8_t regexp_len; dns_name_t replacement; } dns_rdata_naptr_t; #endif / GENERIC_NAPTR_35_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef IN_1_KX_36_H #define IN_1_KX_36_H 1 /! * \brief Per RFC2230 / typedef struct dns_rdata_in_kx { dns_rdatacommon_t common; isc_mem_t mctx; uint16_t preference; dns_name_t exchange; } dns_rdata_in_kx_t; #endif /* IN_1_KX_36_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_CERT_37_H #define GENERIC_CERT_37_H 1 /% RFC2538 / typedef struct dns_rdata_cert { dns_rdatacommon_t common; isc_mem_t mctx; uint16_t type; uint16_t key_tag; uint8_t algorithm; uint16_t length; unsigned char certificate; } dns_rdata_cert_t; #endif / GENERIC_CERT_37_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef IN_1_A6_38_H #define IN_1_A6_38_H 1 /! * \brief Per RFC2874 / typedef struct dns_rdata_in_a6 { dns_rdatacommon_t common; isc_mem_t mctx; dns_name_t prefix; uint8_t prefixlen; struct in6_addr in6_addr; } dns_rdata_in_a6_t; #endif /* IN_1_A6_38_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_DNAME_39_H #define GENERIC_DNAME_39_H 1 /! * \brief per RFC2672 / typedef struct dns_rdata_dname { dns_rdatacommon_t common; isc_mem_t mctx; dns_name_t dname; } dns_rdata_dname_t; #endif /* GENERIC_DNAME_39_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_SINK_40_H #define GENERIC_SINK_40_H 1 typedef struct dns_rdata_sink_t { dns_rdatacommon_t common; isc_mem_t mctx; uint8_t meaning; uint8_t coding; uint8_t subcoding; uint16_t datalen; unsigned char data; } dns_rdata_sink_t; #endif / GENERIC_SINK_40_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_OPT_41_H #define GENERIC_OPT_41_H 1 /! * \brief Per RFC2671 / typedef struct dns_rdata_opt_opcode { uint16_t opcode; uint16_t length; unsigned char data; } dns_rdata_opt_opcode_t; typedef struct dns_rdata_opt { dns_rdatacommon_t common; isc_mem_t mctx; unsigned char options; uint16_t length; /* private / uint16_t offset; } dns_rdata_opt_t; / * ISC_LANG_BEGINDECLS and ISC_LANG_ENDDECLS are already done * via rdatastructpre.h and rdatastructsuf.h. / isc_result_t dns_rdata_opt_first(dns_rdata_opt_t ); isc_result_t dns_rdata_opt_next(dns_rdata_opt_t ); isc_result_t dns_rdata_opt_current(dns_rdata_opt_t , dns_rdata_opt_opcode_t ); #endif / GENERIC_OPT_41_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef IN_1_APL_42_H #define IN_1_APL_42_H 1 typedef struct dns_rdata_apl_ent { bool negative; uint16_t family; uint8_t prefix; uint8_t length; unsigned char data; } dns_rdata_apl_ent_t; typedef struct dns_rdata_in_apl { dns_rdatacommon_t common; isc_mem_t mctx; / type & class specific elements / unsigned char apl; uint16_t apl_len; /* private / uint16_t offset; } dns_rdata_in_apl_t; / * ISC_LANG_BEGINDECLS and ISC_LANG_ENDDECLS are already done * via rdatastructpre.h and rdatastructsuf.h. / isc_result_t dns_rdata_apl_first(dns_rdata_in_apl_t ); isc_result_t dns_rdata_apl_next(dns_rdata_in_apl_t ); isc_result_t dns_rdata_apl_current(dns_rdata_in_apl_t , dns_rdata_apl_ent_t ); unsigned int dns_rdata_apl_count(const dns_rdata_in_apl_t apl); #endif /* IN_1_APL_42_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_DS_43_H #define GENERIC_DS_43_H 1 /! * \brief per draft-ietf-dnsext-delegation-signer-05.txt / typedef struct dns_rdata_ds { dns_rdatacommon_t common; isc_mem_t mctx; uint16_t key_tag; dns_secalg_t algorithm; dns_dsdigest_t digest_type; uint16_t length; unsigned char digest; } dns_rdata_ds_t; #endif / GENERIC_DS_43_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! * \brief Per RFC 4255 / #ifndef GENERIC_SSHFP_44_H #define GENERIC_SSHFP_44_H 1 typedef struct dns_rdata_sshfp { dns_rdatacommon_t common; isc_mem_t mctx; uint8_t algorithm; uint8_t digest_type; uint16_t length; unsigned char digest; } dns_rdata_sshfp_t; #endif / GENERIC_SSHFP_44_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_IPSECKEY_45_H #define GENERIC_IPSECKEY_45_H 1 typedef struct dns_rdata_ipseckey { dns_rdatacommon_t common; isc_mem_t mctx; uint8_t precedence; uint8_t gateway_type; uint8_t algorithm; struct in_addr in_addr; /* gateway type 1 / struct in6_addr in6_addr; / gateway type 2 / dns_name_t gateway; / gateway type 3 / unsigned char key; uint16_t keylength; } dns_rdata_ipseckey_t; #endif /* GENERIC_IPSECKEY_45_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_DNSSIG_46_H #define GENERIC_DNSSIG_46_H 1 /! * \brief Per RFC2535 / typedef struct dns_rdata_rrsig { dns_rdatacommon_t common; isc_mem_t mctx; dns_rdatatype_t covered; dns_secalg_t algorithm; uint8_t labels; uint32_t originalttl; uint32_t timeexpire; uint32_t timesigned; uint16_t keyid; dns_name_t signer; uint16_t siglen; unsigned char signature; } dns_rdata_rrsig_t; #endif / GENERIC_DNSSIG_46_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_NSEC_47_H #define GENERIC_NSEC_47_H 1 /! * \brief Per RFC 3845 / typedef struct dns_rdata_nsec { dns_rdatacommon_t common; isc_mem_t mctx; dns_name_t next; unsigned char typebits; uint16_t len; } dns_rdata_nsec_t; #endif / GENERIC_NSEC_47_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_DNSKEY_48_H #define GENERIC_DNSKEY_48_H 1 /! * \brief per RFC2535 / typedef struct dns_rdata_key dns_rdata_dnskey_t; #endif / GENERIC_DNSKEY_48_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef IN_1_DHCID_49_H #define IN_1_DHCID_49_H 1 typedef struct dns_rdata_in_dhcid { dns_rdatacommon_t common; isc_mem_t mctx; unsigned char dhcid; unsigned int length; } dns_rdata_in_dhcid_t; #endif / IN_1_DHCID_49_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_NSEC3_50_H #define GENERIC_NSEC3_50_H 1 /! * \brief Per RFC 5155 / #include <isc/iterated_hash.h> typedef struct dns_rdata_nsec3 { dns_rdatacommon_t common; isc_mem_t mctx; dns_hash_t hash; unsigned char flags; dns_iterations_t iterations; unsigned char salt_length; unsigned char next_length; uint16_t len; unsigned char salt; unsigned char next; unsigned char typebits; } dns_rdata_nsec3_t; / * The corresponding NSEC3 interval is OPTOUT indicating possible * insecure delegations. / #define DNS_NSEC3FLAG_OPTOUT 0x01U /% * The following flags are used in the private-type record (implemented in * lib/dns/private.c) which is used to store NSEC3PARAM data during the * time when it is not legal to have an actual NSEC3PARAM record in the * zone. They are defined here because the private-type record uses the * same flags field for the OPTOUT flag above and for the private flags * below. XXX: This should be considered for refactoring. / /% * Non-standard, private type only. * * Create a corresponding NSEC3 chain. * Once the NSEC3 chain is complete this flag will be removed to signal * that there is a complete chain. * * This flag is automatically set when a NSEC3PARAM record is added to * the zone via UPDATE. * * NSEC3PARAM records containing this flag should never be published, * but if they are, they should be ignored by RFC 5155 compliant * nameservers. / #define DNS_NSEC3FLAG_CREATE 0x80U /% * Non-standard, private type only. * * The corresponding NSEC3 set is to be removed once the NSEC chain * has been generated. * * This flag is automatically set when the last active NSEC3PARAM record * is removed from the zone via UPDATE. * * NSEC3PARAM records containing this flag should never be published, * but if they are, they should be ignored by RFC 5155 compliant * nameservers. / #define DNS_NSEC3FLAG_REMOVE 0x40U /% * Non-standard, private type only. * * When set with the CREATE flag, a corresponding NSEC3 chain will be * created when the zone becomes capable of supporting one (i.e., when it * has a DNSKEY RRset containing at least one NSEC3-capable algorithm). * Without this flag, NSEC3 chain creation would be attempted immediately, * fail, and the private type record would be removed. With it, the NSEC3 * parameters are stored until they can be used. When the zone has the * necessary prerequisites for NSEC3, then the INITIAL flag can be cleared, * and the record will be cleaned up normally. * * NSEC3PARAM records containing this flag should never be published, but * if they are, they should be ignored by RFC 5155 compliant nameservers. / #define DNS_NSEC3FLAG_INITIAL 0x20U /% * Non-standard, private type only. * * Prevent the creation of a NSEC chain before the last NSEC3 chain * is removed. This will normally only be set when the zone is * transitioning from secure with NSEC3 chains to insecure. * * NSEC3PARAM records containing this flag should never be published, * but if they are, they should be ignored by RFC 5155 compliant * nameservers. / #define DNS_NSEC3FLAG_NONSEC 0x10U #endif / GENERIC_NSEC3_50_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_NSEC3PARAM_51_H #define GENERIC_NSEC3PARAM_51_H 1 /! * \brief Per RFC 5155 / #include <isc/iterated_hash.h> typedef struct dns_rdata_nsec3param { dns_rdatacommon_t common; isc_mem_t mctx; dns_hash_t hash; unsigned char flags; /* DNS_NSEC3FLAG_* / dns_iterations_t iterations; unsigned char salt_length; unsigned char salt; } dns_rdata_nsec3param_t; #endif /* GENERIC_NSEC3PARAM_51_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_TLSA_52_H #define GENERIC_TLSA_52_H 1 /! * \brief per rfc6698.txt / typedef struct dns_rdata_tlsa { dns_rdatacommon_t common; isc_mem_t mctx; uint8_t usage; uint8_t selector; uint8_t match; uint16_t length; unsigned char data; } dns_rdata_tlsa_t; #endif / GENERIC_TLSA_52_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_SMIMEA_53_H #define GENERIC_SMIMEA_53_H 1 typedef struct dns_rdata_tlsa dns_rdata_smimea_t; #endif / GENERIC_SMIMEA_53_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_HIP_5_H #define GENERIC_HIP_5_H 1 / RFC 5205 / typedef struct dns_rdata_hip { dns_rdatacommon_t common; isc_mem_t mctx; unsigned char hit; unsigned char key; unsigned char servers; uint8_t algorithm; uint8_t hit_len; uint16_t key_len; uint16_t servers_len; / Private / uint16_t offset; } dns_rdata_hip_t; isc_result_t dns_rdata_hip_first(dns_rdata_hip_t ); isc_result_t dns_rdata_hip_next(dns_rdata_hip_t ); void dns_rdata_hip_current(dns_rdata_hip_t , dns_name_t ); #endif / GENERIC_HIP_5_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef GENERIC_NINFO_56_H #define GENERIC_NINFO_56_H 1 typedef struct dns_rdata_txt_string dns_rdata_ninfo_string_t; typedef struct dns_rdata_txt dns_rdata_ninfo_t; / * ISC_LANG_BEGINDECLS and ISC_LANG_ENDDECLS are already done * via rdatastructpre.h and rdatastructsuf.h. / isc_result_t dns_rdata_ninfo_first(dns_rdata_ninfo_t ); isc_result_t dns_rdata_ninfo_next(dns_rdata_ninfo_t ); isc_result_t dns_rdata_ninfo_current(dns_rdata_ninfo_t , dns_rdata_ninfo_string_t ); #endif / GENERIC_NINFO_16_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_RKEY_57_H #define GENERIC_RKEY_57_H 1 typedef struct dns_rdata_key dns_rdata_rkey_t; #endif / GENERIC_RKEY_57_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / * http://www.iana.org/assignments/dns-parameters/TALINK/talink-completed-template / #ifndef GENERIC_TALINK_58_H #define GENERIC_TALINK_58_H 1 typedef struct dns_rdata_talink { dns_rdatacommon_t common; isc_mem_t mctx; dns_name_t prev; dns_name_t next; } dns_rdata_talink_t; #endif /* GENERIC_TALINK_58_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_CDS_59_H #define GENERIC_CDS_59_H 1 / CDS records have the same RDATA fields as DS records. / typedef struct dns_rdata_ds dns_rdata_cds_t; #endif / GENERIC_CDS_59_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_CDNSKEY_60_H #define GENERIC_CDNSKEY_60_H 1 / CDNSKEY records have the same RDATA fields as DNSKEY records. / typedef struct dns_rdata_key dns_rdata_cdnskey_t; #endif / GENERIC_CDNSKEY_60_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_OPENPGPKEY_61_H #define GENERIC_OPENPGPKEY_61_H 1 typedef struct dns_rdata_openpgpkey { dns_rdatacommon_t common; isc_mem_t mctx; uint16_t length; unsigned char keyring; } dns_rdata_openpgpkey_t; #endif / GENERIC_OPENPGPKEY_61_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_CSYNC_62_H #define GENERIC_CSYNC_62_H 1 /! * \brief Per RFC 7477 / typedef struct dns_rdata_csync { dns_rdatacommon_t common; isc_mem_t mctx; uint32_t serial; uint16_t flags; unsigned char typebits; uint16_t len; } dns_rdata_csync_t; #endif / GENERIC_CSYNC_62_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_ZONEMD_63_H #define GENERIC_ZONEMD_63_H 1 / Known digest type(s). / #define DNS_ZONEMD_DIGEST_SHA384 (1) #define DNS_ZONEMD_DIGEST_SHA512 (2) / * \brief per RFC 8976 / typedef struct dns_rdata_zonemd { dns_rdatacommon_t common; isc_mem_t mctx; uint32_t serial; uint8_t scheme; uint8_t digest_type; unsigned char digest; uint16_t length; } dns_rdata_zonemd_t; #endif / GENERIC_ZONEMD_63_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef IN_1_SVCB_64_H #define IN_1_SVCB_64_H 1 /! * \brief Per draft-ietf-dnsop-svcb-https-02 / typedef struct dns_rdata_in_svcb { dns_rdatacommon_t common; isc_mem_t mctx; uint16_t priority; dns_name_t svcdomain; unsigned char svc; uint16_t svclen; uint16_t offset; } dns_rdata_in_svcb_t; isc_result_t dns_rdata_in_svcb_first(dns_rdata_in_svcb_t ); isc_result_t dns_rdata_in_svcb_next(dns_rdata_in_svcb_t ); void dns_rdata_in_svcb_current(dns_rdata_in_svcb_t , isc_region_t ); #endif / IN_1_SVCB_64_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef IN_1_HTTPS_65_H #define IN_1_HTTPS_65_H 1 /! * \brief Per draft-ietf-dnsop-svcb-https-02 / / * Wire and presentation formats for HTTPS are identical to SVCB. / typedef struct dns_rdata_in_svcb dns_rdata_in_https_t; isc_result_t dns_rdata_in_https_first(dns_rdata_in_https_t ); isc_result_t dns_rdata_in_https_next(dns_rdata_in_https_t ); void dns_rdata_in_https_current(dns_rdata_in_https_t , isc_region_t ); #endif / IN_1_HTTPS_65_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_SPF_99_H #define GENERIC_SPF_99_H 1 typedef struct dns_rdata_spf_string { uint8_t length; unsigned char data; } dns_rdata_spf_string_t; typedef struct dns_rdata_spf { dns_rdatacommon_t common; isc_mem_t mctx; unsigned char txt; uint16_t txt_len; /* private / uint16_t offset; } dns_rdata_spf_t; / * ISC_LANG_BEGINDECLS and ISC_LANG_ENDDECLS are already done * via rdatastructpre.h and rdatastructsuf.h. / #endif / GENERIC_SPF_99_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef GENERIC_NID_104_H #define GENERIC_NID_104_H 1 typedef struct dns_rdata_nid { dns_rdatacommon_t common; uint16_t pref; unsigned char nid[8]; } dns_rdata_nid_t; #endif / GENERIC_NID_104_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef GENERIC_L32_105_H #define GENERIC_L32_105_H 1 typedef struct dns_rdata_l32 { dns_rdatacommon_t common; uint16_t pref; struct in_addr l32; } dns_rdata_l32_t; #endif / GENERIC_L32_105_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef GENERIC_L64_106_H #define GENERIC_L64_106_H 1 typedef struct dns_rdata_l64 { dns_rdatacommon_t common; uint16_t pref; unsigned char l64[8]; } dns_rdata_l64_t; #endif / GENERIC_L64_106_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef GENERIC_LP_107_H #define GENERIC_LP_107_H 1 typedef struct dns_rdata_lp { dns_rdatacommon_t common; isc_mem_t mctx; uint16_t pref; dns_name_t lp; } dns_rdata_lp_t; #endif /* GENERIC_LP_107_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef GENERIC_EUI48_108_H #define GENERIC_EUI48_108_H 1 typedef struct dns_rdata_eui48 { dns_rdatacommon_t common; unsigned char eui48[6]; } dns_rdata_eui48_t; #endif / GENERIC_EUI48_10k_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / / #ifndef GENERIC_EUI64_109_H #define GENERIC_EUI64_109_H 1 typedef struct dns_rdata_eui64 { dns_rdatacommon_t common; unsigned char eui64[8]; } dns_rdata_eui64_t; #endif / GENERIC_EUI64_10k_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_TKEY_249_H #define GENERIC_TKEY_249_H 1 /! * \brief Per draft-ietf-dnsind-tkey-00.txt / typedef struct dns_rdata_tkey { dns_rdatacommon_t common; isc_mem_t mctx; dns_name_t algorithm; uint32_t inception; uint32_t expire; uint16_t mode; uint16_t error; uint16_t keylen; unsigned char key; uint16_t otherlen; unsigned char other; } dns_rdata_tkey_t; #endif /* GENERIC_TKEY_249_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ANY_255_TSIG_250_H #define ANY_255_TSIG_250_H 1 /% RFC2845 / typedef struct dns_rdata_any_tsig { dns_rdatacommon_t common; isc_mem_t mctx; dns_name_t algorithm; uint64_t timesigned; uint16_t fudge; uint16_t siglen; unsigned char signature; uint16_t originalid; uint16_t error; uint16_t otherlen; unsigned char other; } dns_rdata_any_tsig_t; #endif /* ANY_255_TSIG_250_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_URI_256_H #define GENERIC_URI_256_H 1 typedef struct dns_rdata_uri { dns_rdatacommon_t common; isc_mem_t mctx; uint16_t priority; uint16_t weight; unsigned char target; uint16_t tgt_len; } dns_rdata_uri_t; #endif / GENERIC_URI_256_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_CAA_257_H #define GENERIC_CAA_257_H 1 typedef struct dns_rdata_caa { dns_rdatacommon_t common; isc_mem_t mctx; uint8_t flags; unsigned char tag; uint8_t tag_len; unsigned char value; uint16_t value_len; } dns_rdata_caa_t; #endif /* GENERIC_CAA_257_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_AVC_258_H #define GENERIC_AVC_258_H 1 typedef dns_rdata_txt_string_t dns_rdata_avc_string_t; typedef struct dns_rdata_avc { dns_rdatacommon_t common; isc_mem_t mctx; unsigned char data; uint16_t length; / private / uint16_t offset; } dns_rdata_avc_t; / * ISC_LANG_BEGINDECLS and ISC_LANG_ENDDECLS are already done * via rdatastructpre.h and rdatastructsuf.h. / #endif / GENERIC_AVC_258_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_DOA_259_H #define GENERIC_DOA_259_H 1 typedef struct dns_rdata_doa { dns_rdatacommon_t common; isc_mem_t mctx; unsigned char mediatype; unsigned char data; uint32_t enterprise; uint32_t type; uint16_t data_len; uint8_t location; uint8_t mediatype_len; } dns_rdata_doa_t; #endif /* GENERIC_DOA_259_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_AMTRELAY_260_H #define GENERIC_AMTRELAY_260_H 1 typedef struct dns_rdata_amtrelay { dns_rdatacommon_t common; isc_mem_t mctx; uint8_t precedence; bool discovery; uint8_t gateway_type; struct in_addr in_addr; /* gateway type 1 / struct in6_addr in6_addr; / gateway type 2 / dns_name_t gateway; / gateway type 3 / unsigned char data; /* gateway type > 3 / uint16_t length; } dns_rdata_amtrelay_t; #endif / GENERIC_AMTRELAY_260_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_TA_32768_H #define GENERIC_TA_32768_H 1 / * TA records are identical to DS records. / typedef struct dns_rdata_ds dns_rdata_ta_t; #endif / GENERIC_TA_32768_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / draft-ietf-dnsext-delegation-signer-05.txt / #ifndef GENERIC_DLV_32769_H #define GENERIC_DLV_32769_H 1 typedef struct dns_rdata_ds dns_rdata_dlv_t; #endif / GENERIC_DLV_32769_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef GENERIC_KEYDATA_65533_H #define GENERIC_KEYDATA_65533_H 1 typedef struct dns_rdata_keydata { dns_rdatacommon_t common; isc_mem_t mctx; uint32_t refresh; /* Timer for refreshing data / uint32_t addhd; / Hold-down timer for adding / uint32_t removehd; / Hold-down timer for removing / uint16_t flags; / Copy of DNSKEY_48 / dns_secproto_t protocol; dns_secalg_t algorithm; uint16_t datalen; unsigned char data; } dns_rdata_keydata_t; #endif /* GENERIC_KEYDATA_65533_H / / * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / ISC_LANG_ENDDECLS #endif / DNS_RDATASTRUCT_H / ��dns/badcache.h��0000644��00000006473�15125204631�0007224 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_BADCACHE_H #define DNS_BADCACHE_H 1 /** * Module Info **/ /! \file dns/badcache.h * \brief * Defines dns_badcache_t, the "bad cache" object. * * Notes: \li A bad cache object is a hash table of name/type tuples, indicating whether a given tuple known to be "bad" in some * sense (e.g., queries for that name and type have been * returning SERVFAIL). This is used for both the "bad server * cache" in the resolver and for the "servfail cache" in * the view. * * Reliability: * * Resources: * * Security: * * Standards: / / * Imports */ #include <inttypes.h> #include <stdbool.h> #include <dns/types.h> ISC_LANG_BEGINDECLS /* * Functions / isc_result_t dns_badcache_init(isc_mem_t mctx, unsigned int size, dns_badcache_t *bcp); /% * Allocate and initialize a badcache and store it in 'bcp'. * Requires: * \li mctx != NULL * \li bcp != NULL * \li bcp == NULL / void dns_badcache_destroy(dns_badcache_t *bcp); /% * Flush and then free badcache in 'bcp'. 'bcp' is set to NULL on return. * Requires: * \li 'bcp' to be a valid badcache / void dns_badcache_add(dns_badcache_t bc, const dns_name_t name, dns_rdatatype_t type, bool update, uint32_t flags, isc_time_t expire); /% * Adds a badcache entry to the badcache 'bc' for name 'name' and * type 'type'. If an entry already exists, then it will be updated if * 'update' is true. The entry will be stored with flags 'flags' * and expiration date 'expire'. * * Requires: * \li bc to be a valid badcache. * \li name != NULL * \li expire != NULL / bool dns_badcache_find(dns_badcache_t bc, const dns_name_t name, dns_rdatatype_t type, uint32_t flagp, isc_time_t now); /% * Returns true if a record is found in the badcache 'bc' matching * 'name' and 'type', with an expiration date later than 'now'. * If 'flagp' is not NULL, then 'flagp' is updated to the flags that were stored in the badcache entry. Returns false if * no matching record is found. * * Requires: * \li bc to be a valid badcache. * \li name != NULL * \li now != NULL / void dns_badcache_flush(dns_badcache_t bc); /% Flush the entire bad cache. * * Requires: * \li bc to be a valid badcache / void dns_badcache_flushname(dns_badcache_t bc, const dns_name_t name); /% * Flush the bad cache of all entries at 'name'. * * Requires: * \li bc to be a valid badcache * \li name != NULL / void dns_badcache_flushtree(dns_badcache_t bc, const dns_name_t name); /% * Flush the bad cache of all entries at or below 'name'. * * Requires: * \li bc to be a valid badcache * \li name != NULL / void dns_badcache_print(dns_badcache_t bc, const char cachename, FILE fp); /% Print the contents of badcache 'bc' (headed by the title 'cachename') * to file pointer 'fp'. * * Requires: * \li bc to be a valid badcache * \li cachename != NULL * \li fp != NULL / ISC_LANG_ENDDECLS #endif / DNS_BADCACHE_H / ��dns/compress.h��0000644��00000015607�15125204631�0007344 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_COMPRESS_H #define DNS_COMPRESS_H 1 #include <inttypes.h> #include <stdbool.h> #include <isc/lang.h> #include <isc/region.h> #include <dns/name.h> #include <dns/types.h> ISC_LANG_BEGINDECLS /! \file dns/compress.h * Direct manipulation of the structures is strongly discouraged. * * A name compression context handles compression of multiple DNS names * in relation to a single DNS message. The context can be used to * selectively turn on/off compression for specific names (depending on * the RR type) by using \c dns_compress_setmethods(). Alternately, * compression can be disabled completely using \c * dns_compress_disable(). * * \c dns_compress_setmethods() is intended for use by RDATA towire() * implementations, whereas \c dns_compress_disable() is intended to be * used by a nameserver's configuration manager. / #define DNS_COMPRESS_NONE 0x00 /%< no compression / #define DNS_COMPRESS_GLOBAL14 0x01 /%< "normal" compression. / #define DNS_COMPRESS_ALL 0x01 /%< all compression. / #define DNS_COMPRESS_CASESENSITIVE 0x02 /%< case sensitive compression. / #define DNS_COMPRESS_ENABLED 0x04 / * DNS_COMPRESS_TABLESIZE must be a power of 2. The compress code * utilizes this assumption. / #define DNS_COMPRESS_TABLEBITS 6 #define DNS_COMPRESS_TABLESIZE (1U << DNS_COMPRESS_TABLEBITS) #define DNS_COMPRESS_TABLEMASK (DNS_COMPRESS_TABLESIZE - 1) #define DNS_COMPRESS_INITIALNODES 24 #define DNS_COMPRESS_ARENA_SIZE 640 typedef struct dns_compressnode dns_compressnode_t; struct dns_compressnode { dns_compressnode_t next; uint16_t offset; uint16_t count; isc_region_t r; dns_name_t name; }; struct dns_compress { unsigned int magic; /%< Magic number. / unsigned int allowed; /%< Allowed methods. / int edns; /%< Edns version or -1. / /% Global compression table. / dns_compressnode_t table[DNS_COMPRESS_TABLESIZE]; /% Preallocated arena for names. / unsigned char arena[DNS_COMPRESS_ARENA_SIZE]; off_t arena_off; /% Preallocated nodes for the table. / dns_compressnode_t initialnodes[DNS_COMPRESS_INITIALNODES]; uint16_t count; /%< Number of nodes. / isc_mem_t mctx; /%< Memory context. / }; typedef enum { DNS_DECOMPRESS_ANY, /%< Any compression / DNS_DECOMPRESS_STRICT, /%< Allowed compression / DNS_DECOMPRESS_NONE /%< No compression / } dns_decompresstype_t; struct dns_decompress { unsigned int magic; /%< Magic number. / unsigned int allowed; /%< Allowed methods. / int edns; /%< Edns version or -1. / dns_decompresstype_t type; /%< Strict checking / }; isc_result_t dns_compress_init(dns_compress_t cctx, int edns, isc_mem_t mctx); /%< Initialise the compression context structure pointed to by * 'cctx'. A freshly initialized context has name compression * enabled, but no methods are set. Please use \c * dns_compress_setmethods() to set a compression method. * * Requires: * \li 'cctx' is a valid dns_compress_t structure. * \li 'mctx' is an initialized memory context. * Ensures: * \li cctx->global is initialized. * * Returns: * \li #ISC_R_SUCCESS / void dns_compress_invalidate(dns_compress_t cctx); /%< Invalidate the compression structure pointed to by cctx. * * Requires: \li 'cctx' to be initialized. / void dns_compress_setmethods(dns_compress_t cctx, unsigned int allowed); /%< * Sets allowed compression methods. * * Requires: \li 'cctx' to be initialized. / unsigned int dns_compress_getmethods(dns_compress_t cctx); /%< * Gets allowed compression methods. * * Requires: \li 'cctx' to be initialized. * Returns: \li allowed compression bitmap. / void dns_compress_disable(dns_compress_t cctx); /%< * Disables all name compression in the context. Once disabled, * name compression cannot currently be re-enabled. * * Requires: \li 'cctx' to be initialized. / void dns_compress_setsensitive(dns_compress_t cctx, bool sensitive); /* * Preserve the case of compressed domain names. * * Requires: * 'cctx' to be initialized. / bool dns_compress_getsensitive(dns_compress_t cctx); /* * Return whether case is to be preserved when compressing * domain names. * * Requires: * 'cctx' to be initialized. / int dns_compress_getedns(dns_compress_t cctx); /%< Gets edns value. * * Requires: \li 'cctx' to be initialized. * Returns: \li -1 .. 255 / bool dns_compress_findglobal(dns_compress_t cctx, const dns_name_t name, dns_name_t prefix, uint16_t offset); /%< Finds longest possible match of 'name' in the global compression table. * * Requires: \li 'cctx' to be initialized. \li 'name' to be a absolute name. \li 'prefix' to be initialized. \li 'offset' to point to an uint16_t. * * Ensures: \li 'prefix' and 'offset' are valid if true is returned. * Returns: \li #true / #false / void dns_compress_add(dns_compress_t cctx, const dns_name_t name, const dns_name_t prefix, uint16_t offset); /%< * Add compression pointers for 'name' to the compression table, * not replacing existing pointers. * * Requires: \li 'cctx' initialized \li 'name' must be initialized and absolute, and must remain valid until the message compression is complete. * \li 'prefix' must be a prefix returned by dns_compress_findglobal(), or the same as 'name'. / void dns_compress_rollback(dns_compress_t cctx, uint16_t offset); /%< Remove any compression pointers from global table >= offset. * * Requires: \li 'cctx' is initialized. / void dns_decompress_init(dns_decompress_t dctx, int edns, dns_decompresstype_t type); /%< * Initializes 'dctx'. * Records 'edns' and 'type' into the structure. * * Requires: \li 'dctx' to be a valid pointer. / void dns_decompress_invalidate(dns_decompress_t dctx); /%< * Invalidates 'dctx'. * * Requires: \li 'dctx' to be initialized / void dns_decompress_setmethods(dns_decompress_t dctx, unsigned int allowed); /%< * Sets 'dctx->allowed' to 'allowed'. * * Requires: \li 'dctx' to be initialized / unsigned int dns_decompress_getmethods(dns_decompress_t dctx); /%< * Returns 'dctx->allowed' * * Requires: \li 'dctx' to be initialized / int dns_decompress_edns(dns_decompress_t dctx); /%< * Returns 'dctx->edns' * * Requires: \li 'dctx' to be initialized / dns_decompresstype_t dns_decompress_type(dns_decompress_t dctx); /%< * Returns 'dctx->type' * * Requires: \li 'dctx' to be initialized / ISC_LANG_ENDDECLS #endif /* DNS_COMPRESS_H / ��dns/dyndb.h��0000644��00000011405�15125204631�0006601 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_DYNDB_H #define DNS_DYNDB_H #include <stdbool.h> #include <isc/types.h> #include <dns/types.h> ISC_LANG_BEGINDECLS /! * \brief * Context for initializing a dyndb module. * * This structure passes global server data to which a dyndb * module will need access -- the server memory context, hash * initializer, log context, etc. The structure doesn't persist * beyond configuring the dyndb module. The module's register function * should attach to all reference-counted variables and its destroy * function should detach from them. / struct dns_dyndbctx { unsigned int magic; const void hashinit; isc_mem_t mctx; isc_log_t lctx; dns_view_t view; dns_zonemgr_t zmgr; isc_task_t task; isc_timermgr_t timermgr; unsigned int memdebug; }; #define DNS_DYNDBCTX_MAGIC ISC_MAGIC('D', 'd', 'b', 'c') #define DNS_DYNDBCTX_VALID(d) ISC_MAGIC_VALID(d, DNS_DYNDBCTX_MAGIC) / * API version * * When the API changes, increment DNS_DYNDB_VERSION. If the * change is backward-compatible (e.g., adding a new function call * but not changing or removing an old one), increment DNS_DYNDB_AGE; * if not, set DNS_DYNDB_AGE to 0. / #ifndef DNS_DYNDB_VERSION #define DNS_DYNDB_VERSION 1 #define DNS_DYNDB_AGE 0 #endif / ifndef DNS_DYNDB_VERSION / typedef isc_result_t dns_dyndb_register_t(isc_mem_t mctx, const char name, const char parameters, const char file, unsigned long line, const dns_dyndbctx_t dctx, void *instp); /% * Called when registering a new driver instance. 'name' must be unique. * 'parameters' contains the driver configuration text. 'dctx' is the * initialization context set up in dns_dyndb_createctx(). * * 'instp' will be set to the driver instance handle if the function is successful. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li Other errors are possible / typedef void dns_dyndb_destroy_t(void *instp); /% * Destroy a driver instance. Dereference any reference-counted * variables passed in 'dctx' and 'inst' in the register function. * * \c instp must be set to \c NULL by the function before it returns. / typedef int dns_dyndb_version_t(unsigned int flags); /% * Return the API version number a dyndb module was compiled with. * * If the returned version number is no greater than than * DNS_DYNDB_VERSION, and no less than DNS_DYNDB_VERSION - DNS_DYNDB_AGE, * then the module is API-compatible with named. * * 'flags' is currently unused and may be NULL, but could be used in * the future to pass back driver capabilities or other information. / isc_result_t dns_dyndb_load(const char libname, const char name, const char parameters, const char file, unsigned long line, isc_mem_t mctx, const dns_dyndbctx_t dctx); /% * Load a dyndb module. * * This loads a dyndb module using dlopen() or equivalent, calls its register * function (see dns_dyndb_register_t above), and if successful, adds * the instance handle to a list of dyndb instances so it can be cleaned * up later. * * 'file' and 'line' can be used to indicate the name of the file and * the line number from which the parameters were taken, so that logged * error messages, if any, will display the correct locations. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li Other errors are possible / void dns_dyndb_cleanup(bool exiting); /% Shut down and destroy all running dyndb modules. * * 'exiting' indicates whether the server is shutting down, * as opposed to merely being reconfigured. / isc_result_t dns_dyndb_createctx(isc_mem_t mctx, const void hashinit, isc_log_t lctx, dns_view_t view, dns_zonemgr_t zmgr, isc_task_t task, isc_timermgr_t tmgr, dns_dyndbctx_t *dctxp); /% * Create a dyndb initialization context structure, with * pointers to structures in the server that the dyndb module will * need to access (view, zone manager, memory context, hash initializer, * etc). This structure is expected to last only until all dyndb * modules have been loaded and initialized; after that it will be * destroyed with dns_dyndb_destroyctx(). * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li Other errors are possible / void dns_dyndb_destroyctx(dns_dyndbctx_t *dctxp); /% * Destroys a dyndb initialization context structure; all * reference-counted members are detached and the structure is freed. / ISC_LANG_ENDDECLS #endif / DNS_DYNDB_H / ��dns/validator.h��0000644��00000015027�15125204631�0007472 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_VALIDATOR_H #define DNS_VALIDATOR_H 1 /** * Module Info **/ /! \file dns/validator.h * * \brief * DNS Validator * This is the BIND 9 validator, the module responsible for validating the * rdatasets and negative responses (messages). It makes use of zones in * the view and may fetch RRset to complete trust chains. It implements * DNSSEC as specified in RFC 4033, 4034 and 4035. * * Correct operation is critical to preventing spoofed answers from secure * zones being accepted. * * MP: \li The module ensures appropriate synchronization of data structures it creates and manipulates. * * Reliability: \li No anticipated impact. * Resources: \li TBS * Security: \li No anticipated impact. * Standards: \li RFCs: 1034, 1035, 2181, 4033, 4034, 4035. / #include <stdbool.h> #include <isc/event.h> #include <isc/lang.h> #include <isc/mutex.h> #include <dns/fixedname.h> #include <dns/rdataset.h> #include <dns/rdatastruct.h> /* for dns_rdata_rrsig_t / #include <dns/types.h> #include <dst/dst.h> /% * A dns_validatorevent_t is sent when a 'validation' completes. * \brief * 'name', 'rdataset', 'sigrdataset', and 'message' are the values that were * supplied when dns_validator_create() was called. They are returned to the * caller so that they may be freed. * * If the RESULT is ISC_R_SUCCESS and the answer is secure then * proofs[] will contain the names of the NSEC records that hold the * various proofs. Note the same name may appear multiple times. / typedef struct dns_validatorevent { ISC_EVENT_COMMON(struct dns_validatorevent); dns_validator_t validator; isc_result_t result; /* * Name and type of the response to be validated. / dns_name_t name; dns_rdatatype_t type; /* * Rdata and RRSIG (if any) for positive responses. / dns_rdataset_t rdataset; dns_rdataset_t sigrdataset; / * The full response. Required for negative responses. * Also required for positive wildcard responses. / dns_message_t message; /* * Proofs to be cached. / dns_name_t proofs[4]; /* * Optout proof seen. / bool optout; / * Answer is secure. / bool secure; } dns_validatorevent_t; #define DNS_VALIDATOR_NOQNAMEPROOF 0 #define DNS_VALIDATOR_NODATAPROOF 1 #define DNS_VALIDATOR_NOWILDCARDPROOF 2 #define DNS_VALIDATOR_CLOSESTENCLOSER 3 /% * A validator object represents a validation in progress. * \brief * Clients are strongly discouraged from using this type directly, with * the exception of the 'link' field, which may be used directly for * whatever purpose the client desires. / struct dns_validator { / Unlocked. / unsigned int magic; isc_mutex_t lock; dns_view_t view; /* Locked by lock. / unsigned int options; unsigned int attributes; dns_validatorevent_t event; dns_fetch_t fetch; dns_validator_t subvalidator; dns_validator_t parent; dns_keytable_t keytable; dst_key_t key; dns_rdata_rrsig_t siginfo; isc_task_t task; isc_taskaction_t action; void arg; unsigned int labels; dns_rdataset_t currentset; dns_rdataset_t keyset; dns_rdataset_t dsset; dns_rdataset_t fdsset; dns_rdataset_t frdataset; dns_rdataset_t fsigrdataset; dns_fixedname_t fname; dns_fixedname_t wild; dns_fixedname_t closest; ISC_LINK(dns_validator_t) link; bool mustbesecure; unsigned int depth; unsigned int authcount; unsigned int authfail; isc_stdtime_t start; bool failed; }; /% * dns_validator_create() options. / / obsolete: #define DNS_VALIDATOR_DLV 0x0001U / #define DNS_VALIDATOR_DEFER 0x0002U #define DNS_VALIDATOR_NOCDFLAG 0x0004U #define DNS_VALIDATOR_NONTA 0x0008U /% Ignore NTA table / ISC_LANG_BEGINDECLS isc_result_t dns_validator_create(dns_view_t view, dns_name_t name, dns_rdatatype_t type, dns_rdataset_t rdataset, dns_rdataset_t sigrdataset, dns_message_t message, unsigned int options, isc_task_t task, isc_taskaction_t action, void arg, dns_validator_t *validatorp); /%< * Start a DNSSEC validation. * * This validates a response to the question given by * 'name' and 'type'. * * To validate a positive response, the response data is * given by 'rdataset' and 'sigrdataset'. If 'sigrdataset' * is NULL, the data is presumed insecure and an attempt * is made to prove its insecurity by finding the appropriate * null key. * * The complete response message may be given in 'message', * to make available any authority section NSECs that may be * needed for validation of a response resulting from a * wildcard expansion (though no such wildcard validation * is implemented yet). If the complete response message * is not available, 'message' is NULL. * * To validate a negative response, the complete negative response * message is given in 'message'. The 'rdataset', and * 'sigrdataset' arguments must be NULL, but the 'name' and 'type' * arguments must be provided. * * The validation is performed in the context of 'view'. * * When the validation finishes, a dns_validatorevent_t with * the given 'action' and 'arg' are sent to 'task'. * Its 'result' field will be ISC_R_SUCCESS iff the * response was successfully proven to be either secure or * part of a known insecure domain. / void dns_validator_send(dns_validator_t validator); /%< Send a deferred validation request * * Requires: * 'validator' to points to a valid DNSSEC validator. / void dns_validator_cancel(dns_validator_t validator); /%< Cancel a DNSSEC validation in progress. * * Requires: \li 'validator' points to a valid DNSSEC validator, which may or may not already have completed. * * Ensures: \li It the validator has not already sent its completion event, it will send it with result code ISC_R_CANCELED. / void dns_validator_destroy(dns_validator_t validatorp); /%< * Destroy a DNSSEC validator. * * Requires: \li 'validatorp' points to a valid DNSSEC validator. * \li The validator must have completed and sent its completion * event. * * Ensures: \li All resources used by the validator are freed. / ISC_LANG_ENDDECLS #endif /* DNS_VALIDATOR_H / ��dns/ecs.h��0000644��00000002342�15125204631�0006253 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_ECS_H #define DNS_ECS_H 1 #include <inttypes.h> #include <isc/lang.h> #include <isc/netaddr.h> #include <isc/types.h> #include <dns/types.h> struct dns_ecs { isc_netaddr_t addr; uint8_t source; uint8_t scope; }; #define DNS_ECS_FORMATSIZE \ (ISC_NETADDR_FORMATSIZE + 8) / <address>/NNN/NNN \ / ISC_LANG_BEGINDECLS void dns_ecs_init(dns_ecs_t ecs); /%< Initialize a DNS ECS structure. * * Requires: * \li 'ecs' is not NULL and points to a valid dns_ecs structure. / void dns_ecs_format(dns_ecs_t ecs, char buf, size_t size); /%< * Format an ECS record as text. Result is guaranteed to be null-terminated. * * Requires: * \li 'ecs' is not NULL. * \li 'buf' is not NULL. * \li 'size' is at least DNS_ECS_FORMATSIZE / ISC_LANG_ENDDECLS #endif / DNS_ECS_H / ��dns/dns64.h��0000644��00000013130�15125204631�0006434 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_DNS64_H #define DNS_DNS64_H 1 #include <stdbool.h> #include <isc/lang.h> #include <dns/types.h> ISC_LANG_BEGINDECLS / * dns_dns64_create() flags. / #define DNS_DNS64_RECURSIVE_ONLY \ 0x01 / If set then this record \ * only applies to recursive \ * queries. \ / #define DNS_DNS64_BREAK_DNSSEC \ 0x02 / If set then still perform \ * DNSSEC synthesis even \ * though the result would \ * fail validation. \ / / * dns_dns64_aaaaok() and dns_dns64_aaaafroma() flags. / #define DNS_DNS64_RECURSIVE 0x01 / Recursive query. / #define DNS_DNS64_DNSSEC 0x02 / DNSSEC sensitive query. / isc_result_t dns_dns64_create(isc_mem_t mctx, const isc_netaddr_t prefix, unsigned int prefixlen, const isc_netaddr_t suffix, dns_acl_t client, dns_acl_t mapped, dns_acl_t excluded, unsigned int flags, dns_dns64_t dns64); / * Create a dns64 record which is used to identify the set of clients * it applies to and how to perform the DNS64 synthesis. * * 'prefix' and 'prefixlen' defined the leading bits of the AAAA records * to be synthesised. 'suffix' defines the bits after the A records bits. * If suffix is NULL zeros will be used for these bits. 'client' defines * for which clients this record applies. If 'client' is NULL then all * clients apply. 'mapped' defines which A records are candidated for * mapping. If 'mapped' is NULL then all A records will be mapped. * 'excluded' defines which AAAA are to be treated as non-existent for the * purposed of determining whether to perform synthesis. If 'excluded' is * NULL then no AAAA records prevent synthesis. * * If DNS_DNS64_RECURSIVE_ONLY is set then the record will only match if * DNS_DNS64_RECURSIVE is set when calling dns_dns64_aaaaok() and * dns_dns64_aaaafroma(). * * If DNS_DNS64_BREAK_DNSSEC is set then the record will still apply if * DNS_DNS64_DNSSEC is set when calling dns_dns64_aaaaok() and * dns_dns64_aaaafroma() otherwise the record will be ignored. * * Requires: * 'mctx' to be valid. * 'prefix' to be valid and the address family to AF_INET6. * 'prefixlen' to be one of 32, 40, 48, 56, 72 and 96. * the bits not covered by prefixlen in prefix to * be zero. * 'suffix' to be NULL or the address family be set to AF_INET6 * and the leading 'prefixlen' + 32 bits of the 'suffix' * to be zero. If 'prefixlen' is 40, 48 or 56 then the * the leading 'prefixlen' + 40 bits of 'suffix' must be * zero. * 'client' to be NULL or a valid acl. * 'mapped' to be NULL or a valid acl. * 'excluded' to be NULL or a valid acl. * * Returns: * ISC_R_SUCCESS * ISC_R_NOMEMORY / void dns_dns64_destroy(dns_dns64_t dns64p); / * Destroys a dns64 record. * * Requires the record to not be linked. / isc_result_t dns_dns64_aaaafroma(const dns_dns64_t dns64, const isc_netaddr_t reqaddr, const dns_name_t reqsigner, const dns_aclenv_t env, unsigned int flags, unsigned char a, unsigned char aaaa); / * dns_dns64_aaaafroma() determines whether to perform a DNS64 address * synthesis from 'a' based on 'dns64', 'reqaddr', 'reqsigner', 'env', * 'flags' and 'aaaa'. If synthesis is performed then the result is * written to 'aaaa'. * The synthesised address will be of the form: * * <prefix bits><a bits><suffix bits> * * If <a bits> straddle bits 64-71 of the AAAA record, then 8 zero bits will * be inserted at bits 64-71. * * Requires: * 'dns64' to be valid. * 'reqaddr' to be valid. * 'reqsigner' to be NULL or valid. * 'env' to be valid. * 'a' to point to a IPv4 address in network order. * 'aaaa' to point to a IPv6 address buffer in network order. * * Returns: * ISC_R_SUCCESS if synthesis was performed. * DNS_R_DISALLOWED if there is no match. / dns_dns64_t dns_dns64_next(dns_dns64_t dns64); / * Return the next dns64 record in the list. / void dns_dns64_append(dns_dns64list_t list, dns_dns64_t dns64); / * Append the dns64 record to the list. / void dns_dns64_unlink(dns_dns64list_t list, dns_dns64_t dns64); / * Unlink the dns64 record from the list. / bool dns_dns64_aaaaok(const dns_dns64_t dns64, const isc_netaddr_t reqaddr, const dns_name_t reqsigner, const dns_aclenv_t env, unsigned int flags, dns_rdataset_t rdataset, bool aaaaok, size_t aaaaoklen); / * Determine if there are any non-excluded AAAA records in from the * matching dns64 records in the list starting at 'dns64'. If there * is a non-excluded address return true. If all addresses are * excluded in the matched records return false. If no records * match then return true. * * If aaaaok is defined then dns_dns64_aaaaok() return a array of which * addresses in 'rdataset' were deemed to not be exclude by any matching * record. If there are no matching records then all entries are set * to true. * * Requires * 'rdataset' to be valid and to be for type AAAA and class IN. * 'aaaaoklen' must match the number of records in 'rdataset' * if 'aaaaok' in non NULL. / ISC_LANG_ENDDECLS #endif / DNS_DNS64_H / ��dns/zt.h��0000644��00000012171�15125204631�0006137 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_ZT_H #define DNS_ZT_H 1 /! \file dns/zt.h / #include <stdbool.h> #include <isc/lang.h> #include <isc/rwlock.h> #include <dns/types.h> #define DNS_ZTFIND_NOEXACT 0x01 #define DNS_ZTFIND_MIRROR 0x02 ISC_LANG_BEGINDECLS typedef isc_result_t (dns_zt_allloaded_t)(void arg); /%< * Method prototype: when all pending zone loads are complete, * the zone table can inform the caller via a callback function with * this signature. / typedef isc_result_t (dns_zt_zoneloaded_t)(dns_zt_t zt, dns_zone_t zone, isc_task_t task); /%< * Method prototype: when a zone finishes loading, the zt object * can be informed via a callback function with this signature. / isc_result_t dns_zt_create(isc_mem_t mctx, dns_rdataclass_t rdclass, dns_zt_t *zt); /%< * Creates a new zone table. * * Requires: * \li 'mctx' to be initialized. * * Returns: * \li #ISC_R_SUCCESS on success. * \li #ISC_R_NOMEMORY / isc_result_t dns_zt_mount(dns_zt_t zt, dns_zone_t zone); /%< * Mounts the zone on the zone table. * * Requires: * \li 'zt' to be valid * \li 'zone' to be valid * * Returns: * \li #ISC_R_SUCCESS * \li #ISC_R_EXISTS * \li #ISC_R_NOSPACE * \li #ISC_R_NOMEMORY / isc_result_t dns_zt_unmount(dns_zt_t zt, dns_zone_t zone); /%< * Unmount the given zone from the table. * * Requires: * 'zt' to be valid * \li 'zone' to be valid * * Returns: * \li #ISC_R_SUCCESS * \li #ISC_R_NOTFOUND * \li #ISC_R_NOMEMORY / isc_result_t dns_zt_find(dns_zt_t zt, const dns_name_t name, unsigned int options, dns_name_t foundname, dns_zone_t *zone); /%< * Find the best match for 'name' in 'zt'. If foundname is non NULL * then the name of the zone found is returned. * * Notes: * \li If the DNS_ZTFIND_NOEXACT is set, the best partial match (if any) * to 'name' will be returned. * * Requires: * \li 'zt' to be valid * \li 'name' to be valid * \li 'foundname' to be initialized and associated with a fixedname or NULL * \li 'zone' to be non NULL and 'zone' to be NULL * Returns: * \li #ISC_R_SUCCESS * \li #DNS_R_PARTIALMATCH * \li #ISC_R_NOTFOUND * \li #ISC_R_NOSPACE / void dns_zt_detach(dns_zt_t ztp); /%< * Detach the given zonetable, if the reference count goes to zero the * zonetable will be freed. In either case 'ztp' is set to NULL. * * Requires: * \li 'ztp' to be valid / void dns_zt_flushanddetach(dns_zt_t *ztp); /%< * Detach the given zonetable, if the reference count goes to zero the * zonetable will be flushed and then freed. In either case 'ztp' is * set to NULL. * * Requires: * \li 'ztp' to be valid / void dns_zt_attach(dns_zt_t zt, dns_zt_t ztp); /%< * Attach 'zt' to 'ztp'. * Requires: * \li 'zt' to be valid * \li 'ztp' to be NULL / isc_result_t dns_zt_load(dns_zt_t zt, bool stop, bool newonly); isc_result_t dns_zt_asyncload(dns_zt_t zt, bool newonly, dns_zt_allloaded_t alldone, void arg); /%< * Load all zones in the table. If 'stop' is true, * stop on the first error and return it. If 'stop' * is false, ignore errors. * * if newonly is set only zones that were never loaded are loaded. * dns_zt_asyncload() loads zones asynchronously; when all * zones in the zone table have finished loaded (or failed due * to errors), the caller is informed by calling 'alldone' * with an argument of 'arg'. * * Requires: * \li 'zt' to be valid / isc_result_t dns_zt_freezezones(dns_zt_t zt, dns_view_t view, bool freeze); /%< * Freeze/thaw updates to master zones. * Any pending updates will be flushed. * Zones will be reloaded on thaw. / isc_result_t dns_zt_apply(dns_zt_t zt, isc_rwlocktype_t lock, bool stop, isc_result_t sub, isc_result_t (action)(dns_zone_t , void ), void uap); /%< * Apply a given 'action' to all zone zones in the table. * If 'stop' is 'true' then walking the zone tree will stop if * 'action' does not return ISC_R_SUCCESS. * * Requires: * \li 'zt' to be valid. * \li 'action' to be non NULL. * * Returns: * \li ISC_R_SUCCESS if action was applied to all nodes. If 'stop' is * false and 'sub' is non NULL then the first error (if any) * reported by 'action' is returned in 'sub'; any error code from 'action'. / bool dns_zt_loadspending(dns_zt_t zt); /%< Returns true if and only if there are zones still waiting to * be loaded in zone table 'zt'. * * Requires: * \li 'zt' to be valid. / void dns_zt_setviewcommit(dns_zt_t zt); /%< Commit dns_zone_setview() calls previously made for all zones in this * zone table. * * Requires: \li 'view' to be valid. / void dns_zt_setviewrevert(dns_zt_t zt); /%< * Revert dns_zone_setview() calls previously made for all zones in this * zone table. * * Requires: \li 'view' to be valid. / ISC_LANG_ENDDECLS #endif /* DNS_ZT_H / ��dns/client.h��0000644��00000034277�15125204631�0006773 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_CLIENT_H #define DNS_CLIENT_H 1 /** * Module Info **/ /! \file * * \brief * The DNS client module provides convenient programming interfaces to various * DNS services, such as name resolution with or without DNSSEC validation or * dynamic DNS update. This module is primarily expected to be used by other * applications than BIND9-related ones that need such advanced DNS features. * * MP: \li In the typical usage of this module, application threads will not share the same data structures created and manipulated in this module. * However, the module still ensures appropriate synchronization of such * data structures. * * Resources: \li TBS * Security: \li This module does not handle any low-level data directly, and so no security issue specific to this module is anticipated. / #include <isc/event.h> #include <isc/sockaddr.h> #include <dns/tsig.h> #include <dns/types.h> #include <dst/dst.h> typedef enum { updateop_none = 0, updateop_add = 1, updateop_delete = 2, updateop_exist = 3, updateop_notexist = 4, updateop_max = 5 } dns_client_updateop_t; ISC_LANG_BEGINDECLS / * Types **/ /% * Optional flags for dns_client_create(x). / /%< Enable caching resolution results (experimental). / #define DNS_CLIENTCREATEOPT_USECACHE 0x8000 /% * Optional flags for dns_client_(start)resolve. / /%< Do not return DNSSEC data (e.g. RRSIGS) with response. / #define DNS_CLIENTRESOPT_NODNSSEC 0x01 /%< Allow running external context. / #define DNS_CLIENTRESOPT_RESERVED 0x02 /%< Don't validate responses. / #define DNS_CLIENTRESOPT_NOVALIDATE 0x04 /%< Don't set the CD flag on upstream queries. / #define DNS_CLIENTRESOPT_NOCDFLAG 0x08 /%< Use TCP transport. / #define DNS_CLIENTRESOPT_TCP 0x10 /% * Optional flags for dns_client_(start)request. / /%< Allow running external context. / #define DNS_CLIENTREQOPT_RESERVED 0x01 /%< Use TCP transport. / #define DNS_CLIENTREQOPT_TCP 0x02 /% * Optional flags for dns_client_(start)update. / /%< Allow running external context. / #define DNS_CLIENTUPDOPT_RESERVED 0x01 /%< Use TCP transport. / #define DNS_CLIENTUPDOPT_TCP 0x02 /% * View name used in dns_client. / #define DNS_CLIENTVIEW_NAME "_dnsclient" /% * A dns_clientresevent_t is sent when name resolution performed by a client * completes. 'result' stores the result code of the entire resolution * procedure. 'vresult' specifically stores the result code of DNSSEC * validation if it is performed. When name resolution successfully completes, * 'answerlist' is typically non empty, containing answer names along with * RRsets. It is the receiver's responsibility to free this list by calling * dns_client_freeresanswer() before freeing the event structure. / typedef struct dns_clientresevent { ISC_EVENT_COMMON(struct dns_clientresevent); isc_result_t result; isc_result_t vresult; dns_namelist_t answerlist; } dns_clientresevent_t; / too long? / /% * A dns_clientreqevent_t is sent when a DNS request is completed by a client. * 'result' stores the result code of the entire transaction. * If the transaction is successfully completed but the response packet cannot * be parsed, 'result' will store the result code of dns_message_parse(). * If the response packet is received, 'rmessage' will contain the response * message, whether it is successfully parsed or not. / typedef struct dns_clientreqevent { ISC_EVENT_COMMON(struct dns_clientreqevent); isc_result_t result; dns_message_t rmessage; } dns_clientreqevent_t; /* too long? / isc_result_t dns_client_create(isc_mem_t mctx, isc_appctx_t actx, isc_taskmgr_t taskmgr, isc_socketmgr_t socketmgr, isc_timermgr_t timermgr, unsigned int options, dns_client_t *clientp, const isc_sockaddr_t localaddr4, const isc_sockaddr_t localaddr6); /%< * Create a DNS client object with minimal internal resources, such as * a default view for the IN class and IPv4/IPv6 dispatches for the view. * * dns_client_create() takes 'manager' arguments so that the caller can * control the behavior of the client through the underlying event framework. * 'localaddr4' and 'localaddr6' specify the local addresses to use for * each address family; if both are set to NULL, then wildcard addresses * will be used for both families. If only one is NULL, then the other * address will be used as the local address, and the NULL protocol family * will not be used. * * Requires: * \li 'mctx' is a valid memory context. \li 'actx' is a valid application context. \li 'taskmgr' is a valid task manager. \li 'socketmgr' is a valid socket manager. \li 'timermgr' is a valid timer manager. \li clientp != NULL && clientp == NULL. * * Returns: * \li #ISC_R_SUCCESS On success. \li Anything else Failure. / void dns_client_destroy(dns_client_t *clientp); /%< * Destroy 'client'. * * Requires: * \li 'clientp' is a valid client. * * Ensures: * \li clientp == NULL. / isc_result_t dns_client_setservers(dns_client_t client, dns_rdataclass_t rdclass, const dns_name_t name_space, isc_sockaddrlist_t addrs); /%< Specify a list of addresses of recursive name servers that the client will * use for name resolution. A view for the 'rdclass' class must be created * beforehand. If 'name_space' is non NULL, the specified server will be used * if and only if the query name is a subdomain of 'name_space'. When servers * for multiple 'name_space's are provided, and a query name is covered by * more than one 'name_space', the servers for the best (longest) matching * name_space will be used. If 'name_space' is NULL, it works as if * dns_rootname (.) were specified. * * Requires: * \li 'client' is a valid client. \li 'name_space' is NULL or a valid name. \li 'addrs' != NULL. * Returns: * \li #ISC_R_SUCCESS On success. \li Anything else Failure. / isc_result_t dns_client_clearservers(dns_client_t client, dns_rdataclass_t rdclass, const dns_name_t name_space); /%< Remove configured recursive name servers for the 'rdclass' and 'name_space' * from the client. See the description of dns_client_setservers() for * the requirements about 'rdclass' and 'name_space'. * * Requires: * \li 'client' is a valid client. \li 'name_space' is NULL or a valid name. * Returns: * \li #ISC_R_SUCCESS On success. \li Anything else Failure. / isc_result_t dns_client_resolve(dns_client_t client, const dns_name_t name, dns_rdataclass_t rdclass, dns_rdatatype_t type, unsigned int options, dns_namelist_t namelist); isc_result_t dns_client_startresolve(dns_client_t client, const dns_name_t name, dns_rdataclass_t rdclass, dns_rdatatype_t type, unsigned int options, isc_task_t task, isc_taskaction_t action, void arg, dns_clientrestrans_t transp); /%< * Perform name resolution for 'name', 'rdclass', and 'type'. * * If any trusted keys are configured and the query name is considered to * belong to a secure zone, these functions also validate the responses * using DNSSEC by default. If the DNS_CLIENTRESOPT_NOVALIDATE flag is set * in 'options', DNSSEC validation is disabled regardless of the configured * trusted keys or the query name. With DNS_CLIENTRESOPT_NODNSSEC * DNSSEC data is not returned with response. DNS_CLIENTRESOPT_NOCDFLAG * disables the CD flag on queries, DNS_CLIENTRESOPT_TCP switches to * the TCP (vs. UDP) transport. * * dns_client_resolve() provides a synchronous service. This function starts * name resolution internally and blocks until it completes. On success, * 'namelist' will contain a list of answer names, each of which has * corresponding RRsets. The caller must provide a valid empty list, and * is responsible for freeing the list content via dns_client_freeresanswer(). * If the name resolution fails due to an error in DNSSEC validation, * dns_client_resolve() returns the result code indicating the validation * error. Otherwise, it returns the result code of the entire resolution * process, either success or failure. * * It is expected that the client object passed to dns_client_resolve() was * created via dns_client_create() and has external managers and contexts. * * dns_client_startresolve() is an asynchronous version of dns_client_resolve() * and does not block. When name resolution is completed, 'action' will be * called with the argument of a 'dns_clientresevent_t' object, which contains * the resulting list of answer names (on success). On return, 'transp' is set to an opaque transaction ID so that the caller can cancel this * resolution process. * * Requires: * \li 'client' is a valid client. \li 'addrs' != NULL. \li 'name' is a valid name. \li 'namelist' != NULL and is not empty. \li 'task' is a valid task. \li 'transp' != NULL && transp == NULL; * * Returns: * \li #ISC_R_SUCCESS On success. \li Anything else Failure. / void dns_client_cancelresolve(dns_clientrestrans_t trans); /%< * Cancel an ongoing resolution procedure started via * dns_client_startresolve(). * * Notes: * \li If the resolution procedure has not completed, post its CLIENTRESDONE event with a result code of #ISC_R_CANCELED. * * Requires: * \li 'trans' is a valid transaction ID. / void dns_client_destroyrestrans(dns_clientrestrans_t *transp); /%< * Destroy name resolution transaction state identified by 'transp'. * Requires: * \li 'transp' is a valid transaction ID. * \li The caller has received the CLIENTRESDONE event (either because the resolution completed or because dns_client_cancelresolve() was called). * * Ensures: * \li transp == NULL. / void dns_client_freeresanswer(dns_client_t client, dns_namelist_t namelist); /%< * Free resources allocated for the content of 'namelist'. * * Requires: * \li 'client' is a valid client. \li 'namelist' != NULL. / isc_result_t dns_client_addtrustedkey(dns_client_t client, dns_rdataclass_t rdclass, dns_rdatatype_t rdtype, const dns_name_t keyname, isc_buffer_t keydatabuf); /%< * Add a DNSSEC trusted key for the 'rdclass' class. A view for the 'rdclass' * class must be created beforehand. 'rdtype' is the type of the RR data * for the key, either DNSKEY or DS. 'keyname' is the DNS name of the key, * and 'keydatabuf' stores the RR data. * * Requires: * \li 'client' is a valid client. \li 'keyname' is a valid name. \li 'keydatabuf' is a valid buffer. * Returns: * \li #ISC_R_SUCCESS On success. \li Anything else Failure. / isc_result_t dns_client_request(dns_client_t client, dns_message_t qmessage, dns_message_t rmessage, const isc_sockaddr_t server, unsigned int options, unsigned int parseoptions, dns_tsec_t tsec, unsigned int timeout, unsigned int udptimeout, unsigned int udpretries); isc_result_t dns_client_startrequest(dns_client_t client, dns_message_t qmessage, dns_message_t rmessage, const isc_sockaddr_t server, unsigned int options, unsigned int parseoptions, dns_tsec_t tsec, unsigned int timeout, unsigned int udptimeout, unsigned int udpretries, isc_task_t task, isc_taskaction_t action, void arg, dns_clientreqtrans_t *transp); /%< * Send a DNS request containing a query message 'query' to 'server'. * * 'parseoptions' will be used when the response packet is parsed, and will be * passed to dns_message_parse() via dns_request_getresponse(). See * dns_message_parse() for more details. * * 'tsec' is a transaction security object containing, e.g. a TSIG key for * authenticating the request/response transaction. This is optional and can * be NULL, in which case this library performs the transaction without any * transaction authentication. * * 'timeout', 'udptimeout', and 'udpretries' are passed to * dns_request_createvia3(). See dns_request_createvia3() for more details. * * dns_client_request() provides a synchronous service. This function sends * the request and blocks until a response is received. On success, * 'rmessage' will contain the response message. The caller must provide a * valid initialized message. * * It is expected that the client object passed to dns_client_request() was * created via dns_client_create() and has external managers and contexts. * * dns_client_startrequest() is an asynchronous version of dns_client_request() * and does not block. When the transaction is completed, 'action' will be * called with the argument of a 'dns_clientreqevent_t' object, which contains * the response message (on success). On return, 'transp' is set to an opaque transaction ID so that the caller can cancel this request. * * DNS_CLIENTREQOPT_TCP switches to the TCP (vs. UDP) transport. * * Requires: * \li 'client' is a valid client. \li 'qmessage' and 'rmessage' are valid initialized message. \li 'server' is a valid socket address structure. \li 'task' is a valid task. \li 'transp' != NULL && transp == NULL; * * Returns: * \li #ISC_R_SUCCESS On success. \li Anything else Failure. \li Any result that dns_message_parse() can return. / void dns_client_cancelrequest(dns_clientreqtrans_t transp); /%< * Cancel an ongoing DNS request procedure started via * dns_client_startrequest(). * * Notes: * \li If the request procedure has not completed, post its CLIENTREQDONE event with a result code of #ISC_R_CANCELED. * * Requires: * \li 'trans' is a valid transaction ID. / void dns_client_destroyreqtrans(dns_clientreqtrans_t *transp); /% * Destroy DNS request transaction state identified by 'transp'. * Requires: * \li 'transp' is a valid transaction ID. * \li The caller has received the CLIENTREQDONE event (either because the request completed or because dns_client_cancelrequest() was called). * * Ensures: * \li transp == NULL. / ISC_LANG_ENDDECLS #endif / DNS_CLIENT_H / ��dns/secproto.h��0000644��00000003024�15125204631�0007335 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_SECPROTO_H #define DNS_SECPROTO_H 1 /! \file dns/secproto.h / #include <isc/lang.h> #include <dns/types.h> ISC_LANG_BEGINDECLS isc_result_t dns_secproto_fromtext(dns_secproto_t secprotop, isc_textregion_t source); /%< * Convert the text 'source' refers to into a DNSSEC security protocol value. * The text may contain either a mnemonic protocol name or a decimal protocol * number. * * Requires: \li 'secprotop' is a valid pointer. \li 'source' is a valid text region. * Returns: \li ISC_R_SUCCESS on success \li ISC_R_RANGE numeric type is out of range \li DNS_R_UNKNOWN mnemonic type is unknown / isc_result_t dns_secproto_totext(dns_secproto_t secproto, isc_buffer_t target); /%< * Put a textual representation of the DNSSEC security protocol 'secproto' * into 'target'. * * Requires: \li 'secproto' is a valid secproto. \li 'target' is a valid text buffer. * Ensures, * if the result is success: * \li The used space in 'target' is updated. * * Returns: \li ISC_R_SUCCESS on success \li ISC_R_NOSPACE target buffer is too small / ISC_LANG_ENDDECLS #endif / DNS_SECPROTO_H / ��dns/ttl.h��0000644��00000003524�15125204631�0006307 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_TTL_H #define DNS_TTL_H 1 /! \file dns/ttl.h / / * Imports */ #include <inttypes.h> #include <stdbool.h> #include <isc/lang.h> #include <isc/types.h> ISC_LANG_BEGINDECLS /* * Functions / isc_result_t dns_ttl_totext(uint32_t src, bool verbose, bool upcase, isc_buffer_t target); /%< Output a TTL or other time interval in a human-readable form. * The time interval is given as a count of seconds in 'src'. * The text representation is appended to 'target'. * * If 'verbose' is false, use the terse BIND 8 style, like "1w2d3h4m5s". * * If 'verbose' is true, use a verbose style like the SOA comments * in "dig", like "1 week 2 days 3 hours 4 minutes 5 seconds". * * If 'upcase' is true, we conform to the BIND 8 style in which * the unit letter is capitalized if there is only a single unit * letter to print (for example, "1m30s", but "2M") * * If 'upcase' is false, unit letters are always in lower case. * * Returns: * \li ISC_R_SUCCESS * \li ISC_R_NOSPACE / isc_result_t dns_counter_fromtext(isc_textregion_t source, uint32_t ttl); /%< * Converts a counter from either a plain number or a BIND 8 style value. * * Returns: \li ISC_R_SUCCESS \li DNS_R_SYNTAX / isc_result_t dns_ttl_fromtext(isc_textregion_t source, uint32_t ttl); /%< * Converts a ttl from either a plain number or a BIND 8 style value. * * Returns: \li ISC_R_SUCCESS \li DNS_R_BADTTL / ISC_LANG_ENDDECLS #endif / DNS_TTL_H / ��dns/log.h��0000644��00000007675�15125204631�0006300 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! \file dns/log.h / #ifndef DNS_LOG_H #define DNS_LOG_H 1 #include <isc/lang.h> #include <isc/log.h> LIBDNS_EXTERNAL_DATA extern isc_log_t dns_lctx; LIBDNS_EXTERNAL_DATA extern isc_logcategory_t dns_categories[]; LIBDNS_EXTERNAL_DATA extern isc_logmodule_t dns_modules[]; #define DNS_LOGCATEGORY_NOTIFY (&dns_categories[0]) #define DNS_LOGCATEGORY_DATABASE (&dns_categories[1]) #define DNS_LOGCATEGORY_SECURITY (&dns_categories[2]) /* DNS_LOGCATEGORY_CONFIG superseded by CFG_LOGCATEGORY_CONFIG / #define DNS_LOGCATEGORY_DNSSEC (&dns_categories[4]) #define DNS_LOGCATEGORY_RESOLVER (&dns_categories[5]) #define DNS_LOGCATEGORY_XFER_IN (&dns_categories[6]) #define DNS_LOGCATEGORY_XFER_OUT (&dns_categories[7]) #define DNS_LOGCATEGORY_DISPATCH (&dns_categories[8]) #define DNS_LOGCATEGORY_LAME_SERVERS (&dns_categories[9]) #define DNS_LOGCATEGORY_DELEGATION_ONLY (&dns_categories[10]) #define DNS_LOGCATEGORY_EDNS_DISABLED (&dns_categories[11]) #define DNS_LOGCATEGORY_RPZ (&dns_categories[12]) #define DNS_LOGCATEGORY_RRL (&dns_categories[13]) #define DNS_LOGCATEGORY_CNAME (&dns_categories[14]) #define DNS_LOGCATEGORY_SPILL (&dns_categories[15]) #define DNS_LOGCATEGORY_DNSTAP (&dns_categories[16]) #define DNS_LOGCATEGORY_ZONELOAD (&dns_categories[17]) #define DNS_LOGCATEGORY_NSID (&dns_categories[18]) / Backwards compatibility. / #define DNS_LOGCATEGORY_GENERAL ISC_LOGCATEGORY_GENERAL #define DNS_LOGMODULE_DB (&dns_modules[0]) #define DNS_LOGMODULE_RBTDB (&dns_modules[1]) #define DNS_LOGMODULE_RBT (&dns_modules[2]) #define DNS_LOGMODULE_RDATA (&dns_modules[3]) #define DNS_LOGMODULE_MASTER (&dns_modules[4]) #define DNS_LOGMODULE_MESSAGE (&dns_modules[5]) #define DNS_LOGMODULE_CACHE (&dns_modules[6]) #define DNS_LOGMODULE_CONFIG (&dns_modules[7]) #define DNS_LOGMODULE_RESOLVER (&dns_modules[8]) #define DNS_LOGMODULE_ZONE (&dns_modules[9]) #define DNS_LOGMODULE_JOURNAL (&dns_modules[10]) #define DNS_LOGMODULE_ADB (&dns_modules[11]) #define DNS_LOGMODULE_XFER_IN (&dns_modules[12]) #define DNS_LOGMODULE_XFER_OUT (&dns_modules[13]) #define DNS_LOGMODULE_ACL (&dns_modules[14]) #define DNS_LOGMODULE_VALIDATOR (&dns_modules[15]) #define DNS_LOGMODULE_DISPATCH (&dns_modules[16]) #define DNS_LOGMODULE_REQUEST (&dns_modules[17]) #define DNS_LOGMODULE_MASTERDUMP (&dns_modules[18]) #define DNS_LOGMODULE_TSIG (&dns_modules[19]) #define DNS_LOGMODULE_TKEY (&dns_modules[20]) #define DNS_LOGMODULE_SDB (&dns_modules[21]) #define DNS_LOGMODULE_DIFF (&dns_modules[22]) #define DNS_LOGMODULE_HINTS (&dns_modules[23]) #define DNS_LOGMODULE_UNUSED1 (&dns_modules[24]) #define DNS_LOGMODULE_DLZ (&dns_modules[25]) #define DNS_LOGMODULE_DNSSEC (&dns_modules[26]) #define DNS_LOGMODULE_CRYPTO (&dns_modules[27]) #define DNS_LOGMODULE_PACKETS (&dns_modules[28]) #define DNS_LOGMODULE_NTA (&dns_modules[29]) #define DNS_LOGMODULE_DYNDB (&dns_modules[30]) #define DNS_LOGMODULE_DNSTAP (&dns_modules[31]) #define DNS_LOGMODULE_SSU (&dns_modules[32]) ISC_LANG_BEGINDECLS void dns_log_init(isc_log_t lctx); /% Make the libdns categories and modules available for use with the * ISC logging library. * * Requires: \li lctx is a valid logging context. \li dns_log_init() is called only once. * Ensures: * \li The categories and modules defined above are available for * use by isc_log_usechannnel() and isc_log_write(). / void dns_log_setcontext(isc_log_t lctx); /% Make the libdns library use the provided context for logging internal * messages. * * Requires: \li lctx is a valid logging context. / ISC_LANG_ENDDECLS #endif /* DNS_LOG_H / ��dns/ncache.h��0000644��00000011540�15125204631�0006722 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_NCACHE_H #define DNS_NCACHE_H 1 /** * Module Info **/ /! \file dns/ncache.h \brief DNS Ncache * * XXX TBS XXX * * MP: \li The caller must ensure any required synchronization. * Reliability: \li No anticipated impact. * Resources: \li TBS * Security: \li No anticipated impact. * Standards: \li RFC2308 / #include <stdbool.h> #include <isc/lang.h> #include <isc/stdtime.h> #include <dns/types.h> ISC_LANG_BEGINDECLS /% _OMITDNSSEC: * Omit DNSSEC records when rendering. / #define DNS_NCACHETOWIRE_OMITDNSSEC 0x0001 isc_result_t dns_ncache_add(dns_message_t message, dns_db_t cache, dns_dbnode_t node, dns_rdatatype_t covers, isc_stdtime_t now, dns_ttl_t minttl, dns_ttl_t maxttl, dns_rdataset_t addedrdataset); isc_result_t dns_ncache_addoptout(dns_message_t message, dns_db_t cache, dns_dbnode_t node, dns_rdatatype_t covers, isc_stdtime_t now, dns_ttl_t minttl, dns_ttl_t maxttl, bool optout, dns_rdataset_t addedrdataset); /%< * Convert the authority data from 'message' into a negative cache * rdataset, and store it in 'cache' at 'node' with a TTL limited to * 'maxttl'. * * \li dns_ncache_add produces a negative cache entry with a trust of no * more than answer * \li dns_ncache_addoptout produces a negative cache entry which will have * a trust of secure if all the records that make up the entry are secure. * * The 'covers' argument is the RR type whose nonexistence we are caching, * or dns_rdatatype_any when caching a NXDOMAIN response. * * 'optout' indicates a DNS_RDATASETATTR_OPTOUT should be set. * * Note: \li If 'addedrdataset' is not NULL, then it will be attached to the added rdataset. See dns_db_addrdataset() for more details. * * Requires: \li 'message' is a valid message with a properly formatting negative cache authority section. * \li The requirements of dns_db_addrdataset() apply to 'cache', 'node', 'now', and 'addedrdataset'. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOSPACE * \li Any result code of dns_db_addrdataset() is a possible result code of dns_ncache_add(). / isc_result_t dns_ncache_towire(dns_rdataset_t rdataset, dns_compress_t cctx, isc_buffer_t target, unsigned int options, unsigned int countp); /%< * Convert the negative caching rdataset 'rdataset' to wire format, * compressing names as specified in 'cctx', and storing the result in * 'target'. If 'omit_dnssec' is set, DNSSEC records will not * be added to 'target'. * * Notes: \li The number of RRs added to target will be added to countp. * * Requires: \li 'rdataset' is a valid negative caching rdataset. \li 'rdataset' is not empty. \li 'countp' is a valid pointer. * Ensures: \li On a return of ISC_R_SUCCESS, 'target' contains a wire format for the data contained in 'rdataset'. Any error return leaves * the buffer unchanged. * \li countp has been incremented by the number of RRs added to * target. * * Returns: \li #ISC_R_SUCCESS - all ok \li #ISC_R_NOSPACE - 'target' doesn't have enough room * \li Any error returned by dns_rdata_towire(), dns_rdataset_next(), dns_name_towire(). / isc_result_t dns_ncache_getrdataset(dns_rdataset_t ncacherdataset, dns_name_t name, dns_rdatatype_t type, dns_rdataset_t rdataset); /%< Search the negative caching rdataset for an rdataset with the * specified name and type. * * Requires: \li 'ncacherdataset' is a valid negative caching rdataset. \li 'ncacherdataset' is not empty. \li 'name' is a valid name. \li 'type' is not SIG, or a meta-RR type. \li 'rdataset' is a valid disassociated rdataset. * Ensures: \li On a return of ISC_R_SUCCESS, 'rdataset' is bound to the found rdataset. * * Returns: \li #ISC_R_SUCCESS - the rdataset was found. \li #ISC_R_NOTFOUND - the rdataset was not found. * / isc_result_t dns_ncache_getsigrdataset(dns_rdataset_t ncacherdataset, dns_name_t name, dns_rdatatype_t covers, dns_rdataset_t rdataset); /%< Similar to dns_ncache_getrdataset() but get the rrsig that matches. / void dns_ncache_current(dns_rdataset_t ncacherdataset, dns_name_t found, dns_rdataset_t rdataset); /%< Extract the current rdataset and name from a ncache entry. * * Requires: * \li 'ncacherdataset' to be valid and to be a negative cache entry * \li 'found' to be valid. * \li 'rdataset' to be unassociated. / ISC_LANG_ENDDECLS #endif / DNS_NCACHE_H / ��dns/rdatatype.h��0000644��00000004362�15125204631�0007502 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_RDATATYPE_H #define DNS_RDATATYPE_H 1 /! \file dns/rdatatype.h / #include <isc/lang.h> #include <dns/types.h> ISC_LANG_BEGINDECLS isc_result_t dns_rdatatype_fromtext(dns_rdatatype_t typep, isc_textregion_t source); /%< * Convert the text 'source' refers to into a DNS rdata type. * * Requires: \li 'typep' is a valid pointer. \li 'source' is a valid text region. * Returns: \li ISC_R_SUCCESS on success \li DNS_R_UNKNOWN type is unknown / isc_result_t dns_rdatatype_totext(dns_rdatatype_t type, isc_buffer_t target); /%< Put a textual representation of type 'type' into 'target'. * * Requires: \li 'type' is a valid type. \li 'target' is a valid text buffer. * Ensures, * if the result is success: \li The used space in 'target' is updated. * Returns: \li #ISC_R_SUCCESS on success \li #ISC_R_NOSPACE target buffer is too small / isc_result_t dns_rdatatype_tounknowntext(dns_rdatatype_t type, isc_buffer_t target); /%< Put textual RFC3597 TYPEXXXX representation of type 'type' into * 'target'. * * Requires: \li 'type' is a valid type. \li 'target' is a valid text buffer. * Ensures, * if the result is success: \li The used space in 'target' is updated. * Returns: \li #ISC_R_SUCCESS on success \li #ISC_R_NOSPACE target buffer is too small / void dns_rdatatype_format(dns_rdatatype_t rdtype, char array, unsigned int size); /%< Format a human-readable representation of the type 'rdtype' * into the character array 'array', which is of size 'size'. * The resulting string is guaranteed to be null-terminated. / #define DNS_RDATATYPE_FORMATSIZE sizeof("NSEC3PARAM") /%< * Minimum size of array to pass to dns_rdatatype_format(). * May need to be adjusted if a new RR type with a very long * name is defined. / ISC_LANG_ENDDECLS #endif / DNS_RDATATYPE_H / ��dns/ds.h��0000644��00000003201�15125204631�0006102 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_DS_H #define DNS_DS_H 1 #include <isc/lang.h> #include <dns/rdatastruct.h> #include <dns/types.h> #define DNS_DSDIGEST_SHA1 (1) #define DNS_DSDIGEST_SHA256 (2) #define DNS_DSDIGEST_GOST (3) #define DNS_DSDIGEST_SHA384 (4) / * Assuming SHA-384 digest type. / #define DNS_DS_BUFFERSIZE (52) ISC_LANG_BEGINDECLS isc_result_t dns_ds_fromkeyrdata(const dns_name_t owner, dns_rdata_t key, dns_dsdigest_t digest_type, unsigned char digest, dns_rdata_ds_t dsrdata); /%< * Build a DS rdata structure from a key. * * Requires: \li key Points to a valid DNSKEY or CDNSKEY record. \li buffer Points to a buffer of at least * #ISC_MAX_MD_SIZE bytes. / isc_result_t dns_ds_buildrdata(dns_name_t owner, dns_rdata_t key, dns_dsdigest_t digest_type, unsigned char buffer, dns_rdata_t rdata); /%< * Similar to dns_ds_fromkeyrdata(), but copies the DS into a * dns_rdata object. * * Requires: \li key Points to a valid DNSKEY or CDNSKEY record. \li buffer Points to a buffer of at least * #DNS_DS_BUFFERSIZE bytes. \li rdata Points to an initialized dns_rdata_t. * Ensures: * \li rdata Contains a valid DS rdata. The 'data' member refers to 'buffer'. / ISC_LANG_ENDDECLS #endif / DNS_DS_H / ��dns/rcode.h��0000644��00000004650�15125204631�0006601 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_RCODE_H #define DNS_RCODE_H 1 /! \file dns/rcode.h / #include <isc/lang.h> #include <dns/types.h> ISC_LANG_BEGINDECLS isc_result_t dns_rcode_fromtext(dns_rcode_t rcodep, isc_textregion_t source); /%< * Convert the text 'source' refers to into a DNS error value. * * Requires: \li 'rcodep' is a valid pointer. \li 'source' is a valid text region. * Returns: \li #ISC_R_SUCCESS on success \li #DNS_R_UNKNOWN type is unknown / isc_result_t dns_rcode_totext(dns_rcode_t rcode, isc_buffer_t target); /%< Put a textual representation of error 'rcode' into 'target'. * * Requires: \li 'rcode' is a valid rcode. \li 'target' is a valid text buffer. * Ensures: \li If the result is success: The used space in 'target' is updated. * * Returns: \li #ISC_R_SUCCESS on success \li #ISC_R_NOSPACE target buffer is too small / isc_result_t dns_tsigrcode_fromtext(dns_rcode_t rcodep, isc_textregion_t source); /%< * Convert the text 'source' refers to into a TSIG/TKEY error value. * * Requires: \li 'rcodep' is a valid pointer. \li 'source' is a valid text region. * Returns: \li #ISC_R_SUCCESS on success \li #DNS_R_UNKNOWN type is unknown / isc_result_t dns_tsigrcode_totext(dns_rcode_t rcode, isc_buffer_t target); /%< Put a textual representation of TSIG/TKEY error 'rcode' into 'target'. * * Requires: \li 'rcode' is a valid TSIG/TKEY error code. \li 'target' is a valid text buffer. * Ensures: \li If the result is success: The used space in 'target' is updated. * * Returns: \li #ISC_R_SUCCESS on success \li #ISC_R_NOSPACE target buffer is too small / isc_result_t dns_hashalg_fromtext(unsigned char hashalg, isc_textregion_t source); /%< * Convert the text 'source' refers to into a has algorithm value. * * Requires: \li 'hashalg' is a valid pointer. \li 'source' is a valid text region. * Returns: \li #ISC_R_SUCCESS on success \li #DNS_R_UNKNOWN type is unknown / ISC_LANG_ENDDECLS #endif / DNS_RCODE_H / ��dns/soa.h��0000644��00000004203�15125204631�0006261 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_SOA_H #define DNS_SOA_H 1 /** * Module Info **/ /! \file dns/soa.h * \brief * SOA utilities. / / * Imports **/ #include <inttypes.h> #include <isc/lang.h> #include <isc/types.h> #include <dns/types.h> ISC_LANG_BEGINDECLS #define DNS_SOA_BUFFERSIZE ((2 DNS_NAME_MAXWIRE) + (4 * 5)) isc_result_t dns_soa_buildrdata(const dns_name_t origin, const dns_name_t contact, dns_rdataclass_t rdclass, uint32_t serial, uint32_t refresh, uint32_t retry, uint32_t expire, uint32_t minimum, unsigned char buffer, dns_rdata_t rdata); /%< Build the rdata of an SOA record. * * Requires: \li buffer Points to a temporary buffer of at least DNS_SOA_BUFFERSIZE bytes. \li rdata Points to an initialized dns_rdata_t. * Ensures: * \li rdata Contains a valid SOA rdata. The 'data' member refers to 'buffer'. / uint32_t dns_soa_getserial(dns_rdata_t rdata); uint32_t dns_soa_getrefresh(dns_rdata_t rdata); uint32_t dns_soa_getretry(dns_rdata_t rdata); uint32_t dns_soa_getexpire(dns_rdata_t rdata); uint32_t dns_soa_getminimum(dns_rdata_t rdata); /* * Extract an integer field from the rdata of a SOA record. * * Requires: * rdata refers to the rdata of a well-formed SOA record. / void dns_soa_setserial(uint32_t val, dns_rdata_t rdata); void dns_soa_setrefresh(uint32_t val, dns_rdata_t rdata); void dns_soa_setretry(uint32_t val, dns_rdata_t rdata); void dns_soa_setexpire(uint32_t val, dns_rdata_t rdata); void dns_soa_setminimum(uint32_t val, dns_rdata_t rdata); /* * Change an integer field of a SOA record by modifying the * rdata in-place. * * Requires: * rdata refers to the rdata of a well-formed SOA record. / ISC_LANG_ENDDECLS #endif / DNS_SOA_H / ��dns/secalg.h��0000644��00000003251�15125204631�0006737 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_SECALG_H #define DNS_SECALG_H 1 /! \file dns/secalg.h / #include <isc/lang.h> #include <dns/types.h> ISC_LANG_BEGINDECLS isc_result_t dns_secalg_fromtext(dns_secalg_t secalgp, isc_textregion_t source); /%< * Convert the text 'source' refers to into a DNSSEC security algorithm value. * The text may contain either a mnemonic algorithm name or a decimal algorithm * number. * * Requires: \li 'secalgp' is a valid pointer. \li 'source' is a valid text region. * Returns: \li ISC_R_SUCCESS on success \li ISC_R_RANGE numeric type is out of range \li DNS_R_UNKNOWN mnemonic type is unknown / isc_result_t dns_secalg_totext(dns_secalg_t secalg, isc_buffer_t target); /%< * Put a textual representation of the DNSSEC security algorithm 'secalg' * into 'target'. * * Requires: \li 'secalg' is a valid secalg. \li 'target' is a valid text buffer. * Ensures, * if the result is success: \li The used space in 'target' is updated. * Returns: \li ISC_R_SUCCESS on success \li ISC_R_NOSPACE target buffer is too small / #define DNS_SECALG_FORMATSIZE 20 void dns_secalg_format(dns_secalg_t alg, char cp, unsigned int size); /%< Wrapper for dns_secalg_totext(), writing text into 'cp' / ISC_LANG_ENDDECLS #endif / DNS_SECALG_H / ��dns/resolver.h��0000644��00000047270�15125204631�0007353 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_RESOLVER_H #define DNS_RESOLVER_H 1 /** * Module Info **/ /! \file dns/resolver.h * * \brief * This is the BIND 9 resolver, the module responsible for resolving DNS * requests by iteratively querying authoritative servers and following * referrals. This is a "full resolver", not to be confused with * the stub resolvers most people associate with the word "resolver". * The full resolver is part of the caching name server or resolver * daemon the stub resolver talks to. * * MP: \li The module ensures appropriate synchronization of data structures it creates and manipulates. * * Reliability: \li No anticipated impact. * Resources: \li TBS * Security: \li No anticipated impact. * Standards: \li RFCs: 1034, 1035, 2181, TBS \li Drafts: TBS / #include <inttypes.h> #include <stdbool.h> #include <isc/lang.h> #include <isc/socket.h> #include <isc/stats.h> #include <dns/fixedname.h> #include <dns/types.h> ISC_LANG_BEGINDECLS /% * A dns_fetchevent_t is sent when a 'fetch' completes. Any of 'db', * 'node', 'rdataset', and 'sigrdataset' may be bound. It is the * receiver's responsibility to detach before freeing the event. * \brief * 'rdataset', 'sigrdataset', 'client' and 'id' are the values that were * supplied when dns_resolver_createfetch() was called. They are returned * to the caller so that they may be freed. / typedef struct dns_fetchevent { ISC_EVENT_COMMON(struct dns_fetchevent); dns_fetch_t fetch; isc_result_t result; dns_rdatatype_t qtype; dns_db_t db; dns_dbnode_t node; dns_rdataset_t rdataset; dns_rdataset_t sigrdataset; dns_fixedname_t foundname; const isc_sockaddr_t client; dns_messageid_t id; isc_result_t vresult; } dns_fetchevent_t; /% * The two quota types (fetches-per-zone and fetches-per-server) / typedef enum { dns_quotatype_zone = 0, dns_quotatype_server } dns_quotatype_t; / * Options that modify how a 'fetch' is done. / #define DNS_FETCHOPT_TCP 0x00000001 /%< Use TCP. / #define DNS_FETCHOPT_UNSHARED 0x00000002 /%< See below. / #define DNS_FETCHOPT_RECURSIVE 0x00000004 /%< Set RD? / #define DNS_FETCHOPT_NOEDNS0 0x00000008 /%< Do not use EDNS. / #define DNS_FETCHOPT_FORWARDONLY 0x00000010 /%< Only use forwarders. / #define DNS_FETCHOPT_NOVALIDATE 0x00000020 /%< Disable validation. / #define DNS_FETCHOPT_EDNS512 \ 0x00000040 /%< Advertise a 512 byte \ * UDP buffer. / #define DNS_FETCHOPT_WANTNSID 0x00000080 /%< Request NSID / #define DNS_FETCHOPT_PREFETCH 0x00000100 /%< Do prefetch / #define DNS_FETCHOPT_NOCDFLAG 0x00000200 /%< Don't set CD flag. / #define DNS_FETCHOPT_NONTA 0x00000400 /%< Ignore NTA table. / / RESERVED ECS 0x00000000 / / RESERVED ECS 0x00001000 / / RESERVED ECS 0x00002000 / / RESERVED TCPCLIENT 0x00004000 / #define DNS_FETCHOPT_NOCACHED 0x00008000 /%< Force cache update. / #define DNS_FETCHOPT_QMINIMIZE \ 0x00010000 /%< Use qname \ * minimization. / #define DNS_FETCHOPT_NOFOLLOW \ 0x00020000 /%< Don't follow \ * delegations / #define DNS_FETCHOPT_QMIN_STRICT \ 0x00040000 /%< Do not work around \ * servers that return \ * errors on non-empty \ * terminals. / #define DNS_FETCHOPT_QMIN_USE_A \ 0x00080000 /%< Use A type queries \ * instead of NS when \ * doing minimization / #define DNS_FETCHOPT_QMIN_SKIP_IP6A \ 0x00100000 /%< Skip some labels \ * when doing qname \ * minimization on \ * ip6.arpa. / #define DNS_FETCHOPT_NOFORWARD \ 0x00200000 /%< Do not use forwarders \ * if possible. / / Reserved in use by adb.c 0x00400000 / #define DNS_FETCHOPT_EDNSVERSIONSET 0x00800000 #define DNS_FETCHOPT_EDNSVERSIONMASK 0xff000000 #define DNS_FETCHOPT_EDNSVERSIONSHIFT 24 #define DNS_FETCHOPT_TRYSTALE_ONTIMEOUT 0x01000000 / * Upper bounds of class of query RTT (ms). Corresponds to * dns_resstatscounter_queryrttX statistics counters. / #define DNS_RESOLVER_QRYRTTCLASS0 10 #define DNS_RESOLVER_QRYRTTCLASS0STR "10" #define DNS_RESOLVER_QRYRTTCLASS1 100 #define DNS_RESOLVER_QRYRTTCLASS1STR "100" #define DNS_RESOLVER_QRYRTTCLASS2 500 #define DNS_RESOLVER_QRYRTTCLASS2STR "500" #define DNS_RESOLVER_QRYRTTCLASS3 800 #define DNS_RESOLVER_QRYRTTCLASS3STR "800" #define DNS_RESOLVER_QRYRTTCLASS4 1600 #define DNS_RESOLVER_QRYRTTCLASS4STR "1600" / * XXXRTH Should this API be made semi-private? (I.e. * _dns_resolver_create()). / #define DNS_RESOLVER_CHECKNAMES 0x01 #define DNS_RESOLVER_CHECKNAMESFAIL 0x02 #define DNS_QMIN_MAXLABELS 7 #define DNS_QMIN_MAX_NO_DELEGATION 3 #define DNS_MAX_LABELS 127 isc_result_t dns_resolver_create(dns_view_t view, isc_taskmgr_t taskmgr, unsigned int ntasks, unsigned int ndisp, isc_socketmgr_t socketmgr, isc_timermgr_t timermgr, unsigned int options, dns_dispatchmgr_t dispatchmgr, dns_dispatch_t dispatchv4, dns_dispatch_t dispatchv6, dns_resolver_t *resp); /%< * Create a resolver. * * Notes: * \li Generally, applications should not create a resolver directly, but should instead call dns_view_createresolver(). * * Requires: * \li 'view' is a valid view. \li 'taskmgr' is a valid task manager. \li 'ntasks' > 0. \li 'socketmgr' is a valid socket manager. \li 'timermgr' is a valid timer manager. \li 'dispatchv4' is a dispatch with an IPv4 UDP socket, or is NULL. If not NULL, 'ndisp' clones of it will be created by the resolver. * \li 'dispatchv6' is a dispatch with an IPv6 UDP socket, or is NULL. If not NULL, 'ndisp' clones of it will be created by the resolver. * \li resp != NULL && resp == NULL. * * Returns: * \li #ISC_R_SUCCESS On success. \li Anything else Failure. / void dns_resolver_freeze(dns_resolver_t res); /%< * Freeze resolver. * * Notes: * \li Certain configuration changes cannot be made after the resolver is frozen. Fetches cannot be created until the resolver is frozen. * * Requires: * \li 'res' is a valid resolver. * Ensures: * \li 'res' is frozen. / void dns_resolver_prime(dns_resolver_t res); /%< * Prime resolver. * * Notes: * \li Resolvers which have a forwarding policy other than dns_fwdpolicy_only need to be primed with the root nameservers, otherwise the root * nameserver hints data may be used indefinitely. This function requests * that the resolver start a priming fetch, if it isn't already priming. * * Requires: * \li 'res' is a valid, frozen resolver. / void dns_resolver_whenshutdown(dns_resolver_t res, isc_task_t task, isc_event_t *eventp); /%< * Send 'eventp' to 'task' when 'res' has completed shutdown. * Notes: * \li It is not safe to detach the last reference to 'res' until shutdown is complete. * * Requires: * \li 'res' is a valid resolver. \li 'task' is a valid task. \li eventp is a valid event. * * Ensures: * \li eventp == NULL. / void dns_resolver_shutdown(dns_resolver_t res); /%< Start the shutdown process for 'res'. * * Notes: * \li This call has no effect if the resolver is already shutting down. * Requires: * \li 'res' is a valid resolver. / void dns_resolver_attach(dns_resolver_t source, dns_resolver_t targetp); void dns_resolver_detach(dns_resolver_t resp); isc_result_t dns_resolver_createfetch(dns_resolver_t res, const dns_name_t name, dns_rdatatype_t type, const dns_name_t domain, dns_rdataset_t nameservers, dns_forwarders_t forwarders, const isc_sockaddr_t client, dns_messageid_t id, unsigned int options, unsigned int depth, isc_counter_t qc, isc_task_t task, isc_taskaction_t action, void arg, dns_rdataset_t rdataset, dns_rdataset_t sigrdataset, dns_fetch_t *fetchp); /%< * Recurse to answer a question. * * Notes: * \li This call starts a query for 'name', type 'type'. \li The 'domain' is a parent domain of 'name' for which a set of name servers 'nameservers' is known. If no * such name server information is available, set * 'domain' and 'nameservers' to NULL. * \li 'forwarders' is unimplemented, and subject to change when we figure out how selective forwarding will work. * \li When the fetch completes (successfully or otherwise), a #DNS_EVENT_FETCHDONE event with action 'action' and arg 'arg' will be * posted to 'task'. * \li The values of 'rdataset' and 'sigrdataset' will be returned in the FETCHDONE event. * \li 'client' and 'id' are used for duplicate query detection. 'client' * must remain stable until after 'action' has been called or * dns_resolver_cancelfetch() is called. * * Requires: * \li 'res' is a valid resolver that has been frozen. \li 'name' is a valid name. \li 'type' is not a meta type other than ANY. \li 'domain' is a valid name or NULL. \li 'nameservers' is a valid NS rdataset (whose owner name is 'domain') iff. 'domain' is not NULL. * \li 'forwarders' is NULL. \li 'client' is a valid sockaddr or NULL. \li 'options' contains valid options. \li 'rdataset' is a valid, disassociated rdataset. \li 'sigrdataset' is NULL, or is a valid, disassociated rdataset. \li fetchp != NULL && fetchp == NULL. * * Returns: * \li #ISC_R_SUCCESS Success \li #DNS_R_DUPLICATE \li #DNS_R_DROP \li Many other values are possible, all of which indicate failure. / void dns_resolver_cancelfetch(dns_fetch_t fetch); /%< * Cancel 'fetch'. * * Notes: * \li If 'fetch' has not completed, post its FETCHDONE event with a result code of #ISC_R_CANCELED. * * Requires: * \li 'fetch' is a valid fetch. / void dns_resolver_destroyfetch(dns_fetch_t *fetchp); /%< * Destroy 'fetch'. * * Requires: * \li 'fetchp' is a valid fetch. * \li The caller has received the FETCHDONE event (either because the fetch completed or because dns_resolver_cancelfetch() was called). * * Ensures: * \li fetchp == NULL. / void dns_resolver_logfetch(dns_fetch_t fetch, isc_log_t lctx, isc_logcategory_t category, isc_logmodule_t module, int level, bool duplicateok); /%< * Dump a log message on internal state at the completion of given 'fetch'. * 'lctx', 'category', 'module', and 'level' are used to write the log message. * By default, only one log message is written even if the corresponding fetch * context serves multiple clients; if 'duplicateok' is true the suppression * is disabled and the message can be written every time this function is * called. * * Requires: * \li 'fetch' is a valid fetch, and has completed. / dns_dispatchmgr_t * dns_resolver_dispatchmgr(dns_resolver_t resolver); dns_dispatch_t dns_resolver_dispatchv4(dns_resolver_t resolver); dns_dispatch_t dns_resolver_dispatchv6(dns_resolver_t resolver); isc_socketmgr_t dns_resolver_socketmgr(dns_resolver_t resolver); isc_taskmgr_t dns_resolver_taskmgr(dns_resolver_t resolver); uint32_t dns_resolver_getlamettl(dns_resolver_t resolver); /%< Get the resolver's lame-ttl. zero => no lame processing. * * Requires: \li 'resolver' to be valid. / void dns_resolver_setlamettl(dns_resolver_t resolver, uint32_t lame_ttl); /%< * Set the resolver's lame-ttl. zero => no lame processing. * * Requires: \li 'resolver' to be valid. / isc_result_t dns_resolver_addalternate(dns_resolver_t resolver, const isc_sockaddr_t alt, const dns_name_t name, in_port_t port); /%< * Add alternate addresses to be tried in the event that the nameservers * for a zone are not available in the address families supported by the * operating system. * * Require: * \li only one of 'name' or 'alt' to be valid. / void dns_resolver_setudpsize(dns_resolver_t resolver, uint16_t udpsize); /%< Set the EDNS UDP buffer size advertised by the server. / uint16_t dns_resolver_getudpsize(dns_resolver_t resolver); /%< Get the current EDNS UDP buffer size. / void dns_resolver_reset_algorithms(dns_resolver_t resolver); /%< Clear the disabled DNSSEC algorithms. / void dns_resolver_reset_ds_digests(dns_resolver_t resolver); /%< Clear the disabled DS digest types. / isc_result_t dns_resolver_disable_algorithm(dns_resolver_t resolver, const dns_name_t name, unsigned int alg); /%< * Mark the given DNSSEC algorithm as disabled and below 'name'. * Valid algorithms are less than 256. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_RANGE \li #ISC_R_NOMEMORY / isc_result_t dns_resolver_disable_ds_digest(dns_resolver_t resolver, const dns_name_t name, unsigned int digest_type); /%< Mark the given DS digest type as disabled and below 'name'. * Valid types are less than 256. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_RANGE \li #ISC_R_NOMEMORY / bool dns_resolver_algorithm_supported(dns_resolver_t resolver, const dns_name_t name, unsigned int alg); /%< Check if the given algorithm is supported by this resolver. * This checks whether the algorithm has been disabled via * dns_resolver_disable_algorithm(), then checks the underlying * crypto libraries if it was not specifically disabled. / bool dns_resolver_ds_digest_supported(dns_resolver_t resolver, const dns_name_t name, unsigned int digest_type); /%< * Check if the given digest type is supported by this resolver. * This checks whether the digest type has been disabled via * dns_resolver_disable_ds_digest(), then checks the underlying * crypto libraries if it was not specifically disabled. / void dns_resolver_resetmustbesecure(dns_resolver_t resolver); isc_result_t dns_resolver_setmustbesecure(dns_resolver_t resolver, const dns_name_t name, bool value); bool dns_resolver_getmustbesecure(dns_resolver_t resolver, const dns_name_t name); void dns_resolver_settimeout(dns_resolver_t resolver, unsigned int timeout); /%< * Set the length of time the resolver will work on a query, in milliseconds. * * 'timeout' was originally defined in seconds, and later redefined to be in * milliseconds. Values less than or equal to 300 are treated as seconds. * * If timeout is 0, the default timeout will be applied. * * Requires: * \li resolver to be valid. / unsigned int dns_resolver_gettimeout(dns_resolver_t resolver); /%< Get the current length of time the resolver will work on a query, * in milliseconds. * * Requires: * \li resolver to be valid. / void dns_resolver_setclientsperquery(dns_resolver_t resolver, uint32_t min, uint32_t max); void dns_resolver_setfetchesperzone(dns_resolver_t resolver, uint32_t clients); void dns_resolver_getclientsperquery(dns_resolver_t resolver, uint32_t cur, uint32_t min, uint32_t max); bool dns_resolver_getzeronosoattl(dns_resolver_t resolver); void dns_resolver_setzeronosoattl(dns_resolver_t resolver, bool state); unsigned int dns_resolver_getretryinterval(dns_resolver_t resolver); void dns_resolver_setretryinterval(dns_resolver_t resolver, unsigned int interval); /%< * Sets the amount of time, in milliseconds, that is waited for a reply * to a server before another server is tried. Interacts with the * value of dns_resolver_getnonbackofftries() by trying that number of times * at this interval, before doing exponential backoff and doubling the interval * on each subsequent try, to a maximum of 10 seconds. Defaults to 800 ms; * silently capped at 2000 ms. * * Requires: * \li resolver to be valid. * \li interval > 0. / unsigned int dns_resolver_getnonbackofftries(dns_resolver_t resolver); void dns_resolver_setnonbackofftries(dns_resolver_t resolver, unsigned int tries); /%< * Sets the number of failures of getting a reply from remote servers for * a query before backing off by doubling the retry interval for each * subsequent request sent. Defaults to 3. * * Requires: * \li resolver to be valid. * \li tries > 0. / unsigned int dns_resolver_getoptions(dns_resolver_t resolver); /%< Get the resolver options. * * Requires: * \li resolver to be valid. / void dns_resolver_addbadcache(dns_resolver_t resolver, const dns_name_t name, dns_rdatatype_t type, isc_time_t expire); /%< Add a entry to the bad cache for <name,type> that will expire at 'expire'. * * Requires: * \li resolver to be valid. * \li name to be valid. / bool dns_resolver_getbadcache(dns_resolver_t resolver, const dns_name_t name, dns_rdatatype_t type, isc_time_t now); /%< Check to see if there is a unexpired entry in the bad cache for * <name,type>. * * Requires: * \li resolver to be valid. * \li name to be valid. / void dns_resolver_flushbadcache(dns_resolver_t resolver, const dns_name_t name); /%< * Flush the bad cache of all entries at 'name' if 'name' is non NULL. * Flush the entire bad cache if 'name' is NULL. * * Requires: * \li resolver to be valid. / void dns_resolver_flushbadnames(dns_resolver_t resolver, const dns_name_t name); /%< * Flush the bad cache of all entries at or below 'name'. * * Requires: * \li resolver to be valid. * \li name != NULL / void dns_resolver_printbadcache(dns_resolver_t resolver, FILE fp); /% * Print out the contents of the bad cache to 'fp'. * * Requires: * \li resolver to be valid. / void dns_resolver_setquerydscp4(dns_resolver_t resolver, isc_dscp_t dscp); isc_dscp_t dns_resolver_getquerydscp4(dns_resolver_t resolver); void dns_resolver_setquerydscp6(dns_resolver_t resolver, isc_dscp_t dscp); isc_dscp_t dns_resolver_getquerydscp6(dns_resolver_t resolver); /% * Get and set the DSCP values for the resolver's IPv4 and IPV6 query * sources. * * Requires: * \li resolver to be valid. / void dns_resolver_setmaxdepth(dns_resolver_t resolver, unsigned int maxdepth); unsigned int dns_resolver_getmaxdepth(dns_resolver_t resolver); /% * Get and set how many NS indirections will be followed when looking for * nameserver addresses. * * Requires: * \li resolver to be valid. / void dns_resolver_setmaxqueries(dns_resolver_t resolver, unsigned int queries); unsigned int dns_resolver_getmaxqueries(dns_resolver_t resolver); /% * Get and set how many iterative queries will be allowed before * terminating a recursive query. * * Requires: * \li resolver to be valid. / void dns_resolver_setquotaresponse(dns_resolver_t resolver, dns_quotatype_t which, isc_result_t resp); isc_result_t dns_resolver_getquotaresponse(dns_resolver_t resolver, dns_quotatype_t which); /% * Get and set the result code that will be used when quotas * are exceeded. If 'which' is set to quotatype "zone", then the * result specified in 'resp' will be used when the fetches-per-zone * quota is exceeded by a fetch. If 'which' is set to quotatype "server", * then the result specified in 'resp' will be used when the * fetches-per-server quota has been exceeded for all the * authoritative servers for a zone. Valid choices are * DNS_R_DROP or DNS_R_SERVFAIL. * * Requires: * \li 'resolver' to be valid. * \li 'which' to be dns_quotatype_zone or dns_quotatype_server * \li 'resp' to be DNS_R_DROP or DNS_R_SERVFAIL. / void dns_resolver_dumpfetches(dns_resolver_t resolver, isc_statsformat_t format, FILE fp); #ifdef ENABLE_AFL /% * Enable fuzzing of resolver, changes behaviour and eliminates retries / void dns_resolver_setfuzzing(void); #endif / ifdef ENABLE_AFL / ISC_LANG_ENDDECLS #endif / DNS_RESOLVER_H / ��dns/xfrin.h��0000644��00000004412�15125204631�0006627 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_XFRIN_H #define DNS_XFRIN_H 1 /** * Module Info **/ /! \file dns/xfrin.h * \brief * Incoming zone transfers (AXFR + IXFR). / / * Imports */ #include <isc/lang.h> #include <dns/types.h> /* * Types / /% * A transfer in progress. This is an opaque type. / typedef struct dns_xfrin_ctx dns_xfrin_ctx_t; / * Functions **/ ISC_LANG_BEGINDECLS isc_result_t dns_xfrin_create(dns_zone_t zone, dns_rdatatype_t xfrtype, const isc_sockaddr_t masteraddr, const isc_sockaddr_t sourceaddr, isc_dscp_t dscp, dns_tsigkey_t tsigkey, isc_mem_t mctx, isc_timermgr_t timermgr, isc_socketmgr_t socketmgr, isc_task_t task, dns_xfrindone_t done, dns_xfrin_ctx_t xfrp); /%< * Attempt to start an incoming zone transfer of 'zone' * from 'masteraddr', creating a dns_xfrin_ctx_t object to * manage it. Attach 'xfrp' to the newly created object. * Iff ISC_R_SUCCESS is returned, 'done' is guaranteed to be called in the context of 'task', with 'zone' and a result * code as arguments when the transfer finishes. * * Requires: \li 'xfrtype' is dns_rdatatype_axfr, dns_rdatatype_ixfr or dns_rdatatype_soa (soa query followed by axfr if * serial is greater than current serial). * \li If 'xfrtype' is dns_rdatatype_ixfr or dns_rdatatype_soa, the zone has a database. / void dns_xfrin_shutdown(dns_xfrin_ctx_t xfr); /%< If the zone transfer 'xfr' has already finished, * do nothing. Otherwise, abort it and cause it to call * its done callback with a status of ISC_R_CANCELED. / void dns_xfrin_detach(dns_xfrin_ctx_t xfrp); /%< * Detach a reference to a zone transfer object. * Caller to maintain external locking if required. / void dns_xfrin_attach(dns_xfrin_ctx_t source, dns_xfrin_ctx_t *target); /%< * Caller to maintain external locking if required. / ISC_LANG_ENDDECLS #endif / DNS_XFRIN_H / ��dns/callbacks.h��0000644��00000004350�15125204631�0007421 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_CALLBACKS_H #define DNS_CALLBACKS_H 1 /! \file dns/callbacks.h / / * Imports */ #include <isc/lang.h> #include <isc/magic.h> #include <dns/types.h> ISC_LANG_BEGINDECLS /* * Types / #define DNS_CALLBACK_MAGIC ISC_MAGIC('C', 'L', 'L', 'B') #define DNS_CALLBACK_VALID(cb) ISC_MAGIC_VALID(cb, DNS_CALLBACK_MAGIC) struct dns_rdatacallbacks { unsigned int magic; /% * dns_load_master calls this when it has rdatasets to commit. / dns_addrdatasetfunc_t add; /% * This is called when reading in a database image from a 'map' * format zone file. / dns_deserializefunc_t deserialize; /% * dns_master_load() call this when loading a raw zonefile, to pass back information obtained from the file header / dns_rawdatafunc_t rawdata; dns_zone_t zone; /% dns_load_master / dns_rdata_fromtext call this to issue a error. / void (error)(struct dns_rdatacallbacks , const char , ...); /% dns_load_master / dns_rdata_fromtext call this to issue a warning. / void (warn)(struct dns_rdatacallbacks , const char , ...); /% Private data handles for use by the above callback functions. / void add_private; void deserialize_private; void error_private; void warn_private; }; / * Initialization **/ void dns_rdatacallbacks_init(dns_rdatacallbacks_t callbacks); /%< Initialize 'callbacks'. * * \li 'magic' is set to DNS_CALLBACK_MAGIC * * \li 'error' and 'warn' are set to default callbacks that print the * error message through the DNS library log context. * \li All other elements are initialized to NULL. * Requires: * \li 'callbacks' is a valid dns_rdatacallbacks_t, / void dns_rdatacallbacks_init_stdio(dns_rdatacallbacks_t callbacks); /%< Like dns_rdatacallbacks_init, but logs to stdio. / ISC_LANG_ENDDECLS #endif / DNS_CALLBACKS_H / ��dns/sdb.h��0000644��00000016266�15125204631�0006263 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_SDB_H #define DNS_SDB_H 1 /** * Module Info **/ /! \file dns/sdb.h * \brief * Simple database API. / / * Imports */ #include <inttypes.h> #include <isc/lang.h> #include <dns/clientinfo.h> #include <dns/types.h> /* * Types / /% * A simple database. This is an opaque type. / typedef struct dns_sdb dns_sdb_t; /% * A simple database lookup in progress. This is an opaque type. / typedef struct dns_sdblookup dns_sdblookup_t; /% * A simple database traversal in progress. This is an opaque type. / typedef struct dns_sdballnodes dns_sdballnodes_t; typedef isc_result_t (dns_sdblookupfunc_t)(const char zone, const char name, void dbdata, dns_sdblookup_t lookup, dns_clientinfomethods_t methods, dns_clientinfo_t clientinfo); typedef isc_result_t (dns_sdblookup2func_t)(const dns_name_t zone, const dns_name_t name, void dbdata, dns_sdblookup_t lookup, dns_clientinfomethods_t methods, dns_clientinfo_t clientinfo); typedef isc_result_t (dns_sdbauthorityfunc_t)(const char zone, void dbdata, dns_sdblookup_t ); typedef isc_result_t (dns_sdballnodesfunc_t)(const char zone, void dbdata, dns_sdballnodes_t allnodes); typedef isc_result_t (dns_sdbcreatefunc_t)(const char zone, int argc, char argv, void driverdata, void *dbdata); typedef void (dns_sdbdestroyfunc_t)(const char zone, void driverdata, void dbdata); typedef struct dns_sdbmethods { dns_sdblookupfunc_t lookup; dns_sdbauthorityfunc_t authority; dns_sdballnodesfunc_t allnodes; dns_sdbcreatefunc_t create; dns_sdbdestroyfunc_t destroy; dns_sdblookup2func_t lookup2; } dns_sdbmethods_t; /* * Functions / ISC_LANG_BEGINDECLS #define DNS_SDBFLAG_RELATIVEOWNER 0x00000001U #define DNS_SDBFLAG_RELATIVERDATA 0x00000002U #define DNS_SDBFLAG_THREADSAFE 0x00000004U #define DNS_SDBFLAG_DNS64 0x00000008U isc_result_t dns_sdb_register(const char drivername, const dns_sdbmethods_t methods, void driverdata, unsigned int flags, isc_mem_t mctx, dns_sdbimplementation_t sdbimp); /%< * Register a simple database driver for the database type 'drivername', * implemented by the functions in 'methods'. * sdbimp must point to a NULL dns_sdbimplementation_t pointer. That is, * sdbimp != NULL && sdbimp == NULL. It will be assigned a value that will later be used to identify the driver when deregistering it. * * The name server will perform lookups in the database by calling the * function 'lookup', passing it a printable zone name 'zone', a printable * domain name 'name', and a copy of the argument 'dbdata' that * was potentially returned by the create function. The 'dns_sdblookup_t' * argument to 'lookup' and 'authority' is an opaque pointer to be passed to * ns_sdb_putrr(). * * The lookup function returns the lookup results to the name server * by calling ns_sdb_putrr() once for each record found. On success, * the return value of the lookup function should be ISC_R_SUCCESS. * If the domain name 'name' does not exist, the lookup function should * ISC_R_NOTFOUND. Any other return value is treated as an error. * * Lookups at the zone apex will cause the server to also call the * function 'authority' (if non-NULL), which must provide an SOA record * and NS records for the zone by calling ns_sdb_putrr() once for each of * these records. The 'authority' function may be NULL if invoking * the 'lookup' function on the zone apex will return SOA and NS records. * * The allnodes function, if non-NULL, fills in an opaque structure to be * used by a database iterator. This allows the zone to be transferred. * This may use a considerable amount of memory for large zones, and the * zone transfer may not be fully RFC1035 compliant if the zone is * frequently changed. * * The create function will be called for each zone configured * into the name server using this database type. It can be used * to create a "database object" containing zone specific data, * which can make use of the database arguments specified in the * name server configuration. * * The destroy function will be called to free the database object * when its zone is destroyed. * * The create and destroy functions may be NULL. * * If flags includes DNS_SDBFLAG_RELATIVEOWNER, the lookup and authority * functions will be called with relative names rather than absolute names. * The string "@" represents the zone apex in this case. * * If flags includes DNS_SDBFLAG_RELATIVERDATA, the rdata strings may * include relative names. Otherwise, all names in the rdata string must * be absolute. Be aware that if relative names are allowed, any * absolute names must contain a trailing dot. * * If flags includes DNS_SDBFLAG_THREADSAFE, the driver must be able to * handle multiple lookups in parallel. Otherwise, calls into the driver * are serialized. / void dns_sdb_unregister(dns_sdbimplementation_t sdbimp); /%< * Removes the simple database driver from the list of registered database * types. There must be no active databases of this type when this function * is called. / /% See dns_sdb_putradata() / isc_result_t dns_sdb_putrr(dns_sdblookup_t lookup, const char type, dns_ttl_t ttl, const char data); isc_result_t dns_sdb_putrdata(dns_sdblookup_t lookup, dns_rdatatype_t type, dns_ttl_t ttl, const unsigned char rdata, unsigned int rdlen); /%< Add a single resource record to the lookup structure to be * returned in the query response. dns_sdb_putrr() takes the * resource record in master file text format as a null-terminated * string, and dns_sdb_putrdata() takes the raw RDATA in * uncompressed wire format. / /% See dns_sdb_putnamerdata() / isc_result_t dns_sdb_putnamedrr(dns_sdballnodes_t allnodes, const char name, const char type, dns_ttl_t ttl, const char data); isc_result_t dns_sdb_putnamedrdata(dns_sdballnodes_t allnodes, const char name, dns_rdatatype_t type, dns_ttl_t ttl, const void rdata, unsigned int rdlen); /%< Add a single resource record to the allnodes structure to be * included in a zone transfer response, in text or wire * format as above. / isc_result_t dns_sdb_putsoa(dns_sdblookup_t lookup, const char mname, const char rname, uint32_t serial); /%< This function may optionally be called from the 'authority' callback * to simplify construction of the SOA record for 'zone'. It will * provide a SOA listing 'mname' as as the master server and 'rname' as * the responsible person mailbox. It is the responsibility of the * driver to increment the serial number between responses if necessary. * All other SOA fields will have reasonable default values. / ISC_LANG_ENDDECLS #endif / DNS_SDB_H / ��dns/ssu.h��0000644��00000016016�15125204631�0006316 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_SSU_H #define DNS_SSU_H 1 /! \file dns/ssu.h / #include <stdbool.h> #include <isc/lang.h> #include <dns/acl.h> #include <dns/types.h> #include <dst/dst.h> ISC_LANG_BEGINDECLS typedef enum { dns_ssumatchtype_name = 0, dns_ssumatchtype_subdomain = 1, dns_ssumatchtype_wildcard = 2, dns_ssumatchtype_self = 3, dns_ssumatchtype_selfsub = 4, dns_ssumatchtype_selfwild = 5, dns_ssumatchtype_selfkrb5 = 6, dns_ssumatchtype_selfms = 7, dns_ssumatchtype_subdomainms = 8, dns_ssumatchtype_subdomainkrb5 = 9, dns_ssumatchtype_tcpself = 10, dns_ssumatchtype_6to4self = 11, dns_ssumatchtype_external = 12, dns_ssumatchtype_local = 13, dns_ssumatchtype_selfsubms = 14, dns_ssumatchtype_selfsubkrb5 = 15, dns_ssumatchtype_max = 15, / max value / dns_ssumatchtype_dlz = 16 / intentionally higher than _max / } dns_ssumatchtype_t; isc_result_t dns_ssutable_create(isc_mem_t mctx, dns_ssutable_t *table); /%< * Creates a table that will be used to store simple-secure-update rules. * Note: all locking must be provided by the client. * * Requires: \li 'mctx' is a valid memory context \li 'table' is not NULL, and 'table' is NULL * Returns: \li ISC_R_SUCCESS \li ISC_R_NOMEMORY / isc_result_t dns_ssutable_createdlz(isc_mem_t mctx, dns_ssutable_t *tablep, dns_dlzdb_t dlzdatabase); /%< Create an SSU table that contains a dlzdatabase pointer, and a * single rule with matchtype dns_ssumatchtype_dlz. This type of SSU * table is used by writeable DLZ drivers to offload authorization for * updates to the driver. / void dns_ssutable_attach(dns_ssutable_t source, dns_ssutable_t *targetp); /%< * Attach 'targetp' to 'source'. * Requires: \li 'source' is a valid SSU table \li 'targetp' points to a NULL dns_ssutable_t . * Ensures: \li targetp is attached to source. / void dns_ssutable_detach(dns_ssutable_t tablep); /%< * Detach 'tablep' from its simple-secure-update rule table. * Requires: \li 'tablep' points to a valid dns_ssutable_t * Ensures: \li tablep is NULL \li If 'tablep' is the last reference to the SSU table, all * resources used by the table will be freed. / isc_result_t dns_ssutable_addrule(dns_ssutable_t table, bool grant, const dns_name_t identity, dns_ssumatchtype_t matchtype, const dns_name_t name, unsigned int ntypes, dns_rdatatype_t types); /%< * Adds a new rule to a simple-secure-update rule table. The rule * either grants or denies update privileges of an identity (or set of * identities) to modify a name (or set of names) or certain types present * at that name. * * Notes: \li If 'matchtype' is of SELF type, this rule only matches if the name to be updated matches the signing identity. * \li If 'ntypes' is 0, this rule applies to all types except NS, SOA, RRSIG, and NSEC. * \li If 'types' includes ANY, this rule applies to all types except NSEC. * * Requires: \li 'table' is a valid SSU table \li 'identity' is a valid absolute name \li 'matchtype' must be one of the defined constants. \li 'name' is a valid absolute name \li If 'ntypes' > 0, 'types' must not be NULL * Returns: \li ISC_R_SUCCESS \li ISC_R_NOMEMORY / bool dns_ssutable_checkrules(dns_ssutable_t table, const dns_name_t signer, const dns_name_t name, const isc_netaddr_t addr, bool tcp, const dns_aclenv_t env, dns_rdatatype_t type, const dst_key_t key); /%< * Checks that the attempted update of (name, type) is allowed according * to the rules specified in the simple-secure-update rule table. If * no rules are matched, access is denied. * * Notes: * In dns_ssutable_checkrules(), 'addr' should only be * set if the request received via TCP. This provides a * weak assurance that the request was not spoofed. * 'addr' is to to validate dns_ssumatchtype_tcpself * and dns_ssumatchtype_6to4self rules. * * In dns_ssutable_checkrules2(), 'addr' can also be passed for * UDP requests and TCP is specified via the 'tcp' parameter. * In addition to dns_ssumatchtype_tcpself and * tcp_ssumatchtype_6to4self rules, the address * also be used to check dns_ssumatchtype_local rules. * If 'addr' is set then 'env' must also be set so that * requests from non-localhost addresses can be rejected. * * For dns_ssumatchtype_tcpself the addresses are mapped to * the standard reverse names under IN-ADDR.ARPA and IP6.ARPA. * RFC 1035, Section 3.5, "IN-ADDR.ARPA domain" and RFC 3596, * Section 2.5, "IP6.ARPA Domain". * * For dns_ssumatchtype_6to4self, IPv4 address are converted * to a 6to4 prefix (48 bits) per the rules in RFC 3056. Only * the top 48 bits of the IPv6 address are mapped to the reverse * name. This is independent of whether the most significant 16 * bits match 2002::/16, assigned for 6to4 prefixes, or not. * * Requires: \li 'table' is a valid SSU table \li 'signer' is NULL or a valid absolute name \li 'addr' is NULL or a valid network address. \li 'aclenv' is NULL or a valid ACL environment. \li 'name' is a valid absolute name \li if 'addr' is not NULL, 'env' is not NULL. / /% Accessor functions to extract rule components / bool dns_ssurule_isgrant(const dns_ssurule_t rule); /% Accessor functions to extract rule components / dns_name_t * dns_ssurule_identity(const dns_ssurule_t rule); /% Accessor functions to extract rule components / unsigned int dns_ssurule_matchtype(const dns_ssurule_t rule); /% Accessor functions to extract rule components / dns_name_t * dns_ssurule_name(const dns_ssurule_t rule); /% Accessor functions to extract rule components / unsigned int dns_ssurule_types(const dns_ssurule_t rule, dns_rdatatype_t *types); isc_result_t dns_ssutable_firstrule(const dns_ssutable_t table, dns_ssurule_t *rule); /%< * Initiates a rule iterator. There is no need to maintain any state. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMORE / isc_result_t dns_ssutable_nextrule(dns_ssurule_t rule, dns_ssurule_t *nextrule); /%< * Returns the next rule in the table. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMORE / bool dns_ssu_external_match(const dns_name_t identity, const dns_name_t signer, const dns_name_t name, const isc_netaddr_t tcpaddr, dns_rdatatype_t type, const dst_key_t key, isc_mem_t mctx); /%< * Check a policy rule via an external application / isc_result_t dns_ssu_mtypefromstring(const char str, dns_ssumatchtype_t mtype); /%< * Set 'mtype' from 'str' * * Requires: \li 'str' is not NULL. \li 'mtype' is not NULL, * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOTFOUND / ISC_LANG_ENDDECLS #endif / DNS_SSU_H / ��dns/rbt.h��0000644��00000111154�15125204631�0006272 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_RBT_H #define DNS_RBT_H 1 /! \file dns/rbt.h / #include <inttypes.h> #include <stdbool.h> #include <isc/assertions.h> #include <isc/crc64.h> #include <isc/lang.h> #include <isc/magic.h> #include <isc/refcount.h> #include <dns/types.h> ISC_LANG_BEGINDECLS /@{/ /% * Option values for dns_rbt_findnode() and dns_rbt_findname(). * These are used to form a bitmask. / #define DNS_RBTFIND_NOOPTIONS 0x00 #define DNS_RBTFIND_EMPTYDATA 0x01 #define DNS_RBTFIND_NOEXACT 0x02 #define DNS_RBTFIND_NOPREDECESSOR 0x04 /@}/ #define DNS_RBT_USEMAGIC 1 #define DNS_RBT_LOCKLENGTH (sizeof(((dns_rbtnode_t )0)->locknum) * 8) #define DNS_RBTNODE_MAGIC ISC_MAGIC('R', 'B', 'N', 'O') #if DNS_RBT_USEMAGIC #define DNS_RBTNODE_VALID(n) ISC_MAGIC_VALID(n, DNS_RBTNODE_MAGIC) #else /* if DNS_RBT_USEMAGIC / #define DNS_RBTNODE_VALID(n) true #endif / if DNS_RBT_USEMAGIC / /% * This is the structure that is used for each node in the red/black * tree of trees. NOTE WELL: the implementation manages this as a variable * length structure, with the actual wire-format name and other data * appended to this structure. Allocating a contiguous block of memory for * multiple dns_rbtnode structures will not work. / typedef struct dns_rbtnode dns_rbtnode_t; enum { DNS_RBT_NSEC_NORMAL = 0, / in main tree / DNS_RBT_NSEC_HAS_NSEC = 1, / also has node in nsec tree / DNS_RBT_NSEC_NSEC = 2, / in nsec tree / DNS_RBT_NSEC_NSEC3 = 3 / in nsec3 tree / }; struct dns_rbtnode { #if DNS_RBT_USEMAGIC unsigned int magic; #endif / if DNS_RBT_USEMAGIC / /@{/ /! * The following bitfields add up to a total bitwidth of 32. * The range of values necessary for each item is indicated, * but in the case of "attributes" the field is wider to accommodate * possible future expansion. * * In each case below the "range" indicated is what's _necessary_ for * the bitfield to hold, not what it actually _can_ hold. * * Note: Tree lock must be held before modifying these * bit-fields. * * Note: The two "unsigned int :0;" unnamed bitfields on either * side of the bitfields below are scaffolding that border the * set of bitfields which are accessed after acquiring the tree * lock. Please don't insert any other bitfield members between * the unnamed bitfields unless they should also be accessed * after acquiring the tree lock. / unsigned int : 0; / start of bitfields c/o tree lock / unsigned int is_root : 1; /%< range is 0..1 / unsigned int color : 1; /%< range is 0..1 / unsigned int find_callback : 1; /%< range is 0..1 / unsigned int attributes : 3; /%< range is 0..2 / unsigned int nsec : 2; /%< range is 0..3 / unsigned int namelen : 8; /%< range is 1..255 / unsigned int offsetlen : 8; /%< range is 1..128 / unsigned int oldnamelen : 8; /%< range is 1..255 / /@}/ / flags needed for serialization to file / unsigned int is_mmapped : 1; unsigned int parent_is_relative : 1; unsigned int left_is_relative : 1; unsigned int right_is_relative : 1; unsigned int down_is_relative : 1; unsigned int data_is_relative : 1; / * full name length; set during serialization, and used * during deserialization to calculate database size. * should be cleared after use. / unsigned int fullnamelen : 8; /%< range is 1..255 / / node needs to be cleaned from rpz / unsigned int rpz : 1; unsigned int : 0; / end of bitfields c/o tree lock / /% * These are needed for hashing. The 'uppernode' points to the * node's superdomain node in the parent subtree, so that it can * be reached from a child that was found by a hash lookup. / unsigned int hashval; dns_rbtnode_t uppernode; dns_rbtnode_t hashnext; dns_rbtnode_t parent; dns_rbtnode_t left; dns_rbtnode_t right; dns_rbtnode_t down; /% * Used for LRU cache. This linked list is used to mark nodes which * have no data any longer, but we cannot unlink at that exact moment * because we did not or could not obtain a write lock on the tree. / ISC_LINK(dns_rbtnode_t) deadlink; /@{/ /! * These values are used in the RBT DB implementation. The appropriate * node lock must be held before accessing them. * * Note: The two "unsigned int :0;" unnamed bitfields on either * side of the bitfields below are scaffolding that border the * set of bitfields which are accessed after acquiring the node * lock. Please don't insert any other bitfield members between * the unnamed bitfields unless they should also be accessed * after acquiring the node lock. * * NOTE: Do not merge these fields into bitfields above, as * they'll all be put in the same qword that could be accessed * without the node lock as it shares the qword with other * members. Leave these members here so that they occupy a * separate region of memory. / void data; uint8_t : 0; /* start of bitfields c/o node lock / uint8_t dirty : 1; uint8_t wild : 1; uint8_t : 0; / end of bitfields c/o node lock / uint16_t locknum; / note that this is not in the bitfield / isc_refcount_t references; /@}/ /% * This linked list is used to store nodes from which tree pruning can * be started. / ISC_LINK(dns_rbtnode_t) prunelink; }; typedef isc_result_t (dns_rbtfindcallback_t)(dns_rbtnode_t node, dns_name_t name, void callback_arg); typedef isc_result_t (dns_rbtdatawriter_t)(FILE file, unsigned char data, void arg, uint64_t crc); typedef isc_result_t (dns_rbtdatafixer_t)(dns_rbtnode_t rbtnode, void base, size_t offset, void arg, uint64_t crc); typedef void (dns_rbtdeleter_t)(void , void ); /*** * Chain Info **/ /! * A chain is used to keep track of the sequence of nodes to reach any given * node from the root of the tree. Originally nodes did not have parent * pointers in them (for memory usage reasons) so there was no way to find * the path back to the root from any given node. Now that nodes have parent * pointers, chains might be going away in a future release, though the * movement functionality would remain. * * Chains may be used to iterate over a tree of trees. After setting up the * chain's structure using dns_rbtnodechain_init(), it needs to be initialized * to point to the lexically first or lexically last node in the tree of trees * using dns_rbtnodechain_first() or dns_rbtnodechain_last(), respectively. * Calling dns_rbtnodechain_next() or dns_rbtnodechain_prev() then moves the * chain over to the next or previous node, respectively. * * In any event, parent information, whether via parent pointers or chains, is * necessary information for iterating through the tree or for basic internal * tree maintenance issues (ie, the rotations that are done to rebalance the * tree when a node is added). The obvious implication of this is that for a * chain to remain valid, the tree has to be locked down against writes for the * duration of the useful life of the chain, because additions or removals can * change the path from the root to the node the chain has targeted. * * The dns_rbtnodechain_ functions _first, _last, _prev and _next all take * dns_name_t parameters for the name and the origin, which can be NULL. If * non-NULL, 'name' will end up pointing to the name data and offsets that are * stored at the node (and thus it will be read-only), so it should be a * regular dns_name_t that has been initialized with dns_name_init. When * 'origin' is non-NULL, it will get the name of the origin stored in it, so it * needs to have its own buffer space and offsets, which is most easily * accomplished with a dns_fixedname_t. It is _not_ necessary to reinitialize * either 'name' or 'origin' between calls to the chain functions. * * NOTE WELL: even though the name data at the root of the tree of trees will * be absolute (typically just "."), it will will be made into a relative name * with an origin of "." -- an empty name when the node is ".". This is * because a common on operation on 'name' and 'origin' is to use * dns_name_concatenate() on them to generate the complete name. An empty name * can be detected when dns_name_countlabels == 0, and is printed by * dns_name_totext()/dns_name_format() as "@", consistent with RFC1035's * definition of "@" as the current origin. * * dns_rbtnodechain_current is similar to the _first, _last, _prev and _next * functions but additionally can provide the node to which the chain points. / /% * The number of level blocks to allocate at a time. Currently the maximum * number of levels is allocated directly in the structure, but future * revisions of this code might have a static initial block with dynamic * growth. Allocating space for 256 levels when the tree is almost never that * deep is wasteful, but it's not clear that it matters, since the waste is * only 2MB for 1000 concurrently active chains on a system with 64-bit * pointers. / #define DNS_RBT_LEVELBLOCK 254 typedef struct dns_rbtnodechain { unsigned int magic; /% * The terminal node of the chain. It is not in levels[]. * This is ostensibly private ... but in a pinch it could be * used tell that the chain points nowhere without needing to * call dns_rbtnodechain_current(). / dns_rbtnode_t end; /% The maximum number of labels in a name is 128; bitstrings mean * a conceptually very large number (which I have not bothered to * compute) of logical levels because splitting can potentially occur * at each bit. However, DNSSEC restricts the number of "logical" * labels in a name to 255, meaning only 254 pointers are needed * in the worst case. / dns_rbtnode_t levels[DNS_RBT_LEVELBLOCK]; /% level_count indicates how deep the chain points into the * tree of trees, and is the index into the levels[] array. * Thus, levels[level_count - 1] is the last level node stored. * A chain that points to the top level of the tree of trees has * a level_count of 0, the first level has a level_count of 1, and * so on. / unsigned int level_count; /% * level_matches tells how many levels matched above the node * returned by dns_rbt_findnode(). A match (partial or exact) found * in the first level thus results in level_matches being set to 1. * This is used by the rbtdb to set the start point for a recursive * search of superdomains until the RR it is looking for is found. / unsigned int level_matches; } dns_rbtnodechain_t; /** * Public interfaces. **/ isc_result_t dns_rbt_create(isc_mem_t mctx, dns_rbtdeleter_t deleter, void deleter_arg, dns_rbt_t rbtp); /%< * Initialize a red-black tree of trees. * * Notes: \li The deleter argument, if non-null, points to a function that is responsible for cleaning up any memory associated with the data * pointer of a node when the node is deleted. It is passed the * deleted node's data pointer as its first argument and deleter_arg * as its second argument. * * Requires: * \li mctx is a pointer to a valid memory context. \li rbtp != NULL && rbtp == NULL \li arg == NULL iff deleter == NULL * Ensures: \li If result is ISC_R_SUCCESS: rbtp points to a valid red-black tree manager \li If result is failure: rbtp does not point to a valid red-black tree manager. * Returns: \li #ISC_R_SUCCESS Success \li #ISC_R_NOMEMORY Resource limit: Out of Memory / isc_result_t dns_rbt_addname(dns_rbt_t rbt, const dns_name_t name, void data); /%< Add 'name' to the tree of trees, associated with 'data'. * * Notes: \li 'data' is never required to be non-NULL, but specifying it when the name is added is faster than searching for 'name' * again and then setting the data pointer. The lack of a data pointer * for a node also has other ramifications regarding whether * dns_rbt_findname considers a node to exist, or dns_rbt_deletename * joins nodes. * * Requires: \li rbt is a valid rbt manager. \li dns_name_isabsolute(name) == TRUE * * Ensures: \li 'name' is not altered in any way. \li Any external references to nodes in the tree are unaffected by node splits that are necessary to insert the new name. * \li If result is #ISC_R_SUCCESS: 'name' is findable in the red/black tree of trees in O(log N). * The data pointer of the node for 'name' is set to 'data'. * \li If result is #ISC_R_EXISTS or #ISC_R_NOSPACE: The tree of trees is unaltered. * \li If result is #ISC_R_NOMEMORY: No guarantees. * * Returns: \li #ISC_R_SUCCESS Success \li #ISC_R_EXISTS The name already exists with associated data. \li #ISC_R_NOSPACE The name had more logical labels than are allowed. \li #ISC_R_NOMEMORY Resource Limit: Out of Memory / isc_result_t dns_rbt_addnode(dns_rbt_t rbt, const dns_name_t name, dns_rbtnode_t nodep); /%< * Just like dns_rbt_addname, but returns the address of the node. * * Requires: \li rbt is a valid rbt structure. \li dns_name_isabsolute(name) == TRUE \li nodep != NULL && nodep == NULL * * Ensures: \li 'name' is not altered in any way. \li Any external references to nodes in the tree are unaffected by node splits that are necessary to insert the new name. * \li If result is ISC_R_SUCCESS: 'name' is findable in the red/black tree of trees in O(log N). * nodep is the node that was added for 'name'. \li If result is ISC_R_EXISTS: The tree of trees is unaltered. * nodep is the existing node for 'name'. \li If result is ISC_R_NOMEMORY: No guarantees. * * Returns: \li #ISC_R_SUCCESS Success \li #ISC_R_EXISTS The name already exists, possibly without data. \li #ISC_R_NOMEMORY Resource Limit: Out of Memory / isc_result_t dns_rbt_findname(dns_rbt_t rbt, const dns_name_t name, unsigned int options, dns_name_t foundname, void data); /%< * Get the data pointer associated with 'name'. * * Notes: \li When #DNS_RBTFIND_NOEXACT is set, the closest matching superdomain is returned (also subject to #DNS_RBTFIND_EMPTYDATA), even when there is * an exact match in the tree. * \li A node that has no data is considered not to exist for this function, unless the #DNS_RBTFIND_EMPTYDATA option is set. * * Requires: \li rbt is a valid rbt manager. \li dns_name_isabsolute(name) == TRUE \li data != NULL && data == NULL * * Ensures: \li 'name' and the tree are not altered in any way. \li If result is ISC_R_SUCCESS: data is the data associated with 'name'. \li If result is DNS_R_PARTIALMATCH: data is the data associated with the deepest superdomain of 'name' which has data. * \li If result is ISC_R_NOTFOUND: Neither the name nor a superdomain was found with data. * * Returns: \li #ISC_R_SUCCESS Success \li #DNS_R_PARTIALMATCH Superdomain found with data \li #ISC_R_NOTFOUND No match \li #ISC_R_NOSPACE Concatenating nodes to form foundname failed / isc_result_t dns_rbt_findnode(dns_rbt_t rbt, const dns_name_t name, dns_name_t foundname, dns_rbtnode_t *node, dns_rbtnodechain_t chain, unsigned int options, dns_rbtfindcallback_t callback, void callback_arg); /%< * Find the node for 'name'. * * Notes: \li A node that has no data is considered not to exist for this function, unless the DNS_RBTFIND_EMPTYDATA option is set. This applies to both * exact matches and partial matches. * \li If the chain parameter is non-NULL, then the path through the tree to the DNSSEC predecessor of the searched for name is maintained, * unless the DNS_RBTFIND_NOPREDECESSOR or DNS_RBTFIND_NOEXACT option * is used. (For more details on those options, see below.) * \li If there is no predecessor, then the chain will point to nowhere, as indicated by chain->end being NULL or dns_rbtnodechain_current * returning ISC_R_NOTFOUND. Note that in a normal Internet DNS RBT * there will always be a predecessor for all names except the root * name, because '.' will exist and '.' is the predecessor of * everything. But you can certainly construct a trivial tree and a * search for it that has no predecessor. * \li Within the chain structure, the 'levels' member of the structure holds the root node of each level except the first. * \li The 'level_count' of the chain indicates how deep the chain to the predecessor name is, as an index into the 'levels[]' array. It does * not count name elements, per se, but only levels of the tree of trees, * the distinction arising because multiple labels from a name can be * stored on only one level. It is also does not include the level * that has the node, since that level is not stored in levels[]. * \li The chain's 'level_matches' is not directly related to the predecessor. It is the number of levels above the level of the found 'node', * regardless of whether it was a partial match or exact match. When * the node is found in the top level tree, or no node is found at all, * level_matches is 0. * \li When DNS_RBTFIND_NOEXACT is set, the closest matching superdomain is returned (also subject to DNS_RBTFIND_EMPTYDATA), even when * there is an exact match in the tree. In this case, the chain * will not point to the DNSSEC predecessor, but will instead point * to the exact match, if there was any. Thus the preceding paragraphs * should have "exact match" substituted for "predecessor" to describe * how the various elements of the chain are set. This was done to * ensure that the chain's state was sane, and to prevent problems that * occurred when running the predecessor location code under conditions * it was not designed for. It is not clear where the chain should * point when DNS_RBTFIND_NOEXACT is set, so if you end up using a chain * with this option because you want a particular node, let us know * where you want the chain pointed, so this can be made more firm. * * Requires: \li rbt is a valid rbt manager. \li dns_name_isabsolute(name) == TRUE. \li node != NULL && node == NULL. \li #DNS_RBTFIND_NOEXACT and DNS_RBTFIND_NOPREDECESSOR are mutually exclusive. * * Ensures: \li 'name' and the tree are not altered in any way. \li If result is ISC_R_SUCCESS: \verbatim * node is the terminal node for 'name'. * 'foundname' and 'name' represent the same name (though not * the same memory). * * 'chain' points to the DNSSEC predecessor, if any, of 'name'. * * chain->level_matches and chain->level_count are equal. \endverbatim * If result is DNS_R_PARTIALMATCH: \verbatim node is the data associated with the deepest superdomain of 'name' which has data. * * 'foundname' is the name of deepest superdomain (which has * data, unless the DNS_RBTFIND_EMPTYDATA option is set). * * 'chain' points to the DNSSEC predecessor, if any, of 'name'. \endverbatim \li If result is ISC_R_NOTFOUND: \verbatim * Neither the name nor a superdomain was found. node is NULL. * 'chain' points to the DNSSEC predecessor, if any, of 'name'. * * chain->level_matches is 0. \endverbatim * Returns: \li #ISC_R_SUCCESS Success \li #DNS_R_PARTIALMATCH Superdomain found with data \li #ISC_R_NOTFOUND No match, or superdomain with no data \li #ISC_R_NOSPACE Concatenating nodes to form foundname failed / isc_result_t dns_rbt_deletename(dns_rbt_t rbt, const dns_name_t name, bool recurse); /%< * Delete 'name' from the tree of trees. * * Notes: \li When 'name' is removed, if recurse is true then all of its subnames are removed too. * * Requires: \li rbt is a valid rbt manager. \li dns_name_isabsolute(name) == TRUE * * Ensures: \li 'name' is not altered in any way. \li Does NOT ensure that any external references to nodes in the tree are unaffected by node joins. * \li If result is ISC_R_SUCCESS: 'name' does not appear in the tree with data; however, * the node for the name might still exist which can be * found with dns_rbt_findnode (but not dns_rbt_findname). * \li If result is ISC_R_NOTFOUND: 'name' does not appear in the tree with data, because * it did not appear in the tree before the function was called. * \li If result is something else: See result codes for dns_rbt_findnode (if it fails, the * node is not deleted) or dns_rbt_deletenode (if it fails, * the node is deleted, but the tree is not optimized when * it could have been). * * Returns: \li #ISC_R_SUCCESS Success \li #ISC_R_NOTFOUND No match \li something_else Any return code from dns_rbt_findnode except DNS_R_PARTIALMATCH (which causes ISC_R_NOTFOUND * to be returned instead), and any code from * dns_rbt_deletenode. / isc_result_t dns_rbt_deletenode(dns_rbt_t rbt, dns_rbtnode_t node, bool recurse); /%< * Delete 'node' from the tree of trees. * * Notes: \li When 'node' is removed, if recurse is true then all nodes in levels down from it are removed too. * * Requires: \li rbt is a valid rbt manager. \li node != NULL. * * Ensures: \li Does NOT ensure that any external references to nodes in the tree are unaffected by node joins. * \li If result is ISC_R_SUCCESS: 'node' does not appear in the tree with data; however, * the node might still exist if it serves as a pointer to * a lower tree level as long as 'recurse' was false, hence * the node could can be found with dns_rbt_findnode when * that function's empty_data_ok parameter is true. * \li If result is ISC_R_NOMEMORY or ISC_R_NOSPACE: The node was deleted, but the tree structure was not * optimized. * * Returns: \li #ISC_R_SUCCESS Success \li #ISC_R_NOMEMORY Resource Limit: Out of Memory when joining nodes. \li #ISC_R_NOSPACE dns_name_concatenate failed when joining nodes. / void dns_rbt_namefromnode(dns_rbtnode_t node, dns_name_t name); /%< Convert the sequence of labels stored at 'node' into a 'name'. * * Notes: \li This function does not return the full name, from the root, but just the labels at the indicated node. * \li The name data pointed to by 'name' is the information stored in the node, not a copy. Altering the data at this pointer * will likely cause grief. * * Requires: * \li name->offsets == NULL * * Ensures: * \li 'name' is DNS_NAMEATTR_READONLY. * * \li 'name' will point directly to the labels stored after the * dns_rbtnode_t struct. * * \li 'name' will have offsets that also point to the information stored * as part of the node. / isc_result_t dns_rbt_fullnamefromnode(dns_rbtnode_t node, dns_name_t name); /%< * Like dns_rbt_namefromnode, but returns the full name from the root. * * Notes: * \li Unlike dns_rbt_namefromnode, the name will not point directly * to node data. Rather, dns_name_concatenate will be used to copy * the name data from each node into the 'name' argument. * * Requires: * \li name != NULL * \li name has a dedicated buffer. * * Returns: * \li ISC_R_SUCCESS * \li ISC_R_NOSPACE (possible via dns_name_concatenate) * \li DNS_R_NAMETOOLONG (possible via dns_name_concatenate) / char dns_rbt_formatnodename(dns_rbtnode_t node, char printname, unsigned int size); /%< Format the full name of a node for printing, using dns_name_format(). * * Notes: * \li 'size' is the length of the printname buffer. This should be * DNS_NAME_FORMATSIZE or larger. * * Requires: * \li node and printname are not NULL. * * Returns: * \li The 'printname' pointer. / unsigned int dns_rbt_nodecount(dns_rbt_t rbt); /%< Obtain the number of nodes in the tree of trees. * * Requires: * \li rbt is a valid rbt manager. / size_t dns_rbt_hashsize(dns_rbt_t rbt); /%< Obtain the current number of buckets in the 'rbt' hash table. * * Requires: * \li rbt is a valid rbt manager. / isc_result_t dns_rbt_adjusthashsize(dns_rbt_t rbt, size_t size); /%< Adjust the number of buckets in the 'rbt' hash table, according to the * expected maximum size of the rbt database. * * Requires: * \li rbt is a valid rbt manager. * \li size is expected maximum memory footprint of rbt. / void dns_rbt_destroy(dns_rbt_t rbtp); isc_result_t dns_rbt_destroy2(dns_rbt_t rbtp, unsigned int quantum); /%< * Stop working with a red-black tree of trees. * If 'quantum' is zero then the entire tree will be destroyed. * If 'quantum' is non zero then up to 'quantum' nodes will be destroyed * allowing the rbt to be incrementally destroyed by repeated calls to * dns_rbt_destroy2(). Once dns_rbt_destroy2() has been called no other * operations than dns_rbt_destroy()/dns_rbt_destroy2() should be * performed on the tree of trees. * * Requires: * \li rbt is a valid rbt manager. * Ensures on ISC_R_SUCCESS: * \li All space allocated by the RBT library has been returned. * * \li rbt is invalidated as an rbt manager. * Returns: * \li ISC_R_SUCCESS * \li ISC_R_QUOTA if 'quantum' nodes have been destroyed. / off_t dns_rbt_serialize_align(off_t target); /%< * Align the provided integer to a pointer-size boundary. * This should be used if, during serialization of data to a will-be * mmap()ed file, a pointer alignment is needed for some data. / isc_result_t dns_rbt_serialize_tree(FILE file, dns_rbt_t rbt, dns_rbtdatawriter_t datawriter, void writer_arg, off_t offset); /%< * Write out the RBT structure and its data to a file. * * Notes: * \li The file must be an actual file which allows seek() calls, so it cannot * be a stream. Returns ISC_R_INVALIDFILE if not. / isc_result_t dns_rbt_deserialize_tree(void base_address, size_t filesize, off_t header_offset, isc_mem_t mctx, dns_rbtdeleter_t deleter, void deleter_arg, dns_rbtdatafixer_t datafixer, void fixer_arg, dns_rbtnode_t originp, dns_rbt_t rbtp); /%< * Read a RBT structure and its data from a file. * * If 'originp' is not NULL, then it is pointed to the root node of the RBT. * * Notes: * \li The file must be an actual file which allows seek() calls, so it cannot * be a stream. This condition is not checked in the code. / void dns_rbt_printtext(dns_rbt_t rbt, void (data_printer)(FILE , void ), FILE f); /%< Print an ASCII representation of the internal structure of the red-black * tree of trees to the passed stream. * * data_printer is a callback function that is called to print the data * in a node. It should print it to the passed FILE stream. * * Notes: * \li The name stored at each node, along with the node's color, is printed. * Then the down pointer, left and right pointers are displayed * recursively in turn. NULL down pointers are silently omitted; * NULL left and right pointers are printed. / void dns_rbt_printdot(dns_rbt_t rbt, bool show_pointers, FILE f); /%< * Print a GraphViz dot representation of the internal structure of the * red-black tree of trees to the passed stream. * * If show_pointers is TRUE, pointers are also included in the generated * graph. * * Notes: * \li The name stored at each node, along with the node's color is displayed. * Then the down pointer, left and right pointers are displayed * recursively in turn. NULL left, right and down pointers are * silently omitted. / void dns_rbt_printnodeinfo(dns_rbtnode_t n, FILE f); /%< * Print out various information about a node * * Requires: \li 'n' is a valid pointer. \li 'f' points to a valid open FILE structure that allows writing. / size_t dns__rbt_getheight(dns_rbt_t rbt); /%< * Return the maximum height of sub-root nodes found in the red-black * forest. * * The height of a node is defined as the number of nodes in the longest * path from the node to a leaf. For each subtree in the forest, this * function determines the height of its root node. Then it returns the * maximum such height in the forest. * * Note: This function exists for testing purposes. Non-test code must * not use it. * * Requires: * \li rbt is a valid rbt manager. / bool dns__rbt_checkproperties(dns_rbt_t rbt); /%< Check red-black properties of the forest. * * Note: This function exists for testing purposes. Non-test code must * not use it. * * Requires: * \li rbt is a valid rbt manager. / size_t dns__rbtnode_getdistance(dns_rbtnode_t node); /%< Return the distance (in nodes) from the node to its upper node of its * subtree. The root node has a distance of 1. A child of the root node * has a distance of 2. / /** * Chain Functions **/ void dns_rbtnodechain_init(dns_rbtnodechain_t chain); /%< Initialize 'chain'. * * Requires: \li 'chain' is a valid pointer. * Ensures: \li 'chain' is suitable for use. / void dns_rbtnodechain_reset(dns_rbtnodechain_t chain); /%< * Free any dynamic storage associated with 'chain', and then reinitialize * 'chain'. * * Requires: \li 'chain' is a valid pointer. * Ensures: \li 'chain' is suitable for use, and uses no dynamic storage. / void dns_rbtnodechain_invalidate(dns_rbtnodechain_t chain); /%< * Free any dynamic storage associated with 'chain', and then invalidates it. * * Notes: \li Future calls to any dns_rbtnodechain_ function will need to call dns_rbtnodechain_init on the chain first (except, of course, * dns_rbtnodechain_init itself). * * Requires: \li 'chain' is a valid chain. * Ensures: \li 'chain' is no longer suitable for use, and uses no dynamic storage. / isc_result_t dns_rbtnodechain_current(dns_rbtnodechain_t chain, dns_name_t name, dns_name_t origin, dns_rbtnode_t node); /%< * Provide the name, origin and node to which the chain is currently pointed. * * Notes: \li The tree need not have be locked against additions for the chain to remain valid, however there are no guarantees if any deletion * has been made since the chain was established. * * Requires: \li 'chain' is a valid chain. * Ensures: \li 'node', if non-NULL, is the node to which the chain was pointed by dns_rbt_findnode, dns_rbtnodechain_first or dns_rbtnodechain_last. * If none were called for the chain since it was initialized or reset, * or if the was no predecessor to the name searched for with * dns_rbt_findnode, then 'node' is NULL and ISC_R_NOTFOUND is returned. \li 'name', if non-NULL, is the name stored at the terminal level of the chain. This is typically a single label, like the "www" of * "www.isc.org", but need not be so. At the root of the tree of trees, * if the node is "." then 'name' is ".", otherwise it is relative to ".". * (Minimalist and atypical case: if the tree has just the name * "isc.org." then the root node's stored name is "isc.org." but 'name' * will be "isc.org".) * \li 'origin', if non-NULL, is the sequence of labels in the levels above the terminal level, such as "isc.org." in the above example. * 'origin' is always "." for the root node. * * * Returns: \li #ISC_R_SUCCESS name, origin & node were successfully set. \li #ISC_R_NOTFOUND The chain does not point to any node. \li <something_else> Any error return from dns_name_concatenate. / isc_result_t dns_rbtnodechain_first(dns_rbtnodechain_t chain, dns_rbt_t rbt, dns_name_t name, dns_name_t origin); /%< Set the chain to the lexically first node in the tree of trees. * * Notes: \li By the definition of ordering for DNS names, the root of the tree of trees is the very first node, since everything else in the megatree * uses it as a common suffix. * * Requires: \li 'chain' is a valid chain. \li 'rbt' is a valid rbt manager. * * Ensures: \li The chain points to the very first node of the tree. \li 'name' and 'origin', if non-NULL, are set as described for dns_rbtnodechain_current. Thus 'origin' will always be ".". * * Returns: \li #DNS_R_NEWORIGIN The name & origin were successfully set. \li <something_else> Any error result from dns_rbtnodechain_current. / isc_result_t dns_rbtnodechain_last(dns_rbtnodechain_t chain, dns_rbt_t rbt, dns_name_t name, dns_name_t origin); /%< * Set the chain to the lexically last node in the tree of trees. * * Requires: \li 'chain' is a valid chain. \li 'rbt' is a valid rbt manager. * * Ensures: \li The chain points to the very last node of the tree. \li 'name' and 'origin', if non-NULL, are set as described for dns_rbtnodechain_current. * * Returns: \li #DNS_R_NEWORIGIN The name & origin were successfully set. \li #ISC_R_NOMEMORY Resource Limit: Out of Memory building chain. \li <something_else> Any error result from dns_name_concatenate. / isc_result_t dns_rbtnodechain_prev(dns_rbtnodechain_t chain, dns_name_t name, dns_name_t origin); /%< * Adjusts chain to point the DNSSEC predecessor of the name to which it * is currently pointed. * * Requires: \li 'chain' is a valid chain. \li 'chain' has been pointed somewhere in the tree with dns_rbt_findnode, * dns_rbtnodechain_first or dns_rbtnodechain_last -- and remember that * dns_rbt_findnode is not guaranteed to point the chain somewhere, * since there may have been no predecessor to the searched for name. * * Ensures: \li The chain is pointed to the predecessor of its current target. \li 'name' and 'origin', if non-NULL, are set as described for dns_rbtnodechain_current. * \li 'origin' is only if a new origin was found. * Returns: \li #ISC_R_SUCCESS The predecessor was found and 'name' was set. \li #DNS_R_NEWORIGIN The predecessor was found with a * different origin and 'name' and 'origin' were set. \li #ISC_R_NOMORE There * was no predecessor. \li <something_else> Any error result from * dns_rbtnodechain_current. / isc_result_t dns_rbtnodechain_next(dns_rbtnodechain_t chain, dns_name_t name, dns_name_t origin); /%< Adjusts chain to point the DNSSEC successor of the name to which it * is currently pointed. * * Requires: \li 'chain' is a valid chain. \li 'chain' has been pointed somewhere in the tree with dns_rbt_findnode, * dns_rbtnodechain_first or dns_rbtnodechain_last -- and remember that * dns_rbt_findnode is not guaranteed to point the chain somewhere, * since there may have been no predecessor to the searched for name. * * Ensures: \li The chain is pointed to the successor of its current target. \li 'name' and 'origin', if non-NULL, are set as described for dns_rbtnodechain_current. * \li 'origin' is only if a new origin was found. * Returns: \li #ISC_R_SUCCESS The successor was found and 'name' was set. \li #DNS_R_NEWORIGIN The successor was found with a different * origin and 'name' and 'origin' were set. \li #ISC_R_NOMORE There was no successor. \li <something_else> Any error result from dns_name_concatenate. / isc_result_t dns_rbtnodechain_down(dns_rbtnodechain_t chain, dns_name_t name, dns_name_t origin); /%< Descend down if possible. / isc_result_t dns_rbtnodechain_nextflat(dns_rbtnodechain_t chain, dns_name_t name); /%< * Find the next node at the current depth in DNSSEC order. / unsigned int dns__rbtnode_namelen(dns_rbtnode_t node); /%< Returns the length of the full name of the node. Used only internally * and in unit tests. / ISC_LANG_ENDDECLS #endif / DNS_RBT_H / ��dns/name.h��0000644��00000111625�15125204631�0006426 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_NAME_H #define DNS_NAME_H 1 /** * Module Info **/ /! \file dns/name.h * \brief * Provides facilities for manipulating DNS names and labels, including * conversions to and from wire format and text format. * * Given the large number of names possible in a nameserver, and because * names occur in rdata, it was important to come up with a very efficient * way of storing name data, but at the same time allow names to be * manipulated. The decision was to store names in uncompressed wire format, * and not to make them fully abstracted objects; i.e. certain parts of the * server know names are stored that way. This saves a lot of memory, and * makes adding names to messages easy. Having much of the server know * the representation would be perilous, and we certainly don't want each * user of names to be manipulating such a low-level structure. This is * where the Names and Labels module comes in. The module allows name or * label handles to be created and attached to uncompressed wire format * regions. All name operations and conversions are done through these * handles. * * MP: \li Clients of this module must impose any required synchronization. * Reliability: \li This module deals with low-level byte streams. Errors in any of the functions are likely to crash the server or corrupt memory. * * Resources: \li None. * Security: * \li WARNING * * \li dns_name_fromwire() deals with raw network data. An error in this routine could result in the failure or hijacking of the server. * * Standards: \li RFC1035 \li Draft EDNS0 (0) \li Draft Binary Labels (2) / / * Imports **/ #include <inttypes.h> #include <stdbool.h> #include <stdio.h> #include <isc/ht.h> #include <isc/lang.h> #include <isc/magic.h> #include <isc/region.h> / Required for storage size of dns_label_t. / #include <dns/types.h> ISC_LANG_BEGINDECLS /** * Labels * * A 'label' is basically a region. It contains one DNS wire format * label of type 00 (ordinary). */ /* * Names * * A 'name' is a handle to a binary region. It contains a sequence of one * or more DNS wire format labels of type 00 (ordinary). * Note that all names are not required to end with the root label, * as they are in the actual DNS wire protocol. */ /* * Types / /% * Clients are strongly discouraged from using this type directly, with * the exception of the 'link' and 'list' fields which may be used directly * for whatever purpose the client desires. / struct dns_name { unsigned int magic; unsigned char ndata; unsigned int length; unsigned int labels; unsigned int attributes; unsigned char offsets; isc_buffer_t buffer; ISC_LINK(dns_name_t) link; ISC_LIST(dns_rdataset_t) list; isc_ht_t ht; }; #define DNS_NAME_MAGIC ISC_MAGIC('D', 'N', 'S', 'n') #define DNS_NAMEATTR_ABSOLUTE 0x00000001 #define DNS_NAMEATTR_READONLY 0x00000002 #define DNS_NAMEATTR_DYNAMIC 0x00000004 #define DNS_NAMEATTR_DYNOFFSETS 0x00000008 #define DNS_NAMEATTR_NOCOMPRESS 0x00000010 / * Attributes below 0x0100 reserved for name.c usage. / #define DNS_NAMEATTR_CACHE 0x00000100 /%< Used by resolver. / #define DNS_NAMEATTR_ANSWER 0x00000200 /%< Used by resolver. / #define DNS_NAMEATTR_NCACHE 0x00000400 /%< Used by resolver. / #define DNS_NAMEATTR_CHAINING 0x00000800 /%< Used by resolver. / #define DNS_NAMEATTR_CHASE 0x00001000 /%< Used by resolver. / #define DNS_NAMEATTR_WILDCARD 0x00002000 /%< Used by server. / #define DNS_NAMEATTR_PREREQUISITE 0x00004000 /%< Used by client. / #define DNS_NAMEATTR_UPDATE 0x00008000 /%< Used by client. / #define DNS_NAMEATTR_HASUPDATEREC 0x00010000 /%< Used by client. / / * Various flags. / #define DNS_NAME_DOWNCASE 0x0001 #define DNS_NAME_CHECKNAMES 0x0002 /%< Used by rdata. / #define DNS_NAME_CHECKNAMESFAIL 0x0004 /%< Used by rdata. / #define DNS_NAME_CHECKREVERSE 0x0008 /%< Used by rdata. / #define DNS_NAME_CHECKMX 0x0010 /%< Used by rdata. / #define DNS_NAME_CHECKMXFAIL 0x0020 /%< Used by rdata. / LIBDNS_EXTERNAL_DATA extern const dns_name_t dns_rootname; LIBDNS_EXTERNAL_DATA extern const dns_name_t dns_wildcardname; /%< * DNS_NAME_INITNONABSOLUTE and DNS_NAME_INITABSOLUTE are macros for * initializing dns_name_t structures. * * Note[1]: 'length' is set to (sizeof(A) - 1) in DNS_NAME_INITNONABSOLUTE * and sizeof(A) in DNS_NAME_INITABSOLUTE to allow C strings to be used * to initialize 'ndata'. * * Note[2]: The final value of offsets for DNS_NAME_INITABSOLUTE should * match (sizeof(A) - 1) which is the offset of the root label. * * Typical usage: * unsigned char data[] = "\005value"; * unsigned char offsets[] = { 0 }; * dns_name_t value = DNS_NAME_INITNONABSOLUTE(data, offsets); * * unsigned char data[] = "\005value"; * unsigned char offsets[] = { 0, 6 }; * dns_name_t value = DNS_NAME_INITABSOLUTE(data, offsets); / #define DNS_NAME_INITNONABSOLUTE(A, B) \ { \ DNS_NAME_MAGIC, A, (sizeof(A) - 1), sizeof(B), \ DNS_NAMEATTR_READONLY, B, NULL, \ { (void )-1, (void )-1 }, { NULL, NULL }, NULL \ } #define DNS_NAME_INITABSOLUTE(A, B) \ { \ DNS_NAME_MAGIC, A, sizeof(A), sizeof(B), \ DNS_NAMEATTR_READONLY \| DNS_NAMEATTR_ABSOLUTE, B, \ NULL, { (void )-1, (void )-1 }, { NULL, NULL }, NULL \ } #define DNS_NAME_INITEMPTY \ { \ DNS_NAME_MAGIC, NULL, 0, 0, 0, NULL, NULL, \ { (void )-1, (void )-1 }, { NULL, NULL }, NULL \ } /% * Standard size of a wire format name / #define DNS_NAME_MAXWIRE 255 / * Text output filter procedure. * 'target' is the buffer to be converted. The region to be converted * is from 'buffer'->base + 'used_org' to the end of the used region. / typedef isc_result_t(dns_name_totextfilter_t)(isc_buffer_t target, unsigned int used_org); /* * Initialization **/ void dns_name_init(dns_name_t name, unsigned char offsets); /%< * Initialize 'name'. * * Notes: * \li 'offsets' is never required to be non-NULL, but specifying a * dns_offsets_t for 'offsets' will improve the performance of most * name operations if the name is used more than once. * * Requires: * \li 'name' is not NULL and points to a struct dns_name. * * \li offsets == NULL or offsets is a dns_offsets_t. * * Ensures: * \li 'name' is a valid name. * \li dns_name_countlabels(name) == 0 * \li dns_name_isabsolute(name) == false / void dns_name_reset(dns_name_t name); /%< Reinitialize 'name'. * * Notes: * \li This function distinguishes itself from dns_name_init() in two * key ways: * * \li + If any buffer is associated with 'name' (via dns_name_setbuffer() * or by being part of a dns_fixedname_t) the link to the buffer * is retained but the buffer itself is cleared. * * \li + Of the attributes associated with 'name', all are retained except * DNS_NAMEATTR_ABSOLUTE. * * Requires: * \li 'name' is a valid name. * * Ensures: * \li 'name' is a valid name. * \li dns_name_countlabels(name) == 0 * \li dns_name_isabsolute(name) == false / void dns_name_invalidate(dns_name_t name); /%< Make 'name' invalid. * * Requires: * \li 'name' is a valid name. * * Ensures: * \li If assertion checking is enabled, future attempts to use 'name' * without initializing it will cause an assertion failure. * * \li If the name had a dedicated buffer, that association is ended. / bool dns_name_isvalid(const dns_name_t name); /%< Check whether 'name' points to a valid dns_name / / * Dedicated Buffers **/ void dns_name_setbuffer(dns_name_t name, isc_buffer_t buffer); /%< * Dedicate a buffer for use with 'name'. * * Notes: * \li Specification of a target buffer in dns_name_fromwire(), * dns_name_fromtext(), and dns_name_concatenate() is optional if * 'name' has a dedicated buffer. * * \li The caller must not write to buffer until the name has been * invalidated or is otherwise known not to be in use. * * \li If buffer is NULL and the name previously had a dedicated buffer, * than that buffer is no longer dedicated to use with this name. * The caller is responsible for ensuring that the storage used by * the name remains valid. * * Requires: * \li 'name' is a valid name. * * \li 'buffer' is a valid binary buffer and 'name' doesn't have a * dedicated buffer already, or 'buffer' is NULL. / bool dns_name_hasbuffer(const dns_name_t name); /%< Does 'name' have a dedicated buffer? * * Requires: * \li 'name' is a valid name. * * Returns: * \li true 'name' has a dedicated buffer. * \li false 'name' does not have a dedicated buffer. / / * Properties **/ bool dns_name_isabsolute(const dns_name_t name); /%< Does 'name' end in the root label? * * Requires: * \li 'name' is a valid name * * Returns: * \li TRUE The last label in 'name' is the root label. * \li FALSE The last label in 'name' is not the root label. / bool dns_name_iswildcard(const dns_name_t name); /%< Is 'name' a wildcard name? * * Requires: * \li 'name' is a valid name * * \li dns_name_countlabels(name) > 0 * * Returns: * \li TRUE The least significant label of 'name' is ''. \li FALSE The least significant label of 'name' is not ''. / unsigned int dns_name_hash(const dns_name_t name, bool case_sensitive); /%< * Provide a hash value for 'name'. * * Note: if 'case_sensitive' is false, then names which differ only in * case will have the same hash value. * * Requires: * \li 'name' is a valid name * * Returns: * \li A hash value / unsigned int dns_name_fullhash(const dns_name_t name, bool case_sensitive); /%< Provide a hash value for 'name'. Unlike dns_name_hash(), this function * always takes into account of the entire name to calculate the hash value. * * Note: if 'case_sensitive' is false, then names which differ only in * case will have the same hash value. * * Requires: \li 'name' is a valid name * Returns: \li A hash value / /* * Comparisons / dns_namereln_t dns_name_fullcompare(const dns_name_t name1, const dns_name_t name2, int orderp, unsigned int nlabelsp); /%< * Determine the relative ordering under the DNSSEC order relation of * 'name1' and 'name2', and also determine the hierarchical * relationship of the names. * * Note: It makes no sense for one of the names to be relative and the * other absolute. If both names are relative, then to be meaningfully * compared the caller must ensure that they are both relative to the * same domain. * * Requires: \li 'name1' is a valid name \li dns_name_countlabels(name1) > 0 \li 'name2' is a valid name \li dns_name_countlabels(name2) > 0 \li orderp and nlabelsp are valid pointers. \li Either name1 is absolute and name2 is absolute, or neither is. * Ensures: * \li orderp is < 0 if name1 < name2, 0 if name1 = name2, > 0 if * name1 > name2. * \li nlabelsp is the number of common significant labels. * * Returns: \li dns_namereln_none There's no hierarchical relationship between name1 and name2. \li dns_namereln_contains name1 properly contains name2; i.e. name2 is a proper subdomain of name1. \li dns_namereln_subdomain name1 is a proper subdomain of name2. \li dns_namereln_equal name1 and name2 are equal. \li dns_namereln_commonancestor name1 and name2 share a common ancestor. / int dns_name_compare(const dns_name_t name1, const dns_name_t name2); /%< * Determine the relative ordering under the DNSSEC order relation of * 'name1' and 'name2'. * * Note: It makes no sense for one of the names to be relative and the * other absolute. If both names are relative, then to be meaningfully * compared the caller must ensure that they are both relative to the * same domain. * * Requires: * \li 'name1' is a valid name * * \li 'name2' is a valid name * * \li Either name1 is absolute and name2 is absolute, or neither is. * * Returns: * \li < 0 'name1' is less than 'name2' * \li 0 'name1' is equal to 'name2' * \li > 0 'name1' is greater than 'name2' / bool dns_name_equal(const dns_name_t name1, const dns_name_t name2); /%< * Are 'name1' and 'name2' equal? * * Notes: * \li Because it only needs to test for equality, dns_name_equal() can be * significantly faster than dns_name_fullcompare() or dns_name_compare(). * * \li Offsets tables are not used in the comparison. * * \li It makes no sense for one of the names to be relative and the * other absolute. If both names are relative, then to be meaningfully * compared the caller must ensure that they are both relative to the * same domain. * * Requires: * \li 'name1' is a valid name * * \li 'name2' is a valid name * * \li Either name1 is absolute and name2 is absolute, or neither is. * * Returns: * \li true 'name1' and 'name2' are equal * \li false 'name1' and 'name2' are not equal / bool dns_name_caseequal(const dns_name_t name1, const dns_name_t name2); /%< * Case sensitive version of dns_name_equal(). / int dns_name_rdatacompare(const dns_name_t name1, const dns_name_t name2); /%< * Compare two names as if they are part of rdata in DNSSEC canonical * form. * * Requires: * \li 'name1' is a valid absolute name * * \li dns_name_countlabels(name1) > 0 * * \li 'name2' is a valid absolute name * * \li dns_name_countlabels(name2) > 0 * * Returns: * \li < 0 'name1' is less than 'name2' * \li 0 'name1' is equal to 'name2' * \li > 0 'name1' is greater than 'name2' / bool dns_name_issubdomain(const dns_name_t name1, const dns_name_t name2); /%< * Is 'name1' a subdomain of 'name2'? * * Notes: * \li name1 is a subdomain of name2 if name1 is contained in name2, or * name1 equals name2. * * \li It makes no sense for one of the names to be relative and the * other absolute. If both names are relative, then to be meaningfully * compared the caller must ensure that they are both relative to the * same domain. * * Requires: * \li 'name1' is a valid name * * \li 'name2' is a valid name * * \li Either name1 is absolute and name2 is absolute, or neither is. * * Returns: * \li TRUE 'name1' is a subdomain of 'name2' * \li FALSE 'name1' is not a subdomain of 'name2' / bool dns_name_matcheswildcard(const dns_name_t name, const dns_name_t wname); /%< * Does 'name' match the wildcard specified in 'wname'? * * Notes: * \li name matches the wildcard specified in wname if all labels * following the wildcard in wname are identical to the same number * of labels at the end of name. * * \li It makes no sense for one of the names to be relative and the * other absolute. If both names are relative, then to be meaningfully * compared the caller must ensure that they are both relative to the * same domain. * * Requires: * \li 'name' is a valid name * * \li dns_name_countlabels(name) > 0 * * \li 'wname' is a valid name * * \li dns_name_countlabels(wname) > 0 * * \li dns_name_iswildcard(wname) is true * * \li Either name is absolute and wname is absolute, or neither is. * * Returns: * \li TRUE 'name' matches the wildcard specified in 'wname' * \li FALSE 'name' does not match the wildcard specified in 'wname' / / * Labels **/ unsigned int dns_name_countlabels(const dns_name_t name); /%< How many labels does 'name' have? * * Notes: * \li In this case, as in other places, a 'label' is an ordinary label. * * Requires: * \li 'name' is a valid name * * Ensures: * \li The result is <= 128. * * Returns: * \li The number of labels in 'name'. / void dns_name_getlabel(const dns_name_t name, unsigned int n, dns_label_t label); /%< * Make 'label' refer to the 'n'th least significant label of 'name'. * * Notes: * \li Numbering starts at 0. * * \li Given "rc.vix.com.", the label 0 is "rc", and label 3 is the * root label. * * \li 'label' refers to the same memory as 'name', so 'name' must not * be changed while 'label' is still in use. * * Requires: * \li n < dns_name_countlabels(name) / void dns_name_getlabelsequence(const dns_name_t source, unsigned int first, unsigned int n, dns_name_t target); /%< * Make 'target' refer to the 'n' labels including and following 'first' * in 'source'. * * Notes: * \li Numbering starts at 0. * * \li Given "rc.vix.com.", the label 0 is "rc", and label 3 is the * root label. * * \li 'target' refers to the same memory as 'source', so 'source' * must not be changed while 'target' is still in use. * * Requires: * \li 'source' and 'target' are valid names. * * \li first < dns_name_countlabels(name) * * \li first + n <= dns_name_countlabels(name) / void dns_name_clone(const dns_name_t source, dns_name_t target); /%< * Make 'target' refer to the same name as 'source'. * * Notes: * * \li 'target' refers to the same memory as 'source', so 'source' * must not be changed or freed while 'target' is still in use. * * \li This call is functionally equivalent to: * * \code * dns_name_getlabelsequence(source, 0, * dns_name_countlabels(source), * target); * \endcode * * but is more efficient. Also, dns_name_clone() works even if 'source' * is empty. * * Requires: * * \li 'source' is a valid name. * * \li 'target' is a valid name that is not read-only. / / * Conversions **/ void dns_name_fromregion(dns_name_t name, const isc_region_t r); /%< * Make 'name' refer to region 'r'. * * Note: * \li If the conversion encounters a root label before the end of the * region the conversion stops and the length is set to the length * so far converted. A maximum of 255 bytes is converted. * * Requires: * \li The data in 'r' is a sequence of one or more type 00 or type 01000001 * labels. / void dns_name_toregion(const dns_name_t name, isc_region_t r); /%< * Make 'r' refer to 'name'. * * Requires: * * \li 'name' is a valid name. * * \li 'r' is a valid region. / isc_result_t dns_name_fromwire(dns_name_t name, isc_buffer_t source, dns_decompress_t dctx, unsigned int options, isc_buffer_t target); /%< * Copy the possibly-compressed name at source (active region) into target, * decompressing it. * * Notes: * \li Decompression policy is controlled by 'dctx'. * * \li If DNS_NAME_DOWNCASE is set, any uppercase letters in 'source' will be * downcased when they are copied into 'target'. * * Security: * * \li * WARNING * * * \li This routine will often be used when 'source' contains raw network * data. A programming error in this routine could result in a denial * of service, or in the hijacking of the server. * * Requires: * * \li 'name' is a valid name. * * \li 'source' is a valid buffer and the first byte of the active * region should be the first byte of a DNS wire format domain name. * * \li 'target' is a valid buffer or 'target' is NULL and 'name' has * a dedicated buffer. * * \li 'dctx' is a valid decompression context. * * Ensures: * * If result is success: * \li If 'target' is not NULL, 'name' is attached to it. * * \li Uppercase letters are downcased in the copy iff * DNS_NAME_DOWNCASE is set in options. * * \li The current location in source is advanced, and the used space * in target is updated. * * Result: * \li Success * \li Bad Form: Label Length * \li Bad Form: Unknown Label Type * \li Bad Form: Name Length * \li Bad Form: Compression type not allowed * \li Bad Form: Bad compression pointer * \li Bad Form: Input too short * \li Resource Limit: Too many compression pointers * \li Resource Limit: Not enough space in buffer / isc_result_t dns_name_towire(const dns_name_t name, dns_compress_t cctx, isc_buffer_t target); isc_result_t dns_name_towire2(const dns_name_t name, dns_compress_t cctx, isc_buffer_t target, uint16_t comp_offsetp); /%< Convert 'name' into wire format, compressing it as specified by the * compression context 'cctx', and storing the result in 'target'. * * Notes: * \li If the compression context allows global compression, then the * global compression table may be updated. * * Requires: * \li 'name' is a valid name * * \li dns_name_countlabels(name) > 0 * * \li dns_name_isabsolute(name) == TRUE * * \li target is a valid buffer. * * \li Any offsets specified in a global compression table are valid * for buffer. * * Ensures: * * If the result is success: * * \li The used space in target is updated. * * Returns: * \li Success * \li Resource Limit: Not enough space in buffer / isc_result_t dns_name_fromtext(dns_name_t name, isc_buffer_t source, const dns_name_t origin, unsigned int options, isc_buffer_t target); /%< * Convert the textual representation of a DNS name at source * into uncompressed wire form stored in target. * * Notes: * \li Relative domain names will have 'origin' appended to them * unless 'origin' is NULL, in which case relative domain names * will remain relative. * * \li If DNS_NAME_DOWNCASE is set in 'options', any uppercase letters * in 'source' will be downcased when they are copied into 'target'. * * Requires: * * \li 'name' is a valid name. * * \li 'source' is a valid buffer. * * \li 'target' is a valid buffer or 'target' is NULL and 'name' has * a dedicated buffer. * * Ensures: * * If result is success: * \li If 'target' is not NULL, 'name' is attached to it. * * \li Uppercase letters are downcased in the copy iff * DNS_NAME_DOWNCASE is set in 'options'. * * \li The current location in source is advanced, and the used space * in target is updated. * * Result: \li #ISC_R_SUCCESS \li #DNS_R_EMPTYLABEL \li #DNS_R_LABELTOOLONG \li #DNS_R_BADESCAPE \li #DNS_R_BADDOTTEDQUAD \li #ISC_R_NOSPACE \li #ISC_R_UNEXPECTEDEND / #define DNS_NAME_OMITFINALDOT 0x01U #define DNS_NAME_MASTERFILE 0x02U /* escape $ and @ / isc_result_t dns_name_toprincipal(const dns_name_t name, isc_buffer_t target); isc_result_t dns_name_totext(const dns_name_t name, bool omit_final_dot, isc_buffer_t target); isc_result_t dns_name_totext2(const dns_name_t name, unsigned int options, isc_buffer_t target); /%< * Convert 'name' into text format, storing the result in 'target'. * * Notes: \li If 'omit_final_dot' is true, then the final '.' in absolute names other than the root name will be omitted. * \li If DNS_NAME_OMITFINALDOT is set in options, then the final '.' in absolute names other than the root name will be omitted. * \li If DNS_NAME_MASTERFILE is set in options, '$' and '@' will also be escaped. * \li If dns_name_countlabels == 0, the name will be "@", representing the current origin as described by RFC1035. * \li The name is not NUL terminated. * Requires: * \li 'name' is a valid name \li 'target' is a valid buffer. \li if dns_name_isabsolute == FALSE, then omit_final_dot == FALSE * Ensures: * \li If the result is success: the used space in target is updated. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOSPACE / #define DNS_NAME_MAXTEXT 1023 /%< * The maximum length of the text representation of a domain * name as generated by dns_name_totext(). This does not * include space for a terminating NULL. * * This definition is conservative - the actual maximum * is 1004, derived as follows: * * A backslash-decimal escaped character takes 4 bytes. * A wire-encoded name can be up to 255 bytes and each * label is one length byte + at most 63 bytes of data. * Maximizing the label lengths gives us a name of * three 63-octet labels, one 61-octet label, and the * root label: * * 1 + 63 + 1 + 63 + 1 + 63 + 1 + 61 + 1 = 255 * * When printed, this is (3 * 63 + 61) * 4 * bytes for the escaped label data + 4 bytes for the * dot terminating each label = 1004 bytes total. / isc_result_t dns_name_tofilenametext(const dns_name_t name, bool omit_final_dot, isc_buffer_t target); /%< * Convert 'name' into an alternate text format appropriate for filenames, * storing the result in 'target'. The name data is downcased, guaranteeing * that the filename does not depend on the case of the converted name. * * Notes: \li If 'omit_final_dot' is true, then the final '.' in absolute names other than the root name will be omitted. * \li The name is not NUL terminated. * Requires: * \li 'name' is a valid absolute name \li 'target' is a valid buffer. * Ensures: * \li If the result is success: the used space in target is updated. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOSPACE / isc_result_t dns_name_downcase(const dns_name_t source, dns_name_t name, isc_buffer_t target); /%< Downcase 'source'. * * Requires: * \li 'source' and 'name' are valid names. \li If source == name, then 'source' must not be read-only * \li Otherwise, 'target' is a valid buffer or 'target' is NULL and * 'name' has a dedicated buffer. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOSPACE * * Note: if source == name, then the result will always be ISC_R_SUCCESS. / isc_result_t dns_name_concatenate(const dns_name_t prefix, const dns_name_t suffix, dns_name_t name, isc_buffer_t target); /%< * Concatenate 'prefix' and 'suffix'. * * Requires: * \li 'prefix' is a valid name or NULL. \li 'suffix' is a valid name or NULL. \li 'name' is a valid name or NULL. \li 'target' is a valid buffer or 'target' is NULL and 'name' has a dedicated buffer. * \li If 'prefix' is absolute, 'suffix' must be NULL or the empty name. * Ensures: * \li On success, If 'target' is not NULL and 'name' is not NULL, then 'name' * is attached to it. * The used space in target is updated. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOSPACE \li #DNS_R_NAMETOOLONG / void dns_name_split(const dns_name_t name, unsigned int suffixlabels, dns_name_t prefix, dns_name_t suffix); /%< * * Split 'name' into two pieces on a label boundary. * * Notes: * \li 'name' is split such that 'suffix' holds the most significant * 'suffixlabels' labels. All other labels are stored in 'prefix'. * \li Copying name data is avoided as much as possible, so 'prefix' and 'suffix' will end up pointing at the data for 'name'. * \li It is legitimate to pass a 'prefix' or 'suffix' that has its name data stored someplace other than the dedicated buffer. * This is useful to avoid name copying in the calling function. * \li It is also legitimate to pass a 'prefix' or 'suffix' that is the same dns_name_t as 'name'. * * Requires: \li 'name' is a valid name. \li 'suffixlabels' cannot exceed the number of labels in 'name'. * \li 'prefix' is a valid name or NULL, and cannot be read-only. * \li 'suffix' is a valid name or NULL, and cannot be read-only. * Ensures: * \li On success: If 'prefix' is not NULL it will contain the least significant * labels. * If 'suffix' is not NULL it will contain the most significant * labels. dns_name_countlabels(suffix) will be equal to * suffixlabels. * \li On failure: Either 'prefix' or 'suffix' is invalidated (depending * on which one the problem was encountered with). * * Returns: \li #ISC_R_SUCCESS No worries. (This function should always success). / void dns_name_dup(const dns_name_t source, isc_mem_t mctx, dns_name_t target); /%< * Make 'target' a dynamically allocated copy of 'source'. * * Requires: * \li 'source' is a valid non-empty name. \li 'target' is a valid name that is not read-only. \li 'mctx' is a valid memory context. / isc_result_t dns_name_dupwithoffsets(const dns_name_t source, isc_mem_t mctx, dns_name_t target); /%< * Make 'target' a read-only dynamically allocated copy of 'source'. * 'target' will also have a dynamically allocated offsets table. * * Requires: * \li 'source' is a valid non-empty name. \li 'target' is a valid name that is not read-only. \li 'target' has no offsets table. \li 'mctx' is a valid memory context. / void dns_name_free(dns_name_t name, isc_mem_t mctx); /%< Free 'name'. * * Requires: * \li 'name' is a valid name created previously in 'mctx' by dns_name_dup(). \li 'mctx' is a valid memory context. * Ensures: * \li All dynamic resources used by 'name' are freed and the name is invalidated. / isc_result_t dns_name_digest(const dns_name_t name, dns_digestfunc_t digest, void arg); /%< * Send 'name' in DNSSEC canonical form to 'digest'. * * Requires: * \li 'name' is a valid name. \li 'digest' is a valid dns_digestfunc_t. * Ensures: * \li If successful, the DNSSEC canonical form of 'name' will have been sent to 'digest'. * \li If digest() returns something other than ISC_R_SUCCESS, that result will be returned as the result of dns_name_digest(). * * Returns: * \li #ISC_R_SUCCESS \li Many other results are possible if not successful. / bool dns_name_dynamic(const dns_name_t name); /%< Returns whether there is dynamic memory associated with this name. * * Requires: * \li 'name' is a valid name. * Returns: * \li 'true' if the name is dynamic otherwise 'false'. / isc_result_t dns_name_print(const dns_name_t name, FILE stream); /%< Print 'name' on 'stream'. * * Requires: * \li 'name' is a valid name. \li 'stream' is a valid stream. * Returns: * \li #ISC_R_SUCCESS \li Any error that dns_name_totext() can return. / void dns_name_format(const dns_name_t name, char cp, unsigned int size); /%< Format 'name' as text appropriate for use in log messages. * * Store the formatted name at 'cp', writing no more than * 'size' bytes. The resulting string is guaranteed to be * null terminated. * * The formatted name will have a terminating dot only if it is * the root. * * This function cannot fail, instead any errors are indicated * in the returned text. * * Requires: * \li 'name' is a valid name. \li 'cp' points a valid character array of size 'size'. \li 'size' > 0. / isc_result_t dns_name_tostring(const dns_name_t source, char *target, isc_mem_t mctx); /%< Convert 'name' to string format, allocating sufficient memory to * hold it (free with isc_mem_free()). * * Differs from dns_name_format in that it allocates its own memory. * * Requires: * \li 'name' is a valid name. \li 'target' is not NULL. \li 'target' is NULL. * * Returns: * \li ISC_R_SUCCESS \li ISC_R_NOMEMORY * \li Any error that dns_name_totext() can return. / isc_result_t dns_name_fromstring(dns_name_t target, const char src, unsigned int options, isc_mem_t mctx); isc_result_t dns_name_fromstring2(dns_name_t target, const char src, const dns_name_t origin, unsigned int options, isc_mem_t mctx); /%< * Convert a string to a name and place it in target, allocating memory * as necessary. 'options' has the same semantics as that of * dns_name_fromtext(). * * If 'target' has a buffer then the name will be copied into it rather than * memory being allocated. * * Requires: * * \li 'target' is a valid name that is not read-only. * \li 'src' is not NULL. * * Returns: * \li #ISC_R_SUCCESS \li Any error that dns_name_fromtext() can return. \li Any error that dns_name_dup() can return. / isc_result_t dns_name_settotextfilter(dns_name_totextfilter_t proc); /%< * Set / clear a thread specific function 'proc' to be called at the * end of dns_name_totext(). * * Note: Under Windows you need to call "dns_name_settotextfilter(NULL);" * prior to exiting the thread otherwise memory will be leaked. * For other platforms, which are pthreads based, this is still a good * idea but not required. * * Returns \li #ISC_R_SUCCESS \li #ISC_R_UNEXPECTED / #define DNS_NAME_FORMATSIZE (DNS_NAME_MAXTEXT + 1) /%< * Suggested size of buffer passed to dns_name_format(). * Includes space for the terminating NULL. / isc_result_t dns_name_copy(const dns_name_t source, dns_name_t dest, isc_buffer_t target); /%< Copies the name in 'source' into 'dest'. The name data is copied to * the 'target' buffer, which is then set as the buffer for 'dest'. * * Requires: * \li 'source' is a valid name. * * \li 'dest' is an initialized name. * * \li 'target' is an initialized buffer. * * Ensures: * \li On success, the used space in target is updated. * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOSPACE / void dns_name_copynf(const dns_name_t source, dns_name_t dest); /%< * Copies the name in 'source' into 'dest'. The name data is copied to * the dedicated buffer for 'dest'. * * Requires: * \li 'source' is a valid name. * * \li 'dest' is an initialized name with a dedicated buffer. / bool dns_name_ishostname(const dns_name_t name, bool wildcard); /%< Return if 'name' is a valid hostname. RFC 952 / RFC 1123. * If 'wildcard' is true then allow the first label of name to * be a wildcard. * The root is also accepted. * * Requires: * 'name' to be valid. / bool dns_name_ismailbox(const dns_name_t name); /%< Return if 'name' is a valid mailbox. RFC 821. * * Requires: * \li 'name' to be valid. / bool dns_name_internalwildcard(const dns_name_t name); /%< Return if 'name' contains a internal wildcard name. * * Requires: * \li 'name' to be valid. / bool dns_name_isdnssd(const dns_name_t owner); /%< Determine if the 'owner' is a DNS-SD prefix. / bool dns_name_isrfc1918(const dns_name_t owner); /%< Determine if the 'name' is in the RFC 1918 reverse namespace. / bool dns_name_isula(const dns_name_t owner); /%< Determine if the 'name' is in the ULA reverse namespace. / bool dns_name_istat(const dns_name_t name); /* * Determine if 'name' is a potential 'trust-anchor-telemetry' name. / ISC_LANG_ENDDECLS / * High Performance Macros / / * WARNING: Use of these macros by applications may require recompilation * of the application in some situations where calling the function * would not. * * WARNING: No assertion checking is done for these macros. / #define DNS_NAME_INIT(n, o) \ do { \ dns_name_t _n = (n); \ /* memset(_n, 0, sizeof(_n)); / \ _n->magic = DNS_NAME_MAGIC; \ _n->ndata = NULL; \ _n->length = 0; \ _n->labels = 0; \ _n->attributes = 0; \ _n->offsets = (o); \ _n->buffer = NULL; \ ISC_LINK_INIT(_n, link); \ ISC_LIST_INIT(_n->list); \ _n->ht = NULL; \ } while (0) #define DNS_NAME_RESET(n) \ do { \ (n)->ndata = NULL; \ (n)->length = 0; \ (n)->labels = 0; \ (n)->attributes &= ~DNS_NAMEATTR_ABSOLUTE; \ if ((n)->buffer != NULL) \ isc_buffer_clear((n)->buffer); \ } while (0) #define DNS_NAME_SETBUFFER(n, b) (n)->buffer = (b) #define DNS_NAME_ISABSOLUTE(n) \ (((n)->attributes & DNS_NAMEATTR_ABSOLUTE) != 0 ? true : false) #define DNS_NAME_COUNTLABELS(n) ((n)->labels) #define DNS_NAME_TOREGION(n, r) \ do { \ (r)->base = (n)->ndata; \ (r)->length = (n)->length; \ } while (0) #define DNS_NAME_SPLIT(n, l, p, s) \ do { \ dns_name_t _n = (n); \ dns_name_t _p = (p); \ dns_name_t _s = (s); \ unsigned int _l = (l); \ if (_p != NULL) \ dns_name_getlabelsequence(_n, 0, _n->labels - _l, _p); \ if (_s != NULL) \ dns_name_getlabelsequence(_n, _n->labels - _l, _l, \ _s); \ } while (0) #ifdef DNS_NAME_USEINLINE #define dns_name_init(n, o) DNS_NAME_INIT(n, o) #define dns_name_reset(n) DNS_NAME_RESET(n) #define dns_name_setbuffer(n, b) DNS_NAME_SETBUFFER(n, b) #define dns_name_countlabels(n) DNS_NAME_COUNTLABELS(n) #define dns_name_isabsolute(n) DNS_NAME_ISABSOLUTE(n) #define dns_name_toregion(n, r) DNS_NAME_TOREGION(n, r) #define dns_name_split(n, l, p, s) DNS_NAME_SPLIT(n, l, p, s) #endif / DNS_NAME_USEINLINE / #endif / DNS_NAME_H / ��dns/stats.h��0000644��00000060161�15125204631�0006642 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_STATS_H #define DNS_STATS_H 1 /! \file dns/stats.h / #include <inttypes.h> #include <dns/types.h> /% * Statistics counters. Used as isc_statscounter_t values. / enum { /% * Resolver statistics counters. / dns_resstatscounter_queryv4 = 0, dns_resstatscounter_queryv6 = 1, dns_resstatscounter_responsev4 = 2, dns_resstatscounter_responsev6 = 3, dns_resstatscounter_nxdomain = 4, dns_resstatscounter_servfail = 5, dns_resstatscounter_formerr = 6, dns_resstatscounter_othererror = 7, dns_resstatscounter_edns0fail = 8, dns_resstatscounter_mismatch = 9, dns_resstatscounter_truncated = 10, dns_resstatscounter_lame = 11, dns_resstatscounter_retry = 12, dns_resstatscounter_gluefetchv4 = 13, dns_resstatscounter_gluefetchv6 = 14, dns_resstatscounter_gluefetchv4fail = 15, dns_resstatscounter_gluefetchv6fail = 16, dns_resstatscounter_val = 17, dns_resstatscounter_valsuccess = 18, dns_resstatscounter_valnegsuccess = 19, dns_resstatscounter_valfail = 20, dns_resstatscounter_dispabort = 21, dns_resstatscounter_dispsockfail = 22, dns_resstatscounter_querytimeout = 23, dns_resstatscounter_queryrtt0 = 24, dns_resstatscounter_queryrtt1 = 25, dns_resstatscounter_queryrtt2 = 26, dns_resstatscounter_queryrtt3 = 27, dns_resstatscounter_queryrtt4 = 28, dns_resstatscounter_queryrtt5 = 29, dns_resstatscounter_nfetch = 30, dns_resstatscounter_disprequdp = 31, dns_resstatscounter_dispreqtcp = 32, dns_resstatscounter_buckets = 33, dns_resstatscounter_refused = 34, dns_resstatscounter_cookienew = 35, dns_resstatscounter_cookieout = 36, dns_resstatscounter_cookiein = 37, dns_resstatscounter_cookieok = 38, dns_resstatscounter_badvers = 39, dns_resstatscounter_badcookie = 40, dns_resstatscounter_zonequota = 41, dns_resstatscounter_serverquota = 42, dns_resstatscounter_nextitem = 43, dns_resstatscounter_priming = 44, dns_resstatscounter_max = 45, / * DNSSEC stats. / dns_dnssecstats_asis = 0, dns_dnssecstats_downcase = 1, dns_dnssecstats_wildcard = 2, dns_dnssecstats_fail = 3, dns_dnssecstats_max = 4, /% * Zone statistics counters. / dns_zonestatscounter_notifyoutv4 = 0, dns_zonestatscounter_notifyoutv6 = 1, dns_zonestatscounter_notifyinv4 = 2, dns_zonestatscounter_notifyinv6 = 3, dns_zonestatscounter_notifyrej = 4, dns_zonestatscounter_soaoutv4 = 5, dns_zonestatscounter_soaoutv6 = 6, dns_zonestatscounter_axfrreqv4 = 7, dns_zonestatscounter_axfrreqv6 = 8, dns_zonestatscounter_ixfrreqv4 = 9, dns_zonestatscounter_ixfrreqv6 = 10, dns_zonestatscounter_xfrsuccess = 11, dns_zonestatscounter_xfrfail = 12, dns_zonestatscounter_max = 13, / * Adb statistics values. / dns_adbstats_nentries = 0, dns_adbstats_entriescnt = 1, dns_adbstats_nnames = 2, dns_adbstats_namescnt = 3, dns_adbstats_max = 4, / * Cache statistics values. / dns_cachestatscounter_hits = 1, dns_cachestatscounter_misses = 2, dns_cachestatscounter_queryhits = 3, dns_cachestatscounter_querymisses = 4, dns_cachestatscounter_deletelru = 5, dns_cachestatscounter_deletettl = 6, dns_cachestatscounter_max = 7, /% * Query statistics counters (obsolete). / dns_statscounter_success = 0, /%< Successful lookup / dns_statscounter_referral = 1, /%< Referral result / dns_statscounter_nxrrset = 2, /%< NXRRSET result / dns_statscounter_nxdomain = 3, /%< NXDOMAIN result / dns_statscounter_recursion = 4, /%< Recursion was used / dns_statscounter_failure = 5, /%< Some other failure / dns_statscounter_duplicate = 6, /%< Duplicate query / dns_statscounter_dropped = 7, /%< Duplicate query (dropped) / /% * DNSTAP statistics counters. / dns_dnstapcounter_success = 0, dns_dnstapcounter_drop = 1, dns_dnstapcounter_max = 2, / * Glue cache statistics counters. / dns_gluecachestatscounter_hits_present = 0, dns_gluecachestatscounter_hits_absent = 1, dns_gluecachestatscounter_inserts_present = 2, dns_gluecachestatscounter_inserts_absent = 3, dns_gluecachestatscounter_max = 4, }; /% * Traffic size statistics counters. Used as isc_statscounter_t values. / enum { dns_sizecounter_in_0 = 0, dns_sizecounter_in_16 = 1, dns_sizecounter_in_32 = 2, dns_sizecounter_in_48 = 3, dns_sizecounter_in_64 = 4, dns_sizecounter_in_80 = 5, dns_sizecounter_in_96 = 6, dns_sizecounter_in_112 = 7, dns_sizecounter_in_128 = 8, dns_sizecounter_in_144 = 9, dns_sizecounter_in_160 = 10, dns_sizecounter_in_176 = 11, dns_sizecounter_in_192 = 12, dns_sizecounter_in_208 = 13, dns_sizecounter_in_224 = 14, dns_sizecounter_in_240 = 15, dns_sizecounter_in_256 = 16, dns_sizecounter_in_272 = 17, dns_sizecounter_in_288 = 18, dns_sizecounter_in_max = 19, }; enum { dns_sizecounter_out_0 = 0, dns_sizecounter_out_16 = 1, dns_sizecounter_out_32 = 2, dns_sizecounter_out_48 = 3, dns_sizecounter_out_64 = 4, dns_sizecounter_out_80 = 5, dns_sizecounter_out_96 = 6, dns_sizecounter_out_112 = 7, dns_sizecounter_out_128 = 8, dns_sizecounter_out_144 = 9, dns_sizecounter_out_160 = 10, dns_sizecounter_out_176 = 11, dns_sizecounter_out_192 = 12, dns_sizecounter_out_208 = 13, dns_sizecounter_out_224 = 14, dns_sizecounter_out_240 = 15, dns_sizecounter_out_256 = 16, dns_sizecounter_out_272 = 17, dns_sizecounter_out_288 = 18, dns_sizecounter_out_304 = 19, dns_sizecounter_out_320 = 20, dns_sizecounter_out_336 = 21, dns_sizecounter_out_352 = 22, dns_sizecounter_out_368 = 23, dns_sizecounter_out_384 = 24, dns_sizecounter_out_400 = 25, dns_sizecounter_out_416 = 26, dns_sizecounter_out_432 = 27, dns_sizecounter_out_448 = 28, dns_sizecounter_out_464 = 29, dns_sizecounter_out_480 = 30, dns_sizecounter_out_496 = 31, dns_sizecounter_out_512 = 32, dns_sizecounter_out_528 = 33, dns_sizecounter_out_544 = 34, dns_sizecounter_out_560 = 35, dns_sizecounter_out_576 = 36, dns_sizecounter_out_592 = 37, dns_sizecounter_out_608 = 38, dns_sizecounter_out_624 = 39, dns_sizecounter_out_640 = 40, dns_sizecounter_out_656 = 41, dns_sizecounter_out_672 = 42, dns_sizecounter_out_688 = 43, dns_sizecounter_out_704 = 44, dns_sizecounter_out_720 = 45, dns_sizecounter_out_736 = 46, dns_sizecounter_out_752 = 47, dns_sizecounter_out_768 = 48, dns_sizecounter_out_784 = 49, dns_sizecounter_out_800 = 50, dns_sizecounter_out_816 = 51, dns_sizecounter_out_832 = 52, dns_sizecounter_out_848 = 53, dns_sizecounter_out_864 = 54, dns_sizecounter_out_880 = 55, dns_sizecounter_out_896 = 56, dns_sizecounter_out_912 = 57, dns_sizecounter_out_928 = 58, dns_sizecounter_out_944 = 59, dns_sizecounter_out_960 = 60, dns_sizecounter_out_976 = 61, dns_sizecounter_out_992 = 62, dns_sizecounter_out_1008 = 63, dns_sizecounter_out_1024 = 64, dns_sizecounter_out_1040 = 65, dns_sizecounter_out_1056 = 66, dns_sizecounter_out_1072 = 67, dns_sizecounter_out_1088 = 68, dns_sizecounter_out_1104 = 69, dns_sizecounter_out_1120 = 70, dns_sizecounter_out_1136 = 71, dns_sizecounter_out_1152 = 72, dns_sizecounter_out_1168 = 73, dns_sizecounter_out_1184 = 74, dns_sizecounter_out_1200 = 75, dns_sizecounter_out_1216 = 76, dns_sizecounter_out_1232 = 77, dns_sizecounter_out_1248 = 78, dns_sizecounter_out_1264 = 79, dns_sizecounter_out_1280 = 80, dns_sizecounter_out_1296 = 81, dns_sizecounter_out_1312 = 82, dns_sizecounter_out_1328 = 83, dns_sizecounter_out_1344 = 84, dns_sizecounter_out_1360 = 85, dns_sizecounter_out_1376 = 86, dns_sizecounter_out_1392 = 87, dns_sizecounter_out_1408 = 88, dns_sizecounter_out_1424 = 89, dns_sizecounter_out_1440 = 90, dns_sizecounter_out_1456 = 91, dns_sizecounter_out_1472 = 92, dns_sizecounter_out_1488 = 93, dns_sizecounter_out_1504 = 94, dns_sizecounter_out_1520 = 95, dns_sizecounter_out_1536 = 96, dns_sizecounter_out_1552 = 97, dns_sizecounter_out_1568 = 98, dns_sizecounter_out_1584 = 99, dns_sizecounter_out_1600 = 100, dns_sizecounter_out_1616 = 101, dns_sizecounter_out_1632 = 102, dns_sizecounter_out_1648 = 103, dns_sizecounter_out_1664 = 104, dns_sizecounter_out_1680 = 105, dns_sizecounter_out_1696 = 106, dns_sizecounter_out_1712 = 107, dns_sizecounter_out_1728 = 108, dns_sizecounter_out_1744 = 109, dns_sizecounter_out_1760 = 110, dns_sizecounter_out_1776 = 111, dns_sizecounter_out_1792 = 112, dns_sizecounter_out_1808 = 113, dns_sizecounter_out_1824 = 114, dns_sizecounter_out_1840 = 115, dns_sizecounter_out_1856 = 116, dns_sizecounter_out_1872 = 117, dns_sizecounter_out_1888 = 118, dns_sizecounter_out_1904 = 119, dns_sizecounter_out_1920 = 120, dns_sizecounter_out_1936 = 121, dns_sizecounter_out_1952 = 122, dns_sizecounter_out_1968 = 123, dns_sizecounter_out_1984 = 124, dns_sizecounter_out_2000 = 125, dns_sizecounter_out_2016 = 126, dns_sizecounter_out_2032 = 127, dns_sizecounter_out_2048 = 128, dns_sizecounter_out_2064 = 129, dns_sizecounter_out_2080 = 130, dns_sizecounter_out_2096 = 131, dns_sizecounter_out_2112 = 132, dns_sizecounter_out_2128 = 133, dns_sizecounter_out_2144 = 134, dns_sizecounter_out_2160 = 135, dns_sizecounter_out_2176 = 136, dns_sizecounter_out_2192 = 137, dns_sizecounter_out_2208 = 138, dns_sizecounter_out_2224 = 139, dns_sizecounter_out_2240 = 140, dns_sizecounter_out_2256 = 141, dns_sizecounter_out_2272 = 142, dns_sizecounter_out_2288 = 143, dns_sizecounter_out_2304 = 144, dns_sizecounter_out_2320 = 145, dns_sizecounter_out_2336 = 146, dns_sizecounter_out_2352 = 147, dns_sizecounter_out_2368 = 148, dns_sizecounter_out_2384 = 149, dns_sizecounter_out_2400 = 150, dns_sizecounter_out_2416 = 151, dns_sizecounter_out_2432 = 152, dns_sizecounter_out_2448 = 153, dns_sizecounter_out_2464 = 154, dns_sizecounter_out_2480 = 155, dns_sizecounter_out_2496 = 156, dns_sizecounter_out_2512 = 157, dns_sizecounter_out_2528 = 158, dns_sizecounter_out_2544 = 159, dns_sizecounter_out_2560 = 160, dns_sizecounter_out_2576 = 161, dns_sizecounter_out_2592 = 162, dns_sizecounter_out_2608 = 163, dns_sizecounter_out_2624 = 164, dns_sizecounter_out_2640 = 165, dns_sizecounter_out_2656 = 166, dns_sizecounter_out_2672 = 167, dns_sizecounter_out_2688 = 168, dns_sizecounter_out_2704 = 169, dns_sizecounter_out_2720 = 170, dns_sizecounter_out_2736 = 171, dns_sizecounter_out_2752 = 172, dns_sizecounter_out_2768 = 173, dns_sizecounter_out_2784 = 174, dns_sizecounter_out_2800 = 175, dns_sizecounter_out_2816 = 176, dns_sizecounter_out_2832 = 177, dns_sizecounter_out_2848 = 178, dns_sizecounter_out_2864 = 179, dns_sizecounter_out_2880 = 180, dns_sizecounter_out_2896 = 181, dns_sizecounter_out_2912 = 182, dns_sizecounter_out_2928 = 183, dns_sizecounter_out_2944 = 184, dns_sizecounter_out_2960 = 185, dns_sizecounter_out_2976 = 186, dns_sizecounter_out_2992 = 187, dns_sizecounter_out_3008 = 188, dns_sizecounter_out_3024 = 189, dns_sizecounter_out_3040 = 190, dns_sizecounter_out_3056 = 191, dns_sizecounter_out_3072 = 192, dns_sizecounter_out_3088 = 193, dns_sizecounter_out_3104 = 194, dns_sizecounter_out_3120 = 195, dns_sizecounter_out_3136 = 196, dns_sizecounter_out_3152 = 197, dns_sizecounter_out_3168 = 198, dns_sizecounter_out_3184 = 199, dns_sizecounter_out_3200 = 200, dns_sizecounter_out_3216 = 201, dns_sizecounter_out_3232 = 202, dns_sizecounter_out_3248 = 203, dns_sizecounter_out_3264 = 204, dns_sizecounter_out_3280 = 205, dns_sizecounter_out_3296 = 206, dns_sizecounter_out_3312 = 207, dns_sizecounter_out_3328 = 208, dns_sizecounter_out_3344 = 209, dns_sizecounter_out_3360 = 210, dns_sizecounter_out_3376 = 211, dns_sizecounter_out_3392 = 212, dns_sizecounter_out_3408 = 213, dns_sizecounter_out_3424 = 214, dns_sizecounter_out_3440 = 215, dns_sizecounter_out_3456 = 216, dns_sizecounter_out_3472 = 217, dns_sizecounter_out_3488 = 218, dns_sizecounter_out_3504 = 219, dns_sizecounter_out_3520 = 220, dns_sizecounter_out_3536 = 221, dns_sizecounter_out_3552 = 222, dns_sizecounter_out_3568 = 223, dns_sizecounter_out_3584 = 224, dns_sizecounter_out_3600 = 225, dns_sizecounter_out_3616 = 226, dns_sizecounter_out_3632 = 227, dns_sizecounter_out_3648 = 228, dns_sizecounter_out_3664 = 229, dns_sizecounter_out_3680 = 230, dns_sizecounter_out_3696 = 231, dns_sizecounter_out_3712 = 232, dns_sizecounter_out_3728 = 233, dns_sizecounter_out_3744 = 234, dns_sizecounter_out_3760 = 235, dns_sizecounter_out_3776 = 236, dns_sizecounter_out_3792 = 237, dns_sizecounter_out_3808 = 238, dns_sizecounter_out_3824 = 239, dns_sizecounter_out_3840 = 240, dns_sizecounter_out_3856 = 241, dns_sizecounter_out_3872 = 242, dns_sizecounter_out_3888 = 243, dns_sizecounter_out_3904 = 244, dns_sizecounter_out_3920 = 245, dns_sizecounter_out_3936 = 246, dns_sizecounter_out_3952 = 247, dns_sizecounter_out_3968 = 248, dns_sizecounter_out_3984 = 249, dns_sizecounter_out_4000 = 250, dns_sizecounter_out_4016 = 251, dns_sizecounter_out_4032 = 252, dns_sizecounter_out_4048 = 253, dns_sizecounter_out_4064 = 254, dns_sizecounter_out_4080 = 255, dns_sizecounter_out_4096 = 256, dns_sizecounter_out_max = 257 }; #define DNS_STATS_NCOUNTERS 8 #if 0 /%< * Flag(s) for dns_xxxstats_dump(). DNS_STATSDUMP_VERBOSE is obsolete. * ISC_STATSDUMP_VERBOSE should be used instead. These two values are * intentionally defined to be the same value to ensure binary compatibility. / #define DNS_STATSDUMP_VERBOSE 0x00000001 /%< dump 0-value counters / #endif / if 0 / /%< * (Obsoleted) / LIBDNS_EXTERNAL_DATA extern const char dns_statscounter_names[]; /% Attributes for statistics counters of RRset and Rdatatype types. * * _OTHERTYPE * The rdata type is not explicitly supported and the corresponding counter * is counted for other such types, too. When this attribute is set, * the base type is of no use. * * _NXRRSET * RRset type counters only. Indicates the RRset is non existent. * * _NXDOMAIN * RRset type counters only. Indicates a non existent name. When this * attribute is set, the base type is of no use. * * _STALE * RRset type counters only. This indicates a record that is stale * but may still be served. * * _ANCIENT * RRset type counters only. This indicates a record that is marked for * removal. / #define DNS_RDATASTATSTYPE_ATTR_OTHERTYPE 0x0001 #define DNS_RDATASTATSTYPE_ATTR_NXRRSET 0x0002 #define DNS_RDATASTATSTYPE_ATTR_NXDOMAIN 0x0004 #define DNS_RDATASTATSTYPE_ATTR_STALE 0x0008 #define DNS_RDATASTATSTYPE_ATTR_ANCIENT 0x0010 /%< * Conversion macros among dns_rdatatype_t, attributes and isc_statscounter_t. / #define DNS_RDATASTATSTYPE_BASE(type) ((dns_rdatatype_t)((type)&0xFFFF)) #define DNS_RDATASTATSTYPE_ATTR(type) ((type) >> 16) #define DNS_RDATASTATSTYPE_VALUE(b, a) (((a) << 16) \| (b)) /% * Types of DNSSEC sign statistics operations. / typedef enum { dns_dnssecsignstats_sign = 1, dns_dnssecsignstats_refresh = 2 } dnssecsignstats_type_t; /%< * Types of dump callbacks. / typedef void (dns_generalstats_dumper_t)(isc_statscounter_t, uint64_t, void ); typedef void (dns_rdatatypestats_dumper_t)(dns_rdatastatstype_t, uint64_t, void ); typedef void (dns_dnssecsignstats_dumper_t)(dns_keytag_t, uint64_t, void ); typedef void (dns_opcodestats_dumper_t)(dns_opcode_t, uint64_t, void ); typedef void (dns_rcodestats_dumper_t)(dns_rcode_t, uint64_t, void ); ISC_LANG_BEGINDECLS isc_result_t dns_generalstats_create(isc_mem_t mctx, dns_stats_t *statsp, int ncounters); /%< * Create a statistics counter structure of general type. It counts a general * set of counters indexed by an ID between 0 and ncounters -1. * This function is obsolete. A more general function, isc_stats_create(), * should be used. * * Requires: \li 'mctx' must be a valid memory context. \li 'statsp' != NULL && 'statsp' == NULL. * * Returns: \li ISC_R_SUCCESS -- all ok \li anything else -- failure / isc_result_t dns_rdatatypestats_create(isc_mem_t mctx, dns_stats_t statsp); /%< * Create a statistics counter structure per rdatatype. * * Requires: \li 'mctx' must be a valid memory context. \li 'statsp' != NULL && 'statsp' == NULL. * * Returns: \li ISC_R_SUCCESS -- all ok \li anything else -- failure / isc_result_t dns_rdatasetstats_create(isc_mem_t mctx, dns_stats_t statsp); /%< * Create a statistics counter structure per RRset. * * Requires: \li 'mctx' must be a valid memory context. \li 'statsp' != NULL && 'statsp' == NULL. * * Returns: \li ISC_R_SUCCESS -- all ok \li anything else -- failure / isc_result_t dns_opcodestats_create(isc_mem_t mctx, dns_stats_t statsp); /%< * Create a statistics counter structure per opcode. * * Requires: \li 'mctx' must be a valid memory context. \li 'statsp' != NULL && 'statsp' == NULL. * * Returns: \li ISC_R_SUCCESS -- all ok \li anything else -- failure / isc_result_t dns_rcodestats_create(isc_mem_t mctx, dns_stats_t statsp); /%< * Create a statistics counter structure per assigned rcode. * * Requires: \li 'mctx' must be a valid memory context. \li 'statsp' != NULL && 'statsp' == NULL. * * Returns: \li ISC_R_SUCCESS -- all ok \li anything else -- failure / isc_result_t dns_dnssecsignstats_create(isc_mem_t mctx, dns_stats_t statsp); /%< * Create a statistics counter structure per assigned DNSKEY id. * * Requires: \li 'mctx' must be a valid memory context. \li 'statsp' != NULL && 'statsp' == NULL. * * Returns: \li ISC_R_SUCCESS -- all ok \li anything else -- failure / void dns_stats_attach(dns_stats_t stats, dns_stats_t statsp); /%< * Attach to a statistics set. * * Requires: \li 'stats' is a valid dns_stats_t. \li 'statsp' != NULL && 'statsp' == NULL / void dns_stats_detach(dns_stats_t statsp); /%< * Detaches from the statistics set. * * Requires: \li 'statsp' != NULL and 'statsp' is a valid dns_stats_t. / void dns_generalstats_increment(dns_stats_t stats, isc_statscounter_t counter); /%< Increment the counter-th counter of stats. This function is obsolete. * A more general function, isc_stats_increment(), should be used. * * Requires: \li 'stats' is a valid dns_stats_t created by dns_generalstats_create(). \li counter is less than the maximum available ID for the stats specified on creation. / void dns_rdatatypestats_increment(dns_stats_t stats, dns_rdatatype_t type); /%< Increment the statistics counter for 'type'. * * Requires: \li 'stats' is a valid dns_stats_t created by dns_rdatatypestats_create(). / void dns_rdatasetstats_increment(dns_stats_t stats, dns_rdatastatstype_t rrsettype); /%< * Increment the statistics counter for 'rrsettype'. * * Note: if 'rrsettype' has the _STALE attribute set the corresponding * non-stale counter will be decremented. * * Requires: \li 'stats' is a valid dns_stats_t created by dns_rdatasetstats_create(). / void dns_rdatasetstats_decrement(dns_stats_t stats, dns_rdatastatstype_t rrsettype); /%< * Decrement the statistics counter for 'rrsettype'. * * Requires: \li 'stats' is a valid dns_stats_t created by dns_rdatasetstats_create(). / void dns_opcodestats_increment(dns_stats_t stats, dns_opcode_t code); /%< * Increment the statistics counter for 'code'. * * Requires: \li 'stats' is a valid dns_stats_t created by dns_opcodestats_create(). / void dns_rcodestats_increment(dns_stats_t stats, dns_opcode_t code); /%< * Increment the statistics counter for 'code'. * * Requires: \li 'stats' is a valid dns_stats_t created by dns_rcodestats_create(). / void dns_dnssecsignstats_increment(dns_stats_t stats, dns_keytag_t id, uint8_t alg, dnssecsignstats_type_t operation); /%< * Increment the statistics counter for the DNSKEY 'id' with algorithm 'alg'. * The 'operation' determines what counter is incremented. * * Requires: \li 'stats' is a valid dns_stats_t created by dns_dnssecsignstats_create(). / void dns_dnssecsignstats_clear(dns_stats_t stats, dns_keytag_t id, uint8_t alg); /%< * Clear the statistics counter for the DNSKEY 'id' with algorithm 'alg'. * * Requires: \li 'stats' is a valid dns_stats_t created by dns_dnssecsignstats_create(). / void dns_generalstats_dump(dns_stats_t stats, dns_generalstats_dumper_t dump_fn, void arg, unsigned int options); /%< Dump the current statistics counters in a specified way. For each counter * in stats, dump_fn is called with its current value and the given argument * arg. By default counters that have a value of 0 is skipped; if options has * the ISC_STATSDUMP_VERBOSE flag, even such counters are dumped. * * This function is obsolete. A more general function, isc_stats_dump(), * should be used. * * Requires: \li 'stats' is a valid dns_stats_t created by dns_generalstats_create(). / void dns_rdatatypestats_dump(dns_stats_t stats, dns_rdatatypestats_dumper_t dump_fn, void arg, unsigned int options); /%< Dump the current statistics counters in a specified way. For each counter * in stats, dump_fn is called with the corresponding type in the form of * dns_rdatastatstype_t, the current counter value and the given argument * arg. By default counters that have a value of 0 is skipped; if options has * the ISC_STATSDUMP_VERBOSE flag, even such counters are dumped. * * Requires: \li 'stats' is a valid dns_stats_t created by dns_generalstats_create(). / void dns_rdatasetstats_dump(dns_stats_t stats, dns_rdatatypestats_dumper_t dump_fn, void arg, unsigned int options); /%< Dump the current statistics counters in a specified way. For each counter * in stats, dump_fn is called with the corresponding type in the form of * dns_rdatastatstype_t, the current counter value and the given argument * arg. By default counters that have a value of 0 is skipped; if options has * the ISC_STATSDUMP_VERBOSE flag, even such counters are dumped. * * Requires: \li 'stats' is a valid dns_stats_t created by dns_generalstats_create(). / void dns_dnssecsignstats_dump(dns_stats_t stats, dnssecsignstats_type_t operation, dns_dnssecsignstats_dumper_t dump_fn, void arg, unsigned int options); /%< Dump the current statistics counters in a specified way. For each counter * in stats, dump_fn is called with the corresponding type in the form of * dns_rdatastatstype_t, the current counter value and the given argument * arg. By default counters that have a value of 0 is skipped; if options has * the ISC_STATSDUMP_VERBOSE flag, even such counters are dumped. * * Requires: \li 'stats' is a valid dns_stats_t created by dns_generalstats_create(). / void dns_opcodestats_dump(dns_stats_t stats, dns_opcodestats_dumper_t dump_fn, void arg, unsigned int options); /%< Dump the current statistics counters in a specified way. For each counter * in stats, dump_fn is called with the corresponding opcode, the current * counter value and the given argument arg. By default counters that have a * value of 0 is skipped; if options has the ISC_STATSDUMP_VERBOSE flag, even * such counters are dumped. * * Requires: \li 'stats' is a valid dns_stats_t created by dns_generalstats_create(). / void dns_rcodestats_dump(dns_stats_t stats, dns_rcodestats_dumper_t dump_fn, void arg, unsigned int options); /%< Dump the current statistics counters in a specified way. For each counter * in stats, dump_fn is called with the corresponding rcode, the current * counter value and the given argument arg. By default counters that have a * value of 0 is skipped; if options has the ISC_STATSDUMP_VERBOSE flag, even * such counters are dumped. * * Requires: \li 'stats' is a valid dns_stats_t created by dns_generalstats_create(). / isc_result_t dns_stats_alloccounters(isc_mem_t mctx, uint64_t ctrp); /%< * Allocate an array of query statistics counters from the memory * context 'mctx'. * * This function is obsoleted. Use dns_xxxstats_create() instead. / void dns_stats_freecounters(isc_mem_t mctx, uint64_t *ctrp); /%< * Free an array of query statistics counters allocated from the memory * context 'mctx'. * * This function is obsoleted. Use dns_stats_destroy() instead. / ISC_LANG_ENDDECLS #endif / DNS_STATS_H / ��dns/ipkeylist.h��0000644��00000004253�15125204631�0007521 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_IPKEYLIST_H #define DNS_IPKEYLIST_H 1 #include <inttypes.h> #include <isc/types.h> #include <dns/types.h> /% * A structure holding a list of addresses, dscps and keys. Used to * store masters for a slave zone, created by parsing config options. / struct dns_ipkeylist { isc_sockaddr_t addrs; isc_dscp_t dscps; dns_name_t keys; dns_name_t labels; uint32_t count; uint32_t allocated; }; void dns_ipkeylist_init(dns_ipkeylist_t ipkl); /%< Reset ipkl to empty state * * Requires: \li 'ipkl' to be non NULL. / void dns_ipkeylist_clear(isc_mem_t mctx, dns_ipkeylist_t ipkl); /%< Free `ipkl` contents using `mctx`. * * After this call, `ipkl` is a freshly cleared structure with all * pointers set to `NULL` and count set to 0. * * Requires: \li 'mctx' to be a valid memory context. \li 'ipkl' to be non NULL. / isc_result_t dns_ipkeylist_copy(isc_mem_t mctx, const dns_ipkeylist_t src, dns_ipkeylist_t dst); /%< Deep copy `src` into empty `dst`, allocating `dst`'s contents. * * Requires: \li 'mctx' to be a valid memory context. \li 'src' to be non NULL \li 'dst' to be non NULL and point to an empty \ref dns_ipkeylist_t with all pointers set to `NULL` and count set to 0. * * Returns: \li #ISC_R_SUCCESS -- success \li any other value -- failure / isc_result_t dns_ipkeylist_resize(isc_mem_t mctx, dns_ipkeylist_t ipkl, unsigned int n); /%< * Resize ipkl to contain n elements. Size (count) is not changed, and the * added space is zeroed. * * Requires: * \li 'mctx' to be a valid memory context. * \li 'ipk' to be non NULL * \li 'n' >= ipkl->count * * Returns: * \li #ISC_R_SUCCESS if success * \li #ISC_R_NOMEMORY if there's no memory, ipkeylist is left untouched / #endif / ifndef DNS_IPKEYLIST_H / ��dns/rriterator.h��0000644��00000010166�15125204631�0007701 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_RRITERATOR_H #define DNS_RRITERATOR_H 1 /** * Module Info **/ /! \file dns/rriterator.h * \brief * Functions for "walking" a zone database, visiting each RR or RRset in turn. / /** * Imports */ #include <inttypes.h> #include <isc/lang.h> #include <isc/magic.h> #include <isc/stdtime.h> #include <dns/db.h> #include <dns/dbiterator.h> #include <dns/fixedname.h> #include <dns/name.h> #include <dns/rdata.h> #include <dns/rdataset.h> #include <dns/rdatasetiter.h> #include <dns/types.h> ISC_LANG_BEGINDECLS /* * Types **/ /% * A dns_rriterator_t is an iterator that iterates over an entire database, * returning one RR at a time, in some arbitrary order. / typedef struct dns_rriterator { unsigned int magic; isc_result_t result; dns_db_t db; dns_dbiterator_t dbit; dns_dbversion_t ver; isc_stdtime_t now; dns_dbnode_t node; dns_fixedname_t fixedname; dns_rdatasetiter_t rdatasetit; dns_rdataset_t rdataset; dns_rdata_t rdata; } dns_rriterator_t; #define RRITERATOR_MAGIC ISC_MAGIC('R', 'R', 'I', 't') #define VALID_RRITERATOR(m) ISC_MAGIC_VALID(m, RRITERATOR_MAGIC) isc_result_t dns_rriterator_init(dns_rriterator_t it, dns_db_t db, dns_dbversion_t ver, isc_stdtime_t now); /% * Initialize an rriterator; sets the cursor to the origin node * of the database. * * Requires: * * \li 'db' is a valid database. * * Returns: * * \li #ISC_R_SUCCESS * \li #ISC_R_NOMEMORY / isc_result_t dns_rriterator_first(dns_rriterator_t it); /%< Move the rriterator cursor to the first rdata in the database. * * Requires: \li 'it' is a valid, initialized rriterator * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMORE There are no rdata in the set. / isc_result_t dns_rriterator_nextrrset(dns_rriterator_t it); /%< Move the rriterator cursor to the next rrset in the database, * skipping over any remaining records that have the same rdatatype * as the current one. * * Requires: \li 'it' is a valid, initialized rriterator * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMORE No more rrsets in the database / isc_result_t dns_rriterator_next(dns_rriterator_t it); /%< Move the rriterator cursor to the next rrset in the database, * skipping over any remaining records that have the same rdatatype * as the current one. * * Requires: \li 'it' is a valid, initialized rriterator * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMORE No more records in the database / void dns_rriterator_current(dns_rriterator_t it, dns_name_t *name, uint32_t ttl, dns_rdataset_t rdataset, dns_rdata_t rdata); /%< Make 'name' refer to the current name. If 'rdataset' is not NULL, make 'rdataset' refer to the current rdataset. If 'rdata' is not NULL, make 'rdata' refer to the current record. * Requires: \li 'name' is a valid name object \li 'rdataset' is NULL or 'rdataset' is NULL \li 'rdata' is NULL or 'rdata' is NULL * * Ensures: \li 'rdata' refers to the rdata at the rdata cursor location of \li 'rdataset'. / void dns_rriterator_pause(dns_rriterator_t it); /%< Pause rriterator. Frees any locks held by the database iterator. * Callers should use this routine any time they are not going to * execute another rriterator method in the immediate future. * * Requires: \li 'it' is a valid iterator. * Ensures: \li Any database locks being held for efficiency of iterator access are released. / void dns_rriterator_destroy(dns_rriterator_t it); /%< Shut down and free resources in rriterator 'it'. * * Requires: * \li 'it' is a valid iterator. * Ensures: * \li All resources used by the rriterator are freed. / ISC_LANG_ENDDECLS #endif /* DNS_RRITERATOR_H / ��dns/keyvalues.h��0000644��00000007763�15125204631�0007525 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_KEYVALUES_H #define DNS_KEYVALUES_H 1 /! \file dns/keyvalues.h / / * Flags field of the KEY RR rdata / #define DNS_KEYFLAG_TYPEMASK 0xC000 /%< Mask for "type" bits / #define DNS_KEYTYPE_AUTHCONF 0x0000 /%< Key usable for both / #define DNS_KEYTYPE_CONFONLY 0x8000 /%< Key usable for confidentiality / #define DNS_KEYTYPE_AUTHONLY 0x4000 /%< Key usable for authentication / #define DNS_KEYTYPE_NOKEY 0xC000 /%< No key usable for either; no key / #define DNS_KEYTYPE_NOAUTH DNS_KEYTYPE_CONFONLY #define DNS_KEYTYPE_NOCONF DNS_KEYTYPE_AUTHONLY #define DNS_KEYFLAG_RESERVED2 0x2000 /%< reserved - must be zero / #define DNS_KEYFLAG_EXTENDED 0x1000 /%< key has extended flags / #define DNS_KEYFLAG_RESERVED4 0x0800 /%< reserved - must be zero / #define DNS_KEYFLAG_RESERVED5 0x0400 /%< reserved - must be zero / #define DNS_KEYFLAG_OWNERMASK 0x0300 /%< these bits determine the type / #define DNS_KEYOWNER_USER 0x0000 /%< key is assoc. with user / #define DNS_KEYOWNER_ENTITY 0x0200 /%< key is assoc. with entity eg host / #define DNS_KEYOWNER_ZONE 0x0100 /%< key is zone key / #define DNS_KEYOWNER_RESERVED 0x0300 /%< reserved meaning / #define DNS_KEYFLAG_REVOKE 0x0080 /%< key revoked (per rfc5011) / #define DNS_KEYFLAG_RESERVED9 0x0040 /%< reserved - must be zero / #define DNS_KEYFLAG_RESERVED10 0x0020 /%< reserved - must be zero / #define DNS_KEYFLAG_RESERVED11 0x0010 /%< reserved - must be zero / #define DNS_KEYFLAG_SIGNATORYMASK \ 0x000F /%< key can sign RR's of same name \ / #define DNS_KEYFLAG_RESERVEDMASK \ (DNS_KEYFLAG_RESERVED2 \| DNS_KEYFLAG_RESERVED4 \| \ DNS_KEYFLAG_RESERVED5 \| DNS_KEYFLAG_RESERVED9 \| \ DNS_KEYFLAG_RESERVED10 \| DNS_KEYFLAG_RESERVED11) #define DNS_KEYFLAG_KSK 0x0001 /%< key signing key / #define DNS_KEYFLAG_RESERVEDMASK2 0xFFFF /%< no bits defined here / / The Algorithm field of the KEY and SIG RR's is an integer, {1..254} / #define DNS_KEYALG_RSAMD5 1 /%< RSA with MD5 / #define DNS_KEYALG_RSA 1 /%< Used just for tagging / #define DNS_KEYALG_DH 2 /%< Diffie Hellman KEY / #define DNS_KEYALG_DSA 3 /%< DSA KEY / #define DNS_KEYALG_NSEC3DSA 6 #define DNS_KEYALG_DSS DNS_ALG_DSA #define DNS_KEYALG_ECC 4 #define DNS_KEYALG_RSASHA1 5 #define DNS_KEYALG_NSEC3RSASHA1 7 #define DNS_KEYALG_RSASHA256 8 #define DNS_KEYALG_RSASHA512 10 #define DNS_KEYALG_ECCGOST 12 #define DNS_KEYALG_ECDSA256 13 #define DNS_KEYALG_ECDSA384 14 #define DNS_KEYALG_ED25519 15 #define DNS_KEYALG_ED448 16 #define DNS_KEYALG_INDIRECT 252 #define DNS_KEYALG_PRIVATEDNS 253 #define DNS_KEYALG_PRIVATEOID 254 /%< Key begins with OID giving alg / #define DNS_KEYALG_MAX 255 / Protocol values / #define DNS_KEYPROTO_RESERVED 0 #define DNS_KEYPROTO_TLS 1 #define DNS_KEYPROTO_EMAIL 2 #define DNS_KEYPROTO_DNSSEC 3 #define DNS_KEYPROTO_IPSEC 4 #define DNS_KEYPROTO_ANY 255 / Signatures / #define DNS_SIG_RSAMINBITS 512 /%< Size of a mod or exp in bits / #define DNS_SIG_RSAMAXBITS 2552 / Total of binary mod and exp / #define DNS_SIG_RSAMAXBYTES ((DNS_SIG_RSAMAXBITS + 7 / 8) 2 + 3) /%< Max length of text sig block / #define DNS_SIG_RSAMAXBASE64 (((DNS_SIG_RSAMAXBYTES + 2) / 3) * 4) #define DNS_SIG_RSAMINSIZE ((DNS_SIG_RSAMINBITS + 7) / 8) #define DNS_SIG_RSAMAXSIZE ((DNS_SIG_RSAMAXBITS + 7) / 8) #define DNS_SIG_ECDSA256SIZE 64 #define DNS_SIG_ECDSA384SIZE 96 #define DNS_KEY_ECDSA256SIZE 64 #define DNS_KEY_ECDSA384SIZE 96 #define DNS_SIG_ED25519SIZE 64 #define DNS_SIG_ED448SIZE 114 #define DNS_KEY_ED25519SIZE 32 #define DNS_KEY_ED448SIZE 57 #endif /* DNS_KEYVALUES_H / ��dns/cert.h��0000644��00000002671�15125204631�0006443 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_CERT_H #define DNS_CERT_H 1 /! \file dns/cert.h / #include <isc/lang.h> #include <dns/types.h> ISC_LANG_BEGINDECLS isc_result_t dns_cert_fromtext(dns_cert_t certp, isc_textregion_t source); /%< * Convert the text 'source' refers to into a certificate type. * The text may contain either a mnemonic type name or a decimal type number. * * Requires: \li 'certp' is a valid pointer. \li 'source' is a valid text region. * Returns: \li #ISC_R_SUCCESS on success \li #ISC_R_RANGE numeric type is out of range \li #DNS_R_UNKNOWN mnemonic type is unknown / isc_result_t dns_cert_totext(dns_cert_t cert, isc_buffer_t target); /%< * Put a textual representation of certificate type 'cert' into 'target'. * * Requires: \li 'cert' is a valid cert. \li 'target' is a valid text buffer. * Ensures: \li If the result is success: The used space in 'target' is updated. * * Returns: \li #ISC_R_SUCCESS on success \li #ISC_R_NOSPACE target buffer is too small / ISC_LANG_ENDDECLS #endif / DNS_CERT_H / ��dns/tcpmsg.h��0000644��00000006070�15125204631�0007000 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_TCPMSG_H #define DNS_TCPMSG_H 1 /! \file dns/tcpmsg.h / #include <inttypes.h> #include <isc/buffer.h> #include <isc/lang.h> #include <isc/socket.h> typedef struct dns_tcpmsg { / private (don't touch!) / unsigned int magic; uint16_t size; isc_buffer_t buffer; unsigned int maxsize; isc_mem_t mctx; isc_socket_t sock; isc_task_t task; isc_taskaction_t action; void arg; isc_event_t event; / public (read-only) / isc_result_t result; isc_sockaddr_t address; } dns_tcpmsg_t; ISC_LANG_BEGINDECLS void dns_tcpmsg_init(isc_mem_t mctx, isc_socket_t sock, dns_tcpmsg_t tcpmsg); /%< Associate a tcp message state with a given memory context and * TCP socket. * * Requires: * \li "mctx" and "sock" be non-NULL and valid types. \li "sock" be a read/write TCP socket. \li "tcpmsg" be non-NULL and an uninitialized or invalidated structure. * Ensures: * \li "tcpmsg" is a valid structure. / void dns_tcpmsg_setmaxsize(dns_tcpmsg_t tcpmsg, unsigned int maxsize); /%< * Set the maximum packet size to "maxsize" * * Requires: * \li "tcpmsg" be valid. \li 512 <= "maxsize" <= 65536 / isc_result_t dns_tcpmsg_readmessage(dns_tcpmsg_t tcpmsg, isc_task_t task, isc_taskaction_t action, void arg); /%< * Schedule an event to be delivered when a DNS message is readable, or * when an error occurs on the socket. * * Requires: * \li "tcpmsg" be valid. \li "task", "taskaction", and "arg" be valid. * Returns: * \li ISC_R_SUCCESS -- no error \li Anything that the isc_socket_recv() call can return. XXXMLG * * Notes: * \li The event delivered is a fully generic event. It will contain no actual data. The sender will be a pointer to the dns_tcpmsg_t. * The result code inside that structure should be checked to see * what the final result was. / void dns_tcpmsg_cancelread(dns_tcpmsg_t tcpmsg); /%< Cancel a readmessage() call. The event will still be posted with a * CANCELED result code. * * Requires: * \li "tcpmsg" be valid. / void dns_tcpmsg_keepbuffer(dns_tcpmsg_t tcpmsg, isc_buffer_t buffer); /%< If a dns buffer is to be kept between calls, this function marks the * internal state-machine buffer as invalid, and copies all the contents * of the state into "buffer". * * Requires: * \li "tcpmsg" be valid. \li "buffer" be non-NULL. / void dns_tcpmsg_invalidate(dns_tcpmsg_t tcpmsg); /%< * Clean up all allocated state, and invalidate the structure. * * Requires: * \li "tcpmsg" be valid. * Ensures: * \li "tcpmsg" is invalidated and disassociated with all memory contexts, sockets, etc. / ISC_LANG_ENDDECLS #endif / DNS_TCPMSG_H / ��dns/zonekey.h��0000644��00000001410�15125204631�0007160 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_ZONEKEY_H #define DNS_ZONEKEY_H 1 /! \file dns/zonekey.h / #include <stdbool.h> #include <isc/lang.h> #include <dns/types.h> ISC_LANG_BEGINDECLS bool dns_zonekey_iszonekey(dns_rdata_t keyrdata); /%< Determines if the key record contained in the rdata is a zone key. * * Requires: * 'keyrdata' is not NULL. / ISC_LANG_ENDDECLS #endif / DNS_ZONEKEY_H / ��dns/keydata.h��0000644��00000002027�15125204631�0007123 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_KEYDATA_H #define DNS_KEYDATA_H 1 /** * Module Info **/ /! \file dns/keydata.h * \brief * KEYDATA utilities. / / * Imports **/ #include <inttypes.h> #include <isc/lang.h> #include <isc/types.h> #include <dns/rdatastruct.h> #include <dns/types.h> ISC_LANG_BEGINDECLS isc_result_t dns_keydata_todnskey(dns_rdata_keydata_t keydata, dns_rdata_dnskey_t dnskey, isc_mem_t mctx); isc_result_t dns_keydata_fromdnskey(dns_rdata_keydata_t keydata, dns_rdata_dnskey_t dnskey, uint32_t refresh, uint32_t addhd, uint32_t removehd, isc_mem_t mctx); ISC_LANG_ENDDECLS #endif / DNS_KEYDATA_H / ��dns/adb.h��0000644��00000053373�15125204631�0006241 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_ADB_H #define DNS_ADB_H 1 /** * Module Info **/ /! \file dns/adb.h \brief DNS Address Database * * This module implements an address database (ADB) for mapping a name * to an isc_sockaddr_t. It also provides statistical information on * how good that address might be. * * A client will pass in a dns_name_t, and the ADB will walk through * the rdataset looking up addresses associated with the name. If it * is found on the internal lists, a structure is filled in with the * address information and stats for found addresses. * * If the name cannot be found on the internal lists, a new entry will * be created for a name if all the information needed can be found * in the zone table or cache. This new address will then be returned. * * If a request must be made to remote servers to satisfy a name lookup, * this module will start fetches to try to complete these addresses. When * at least one more completes, an event is sent to the caller. If none of * them resolve before the fetch times out, an event indicating this is * sent instead. * * Records are stored internally until a timer expires. The timer is the * smaller of the TTL or signature validity period. * * Lameness is stored per <qname,qtype> tuple, and this data hangs off each * address field. When an address is marked lame for a given tuple the address * will not be returned to a caller. * * * MP: * \li The ADB takes care of all necessary locking. \li Only the task which initiated the name lookup can cancel the lookup. * * Security: * \li None, since all data stored is required to be pre-filtered. (Cache needs to be sane, fetches return bounds-checked and sanity- * checked data, caller passes a good dns_name_t for the zone, etc) / / * Imports */ #include <inttypes.h> #include <stdbool.h> #include <isc/lang.h> #include <isc/magic.h> #include <isc/mem.h> #include <isc/sockaddr.h> #include <dns/types.h> #include <dns/view.h> ISC_LANG_BEGINDECLS /* * Magic number checks / #define DNS_ADBFIND_MAGIC ISC_MAGIC('a', 'd', 'b', 'H') #define DNS_ADBFIND_VALID(x) ISC_MAGIC_VALID(x, DNS_ADBFIND_MAGIC) #define DNS_ADBADDRINFO_MAGIC ISC_MAGIC('a', 'd', 'A', 'I') #define DNS_ADBADDRINFO_VALID(x) ISC_MAGIC_VALID(x, DNS_ADBADDRINFO_MAGIC) / * TYPES **/ typedef struct dns_adbname dns_adbname_t; /! \brief Represents a lookup for a single name. * * On return, the client can safely use "list", and can reorder the list. * Items may not be _deleted_ from this list, however, or added to it * other than by using the dns_adb_() API. / struct dns_adbfind { /* Public / unsigned int magic; /%< RO: magic / dns_adbaddrinfolist_t list; /%< RO: list of addrs / unsigned int query_pending; /%< RO: partial list / unsigned int partial_result; /%< RO: addrs missing / unsigned int options; /%< RO: options / isc_result_t result_v4; /%< RO: v4 result / isc_result_t result_v6; /%< RO: v6 result / ISC_LINK(dns_adbfind_t) publink; /%< RW: client use / / Private / isc_mutex_t lock; / locks all below / in_port_t port; int name_bucket; unsigned int flags; dns_adbname_t adbname; dns_adb_t adb; isc_event_t event; ISC_LINK(dns_adbfind_t) plink; }; / * _INET: * _INET6: * return addresses of that type. * * _EMPTYEVENT: * Only schedule an event if no addresses are known. * Must set _WANTEVENT for this to be meaningful. * * _WANTEVENT: * An event is desired. Check this bit in the returned find to see * if one will actually be generated. * * _AVOIDFETCHES: * If set, fetches will not be generated unless no addresses are * available in any of the address families requested. * * _STARTATZONE: * Fetches will start using the closest zone data or use the root servers. * This is useful for reestablishing glue that has expired. * * _GLUEOK: * _HINTOK: * Glue or hints are ok. These are used when matching names already * in the adb, and when dns databases are searched. * * _RETURNLAME: * Return lame servers in a find, so that all addresses are returned. * * _LAMEPRUNED: * At least one address was omitted from the list because it was lame. * This bit will NEVER be set if _RETURNLAME is set in the createfind(). / /% Return addresses of type INET. / #define DNS_ADBFIND_INET 0x00000001 /% Return addresses of type INET6. / #define DNS_ADBFIND_INET6 0x00000002 #define DNS_ADBFIND_ADDRESSMASK 0x00000003 /% * Only schedule an event if no addresses are known. * Must set _WANTEVENT for this to be meaningful. / #define DNS_ADBFIND_EMPTYEVENT 0x00000004 /% * An event is desired. Check this bit in the returned find to see * if one will actually be generated. / #define DNS_ADBFIND_WANTEVENT 0x00000008 /% * If set, fetches will not be generated unless no addresses are * available in any of the address families requested. / #define DNS_ADBFIND_AVOIDFETCHES 0x00000010 /% * Fetches will start using the closest zone data or use the root servers. * This is useful for reestablishing glue that has expired. / #define DNS_ADBFIND_STARTATZONE 0x00000020 /% * Glue or hints are ok. These are used when matching names already * in the adb, and when dns databases are searched. / #define DNS_ADBFIND_GLUEOK 0x00000040 /% * Glue or hints are ok. These are used when matching names already * in the adb, and when dns databases are searched. / #define DNS_ADBFIND_HINTOK 0x00000080 /% * Return lame servers in a find, so that all addresses are returned. / #define DNS_ADBFIND_RETURNLAME 0x00000100 /% * Only schedule an event if no addresses are known. * Must set _WANTEVENT for this to be meaningful. / #define DNS_ADBFIND_LAMEPRUNED 0x00000200 /% * The server's fetch quota is exceeded; it will be treated as * lame for this query. / #define DNS_ADBFIND_OVERQUOTA 0x00000400 /% * Don't perform a fetch even if there are no address records available. / #define DNS_ADBFIND_NOFETCH 0x00000800 /% * The answers to queries come back as a list of these. / struct dns_adbaddrinfo { unsigned int magic; /%< private / isc_sockaddr_t sockaddr; /%< [rw] / unsigned int srtt; /%< [rw] microsecs / isc_dscp_t dscp; unsigned int flags; /%< [rw] / dns_adbentry_t entry; /%< private / ISC_LINK(dns_adbaddrinfo_t) publink; }; /!< The event sent to the caller task is just a plain old isc_event_t. It * contains no data other than a simple status, passed in the "type" field * to indicate that another address resolved, or all partially resolved * addresses have failed to resolve. * * "sender" is the dns_adbfind_t used to issue this query. * * This is simply a standard event, with the "type" set to: * \li #DNS_EVENT_ADBMOREADDRESSES -- another address resolved. \li #DNS_EVENT_ADBNOMOREADDRESSES -- all pending addresses failed, * were canceled, or otherwise will * not be usable. \li #DNS_EVENT_ADBCANCELED -- The request was canceled by a 3rd party. \li #DNS_EVENT_ADBNAMEDELETED -- The name was deleted, so this request was canceled. * * In each of these cases, the addresses returned by the initial call * to dns_adb_createfind() can still be used until they are no longer needed. / /* FUNCTIONS */ isc_result_t dns_adb_create(isc_mem_t mem, dns_view_t view, isc_timermgr_t tmgr, isc_taskmgr_t taskmgr, dns_adb_t newadb); /%< * Create a new ADB. * * Notes: * \li Generally, applications should not create an ADB directly, but should instead call dns_view_createresolver(). * * Requires: * \li 'mem' must be a valid memory context. \li 'view' be a pointer to a valid view. \li 'tmgr' be a pointer to a valid timer manager. \li 'taskmgr' be a pointer to a valid task manager. \li 'newadb' != NULL && 'newadb' == NULL. * * Returns: * \li #ISC_R_SUCCESS after happiness. \li #ISC_R_NOMEMORY after resource allocation failure. / void dns_adb_attach(dns_adb_t adb, dns_adb_t *adbp); /% * Attach to an 'adb' to 'adbp'. * * Requires: \li 'adb' to be a valid dns_adb_t, created via dns_adb_create(). \li 'adbp' to be a valid pointer to a dns_adb_t which is initialized to NULL. / void dns_adb_detach(dns_adb_t adb); /% * Delete the ADB. Sets ADB to NULL. Cancels any outstanding requests. * Requires: * \li 'adb' be non-NULL and 'adb' be a valid dns_adb_t, created via * dns_adb_create(). / void dns_adb_whenshutdown(dns_adb_t adb, isc_task_t task, isc_event_t eventp); /% * Send 'eventp' to 'task' when 'adb' has shutdown. * Requires: * \li 'adb' is a valid dns_adb_t. * \li eventp != NULL && eventp is a valid event. * * Ensures: * \li eventp == NULL * \li The event's sender field is set to the value of adb when the event is sent. / void dns_adb_shutdown(dns_adb_t adb); /%< Shutdown 'adb'. * * Requires: * * \li 'adb' is a valid dns_adb_t. / isc_result_t dns_adb_createfind(dns_adb_t adb, isc_task_t task, isc_taskaction_t action, void arg, const dns_name_t name, const dns_name_t qname, dns_rdatatype_t qtype, unsigned int options, isc_stdtime_t now, dns_name_t target, in_port_t port, unsigned int depth, isc_counter_t qc, dns_adbfind_t find); /%< * Main interface for clients. The adb will look up the name given in * "name" and will build up a list of found addresses, and perhaps start * internal fetches to resolve names that are unknown currently. * * If other addresses resolve after this call completes, an event will * be sent to the <task, taskaction, arg> with the sender of that event * set to a pointer to the dns_adbfind_t returned by this function. * * If no events will be generated, the find->result_v4 and/or result_v6 members may be examined for address lookup status. The usual #ISC_R_SUCCESS, * #ISC_R_FAILURE, #DNS_R_NXDOMAIN, and #DNS_R_NXRRSET are returned, along with * #ISC_R_NOTFOUND meaning the ADB has not _yet_ found the values. In this * latter case, retrying may produce more addresses. * * If events will be returned, the result_v[46] members are only valid * when that event is actually returned. * * The list of addresses returned is unordered. The caller must impose * any ordering required. The list will not contain "known bad" addresses, * however. For instance, it will not return hosts that are known to be * lame for the zone in question. * * The caller cannot (directly) modify the contents of the address list's * fields other than the "link" field. All values can be read at any * time, however. * * The "now" parameter is used only for determining which entries that * have a specific time to live or expire time should be removed from * the running database. If specified as zero, the current time will * be retrieved and used. * * If 'target' is not NULL and 'name' is an alias (i.e. the name is * CNAME'd or DNAME'd to another name), then 'target' will be updated with * the domain name that 'name' is aliased to. * * All addresses returned will have the sockaddr's port set to 'port.' * The caller may change them directly in the dns_adbaddrinfo_t since * they are copies of the internal address only. * * XXXMLG Document options, especially the flags which control how * events are sent. * * Requires: * \li adb be a valid isc_adb_t object. * \li If events are to be sent, task be a valid task, * and isc_taskaction_t != NULL. * \li name is a valid dns_name_t. * \li qname != NULL and qname be a valid dns_name_t. * \li target == NULL or target is a valid name with a buffer. \li find != NULL && find == NULL. * * Returns: * \li #ISC_R_SUCCESS Addresses might have been returned, and events will be delivered for unresolved addresses. \li #ISC_R_NOMORE Addresses might have been returned, but no events will ever be posted for this context. This is only * returned if task != NULL. \li #ISC_R_NOMEMORY insufficient resources \li #DNS_R_ALIAS 'name' is an alias for another name. * * Calls, and returns error codes from: * \li isc_stdtime_get() * Notes: * \li No internal reference to "name" exists after this function returns. / void dns_adb_cancelfind(dns_adbfind_t find); /%< Cancels the find, and sends the event off to the caller. * * It is an error to call dns_adb_cancelfind() on a find where * no event is wanted, or will ever be sent. * * Note: * \li It is possible that the real completion event was posted just before the dns_adb_cancelfind() call was made. In this case, * dns_adb_cancelfind() will do nothing. The event callback needs * to be prepared to find this situation (i.e. result is valid but * the caller expects it to be canceled). * * Requires: * \li 'find' be a valid dns_adbfind_t pointer. \li events would have been posted to the task. This can be checked with (find->options & DNS_ADBFIND_WANTEVENT). * * Ensures: * \li The event was posted to the task. / void dns_adb_destroyfind(dns_adbfind_t *find); /%< * Destroys the find reference. * * Note: * \li This can only be called after the event was delivered for a find. Additionally, the event MUST have been freed via * isc_event_free() BEFORE this function is called. * * Requires: * \li 'find' != NULL and find be valid dns_adbfind_t pointer. * * Ensures: * \li No "address found" events will be posted to the originating task after this function returns. / void dns_adb_dump(dns_adb_t adb, FILE f); /%< * This function is only used for debugging. It will dump as much of the * state of the running system as possible. * * Requires: * \li adb be valid. \li f != NULL, and is a file open for writing. / void dns_adb_dumpfind(dns_adbfind_t find, FILE f); /%< This function is only used for debugging. Dump the data associated * with a find. * * Requires: * \li find is valid. * \li f != NULL, and is a file open for writing. / isc_result_t dns_adb_marklame(dns_adb_t adb, dns_adbaddrinfo_t addr, const dns_name_t qname, dns_rdatatype_t type, isc_stdtime_t expire_time); /%< Mark the given address as lame for the <qname,qtype>. expire_time should * be set to the time when the entry should expire. That is, if it is to * expire 10 minutes in the future, it should set it to (now + 10 * 60). * * Requires: * \li adb be valid. \li addr be valid. \li qname be the qname used in the dns_adb_createfind() call. * Returns: * \li #ISC_R_SUCCESS -- all is well. \li #ISC_R_NOMEMORY -- could not mark address as lame. / / * Reasonable defaults for RTT adjustments * * (Note: these values function both as scaling factors and as * indicators of the type of RTT adjustment operation taking place. * Adjusting the scaling factors is fine, as long as they all remain * unique values.) / #define DNS_ADB_RTTADJDEFAULT 7 /%< default scale / #define DNS_ADB_RTTADJREPLACE 0 /%< replace with our rtt / #define DNS_ADB_RTTADJAGE 10 /%< age this rtt / void dns_adb_adjustsrtt(dns_adb_t adb, dns_adbaddrinfo_t addr, unsigned int rtt, unsigned int factor); /%< * Mix the round trip time into the existing smoothed rtt. * * Requires: * \li adb be valid. \li addr be valid. \li 0 <= factor <= 10 * Note: * \li The srtt in addr will be updated to reflect the new global srtt value. This may include changes made by others. / void dns_adb_agesrtt(dns_adb_t adb, dns_adbaddrinfo_t addr, isc_stdtime_t now); / * dns_adb_agesrtt is equivalent to dns_adb_adjustsrtt with factor * equal to DNS_ADB_RTTADJAGE and the current time passed in. * * Requires: * \li adb be valid. \li addr be valid. * Note: * \li The srtt in addr will be updated to reflect the new global srtt value. This may include changes made by others. / void dns_adb_changeflags(dns_adb_t adb, dns_adbaddrinfo_t addr, unsigned int bits, unsigned int mask); /% * Change Flags. * * Set the flags as given by: * \li newflags = (oldflags & ~mask) \| (bits & mask); * Requires: * \li adb be valid. \li addr be valid. / void dns_adb_setudpsize(dns_adb_t adb, dns_adbaddrinfo_t addr, unsigned int size); /% Update seen UDP response size. The largest seen will be returned by * dns_adb_getudpsize(). * * Requires: * \li adb be valid. \li addr be valid. / unsigned int dns_adb_getudpsize(dns_adb_t adb, dns_adbaddrinfo_t addr); /% Return the largest seen UDP response size. * * Requires: * \li adb be valid. \li addr be valid. / unsigned int dns_adb_probesize(dns_adb_t adb, dns_adbaddrinfo_t addr, int lookups); /% Return suggested EDNS UDP size based on observed responses / failures. * 'lookups' is the number of times the current lookup has been attempted. * * Requires: * \li adb be valid. \li addr be valid. / void dns_adb_plainresponse(dns_adb_t adb, dns_adbaddrinfo_t addr); /% Record a successful plain DNS response. * * Requires: * \li adb be valid. \li addr be valid. / void dns_adb_timeout(dns_adb_t adb, dns_adbaddrinfo_t addr); /% Record a plain DNS UDP query failed. * * Requires: * \li adb be valid. \li addr be valid. / void dns_adb_ednsto(dns_adb_t adb, dns_adbaddrinfo_t addr, unsigned int size); /% Record a failed EDNS UDP response and the advertised EDNS UDP buffer size * used. * * Requires: * \li adb be valid. \li addr be valid. / bool dns_adb_noedns(dns_adb_t adb, dns_adbaddrinfo_t addr); /% Return whether EDNS should be disabled for this server. * * Requires: * \li adb be valid. \li addr be valid. / isc_result_t dns_adb_findaddrinfo(dns_adb_t adb, const isc_sockaddr_t sa, dns_adbaddrinfo_t *addrp, isc_stdtime_t now); /%< * Return a dns_adbaddrinfo_t that is associated with address 'sa'. * * Requires: * \li adb is valid. \li sa is valid. \li addrp != NULL && addrp == NULL * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li #ISC_R_SHUTTINGDOWN / void dns_adb_freeaddrinfo(dns_adb_t adb, dns_adbaddrinfo_t addrp); /%< * Free a dns_adbaddrinfo_t allocated by dns_adb_findaddrinfo(). * * Requires: * \li adb is valid. \li addrp is a valid dns_adbaddrinfo_t . / void dns_adb_flush(dns_adb_t adb); /%< * Flushes all cached data from the adb. * * Requires: \li adb is valid. / void dns_adb_setadbsize(dns_adb_t adb, size_t size); /%< * Set a target memory size. If memory usage exceeds the target * size entries will be removed before they would have expired on * a random basis. * * If 'size' is 0 then memory usage is unlimited. * * Requires: \li 'adb' is valid. / void dns_adb_flushname(dns_adb_t adb, const dns_name_t name); /%< Flush 'name' from the adb cache. * * Requires: \li 'adb' is valid. \li 'name' is valid. / void dns_adb_flushnames(dns_adb_t adb, const dns_name_t name); /%< * Flush 'name' and all subdomains from the adb cache. * * Requires: \li 'adb' is valid. \li 'name' is valid. / void dns_adb_setcookie(dns_adb_t adb, dns_adbaddrinfo_t addr, const unsigned char cookie, size_t len); /%< Record the COOKIE associated with this address. If * cookie is NULL or len is zero the recorded COOKIE is cleared. * * Requires: \li 'adb' is valid. \li 'addr' is valid. / size_t dns_adb_getcookie(dns_adb_t adb, dns_adbaddrinfo_t addr, unsigned char cookie, size_t len); /* * Retrieve the saved COOKIE value and store it in 'cookie' which has * size 'len'. * * Requires: \li 'adb' is valid. \li 'addr' is valid. * * Returns: * The size of the cookie or zero if it doesn't fit in the buffer * or it doesn't exist. / void dns_adb_setquota(dns_adb_t adb, uint32_t quota, uint32_t freq, double low, double high, double discount); /%< Set the baseline ADB quota, and configure parameters for the * quota adjustment algorithm. * * If the number of fetches currently waiting for responses from this * address exceeds the current quota, then additional fetches are spilled. * * 'quota' is the highest permissible quota; it will adjust itself * downward in response to detected congestion. * * After every 'freq' fetches have either completed or timed out, an * exponentially weighted moving average of the ratio of timeouts * to responses is calculated. If the EWMA goes above a 'high' * threshold, then the quota is adjusted down one step; if it drops * below a 'low' threshold, then the quota is adjusted back up one * step. * * The quota adjustment is based on the function (1 / 1 + (n/10)^(3/2)), * for values of n from 0 to 99. It starts at 100% of the baseline * quota, and descends after 100 steps to 2%. * * 'discount' represents the discount rate of the moving average. Higher * values cause older values to be discounted sooner, providing a faster * response to changes in the timeout ratio. * * Requires: \li 'adb' is valid. / bool dns_adbentry_overquota(dns_adbentry_t entry); /%< * Returns true if the specified ADB has too many active fetches. * * Requires: \li 'entry' is valid. / void dns_adb_beginudpfetch(dns_adb_t adb, dns_adbaddrinfo_t addr); void dns_adb_endudpfetch(dns_adb_t adb, dns_adbaddrinfo_t addr); /% Begin/end a UDP fetch on a particular address. * * These functions increment or decrement the fetch counter for * the ADB entry so that the fetch quota can be enforced. * * Requires: * \li adb be valid. \li addr be valid. / ISC_LANG_ENDDECLS #endif /* DNS_ADB_H / ��dns/cache.h��0000644��00000021032�15125204631�0006541 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_CACHE_H #define DNS_CACHE_H 1 /** * Module Info **/ /! \file dns/cache.h * \brief * Defines dns_cache_t, the cache object. * * Notes: \li A cache object contains DNS data of a single class. Multiple classes will be handled by creating multiple * views, each with a different class and its own cache. * * MP: \li See notes at the individual functions. * Reliability: * * Resources: * * Security: * * Standards: / / * Imports */ #include <stdbool.h> #include <isc/lang.h> #include <isc/stats.h> #include <isc/stdtime.h> #include <dns/types.h> ISC_LANG_BEGINDECLS /* * Functions / isc_result_t dns_cache_create(isc_mem_t cmctx, isc_mem_t hmctx, isc_taskmgr_t taskmgr, isc_timermgr_t timermgr, dns_rdataclass_t rdclass, const char cachename, const char db_type, unsigned int db_argc, char db_argv, dns_cache_t cachep); /%< * Create a new DNS cache. * * dns_cache_create2() will create a named cache. * * dns_cache_create3() will create a named cache using two separate memory * contexts, one for cache data which can be cleaned and a separate one for * memory allocated for the heap (which can grow without an upper limit and * has no mechanism for shrinking). * * dns_cache_create() is a backward compatible version that internally * specifies an empty cache name and a single memory context. * * Requires: * \li 'cmctx' (and 'hmctx' if applicable) is a valid memory context. \li 'taskmgr' is a valid task manager and 'timermgr' is a valid timer manager, or both are NULL. If NULL, no periodic cleaning of the * cache will take place. * \li 'cachename' is a valid string. This must not be NULL. \li 'cachep' is a valid pointer, and cachep == NULL * * Ensures: * \li 'cachep' is attached to the newly created cache * * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY / void dns_cache_attach(dns_cache_t cache, dns_cache_t *targetp); /%< * Attach targetp to cache. * Requires: * \li 'cache' is a valid cache. \li 'targetp' points to a NULL dns_cache_t . * * Ensures: * \li targetp is attached to cache. / void dns_cache_detach(dns_cache_t cachep); /%< * Detach cachep from its cache. * Requires: * \li 'cachep' points to a valid cache. * Ensures: * \li cachep is NULL. * \li If 'cachep' is the last reference to the cache, * all resources used by the cache will be freed / void dns_cache_attachdb(dns_cache_t cache, dns_db_t *dbp); /%< * Attach dbp to the cache's database. * Notes: * \li This may be used to get a reference to the database for the purpose of cache lookups (XXX currently it is also * the way to add data to the cache, but having a * separate dns_cache_add() interface instead would allow * more control over memory usage). * The caller should call dns_db_detach() on the reference * when it is no longer needed. * * Requires: * \li 'cache' is a valid cache. \li 'dbp' points to a NULL dns_db . * * Ensures: * \li dbp is attached to the database. / isc_result_t dns_cache_setfilename(dns_cache_t cache, const char filename); /%< * If 'filename' is non-NULL, make the cache persistent. * The cache's data will be stored in the given file. * If 'filename' is NULL, make the cache non-persistent. * Files that are no longer used are not unlinked automatically. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li Various file-related failures / isc_result_t dns_cache_load(dns_cache_t cache); /%< * If the cache has a file name, load the cache contents from the file. * Previous cache contents are not discarded. * If no file name has been set, do nothing and return success. * * MT: \li Multiple simultaneous attempts to load or dump the cache will be serialized with respect to one another, but * the cache may be read and updated while the dump is * in progress. Updates performed during loading * may or may not be preserved, and reads may return * either the old or the newly loaded data. * * Returns: * \li #ISC_R_SUCCESS \li Various failures depending on the database implementation type / isc_result_t dns_cache_dump(dns_cache_t cache); /%< If the cache has a file name, write the cache contents to disk, * overwriting any preexisting file. If no file name has been set, * do nothing and return success. * * MT: \li Multiple simultaneous attempts to load or dump the cache will be serialized with respect to one another, but * the cache may be read and updated while the dump is * in progress. Updates performed during the dump may * or may not be reflected in the dumped file. * * Returns: * \li #ISC_R_SUCCESS \li Various failures depending on the database implementation type / isc_result_t dns_cache_clean(dns_cache_t cache, isc_stdtime_t now); /%< Force immediate cleaning of the cache, freeing all rdatasets * whose TTL has expired as of 'now' and that have no pending * references. / const char dns_cache_getname(dns_cache_t cache); /%< * Get the cache name. / void dns_cache_setcachesize(dns_cache_t cache, size_t size); /%< Set the maximum cache size. 0 means unlimited. / size_t dns_cache_getcachesize(dns_cache_t cache); /%< Get the maximum cache size. / void dns_cache_setservestalettl(dns_cache_t cache, dns_ttl_t ttl); /%< Sets the maximum length of time that cached answers may be retained * past their normal TTL. Default value for the library is 0, disabling * the use of stale data. * * Requires: \li 'cache' to be valid. / dns_ttl_t dns_cache_getservestalettl(dns_cache_t cache); /%< * Gets the maximum length of time that cached answers may be kept past * normal expiry. * * Requires: \li 'cache' to be valid. / void dns_cache_setservestalerefresh(dns_cache_t cache, dns_ttl_t interval); /%< * Sets the length of time to wait before attempting to refresh a rrset * if a previous attempt in doing so has failed. * During this time window if stale rrset are available in cache they * will be directly returned to client. * * Requires: \li 'cache' to be valid. / dns_ttl_t dns_cache_getservestalerefresh(dns_cache_t cache); /%< * Gets the 'stale-refresh-time' value, set by a previous call to * 'dns_cache_setservestalerefresh'. * * Requires: \li 'cache' to be valid. / isc_result_t dns_cache_flush(dns_cache_t cache); /%< * Flushes all data from the cache. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY / isc_result_t dns_cache_flushnode(dns_cache_t cache, const dns_name_t name, bool tree); / * Flush a given name from the cache. If 'tree' is true, then * also flush all names under 'name'. * * Requires: \li 'cache' to be valid. \li 'name' to be valid. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li other error returns. / isc_result_t dns_cache_flushname(dns_cache_t cache, const dns_name_t name); /* * Flush a given name from the cache. Equivalent to * dns_cache_flushpartial(cache, name, false). * * Requires: \li 'cache' to be valid. \li 'name' to be valid. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li other error returns. / isc_stats_t * dns_cache_getstats(dns_cache_t cache); / * Return a pointer to the stats collection object for 'cache' / void dns_cache_dumpstats(dns_cache_t cache, FILE fp); / * Dump cache statistics and status in text to 'fp' / void dns_cache_updatestats(dns_cache_t cache, isc_result_t result); /* * Update cache statistics based on result code in 'result' / void dns_cache_setmaxrrperset(dns_cache_t cache, uint32_t value); /%< Set the maximum resource records per RRSet that can be cached. / void dns_cache_setmaxtypepername(dns_cache_t cache, uint32_t value); /%< Set the maximum resource record types per owner name that can be cached. / #ifdef HAVE_LIBXML2 int dns_cache_renderxml(dns_cache_t cache, void writer0); / * Render cache statistics and status in XML for 'writer'. / #endif / HAVE_LIBXML2 / #ifdef HAVE_JSON_C isc_result_t dns_cache_renderjson(dns_cache_t cache, void cstats0); / * Render cache statistics and status in JSON / #endif / HAVE_JSON_C / ISC_LANG_ENDDECLS #endif / DNS_CACHE_H / ��dns/journal.h��0000644��00000022760�15125204631�0007161 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_JOURNAL_H #define DNS_JOURNAL_H 1 /** * Module Info **/ /! \file dns/journal.h * \brief * Database journaling. / / * Imports */ #include <inttypes.h> #include <stdbool.h> #include <isc/lang.h> #include <isc/magic.h> #include <dns/diff.h> #include <dns/name.h> #include <dns/rdata.h> #include <dns/types.h> /* * Defines. / #define DNS_JOURNALOPT_RESIGN 0x00000001 #define DNS_JOURNAL_READ 0x00000000 / false / #define DNS_JOURNAL_CREATE 0x00000001 / true / #define DNS_JOURNAL_WRITE 0x00000002 #define DNS_JOURNAL_SIZE_MAX INT32_MAX #define DNS_JOURNAL_SIZE_MIN 4096 /% Print transaction header data / #define DNS_JOURNAL_PRINTXHDR 0x0001 /% Rewrite whole journal file instead of compacting / #define DNS_JOURNAL_COMPACTALL 0x0001 #define DNS_JOURNAL_VERSION1 0x0002 / * Types **/ /% * A dns_journal_t represents an open journal file. This is an opaque type. * * A particular dns_journal_t object may be opened for writing, in which case * it can be used for writing transactions to a journal file, or it can be * opened for reading, in which case it can be used for reading transactions * from (iterating over) a journal file. A single dns_journal_t object may * not be used for both purposes. / typedef struct dns_journal dns_journal_t; / * Functions */ ISC_LANG_BEGINDECLS /***********************************************************************/ isc_result_t dns_db_createsoatuple(dns_db_t db, dns_dbversion_t ver, isc_mem_t mctx, dns_diffop_t op, dns_difftuple_t *tp); /!< brief * Create a diff tuple for the current database SOA. * XXX this probably belongs somewhere else. / /@{/ #define DNS_SERIAL_GT(a, b) ((int)(((a) - (b)) & 0xFFFFFFFF) > 0) #define DNS_SERIAL_GE(a, b) ((int)(((a) - (b)) & 0xFFFFFFFF) >= 0) /!< brief * Compare SOA serial numbers. DNS_SERIAL_GT(a, b) returns true iff * a is "greater than" b where "greater than" is as defined in RFC1982. * DNS_SERIAL_GE(a, b) returns true iff a is "greater than or equal to" b. / /@}/ /************************************************************************/ / * Journal object creation and destruction. / isc_result_t dns_journal_open(isc_mem_t mctx, const char filename, unsigned int mode, dns_journal_t journalp); /%< * Open the journal file 'filename' and create a dns_journal_t object for it. * * DNS_JOURNAL_CREATE open the journal for reading and writing and create * the journal if it does not exist. * DNS_JOURNAL_WRITE open the journal for reading and writing. * DNS_JOURNAL_READ open the journal for reading only. / void dns_journal_destroy(dns_journal_t journalp); /%< * Destroy a dns_journal_t, closing any open files and freeing its memory. / /************************************************************************/ / * Writing transactions to journals. / isc_result_t dns_journal_begin_transaction(dns_journal_t j); /%< Prepare to write a new transaction to the open journal file 'j'. * * Requires: * \li 'j' is open for writing. / isc_result_t dns_journal_writediff(dns_journal_t j, dns_diff_t diff); /%< * Write 'diff' to the current transaction of journal file 'j'. * * Requires: * \li 'j' is open for writing and dns_journal_begin_transaction() * has been called. * \li 'diff' is a full or partial, correctly ordered IXFR difference sequence. / isc_result_t dns_journal_commit(dns_journal_t j); /%< Commit the current transaction of journal file 'j'. * * Requires: * \li 'j' is open for writing and dns_journal_begin_transaction() * has been called. * * \li dns_journal_writediff() has been called one or more times * to form a complete, correctly ordered IXFR difference * sequence. / isc_result_t dns_journal_write_transaction(dns_journal_t j, dns_diff_t diff); /% * Write a complete transaction at once to a journal file, * sorting it if necessary, and commit it. Equivalent to calling * dns_diff_sort(), dns_journal_begin_transaction(), * dns_journal_writediff(), and dns_journal_commit(). * * Requires: \li 'j' is open for writing. * \li 'diff' contains exactly one SOA deletion, one SOA addition * with a greater serial number, and possibly other changes, * in arbitrary order. / /************************************************************************/ / * Reading transactions from journals. / bool dns_journal_empty(dns_journal_t j); /< Find out if a journal is empty. / bool dns_journal_recovered(dns_journal_t j); /< Find out if the journal could be opened using old journal format / uint32_t dns_journal_first_serial(dns_journal_t j); uint32_t dns_journal_last_serial(dns_journal_t j); /%< * Get the first and last addressable serial number in the journal. / isc_result_t dns_journal_iter_init(dns_journal_t j, uint32_t begin_serial, uint32_t end_serial, size_t xfrsizep); /%< * Prepare to iterate over the transactions that will bring the database * from SOA serial number 'begin_serial' to 'end_serial'. * * If 'xfrsizep' is not NULL, then on success it will be set to the * total size of all records in the iteration (excluding headers). This * is meant to be a rough approximation of the size of an incremental * zone transfer, though it does not account for DNS message overhead * or name compression.) * * Returns: \li ISC_R_SUCCESS \li ISC_R_RANGE begin_serial is outside the addressable range. \li ISC_R_NOTFOUND begin_serial is within the range of addressable serial numbers covered by the journal, but * this particular serial number does not exist. / /@{/ isc_result_t dns_journal_first_rr(dns_journal_t j); isc_result_t dns_journal_next_rr(dns_journal_t j); /%< * Position the iterator at the first/next RR in a journal * transaction sequence established using dns_journal_iter_init(). * * Requires: * \li dns_journal_iter_init() has been called. * / /@}/ void dns_journal_current_rr(dns_journal_t j, dns_name_t *name, uint32_t ttl, dns_rdata_t *rdata); /%< * Get the name, ttl, and rdata of the current journal RR. * * Requires: * \li The last call to dns_journal_first_rr() or dns_journal_next_rr() * returned ISC_R_SUCCESS. / /************************************************************************/ / * Database roll-forward. / isc_result_t dns_journal_rollforward(dns_journal_t j, dns_db_t db, unsigned int options); /%< * Roll forward (play back) the journal file "filename" into the * database "db". This should be called when the server starts * after a shutdown or crash. * * Requires: \li 'journal' is a valid journal \li 'db' is a valid database which does not have a version * open for writing. * * Returns: \li ISC_R_NOTFOUND when current serial in not in journal. \li ISC_R_RANGE when current serial in not in journals range. \li DNS_R_UPTODATE when the database was already up to date. \li ISC_R_SUCCESS journal has been applied successfully to the * database without any issues. * * others / isc_result_t dns_journal_print(isc_mem_t mctx, uint32_t flags, const char filename, FILE file); /* For debugging not general use / isc_result_t dns_db_diff(isc_mem_t mctx, dns_db_t dba, dns_dbversion_t dbvera, dns_db_t dbb, dns_dbversion_t dbverb, const char journal_filename); isc_result_t dns_db_diffx(dns_diff_t diff, dns_db_t dba, dns_dbversion_t dbvera, dns_db_t dbb, dns_dbversion_t dbverb, const char journal_filename); /%< * Compare the databases 'dba' and 'dbb' and generate a diff/journal * entry containing the changes to make 'dba' from 'dbb' (note * the order). This journal entry will consist of a single, * possibly very large transaction. Append the journal * entry to the journal file specified by 'journal_filename' if * non-NULL. / isc_result_t dns_journal_compact(isc_mem_t mctx, char filename, uint32_t serial, uint32_t flags, uint32_t target_size); /%< * Attempt to compact the journal if it is greater that 'target_size'. * Changes from 'serial' onwards will be preserved. Changes prior than * that may be dropped in order to get the journal below `target_size`. * * If 'flags' includes DNS_JOURNAL_COMPACTALL, the entire journal is copied. * In this case, `serial` is ignored. This flag is used when upgrading or * downgrading the format version of the journal. If 'flags' also includes * DNS_JOURNAL_VERSION1, then the journal is copied out in the original * format used prior to BIND 9.16.12; otherwise it is copied in the * current format. * * If _COMPACTALL is not in use, and the journal file exists and is * non-empty, then 'serial' must exist in the journal. * * Returns: \li ISC_R_SUCCESS \li ISC_R_RANGE serial is outside the range existing in the journal * * Other errors may be returned from file operations. / bool dns_journal_get_sourceserial(dns_journal_t j, uint32_t sourceserial); void dns_journal_set_sourceserial(dns_journal_t j, uint32_t sourceserial); /%< Get and set source serial. * * Returns: * true if sourceserial has previously been set. / ISC_LANG_ENDDECLS #endif / DNS_JOURNAL_H / ��dns/view.h��0000644��00000105015�15125204631�0006454 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_VIEW_H #define DNS_VIEW_H 1 /** * Module Info **/ /! \file dns/view.h * \brief * DNS View * * A "view" is a DNS namespace, together with an optional resolver and a * forwarding policy. A "DNS namespace" is a (possibly empty) set of * authoritative zones together with an optional cache and optional * "hints" information. * * Views start out "unfrozen". In this state, core attributes like * the cache, set of zones, and forwarding policy may be set. While * "unfrozen", the caller (e.g. nameserver configuration loading * code), must ensure exclusive access to the view. When the view is * "frozen", the core attributes become immutable, and the view module * will ensure synchronization. Freezing allows the view's core attributes * to be accessed without locking. * * MP: \li Before the view is frozen, the caller must ensure synchronization. \li After the view is frozen, the module guarantees appropriate synchronization of any data structures it creates and manipulates. * * Reliability: \li No anticipated impact. * Resources: \li TBS * Security: \li No anticipated impact. * Standards: \li None. / #include <inttypes.h> #include <stdbool.h> #include <stdio.h> #include <isc/event.h> #include <isc/lang.h> #include <isc/magic.h> #include <isc/mutex.h> #include <isc/net.h> #include <isc/refcount.h> #include <isc/rwlock.h> #include <isc/stdtime.h> #include <dns/acl.h> #include <dns/catz.h> #include <dns/clientinfo.h> #include <dns/dnstap.h> #include <dns/fixedname.h> #include <dns/rdatastruct.h> #include <dns/rpz.h> #include <dns/rrl.h> #include <dns/types.h> #include <dns/zt.h> ISC_LANG_BEGINDECLS struct dns_view { /* Unlocked. / unsigned int magic; isc_mem_t mctx; dns_rdataclass_t rdclass; char name; dns_zt_t zonetable; dns_resolver_t resolver; dns_adb_t adb; dns_requestmgr_t requestmgr; dns_cache_t cache; dns_db_t cachedb; dns_db_t hints; /* * security roots and negative trust anchors. * internal use only; access via * dns_view_getsecroots() / dns_keytable_t secroots_priv; dns_ntatable_t ntatable_priv; isc_mutex_t lock; bool frozen; isc_task_t task; isc_event_t resevent; isc_event_t adbevent; isc_event_t reqevent; isc_stats_t adbstats; isc_stats_t resstats; dns_stats_t resquerystats; bool cacheshared; / Configurable data. / dns_tsig_keyring_t statickeys; dns_tsig_keyring_t dynamickeys; dns_peerlist_t peers; dns_order_t order; dns_fwdtable_t fwdtable; bool recursion; bool qminimization; bool qmin_strict; bool auth_nxdomain; bool use_glue_cache; bool minimal_any; dns_minimaltype_t minimalresponses; bool enablevalidation; bool acceptexpired; bool requireservercookie; bool synthfromdnssec; bool trust_anchor_telemetry; bool root_key_sentinel; dns_transfer_format_t transfer_format; dns_acl_t cacheacl; dns_acl_t cacheonacl; dns_acl_t queryacl; dns_acl_t queryonacl; dns_acl_t recursionacl; dns_acl_t recursiononacl; dns_acl_t sortlist; dns_acl_t notifyacl; dns_acl_t transferacl; dns_acl_t updateacl; dns_acl_t upfwdacl; dns_acl_t denyansweracl; dns_acl_t nocasecompress; bool msgcompression; dns_rbt_t answeracl_exclude; dns_rbt_t denyanswernames; dns_rbt_t answernames_exclude; dns_rrl_t rrl; bool provideixfr; bool requestnsid; bool sendcookie; dns_ttl_t maxcachettl; dns_ttl_t maxncachettl; dns_ttl_t mincachettl; dns_ttl_t minncachettl; uint32_t nta_lifetime; uint32_t nta_recheck; char nta_file; dns_ttl_t prefetch_trigger; dns_ttl_t prefetch_eligible; in_port_t dstport; dns_aclenv_t aclenv; dns_rdatatype_t preferred_glue; bool flush; dns_namelist_t delonly; bool rootdelonly; dns_namelist_t rootexclude; bool checknames; uint16_t maxudp; dns_ttl_t staleanswerttl; dns_stale_answer_t staleanswersok; /* rndc setting / bool staleanswersenable; / named.conf setting * / uint32_t staleanswerclienttimeout; uint16_t nocookieudp; uint16_t padding; dns_acl_t pad_acl; unsigned int maxbits; dns_dns64list_t dns64; unsigned int dns64cnt; dns_rpz_zones_t rpzs; dns_catz_zones_t catzs; dns_dlzdblist_t dlz_searched; dns_dlzdblist_t dlz_unsearched; uint32_t fail_ttl; dns_badcache_t failcache; uint32_t maxrrperset; uint32_t maxtypepername; / * Configurable data for server use only, * locked by server configuration lock. / dns_acl_t matchclients; dns_acl_t matchdestinations; bool matchrecursiveonly; / Locked by themselves. / isc_refcount_t references; isc_refcount_t weakrefs; atomic_uint_fast32_t attributes; / Under owner's locking control. / ISC_LINK(struct dns_view) link; dns_viewlist_t viewlist; dns_zone_t managed_keys; dns_zone_t redirect; dns_name_t redirectzone; / points to * redirectfixed * when valid / dns_fixedname_t redirectfixed; / * File and configuration data for zones added at runtime * (only used in BIND9). * * XXX: This should be a pointer to an opaque type that * named implements. / char new_zone_dir; char new_zone_file; char new_zone_db; void new_zone_dbenv; uint64_t new_zone_mapsize; void new_zone_config; void (cfg_destroy)(void ); isc_mutex_t new_zone_lock; unsigned char secret[32]; / Client secret / unsigned int v6bias; dns_dtenv_t dtenv; /* Dnstap environment / dns_dtmsgtype_t dttypes; / Dnstap message types * to log / / Registered module instances / void plugins; void (plugins_free)(isc_mem_t , void *); / Hook table / void hooktable; /* ns_hooktable / void (hooktable_free)(isc_mem_t , void ); }; #define DNS_VIEW_MAGIC ISC_MAGIC('V', 'i', 'e', 'w') #define DNS_VIEW_VALID(view) ISC_MAGIC_VALID(view, DNS_VIEW_MAGIC) #define DNS_VIEWATTR_RESSHUTDOWN 0x01 #define DNS_VIEWATTR_ADBSHUTDOWN 0x02 #define DNS_VIEWATTR_REQSHUTDOWN 0x04 isc_result_t dns_view_create(isc_mem_t mctx, dns_rdataclass_t rdclass, const char name, dns_view_t viewp); /%< * Create a view. * * Notes: * \li The newly created view has no cache, no resolver, and an empty zone table. The view is not frozen. * * Requires: * \li 'mctx' is a valid memory context. \li 'rdclass' is a valid class. \li 'name' is a valid C string. \li viewp != NULL && viewp == NULL * * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY * \li Other errors are possible. / void dns_view_attach(dns_view_t source, dns_view_t targetp); /%< * Attach 'targetp' to 'source'. * Requires: * \li 'source' is a valid, frozen view. \li 'targetp' points to a NULL dns_view_t . * * Ensures: * \li targetp is attached to source. * \li While targetp is attached, the view will not shut down. / void dns_view_detach(dns_view_t viewp); /%< * Detach 'viewp' from its view. * Requires: * \li 'viewp' points to a valid dns_view_t * * Ensures: * \li viewp is NULL. / void dns_view_flushanddetach(dns_view_t viewp); /%< * Detach 'viewp' from its view. If this was the last reference uncommitted changed in zones will be flushed to disk. * * Requires: * \li 'viewp' points to a valid dns_view_t * * Ensures: * \li viewp is NULL. / void dns_view_weakattach(dns_view_t source, dns_view_t *targetp); /%< * Weakly attach 'targetp' to 'source'. * Requires: * \li 'source' is a valid, frozen view. \li 'targetp' points to a NULL dns_view_t . * * Ensures: * \li targetp is attached to source. * * \li While targetp is attached, the view will not be freed. / void dns_view_weakdetach(dns_view_t *targetp); /%< * Detach 'viewp' from its view. * Requires: * \li 'viewp' points to a valid dns_view_t . * * Ensures: * \li viewp is NULL. / isc_result_t dns_view_createzonetable(dns_view_t view); /%< Create a zonetable for the view. * * Requires: * \li 'view' is a valid, unfrozen view. \li 'view' does not have a zonetable already. * Returns: * \li #ISC_R_SUCCESS \li Any error that dns_zt_create() can return. / isc_result_t dns_view_createresolver(dns_view_t view, isc_taskmgr_t taskmgr, unsigned int ntasks, unsigned int ndisp, isc_socketmgr_t socketmgr, isc_timermgr_t timermgr, unsigned int options, dns_dispatchmgr_t dispatchmgr, dns_dispatch_t dispatchv4, dns_dispatch_t dispatchv6); /%< * Create a resolver and address database for the view. * * Requires: * \li 'view' is a valid, unfrozen view. \li 'view' does not have a resolver already. \li The requirements of dns_resolver_create() apply to 'taskmgr', 'ntasks', 'socketmgr', 'timermgr', 'options', 'dispatchv4', and * 'dispatchv6'. * * Returns: * \li #ISC_R_SUCCESS \li Any error that dns_resolver_create() can return. / void dns_view_setcache(dns_view_t view, dns_cache_t cache, bool shared); /%< Set the view's cache database. If 'shared' is true, this means the cache * is created by another view and is shared with that view. dns_view_setcache() * is a backward compatible version equivalent to setcache2(..., false). * * Requires: * \li 'view' is a valid, unfrozen view. \li 'cache' is a valid cache. * Ensures: * * \li The cache of 'view' is 'cached. * \li If this is not the first call to dns_view_setcache() for this view, then previously set cache is detached. / void dns_view_sethints(dns_view_t view, dns_db_t hints); /%< * Set the view's hints database. * * Requires: * \li 'view' is a valid, unfrozen view, whose hints database has not been set. * \li 'hints' is a valid zone database. * Ensures: * * \li The hints database of 'view' is 'hints'. / void dns_view_setkeyring(dns_view_t view, dns_tsig_keyring_t ring); void dns_view_setdynamickeyring(dns_view_t view, dns_tsig_keyring_t ring); /%< * Set the view's static TSIG keys * * Requires: * * \li 'view' is a valid, unfrozen view, whose static TSIG keyring has not * been set. * \li 'ring' is a valid TSIG keyring * Ensures: * \li The static TSIG keyring of 'view' is 'ring'. / void dns_view_getdynamickeyring(dns_view_t view, dns_tsig_keyring_t ringp); /%< * Return the views dynamic keys. * * \li 'view' is a valid, unfrozen view. * \li 'ringp' != NULL && ringp == NULL. / void dns_view_setdstport(dns_view_t view, in_port_t dstport); /%< Set the view's destination port. This is the port to * which outgoing queries are sent. The default is 53, * the standard DNS port. * * Requires: * \li 'view' is a valid view. \li 'dstport' is a valid TCP/UDP port number. * Ensures: \li External name servers will be assumed to be listening on 'dstport'. For servers whose address has already * obtained obtained at the time of the call, the view may * continue to use the previously set port until the address * times out from the view's address database. / isc_result_t dns_view_addzone(dns_view_t view, dns_zone_t zone); /%< * Add zone 'zone' to 'view'. * * Requires: * \li 'view' is a valid, unfrozen view. \li 'zone' is a valid zone. / void dns_view_freeze(dns_view_t view); /%< * Freeze view. No changes can be made to view configuration while frozen. * * Requires: * \li 'view' is a valid, unfrozen view. * Ensures: * \li 'view' is frozen. / void dns_view_thaw(dns_view_t view); /%< * Thaw view. This allows zones to be added or removed at runtime. This is * NOT thread-safe; the caller MUST have run isc_task_exclusive() prior to * thawing the view. * * Requires: * \li 'view' is a valid, frozen view. * Ensures: * \li 'view' is no longer frozen. / isc_result_t dns_view_find(dns_view_t view, const dns_name_t name, dns_rdatatype_t type, isc_stdtime_t now, unsigned int options, bool use_hints, bool use_static_stub, dns_db_t dbp, dns_dbnode_t nodep, dns_name_t foundname, dns_rdataset_t rdataset, dns_rdataset_t sigrdataset); /%< * Find an rdataset whose owner name is 'name', and whose type is * 'type'. * In general, this function first searches view's zone and cache DBs for the * best match data against 'name'. If nothing found there, and if 'use_hints' * is true, the view's hint DB (if configured) is searched. * If the view is configured with a static-stub zone which gives the longest * match for 'name' among the zones, however, the cache DB is not consulted * unless 'use_static_stub' is false (see below about this argument). * * dns_view_find() is a backward compatible version equivalent to * dns_view_find2() with use_static_stub argument being false. * * Notes: * \li See the description of dns_db_find() for information about 'options'. If the caller sets #DNS_DBFIND_GLUEOK, it must ensure that 'name' * and 'type' are appropriate for glue retrieval. * \li If 'now' is zero, then the current time will be used. \li If 'use_hints' is true, and the view has a hints database, then it will be searched last. If the answer is found in the hints * database, the result code will be DNS_R_HINT. If the name is found * in the hints database but not the type, the result code will be * #DNS_R_HINTNXRRSET. * \li If 'use_static_stub' is false and the longest match zone for 'name' is a static-stub zone, it's ignored and the cache and/or hints will be * searched. In the majority of the cases this argument should be * false. The only known usage of this argument being true is * if this search is for a "bailiwick" glue A or AAAA RRset that may * best match a static-stub zone. Consider the following example: * this view is configured with a static-stub zone "example.com", * and an attempt of recursive resolution needs to send a query for the * zone. In this case it's quite likely that the resolver is trying to * find A/AAAA RRs for the apex name "example.com". And, to honor the * static-stub configuration it needs to return the glue RRs in the * static-stub zone even if that exact RRs coming from the authoritative * zone has been cached. * In other general cases, the requested data is better to be * authoritative, either locally configured or retrieved from an external * server, and the data in the static-stub zone should better be ignored. * \li 'foundname' must meet the requirements of dns_db_find(). \li If 'sigrdataset' is not NULL, and there is a SIG rdataset which covers 'type', then 'sigrdataset' will be bound to it. * * Requires: * \li 'view' is a valid, frozen view. \li 'name' is valid name. \li 'type' is a valid dns_rdatatype_t, and is not a meta query type except dns_rdatatype_any. * \li dbp == NULL \|\| dbp == NULL * \li nodep == NULL \|\| nodep == NULL. If nodep != NULL, dbp != NULL. * \li 'foundname' is a valid name with a dedicated buffer or NULL. \li 'rdataset' is a valid, disassociated rdataset. \li 'sigrdataset' is NULL, or is a valid, disassociated rdataset. * Ensures: * \li In successful cases, 'rdataset', and possibly 'sigrdataset', are bound to the found data. * \li If dbp != NULL, it points to the database containing the data. \li If nodep != NULL, it points to the database node containing the data. \li If foundname != NULL, it contains the full name of the found data. * Returns: * \li Any result that dns_db_find() can return, with the exception of #DNS_R_DELEGATION. / isc_result_t dns_view_simplefind(dns_view_t view, const dns_name_t name, dns_rdatatype_t type, isc_stdtime_t now, unsigned int options, bool use_hints, dns_rdataset_t rdataset, dns_rdataset_t sigrdataset); /%< * Find an rdataset whose owner name is 'name', and whose type is * 'type'. * * Notes: * \li This routine is appropriate for simple, exact-match queries of the view. 'name' must be a canonical name; there is no DNAME or CNAME * processing. * \li See the description of dns_db_find() for information about 'options'. If the caller sets DNS_DBFIND_GLUEOK, it must ensure that 'name' * and 'type' are appropriate for glue retrieval. * \li If 'now' is zero, then the current time will be used. \li If 'use_hints' is true, and the view has a hints database, then it will be searched last. If the answer is found in the hints * database, the result code will be DNS_R_HINT. If the name is found * in the hints database but not the type, the result code will be * DNS_R_HINTNXRRSET. * \li If 'sigrdataset' is not NULL, and there is a SIG rdataset which covers 'type', then 'sigrdataset' will be bound to it. * * Requires: * \li 'view' is a valid, frozen view. \li 'name' is valid name. \li 'type' is a valid dns_rdatatype_t, and is not a meta query type (e.g. dns_rdatatype_any), or dns_rdatatype_rrsig. * \li 'rdataset' is a valid, disassociated rdataset. \li 'sigrdataset' is NULL, or is a valid, disassociated rdataset. * Ensures: * \li In successful cases, 'rdataset', and possibly 'sigrdataset', are bound to the found data. * * Returns: * \li #ISC_R_SUCCESS Success; result is desired type. \li DNS_R_GLUE Success; result is glue. \li DNS_R_HINT Success; result is a hint. \li DNS_R_NCACHENXDOMAIN Success; result is a ncache entry. \li DNS_R_NCACHENXRRSET Success; result is a ncache entry. \li DNS_R_NXDOMAIN The name does not exist. \li DNS_R_NXRRSET The rrset does not exist. \li #ISC_R_NOTFOUND No matching data found, * or an error occurred. / isc_result_t dns_view_findzonecut(dns_view_t view, const dns_name_t name, dns_name_t fname, dns_name_t dcname, isc_stdtime_t now, unsigned int options, bool use_hints, bool use_cache, dns_rdataset_t rdataset, dns_rdataset_t sigrdataset); /%< * Find the best known zonecut containing 'name'. * * This uses local authority, cache, and optionally hints data. * No external queries are performed. * * Notes: * \li If 'now' is zero, then the current time will be used. \li If 'use_hints' is true, and the view has a hints database, then it will be searched last. * \li If 'use_cache' is true, and the view has a cache, then it will be searched. * \li If 'sigrdataset' is not NULL, and there is a SIG rdataset which covers 'type', then 'sigrdataset' will be bound to it. * \li If the DNS_DBFIND_NOEXACT option is set, then the zonecut returned (if any) will be the deepest known ancestor of 'name'. * \li If dcname is not NULL the deepest cached name is copied to it. * Requires: * \li 'view' is a valid, frozen view. \li 'name' is valid name. \li 'rdataset' is a valid, disassociated rdataset. \li 'sigrdataset' is NULL, or is a valid, disassociated rdataset. * Returns: * \li #ISC_R_SUCCESS Success. \li Many other results are possible. / isc_result_t dns_viewlist_find(dns_viewlist_t list, const char name, dns_rdataclass_t rdclass, dns_view_t *viewp); /%< * Search for a view with name 'name' and class 'rdclass' in 'list'. * If found, 'viewp' is (strongly) attached to it. * Requires: * \li 'viewp' points to a NULL dns_view_t . * * Returns: * \li #ISC_R_SUCCESS A matching view was found. \li #ISC_R_NOTFOUND No matching view was found. / isc_result_t dns_viewlist_findzone(dns_viewlist_t list, const dns_name_t name, bool allclasses, dns_rdataclass_t rdclass, dns_zone_t zonep); /%< * Search zone with 'name' in view with 'rdclass' in viewlist 'list' * If found, zone is returned in zonep. If allclasses is set rdclass is ignored * Returns: \li #ISC_R_SUCCESS A matching zone was found. \li #ISC_R_NOTFOUND No matching zone was found. \li #ISC_R_MULTIPLE Multiple zones with the same name were found. / isc_result_t dns_view_findzone(dns_view_t view, const dns_name_t name, dns_zone_t *zonep); /%< * Search for the zone 'name' in the zone table of 'view'. * If found, 'zonep' is (strongly) attached to it. There * are no partial matches. * * Requires: * \li 'zonep' points to a NULL dns_zone_t . * * Returns: \li #ISC_R_SUCCESS A matching zone was found. \li #ISC_R_NOTFOUND No matching zone was found. \li others An error occurred. / isc_result_t dns_view_load(dns_view_t view, bool stop, bool newonly); isc_result_t dns_view_asyncload(dns_view_t view, bool newonly, dns_zt_allloaded_t callback, void arg); /%< * Load zones attached to this view. dns_view_load() loads * all zones whose master file has changed since the last * load * * dns_view_asyncload() loads zones asynchronously. When all zones * in the view have finished loading, 'callback' is called with argument * 'arg' to inform the caller. * * If 'stop' is true, stop on the first error and return it. * If 'stop' is false (or we are loading asynchronously), ignore errors. * * If 'newonly' is true load only zones that were never loaded. * * Requires: * \li 'view' is valid. / isc_result_t dns_view_gettsig(dns_view_t view, const dns_name_t keyname, dns_tsigkey_t *keyp); /%< * Find the TSIG key configured in 'view' with name 'keyname', * if any. * * Requires: \li keyp points to a NULL dns_tsigkey_t . * * Returns: \li #ISC_R_SUCCESS A key was found and 'keyp' now points to it. \li #ISC_R_NOTFOUND No key was found. \li others An error occurred. / isc_result_t dns_view_getpeertsig(dns_view_t view, const isc_netaddr_t peeraddr, dns_tsigkey_t keyp); /%< * Find the TSIG key configured in 'view' for the server whose * address is 'peeraddr', if any. * * Requires: * keyp points to a NULL dns_tsigkey_t . * Returns: \li #ISC_R_SUCCESS A key was found and 'keyp' now points to it. \li #ISC_R_NOTFOUND No key was found. \li others An error occurred. / isc_result_t dns_view_checksig(dns_view_t view, isc_buffer_t source, dns_message_t msg); /%< Verifies the signature of a message. * * Requires: * \li 'view' is a valid view. \li 'source' is a valid buffer containing the message \li 'msg' is a valid message * Returns: \li see dns_tsig_verify() / void dns_view_dialup(dns_view_t view); /%< * Perform dialup-time maintenance on the zones of 'view'. / isc_result_t dns_view_dumpdbtostream(dns_view_t view, FILE fp); /%< * Dump the current state of the view 'view' to the stream 'fp' * for purposes of analysis or debugging. * * Currently the dumped state includes the view's cache; in the future * it may also include other state such as the address database. * It will not not include authoritative data since it is voluminous and * easily obtainable by other means. * * Requires: * \li 'view' is valid. \li 'fp' refers to a file open for writing. * Returns: * \li ISC_R_SUCCESS The cache was successfully dumped. * \li others An error occurred (see dns_master_dump) / isc_result_t dns_view_flushcache(dns_view_t view, bool fixuponly); /%< Flush the view's cache (and ADB). If 'fixuponly' is true, it only updates * the internal reference to the cache DB with omitting actual flush operation. * 'fixuponly' is intended to be used for a view that shares a cache with * a different view. dns_view_flushcache() is a backward compatible version * that always sets fixuponly to false. * * Requires: * 'view' is valid. * * No other tasks are executing. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY / isc_result_t dns_view_flushnode(dns_view_t view, const dns_name_t name, bool tree); /%< * Flush the given name from the view's cache (and optionally ADB/badcache). * * Flush the given name from the cache, ADB, and bad cache. If 'tree' * is true, also flush all subdomains of 'name'. * * Requires: \li 'view' is valid. \li 'name' is valid. * * Returns: \li #ISC_R_SUCCESS other returns are failures. / isc_result_t dns_view_flushname(dns_view_t view, const dns_name_t name); /%< * Flush the given name from the view's cache, ADB and badcache. * Equivalent to dns_view_flushnode(view, name, false). * * * Requires: \li 'view' is valid. \li 'name' is valid. * * Returns: \li #ISC_R_SUCCESS other returns are failures. / isc_result_t dns_view_adddelegationonly(dns_view_t view, const dns_name_t name); /%< * Add the given name to the delegation only table. * * Requires: \li 'view' is valid. \li 'name' is valid. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY / isc_result_t dns_view_excludedelegationonly(dns_view_t view, const dns_name_t name); /%< * Add the given name to be excluded from the root-delegation-only. * * * Requires: \li 'view' is valid. \li 'name' is valid. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY / bool dns_view_isdelegationonly(dns_view_t view, const dns_name_t name); /%< * Check if 'name' is in the delegation only table or if * rootdelonly is set that name is not being excluded. * * Requires: \li 'view' is valid. \li 'name' is valid. * * Returns: \li #true if the name is the table. \li #false otherwise. / void dns_view_setrootdelonly(dns_view_t view, bool value); /%< Set the root delegation only flag. * * Requires: \li 'view' is valid. / bool dns_view_getrootdelonly(dns_view_t view); /%< * Get the root delegation only flag. * * Requires: \li 'view' is valid. / isc_result_t dns_view_freezezones(dns_view_t view, bool freeze); /%< * Freeze/thaw updates to master zones. * * Requires: * \li 'view' is valid. / void dns_view_setadbstats(dns_view_t view, isc_stats_t stats); /%< * Set a adb statistics set 'stats' for 'view'. * * Requires: * \li 'view' is valid and is not frozen. * \li stats is a valid statistics supporting adb statistics (see dns/stats.h). / void dns_view_getadbstats(dns_view_t view, isc_stats_t *statsp); /%< * Get the adb statistics counter set for 'view'. If a statistics set is * set 'statsp' will be attached to the set; otherwise, 'statsp' will be * untouched. * * Requires: * \li 'view' is valid and is not frozen. * \li 'statsp' != NULL && 'statsp' != NULL / void dns_view_setresstats(dns_view_t view, isc_stats_t stats); /%< * Set a general resolver statistics counter set 'stats' for 'view'. * * Requires: * \li 'view' is valid and is not frozen. * \li stats is a valid statistics supporting resolver statistics counters (see dns/stats.h). / void dns_view_getresstats(dns_view_t view, isc_stats_t *statsp); /%< * Get the general statistics counter set for 'view'. If a statistics set is * set 'statsp' will be attached to the set; otherwise, 'statsp' will be * untouched. * * Requires: * \li 'view' is valid and is not frozen. * \li 'statsp' != NULL && 'statsp' != NULL / void dns_view_setresquerystats(dns_view_t view, dns_stats_t stats); /%< * Set a statistics counter set of rdata type, 'stats', for 'view'. Once the * statistic set is installed, view's resolver will count outgoing queries * per rdata type. * * Requires: * \li 'view' is valid and is not frozen. * \li stats is a valid statistics created by dns_rdatatypestats_create(). / void dns_view_getresquerystats(dns_view_t view, dns_stats_t statsp); /%< * Get the rdatatype statistics counter set for 'view'. If a statistics set is * set 'statsp' will be attached to the set; otherwise, 'statsp' will be * untouched. * * Requires: * \li 'view' is valid and is not frozen. * \li 'statsp' != NULL && 'statsp' != NULL / bool dns_view_iscacheshared(dns_view_t view); /%< Check if the view shares the cache created by another view. * * Requires: * \li 'view' is valid. * * Returns: \li #true if the cache is shared. \li #false otherwise. / isc_result_t dns_view_initntatable(dns_view_t view, isc_taskmgr_t taskmgr, isc_timermgr_t timermgr); /%< Initialize the negative trust anchor table for the view. * * Requires: * \li 'view' is valid. * * Returns: \li ISC_R_SUCCESS \li Any other result indicates failure / isc_result_t dns_view_getntatable(dns_view_t view, dns_ntatable_t *ntp); /%< * Get the negative trust anchor table for this view. Returns * ISC_R_NOTFOUND if the table not been initialized for the view. * * 'ntp' is attached on success; the caller is responsible for detaching it with dns_ntatable_detach(). * * Requires: * \li 'view' is valid. * \li 'nta' is not NULL and 'nta' is NULL. * Returns: \li ISC_R_SUCCESS \li ISC_R_NOTFOUND / isc_result_t dns_view_initsecroots(dns_view_t view, isc_mem_t mctx); /%< * Initialize security roots for the view, detaching any previously * existing security roots first. (Note that secroots_priv is * NULL until this function is called, so any function using * security roots must check that they have been initialized first. * One way to do this is use dns_view_getsecroots() and check its * return value.) * * Requires: * \li 'view' is valid. * * Returns: \li ISC_R_SUCCESS \li Any other result indicates failure / isc_result_t dns_view_getsecroots(dns_view_t view, dns_keytable_t *ktp); /%< * Get the security roots for this view. Returns ISC_R_NOTFOUND if * the security roots keytable has not been initialized for the view. * * 'ktp' is attached on success; the caller is responsible for detaching it with dns_keytable_detach(). * * Requires: * \li 'view' is valid. * \li 'ktp' is not NULL and 'ktp' is NULL. * Returns: \li ISC_R_SUCCESS \li ISC_R_NOTFOUND / isc_result_t dns_view_issecuredomain(dns_view_t view, const dns_name_t name, isc_stdtime_t now, bool checknta, bool ntap, bool secure_domain); /%< * Is 'name' at or beneath a trusted key, and not covered by a valid * negative trust anchor? Put answer in 'secure_domain'. * If 'checknta' is false, ignore the NTA table in determining * whether this is a secure domain. If 'checknta' is not false, and if * 'ntap' is non-NULL, then 'ntap' will be updated with true if the name is covered by an NTA. * * Requires: * \li 'view' is valid. * * Returns: \li ISC_R_SUCCESS \li Any other value indicates failure / bool dns_view_ntacovers(dns_view_t view, isc_stdtime_t now, const dns_name_t name, const dns_name_t anchor); /%< Is there a current negative trust anchor above 'name' and below 'anchor'? * * Requires: * \li 'view' is valid. * * Returns: \li ISC_R_TRUE \li ISC_R_FALSE / void dns_view_untrust(dns_view_t view, const dns_name_t keyname, dns_rdata_dnskey_t dnskey); /%< Remove keys that match 'keyname' and 'dnskey' from the views trust * anchors. * * (NOTE: If the configuration specifies that there should be a * trust anchor at 'keyname', but no keys are left after this * operation, that is an error. We fail closed, inserting a NULL * key so as to prevent validation until a legimitate key has been * provided.) * * Requires: * \li 'view' is valid. * \li 'keyname' is valid. * \li 'dnskey' is valid. / isc_result_t dns_view_setnewzones(dns_view_t view, bool allow, void cfgctx, void (cfg_destroy)(void *), uint64_t mapsize); /%< * Set whether or not to allow zones to be created or deleted at runtime. * * If 'allow' is true, determines the filename into which new zone * configuration will be written. Preserves the configuration context * (a pointer to which is passed in 'cfgctx') for use when parsing new * zone configuration. 'cfg_destroy' points to a callback routine to * destroy the configuration context when the view is destroyed. (This * roundabout method is used in order to avoid libdns having a dependency * on libisccfg and libbind9.) * * If 'allow' is false, removes any existing references to * configuration context and frees any memory. * * Requires: * \li 'view' is valid. * * Returns: * \li ISC_R_SUCCESS * \li ISC_R_NOSPACE / void dns_view_setnewzonedir(dns_view_t view, const char dir); const char dns_view_getnewzonedir(dns_view_t view); /%< * Set/get the path to the directory in which NZF or NZD files should * be stored. If the path was previously set to a non-NULL value, * the previous value is freed. * * Requires: * \li 'view' is valid. / void dns_view_restorekeyring(dns_view_t view); isc_result_t dns_view_searchdlz(dns_view_t view, const dns_name_t name, unsigned int minlabels, dns_clientinfomethods_t methods, dns_clientinfo_t clientinfo, dns_db_t *dbp); /%< * Search through the DLZ database(s) in view->dlz_searched to find * one that can answer a query for 'name', using the DLZ driver's * findzone method. If successful, 'dbp' is set to point to the DLZ database. * * Returns: * \li ISC_R_SUCCESS * \li ISC_R_NOTFOUND * * Requires: * \li 'view' is valid. * \li 'name' is not NULL. * \li 'dbp' is not NULL and dbp is NULL. / uint32_t dns_view_getfailttl(dns_view_t view); /%< * Get the view's servfail-ttl. zero => no servfail caching. * * Requires: \li 'view' to be valid. / void dns_view_setfailttl(dns_view_t view, uint32_t failttl); /%< * Set the view's servfail-ttl. zero => no servfail caching. * * Requires: \li 'view' to be valid. / isc_result_t dns_view_saventa(dns_view_t view); /%< * Save NTA for names in this view to a file. * * Requires: \li 'view' to be valid. / isc_result_t dns_view_loadnta(dns_view_t view); /%< * Loads NTA for names in this view from a file. * * Requires: \li 'view' to be valid. / void dns_view_setviewcommit(dns_view_t view); /%< * Commit dns_zone_setview() calls previously made for all zones in this * view. * * Requires: \li 'view' to be valid. / void dns_view_setviewrevert(dns_view_t view); /%< * Revert dns_zone_setview() calls previously made for all zones in this * view. * * Requires: \li 'view' to be valid. / bool dns_view_staleanswerenabled(dns_view_t view); /%< * Check if stale answers are enabled for this view. * * Requires: \li 'view' to be valid. / void dns_view_setmaxrrperset(dns_view_t view, uint32_t value); /%< * Set the maximum resource records per RRSet that can be cached. / void dns_view_setmaxtypepername(dns_view_t view, uint32_t value); /%< Set the maximum resource record types per owner name that can be cached. / ISC_LANG_ENDDECLS #endif / DNS_VIEW_H / ��dns/enumtype.h��0000644��00000020445�15125204631�0007353 0��ustar�00��/ * Copyright (C) 1998-2025 Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. / /************ *********** *********** THIS FILE IS AUTOMATICALLY GENERATED BY gen.c. *********** DO NOT EDIT! *********** ************/ /! \file / #ifndef DNS_ENUMTYPE_H #define DNS_ENUMTYPE_H 1 enum { dns_rdatatype_none = 0, dns_rdatatype_a = 1, dns_rdatatype_ns = 2, dns_rdatatype_md = 3, dns_rdatatype_mf = 4, dns_rdatatype_cname = 5, dns_rdatatype_soa = 6, dns_rdatatype_mb = 7, dns_rdatatype_mg = 8, dns_rdatatype_mr = 9, dns_rdatatype_null = 10, dns_rdatatype_wks = 11, dns_rdatatype_ptr = 12, dns_rdatatype_hinfo = 13, dns_rdatatype_minfo = 14, dns_rdatatype_mx = 15, dns_rdatatype_txt = 16, dns_rdatatype_rp = 17, dns_rdatatype_afsdb = 18, dns_rdatatype_x25 = 19, dns_rdatatype_isdn = 20, dns_rdatatype_rt = 21, dns_rdatatype_nsap = 22, dns_rdatatype_nsap_ptr = 23, dns_rdatatype_sig = 24, dns_rdatatype_key = 25, dns_rdatatype_px = 26, dns_rdatatype_gpos = 27, dns_rdatatype_aaaa = 28, dns_rdatatype_loc = 29, dns_rdatatype_nxt = 30, dns_rdatatype_eid = 31, dns_rdatatype_nimloc = 32, dns_rdatatype_srv = 33, dns_rdatatype_atma = 34, dns_rdatatype_naptr = 35, dns_rdatatype_kx = 36, dns_rdatatype_cert = 37, dns_rdatatype_a6 = 38, dns_rdatatype_dname = 39, dns_rdatatype_sink = 40, dns_rdatatype_opt = 41, dns_rdatatype_apl = 42, dns_rdatatype_ds = 43, dns_rdatatype_sshfp = 44, dns_rdatatype_ipseckey = 45, dns_rdatatype_rrsig = 46, dns_rdatatype_nsec = 47, dns_rdatatype_dnskey = 48, dns_rdatatype_dhcid = 49, dns_rdatatype_nsec3 = 50, dns_rdatatype_nsec3param = 51, dns_rdatatype_tlsa = 52, dns_rdatatype_smimea = 53, dns_rdatatype_hip = 55, dns_rdatatype_ninfo = 56, dns_rdatatype_rkey = 57, dns_rdatatype_talink = 58, dns_rdatatype_cds = 59, dns_rdatatype_cdnskey = 60, dns_rdatatype_openpgpkey = 61, dns_rdatatype_csync = 62, dns_rdatatype_zonemd = 63, dns_rdatatype_svcb = 64, dns_rdatatype_https = 65, dns_rdatatype_spf = 99, dns_rdatatype_nid = 104, dns_rdatatype_l32 = 105, dns_rdatatype_l64 = 106, dns_rdatatype_lp = 107, dns_rdatatype_eui48 = 108, dns_rdatatype_eui64 = 109, dns_rdatatype_tkey = 249, dns_rdatatype_tsig = 250, dns_rdatatype_uri = 256, dns_rdatatype_caa = 257, dns_rdatatype_avc = 258, dns_rdatatype_doa = 259, dns_rdatatype_amtrelay = 260, dns_rdatatype_ta = 32768, dns_rdatatype_dlv = 32769, dns_rdatatype_keydata = 65533, dns_rdatatype_ixfr = 251, dns_rdatatype_axfr = 252, dns_rdatatype_mailb = 253, dns_rdatatype_maila = 254, dns_rdatatype_any = 255 }; #define dns_rdatatype_none ((dns_rdatatype_t)dns_rdatatype_none) #define dns_rdatatype_a ((dns_rdatatype_t)dns_rdatatype_a) #define dns_rdatatype_ns ((dns_rdatatype_t)dns_rdatatype_ns) #define dns_rdatatype_md ((dns_rdatatype_t)dns_rdatatype_md) #define dns_rdatatype_mf ((dns_rdatatype_t)dns_rdatatype_mf) #define dns_rdatatype_cname ((dns_rdatatype_t)dns_rdatatype_cname) #define dns_rdatatype_soa ((dns_rdatatype_t)dns_rdatatype_soa) #define dns_rdatatype_mb ((dns_rdatatype_t)dns_rdatatype_mb) #define dns_rdatatype_mg ((dns_rdatatype_t)dns_rdatatype_mg) #define dns_rdatatype_mr ((dns_rdatatype_t)dns_rdatatype_mr) #define dns_rdatatype_null ((dns_rdatatype_t)dns_rdatatype_null) #define dns_rdatatype_wks ((dns_rdatatype_t)dns_rdatatype_wks) #define dns_rdatatype_ptr ((dns_rdatatype_t)dns_rdatatype_ptr) #define dns_rdatatype_hinfo ((dns_rdatatype_t)dns_rdatatype_hinfo) #define dns_rdatatype_minfo ((dns_rdatatype_t)dns_rdatatype_minfo) #define dns_rdatatype_mx ((dns_rdatatype_t)dns_rdatatype_mx) #define dns_rdatatype_txt ((dns_rdatatype_t)dns_rdatatype_txt) #define dns_rdatatype_rp ((dns_rdatatype_t)dns_rdatatype_rp) #define dns_rdatatype_afsdb ((dns_rdatatype_t)dns_rdatatype_afsdb) #define dns_rdatatype_x25 ((dns_rdatatype_t)dns_rdatatype_x25) #define dns_rdatatype_isdn ((dns_rdatatype_t)dns_rdatatype_isdn) #define dns_rdatatype_rt ((dns_rdatatype_t)dns_rdatatype_rt) #define dns_rdatatype_nsap ((dns_rdatatype_t)dns_rdatatype_nsap) #define dns_rdatatype_nsap_ptr ((dns_rdatatype_t)dns_rdatatype_nsap_ptr) #define dns_rdatatype_sig ((dns_rdatatype_t)dns_rdatatype_sig) #define dns_rdatatype_key ((dns_rdatatype_t)dns_rdatatype_key) #define dns_rdatatype_px ((dns_rdatatype_t)dns_rdatatype_px) #define dns_rdatatype_gpos ((dns_rdatatype_t)dns_rdatatype_gpos) #define dns_rdatatype_aaaa ((dns_rdatatype_t)dns_rdatatype_aaaa) #define dns_rdatatype_loc ((dns_rdatatype_t)dns_rdatatype_loc) #define dns_rdatatype_nxt ((dns_rdatatype_t)dns_rdatatype_nxt) #define dns_rdatatype_eid ((dns_rdatatype_t)dns_rdatatype_eid) #define dns_rdatatype_nimloc ((dns_rdatatype_t)dns_rdatatype_nimloc) #define dns_rdatatype_srv ((dns_rdatatype_t)dns_rdatatype_srv) #define dns_rdatatype_atma ((dns_rdatatype_t)dns_rdatatype_atma) #define dns_rdatatype_naptr ((dns_rdatatype_t)dns_rdatatype_naptr) #define dns_rdatatype_kx ((dns_rdatatype_t)dns_rdatatype_kx) #define dns_rdatatype_cert ((dns_rdatatype_t)dns_rdatatype_cert) #define dns_rdatatype_a6 ((dns_rdatatype_t)dns_rdatatype_a6) #define dns_rdatatype_dname ((dns_rdatatype_t)dns_rdatatype_dname) #define dns_rdatatype_sink ((dns_rdatatype_t)dns_rdatatype_sink) #define dns_rdatatype_opt ((dns_rdatatype_t)dns_rdatatype_opt) #define dns_rdatatype_apl ((dns_rdatatype_t)dns_rdatatype_apl) #define dns_rdatatype_ds ((dns_rdatatype_t)dns_rdatatype_ds) #define dns_rdatatype_sshfp ((dns_rdatatype_t)dns_rdatatype_sshfp) #define dns_rdatatype_ipseckey ((dns_rdatatype_t)dns_rdatatype_ipseckey) #define dns_rdatatype_rrsig ((dns_rdatatype_t)dns_rdatatype_rrsig) #define dns_rdatatype_nsec ((dns_rdatatype_t)dns_rdatatype_nsec) #define dns_rdatatype_dnskey ((dns_rdatatype_t)dns_rdatatype_dnskey) #define dns_rdatatype_dhcid ((dns_rdatatype_t)dns_rdatatype_dhcid) #define dns_rdatatype_nsec3 ((dns_rdatatype_t)dns_rdatatype_nsec3) #define dns_rdatatype_nsec3param ((dns_rdatatype_t)dns_rdatatype_nsec3param) #define dns_rdatatype_tlsa ((dns_rdatatype_t)dns_rdatatype_tlsa) #define dns_rdatatype_smimea ((dns_rdatatype_t)dns_rdatatype_smimea) #define dns_rdatatype_hip ((dns_rdatatype_t)dns_rdatatype_hip) #define dns_rdatatype_ninfo ((dns_rdatatype_t)dns_rdatatype_ninfo) #define dns_rdatatype_rkey ((dns_rdatatype_t)dns_rdatatype_rkey) #define dns_rdatatype_talink ((dns_rdatatype_t)dns_rdatatype_talink) #define dns_rdatatype_cds ((dns_rdatatype_t)dns_rdatatype_cds) #define dns_rdatatype_cdnskey ((dns_rdatatype_t)dns_rdatatype_cdnskey) #define dns_rdatatype_openpgpkey ((dns_rdatatype_t)dns_rdatatype_openpgpkey) #define dns_rdatatype_csync ((dns_rdatatype_t)dns_rdatatype_csync) #define dns_rdatatype_zonemd ((dns_rdatatype_t)dns_rdatatype_zonemd) #define dns_rdatatype_svcb ((dns_rdatatype_t)dns_rdatatype_svcb) #define dns_rdatatype_https ((dns_rdatatype_t)dns_rdatatype_https) #define dns_rdatatype_spf ((dns_rdatatype_t)dns_rdatatype_spf) #define dns_rdatatype_nid ((dns_rdatatype_t)dns_rdatatype_nid) #define dns_rdatatype_l32 ((dns_rdatatype_t)dns_rdatatype_l32) #define dns_rdatatype_l64 ((dns_rdatatype_t)dns_rdatatype_l64) #define dns_rdatatype_lp ((dns_rdatatype_t)dns_rdatatype_lp) #define dns_rdatatype_eui48 ((dns_rdatatype_t)dns_rdatatype_eui48) #define dns_rdatatype_eui64 ((dns_rdatatype_t)dns_rdatatype_eui64) #define dns_rdatatype_tkey ((dns_rdatatype_t)dns_rdatatype_tkey) #define dns_rdatatype_tsig ((dns_rdatatype_t)dns_rdatatype_tsig) #define dns_rdatatype_uri ((dns_rdatatype_t)dns_rdatatype_uri) #define dns_rdatatype_caa ((dns_rdatatype_t)dns_rdatatype_caa) #define dns_rdatatype_avc ((dns_rdatatype_t)dns_rdatatype_avc) #define dns_rdatatype_doa ((dns_rdatatype_t)dns_rdatatype_doa) #define dns_rdatatype_amtrelay ((dns_rdatatype_t)dns_rdatatype_amtrelay) #define dns_rdatatype_ta ((dns_rdatatype_t)dns_rdatatype_ta) #define dns_rdatatype_dlv ((dns_rdatatype_t)dns_rdatatype_dlv) #define dns_rdatatype_keydata ((dns_rdatatype_t)dns_rdatatype_keydata) #define dns_rdatatype_ixfr ((dns_rdatatype_t)dns_rdatatype_ixfr) #define dns_rdatatype_axfr ((dns_rdatatype_t)dns_rdatatype_axfr) #define dns_rdatatype_mailb ((dns_rdatatype_t)dns_rdatatype_mailb) #define dns_rdatatype_maila ((dns_rdatatype_t)dns_rdatatype_maila) #define dns_rdatatype_any ((dns_rdatatype_t)dns_rdatatype_any) #endif / DNS_ENUMTYPE_H / ��dns/zoneverify.h��0000644��00000002561�15125204631�0007704 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once /! \file dns/zoneverify.h / #include <stdbool.h> #include <isc/types.h> #include <dns/types.h> ISC_LANG_BEGINDECLS /% * Verify that certain things are sane: * * The apex has a DNSKEY record with at least one KSK, and at least * one ZSK if the -x flag was not used. * * The DNSKEY record was signed with at least one of the KSKs in this * set. * * The rest of the zone was signed with at least one of the ZSKs * present in the DNSKEY RRSET. * * Mark all RRsets correctly signed by one of the keys in the DNSKEY RRset at * zone apex as secure. * * If 'secroots' is not NULL, mark the DNSKEY RRset as secure if it is * correctly signed by at least one key present in 'secroots'. / isc_result_t dns_zoneverify_dnssec(dns_zone_t zone, dns_db_t db, dns_dbversion_t ver, dns_name_t origin, dns_keytable_t secroots, isc_mem_t mctx, bool ignore_kskflag, bool keyset_kskonly, void (report)(const char , ...)); ISC_LANG_ENDDECLS ��dns/message.h��0000644��00000115217�15125204631�0007133 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * SPDX-License-Identifier: MPL-2.0 * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once / * Imports **/ #include <inttypes.h> #include <stdbool.h> #include <isc/lang.h> #include <isc/magic.h> #include <isc/refcount.h> #include <dns/compress.h> #include <dns/masterdump.h> #include <dns/types.h> #include <dst/dst.h> /! \file dns/message.h * \brief Message Handling Module * * How this beast works: * * When a dns message is received in a buffer, dns_message_parse() is called * on the memory region. Various items are checked including the format * of the message (if counts are right, if counts consume the entire sections, * and if sections consume the entire message) and known pseudo-RRs in the * additional data section are analyzed and removed. * * TSIG checking is also done at this layer, and any DNSSEC transaction * signatures should also be checked here. * * Notes on using the gettemp() and puttemp() functions: * * These functions return items (names, rdatasets, etc) allocated from some * internal state of the dns_message_t. * * Names and rdatasets must be put back into the dns_message_t in * one of two ways. Assume a name was allocated via * dns_message_gettempname(): * \li (1) insert it into a section, using dns_message_addname(). \li (2) return it to the message using dns_message_puttempname(). * The same applies to rdatasets. * * On the other hand, offsets, rdatalists and rdatas allocated using * dns_message_gettemp() will always be freed automatically when the message is reset or destroyed; calling dns_message_puttemp() on rdatalists and rdatas is optional and serves only to enable the item * to be reused multiple times during the lifetime of the message; offsets * cannot be reused. * * Buffers allocated using isc_buffer_allocate() can be automatically freed * as well by giving the buffer to the message using dns_message_takebuffer(). * Doing this will cause the buffer to be freed using isc_buffer_free() * when the section lists are cleared, such as in a reset or in a destroy. * Since the buffer itself exists until the message is destroyed, this sort * of code can be written: * * \code * buffer = isc_buffer_allocate(mctx, 512); * name = NULL; * result = dns_message_gettempname(message, &name); * result = dns_name_fromtext(name, &source, dns_rootname, 0, buffer); * dns_message_takebuffer(message, &buffer); * \endcode * * * TODO: * * XXX Needed: ways to set and retrieve EDNS information, add rdata to a * section, move rdata from one section to another, remove rdata, etc. / #define DNS_MESSAGEFLAG_QR 0x8000U #define DNS_MESSAGEFLAG_AA 0x0400U #define DNS_MESSAGEFLAG_TC 0x0200U #define DNS_MESSAGEFLAG_RD 0x0100U #define DNS_MESSAGEFLAG_RA 0x0080U #define DNS_MESSAGEFLAG_AD 0x0020U #define DNS_MESSAGEFLAG_CD 0x0010U /%< EDNS0 extended message flags / #define DNS_MESSAGEEXTFLAG_DO 0x8000U /%< EDNS0 extended OPT codes / #define DNS_OPT_LLQ 1 /%< LLQ opt code / #define DNS_OPT_NSID 3 /%< NSID opt code / #define DNS_OPT_CLIENT_SUBNET 8 /%< client subnet opt code / #define DNS_OPT_EXPIRE 9 /%< EXPIRE opt code / #define DNS_OPT_COOKIE 10 /%< COOKIE opt code / #define DNS_OPT_TCP_KEEPALIVE 11 /%< TCP keepalive opt code / #define DNS_OPT_PAD 12 /%< PAD opt code / #define DNS_OPT_KEY_TAG 14 /%< Key tag opt code / #define DNS_OPT_EDE 15 /%< Extended DNS Error opt code / #define DNS_OPT_CLIENT_TAG 16 /%< Client tag opt code / #define DNS_OPT_SERVER_TAG 17 /%< Server tag opt code / /%< Experimental options [65001...65534] as per RFC6891 / /%< The number of EDNS options we know about. / #define DNS_EDNSOPTIONS 7 #define DNS_MESSAGE_REPLYPRESERVE (DNS_MESSAGEFLAG_RD \| DNS_MESSAGEFLAG_CD) #define DNS_MESSAGEEXTFLAG_REPLYPRESERVE (DNS_MESSAGEEXTFLAG_DO) #define DNS_MESSAGE_HEADERLEN 12 /%< 6 uint16_t's / #define DNS_MESSAGE_MAGIC ISC_MAGIC('M', 'S', 'G', '@') #define DNS_MESSAGE_VALID(msg) ISC_MAGIC_VALID(msg, DNS_MESSAGE_MAGIC) / * Ordering here matters. DNS_SECTION_ANY must be the lowest and negative, * and DNS_SECTION_MAX must be one greater than the last used section. / typedef int dns_section_t; #define DNS_SECTION_ANY (-1) #define DNS_SECTION_QUESTION 0 #define DNS_SECTION_ANSWER 1 #define DNS_SECTION_AUTHORITY 2 #define DNS_SECTION_ADDITIONAL 3 #define DNS_SECTION_MAX 4 typedef int dns_pseudosection_t; #define DNS_PSEUDOSECTION_ANY (-1) #define DNS_PSEUDOSECTION_OPT 0 #define DNS_PSEUDOSECTION_TSIG 1 #define DNS_PSEUDOSECTION_SIG0 2 #define DNS_PSEUDOSECTION_MAX 3 typedef int dns_messagetextflag_t; #define DNS_MESSAGETEXTFLAG_NOCOMMENTS 0x0001 #define DNS_MESSAGETEXTFLAG_NOHEADERS 0x0002 #define DNS_MESSAGETEXTFLAG_ONESOA 0x0004 #define DNS_MESSAGETEXTFLAG_OMITSOA 0x0008 / * Dynamic update names for these sections. / #define DNS_SECTION_ZONE DNS_SECTION_QUESTION #define DNS_SECTION_PREREQUISITE DNS_SECTION_ANSWER #define DNS_SECTION_UPDATE DNS_SECTION_AUTHORITY / * These tell the message library how the created dns_message_t will be used. / #define DNS_MESSAGE_INTENTUNKNOWN 0 /%< internal use only / #define DNS_MESSAGE_INTENTPARSE 1 /%< parsing messages / #define DNS_MESSAGE_INTENTRENDER 2 /%< rendering / / * Control behavior of parsing / #define DNS_MESSAGEPARSE_PRESERVEORDER 0x0001 /%< preserve rdata order / #define DNS_MESSAGEPARSE_BESTEFFORT \ 0x0002 /%< return a message if a \ * recoverable parse error \ * occurs / #define DNS_MESSAGEPARSE_CLONEBUFFER \ 0x0004 /%< save a copy of the \ * source buffer / #define DNS_MESSAGEPARSE_IGNORETRUNCATION \ 0x0008 /%< truncation errors are \ * not fatal. / / * Control behavior of rendering / #define DNS_MESSAGERENDER_ORDERED 0x0001 /%< don't change order / #define DNS_MESSAGERENDER_PARTIAL 0x0002 /%< allow a partial rdataset / #define DNS_MESSAGERENDER_OMITDNSSEC 0x0004 /%< omit DNSSEC records / #define DNS_MESSAGERENDER_PREFER_A \ 0x0008 /%< prefer A records in \ * additional section. / #define DNS_MESSAGERENDER_PREFER_AAAA \ 0x0010 /%< prefer AAAA records in \ * additional section. / / Obsolete: DNS_MESSAGERENDER_FILTER_AAAA 0x0020 / typedef struct dns_msgblock dns_msgblock_t; struct dns_sortlist_arg { dns_aclenv_t env; const dns_acl_t acl; const dns_aclelement_t element; }; struct dns_message { /* public from here down / unsigned int magic; isc_refcount_t refcount; dns_messageid_t id; unsigned int flags; dns_rcode_t rcode; dns_opcode_t opcode; dns_rdataclass_t rdclass; / 4 real, 1 pseudo / unsigned int counts[DNS_SECTION_MAX]; / private from here down / dns_namelist_t sections[DNS_SECTION_MAX]; dns_name_t cursors[DNS_SECTION_MAX]; dns_rdataset_t opt; dns_rdataset_t sig0; dns_rdataset_t tsig; int state; unsigned int from_to_wire : 2; unsigned int header_ok : 1; unsigned int question_ok : 1; unsigned int tcp_continuation : 1; unsigned int verified_sig : 1; unsigned int verify_attempted : 1; unsigned int free_query : 1; unsigned int free_saved : 1; unsigned int cc_ok : 1; unsigned int cc_bad : 1; unsigned int tkey : 1; unsigned int rdclass_set : 1; unsigned int has_dname : 1; unsigned int opt_reserved; unsigned int sig_reserved; unsigned int reserved; / reserved space (render) / uint16_t padding; unsigned int padding_off; isc_buffer_t buffer; dns_compress_t cctx; isc_mem_t mctx; isc_mempool_t namepool; isc_mempool_t rdspool; isc_bufferlist_t scratchpad; isc_bufferlist_t cleanup; ISC_LIST(dns_msgblock_t) rdatas; ISC_LIST(dns_msgblock_t) rdatalists; ISC_LIST(dns_msgblock_t) offsets; ISC_LIST(dns_rdata_t) freerdata; ISC_LIST(dns_rdatalist_t) freerdatalist; dns_rcode_t tsigstatus; dns_rcode_t querytsigstatus; dns_name_t tsigname; / Owner name of TSIG, if any * / dns_rdataset_t querytsig; dns_tsigkey_t tsigkey; dst_context_t tsigctx; int sigstart; int timeadjust; dns_name_t sig0name; / Owner name of SIG0, if any * / dst_key_t sig0key; dns_rcode_t sig0status; isc_region_t query; isc_region_t saved; dns_rdatasetorderfunc_t order; dns_sortlist_arg_t order_arg; dns_indent_t indent; }; struct dns_ednsopt { uint16_t code; uint16_t length; unsigned char value; }; / * Functions **/ ISC_LANG_BEGINDECLS void dns_message_create(isc_mem_t mctx, unsigned int intent, dns_message_t *msgp); /%< * Create msg structure. * * This function will allocate some internal blocks of memory that are * expected to be needed for parsing or rendering nearly any type of message. * * Requires: \li 'mctx' be a valid memory context. \li 'msgp' be non-null and 'msg' be NULL. * \li 'intent' must be one of DNS_MESSAGE_INTENTPARSE or #DNS_MESSAGE_INTENTRENDER. * * Ensures: \li The data in "msg" is set to indicate an unused and empty msg * structure. * * Returns: \li #ISC_R_NOMEMORY -- out of memory \li #ISC_R_SUCCESS -- success / void dns_message_reset(dns_message_t msg, unsigned int intent); /%< Reset a message structure to default state. All internal lists are freed * or reset to a default state as well. This is simply a more efficient * way to call dns_message_detach() (assuming last reference is hold), * followed by dns_message_create(), since it avoid many memory allocations. * * If any data loanouts (buffers, names, rdatas, etc) were requested, * the caller must no longer use them after this call. * * The intended next use of the message will be 'intent'. * * Requires: * \li 'msg' be valid. \li 'intent' is DNS_MESSAGE_INTENTPARSE or DNS_MESSAGE_INTENTRENDER / void dns_message_attach(dns_message_t source, dns_message_t target); /%< * Attach to message 'source'. * * Requires: \li 'source' to be a valid message. \li 'target' to be non NULL and 'target' to be NULL. / void dns_message_detach(dns_message_t *messagep); /%< * Detach messagep from its message. list. * * Requires: \li 'messagep' to be a valid message. / isc_result_t dns_message_sectiontotext(dns_message_t msg, dns_section_t section, const dns_master_style_t style, dns_messagetextflag_t flags, isc_buffer_t target); isc_result_t dns_message_pseudosectiontotext(dns_message_t msg, dns_pseudosection_t section, const dns_master_style_t style, dns_messagetextflag_t flags, isc_buffer_t target); /%< * Convert section 'section' or 'pseudosection' of message 'msg' to * a cleartext representation * * Notes: * \li See dns_message_totext for meanings of flags. * * Requires: * \li 'msg' is a valid message. \li 'style' is a valid master dump style. \li 'target' is a valid buffer. \li 'section' is a valid section label. * Ensures: * \li If the result is success: The used space in 'target' is updated. * * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_NOSPACE \li #ISC_R_NOMORE \li Note: On error return, target may be partially filled with data. / isc_result_t dns_message_headertotext(dns_message_t msg, const dns_master_style_t style, dns_messagetextflag_t flags, isc_buffer_t target); /%< Convert the header section of message 'msg' to a cleartext * representation. This is called from dns_message_totext(). * * Notes on flags: \li If #DNS_MESSAGETEXTFLAG_NOHEADERS is set, header lines will be suppressed and this function is a no-op. * * Requires: * \li 'msg' is a valid message. \li 'target' is a valid buffer. * Ensures: * \li If the result is success: The used space in 'target' is updated. * * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_NOSPACE \li #ISC_R_NOMORE \li Note: On error return, target may be partially filled with data. / isc_result_t dns_message_totext(dns_message_t msg, const dns_master_style_t style, dns_messagetextflag_t flags, isc_buffer_t target); /%< Convert all sections of message 'msg' to a cleartext representation * * Notes on flags: \li If #DNS_MESSAGETEXTFLAG_NOCOMMENTS is cleared, lines beginning with ";;" will be emitted indicating section name. \li If #DNS_MESSAGETEXTFLAG_NOHEADERS is cleared, header lines will be emitted. \li If #DNS_MESSAGETEXTFLAG_ONESOA is set then only print the first SOA record in the answer section. \li If #DNS_MESSAGETEXTFLAG_OMITSOA is set don't print any SOA records * in the answer section. * * The SOA flags are useful for suppressing the display of the second * SOA record in an AXFR by setting #DNS_MESSAGETEXTFLAG_ONESOA on the * first message in an AXFR stream and #DNS_MESSAGETEXTFLAG_OMITSOA on * subsequent messages. * * Requires: * \li 'msg' is a valid message. \li 'style' is a valid master dump style. \li 'target' is a valid buffer. * Ensures: * \li If the result is success: The used space in 'target' is updated. * * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_NOSPACE \li #ISC_R_NOMORE \li Note: On error return, target may be partially filled with data. / isc_result_t dns_message_parse(dns_message_t msg, isc_buffer_t source, unsigned int options); /%< * Parse raw wire data in 'source' as a DNS message. * * OPT records are detected and stored in the pseudo-section "opt". * TSIGs are detected and stored in the pseudo-section "tsig". * * If #DNS_MESSAGEPARSE_PRESERVEORDER is set, or if the opcode of the message * is UPDATE, a separate dns_name_t object will be created for each RR in the * message. Each such dns_name_t will have a single rdataset containing the * single RR, and the order of the RRs in the message is preserved. * Otherwise, only one dns_name_t object will be created for each unique * owner name in the section, and each such dns_name_t will have a list * of rdatasets. To access the names and their data, use * dns_message_firstname() and dns_message_nextname(). * * If #DNS_MESSAGEPARSE_BESTEFFORT is set, errors in message content will * not be considered FORMERRs. If the entire message can be parsed, it * will be returned and DNS_R_RECOVERABLE will be returned. * * If #DNS_MESSAGEPARSE_IGNORETRUNCATION is set then return as many complete * RR's as possible, DNS_R_RECOVERABLE will be returned. * * OPT and TSIG records are always handled specially, regardless of the * 'preserve_order' setting. * * Requires: \li "msg" be valid. \li "buffer" be a wire format buffer. * Ensures: \li The buffer's data format is correct. \li The buffer's contents verify as correct regarding header bits, buffer and rdata sizes, etc. * * Returns: \li #ISC_R_SUCCESS -- all is well \li #ISC_R_NOMEMORY -- no memory \li #DNS_R_RECOVERABLE -- the message parsed properly, but contained errors. \li Many other errors possible XXXMLG / isc_result_t dns_message_renderbegin(dns_message_t msg, dns_compress_t cctx, isc_buffer_t buffer); /%< * Begin rendering on a message. Only one call can be made to this function * per message. * * The compression context is "owned" by the message library until * dns_message_renderend() is called. It must be invalidated by the caller. * * The buffer is "owned" by the message library until dns_message_renderend() * is called. * * Requires: * \li 'msg' be valid. \li 'cctx' be valid. \li 'buffer' is a valid buffer. * Side Effects: * \li The buffer is cleared before it is used. * Returns: \li #ISC_R_SUCCESS -- all is well \li #ISC_R_NOSPACE -- output buffer is too small / isc_result_t dns_message_renderchangebuffer(dns_message_t msg, isc_buffer_t buffer); /%< * Reset the buffer. This can be used after growing the old buffer * on a ISC_R_NOSPACE return from most of the render functions. * * On successful completion, the old buffer is no longer used by the * library. The new buffer is owned by the library until * dns_message_renderend() is called. * * Requires: * \li 'msg' be valid. \li dns_message_renderbegin() was called. \li buffer != NULL. * Returns: \li #ISC_R_NOSPACE -- new buffer is too small \li #ISC_R_SUCCESS -- all is well. / isc_result_t dns_message_renderreserve(dns_message_t msg, unsigned int space); /%< XXXMLG should use size_t rather than unsigned int once the buffer * API is cleaned up * * Reserve "space" bytes in the given buffer. * * Requires: * \li 'msg' be valid. \li dns_message_renderbegin() was called. * Returns: \li #ISC_R_SUCCESS -- all is well. \li #ISC_R_NOSPACE -- not enough free space in the buffer. / void dns_message_renderrelease(dns_message_t msg, unsigned int space); /%< XXXMLG should use size_t rather than unsigned int once the buffer * API is cleaned up * * Release "space" bytes in the given buffer that was previously reserved. * * Requires: * \li 'msg' be valid. \li 'space' is less than or equal to the total amount of space reserved via prior calls to dns_message_renderreserve(). * \li dns_message_renderbegin() was called. / isc_result_t dns_message_rendersection(dns_message_t msg, dns_section_t section, unsigned int options); /%< * Render all names, rdatalists, etc from the given section at the * specified priority or higher. * * Requires: \li 'msg' be valid. \li 'section' be a valid section. \li dns_message_renderbegin() was called. * Returns: \li #ISC_R_SUCCESS -- all records were written, and there are no more records for this section. \li #ISC_R_NOSPACE -- Not enough room in the buffer to write all records requested. \li #DNS_R_MOREDATA -- All requested records written, and there are records remaining for this section. / void dns_message_renderheader(dns_message_t msg, isc_buffer_t target); /%< * Render the message header. This is implicitly called by * dns_message_renderend(). * * Requires: * \li 'msg' be a valid message. \li dns_message_renderbegin() was called. \li 'target' is a valid buffer with enough space to hold a message header / isc_result_t dns_message_renderend(dns_message_t msg); /%< * Finish rendering to the buffer. Note that more data can be in the * 'msg' structure. Destroying the structure will free this, or in a multi- * part EDNS1 message this data can be rendered to another buffer later. * * Requires: * \li 'msg' be a valid message. \li dns_message_renderbegin() was called. * Returns: \li #ISC_R_SUCCESS -- all is well. / void dns_message_renderreset(dns_message_t msg); /%< * Reset the message so that it may be rendered again. * * Notes: * \li If dns_message_renderbegin() has been called, dns_message_renderend() must be called before calling this function. * * Requires: * \li 'msg' be a valid message with rendering intent. / isc_result_t dns_message_firstname(dns_message_t msg, dns_section_t section); /%< * Set internal per-section name pointer to the beginning of the section. * * The functions dns_message_firstname() and dns_message_nextname() may * be used for iterating over the owner names in a section. * * Requires: * \li 'msg' be valid. \li 'section' be a valid section. * Returns: \li #ISC_R_SUCCESS -- All is well. \li #ISC_R_NOMORE -- No names on given section. / isc_result_t dns_message_nextname(dns_message_t msg, dns_section_t section); /%< Sets the internal per-section name pointer to point to the next name * in that section. * * Requires: * * \li 'msg' be valid. * \li 'section' be a valid section. \li dns_message_firstname() must have been called on this section, and the result was ISC_R_SUCCESS. * * Returns: \li #ISC_R_SUCCESS -- All is well. \li #ISC_R_NOMORE -- No more names in given section. / void dns_message_currentname(dns_message_t msg, dns_section_t section, dns_name_t *name); /%< * Sets 'name' to point to the name where the per-section internal name * pointer is currently set. * * This function returns the name in the database, so any data associated * with it (via the name's "list" member) contains the actual rdatasets. * * Requires: * \li 'msg' be valid. \li 'name' be non-NULL, and name be NULL. * \li 'section' be a valid section. \li dns_message_firstname() must have been called on this section, and the result of it and any dns_message_nextname() calls was * #ISC_R_SUCCESS. / isc_result_t dns_message_findname(dns_message_t msg, dns_section_t section, const dns_name_t target, dns_rdatatype_t type, dns_rdatatype_t covers, dns_name_t foundname, dns_rdataset_t rdataset); /%< * Search for a name in the specified section. If it is found, name is set to point to the name, and rdataset is set to point to the found rdataset (if type is specified as other than dns_rdatatype_any). * * Requires: \li 'msg' be valid. \li 'section' be a valid section. \li If a pointer to the name is desired, 'foundname' should be non-NULL. If it is non-NULL, 'foundname' MUST be NULL. \li If a type other than dns_datatype_any is searched for, 'rdataset' may be non-NULL, 'rdataset' be NULL, and will point at the found rdataset. If the type is dns_datatype_any, 'rdataset' must be NULL. * \li 'target' be a valid name. \li 'type' be a valid type. \li If 'type' is dns_rdatatype_rrsig, 'covers' must be a valid type. Otherwise it should be 0. * * Returns: \li #ISC_R_SUCCESS -- all is well. \li #DNS_R_NXDOMAIN -- name does not exist in that section. \li #DNS_R_NXRRSET -- The name does exist, but the desired type does not. / isc_result_t dns_message_findtype(const dns_name_t name, dns_rdatatype_t type, dns_rdatatype_t covers, dns_rdataset_t *rdataset); /%< * Search the name for the specified type. If it is found, rdataset is filled in with a pointer to that rdataset. * * Requires: \li if 'rdataset' is non-NULL, rdataset needs to be NULL. * \li 'type' be a valid type, and NOT dns_rdatatype_any. \li If 'type' is dns_rdatatype_rrsig, 'covers' must be a valid type. Otherwise it should be 0. * * Returns: \li #ISC_R_SUCCESS -- all is well. \li #ISC_R_NOTFOUND -- the desired type does not exist. / void dns_message_addname(dns_message_t msg, dns_name_t name, dns_section_t section); /%< * Adds the name to the given section. * * It is the caller's responsibility to enforce any unique name requirements * in a section. * * Requires: * \li 'msg' be valid, and be a renderable message. \li 'name' be a valid absolute name. \li 'section' be a named section. / void dns_message_removename(dns_message_t msg, dns_name_t name, dns_section_t section); /%< Remove a existing name from a given section. * * It is the caller's responsibility to ensure the name is part of the * given section. * * Requires: * \li 'msg' be valid, and be a renderable message. \li 'name' be a valid absolute name. \li 'section' be a named section. / /* * LOANOUT FUNCTIONS * * Each of these functions loan a particular type of data to the caller. * The storage for these will vanish when the message is destroyed or * reset, and must NOT be used after these operations. / isc_result_t dns_message_gettempname(dns_message_t msg, dns_name_t *item); /%< * Return a name that can be used for any temporary purpose, including * inserting into the message's linked lists. The name must be returned * to the message code using dns_message_puttempname() or inserted into * one of the message's sections before the message is destroyed. * * The name will be associated with a dns_fixedname object, and will * be initialized. * * Requires: \li msg be a valid message \li item != NULL && item == NULL * * Returns: \li #ISC_R_SUCCESS -- All is well. \li #ISC_R_NOMEMORY -- No item can be allocated. / isc_result_t dns_message_gettemprdata(dns_message_t msg, dns_rdata_t *item); /%< * Return a rdata that can be used for any temporary purpose, including * inserting into the message's linked lists. The rdata will be freed * when the message is destroyed or reset. * * Requires: \li msg be a valid message \li item != NULL && item == NULL * * Returns: \li #ISC_R_SUCCESS -- All is well. \li #ISC_R_NOMEMORY -- No item can be allocated. / isc_result_t dns_message_gettemprdataset(dns_message_t msg, dns_rdataset_t *item); /%< * Return a rdataset that can be used for any temporary purpose, including * inserting into the message's linked lists. The name must be returned * to the message code using dns_message_puttempname() or inserted into * one of the message's sections before the message is destroyed. * * Requires: \li msg be a valid message \li item != NULL && item == NULL * * Returns: \li #ISC_R_SUCCESS -- All is well. \li #ISC_R_NOMEMORY -- No item can be allocated. / isc_result_t dns_message_gettemprdatalist(dns_message_t msg, dns_rdatalist_t *item); /%< * Return a rdatalist that can be used for any temporary purpose, including * inserting into the message's linked lists. The rdatalist will be * destroyed when the message is destroyed or reset. * * Requires: \li msg be a valid message \li item != NULL && item == NULL * * Returns: \li #ISC_R_SUCCESS -- All is well. \li #ISC_R_NOMEMORY -- No item can be allocated. / void dns_message_puttempname(dns_message_t msg, dns_name_t *item); /%< * Return a borrowed name to the message's name free list. * * Requires: \li msg be a valid message \li item != NULL && item point to a name returned by * dns_message_gettempname() * * Ensures: \li item == NULL / void dns_message_puttemprdata(dns_message_t msg, dns_rdata_t *item); /%< * Return a borrowed rdata to the message's rdata free list. * * Requires: \li msg be a valid message \li item != NULL && item point to a rdata returned by * dns_message_gettemprdata() * * Ensures: \li item == NULL / void dns_message_puttemprdataset(dns_message_t msg, dns_rdataset_t *item); /%< * Return a borrowed rdataset to the message's rdataset free list. * * Requires: \li msg be a valid message \li item != NULL && item point to a rdataset returned by * dns_message_gettemprdataset() * * Ensures: \li item == NULL / void dns_message_puttemprdatalist(dns_message_t msg, dns_rdatalist_t *item); /%< * Return a borrowed rdatalist to the message's rdatalist free list. * * Requires: \li msg be a valid message \li item != NULL && item point to a rdatalist returned by * dns_message_gettemprdatalist() * * Ensures: \li item == NULL / isc_result_t dns_message_peekheader(isc_buffer_t source, dns_messageid_t idp, unsigned int flagsp); /%< Assume the remaining region of "source" is a DNS message. Peek into * it and fill in "idp" with the message id, and "flagsp" with the flags. * * Requires: * \li source != NULL * Ensures: * \li if (idp != NULL) idp == message id. * \li if (flagsp != NULL) flagsp == message flags. * * Returns: * \li #ISC_R_SUCCESS -- all is well. \li #ISC_R_UNEXPECTEDEND -- buffer doesn't contain enough for a header. / isc_result_t dns_message_reply(dns_message_t msg, bool want_question_section); /%< * Start formatting a reply to the query in 'msg'. * * Requires: * \li 'msg' is a valid message with parsing intent, and contains a query. * Ensures: * \li The message will have a rendering intent. If 'want_question_section' is true, the message opcode is query or notify, and the question * section is present and properly formatted, then the question section * will be included in the reply. All other sections will be cleared. * The QR flag will be set, the RD flag will be preserved, and all other * flags will be cleared. * * Returns: * \li #ISC_R_SUCCESS -- all is well. \li #DNS_R_FORMERR -- the header or question section of the message is invalid, replying is impossible. * If DNS_R_FORMERR is returned when * want_question_section is false, then * it's the header section that's bad; * otherwise either of the header or question * sections may be bad. / dns_rdataset_t dns_message_getopt(dns_message_t msg); /%< * Get the OPT record for 'msg'. * * Requires: * \li 'msg' is a valid message. * Returns: * \li The OPT rdataset of 'msg', or NULL if there isn't one. / isc_result_t dns_message_setopt(dns_message_t msg, dns_rdataset_t opt); /%< Set the OPT record for 'msg'. * * Requires: * \li 'msg' is a valid message with rendering intent and no sections have been rendered. * \li 'opt' is a valid OPT record. * Ensures: * \li The OPT record has either been freed or ownership of it has been transferred to the message. * \li If ISC_R_SUCCESS was returned, the OPT record will be rendered when dns_message_renderend() is called. * * Returns: * \li #ISC_R_SUCCESS -- all is well. \li #ISC_R_NOSPACE -- there is no space for the OPT record. / dns_rdataset_t * dns_message_gettsig(dns_message_t msg, const dns_name_t owner); /%< * Get the TSIG record and owner for 'msg'. * * Requires: * \li 'msg' is a valid message. \li 'owner' is NULL or owner is NULL. * Returns: * \li The TSIG rdataset of 'msg', or NULL if there isn't one. * Ensures: * * \li If 'owner' is not NULL, it will point to the owner name. / isc_result_t dns_message_settsigkey(dns_message_t msg, dns_tsigkey_t key); /%< * Set the tsig key for 'msg'. This is only necessary for when rendering a * query or parsing a response. The key (if non-NULL) is attached to, and * will be detached when the message is destroyed. * * Requires: * \li 'msg' is a valid message with rendering intent, dns_message_renderbegin() has been called, and no sections have been * rendered. \li 'key' is a valid tsig key or NULL. * Returns: * \li #ISC_R_SUCCESS -- all is well. \li #ISC_R_NOSPACE -- there is no space for the TSIG record. / dns_tsigkey_t * dns_message_gettsigkey(dns_message_t msg); /%< * Gets the tsig key for 'msg'. * * Requires: * \li 'msg' is a valid message / isc_result_t dns_message_setquerytsig(dns_message_t msg, isc_buffer_t querytsig); /%< Indicates that 'querytsig' is the TSIG from the signed query for which * 'msg' is the response. This is also used for chained TSIGs in TCP * responses. * * Requires: * \li 'querytsig' is a valid buffer as returned by dns_message_getquerytsig() or NULL * \li 'msg' is a valid message * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY / isc_result_t dns_message_getquerytsig(dns_message_t msg, isc_mem_t mctx, isc_buffer_t querytsig); /%< * Gets the tsig from the TSIG from the signed query 'msg'. This is also used * for chained TSIGs in TCP responses. Unlike dns_message_gettsig, this makes * a copy of the data, so can be used if the message is destroyed. * * Requires: * \li 'msg' is a valid signed message \li 'mctx' is a valid memory context \li querytsig != NULL && querytsig == NULL * * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY * * Ensures: \li 'tsig' points to NULL or an allocated buffer which must be freed by the caller. / dns_rdataset_t dns_message_getsig0(dns_message_t msg, const dns_name_t owner); /%< * Get the SIG(0) record and owner for 'msg'. * * Requires: * \li 'msg' is a valid message. \li 'owner' is NULL or owner is NULL. * Returns: * \li The SIG(0) rdataset of 'msg', or NULL if there isn't one. * Ensures: * * \li If 'owner' is not NULL, it will point to the owner name. / isc_result_t dns_message_setsig0key(dns_message_t msg, dst_key_t key); /%< * Set the SIG(0) key for 'msg'. * * Requires: * \li 'msg' is a valid message with rendering intent, dns_message_renderbegin() has been called, and no sections have been * rendered. \li 'key' is a valid sig key or NULL. * Returns: * \li #ISC_R_SUCCESS -- all is well. \li #ISC_R_NOSPACE -- there is no space for the SIG(0) record. / dst_key_t * dns_message_getsig0key(dns_message_t msg); /%< * Gets the SIG(0) key for 'msg'. * * Requires: * \li 'msg' is a valid message / void dns_message_takebuffer(dns_message_t msg, isc_buffer_t buffer); /%< * Give the buffer to the message code to clean up when it is no longer needed. This is usually when the message is reset or * destroyed. * * Requires: * \li msg be a valid message. \li buffer != NULL && buffer is a valid isc_buffer_t, which was * dynamically allocated via isc_buffer_allocate(). / isc_result_t dns_message_signer(dns_message_t msg, dns_name_t signer); /%< * If this message was signed, return the identity of the signer. * Unless ISC_R_NOTFOUND is returned, signer will reflect the name of the * key that signed the message. * * Requires: * \li msg is a valid parsed message. \li signer is a valid name * * Returns: * \li #ISC_R_SUCCESS - the message was signed, and signer * contains the signing identity * \li #ISC_R_NOTFOUND - no TSIG or SIG(0) record is present in the message * \li #DNS_R_TSIGVERIFYFAILURE - the message was signed by a TSIG, but the signature failed to verify * \li #DNS_R_TSIGERRORSET - the message was signed by a TSIG and verified, but the query was rejected by * the server * \li #DNS_R_NOIDENTITY - the message was signed by a TSIG and verified, but the key has no identity since * it was generated by an unsigned TKEY process * \li #DNS_R_SIGINVALID - the message was signed by a SIG(0), but the signature failed to verify * \li #DNS_R_NOTVERIFIEDYET - the message was signed by a TSIG or SIG(0), but the signature has not been verified yet / isc_result_t dns_message_checksig(dns_message_t msg, dns_view_t view); /%< * If this message was signed, verify the signature. * * Requires: * \li msg is a valid parsed message. \li view is a valid view or NULL * * Returns: * \li #ISC_R_SUCCESS - the message was unsigned, or the message was signed correctly. * \li #DNS_R_EXPECTEDTSIG - A TSIG was expected, but not seen \li #DNS_R_UNEXPECTEDTSIG - A TSIG was seen but not expected \li #DNS_R_TSIGVERIFYFAILURE - The TSIG failed to verify / isc_result_t dns_message_rechecksig(dns_message_t msg, dns_view_t view); /%< Reset the signature state and then if the message was signed, * verify the message. * * Requires: * \li msg is a valid parsed message. \li view is a valid view or NULL * * Returns: * \li #ISC_R_SUCCESS - the message was unsigned, or the message was signed correctly. * \li #DNS_R_EXPECTEDTSIG - A TSIG was expected, but not seen \li #DNS_R_UNEXPECTEDTSIG - A TSIG was seen but not expected \li #DNS_R_TSIGVERIFYFAILURE - The TSIG failed to verify / void dns_message_resetsig(dns_message_t msg); /%< * Reset the signature state. * * Requires: \li 'msg' is a valid parsed message. / isc_region_t * dns_message_getrawmessage(dns_message_t msg); /%< * Retrieve the raw message in compressed wire format. The message must * have been successfully parsed for it to have been saved. * * Requires: \li msg is a valid parsed message. * Returns: \li NULL if there is no saved message. a pointer to a region which refers the dns message. / void dns_message_setsortorder(dns_message_t msg, dns_rdatasetorderfunc_t order, dns_aclenv_t env, const dns_acl_t acl, const dns_aclelement_t element); /%< * Define the order in which RR sets get rendered by * dns_message_rendersection() to be the ascending order * defined by the integer value returned by 'order' when * given each RR and a ns_sortlist_arg_t constructed from 'env', * 'acl', and 'element' as arguments. * * If 'order' is NULL, a default order is used. * * Requires: \li msg be a valid message. \li If 'env' is NULL, 'order' must be NULL. \li If 'env' is not NULL, 'order' must not be NULL and at least one of 'acl' and 'element' must also not be NULL. / void dns_message_settimeadjust(dns_message_t msg, int timeadjust); /%< Adjust the time used to sign/verify a message by timeadjust. * Currently only TSIG. * * Requires: \li msg be a valid message. / int dns_message_gettimeadjust(dns_message_t msg); /%< * Return the current time adjustment. * * Requires: \li msg be a valid message. / void dns_message_logpacket(dns_message_t message, const char description, const isc_sockaddr_t address, isc_logcategory_t category, isc_logmodule_t module, int level, isc_mem_t mctx); void dns_message_logfmtpacket(dns_message_t message, const char description, const isc_sockaddr_t address, isc_logcategory_t category, isc_logmodule_t module, const dns_master_style_t style, int level, isc_mem_t mctx); /%< * Log 'message' at the specified logging parameters. * * For dns_message_logpacket and dns_message_logfmtpacket expect the * 'description' to end in a newline. * * For dns_message_logpacket2 and dns_message_logfmtpacket2 * 'description' will be emitted at the start of the message followed * by the formatted address and a newline. * * Requires: * \li message be a valid. * \li description to be non NULL. * \li address to be non NULL. * \li category to be valid. * \li module to be valid. * \li style to be valid. * \li mctx to be a valid. / isc_result_t dns_message_buildopt(dns_message_t msg, dns_rdataset_t *opt, unsigned int version, uint16_t udpsize, unsigned int flags, dns_ednsopt_t ednsopts, size_t count); /%< Built a opt record. * * Requires: * \li msg be a valid message. * \li opt to be a non NULL and opt to be NULL. * Returns: * \li ISC_R_SUCCESS on success. * \li ISC_R_NOMEMORY * \li ISC_R_NOSPACE * \li other. / void dns_message_setclass(dns_message_t msg, dns_rdataclass_t rdclass); /%< Set the expected class of records in the response. * * Requires: * \li msg be a valid message with parsing intent. / void dns_message_setpadding(dns_message_t msg, uint16_t padding); /%< Set the padding block size in the response. * 0 means no padding (default). * * Requires: * \li msg be a valid message. / void dns_message_clonebuffer(dns_message_t msg); /%< Clone the query or saved buffers if they where not cloned * when parsing. * * Requires: * \li msg be a valid message. / bool dns_message_hasdname(dns_message_t msg); /%< Return whether a DNAME was detected in the ANSWER section of a QUERY * message when it was parsed. / ISC_LANG_ENDDECLS ��dns/rrl.h��0000644��00000015457�15125204631�0006313 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_RRL_H #define DNS_RRL_H 1 / * Rate limit DNS responses. / #include <inttypes.h> #include <stdbool.h> #include <isc/lang.h> #include <dns/fixedname.h> #include <dns/rdata.h> #include <dns/types.h> ISC_LANG_BEGINDECLS / * Memory allocation or other failures. / #define DNS_RRL_LOG_FAIL ISC_LOG_WARNING / * dropped or slipped responses. / #define DNS_RRL_LOG_DROP ISC_LOG_INFO / * Major events in dropping or slipping. / #define DNS_RRL_LOG_DEBUG1 ISC_LOG_DEBUG(3) / * Limit computations. / #define DNS_RRL_LOG_DEBUG2 ISC_LOG_DEBUG(4) / * Even less interesting. / #define DNS_RRL_LOG_DEBUG3 ISC_LOG_DEBUG(9) #define DNS_RRL_LOG_ERR_LEN 64 #define DNS_RRL_LOG_BUF_LEN \ (sizeof("would continue limiting") + DNS_RRL_LOG_ERR_LEN + \ sizeof(" responses to ") + ISC_NETADDR_FORMATSIZE + \ sizeof("/128 for IN ") + DNS_RDATATYPE_FORMATSIZE + \ DNS_NAME_FORMATSIZE) typedef struct dns_rrl_hash dns_rrl_hash_t; / * Response types. / typedef enum { DNS_RRL_RTYPE_FREE = 0, DNS_RRL_RTYPE_QUERY, DNS_RRL_RTYPE_REFERRAL, DNS_RRL_RTYPE_NODATA, DNS_RRL_RTYPE_NXDOMAIN, DNS_RRL_RTYPE_ERROR, DNS_RRL_RTYPE_ALL, DNS_RRL_RTYPE_TCP, } dns_rrl_rtype_t; / * A rate limit bucket key. * This should be small to limit the total size of the database. * The hash of the qname should be wide enough to make the probability * of collisions among requests from a single IP address block less than 50%. * We need a 32-bit hash value for 10000 qps (e.g. random qnames forged * by attacker) to collide with legitimate qnames from the target with * probability at most 1%. / #define DNS_RRL_MAX_PREFIX 64 typedef union dns_rrl_key dns_rrl_key_t; struct dns__rrl_key { uint32_t ip[DNS_RRL_MAX_PREFIX / 32]; uint32_t qname_hash; dns_rdatatype_t qtype; uint8_t qclass; unsigned int rtype : 4; / dns_rrl_rtype_t / unsigned int ipv6 : 1; }; union dns_rrl_key { struct dns__rrl_key s; uint16_t w[sizeof(struct dns__rrl_key) / sizeof(uint16_t)]; }; / * A rate-limit entry. * This should be small to limit the total size of the table of entries. / typedef struct dns_rrl_entry dns_rrl_entry_t; typedef ISC_LIST(dns_rrl_entry_t) dns_rrl_bin_t; struct dns_rrl_entry { ISC_LINK(dns_rrl_entry_t) lru; ISC_LINK(dns_rrl_entry_t) hlink; dns_rrl_key_t key; #define DNS_RRL_RESPONSE_BITS 24 signed int responses : DNS_RRL_RESPONSE_BITS; #define DNS_RRL_QNAMES_BITS 8 unsigned int log_qname : DNS_RRL_QNAMES_BITS; #define DNS_RRL_TS_GEN_BITS 2 unsigned int ts_gen : DNS_RRL_TS_GEN_BITS; unsigned int ts_valid : 1; #define DNS_RRL_HASH_GEN_BITS 1 unsigned int hash_gen : DNS_RRL_HASH_GEN_BITS; unsigned int logged : 1; #define DNS_RRL_LOG_BITS 11 unsigned int log_secs : DNS_RRL_LOG_BITS; #define DNS_RRL_TS_BITS 12 unsigned int ts : DNS_RRL_TS_BITS; #define DNS_RRL_MAX_SLIP 10 unsigned int slip_cnt : 4; }; #define DNS_RRL_MAX_TIME_TRAVEL 5 #define DNS_RRL_FOREVER (1 << DNS_RRL_TS_BITS) #define DNS_RRL_MAX_TS (DNS_RRL_FOREVER - 1) #define DNS_RRL_MAX_RESPONSES ((1 << (DNS_RRL_RESPONSE_BITS - 1)) - 1) #define DNS_RRL_MAX_WINDOW 3600 #if DNS_RRL_MAX_WINDOW >= DNS_RRL_MAX_TS #error "DNS_RRL_MAX_WINDOW is too large" #endif / if DNS_RRL_MAX_WINDOW >= DNS_RRL_MAX_TS / #define DNS_RRL_MAX_RATE 1000 #if DNS_RRL_MAX_RATE >= (DNS_RRL_MAX_RESPONSES / DNS_RRL_MAX_WINDOW) #error "DNS_RRL_MAX_rate is too large" #endif / if DNS_RRL_MAX_RATE >= (DNS_RRL_MAX_RESPONSES / DNS_RRL_MAX_WINDOW) \ / #if (1 << DNS_RRL_LOG_BITS) >= DNS_RRL_FOREVER #error DNS_RRL_LOG_BITS is too big #endif / if (1 << DNS_RRL_LOG_BITS) >= DNS_RRL_FOREVER / #define DNS_RRL_MAX_LOG_SECS 1800 #if DNS_RRL_MAX_LOG_SECS >= (1 << DNS_RRL_LOG_BITS) #error "DNS_RRL_MAX_LOG_SECS is too large" #endif / if DNS_RRL_MAX_LOG_SECS >= (1 << DNS_RRL_LOG_BITS) / #define DNS_RRL_STOP_LOG_SECS 60 #if DNS_RRL_STOP_LOG_SECS >= (1 << DNS_RRL_LOG_BITS) #error "DNS_RRL_STOP_LOG_SECS is too large" #endif / if DNS_RRL_STOP_LOG_SECS >= (1 << DNS_RRL_LOG_BITS) / / * A hash table of rate-limit entries. / struct dns_rrl_hash { isc_stdtime_t check_time; unsigned int gen : DNS_RRL_HASH_GEN_BITS; int length; dns_rrl_bin_t bins[1]; }; / * A block of rate-limit entries. / typedef struct dns_rrl_block dns_rrl_block_t; struct dns_rrl_block { ISC_LINK(dns_rrl_block_t) link; int size; dns_rrl_entry_t entries[1]; }; / * A rate limited qname buffer. / typedef struct dns_rrl_qname_buf dns_rrl_qname_buf_t; struct dns_rrl_qname_buf { ISC_LINK(dns_rrl_qname_buf_t) link; const dns_rrl_entry_t e; unsigned int index; dns_fixedname_t qname; }; typedef struct dns_rrl_rate dns_rrl_rate_t; struct dns_rrl_rate { int r; int scaled; const char str; }; / * Per-view query rate limit parameters and a pointer to database. / typedef struct dns_rrl dns_rrl_t; struct dns_rrl { isc_mutex_t lock; isc_mem_t mctx; bool log_only; dns_rrl_rate_t responses_per_second; dns_rrl_rate_t referrals_per_second; dns_rrl_rate_t nodata_per_second; dns_rrl_rate_t nxdomains_per_second; dns_rrl_rate_t errors_per_second; dns_rrl_rate_t all_per_second; dns_rrl_rate_t slip; int window; double qps_scale; int max_entries; dns_acl_t exempt; int num_entries; int qps_responses; isc_stdtime_t qps_time; double qps; unsigned int probes; unsigned int searches; ISC_LIST(dns_rrl_block_t) blocks; ISC_LIST(dns_rrl_entry_t) lru; dns_rrl_hash_t hash; dns_rrl_hash_t old_hash; unsigned int hash_gen; unsigned int ts_gen; #define DNS_RRL_TS_BASES (1 << DNS_RRL_TS_GEN_BITS) isc_stdtime_t ts_bases[DNS_RRL_TS_BASES]; int ipv4_prefixlen; uint32_t ipv4_mask; int ipv6_prefixlen; uint32_t ipv6_mask[4]; isc_stdtime_t log_stops_time; dns_rrl_entry_t last_logged; int num_logged; int num_qnames; ISC_LIST(dns_rrl_qname_buf_t) qname_free; #define DNS_RRL_QNAMES (1 << DNS_RRL_QNAMES_BITS) dns_rrl_qname_buf_t qnames[DNS_RRL_QNAMES]; }; typedef enum { DNS_RRL_RESULT_OK, DNS_RRL_RESULT_DROP, DNS_RRL_RESULT_SLIP, } dns_rrl_result_t; dns_rrl_result_t dns_rrl(dns_view_t view, const isc_sockaddr_t client_addr, bool is_tcp, dns_rdataclass_t rdclass, dns_rdatatype_t qtype, const dns_name_t qname, isc_result_t resp_result, isc_stdtime_t now, bool wouldlog, char log_buf, unsigned int log_buf_len); void dns_rrl_view_destroy(dns_view_t view); isc_result_t dns_rrl_init(dns_rrl_t *rrlp, dns_view_t view, int min_entries); ISC_LANG_ENDDECLS #endif /* DNS_RRL_H / ��dns/opcode.h��0000644��00000001756�15125204631�0006762 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_OPCODE_H #define DNS_OPCODE_H 1 /! \file dns/opcode.h / #include <isc/lang.h> #include <dns/types.h> ISC_LANG_BEGINDECLS isc_result_t dns_opcode_totext(dns_opcode_t opcode, isc_buffer_t target); /%< Put a textual representation of error 'opcode' into 'target'. * * Requires: \li 'opcode' is a valid opcode. \li 'target' is a valid text buffer. * Ensures: \li If the result is success: The used space in 'target' is updated. * * Returns: \li #ISC_R_SUCCESS on success \li #ISC_R_NOSPACE target buffer is too small / ISC_LANG_ENDDECLS #endif / DNS_OPCODE_H / ��dns/timer.h��0000644��00000002032�15125204631�0006615 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_TIMER_H #define DNS_TIMER_H 1 /! \file dns/timer.h / / * Imports */ #include <stdbool.h> #include <isc/buffer.h> #include <isc/lang.h> ISC_LANG_BEGINDECLS /* * Functions / isc_result_t dns_timer_setidle(isc_timer_t timer, unsigned int maxtime, unsigned int idletime, bool purge); /%< Convenience function for setting up simple, one-second-granularity * idle timers as used by zone transfers. * \brief * Set the timer 'timer' to go off after 'idletime' seconds of inactivity, * or after 'maxtime' at the very latest. Events are purged iff * 'purge' is true. / ISC_LANG_ENDDECLS #endif / DNS_TIMER_H / ��dns/keyflags.h��0000644��00000002375�15125204631�0007314 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_KEYFLAGS_H #define DNS_KEYFLAGS_H 1 /! \file dns/keyflags.h / #include <isc/lang.h> #include <dns/types.h> ISC_LANG_BEGINDECLS isc_result_t dns_keyflags_fromtext(dns_keyflags_t flagsp, isc_textregion_t source); /%< * Convert the text 'source' refers to into a DNSSEC KEY flags value. * The text may contain either a set of flag mnemonics separated by * vertical bars or a decimal flags value. For compatibility with * older versions of BIND and the DNSSEC signer, octal values * prefixed with a zero and hexadecimal values prefixed with "0x" * are also accepted. * * Requires: \li 'flagsp' is a valid pointer. \li 'source' is a valid text region. * Returns: \li ISC_R_SUCCESS on success \li ISC_R_RANGE numeric flag value is out of range \li DNS_R_UNKNOWN mnemonic flag is unknown / ISC_LANG_ENDDECLS #endif /* DNS_KEYFLAGS_H / ��dns/types.h��0000644��00000034302�15125204631�0006646 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_TYPES_H #define DNS_TYPES_H 1 /! \file dns/types.h * \brief * Including this file gives you type declarations suitable for use in * .h files, which lets us avoid circular type reference problems. * \brief * To actually use a type or get declarations of its methods, you must * include the appropriate .h file too. / #include <inttypes.h> #include <stdbool.h> #include <stdio.h> #include <isc/types.h> typedef struct dns_acl dns_acl_t; typedef struct dns_aclelement dns_aclelement_t; typedef struct dns_aclenv dns_aclenv_t; typedef struct dns_adb dns_adb_t; typedef struct dns_adbaddrinfo dns_adbaddrinfo_t; typedef ISC_LIST(dns_adbaddrinfo_t) dns_adbaddrinfolist_t; typedef struct dns_adbentry dns_adbentry_t; typedef struct dns_adbfind dns_adbfind_t; typedef ISC_LIST(dns_adbfind_t) dns_adbfindlist_t; typedef struct dns_badcache dns_badcache_t; typedef struct dns_byaddr dns_byaddr_t; typedef struct dns_catz_zonemodmethods dns_catz_zonemodmethods_t; typedef struct dns_catz_entry_options dns_catz_options_t; typedef struct dns_catz_entry dns_catz_entry_t; typedef struct dns_catz_zone dns_catz_zone_t; typedef struct dns_catz_changed dns_catz_changed_t; typedef struct dns_catz_zones dns_catz_zones_t; typedef struct dns_client dns_client_t; typedef void dns_clientrestrans_t; typedef void dns_clientreqtrans_t; typedef void dns_clientupdatetrans_t; typedef struct dns_cache dns_cache_t; typedef uint16_t dns_cert_t; typedef struct dns_compress dns_compress_t; typedef struct dns_db dns_db_t; typedef struct dns_dbimplementation dns_dbimplementation_t; typedef struct dns_dbiterator dns_dbiterator_t; typedef void dns_dbload_t; typedef void dns_dbnode_t; typedef struct dns_dbonupdatelistener dns_dbonupdatelistener_t; typedef struct dns_dbtable dns_dbtable_t; typedef void dns_dbversion_t; typedef struct dns_dlzimplementation dns_dlzimplementation_t; typedef struct dns_dlzdb dns_dlzdb_t; typedef ISC_LIST(dns_dlzdb_t) dns_dlzdblist_t; typedef struct dns_dyndbctx dns_dyndbctx_t; typedef struct dns_sdlzimplementation dns_sdlzimplementation_t; typedef struct dns_decompress dns_decompress_t; typedef struct dns_dispatch dns_dispatch_t; typedef struct dns_dispatchevent dns_dispatchevent_t; typedef struct dns_dispatchlist dns_dispatchlist_t; typedef struct dns_dispatchset dns_dispatchset_t; typedef struct dns_dispatchmgr dns_dispatchmgr_t; typedef struct dns_dispentry dns_dispentry_t; typedef struct dns_dns64 dns_dns64_t; typedef ISC_LIST(dns_dns64_t) dns_dns64list_t; typedef struct dns_dnsseckey dns_dnsseckey_t; typedef ISC_LIST(dns_dnsseckey_t) dns_dnsseckeylist_t; typedef uint8_t dns_dsdigest_t; typedef struct dns_dtdata dns_dtdata_t; typedef struct dns_dtenv dns_dtenv_t; typedef struct dns_dtmsg dns_dtmsg_t; typedef uint16_t dns_dtmsgtype_t; typedef struct dns_dumpctx dns_dumpctx_t; typedef struct dns_ecs dns_ecs_t; typedef struct dns_ednsopt dns_ednsopt_t; typedef struct dns_fetch dns_fetch_t; typedef struct dns_fixedname dns_fixedname_t; typedef struct dns_forwarders dns_forwarders_t; typedef struct dns_forwarder dns_forwarder_t; typedef struct dns_fwdtable dns_fwdtable_t; typedef struct dns_geoip_databases dns_geoip_databases_t; typedef struct dns_iptable dns_iptable_t; typedef uint32_t dns_iterations_t; typedef struct dns_kasp dns_kasp_t; typedef ISC_LIST(dns_kasp_t) dns_kasplist_t; typedef struct dns_kasp_key dns_kasp_key_t; typedef ISC_LIST(dns_kasp_key_t) dns_kasp_keylist_t; typedef struct dns_kasp_nsec3param dns_kasp_nsec3param_t; typedef uint16_t dns_keyflags_t; typedef struct dns_keynode dns_keynode_t; typedef ISC_LIST(dns_keynode_t) dns_keynodelist_t; typedef struct dns_keytable dns_keytable_t; typedef uint16_t dns_keytag_t; typedef struct dns_loadctx dns_loadctx_t; typedef struct dns_loadmgr dns_loadmgr_t; typedef struct dns_masterrawheader dns_masterrawheader_t; typedef uint64_t dns_masterstyle_flags_t; typedef struct dns_message dns_message_t; typedef uint16_t dns_messageid_t; typedef isc_region_t dns_label_t; typedef struct dns_lookup dns_lookup_t; typedef struct dns_name dns_name_t; typedef ISC_LIST(dns_name_t) dns_namelist_t; typedef struct dns_nta dns_nta_t; typedef struct dns_ntatable dns_ntatable_t; typedef uint16_t dns_opcode_t; typedef unsigned char dns_offsets_t[128]; typedef struct dns_order dns_order_t; typedef struct dns_peer dns_peer_t; typedef struct dns_peerlist dns_peerlist_t; typedef struct dns_portlist dns_portlist_t; typedef struct dns_rbt dns_rbt_t; typedef uint16_t dns_rcode_t; typedef struct dns_rdata dns_rdata_t; typedef struct dns_rdatacallbacks dns_rdatacallbacks_t; typedef uint16_t dns_rdataclass_t; typedef struct dns_rdatalist dns_rdatalist_t; typedef struct dns_rdataset dns_rdataset_t; typedef ISC_LIST(dns_rdataset_t) dns_rdatasetlist_t; typedef struct dns_rdatasetiter dns_rdatasetiter_t; typedef uint16_t dns_rdatatype_t; typedef struct dns_request dns_request_t; typedef struct dns_requestmgr dns_requestmgr_t; typedef struct dns_resolver dns_resolver_t; typedef struct dns_sdbimplementation dns_sdbimplementation_t; typedef uint8_t dns_secalg_t; typedef uint8_t dns_secproto_t; typedef struct dns_signature dns_signature_t; typedef struct dns_sortlist_arg dns_sortlist_arg_t; typedef struct dns_ssurule dns_ssurule_t; typedef struct dns_ssutable dns_ssutable_t; typedef struct dns_stats dns_stats_t; typedef uint32_t dns_rdatastatstype_t; typedef struct dns_tkeyctx dns_tkeyctx_t; typedef uint16_t dns_trust_t; typedef struct dns_tsec dns_tsec_t; typedef struct dns_tsig_keyring dns_tsig_keyring_t; typedef struct dns_tsigkey dns_tsigkey_t; typedef uint32_t dns_ttl_t; typedef struct dns_update_state dns_update_state_t; typedef struct dns_validator dns_validator_t; typedef struct dns_view dns_view_t; typedef ISC_LIST(dns_view_t) dns_viewlist_t; typedef struct dns_zone dns_zone_t; typedef ISC_LIST(dns_zone_t) dns_zonelist_t; typedef struct dns_zonemgr dns_zonemgr_t; typedef struct dns_zt dns_zt_t; typedef struct dns_ipkeylist dns_ipkeylist_t; / * If we are not using GSSAPI, define the types we use as opaque types here. / #ifndef GSSAPI typedef struct not_defined_gss_cred_id gss_cred_id_t; typedef struct not_defined_gss_ctx gss_ctx_id_t; #endif / ifndef GSSAPI / typedef struct dst_gssapi_signverifyctx dst_gssapi_signverifyctx_t; typedef enum { dns_hash_sha1 = 1 } dns_hash_t; typedef enum { dns_fwdpolicy_none = 0, dns_fwdpolicy_first = 1, dns_fwdpolicy_only = 2 } dns_fwdpolicy_t; typedef enum { dns_namereln_none = 0, dns_namereln_contains = 1, dns_namereln_subdomain = 2, dns_namereln_equal = 3, dns_namereln_commonancestor = 4 } dns_namereln_t; typedef enum { dns_one_answer, dns_many_answers } dns_transfer_format_t; typedef enum { dns_dbtype_zone = 0, dns_dbtype_cache = 1, dns_dbtype_stub = 3 } dns_dbtype_t; typedef enum { dns_notifytype_no = 0, dns_notifytype_yes = 1, dns_notifytype_explicit = 2, dns_notifytype_masteronly = 3 } dns_notifytype_t; typedef enum { dns_minimal_no = 0, dns_minimal_yes = 1, dns_minimal_noauth = 2, dns_minimal_noauthrec = 3 } dns_minimaltype_t; typedef enum { dns_dialuptype_no = 0, dns_dialuptype_yes = 1, dns_dialuptype_notify = 2, dns_dialuptype_notifypassive = 3, dns_dialuptype_refresh = 4, dns_dialuptype_passive = 5 } dns_dialuptype_t; typedef enum { dns_masterformat_none = 0, dns_masterformat_text = 1, dns_masterformat_raw = 2, dns_masterformat_map = 3 } dns_masterformat_t; / * These are generated by gen.c. / #include <dns/enumclass.h> / Provides dns_rdataclass_t. / #include <dns/enumtype.h> / Provides dns_rdatatype_t. / /% * rcodes. / enum { / * Standard rcodes. / dns_rcode_noerror = 0, #define dns_rcode_noerror ((dns_rcode_t)dns_rcode_noerror) dns_rcode_formerr = 1, #define dns_rcode_formerr ((dns_rcode_t)dns_rcode_formerr) dns_rcode_servfail = 2, #define dns_rcode_servfail ((dns_rcode_t)dns_rcode_servfail) dns_rcode_nxdomain = 3, #define dns_rcode_nxdomain ((dns_rcode_t)dns_rcode_nxdomain) dns_rcode_notimp = 4, #define dns_rcode_notimp ((dns_rcode_t)dns_rcode_notimp) dns_rcode_refused = 5, #define dns_rcode_refused ((dns_rcode_t)dns_rcode_refused) dns_rcode_yxdomain = 6, #define dns_rcode_yxdomain ((dns_rcode_t)dns_rcode_yxdomain) dns_rcode_yxrrset = 7, #define dns_rcode_yxrrset ((dns_rcode_t)dns_rcode_yxrrset) dns_rcode_nxrrset = 8, #define dns_rcode_nxrrset ((dns_rcode_t)dns_rcode_nxrrset) dns_rcode_notauth = 9, #define dns_rcode_notauth ((dns_rcode_t)dns_rcode_notauth) dns_rcode_notzone = 10, #define dns_rcode_notzone ((dns_rcode_t)dns_rcode_notzone) / * Extended rcodes. / dns_rcode_badvers = 16, #define dns_rcode_badvers ((dns_rcode_t)dns_rcode_badvers) dns_rcode_badcookie = 23 #define dns_rcode_badcookie ((dns_rcode_t)dns_rcode_badcookie) / * Update dns_rcodestats_create() and dns_rcodestats_increment() and this comment if a rcode > dns_rcode_badcookie is assigned. / /* Private space [3841..4095] / }; /% * TSIG errors. / enum { dns_tsigerror_badsig = 16, dns_tsigerror_badkey = 17, dns_tsigerror_badtime = 18, dns_tsigerror_badmode = 19, dns_tsigerror_badname = 20, dns_tsigerror_badalg = 21, dns_tsigerror_badtrunc = 22 }; /% * Opcodes. / enum { dns_opcode_query = 0, #define dns_opcode_query ((dns_opcode_t)dns_opcode_query) dns_opcode_iquery = 1, #define dns_opcode_iquery ((dns_opcode_t)dns_opcode_iquery) dns_opcode_status = 2, #define dns_opcode_status ((dns_opcode_t)dns_opcode_status) dns_opcode_notify = 4, #define dns_opcode_notify ((dns_opcode_t)dns_opcode_notify) dns_opcode_update = 5 / dynamic update / #define dns_opcode_update ((dns_opcode_t)dns_opcode_update) }; /% * Trust levels. Must be kept in sync with trustnames[] in masterdump.c. / enum { / Sentinel value; no data should have this trust level. / dns_trust_none = 0, #define dns_trust_none ((dns_trust_t)dns_trust_none) /% * Subject to DNSSEC validation but has not yet been validated * dns_trust_pending_additional (from the additional section). / dns_trust_pending_additional = 1, #define dns_trust_pending_additional ((dns_trust_t)dns_trust_pending_additional) dns_trust_pending_answer = 2, #define dns_trust_pending_answer ((dns_trust_t)dns_trust_pending_answer) /% Received in the additional section of a response. / dns_trust_additional = 3, #define dns_trust_additional ((dns_trust_t)dns_trust_additional) / Received in a referral response. / dns_trust_glue = 4, #define dns_trust_glue ((dns_trust_t)dns_trust_glue) / Answer from a non-authoritative server / dns_trust_answer = 5, #define dns_trust_answer ((dns_trust_t)dns_trust_answer) / Received in the authority section as part of an * authoritative response / dns_trust_authauthority = 6, #define dns_trust_authauthority ((dns_trust_t)dns_trust_authauthority) / Answer from an authoritative server / dns_trust_authanswer = 7, #define dns_trust_authanswer ((dns_trust_t)dns_trust_authanswer) / Successfully DNSSEC validated / dns_trust_secure = 8, #define dns_trust_secure ((dns_trust_t)dns_trust_secure) / This server is authoritative / dns_trust_ultimate = 9 #define dns_trust_ultimate ((dns_trust_t)dns_trust_ultimate) }; #define DNS_TRUST_PENDING(x) \ ((x) == dns_trust_pending_answer \|\| (x) == dns_trust_pending_additional) #define DNS_TRUST_ADDITIONAL(x) \ ((x) == dns_trust_additional \|\| (x) == dns_trust_pending_additional) #define DNS_TRUST_GLUE(x) ((x) == dns_trust_glue) #define DNS_TRUST_ANSWER(x) ((x) == dns_trust_answer) /% * Name checking severities. / typedef enum { dns_severity_ignore, dns_severity_warn, dns_severity_fail } dns_severity_t; /% * DNS Serial Number Update Method. * * \li _none: Keep the current serial. * \li _increment: Add one to the current serial, skipping 0. * \li _unixtime: Set to the seconds since 00:00 Jan 1, 1970, * if possible. * \li _date: Set to today's date in YYYYMMDDVV format: * (Year, Month, Day, Version) / typedef enum { dns_updatemethod_none = 0, dns_updatemethod_increment, dns_updatemethod_unixtime, dns_updatemethod_date } dns_updatemethod_t; typedef enum { dns_stale_answer_no, dns_stale_answer_yes, dns_stale_answer_conf } dns_stale_answer_t; typedef struct { const char string; size_t count; } dns_indent_t; /* * Functions. / typedef void (dns_dumpdonefunc_t)(void , isc_result_t); typedef void (dns_loaddonefunc_t)(void , isc_result_t); typedef void (dns_rawdatafunc_t)(dns_zone_t , dns_masterrawheader_t ); typedef isc_result_t (dns_addrdatasetfunc_t)(void , const dns_name_t , dns_rdataset_t ); typedef isc_result_t (dns_additionaldatafunc_t)(void , const dns_name_t , dns_rdatatype_t); typedef isc_result_t (dns_digestfunc_t)(void , isc_region_t ); typedef void (dns_xfrindone_t)(dns_zone_t , isc_result_t); typedef void (dns_updatecallback_t)(void , isc_result_t, dns_message_t ); typedef int (dns_rdatasetorderfunc_t)(const dns_rdata_t , const void ); typedef bool (dns_checkmxfunc_t)(dns_zone_t , const dns_name_t , const dns_name_t ); typedef bool (dns_checksrvfunc_t)(dns_zone_t , const dns_name_t , const dns_name_t ); typedef bool (dns_checknsfunc_t)(dns_zone_t , const dns_name_t , const dns_name_t , dns_rdataset_t , dns_rdataset_t ); typedef bool (dns_isselffunc_t)(dns_view_t , dns_tsigkey_t , const isc_sockaddr_t , const isc_sockaddr_t , dns_rdataclass_t, void ); typedef isc_result_t (dns_deserializefunc_t)(void , FILE , off_t); typedef void (dns_nseclog_t)(void val, int, const char , ...); #endif /* DNS_TYPES_H / ��dns/peer.h��0000644��00000014513�15125204631�0006437 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_PEER_H #define DNS_PEER_H 1 /** * Module Info **/ /! \file dns/peer.h * \brief * Data structures for peers (e.g. a 'server' config file statement) / / * Imports */ #include <inttypes.h> #include <stdbool.h> #include <isc/lang.h> #include <isc/magic.h> #include <isc/netaddr.h> #include <isc/refcount.h> #include <dns/types.h> #define DNS_PEERLIST_MAGIC ISC_MAGIC('s', 'e', 'R', 'L') #define DNS_PEER_MAGIC ISC_MAGIC('S', 'E', 'r', 'v') #define DNS_PEERLIST_VALID(ptr) ISC_MAGIC_VALID(ptr, DNS_PEERLIST_MAGIC) #define DNS_PEER_VALID(ptr) ISC_MAGIC_VALID(ptr, DNS_PEER_MAGIC) /* * Types / struct dns_peerlist { unsigned int magic; isc_refcount_t refs; isc_mem_t mem; ISC_LIST(dns_peer_t) elements; }; struct dns_peer { unsigned int magic; isc_refcount_t refs; isc_mem_t mem; isc_netaddr_t address; unsigned int prefixlen; bool bogus; dns_transfer_format_t transfer_format; uint32_t transfers; bool support_ixfr; bool provide_ixfr; bool request_ixfr; bool support_edns; bool request_nsid; bool send_cookie; bool request_expire; bool force_tcp; bool tcp_keepalive; dns_name_t key; isc_sockaddr_t transfer_source; isc_dscp_t transfer_dscp; isc_sockaddr_t notify_source; isc_dscp_t notify_dscp; isc_sockaddr_t query_source; isc_dscp_t query_dscp; uint16_t udpsize; / receive size / uint16_t maxudp; / transmit size / uint16_t padding; / pad block size / uint8_t ednsversion; / edns version / uint32_t bitflags; ISC_LINK(dns_peer_t) next; }; / * Functions **/ ISC_LANG_BEGINDECLS isc_result_t dns_peerlist_new(isc_mem_t mem, dns_peerlist_t *list); void dns_peerlist_attach(dns_peerlist_t source, dns_peerlist_t target); void dns_peerlist_detach(dns_peerlist_t list); /* * After return caller still holds a reference to peer. / void dns_peerlist_addpeer(dns_peerlist_t peers, dns_peer_t peer); / * Ditto. / isc_result_t dns_peerlist_peerbyaddr(dns_peerlist_t peers, const isc_netaddr_t addr, dns_peer_t retval); / * What he said. / isc_result_t dns_peerlist_currpeer(dns_peerlist_t peers, dns_peer_t *retval); isc_result_t dns_peer_new(isc_mem_t mem, const isc_netaddr_t ipaddr, dns_peer_t peer); isc_result_t dns_peer_newprefix(isc_mem_t mem, const isc_netaddr_t ipaddr, unsigned int prefixlen, dns_peer_t peer); void dns_peer_attach(dns_peer_t source, dns_peer_t target); void dns_peer_detach(dns_peer_t list); isc_result_t dns_peer_setbogus(dns_peer_t peer, bool newval); isc_result_t dns_peer_getbogus(dns_peer_t peer, bool retval); isc_result_t dns_peer_setrequestixfr(dns_peer_t peer, bool newval); isc_result_t dns_peer_getrequestixfr(dns_peer_t peer, bool retval); isc_result_t dns_peer_setprovideixfr(dns_peer_t peer, bool newval); isc_result_t dns_peer_getprovideixfr(dns_peer_t peer, bool retval); isc_result_t dns_peer_setrequestnsid(dns_peer_t peer, bool newval); isc_result_t dns_peer_getrequestnsid(dns_peer_t peer, bool retval); isc_result_t dns_peer_setsendcookie(dns_peer_t peer, bool newval); isc_result_t dns_peer_getsendcookie(dns_peer_t peer, bool retval); isc_result_t dns_peer_setrequestexpire(dns_peer_t peer, bool newval); isc_result_t dns_peer_getrequestexpire(dns_peer_t peer, bool retval); isc_result_t dns_peer_setsupportedns(dns_peer_t peer, bool newval); isc_result_t dns_peer_getforcetcp(dns_peer_t peer, bool retval); isc_result_t dns_peer_setforcetcp(dns_peer_t peer, bool newval); isc_result_t dns_peer_gettcpkeepalive(dns_peer_t peer, bool retval); isc_result_t dns_peer_settcpkeepalive(dns_peer_t peer, bool newval); isc_result_t dns_peer_getsupportedns(dns_peer_t peer, bool retval); isc_result_t dns_peer_settransfers(dns_peer_t peer, uint32_t newval); isc_result_t dns_peer_gettransfers(dns_peer_t peer, uint32_t retval); isc_result_t dns_peer_settransferformat(dns_peer_t peer, dns_transfer_format_t newval); isc_result_t dns_peer_gettransferformat(dns_peer_t peer, dns_transfer_format_t retval); isc_result_t dns_peer_setkeybycharp(dns_peer_t peer, const char keyval); isc_result_t dns_peer_getkey(dns_peer_t peer, dns_name_t *retval); isc_result_t dns_peer_setkey(dns_peer_t peer, dns_name_t *keyval); isc_result_t dns_peer_settransfersource(dns_peer_t peer, const isc_sockaddr_t transfer_source); isc_result_t dns_peer_gettransfersource(dns_peer_t peer, isc_sockaddr_t transfer_source); isc_result_t dns_peer_setudpsize(dns_peer_t peer, uint16_t udpsize); isc_result_t dns_peer_getudpsize(dns_peer_t peer, uint16_t udpsize); isc_result_t dns_peer_setmaxudp(dns_peer_t peer, uint16_t maxudp); isc_result_t dns_peer_getmaxudp(dns_peer_t peer, uint16_t maxudp); isc_result_t dns_peer_setpadding(dns_peer_t peer, uint16_t padding); isc_result_t dns_peer_getpadding(dns_peer_t peer, uint16_t padding); isc_result_t dns_peer_setnotifysource(dns_peer_t peer, const isc_sockaddr_t notify_source); isc_result_t dns_peer_getnotifysource(dns_peer_t peer, isc_sockaddr_t notify_source); isc_result_t dns_peer_setquerysource(dns_peer_t peer, const isc_sockaddr_t query_source); isc_result_t dns_peer_getquerysource(dns_peer_t peer, isc_sockaddr_t query_source); isc_result_t dns_peer_setnotifydscp(dns_peer_t peer, isc_dscp_t dscp); isc_result_t dns_peer_getnotifydscp(dns_peer_t peer, isc_dscp_t dscpp); isc_result_t dns_peer_settransferdscp(dns_peer_t peer, isc_dscp_t dscp); isc_result_t dns_peer_gettransferdscp(dns_peer_t peer, isc_dscp_t dscpp); isc_result_t dns_peer_setquerydscp(dns_peer_t peer, isc_dscp_t dscp); isc_result_t dns_peer_getquerydscp(dns_peer_t peer, isc_dscp_t dscpp); isc_result_t dns_peer_setednsversion(dns_peer_t peer, uint8_t ednsversion); isc_result_t dns_peer_getednsversion(dns_peer_t peer, uint8_t ednsversion); ISC_LANG_ENDDECLS #endif /* DNS_PEER_H / ��dns/lib.h��0000644��00000001741�15125204631�0006251 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_LIB_H #define DNS_LIB_H 1 /! \file dns/lib.h / #include <isc/lang.h> #include <isc/types.h> ISC_LANG_BEGINDECLS /% * Tuning: external query load in packets per seconds. / LIBDNS_EXTERNAL_DATA extern unsigned int dns_pps; isc_result_t dns_lib_init(void); /%< * A set of initialization procedures used in the DNS library. This function * is provided for an application that is not aware of the underlying ISC or * DNS libraries much. / void dns_lib_shutdown(void); /%< * Free temporary resources allocated in dns_lib_init(). / ISC_LANG_ENDDECLS #endif / DNS_LIB_H / ��dns/dbiterator.h��0000644��00000016331�15125204631�0007643 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_DBITERATOR_H #define DNS_DBITERATOR_H 1 /** * Module Info **/ /! \file dns/dbiterator.h * \brief * The DNS DB Iterator interface allows iteration of all of the nodes in a * database. * * The dns_dbiterator_t type is like a "virtual class". To actually use * it, an implementation of the class is required. This implementation is * supplied by the database. * * It is the client's responsibility to call dns_db_detachnode() on all * nodes returned. * * XXX <more> XXX * * MP: \li The iterator itself is not locked. The caller must ensure synchronization. * \li The iterator methods ensure appropriate database locking. * Reliability: \li No anticipated impact. * Resources: \li TBS * Security: \li No anticipated impact. * Standards: \li None. / /*** * Imports */ #include <stdbool.h> #include <isc/lang.h> #include <isc/magic.h> #include <dns/types.h> ISC_LANG_BEGINDECLS /* * Types **/ typedef struct dns_dbiteratormethods { void (destroy)(dns_dbiterator_t *iteratorp); isc_result_t (first)(dns_dbiterator_t iterator); isc_result_t (last)(dns_dbiterator_t iterator); isc_result_t (seek)(dns_dbiterator_t iterator, const dns_name_t name); isc_result_t (prev)(dns_dbiterator_t iterator); isc_result_t (next)(dns_dbiterator_t iterator); isc_result_t (current)(dns_dbiterator_t iterator, dns_dbnode_t *nodep, dns_name_t name); isc_result_t (pause)(dns_dbiterator_t iterator); isc_result_t (origin)(dns_dbiterator_t iterator, dns_name_t name); } dns_dbiteratormethods_t; #define DNS_DBITERATOR_MAGIC ISC_MAGIC('D', 'N', 'S', 'I') #define DNS_DBITERATOR_VALID(dbi) ISC_MAGIC_VALID(dbi, DNS_DBITERATOR_MAGIC) /% * This structure is actually just the common prefix of a DNS db * implementation's version of a dns_dbiterator_t. * * Clients may use the 'db' field of this structure. Except for that field, * direct use of this structure by clients is forbidden. DB implementations * may change the structure. 'magic' must be DNS_DBITERATOR_MAGIC for any of * the dns_dbiterator routines to work. DB iterator implementations must * maintain all DB iterator invariants. / struct dns_dbiterator { / Unlocked. / unsigned int magic; dns_dbiteratormethods_t methods; dns_db_t db; bool relative_names; bool cleaning; }; void dns_dbiterator_destroy(dns_dbiterator_t iteratorp); /%< * Destroy 'iteratorp'. * Requires: * \li 'iteratorp' is a valid iterator. * * Ensures: * \li All resources used by the iterator are freed. \li iteratorp == NULL. / isc_result_t dns_dbiterator_first(dns_dbiterator_t iterator); /%< Move the node cursor to the first node in the database (if any). * * Requires: \li 'iterator' is a valid iterator. * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMORE There are no nodes in the database. * \li Other results are possible, depending on the DB implementation. / isc_result_t dns_dbiterator_last(dns_dbiterator_t iterator); /%< * Move the node cursor to the last node in the database (if any). * * Requires: \li 'iterator' is a valid iterator. * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMORE There are no nodes in the database. * \li Other results are possible, depending on the DB implementation. / isc_result_t dns_dbiterator_seek(dns_dbiterator_t iterator, const dns_name_t name); /%< Move the node cursor to the node with name 'name'. * * Requires: \li 'iterator' is a valid iterator. \li 'name' is a valid name. * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOTFOUND \li #DNS_R_PARTIALMATCH (node is at name above requested named when name has children) * \li Other results are possible, depending on the DB implementation. / isc_result_t dns_dbiterator_prev(dns_dbiterator_t iterator); /%< * Move the node cursor to the previous node in the database (if any). * * Requires: \li 'iterator' is a valid iterator. * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMORE There are no more nodes in the * database. * \li Other results are possible, depending on the DB implementation. / isc_result_t dns_dbiterator_next(dns_dbiterator_t iterator); /%< * Move the node cursor to the next node in the database (if any). * * Requires: \li 'iterator' is a valid iterator. * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMORE There are no more nodes in the * database. * \li Other results are possible, depending on the DB implementation. / isc_result_t dns_dbiterator_current(dns_dbiterator_t iterator, dns_dbnode_t nodep, dns_name_t name); /%< Return the current node. * * Notes: \li If 'name' is not NULL, it will be set to the name of the node. * Requires: \li 'iterator' is a valid iterator. \li nodep != NULL && nodep == NULL * \li The node cursor of 'iterator' is at a valid location (i.e. the result of last call to a cursor movement command was ISC_R_SUCCESS). * \li 'name' is NULL, or is a valid name with a dedicated buffer. * Returns: * \li #ISC_R_SUCCESS \li #DNS_R_NEWORIGIN If this iterator was created * with 'relative_names' set to true, then #DNS_R_NEWORIGIN will be returned when the origin the names are relative to changes. This result can occur only when 'name' is not NULL. This is also a successful result. * \li Other results are possible, depending on the DB implementation. / isc_result_t dns_dbiterator_pause(dns_dbiterator_t iterator); /%< * Pause iteration. * * Calling a cursor movement method or dns_dbiterator_current() may cause * database locks to be acquired. Rather than reacquire these locks every * time one of these routines is called, the locks may simply be held. * Calling dns_dbiterator_pause() releases any such locks. Iterator clients * should call this routine any time they are not going to execute another * iterator method in the immediate future. * * Requires: \li 'iterator' is a valid iterator. * Ensures: \li Any database locks being held for efficiency of iterator access are released. * * Returns: \li #ISC_R_SUCCESS \li Other results are possible, depending on the DB implementation. / isc_result_t dns_dbiterator_origin(dns_dbiterator_t iterator, dns_name_t name); /%< Return the origin to which returned node names are relative. * * Requires: * \li 'iterator' is a valid relative_names iterator. \li 'name' is a valid name with a dedicated buffer. * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_NOSPACE * \li Other results are possible, depending on the DB implementation. / void dns_dbiterator_setcleanmode(dns_dbiterator_t iterator, bool mode); /%< * Indicate that the given iterator is/is not cleaning the DB. * * Notes: \li When 'mode' is true, * Requires: \li 'iterator' is a valid iterator. / ISC_LANG_ENDDECLS #endif /* DNS_DBITERATOR_H / ��dns/db.h��0000644��00000142416�15125204631�0006075 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_DB_H #define DNS_DB_H 1 /** * Module Info **/ /! \file dns/db.h * \brief * The DNS DB interface allows named rdatasets to be stored and retrieved. * * The dns_db_t type is like a "virtual class". To actually use * DBs, an implementation of the class is required. * * XXX more XXX * * MP: * \li The module ensures appropriate synchronization of data structures it * creates and manipulates. * * Reliability: * \li No anticipated impact. * * Resources: * \li TBS * * Security: * \li No anticipated impact. * * Standards: * \li None. / /** * Imports */ #include <inttypes.h> #include <stdbool.h> #include <isc/deprecated.h> #include <isc/lang.h> #include <isc/magic.h> #include <isc/stats.h> #include <isc/stdtime.h> #include <dns/clientinfo.h> #include <dns/fixedname.h> #include <dns/name.h> #include <dns/rdata.h> #include <dns/rdataset.h> #include <dns/types.h> ISC_LANG_BEGINDECLS /* * Types **/ typedef struct dns_dbmethods { void (attach)(dns_db_t source, dns_db_t targetp); void (detach)(dns_db_t *dbp); isc_result_t (beginload)(dns_db_t db, dns_rdatacallbacks_t callbacks); isc_result_t (endload)(dns_db_t db, dns_rdatacallbacks_t callbacks); isc_result_t (serialize)(dns_db_t db, dns_dbversion_t version, FILE file); isc_result_t (dump)(dns_db_t db, dns_dbversion_t version, const char filename, dns_masterformat_t masterformat); void (currentversion)(dns_db_t db, dns_dbversion_t versionp); isc_result_t (newversion)(dns_db_t db, dns_dbversion_t versionp); void (attachversion)(dns_db_t db, dns_dbversion_t source, dns_dbversion_t *targetp); void (closeversion)(dns_db_t db, dns_dbversion_t versionp, bool commit); isc_result_t (findnode)(dns_db_t db, const dns_name_t name, bool create, dns_dbnode_t *nodep); isc_result_t (find)(dns_db_t db, const dns_name_t name, dns_dbversion_t version, dns_rdatatype_t type, unsigned int options, isc_stdtime_t now, dns_dbnode_t nodep, dns_name_t foundname, dns_rdataset_t rdataset, dns_rdataset_t sigrdataset); isc_result_t (findzonecut)(dns_db_t db, const dns_name_t name, unsigned int options, isc_stdtime_t now, dns_dbnode_t nodep, dns_name_t foundname, dns_name_t dcname, dns_rdataset_t rdataset, dns_rdataset_t sigrdataset); void (attachnode)(dns_db_t db, dns_dbnode_t source, dns_dbnode_t *targetp); void (detachnode)(dns_db_t db, dns_dbnode_t targetp); isc_result_t (expirenode)(dns_db_t db, dns_dbnode_t node, isc_stdtime_t now); void (printnode)(dns_db_t db, dns_dbnode_t node, FILE out); isc_result_t (createiterator)(dns_db_t db, unsigned int options, dns_dbiterator_t *iteratorp); isc_result_t (findrdataset)(dns_db_t db, dns_dbnode_t node, dns_dbversion_t version, dns_rdatatype_t type, dns_rdatatype_t covers, isc_stdtime_t now, dns_rdataset_t rdataset, dns_rdataset_t sigrdataset); isc_result_t (allrdatasets)(dns_db_t db, dns_dbnode_t node, dns_dbversion_t version, isc_stdtime_t now, dns_rdatasetiter_t iteratorp); isc_result_t (addrdataset)(dns_db_t db, dns_dbnode_t node, dns_dbversion_t version, isc_stdtime_t now, dns_rdataset_t rdataset, unsigned int options, dns_rdataset_t addedrdataset); isc_result_t (subtractrdataset)(dns_db_t db, dns_dbnode_t node, dns_dbversion_t version, dns_rdataset_t rdataset, unsigned int options, dns_rdataset_t newrdataset); isc_result_t (deleterdataset)(dns_db_t db, dns_dbnode_t node, dns_dbversion_t version, dns_rdatatype_t type, dns_rdatatype_t covers); bool (issecure)(dns_db_t db); unsigned int (nodecount)(dns_db_t db); bool (ispersistent)(dns_db_t db); void (overmem)(dns_db_t db, bool overmem); void (settask)(dns_db_t db, isc_task_t ); isc_result_t (getoriginnode)(dns_db_t db, dns_dbnode_t *nodep); void (transfernode)(dns_db_t db, dns_dbnode_t sourcep, dns_dbnode_t targetp); isc_result_t (getnsec3parameters)(dns_db_t db, dns_dbversion_t version, dns_hash_t hash, uint8_t flags, uint16_t iterations, unsigned char salt, size_t salt_len); isc_result_t (findnsec3node)(dns_db_t db, const dns_name_t name, bool create, dns_dbnode_t *nodep); isc_result_t (setsigningtime)(dns_db_t db, dns_rdataset_t rdataset, isc_stdtime_t resign); isc_result_t (getsigningtime)(dns_db_t db, dns_rdataset_t rdataset, dns_name_t name); void (resigned)(dns_db_t db, dns_rdataset_t rdataset, dns_dbversion_t version); bool (isdnssec)(dns_db_t db); dns_stats_t (getrrsetstats)(dns_db_t db); void (rpz_attach)(dns_db_t db, void rpzs, uint8_t rpz_num); isc_result_t (rpz_ready)(dns_db_t db); isc_result_t (findnodeext)(dns_db_t db, const dns_name_t name, bool create, dns_clientinfomethods_t methods, dns_clientinfo_t clientinfo, dns_dbnode_t nodep); isc_result_t (findext)(dns_db_t db, const dns_name_t name, dns_dbversion_t version, dns_rdatatype_t type, unsigned int options, isc_stdtime_t now, dns_dbnode_t nodep, dns_name_t foundname, dns_clientinfomethods_t methods, dns_clientinfo_t clientinfo, dns_rdataset_t rdataset, dns_rdataset_t sigrdataset); isc_result_t (setcachestats)(dns_db_t db, isc_stats_t stats); size_t (hashsize)(dns_db_t db); isc_result_t (nodefullname)(dns_db_t db, dns_dbnode_t node, dns_name_t name); isc_result_t (getsize)(dns_db_t db, dns_dbversion_t version, uint64_t records, uint64_t bytes); isc_result_t (setservestalettl)(dns_db_t db, dns_ttl_t ttl); isc_result_t (getservestalettl)(dns_db_t db, dns_ttl_t ttl); isc_result_t (setservestalerefresh)(dns_db_t db, uint32_t interval); isc_result_t (getservestalerefresh)(dns_db_t db, uint32_t interval); isc_result_t (setgluecachestats)(dns_db_t db, isc_stats_t stats); isc_result_t (adjusthashsize)(dns_db_t db, size_t size); void (setmaxrrperset)(dns_db_t db, uint32_t value); void (setmaxtypepername)(dns_db_t db, uint32_t value); } dns_dbmethods_t; typedef isc_result_t (dns_dbcreatefunc_t)(isc_mem_t mctx, const dns_name_t name, dns_dbtype_t type, dns_rdataclass_t rdclass, unsigned int argc, char argv[], void driverarg, dns_db_t *dbp); typedef isc_result_t (dns_dbupdate_callback_t)(dns_db_t db, void fn_arg); #define DNS_DB_MAGIC ISC_MAGIC('D', 'N', 'S', 'D') #define DNS_DB_VALID(db) ISC_MAGIC_VALID(db, DNS_DB_MAGIC) /% This structure is actually just the common prefix of a DNS db * implementation's version of a dns_db_t. * \brief * Direct use of this structure by clients is forbidden. DB implementations * may change the structure. 'magic' must be DNS_DB_MAGIC for any of the * dns_db_ routines to work. DB implementations must maintain all DB * invariants. / struct dns_db { unsigned int magic; unsigned int impmagic; dns_dbmethods_t methods; uint16_t attributes; dns_rdataclass_t rdclass; dns_name_t origin; isc_mem_t mctx; ISC_LIST(dns_dbonupdatelistener_t) update_listeners; }; #define DNS_DBATTR_CACHE 0x01 #define DNS_DBATTR_STUB 0x02 struct dns_dbonupdatelistener { dns_dbupdate_callback_t onupdate; void onupdate_arg; ISC_LINK(dns_dbonupdatelistener_t) link; }; /@{/ /% Options that can be specified for dns_db_find(). / #define DNS_DBFIND_GLUEOK 0x0001 #define DNS_DBFIND_VALIDATEGLUE 0x0002 #define DNS_DBFIND_NOWILD 0x0004 #define DNS_DBFIND_PENDINGOK 0x0008 #define DNS_DBFIND_NOEXACT 0x0010 #define DNS_DBFIND_FORCENSEC 0x0020 #define DNS_DBFIND_COVERINGNSEC 0x0040 #define DNS_DBFIND_FORCENSEC3 0x0080 #define DNS_DBFIND_ADDITIONALOK 0x0100 #define DNS_DBFIND_NOZONECUT 0x0200 / * DNS_DBFIND_STALEOK: This flag is set when BIND fails to refresh a RRset due * to timeout (resolver-query-timeout). Its intent is to try to look for stale * data in cache as a fallback, but only if stale answers are enabled in * configuration. / #define DNS_DBFIND_STALEOK 0x0400 / * DNS_DBFIND_STALEENABLED: This flag is used as a hint to the database that * it may use stale data. It is always set during query lookup if stale * answers are enabled, but only effectively used during stale-refresh-time * window. Also during this window, the resolver will not try to resolve the * query, in other words no attempt to refresh the data in cache is made when * the stale-refresh-time window is active. / #define DNS_DBFIND_STALEENABLED 0x0800 / * DNS_DBFIND_STALETIMEOUT: This flag is used when we want stale data from the * database, but not due to a failure in resolution, it also doesn't require * stale-refresh-time window timer to be active. As long as there is stale * data available, it should be returned. / #define DNS_DBFIND_STALETIMEOUT 0x1000 / * DNS_DBFIND_STALESTART: This flag is used to activate stale-refresh-time * window. / #define DNS_DBFIND_STALESTART 0x2000 /@}/ /@{/ /% * Options that can be specified for dns_db_addrdataset(). / #define DNS_DBADD_MERGE 0x01 #define DNS_DBADD_FORCE 0x02 #define DNS_DBADD_EXACT 0x04 #define DNS_DBADD_EXACTTTL 0x08 #define DNS_DBADD_PREFETCH 0x10 /@}/ /% * Options that can be specified for dns_db_subtractrdataset(). / #define DNS_DBSUB_EXACT 0x01 #define DNS_DBSUB_WANTOLD 0x02 /@{/ /% * Iterator options / #define DNS_DB_RELATIVENAMES 0x1 #define DNS_DB_NSEC3ONLY 0x2 #define DNS_DB_NONSEC3 0x4 /@}/ /** * Methods */ /* * Basic DB Methods / isc_result_t dns_db_create(isc_mem_t mctx, const char db_type, const dns_name_t origin, dns_dbtype_t type, dns_rdataclass_t rdclass, unsigned int argc, char argv[], dns_db_t dbp); /%< * Create a new database using implementation 'db_type'. * * Notes: * \li All names in the database must be subdomains of 'origin' and in class * 'rdclass'. The database makes its own copy of the origin, so the * caller may do whatever they like with 'origin' and its storage once the * call returns. * * \li DB implementation-specific parameters are passed using argc and argv. * * Requires: * * \li dbp != NULL and dbp == NULL * \li 'origin' is a valid absolute domain name. * * \li mctx is a valid memory context * * Ensures: * * \li A copy of 'origin' has been made for the databases use, and the * caller is free to do whatever they want with the name and storage * associated with 'origin'. * * Returns: * * \li #ISC_R_SUCCESS * \li #ISC_R_NOMEMORY * \li #ISC_R_NOTFOUND db_type not found * * \li Many other errors are possible, depending on what db_type was * specified. / void dns_db_attach(dns_db_t source, dns_db_t *targetp); /%< * Attach targetp to source. * Requires: * * \li 'source' is a valid database. * * \li 'targetp' points to a NULL dns_db_t . * Ensures: * * \li targetp is attached to source. / void dns_db_detach(dns_db_t *dbp); /%< * Detach dbp from its database. * Requires: * * \li 'dbp' points to a valid database. * * Ensures: * * \li dbp is NULL. * \li If 'dbp' is the last reference to the database, all resources used by the database will be freed / bool dns_db_iscache(dns_db_t db); /%< Does 'db' have cache semantics? * * Requires: * * \li 'db' is a valid database. * * Returns: * \li #true 'db' has cache semantics * \li #false otherwise / bool dns_db_iszone(dns_db_t db); /%< Does 'db' have zone semantics? * * Requires: * * \li 'db' is a valid database. * * Returns: * \li #true 'db' has zone semantics * \li #false otherwise / bool dns_db_isstub(dns_db_t db); /%< Does 'db' have stub semantics? * * Requires: * * \li 'db' is a valid database. * * Returns: * \li #true 'db' has zone semantics * \li #false otherwise / bool dns_db_issecure(dns_db_t db); /%< Is 'db' secure? * * Requires: * * \li 'db' is a valid database with zone semantics. * * Returns: * \li #true 'db' is secure. * \li #false 'db' is not secure. / bool dns_db_isdnssec(dns_db_t db); /%< Is 'db' secure or partially secure? * * Requires: * * \li 'db' is a valid database with zone semantics. * * Returns: * \li #true 'db' is secure or is partially. * \li #false 'db' is not secure. / dns_name_t dns_db_origin(dns_db_t db); /%< * The origin of the database. * * Note: caller must not try to change this name. * * Requires: * * \li 'db' is a valid database. * * Returns: * * \li The origin of the database. / dns_rdataclass_t dns_db_class(dns_db_t db); /%< The class of the database. * * Requires: * * \li 'db' is a valid database. * * Returns: * * \li The class of the database. / isc_result_t dns_db_beginload(dns_db_t db, dns_rdatacallbacks_t callbacks); /%< * Begin loading 'db'. * * Requires: * * \li 'db' is a valid database. * * \li This is the first attempt to load 'db'. * * \li 'callbacks' is a pointer to an initialized dns_rdatacallbacks_t * structure. * * Ensures: * * \li On success, callbacks->add will be a valid dns_addrdatasetfunc_t * suitable for loading records into 'db' from a raw or text zone * file. callbacks->add_private will be a valid DB load context * which should be used as 'arg' when callbacks->add is called. * callbacks->deserialize will be a valid dns_deserialize_func_t * suitable for loading 'db' from a map format zone file. * * Returns: * * \li #ISC_R_SUCCESS * \li #ISC_R_NOMEMORY * * \li Other results are possible, depending upon the database * implementation used, syntax errors in the master file, etc. / isc_result_t dns_db_endload(dns_db_t db, dns_rdatacallbacks_t callbacks); /%< * Finish loading 'db'. * * Requires: * * \li 'db' is a valid database that is being loaded. * * \li 'callbacks' is a valid dns_rdatacallbacks_t structure. * * \li callbacks->add_private is not NULL and is a valid database load context. * * Ensures: * * \li 'callbacks' is returned to its state prior to calling dns_db_beginload() * * Returns: * * \li #ISC_R_SUCCESS * \li #ISC_R_NOMEMORY * * \li Other results are possible, depending upon the database * implementation used, syntax errors in the master file, etc. / isc_result_t dns_db_load(dns_db_t db, const char filename, dns_masterformat_t format, unsigned int options); /%< * Load master file 'filename' into 'db'. * * Notes: * \li This routine is equivalent to calling * \code dns_db_beginload(); * dns_master_loadfile(); * dns_db_endload(); \endcode * Requires: * * \li 'db' is a valid database. * * \li This is the first attempt to load 'db'. * * Returns: * * \li #ISC_R_SUCCESS * \li #ISC_R_NOMEMORY * * \li Other results are possible, depending upon the database * implementation used, syntax errors in the master file, etc. / isc_result_t dns_db_serialize(dns_db_t db, dns_dbversion_t version, FILE rbtfile); /%< Dump version 'version' of 'db' to map-format file 'filename'. * * Requires: * * \li 'db' is a valid database. * * \li 'version' is a valid version. * * Returns: * * \li #ISC_R_SUCCESS * \li #ISC_R_NOMEMORY * * \li Other results are possible, depending upon the database * implementation used, OS file errors, etc. / isc_result_t dns_db_dump(dns_db_t db, dns_dbversion_t version, const char filename); /%< Dump version 'version' of 'db' to master file 'filename'. * * Requires: * * \li 'db' is a valid database. * * \li 'version' is a valid version. * * Returns: * * \li #ISC_R_SUCCESS * \li #ISC_R_NOMEMORY * * \li Other results are possible, depending upon the database * implementation used, OS file errors, etc. / / * Version Methods **/ void dns_db_currentversion(dns_db_t db, dns_dbversion_t *versionp); /%< * Open the current version for reading. * * Requires: * * \li 'db' is a valid database with zone semantics. * * \li versionp != NULL && verisonp == NULL * Ensures: * * \li On success, 'versionp' is attached to the current version. / isc_result_t dns_db_newversion(dns_db_t db, dns_dbversion_t *versionp); /%< * Open a new version for reading and writing. * * Requires: * * \li 'db' is a valid database with zone semantics. * * \li versionp != NULL && verisonp == NULL * Ensures: * * \li On success, 'versionp' is attached to the current version. * Returns: * * \li #ISC_R_SUCCESS * \li #ISC_R_NOMEMORY * * \li Other results are possible, depending upon the database * implementation used. / void dns_db_attachversion(dns_db_t db, dns_dbversion_t source, dns_dbversion_t targetp); /%< * Attach 'targetp' to 'source'. * Requires: * * \li 'db' is a valid database with zone semantics. * * \li source is a valid open version * * \li targetp != NULL && targetp == NULL * Ensures: * * \li 'targetp' is attached to source. / void dns_db_closeversion(dns_db_t db, dns_dbversion_t versionp, bool commit); /%< * Close version 'versionp'. * Note: if 'versionp' is a read-write version and 'commit' is true, then all changes made in the version will take effect, otherwise they * will be rolled back. The value of 'commit' is ignored for read-only * versions. * * Requires: * * \li 'db' is a valid database with zone semantics. * * \li 'versionp' refers to a valid version. * \li If committing a writable version, then there must be no other * outstanding references to the version (e.g. an active rdataset * iterator). * * Ensures: * * \li versionp == NULL * \li If versionp is a read-write version, and commit is true, then the version will become the current version. If !commit, then all * changes made in the version will be undone, and the version will * not become the current version. / / * Node Methods **/ isc_result_t dns_db_findnode(dns_db_t db, const dns_name_t name, bool create, dns_dbnode_t nodep); isc_result_t dns_db_findnodeext(dns_db_t db, const dns_name_t name, bool create, dns_clientinfomethods_t methods, dns_clientinfo_t clientinfo, dns_dbnode_t nodep); /%< * Find the node with name 'name'. * * dns_db_findnodeext() (findnode extended) also accepts parameters * 'methods' and 'clientinfo', which, when provided, enable the database to * retrieve information about the client from the caller, and modify its * response on the basis of that information. * * Notes: * \li If 'create' is true and no node with name 'name' exists, then * such a node will be created. * * \li This routine is for finding or creating a node with the specified * name. There are no partial matches. It is not suitable for use * in building responses to ordinary DNS queries; clients which wish * to do that should use dns_db_find() instead. * * Requires: * * \li 'db' is a valid database. * * \li 'name' is a valid, non-empty, absolute name. * * \li nodep != NULL && nodep == NULL * Ensures: * * \li On success, nodep is attached to the node with name 'name'. * Returns: * * \li #ISC_R_SUCCESS * \li #ISC_R_NOTFOUND If !create and name not found. * \li #ISC_R_NOMEMORY Can only happen if create is true. * * \li Other results are possible, depending upon the database * implementation used. / isc_result_t dns_db_find(dns_db_t db, const dns_name_t name, dns_dbversion_t version, dns_rdatatype_t type, unsigned int options, isc_stdtime_t now, dns_dbnode_t *nodep, dns_name_t foundname, dns_rdataset_t rdataset, dns_rdataset_t sigrdataset); isc_result_t dns_db_findext(dns_db_t db, const dns_name_t name, dns_dbversion_t version, dns_rdatatype_t type, unsigned int options, isc_stdtime_t now, dns_dbnode_t nodep, dns_name_t foundname, dns_clientinfomethods_t methods, dns_clientinfo_t clientinfo, dns_rdataset_t rdataset, dns_rdataset_t sigrdataset); /%< Find the best match for 'name' and 'type' in version 'version' of 'db'. * * dns_db_findext() (find extended) also accepts parameters 'methods' * and 'clientinfo', which when provided enable the database to retrieve * information about the client from the caller, and modify its response * on the basis of this information. * * Notes: * * \li If type == dns_rdataset_any, then rdataset will not be bound. * * \li If 'options' does not have #DNS_DBFIND_GLUEOK set, then no glue will * be returned. For zone databases, glue is as defined in RFC2181. * For cache databases, glue is any rdataset with a trust of * dns_trust_glue. * * \li If 'options' does not have #DNS_DBFIND_ADDITIONALOK set, then no * additional records will be returned. Only caches can have * rdataset with trust dns_trust_additional. * * \li If 'options' does not have #DNS_DBFIND_PENDINGOK set, then no * pending data will be returned. This option is only meaningful for * cache databases. * * \li If the #DNS_DBFIND_NOWILD option is set, then wildcard matching will * be disabled. This option is only meaningful for zone databases. * * \li If the #DNS_DBFIND_NOZONECUT option is set, the database is * assumed to contain no zone cuts above 'name'. An implementation * may therefore choose to search for a match beginning at 'name' * rather than walking down the tree to check check for delegations. * If #DNS_DBFIND_NOWILD is not set, wildcard matching will be * attempted at each node starting at the direct ancestor of 'name' * and working up to the zone origin. This option is only meaningful * when querying redirect zones. * * \li If the #DNS_DBFIND_FORCENSEC option is set, the database is assumed to * have NSEC records, and these will be returned when appropriate. This * is only necessary when querying a database that was not secure * when created. * * \li If the DNS_DBFIND_COVERINGNSEC option is set, then look for a * NSEC record that potentially covers 'name' if a answer cannot * be found. Note the returned NSEC needs to be checked to ensure * that it is correct. This only affects answers returned from the * cache. * * \li If the #DNS_DBFIND_FORCENSEC3 option is set, then we are looking * in the NSEC3 tree and not the main tree. Without this option being * set NSEC3 records will not be found. * * \li To respond to a query for SIG records, the caller should create a * rdataset iterator and extract the signatures from each rdataset. * * \li Making queries of type ANY with #DNS_DBFIND_GLUEOK is not recommended, * because the burden of determining whether a given rdataset is valid * glue or not falls upon the caller. * * \li The 'now' field is ignored if 'db' is a zone database. If 'db' is a * cache database, an rdataset will not be found unless it expires after * 'now'. Any ANY query will not match unless at least one rdataset at * the node expires after 'now'. If 'now' is zero, then the current time * will be used. * * Requires: * * \li 'db' is a valid database. * * \li 'type' is not SIG, or a meta-RR type other than 'ANY' (e.g. 'OPT'). * * \li 'nodep' is NULL, or nodep is a valid pointer and nodep == NULL. * \li 'foundname' is a valid name with a dedicated buffer. * * \li 'rdataset' is NULL, or is a valid unassociated rdataset. * * Ensures, * on a non-error completion: * * \li If nodep != NULL, then it is bound to the found node. * * \li If foundname != NULL, then it contains the full name of the * found node. * * \li If rdataset != NULL and type != dns_rdatatype_any, then * rdataset is bound to the found rdataset. * * Non-error results are: * * \li #ISC_R_SUCCESS The desired node and type were * found. * * \li #DNS_R_GLUE The desired node and type were * found, but are glue. This * result can only occur if * the DNS_DBFIND_GLUEOK option * is set. This result can only * occur if 'db' is a zone * database. If type == * dns_rdatatype_any, then the * node returned may contain, or * consist entirely of invalid * glue (i.e. data occluded by a * zone cut). The caller must * take care not to return invalid * glue to a client. * * \li #DNS_R_DELEGATION The data requested is beneath * a zone cut. node, foundname, * and rdataset reference the * NS RRset of the zone cut. * If 'db' is a cache database, * then this is the deepest known * delegation. * * \li #DNS_R_ZONECUT type == dns_rdatatype_any, and * the desired node is a zonecut. * The caller must take care not * to return inappropriate glue * to a client. This result can * only occur if 'db' is a zone * database and DNS_DBFIND_GLUEOK * is set. * * \li #DNS_R_DNAME The data requested is beneath * a DNAME. node, foundname, * and rdataset reference the * DNAME RRset. * * \li #DNS_R_CNAME The rdataset requested was not * found, but there is a CNAME * at the desired name. node, * foundname, and rdataset * reference the CNAME RRset. * * \li #DNS_R_NXDOMAIN The desired name does not * exist. * * \li #DNS_R_NXRRSET The desired name exists, but * the desired type does not. * * \li #ISC_R_NOTFOUND The desired name does not * exist, and no delegation could * be found. This result can only * occur if 'db' is a cache * database. The caller should * use its nameserver(s) of last * resort (e.g. root hints). * * \li #DNS_R_NCACHENXDOMAIN The desired name does not * exist. 'node' is bound to the * cache node with the desired * name, and 'rdataset' contains * the negative caching proof. * * \li #DNS_R_NCACHENXRRSET The desired type does not * exist. 'node' is bound to the * cache node with the desired * name, and 'rdataset' contains * the negative caching proof. * * \li #DNS_R_EMPTYNAME The name exists but there is * no data at the name. * * \li #DNS_R_COVERINGNSEC The returned data is a NSEC * that potentially covers 'name'. * * \li #DNS_R_EMPTYWILD The name is a wildcard without * resource records. * * Error results: * * \li #ISC_R_NOMEMORY * * \li #DNS_R_BADDB Data that is required to be * present in the DB, e.g. an NSEC * record in a secure zone, is not * present. * * \li Other results are possible, and should all be treated as * errors. / isc_result_t dns_db_findzonecut(dns_db_t db, const dns_name_t name, unsigned int options, isc_stdtime_t now, dns_dbnode_t nodep, dns_name_t foundname, dns_name_t dcname, dns_rdataset_t rdataset, dns_rdataset_t sigrdataset); /%< * Find the deepest known zonecut which encloses 'name' in 'db'. * * Notes: * * \li If the #DNS_DBFIND_NOEXACT option is set, then the zonecut returned * (if any) will be the deepest known ancestor of 'name'. * * \li If 'now' is zero, then the current time will be used. * * Requires: * * \li 'db' is a valid database with cache semantics. * * \li 'nodep' is NULL, or nodep is a valid pointer and nodep == NULL. * \li 'foundname' is a valid name with a dedicated buffer. * * \li 'dcname' is a valid name with a dedicated buffer. * * \li 'rdataset' is NULL, or is a valid unassociated rdataset. * * Ensures, on a non-error completion: * * \li If nodep != NULL, then it is bound to the found node. * * \li If foundname != NULL, then it contains the full name of the * found node. * * \li If dcname != NULL, then it contains the deepest cached name * that exists in the database. * * \li If rdataset != NULL and type != dns_rdatatype_any, then * rdataset is bound to the found rdataset. * * Non-error results are: * * \li #ISC_R_SUCCESS * * \li #ISC_R_NOTFOUND * * \li Other results are possible, and should all be treated as * errors. / void dns_db_attachnode(dns_db_t db, dns_dbnode_t source, dns_dbnode_t targetp); /%< * Attach targetp to source. * Requires: * * \li 'db' is a valid database. * * \li 'source' is a valid node. * * \li 'targetp' points to a NULL dns_dbnode_t . * Ensures: * * \li targetp is attached to source. / void dns_db_detachnode(dns_db_t db, dns_dbnode_t nodep); /%< * Detach nodep from its node. * Requires: * * \li 'db' is a valid database. * * \li 'nodep' points to a valid node. * * Ensures: * * \li nodep is NULL. / void dns_db_transfernode(dns_db_t db, dns_dbnode_t sourcep, dns_dbnode_t targetp); /%< * Transfer a node between pointer. * * This is equivalent to calling dns_db_attachnode() then dns_db_detachnode(). * * Requires: * * \li 'db' is a valid database. * * \li 'sourcep' is a valid node. * \li 'targetp' points to a NULL dns_dbnode_t . * Ensures: * * \li 'sourcep' is NULL. / isc_result_t dns_db_expirenode(dns_db_t db, dns_dbnode_t node, isc_stdtime_t now); /%< Mark as stale all records at 'node' which expire at or before 'now'. * * Note: if 'now' is zero, then the current time will be used. * * Requires: * * \li 'db' is a valid cache database. * * \li 'node' is a valid node. / void dns_db_printnode(dns_db_t db, dns_dbnode_t node, FILE out); /%< Print a textual representation of the contents of the node to * 'out'. * * Note: this function is intended for debugging, not general use. * * Requires: * * \li 'db' is a valid database. * * \li 'node' is a valid node. / / * DB Iterator Creation **/ isc_result_t dns_db_createiterator(dns_db_t db, unsigned int options, dns_dbiterator_t *iteratorp); /%< * Create an iterator for version 'version' of 'db'. * * Notes: * * \li One or more of the following options can be set. * #DNS_DB_RELATIVENAMES * #DNS_DB_NSEC3ONLY * #DNS_DB_NONSEC3 * * Requires: * * \li 'db' is a valid database. * * \li iteratorp != NULL && iteratorp == NULL * Ensures: * * \li On success, iteratorp will be a valid database iterator. * Returns: * * \li #ISC_R_SUCCESS * \li #ISC_R_NOMEMORY / / * Rdataset Methods **/ / * XXXRTH Should we check for glue and pending data in dns_db_findrdataset()? / isc_result_t dns_db_findrdataset(dns_db_t db, dns_dbnode_t node, dns_dbversion_t version, dns_rdatatype_t type, dns_rdatatype_t covers, isc_stdtime_t now, dns_rdataset_t rdataset, dns_rdataset_t sigrdataset); /%< Search for an rdataset of type 'type' at 'node' that are in version * 'version' of 'db'. If found, make 'rdataset' refer to it. * * Notes: * * \li If 'version' is NULL, then the current version will be used. * * \li Care must be used when using this routine to build a DNS response: * 'node' should have been found with dns_db_find(), not * dns_db_findnode(). No glue checking is done. No checking for * pending data is done. * * \li The 'now' field is ignored if 'db' is a zone database. If 'db' is a * cache database, an rdataset will not be found unless it expires after * 'now'. If 'now' is zero, then the current time will be used. * * Requires: * * \li 'db' is a valid database. * * \li 'node' is a valid node. * * \li 'rdataset' is a valid, disassociated rdataset. * * \li 'sigrdataset' is a valid, disassociated rdataset, or it is NULL. * * \li If 'covers' != 0, 'type' must be RRSIG. * * \li 'type' is not a meta-RR type such as 'ANY' or 'OPT'. * * Ensures: * * \li On success, 'rdataset' is associated with the found rdataset. * * Returns: * * \li #ISC_R_SUCCESS * \li #ISC_R_NOTFOUND * * \li Other results are possible, depending upon the database * implementation used. / isc_result_t dns_db_allrdatasets(dns_db_t db, dns_dbnode_t node, dns_dbversion_t version, isc_stdtime_t now, dns_rdatasetiter_t *iteratorp); /%< * Make 'iteratorp' an rdataset iterator for all rdatasets at 'node' in version 'version' of 'db'. * * Notes: * * \li If 'version' is NULL, then the current version will be used. * * \li The 'now' field is ignored if 'db' is a zone database. If 'db' is a * cache database, an rdataset will not be found unless it expires after * 'now'. Any ANY query will not match unless at least one rdataset at * the node expires after 'now'. If 'now' is zero, then the current time * will be used. * * Requires: * * \li 'db' is a valid database. * * \li 'node' is a valid node. * * \li iteratorp != NULL && iteratorp == NULL * Ensures: * * \li On success, 'iteratorp' is a valid rdataset iterator. * Returns: * * \li #ISC_R_SUCCESS * \li #ISC_R_NOTFOUND * * \li Other results are possible, depending upon the database * implementation used. / isc_result_t dns_db_addrdataset(dns_db_t db, dns_dbnode_t node, dns_dbversion_t version, isc_stdtime_t now, dns_rdataset_t rdataset, unsigned int options, dns_rdataset_t addedrdataset); /%< Add 'rdataset' to 'node' in version 'version' of 'db'. * * Notes: * * \li If the database has zone semantics, the #DNS_DBADD_MERGE option is set, * and an rdataset of the same type as 'rdataset' already exists at * 'node' then the contents of 'rdataset' will be merged with the existing * rdataset. If the option is not set, then rdataset will replace any * existing rdataset of the same type. If not merging and the * #DNS_DBADD_FORCE option is set, then the data will update the database * without regard to trust levels. If not forcing the data, then the * rdataset will only be added if its trust level is >= the trust level of * any existing rdataset. Forcing is only meaningful for cache databases. * If #DNS_DBADD_EXACT is set then there must be no rdata in common between * the old and new rdata sets. If #DNS_DBADD_EXACTTTL is set then both * the old and new rdata sets must have the same ttl. * * \li The 'now' field is ignored if 'db' is a zone database. If 'db' is * a cache database, then the added rdataset will expire no later than * now + rdataset->ttl. * * \li If 'addedrdataset' is not NULL, then it will be attached to the * resulting new rdataset in the database, or to the existing data if * the existing data was better. * * Requires: * * \li 'db' is a valid database. * * \li 'node' is a valid node. * * \li 'rdataset' is a valid, associated rdataset with the same class * as 'db'. * * \li 'addedrdataset' is NULL, or a valid, unassociated rdataset. * * \li The database has zone semantics and 'version' is a valid * read-write version, or the database has cache semantics * and version is NULL. * * \li If the database has cache semantics, the #DNS_DBADD_MERGE option must * not be set. * * Returns: * * \li #ISC_R_SUCCESS * \li #DNS_R_UNCHANGED The operation did not change * anything. \li #ISC_R_NOMEMORY \li #DNS_R_NOTEXACT * * \li Other results are possible, depending upon the database * implementation used. / isc_result_t dns_db_subtractrdataset(dns_db_t db, dns_dbnode_t node, dns_dbversion_t version, dns_rdataset_t rdataset, unsigned int options, dns_rdataset_t newrdataset); /%< Remove any rdata in 'rdataset' from 'node' in version 'version' of * 'db'. * * Notes: * * \li If 'newrdataset' is not NULL, then it will be attached to the * resulting new rdataset in the database, unless the rdataset has * become nonexistent. If DNS_DBSUB_EXACT is set then all elements * of 'rdataset' must exist at 'node'. * \li If DNS_DBSUB_WANTOLD is set and the entire rdataset was deleted then return the original rdatatset in newrdataset if that existed. * * Requires: * * \li 'db' is a valid database. * * \li 'node' is a valid node. * * \li 'rdataset' is a valid, associated rdataset with the same class * as 'db'. * * \li 'newrdataset' is NULL, or a valid, unassociated rdataset. * * \li The database has zone semantics and 'version' is a valid * read-write version. * * Returns: * * \li #ISC_R_SUCCESS * \li #DNS_R_UNCHANGED The operation did not change * anything. \li #DNS_R_NXRRSET All rdata of the same type as those in 'rdataset' have been deleted. \li #DNS_R_NOTEXACT * Some part of 'rdataset' did not exist and DNS_DBSUB_EXACT was set. * * \li Other results are possible, depending upon the database * implementation used. / isc_result_t dns_db_deleterdataset(dns_db_t db, dns_dbnode_t node, dns_dbversion_t version, dns_rdatatype_t type, dns_rdatatype_t covers); /%< Make it so that no rdataset of type 'type' exists at 'node' in version * version 'version' of 'db'. * * Notes: * * \li If 'type' is dns_rdatatype_any, then no rdatasets will exist in * 'version' (provided that the dns_db_deleterdataset() isn't followed * by one or more dns_db_addrdataset() calls). * * Requires: * * \li 'db' is a valid database. * * \li 'node' is a valid node. * * \li The database has zone semantics and 'version' is a valid * read-write version, or the database has cache semantics * and version is NULL. * * \li 'type' is not a meta-RR type, except for dns_rdatatype_any, which is * allowed. * * \li If 'covers' != 0, 'type' must be SIG. * * Returns: * * \li #ISC_R_SUCCESS * \li #DNS_R_UNCHANGED No rdatasets of 'type' existed * before the operation was attempted. * * \li Other results are possible, depending upon the database * implementation used. / isc_result_t dns_db_getsoaserial(dns_db_t db, dns_dbversion_t ver, uint32_t serialp); /%< Get the current SOA serial number from a zone database. * * Requires: * \li 'db' is a valid database with zone semantics. * \li 'ver' is a valid version. / void dns_db_overmem(dns_db_t db, bool overmem); /%< Enable / disable aggressive cache cleaning. / unsigned int dns_db_nodecount(dns_db_t db); /%< Count the number of nodes in 'db'. * * Requires: * * \li 'db' is a valid database. * * Returns: * \li The number of nodes in the database / size_t dns_db_hashsize(dns_db_t db); /%< For database implementations using a hash table, report the * current number of buckets. * * Requires: * * \li 'db' is a valid database. * * Returns: * \li The number of buckets in the database's hash table, or * 0 if not implemented. / isc_result_t dns_db_adjusthashsize(dns_db_t db, size_t size); /%< For database implementations using a hash table, adjust the size of * the hash table to store objects with a maximum total memory footprint * of 'size' bytes. If 'size' is set to 0, it means no finite limit is * requested. * * Requires: * * \li 'db' is a valid database. * \li 'size' is maximum memory footprint of the database in bytes * * Returns: * \li #ISC_R_SUCCESS The registration succeeded * \li #ISC_R_NOMEMORY Out of memory / void dns_db_settask(dns_db_t db, isc_task_t task); /%< * If task is set then the final detach maybe performed asynchronously. * * Requires: * \li 'db' is a valid database. * \li 'task' to be valid or NULL. / bool dns_db_ispersistent(dns_db_t db); /%< Is 'db' persistent? A persistent database does not need to be loaded * from disk or written to disk. * * Requires: * * \li 'db' is a valid database. * * Returns: * \li #true 'db' is persistent. * \li #false 'db' is not persistent. / isc_result_t dns_db_register(const char name, dns_dbcreatefunc_t create, void driverarg, isc_mem_t mctx, dns_dbimplementation_t *dbimp); /%< * Register a new database implementation and add it to the list of * supported implementations. * * Requires: * * \li 'name' is not NULL * \li 'order' is a valid function pointer * \li 'mctx' is a valid memory context * \li dbimp != NULL && dbimp == NULL * Returns: * \li #ISC_R_SUCCESS The registration succeeded * \li #ISC_R_NOMEMORY Out of memory * \li #ISC_R_EXISTS A database implementation with the same name exists * * Ensures: * * \li dbimp points to an opaque structure which must be passed to dns_db_unregister(). / void dns_db_unregister(dns_dbimplementation_t dbimp); /%< * Remove a database implementation from the list of supported * implementations. No databases of this type can be active when this * is called. * * Requires: * \li dbimp != NULL && dbimp == NULL * Ensures: * * \li Any memory allocated in dbimp will be freed. / isc_result_t dns_db_getoriginnode(dns_db_t db, dns_dbnode_t nodep); /%< * Get the origin DB node corresponding to the DB's zone. This function * should typically succeed unless the underlying DB implementation doesn't * support the feature. * * Requires: * * \li 'db' is a valid zone database. * \li 'nodep' != NULL && 'nodep' == NULL * Ensures: * \li On success, 'nodep' will point to the DB node of the zone's origin. * Returns: * \li #ISC_R_SUCCESS * \li #ISC_R_NOTFOUND - the DB implementation does not support this feature. / isc_result_t dns_db_getnsec3parameters(dns_db_t db, dns_dbversion_t version, dns_hash_t hash, uint8_t flags, uint16_t iterations, unsigned char salt, size_t salt_length); /%< Get the NSEC3 parameters that are associated with this zone. * * Requires: * \li 'db' is a valid zone database. * * Returns: * \li #ISC_R_SUCCESS * \li #ISC_R_NOTFOUND - the DB implementation does not support this feature * or this zone does not have NSEC3 records. / isc_result_t dns_db_getsize(dns_db_t db, dns_dbversion_t version, uint64_t records, uint64_t xfrsize); /%< * On success if 'records' is not NULL, it is set to the number of records * in the given version of the database. If 'xfrisize' is not NULL, it is * set to the approximate number of bytes needed to transfer the records, * counting name, TTL, type, class, and rdata for each RR. (This is meant * to be a rough approximation of the size of a full zone transfer, though * it does not take into account DNS message overhead or name compression.) * * Requires: * \li 'db' is a valid zone database. * \li 'version' is NULL or a valid version. * \li 'records' is NULL or a pointer to return the record count in. * \li 'xfrsize' is NULL or a pointer to return the byte count in. * * Returns: * \li #ISC_R_SUCCESS * \li #ISC_R_NOTIMPLEMENTED / isc_result_t dns_db_findnsec3node(dns_db_t db, const dns_name_t name, bool create, dns_dbnode_t nodep); /%< * Find the NSEC3 node with name 'name'. * * Notes: * \li If 'create' is true and no node with name 'name' exists, then * such a node will be created. * * Requires: * * \li 'db' is a valid database. * * \li 'name' is a valid, non-empty, absolute name. * * \li nodep != NULL && nodep == NULL * Ensures: * * \li On success, nodep is attached to the node with name 'name'. * Returns: * * \li #ISC_R_SUCCESS * \li #ISC_R_NOTFOUND If !create and name not found. * \li #ISC_R_NOMEMORY Can only happen if create is true. * * \li Other results are possible, depending upon the database * implementation used. / isc_result_t dns_db_setsigningtime(dns_db_t db, dns_rdataset_t rdataset, isc_stdtime_t resign); /%< * Sets the re-signing time associated with 'rdataset' to 'resign'. * * Requires: * \li 'db' is a valid zone database. * \li 'rdataset' is or is to be associated with 'db'. * \li 'rdataset' is not pending removed from the heap via an * uncommitted call to dns_db_resigned(). * * Returns: * \li #ISC_R_SUCCESS * \li #ISC_R_NOMEMORY * \li #ISC_R_NOTIMPLEMENTED - Not supported by this DB implementation. / isc_result_t dns_db_getsigningtime(dns_db_t db, dns_rdataset_t rdataset, dns_name_t name); /%< Return the rdataset with the earliest signing time in the zone. * Note: the rdataset is version agnostic. * * Requires: * \li 'db' is a valid zone database. * \li 'rdataset' to be initialized but not associated. * \li 'name' to be NULL or have a buffer associated with it. * * Returns: * \li #ISC_R_SUCCESS * \li #ISC_R_NOTFOUND - No dataset exists. / void dns_db_resigned(dns_db_t db, dns_rdataset_t rdataset, dns_dbversion_t version); /%< Mark 'rdataset' as not being available to be returned by * dns_db_getsigningtime(). If the changes associated with 'version' * are committed this will be permanent. If the version is not committed * this change will be rolled back when the version is closed. Until * 'version' is either committed or rolled back, 'rdataset' can no longer * be acted upon by dns_db_setsigningtime(). * * Requires: * \li 'db' is a valid zone database. * \li 'rdataset' to be associated with 'db'. * \li 'version' to be open for writing. / dns_stats_t dns_db_getrrsetstats(dns_db_t db); /%< * Get statistics information counting RRsets stored in the DB, when available. * The statistics may not be available depending on the DB implementation. * * Requires: * * \li 'db' is a valid database (cache only). * * Returns: * \li when available, a pointer to a statistics object created by * dns_rdatasetstats_create(); otherwise NULL. / isc_result_t dns_db_setcachestats(dns_db_t db, isc_stats_t stats); /%< * Set the location in which to collect cache statistics. * This option may not exist depending on the DB implementation. * * Requires: * * \li 'db' is a valid database (cache only). * * Returns: * \li when available, a pointer to a statistics object created by * dns_rdatasetstats_create(); otherwise NULL. / void dns_db_rpz_attach(dns_db_t db, void rpzs, uint8_t rpz_num) ISC_DEPRECATED; /%< * Attach the response policy information for a view to a database for a * zone for the view. / isc_result_t dns_db_rpz_ready(dns_db_t db) ISC_DEPRECATED; /%< Finish loading a response policy zone. / isc_result_t dns_db_updatenotify_register(dns_db_t db, dns_dbupdate_callback_t fn, void fn_arg); /%< * Register a notify-on-update callback function to a database. * * Requires: * * \li 'db' is a valid database * \li 'db' does not have an update callback registered * \li 'fn' is not NULL * / isc_result_t dns_db_updatenotify_unregister(dns_db_t db, dns_dbupdate_callback_t fn, void fn_arg); /%< * Unregister a notify-on-update callback. * * Requires: * * \li 'db' is a valid database * \li 'db' has update callback registered * / isc_result_t dns_db_nodefullname(dns_db_t db, dns_dbnode_t node, dns_name_t name); /%< Get the name associated with a database node. * * Requires: * * \li 'db' is a valid database * \li 'node' and 'name' are not NULL / isc_result_t dns_db_setservestalettl(dns_db_t db, dns_ttl_t ttl); /%< Sets the maximum length of time that cached answers may be retained * past their normal TTL. Default value for the library is 0, disabling * the use of stale data. * * Requires: * \li 'db' is a valid cache database. * \li 'ttl' is the number of seconds to retain data past its normal expiry. * * Returns: * \li #ISC_R_SUCCESS * \li #ISC_R_NOTIMPLEMENTED - Not supported by this DB implementation. / isc_result_t dns_db_getservestalettl(dns_db_t db, dns_ttl_t ttl); /%< * Gets maximum length of time that cached answers may be kept past * normal TTL expiration. * * Requires: * \li 'db' is a valid cache database. * \li 'ttl' is the number of seconds to retain data past its normal expiry. * * Returns: * \li #ISC_R_SUCCESS * \li #ISC_R_NOTIMPLEMENTED - Not supported by this DB implementation. / isc_result_t dns_db_setservestalerefresh(dns_db_t db, uint32_t interval); /%< Sets the length of time to wait before attempting to refresh a rrset * if a previous attempt in doing so has failed. * During this time window if stale rrset are available in cache they * will be directly returned to client. * * Requires: * \li 'db' is a valid cache database. * \li 'interval' is number of seconds before attempting to refresh data. * * Returns: * \li #ISC_R_SUCCESS * \li #ISC_R_NOTIMPLEMENTED - Not supported by this DB implementation. / isc_result_t dns_db_getservestalerefresh(dns_db_t db, uint32_t interval); /%< * Gets the length of time in which stale answers are directly returned from * cache before attempting to refresh them, in case a previous attempt in * doing so has failed. * * Requires: * \li 'db' is a valid cache database. * \li 'interval' is number of seconds before attempting to refresh data. * * Returns: * \li #ISC_R_SUCCESS * \li #ISC_R_NOTIMPLEMENTED - Not supported by this DB implementation. / isc_result_t dns_db_setgluecachestats(dns_db_t db, isc_stats_t stats); /%< * Set the location in which to collect glue cache statistics. * This option may not exist depending on the DB implementation. * * Requires: * * \li 'db' is a valid database (cache only). * * Returns: * \li when available, a pointer to a statistics object created by * dns_rdatasetstats_create(); otherwise NULL. / void dns_db_setmaxrrperset(dns_db_t db, uint32_t value); /%< Set the maximum permissible number of RRs per RRset. If 'value' * is nonzero, then any subsequent attempt to add an rdataset with * more than 'value' RRs will return ISC_R_NOSPACE. / void dns_db_setmaxtypepername(dns_db_t db, uint32_t value); /%< Set the maximum permissible number of RR types per owner name. * * If 'value' is nonzero, then any subsequent attempt to add an rdataset with a * RR type that would exceed the number of already stored RR types will return * ISC_R_NOSPACE. / ISC_LANG_ENDDECLS #endif / DNS_DB_H / ��dns/bit.h��0000644��00000001436�15125204631�0006262 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_BIT_H #define DNS_BIT_H 1 /! \file dns/bit.h / #include <inttypes.h> typedef uint64_t dns_bitset_t; #define DNS_BIT_SET(bit, bitset) ((bitset) \|= ((dns_bitset_t)1 << (bit))) #define DNS_BIT_CLEAR(bit, bitset) ((bitset) &= ~((dns_bitset_t)1 << (bit))) #define DNS_BIT_CHECK(bit, bitset) \ (((bitset) & ((dns_bitset_t)1 << (bit))) == ((dns_bitset_t)1 << (bit))) #endif /* DNS_BIT_H / ��dns/rpz.h��0000644��00000027574�15125204631�0006332 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_RPZ_H #define DNS_RPZ_H 1 #include <inttypes.h> #include <stdbool.h> #include <isc/deprecated.h> #include <isc/event.h> #include <isc/ht.h> #include <isc/lang.h> #include <isc/refcount.h> #include <isc/rwlock.h> #include <isc/time.h> #include <isc/timer.h> #include <dns/fixedname.h> #include <dns/rdata.h> #include <dns/types.h> ISC_LANG_BEGINDECLS #define DNS_RPZ_PREFIX "rpz-" / * Sub-zones of various trigger types. / #define DNS_RPZ_CLIENT_IP_ZONE DNS_RPZ_PREFIX "client-ip" #define DNS_RPZ_IP_ZONE DNS_RPZ_PREFIX "ip" #define DNS_RPZ_NSIP_ZONE DNS_RPZ_PREFIX "nsip" #define DNS_RPZ_NSDNAME_ZONE DNS_RPZ_PREFIX "nsdname" / * Special policies. / #define DNS_RPZ_PASSTHRU_NAME DNS_RPZ_PREFIX "passthru" #define DNS_RPZ_DROP_NAME DNS_RPZ_PREFIX "drop" #define DNS_RPZ_TCP_ONLY_NAME DNS_RPZ_PREFIX "tcp-only" typedef uint8_t dns_rpz_prefix_t; typedef enum { DNS_RPZ_TYPE_BAD, DNS_RPZ_TYPE_CLIENT_IP, DNS_RPZ_TYPE_QNAME, DNS_RPZ_TYPE_IP, DNS_RPZ_TYPE_NSDNAME, DNS_RPZ_TYPE_NSIP } dns_rpz_type_t; / * Require DNS_RPZ_POLICY_PASSTHRU < DNS_RPZ_POLICY_DROP * < DNS_RPZ_POLICY_TCP_ONLY DNS_RPZ_POLICY_NXDOMAIN < DNS_RPZ_POLICY_NODATA * < DNS_RPZ_POLICY_CNAME to choose among competing policies. / typedef enum { DNS_RPZ_POLICY_GIVEN = 0, / 'given': what policy record says / DNS_RPZ_POLICY_DISABLED = 1, / log what would have happened / DNS_RPZ_POLICY_PASSTHRU = 2, / 'passthru': do not rewrite / DNS_RPZ_POLICY_DROP = 3, / 'drop': do not respond / DNS_RPZ_POLICY_TCP_ONLY = 4, / 'tcp-only': answer UDP with TC=1 / DNS_RPZ_POLICY_NXDOMAIN = 5, / 'nxdomain': answer with NXDOMAIN / DNS_RPZ_POLICY_NODATA = 6, / 'nodata': answer with ANCOUNT=0 / DNS_RPZ_POLICY_CNAME = 7, / 'cname x': answer with x's rrsets / DNS_RPZ_POLICY_DNS64, / Apply DN64 to the A rewrite / DNS_RPZ_POLICY_RECORD, DNS_RPZ_POLICY_WILDCNAME, DNS_RPZ_POLICY_MISS, DNS_RPZ_POLICY_ERROR } dns_rpz_policy_t; typedef uint8_t dns_rpz_num_t; #define DNS_RPZ_MAX_ZONES 64 / * Type dns_rpz_zbits_t must be an unsigned int wide enough to contain * at least DNS_RPZ_MAX_ZONES bits. / typedef uint64_t dns_rpz_zbits_t; #define DNS_RPZ_ALL_ZBITS ((dns_rpz_zbits_t)-1) #define DNS_RPZ_INVALID_NUM DNS_RPZ_MAX_ZONES #define DNS_RPZ_ZBIT(n) (((dns_rpz_zbits_t)1) << (dns_rpz_num_t)(n)) / * Mask of the specified and higher numbered policy zones * Avoid hassles with (1<<33) or (1<<65) / #define DNS_RPZ_ZMASK(n) \ ((dns_rpz_zbits_t)((((n) >= DNS_RPZ_MAX_ZONES - 1) \ ? 0 \ : (1ULL << ((n) + 1))) - \ 1)) / * The trigger counter type. / typedef size_t dns_rpz_trigger_counter_t; / * The number of triggers of each type in a response policy zone. / typedef struct dns_rpz_triggers dns_rpz_triggers_t; struct dns_rpz_triggers { dns_rpz_trigger_counter_t client_ipv4; dns_rpz_trigger_counter_t client_ipv6; dns_rpz_trigger_counter_t qname; dns_rpz_trigger_counter_t ipv4; dns_rpz_trigger_counter_t ipv6; dns_rpz_trigger_counter_t nsdname; dns_rpz_trigger_counter_t nsipv4; dns_rpz_trigger_counter_t nsipv6; }; / * A single response policy zone. / typedef struct dns_rpz_zone dns_rpz_zone_t; typedef struct dns_rpz_zones dns_rpz_zones_t; struct dns_rpz_zone { isc_refcount_t refs; dns_rpz_num_t num; / ordinal in list of policy zones / dns_name_t origin; / Policy zone name / dns_name_t client_ip; / DNS_RPZ_CLIENT_IP_ZONE.origin. / dns_name_t ip; / DNS_RPZ_IP_ZONE.origin. / dns_name_t nsdname; / DNS_RPZ_NSDNAME_ZONE.origin / dns_name_t nsip; / DNS_RPZ_NSIP_ZONE.origin. / dns_name_t passthru; / DNS_RPZ_PASSTHRU_NAME. / dns_name_t drop; / DNS_RPZ_DROP_NAME. / dns_name_t tcp_only; / DNS_RPZ_TCP_ONLY_NAME. / dns_name_t cname; / override value for ..._CNAME / dns_ttl_t max_policy_ttl; dns_rpz_policy_t policy; / DNS_RPZ_POLICY_GIVEN or override / uint32_t min_update_interval; / minimal interval between * updates / isc_ht_t nodes; /* entries in zone / dns_rpz_zones_t rpzs; /* owner / isc_time_t lastupdated; / last time the zone was processed * / bool updatepending; / there is an update * pending/waiting / bool updaterunning; / there is an update running / dns_db_t db; /* zones database / dns_dbversion_t dbversion; /* version we will be updating to / dns_db_t updb; /* zones database we're working on / dns_dbversion_t updbversion; /* version we're currently working * on / dns_dbiterator_t updbit; /* iterator to use when updating / isc_ht_t newnodes; /* entries in zone being updated / bool db_registered; / is the notify event * registered? / bool addsoa; / add soa to the additional section / isc_timer_t updatetimer; isc_event_t updateevent; }; /* * Radix tree node for response policy IP addresses / typedef struct dns_rpz_cidr_node dns_rpz_cidr_node_t; / * Bitfields indicating which policy zones have policies of * which type. / typedef struct dns_rpz_have dns_rpz_have_t; struct dns_rpz_have { dns_rpz_zbits_t client_ipv4; dns_rpz_zbits_t client_ipv6; dns_rpz_zbits_t client_ip; dns_rpz_zbits_t qname; dns_rpz_zbits_t ipv4; dns_rpz_zbits_t ipv6; dns_rpz_zbits_t ip; dns_rpz_zbits_t nsdname; dns_rpz_zbits_t nsipv4; dns_rpz_zbits_t nsipv6; dns_rpz_zbits_t nsip; dns_rpz_zbits_t qname_skip_recurse; }; / * Policy options / typedef struct dns_rpz_popt dns_rpz_popt_t; struct dns_rpz_popt { dns_rpz_zbits_t no_rd_ok; dns_rpz_zbits_t no_log; dns_rpz_zbits_t nsip_on; dns_rpz_zbits_t nsdname_on; bool dnsrps_enabled; bool break_dnssec; bool qname_wait_recurse; bool nsip_wait_recurse; unsigned int min_ns_labels; dns_rpz_num_t num_zones; }; / * Response policy zones known to a view. / struct dns_rpz_zones { dns_rpz_popt_t p; dns_rpz_zone_t zones[DNS_RPZ_MAX_ZONES]; dns_rpz_triggers_t triggers[DNS_RPZ_MAX_ZONES]; /* * RPZ policy version number. * It is initially 0 and it increases whenever the server is * reconfigured with new zones or policy. / int rpz_ver; dns_rpz_zbits_t defined; / * The set of records for a policy zone are in one of these states: * never loaded load_begun=0 have=0 * during initial loading load_begun=1 have=0 * and rbtdb->rpzsp == rbtdb->load_rpzsp * after good load load_begun=1 have!=0 * after failed initial load load_begun=1 have=0 * and rbtdb->load_rpzsp == NULL * reloading after failure load_begun=1 have=0 * reloading after success * main rpzs load_begun=1 have!=0 * load rpzs load_begun=1 have=0 / dns_rpz_zbits_t load_begun; dns_rpz_have_t have; / * total_triggers maintains the total number of triggers in all * policy zones in the view. It is only used to print summary * statistics after a zone load of how the trigger counts * changed. / dns_rpz_triggers_t total_triggers; isc_mem_t mctx; isc_taskmgr_t taskmgr; isc_timermgr_t timermgr; isc_task_t updater; isc_refcount_t refs; isc_refcount_t irefs; / * One lock for short term read-only search that guarantees the * consistency of the pointers. * A second lock for maintenance that guarantees no other thread * is adding or deleting nodes. / isc_rwlock_t search_lock; isc_mutex_t maint_lock; dns_rpz_cidr_node_t cidr; dns_rbt_t rbt; / * DNSRPZ librpz configuration string and handle on librpz connection / char rps_cstr; size_t rps_cstr_size; struct librpz_client rps_client; }; / * context for finding the best policy / typedef struct { unsigned int state; #define DNS_RPZ_REWRITTEN 0x0001 #define DNS_RPZ_DONE_CLIENT_IP 0x0002 / client IP address checked / #define DNS_RPZ_DONE_QNAME 0x0004 / qname checked / #define DNS_RPZ_DONE_QNAME_IP 0x0008 / IP addresses of qname checked / #define DNS_RPZ_DONE_NSDNAME 0x0010 / NS name missed; checking addresses / #define DNS_RPZ_DONE_IPv4 0x0020 #define DNS_RPZ_RECURSING 0x0040 #define DNS_RPZ_ACTIVE 0x0080 / * Best match so far. / struct { dns_rpz_type_t type; dns_rpz_zone_t rpz; dns_rpz_prefix_t prefix; dns_rpz_policy_t policy; dns_ttl_t ttl; isc_result_t result; dns_zone_t zone; dns_db_t db; dns_dbversion_t version; dns_dbnode_t node; dns_rdataset_t rdataset; } m; / * State for chasing IP addresses and NS names including recursion. / struct { unsigned int label; dns_db_t db; dns_rdataset_t ns_rdataset; dns_rdatatype_t r_type; isc_result_t r_result; dns_rdataset_t r_rdataset; } r; /* * State of real query while recursing for NSIP or NSDNAME. / struct { isc_result_t result; bool is_zone; bool authoritative; dns_zone_t zone; dns_db_t db; dns_dbnode_t node; dns_rdataset_t rdataset; dns_rdataset_t sigrdataset; dns_rdatatype_t qtype; } q; /* * A copy of the 'have' and 'p' structures and the RPZ * policy version as of the beginning of RPZ processing, * used to avoid problems when policy is updated while * RPZ recursion is ongoing. / dns_rpz_have_t have; dns_rpz_popt_t popt; int rpz_ver; / * Shim db between BIND and DNRPS librpz. / dns_db_t rpsdb; /* * p_name: current policy owner name * r_name: recursing for this name to possible policy triggers * f_name: saved found name from before recursion / dns_name_t p_name; dns_name_t r_name; dns_name_t fname; dns_fixedname_t _p_namef; dns_fixedname_t _r_namef; dns_fixedname_t _fnamef; } dns_rpz_st_t; #define DNS_RPZ_TTL_DEFAULT 5 #define DNS_RPZ_MAX_TTL_DEFAULT DNS_RPZ_TTL_DEFAULT #define DNS_RPZ_MINUPDATEINTERVAL_DEFAULT 60 /* * So various response policy zone messages can be turned up or down. / #define DNS_RPZ_ERROR_LEVEL ISC_LOG_WARNING #define DNS_RPZ_INFO_LEVEL ISC_LOG_INFO #define DNS_RPZ_DEBUG_LEVEL1 ISC_LOG_DEBUG(1) #define DNS_RPZ_DEBUG_LEVEL2 ISC_LOG_DEBUG(2) #define DNS_RPZ_DEBUG_LEVEL3 ISC_LOG_DEBUG(3) #define DNS_RPZ_DEBUG_QUIET (DNS_RPZ_DEBUG_LEVEL3 + 1) const char dns_rpz_type2str(dns_rpz_type_t type); dns_rpz_policy_t dns_rpz_str2policy(const char str); const char dns_rpz_policy2str(dns_rpz_policy_t policy); dns_rpz_policy_t dns_rpz_decode_cname(dns_rpz_zone_t rpz, dns_rdataset_t rdataset, dns_name_t selfname); isc_result_t dns_rpz_new_zones(dns_rpz_zones_t rpzsp, char rps_cstr, size_t rps_cstr_size, isc_mem_t mctx, isc_taskmgr_t taskmgr, isc_timermgr_t timermgr); isc_result_t dns_rpz_new_zone(dns_rpz_zones_t rpzs, dns_rpz_zone_t *rpzp); isc_result_t dns_rpz_dbupdate_callback(dns_db_t db, void fn_arg); void dns_rpz_attach_rpzs(dns_rpz_zones_t source, dns_rpz_zones_t target); void dns_rpz_detach_rpzs(dns_rpz_zones_t rpzsp); isc_result_t dns_rpz_beginload(dns_rpz_zones_t *load_rpzsp, dns_rpz_zones_t rpzs, dns_rpz_num_t rpz_num) ISC_DEPRECATED; isc_result_t dns_rpz_ready(dns_rpz_zones_t rpzs, dns_rpz_zones_t load_rpzsp, dns_rpz_num_t rpz_num) ISC_DEPRECATED; isc_result_t dns_rpz_add(dns_rpz_zones_t rpzs, dns_rpz_num_t rpz_num, const dns_name_t name); void dns_rpz_delete(dns_rpz_zones_t rpzs, dns_rpz_num_t rpz_num, const dns_name_t name); dns_rpz_num_t dns_rpz_find_ip(dns_rpz_zones_t rpzs, dns_rpz_type_t rpz_type, dns_rpz_zbits_t zbits, const isc_netaddr_t netaddr, dns_name_t ip_name, dns_rpz_prefix_t prefixp); dns_rpz_zbits_t dns_rpz_find_name(dns_rpz_zones_t rpzs, dns_rpz_type_t rpz_type, dns_rpz_zbits_t zbits, dns_name_t trig_name); ISC_LANG_ENDDECLS #endif / DNS_RPZ_H / ��dns/dispatch.h��0000644��00000036262�15125204631�0007310 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_DISPATCH_H #define DNS_DISPATCH_H 1 /** * Module Info **/ /! \file dns/dispatch.h * \brief * DNS Dispatch Management * Shared UDP and single-use TCP dispatches for queries and responses. * * MP: * \li All locking is performed internally to each dispatch. Restrictions apply to dns_dispatch_removeresponse(). * * Reliability: * * Resources: * * Security: * \li Depends on the isc_socket_t and dns_message_t for prevention of buffer overruns. * * Standards: * \li None. / /* * Imports **/ #include <inttypes.h> #include <stdbool.h> #include <isc/buffer.h> #include <isc/lang.h> #include <isc/mutex.h> #include <isc/socket.h> #include <isc/types.h> #include <dns/types.h> ISC_LANG_BEGINDECLS /% * This event is sent to a task when a response comes in. * No part of this structure should ever be modified by the caller, * other than parts of the buffer. The holy parts of the buffer are * the base and size of the buffer. All other parts of the buffer may * be used. On event delivery the used region contains the packet. * * "id" is the received message id, * * "addr" is the host that sent it to us, * * "buffer" holds state on the received data. * * The "free" routine for this event will clean up itself as well as * any buffer space allocated from common pools. / struct dns_dispatchevent { ISC_EVENT_COMMON(dns_dispatchevent_t); /%< standard event common / isc_result_t result; /%< result code / int32_t id; /%< message id / isc_sockaddr_t addr; /%< address recv'd from / struct in6_pktinfo pktinfo; /%< reply info for v6 / isc_buffer_t buffer; /%< data buffer / uint32_t attributes; /%< mirrored from socket.h / }; /% * This is a set of one or more dispatches which can be retrieved * round-robin fashion. / struct dns_dispatchset { isc_mem_t mctx; dns_dispatch_t *dispatches; int ndisp; int cur; isc_mutex_t lock; }; /@{/ /% * Attributes for added dispatchers. * * Values with the mask 0xffff0000 are application defined. * Values with the mask 0x0000ffff are library defined. * * Insane values (like setting both TCP and UDP) are not caught. Don't * do that. * * _PRIVATE * The dispatcher cannot be shared. * * _TCP, _UDP * The dispatcher is a TCP or UDP socket. * * _IPV4, _IPV6 * The dispatcher uses an IPv4 or IPv6 socket. * * _NOLISTEN * The dispatcher should not listen on the socket. * * _MAKEQUERY * The dispatcher can be used to issue queries to other servers, and * accept replies from them. * * _RANDOMPORT * Previously used to indicate that the port of a dispatch UDP must be * chosen randomly. This behavior now always applies and the attribute * is obsoleted. * * _EXCLUSIVE * A separate socket will be used on-demand for each transaction. / #define DNS_DISPATCHATTR_PRIVATE 0x00000001U #define DNS_DISPATCHATTR_TCP 0x00000002U #define DNS_DISPATCHATTR_UDP 0x00000004U #define DNS_DISPATCHATTR_IPV4 0x00000008U #define DNS_DISPATCHATTR_IPV6 0x00000010U #define DNS_DISPATCHATTR_NOLISTEN 0x00000020U #define DNS_DISPATCHATTR_MAKEQUERY 0x00000040U #define DNS_DISPATCHATTR_CONNECTED 0x00000080U #define DNS_DISPATCHATTR_FIXEDID 0x00000100U #define DNS_DISPATCHATTR_EXCLUSIVE 0x00000200U #define DNS_DISPATCHATTR_CANREUSE 0x00000400U /@}/ / / #define DNS_DISPATCHOPT_FIXEDID 0x00000001U isc_result_t dns_dispatchmgr_create(isc_mem_t mctx, dns_dispatchmgr_t *mgrp); /%< * Creates a new dispatchmgr object. * * Requires: \li "mctx" be a valid memory context. \li mgrp != NULL && mgrp == NULL * * Returns: \li ISC_R_SUCCESS -- all ok \li anything else -- failure / void dns_dispatchmgr_destroy(dns_dispatchmgr_t *mgrp); /%< * Destroys the dispatchmgr when it becomes empty. This could be * immediately. * * Requires: \li mgrp != NULL && mgrp is a valid dispatchmgr. / void dns_dispatchmgr_setblackhole(dns_dispatchmgr_t mgr, dns_acl_t blackhole); /%< * Sets the dispatcher's "blackhole list," a list of addresses that will * be ignored by all dispatchers created by the dispatchmgr. * * Requires: * \li mgrp is a valid dispatchmgr * \li blackhole is a valid acl / dns_acl_t dns_dispatchmgr_getblackhole(dns_dispatchmgr_t mgr); /%< * Gets a pointer to the dispatcher's current blackhole list, * without incrementing its reference count. * * Requires: \li mgr is a valid dispatchmgr Returns: \li A pointer to the current blackhole list, or NULL. / void dns_dispatchmgr_setblackportlist(dns_dispatchmgr_t mgr, dns_portlist_t portlist); /%< This function is deprecated. Use dns_dispatchmgr_setavailports() instead. * * Requires: \li mgr is a valid dispatchmgr / dns_portlist_t * dns_dispatchmgr_getblackportlist(dns_dispatchmgr_t mgr); /%< * This function is deprecated and always returns NULL. * * Requires: \li mgr is a valid dispatchmgr / isc_result_t dns_dispatchmgr_setavailports(dns_dispatchmgr_t mgr, isc_portset_t v4portset, isc_portset_t v6portset); /%< * Sets a list of UDP ports that can be used for outgoing UDP messages. * * Requires: \li mgr is a valid dispatchmgr \li v4portset is NULL or a valid port set \li v6portset is NULL or a valid port set / void dns_dispatchmgr_setstats(dns_dispatchmgr_t mgr, isc_stats_t stats); /%< Sets statistics counter for the dispatchmgr. This function is expected to * be called only on zone creation (when necessary). * Once installed, it cannot be removed or replaced. Also, there is no * interface to get the installed stats from the zone; the caller must keep the * stats to reference (e.g. dump) it later. * * Requires: \li mgr is a valid dispatchmgr with no managed dispatch. \li stats is a valid statistics supporting resolver statistics counters * (see dns/stats.h). / isc_result_t dns_dispatch_getudp(dns_dispatchmgr_t mgr, isc_socketmgr_t sockmgr, isc_taskmgr_t taskmgr, const isc_sockaddr_t localaddr, unsigned int buffersize, unsigned int maxbuffers, unsigned int maxrequests, unsigned int buckets, unsigned int increment, unsigned int attributes, unsigned int mask, dns_dispatch_t dispp); isc_result_t dns_dispatch_getudp_dup(dns_dispatchmgr_t mgr, isc_socketmgr_t sockmgr, isc_taskmgr_t taskmgr, const isc_sockaddr_t localaddr, unsigned int buffersize, unsigned int maxbuffers, unsigned int maxrequests, unsigned int buckets, unsigned int increment, unsigned int attributes, unsigned int mask, dns_dispatch_t dispp, dns_dispatch_t dup); /%< Attach to existing dns_dispatch_t if one is found with dns_dispatchmgr_find, * otherwise create a new UDP dispatch. * * Requires: \li All pointer parameters be valid for their respective types. \li dispp != NULL && disp == NULL * \li 512 <= buffersize <= 64k \li maxbuffers > 0 \li buckets < 2097169 \li increment > buckets \li (attributes & DNS_DISPATCHATTR_TCP) == 0 * Returns: \li ISC_R_SUCCESS -- success. \li Anything else -- failure. / isc_result_t dns_dispatch_createtcp(dns_dispatchmgr_t mgr, isc_socket_t sock, isc_taskmgr_t taskmgr, const isc_sockaddr_t localaddr, const isc_sockaddr_t destaddr, unsigned int buffersize, unsigned int maxbuffers, unsigned int maxrequests, unsigned int buckets, unsigned int increment, unsigned int attributes, dns_dispatch_t dispp); /%< * Create a new dns_dispatch and attach it to the provided isc_socket_t. * * For all dispatches, "buffersize" is the maximum packet size we will * accept. * * "maxbuffers" and "maxrequests" control the number of buffers in the * overall system and the number of buffers which can be allocated to * requests. * * "buckets" is the number of buckets to use, and should be prime. * * "increment" is used in a collision avoidance function, and needs to be * a prime > buckets, and not 2. * * Requires: * \li mgr is a valid dispatch manager. \li sock is a valid. \li task is a valid task that can be used internally to this dispatcher. * \li 512 <= buffersize <= 64k * \li maxbuffers > 0. \li maxrequests <= maxbuffers. \li buckets < 2097169 (the next prime after 65536 32) * \li increment > buckets (and prime). \li attributes includes #DNS_DISPATCHATTR_TCP and does not include #DNS_DISPATCHATTR_UDP. * * Returns: \li ISC_R_SUCCESS -- success. \li Anything else -- failure. / void dns_dispatch_attach(dns_dispatch_t disp, dns_dispatch_t dispp); /%< * Attach to a dispatch handle. * * Requires: \li disp is valid. \li dispp != NULL && dispp == NULL / void dns_dispatch_detach(dns_dispatch_t dispp); /%< * Detaches from the dispatch. * * Requires: \li dispp != NULL and dispp be a valid dispatch. / void dns_dispatch_starttcp(dns_dispatch_t disp); /%< Start processing of a TCP dispatch once the socket connects. * * Requires: \li 'disp' is valid. / isc_result_t dns_dispatch_gettcp(dns_dispatchmgr_t mgr, const isc_sockaddr_t destaddr, const isc_sockaddr_t localaddr, bool connected, dns_dispatch_t *dispp); / * Attempt to connect to a existing TCP connection (connection completed * if connected == NULL). / isc_result_t dns_dispatch_addresponse(dns_dispatch_t disp, unsigned int options, const isc_sockaddr_t dest, isc_task_t task, isc_taskaction_t action, void arg, uint16_t idp, dns_dispentry_t *resp, isc_socketmgr_t sockmgr); /%< Add a response entry for this dispatch. * * "idp" is filled in with the assigned message ID, and resp is filled in * to contain the magic token used to request event flow stop. * * Arranges for the given task to get a callback for response packets. When * the event is delivered, it must be returned using dns_dispatch_freeevent() * or through dns_dispatch_removeresponse() for another to be delivered. * * Requires: \li "idp" be non-NULL. \li "task" "action" and "arg" be set as appropriate. \li "dest" be non-NULL and valid. \li "resp" be non-NULL and resp be NULL * \li "sockmgr" be NULL or a valid socket manager. If 'disp' has the DNS_DISPATCHATTR_EXCLUSIVE attribute, this must not be NULL, * which also means dns_dispatch_addresponse() cannot be used. * * Ensures: * \li <id, dest> is a unique tuple. That means incoming messages are identifiable. * * Returns: * \li ISC_R_SUCCESS -- all is well. \li ISC_R_NOMEMORY -- memory could not be allocated. \li ISC_R_NOMORE -- no more message ids can be allocated for this destination. / void dns_dispatch_removeresponse(dns_dispentry_t resp, dns_dispatchevent_t sockevent); /%< * Stops the flow of responses for the provided id and destination. * If "sockevent" is non-NULL, the dispatch event and associated buffer is * also returned to the system. * * Requires: \li "resp" != NULL and "resp" contain a value previously allocated * by dns_dispatch_addresponse(); * \li May only be called from within the task given as the 'task' argument to dns_dispatch_addresponse() when allocating 'resp'. / isc_socket_t * dns_dispatch_getentrysocket(dns_dispentry_t resp); isc_socket_t dns_dispatch_getsocket(dns_dispatch_t disp); /%< * Return the socket associated with this dispatcher. * * Requires: \li disp is valid. * Returns: \li The socket the dispatcher is using. / isc_result_t dns_dispatch_getlocaladdress(dns_dispatch_t disp, isc_sockaddr_t addrp); /%< Return the local address for this dispatch. * This currently only works for dispatches using UDP sockets. * * Requires: \li disp is valid. \li addrp to be non null. * * Returns: \li ISC_R_SUCCESS \li ISC_R_NOTIMPLEMENTED / void dns_dispatch_cancel(dns_dispatch_t disp); /%< cancel outstanding clients * * Requires: \li disp is valid. / unsigned int dns_dispatch_getattributes(dns_dispatch_t disp); /%< * Return the attributes (DNS_DISPATCHATTR_xxx) of this dispatch. Only the * non-changeable attributes are expected to be referenced by the caller. * * Requires: \li disp is valid. / void dns_dispatch_changeattributes(dns_dispatch_t disp, unsigned int attributes, unsigned int mask); /%< * Set the bits described by "mask" to the corresponding values in * "attributes". * * That is: * * \code * new = (old & ~mask) \| (attributes & mask) * \endcode * * This function has a side effect when #DNS_DISPATCHATTR_NOLISTEN changes. * When the flag becomes off, the dispatch will start receiving on the * corresponding socket. When the flag becomes on, receive events on the * corresponding socket will be canceled. * * Requires: \li disp is valid. \li attributes are reasonable for the dispatch. That is, setting the UDP attribute on a TCP socket isn't reasonable. / void dns_dispatch_importrecv(dns_dispatch_t disp, isc_event_t event); /%< * Inform the dispatcher of a socket receive. This is used for sockets * shared between dispatchers and clients. If the dispatcher fails to copy * or send the event, nothing happens. * * If the attribute DNS_DISPATCHATTR_NOLISTEN is not set, then * the dispatch is already handling a recv; return immediately. * * Requires: \li disp is valid, and the attribute DNS_DISPATCHATTR_NOLISTEN is set. event != NULL / dns_dispatch_t dns_dispatchset_get(dns_dispatchset_t dset); /%< * Retrieve the next dispatch from dispatch set 'dset', and increment * the round-robin counter. * * Requires: \li dset != NULL / isc_result_t dns_dispatchset_create(isc_mem_t mctx, isc_socketmgr_t sockmgr, isc_taskmgr_t taskmgr, dns_dispatch_t source, dns_dispatchset_t *dsetp, int n); /%< * Given a valid dispatch 'source', create a dispatch set containing * 'n' UDP dispatches, with the remainder filled out by clones of the * source. * * Requires: \li source is a valid UDP dispatcher \li dsetp != NULL, dsetp == NULL / void dns_dispatchset_cancelall(dns_dispatchset_t dset, isc_task_t task); /%< Cancel socket operations for the dispatches in 'dset'. / void dns_dispatchset_destroy(dns_dispatchset_t dsetp); /%< * Dereference all the dispatches in 'dsetp', free the dispatchset memory, and set dsetp to NULL. * Requires: \li dset is valid / void dns_dispatch_setdscp(dns_dispatch_t disp, isc_dscp_t dscp); isc_dscp_t dns_dispatch_getdscp(dns_dispatch_t disp); /%< Set/get the DSCP value to be used when sending responses to clients, * as defined in the "listen-on" or "listen-on-v6" statements. * * Requires: \li disp is valid. / isc_result_t dns_dispatch_getnext(dns_dispentry_t resp, dns_dispatchevent_t sockevent); /%< * Free the sockevent and trigger the sending of the next item off the * dispatch queue if present. * * Requires: \li resp is valid \li sockevent to be valid / ISC_LANG_ENDDECLS #endif /* DNS_DISPATCH_H / ��dns/acl.h��0000644��00000014515�15125204631�0006245 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_ACL_H #define DNS_ACL_H 1 /** * Module Info **/ /! \file dns/acl.h * \brief * Address match list handling. / / * Imports */ #include <stdbool.h> #include <isc/lang.h> #include <isc/magic.h> #include <isc/netaddr.h> #include <isc/refcount.h> #include <dns/geoip.h> #include <dns/iptable.h> #include <dns/name.h> #include <dns/types.h> /* * Types / typedef enum { dns_aclelementtype_ipprefix, dns_aclelementtype_keyname, dns_aclelementtype_nestedacl, dns_aclelementtype_localhost, dns_aclelementtype_localnets, #if defined(HAVE_GEOIP2) dns_aclelementtype_geoip, #endif / HAVE_GEOIP2 / dns_aclelementtype_any } dns_aclelementtype_t; typedef struct dns_aclipprefix dns_aclipprefix_t; struct dns_aclipprefix { isc_netaddr_t address; / IP4/IP6 / unsigned int prefixlen; }; struct dns_aclelement { dns_aclelementtype_t type; bool negative; dns_name_t keyname; #if defined(HAVE_GEOIP2) dns_geoip_elem_t geoip_elem; #endif / HAVE_GEOIP2 / dns_acl_t nestedacl; int node_num; }; #define dns_acl_node_count(acl) acl->iptable->radix->num_added_node struct dns_acl { unsigned int magic; isc_mem_t mctx; isc_refcount_t refcount; dns_iptable_t iptable; dns_aclelement_t elements; bool has_negatives; unsigned int alloc; /%< Elements allocated / unsigned int length; /%< Elements initialized / char name; /%< Temporary use only / ISC_LINK(dns_acl_t) nextincache; /%< Ditto / }; struct dns_aclenv { dns_acl_t localhost; dns_acl_t localnets; bool match_mapped; #if defined(HAVE_GEOIP2) dns_geoip_databases_t geoip; #endif / HAVE_GEOIP2 / }; #define DNS_ACL_MAGIC ISC_MAGIC('D', 'a', 'c', 'l') #define DNS_ACL_VALID(a) ISC_MAGIC_VALID(a, DNS_ACL_MAGIC) / * Functions **/ ISC_LANG_BEGINDECLS isc_result_t dns_acl_create(isc_mem_t mctx, int n, dns_acl_t *target); /%< * Create a new ACL, including an IP table and an array with room * for 'n' ACL elements. The elements are uninitialized and the * length is 0. / isc_result_t dns_acl_any(isc_mem_t mctx, dns_acl_t *target); /%< * Create a new ACL that matches everything. / isc_result_t dns_acl_none(isc_mem_t mctx, dns_acl_t *target); /%< * Create a new ACL that matches nothing. / bool dns_acl_isany(dns_acl_t acl); /%< Test whether ACL is set to "{ any; }" / bool dns_acl_isnone(dns_acl_t acl); /%< Test whether ACL is set to "{ none; }" / isc_result_t dns_acl_merge(dns_acl_t dest, dns_acl_t source, bool pos); /%< * Merge the contents of one ACL into another. Call dns_iptable_merge() * for the IP tables, then concatenate the element arrays. * * If pos is set to false, then the nested ACL is to be negated. This * means reverse the sense of each positive element or IP table node, * but leave negatives alone, so as to prevent a double-negative causing * an unexpected positive match in the parent ACL. / void dns_acl_attach(dns_acl_t source, dns_acl_t *target); /%< * Attach to acl 'source'. * * Requires: \li 'source' to be a valid acl. \li 'target' to be non NULL and 'target' to be NULL. / void dns_acl_detach(dns_acl_t *aclp); /%< * Detach the acl. On final detach the acl must not be linked on any * list. * * Requires: \li 'aclp' to be a valid acl. * * Insists: \li 'aclp' is not linked on final detach. / bool dns_acl_isinsecure(const dns_acl_t a); /%< Return #true iff the acl 'a' is considered insecure, that is, * if it contains IP addresses other than those of the local host. * This is intended for applications such as printing warning * messages for suspect ACLs; it is not intended for making access * control decisions. We make no guarantee that an ACL for which * this function returns #false is safe. / bool dns_acl_allowed(isc_netaddr_t addr, const dns_name_t signer, dns_acl_t acl, dns_aclenv_t aclenv); /%< * Return #true iff the 'addr', 'signer', or ECS values are * permitted by 'acl' in environment 'aclenv'. / isc_result_t dns_aclenv_init(isc_mem_t mctx, dns_aclenv_t env); /%< * Initialize ACL environment, setting up localhost and localnets ACLs / void dns_aclenv_copy(dns_aclenv_t t, dns_aclenv_t s); void dns_aclenv_destroy(dns_aclenv_t env); isc_result_t dns_acl_match(const isc_netaddr_t reqaddr, const dns_name_t reqsigner, const dns_acl_t acl, const dns_aclenv_t env, int match, const dns_aclelement_t matchelt); /%< * General, low-level ACL matching. This is expected to * be useful even for weird stuff like the topology and sortlist statements. * * Match the address 'reqaddr', and optionally the key name 'reqsigner', * against 'acl'. 'reqsigner' may be NULL. * * If there is a match, 'match' will be set to an integer whose absolute value corresponds to the order in which the matching value was inserted * into the ACL. For a positive match, this value will be positive; for a * negative match, it will be negative. * * If there is no match, match will be set to zero. * If there is a match in the element list (either positive or negative) * and 'matchelt' is non-NULL, matchelt will be pointed to the matching element. * * 'env' points to the current ACL environment, including the * current values of localhost and localnets and (if applicable) * the GeoIP context. * * Returns: \li #ISC_R_SUCCESS Always succeeds. / bool dns_aclelement_match(const isc_netaddr_t reqaddr, const dns_name_t reqsigner, const dns_aclelement_t e, const dns_aclenv_t env, const dns_aclelement_t *matchelt); /%< * Like dns_acl_match, but matches against the single ACL element 'e' * rather than a complete ACL, and returns true iff it matched. * * To determine whether the match was positive or negative, the * caller should examine e->negative. Since the element 'e' may be * a reference to a named ACL or a nested ACL, a matching element * returned through 'matchelt' is not necessarily 'e' itself. / ISC_LANG_ENDDECLS #endif / DNS_ACL_H / ��dns/fixedname.h��0000644��00000003164�15125204631�0007444 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_FIXEDNAME_H #define DNS_FIXEDNAME_H 1 /** * Module Info **/ /! \file dns/fixedname.h * \brief * Fixed-size Names * * dns_fixedname_t is a convenience type containing a name, an offsets * table, and a dedicated buffer big enough for the longest possible * name. This is typically used for stack-allocated names. * * MP: \li The caller must ensure any required synchronization. * Reliability: \li No anticipated impact. * Resources: \li Per dns_fixedname_t: \code * sizeof(dns_name_t) + sizeof(dns_offsets_t) + * sizeof(isc_buffer_t) + 255 bytes + structure padding \endcode * Security: \li No anticipated impact. * Standards: \li None. / /*** * Imports */ #include <isc/buffer.h> #include <isc/lang.h> #include <dns/name.h> /* * Types **/ struct dns_fixedname { dns_name_t name; dns_offsets_t offsets; isc_buffer_t buffer; unsigned char data[DNS_NAME_MAXWIRE]; }; ISC_LANG_BEGINDECLS void dns_fixedname_init(dns_fixedname_t fixed); void dns_fixedname_invalidate(dns_fixedname_t fixed); dns_name_t dns_fixedname_name(dns_fixedname_t fixed); dns_name_t dns_fixedname_initname(dns_fixedname_t fixed); ISC_LANG_ENDDECLS #endif / DNS_FIXEDNAME_H / ��dns/version.h��0000644��00000001247�15125204631�0007171 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! \file dns/version.h / #ifndef DNS_VERSION_H #define DNS_VERSION_H 1 #include <isc/platform.h> LIBDNS_EXTERNAL_DATA extern const char dns_version[]; LIBDNS_EXTERNAL_DATA extern const char dns_major[]; LIBDNS_EXTERNAL_DATA extern const char dns_mapapi[]; #endif / DNS_VERSION_H / ��dns/rdataset.h��0000644��00000044432�15125204631�0007316 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_RDATASET_H #define DNS_RDATASET_H 1 /** * Module Info **/ /! \file dns/rdataset.h * \brief * A DNS rdataset is a handle that can be associated with a collection of * rdata all having a common owner name, class, and type. * * The dns_rdataset_t type is like a "virtual class". To actually use * rdatasets, an implementation of the method suite (e.g. "slabbed rdata") is * required. * * XXX <more> XXX * * MP: \li Clients of this module must impose any required synchronization. * Reliability: \li No anticipated impact. * Resources: \li TBS * Security: \li No anticipated impact. * Standards: \li None. / #include <inttypes.h> #include <stdbool.h> #include <isc/lang.h> #include <isc/magic.h> #include <isc/stdtime.h> #include <dns/rdatastruct.h> #include <dns/types.h> #define DNS_RDATASET_MAXADDITIONAL 13 ISC_LANG_BEGINDECLS typedef enum { dns_rdatasetadditional_fromauth, dns_rdatasetadditional_fromcache, dns_rdatasetadditional_fromglue } dns_rdatasetadditional_t; typedef struct dns_rdatasetmethods { void (disassociate)(dns_rdataset_t rdataset); isc_result_t (first)(dns_rdataset_t rdataset); isc_result_t (next)(dns_rdataset_t rdataset); void (current)(dns_rdataset_t rdataset, dns_rdata_t rdata); void (clone)(dns_rdataset_t source, dns_rdataset_t target); unsigned int (count)(dns_rdataset_t rdataset); isc_result_t (addnoqname)(dns_rdataset_t rdataset, const dns_name_t name); isc_result_t (getnoqname)(dns_rdataset_t rdataset, dns_name_t name, dns_rdataset_t neg, dns_rdataset_t negsig); isc_result_t (addclosest)(dns_rdataset_t rdataset, const dns_name_t name); isc_result_t (getclosest)(dns_rdataset_t rdataset, dns_name_t name, dns_rdataset_t neg, dns_rdataset_t negsig); void (settrust)(dns_rdataset_t rdataset, dns_trust_t trust); void (expire)(dns_rdataset_t rdataset); void (clearprefetch)(dns_rdataset_t rdataset); void (setownercase)(dns_rdataset_t rdataset, const dns_name_t name); void (getownercase)(const dns_rdataset_t rdataset, dns_name_t name); isc_result_t (addglue)(dns_rdataset_t rdataset, dns_dbversion_t version, dns_message_t msg); } dns_rdatasetmethods_t; #define DNS_RDATASET_MAGIC ISC_MAGIC('D', 'N', 'S', 'R') #define DNS_RDATASET_VALID(set) ISC_MAGIC_VALID(set, DNS_RDATASET_MAGIC) /% Direct use of this structure by clients is strongly discouraged, except * for the 'link' field which may be used however the client wishes. The * 'private', 'current', and 'index' fields MUST NOT be changed by clients. * rdataset implementations may change any of the fields. / struct dns_rdataset { unsigned int magic; dns_rdatasetmethods_t methods; ISC_LINK(dns_rdataset_t) link; /* * XXX do we need these, or should they be retrieved by methods? * Leaning towards the latter, since they are not frequently required * once you have the rdataset. / dns_rdataclass_t rdclass; dns_rdatatype_t type; dns_ttl_t ttl; dns_trust_t trust; dns_rdatatype_t covers; / * attributes / unsigned int attributes; /% * the counter provides the starting point in the "cyclic" order. * The value UINT32_MAX has a special meaning of "picking up a * random value." in order to take care of databases that do not * increment the counter. / uint32_t count; / * This RRSIG RRset should be re-generated around this time. * Only valid if DNS_RDATASETATTR_RESIGN is set in attributes. / isc_stdtime_t resign; /@{/ /% * These are for use by the rdataset implementation, and MUST NOT * be changed by clients. / void private1; void private2; void private3; unsigned int privateuint4; void private5; const void private6; const void private7; /@}/ }; /! * \def DNS_RDATASETATTR_RENDERED * Used by message.c to indicate that the rdataset was rendered. * * \def DNS_RDATASETATTR_TTLADJUSTED * Used by message.c to indicate that the rdataset's rdata had differing * TTL values, and the rdataset->ttl holds the smallest. * * \def DNS_RDATASETATTR_LOADORDER * Output the RRset in load order. / #define DNS_RDATASETATTR_NONE 0x00000000 /%< No ordering. / #define DNS_RDATASETATTR_QUESTION 0x00000001 #define DNS_RDATASETATTR_RENDERED 0x00000002 /%< Used by message.c / #define DNS_RDATASETATTR_ANSWERED 0x00000004 /%< Used by server. / #define DNS_RDATASETATTR_CACHE 0x00000008 /%< Used by resolver. / #define DNS_RDATASETATTR_ANSWER 0x00000010 /%< Used by resolver. / #define DNS_RDATASETATTR_ANSWERSIG 0x00000020 /%< Used by resolver. / #define DNS_RDATASETATTR_EXTERNAL 0x00000040 /%< Used by resolver. / #define DNS_RDATASETATTR_NCACHE 0x00000080 /%< Used by resolver. / #define DNS_RDATASETATTR_CHAINING 0x00000100 /%< Used by resolver. / #define DNS_RDATASETATTR_TTLADJUSTED 0x00000200 /%< Used by message.c / #define DNS_RDATASETATTR_FIXEDORDER 0x00000400 /%< Fixed ordering. / #define DNS_RDATASETATTR_RANDOMIZE 0x00000800 /%< Random ordering. / #define DNS_RDATASETATTR_CHASE 0x00001000 /%< Used by resolver. / #define DNS_RDATASETATTR_NXDOMAIN 0x00002000 #define DNS_RDATASETATTR_NOQNAME 0x00004000 #define DNS_RDATASETATTR_CHECKNAMES 0x00008000 /%< Used by resolver. / #define DNS_RDATASETATTR_REQUIRED 0x00010000 #define DNS_RDATASETATTR_REQUIREDGLUE DNS_RDATASETATTR_REQUIRED #define DNS_RDATASETATTR_LOADORDER 0x00020000 #define DNS_RDATASETATTR_RESIGN 0x00040000 #define DNS_RDATASETATTR_CLOSEST 0x00080000 #define DNS_RDATASETATTR_OPTOUT 0x00100000 /%< OPTOUT proof / #define DNS_RDATASETATTR_NEGATIVE 0x00200000 #define DNS_RDATASETATTR_PREFETCH 0x00400000 #define DNS_RDATASETATTR_CYCLIC 0x00800000 /%< Cyclic ordering. / #define DNS_RDATASETATTR_STALE 0x01000000 #define DNS_RDATASETATTR_ANCIENT 0x02000000 #define DNS_RDATASETATTR_STALE_WINDOW 0x04000000 #define DNS_RDATASETATTR_STALE_ADDED 0x08000000 /% * _OMITDNSSEC: * Omit DNSSEC records when rendering ncache records. / #define DNS_RDATASETTOWIRE_OMITDNSSEC 0x0001 void dns_rdataset_init(dns_rdataset_t rdataset); /%< Make 'rdataset' a valid, disassociated rdataset. * * Requires: \li 'rdataset' is not NULL. * Ensures: \li 'rdataset' is a valid, disassociated rdataset. / void dns_rdataset_invalidate(dns_rdataset_t rdataset); /%< * Invalidate 'rdataset'. * * Requires: \li 'rdataset' is a valid, disassociated rdataset. * Ensures: \li If assertion checking is enabled, future attempts to use 'rdataset' without initializing it will cause an assertion failure. / void dns_rdataset_disassociate(dns_rdataset_t rdataset); /%< Disassociate 'rdataset' from its rdata, allowing it to be reused. * * Notes: \li The client must ensure it has no references to rdata in the rdataset before disassociating. * * Requires: \li 'rdataset' is a valid, associated rdataset. * Ensures: \li 'rdataset' is a valid, disassociated rdataset. / bool dns_rdataset_isassociated(dns_rdataset_t rdataset); /%< * Is 'rdataset' associated? * * Requires: \li 'rdataset' is a valid rdataset. * Returns: \li #true 'rdataset' is associated. \li #false 'rdataset' is not associated. / void dns_rdataset_makequestion(dns_rdataset_t rdataset, dns_rdataclass_t rdclass, dns_rdatatype_t type); /%< Make 'rdataset' a valid, associated, question rdataset, with a * question class of 'rdclass' and type 'type'. * * Notes: \li Question rdatasets have a class and type, but no rdata. * Requires: \li 'rdataset' is a valid, disassociated rdataset. * Ensures: \li 'rdataset' is a valid, associated, question rdataset. / void dns_rdataset_clone(dns_rdataset_t source, dns_rdataset_t target); /%< Make 'target' refer to the same rdataset as 'source'. * * Requires: \li 'source' is a valid, associated rdataset. \li 'target' is a valid, dissociated rdataset. * Ensures: \li 'target' references the same rdataset as 'source'. / unsigned int dns_rdataset_count(dns_rdataset_t rdataset); /%< * Return the number of records in 'rdataset'. * * Requires: \li 'rdataset' is a valid, associated rdataset. * Returns: \li The number of records in 'rdataset'. / isc_result_t dns_rdataset_first(dns_rdataset_t rdataset); /%< * Move the rdata cursor to the first rdata in the rdataset (if any). * * Requires: \li 'rdataset' is a valid, associated rdataset. * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMORE There are no rdata in the set. / isc_result_t dns_rdataset_next(dns_rdataset_t rdataset); /%< Move the rdata cursor to the next rdata in the rdataset (if any). * * Requires: \li 'rdataset' is a valid, associated rdataset. * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMORE There are no more rdata in the set. / void dns_rdataset_current(dns_rdataset_t rdataset, dns_rdata_t rdata); /%< * Make 'rdata' refer to the current rdata. * * Notes: * \li The data returned in 'rdata' is valid for the life of the rdataset; in particular, subsequent changes in the cursor position * do not invalidate 'rdata'. * * Requires: \li 'rdataset' is a valid, associated rdataset. \li The rdata cursor of 'rdataset' is at a valid location (i.e. the result of last call to a cursor movement command was ISC_R_SUCCESS). * * Ensures: \li 'rdata' refers to the rdata at the rdata cursor location of \li 'rdataset'. / isc_result_t dns_rdataset_totext(dns_rdataset_t rdataset, const dns_name_t owner_name, bool omit_final_dot, bool question, isc_buffer_t target); /%< Convert 'rdataset' to text format, storing the result in 'target'. * * Notes: \li The rdata cursor position will be changed. \li The 'question' flag should normally be #false. If it is #true, the TTL and rdata fields are not printed. This is * for use when printing an rdata representing a question section. * \li This interface is deprecated; use dns_master_rdatasettottext() and/or dns_master_questiontotext() instead. * * Requires: \li 'rdataset' is a valid rdataset. \li 'rdataset' is not empty. / isc_result_t dns_rdataset_towire(dns_rdataset_t rdataset, const dns_name_t owner_name, dns_compress_t cctx, isc_buffer_t target, unsigned int options, unsigned int countp); /%< * Convert 'rdataset' to wire format, compressing names as specified * in 'cctx', and storing the result in 'target'. * * Notes: \li The rdata cursor position will be changed. \li The number of RRs added to target will be added to countp. * * Requires: \li 'rdataset' is a valid rdataset. \li 'rdataset' is not empty. \li 'countp' is a valid pointer. * Ensures: \li On a return of ISC_R_SUCCESS, 'target' contains a wire format for the data contained in 'rdataset'. Any error return leaves * the buffer unchanged. * \li countp has been incremented by the number of RRs added to * target. * * Returns: \li #ISC_R_SUCCESS - all ok \li #ISC_R_NOSPACE - 'target' doesn't have enough room * \li Any error returned by dns_rdata_towire(), dns_rdataset_next(), dns_name_towire(). / isc_result_t dns_rdataset_towiresorted(dns_rdataset_t rdataset, const dns_name_t owner_name, dns_compress_t cctx, isc_buffer_t target, dns_rdatasetorderfunc_t order, const void order_arg, unsigned int options, unsigned int countp); /%< * Like dns_rdataset_towire(), but sorting the rdatasets according to * the integer value returned by 'order' when called with the rdataset * and 'order_arg' as arguments. * * Requires: \li All the requirements of dns_rdataset_towire(), and that order_arg is NULL if and only if order is NULL. / isc_result_t dns_rdataset_towirepartial(dns_rdataset_t rdataset, const dns_name_t owner_name, dns_compress_t cctx, isc_buffer_t target, dns_rdatasetorderfunc_t order, const void order_arg, unsigned int options, unsigned int countp, void state); /%< * Like dns_rdataset_towiresorted() except that a partial rdataset * may be written. * * Requires: \li All the requirements of dns_rdataset_towiresorted(). If 'state' is non NULL then the current position in the * rdataset will be remembered if the rdataset in not * completely written and should be passed on on subsequent * calls (NOT CURRENTLY IMPLEMENTED). * * Returns: \li #ISC_R_SUCCESS if all of the records were written. \li #ISC_R_NOSPACE if unable to fit in all of the records. countp will be updated to reflect the number of records * written. / isc_result_t dns_rdataset_additionaldata(dns_rdataset_t rdataset, dns_additionaldatafunc_t add, void arg); /%< * For each rdata in rdataset, call 'add' for each name and type in the * rdata which is subject to additional section processing. * * Requires: * \li 'rdataset' is a valid, non-question rdataset. \li 'add' is a valid dns_additionaldatafunc_t * Ensures: * \li If successful, dns_rdata_additionaldata() will have been called for each rdata in 'rdataset'. * \li If a call to dns_rdata_additionaldata() is not successful, the result returned will be the result of dns_rdataset_additionaldata(). * \li If 'limit' is non-zero and the number of the rdatasets is larger than 'limit', no additional data will be processed. * * Returns: * \li #ISC_R_SUCCESS \li #DNS_R_TOOMANYRECORDS in case rdataset count is larger than 'limit' \li Any error that dns_rdata_additionaldata() can return. / isc_result_t dns_rdataset_additionaldata2(dns_rdataset_t rdataset, dns_additionaldatafunc_t add, void arg, size_t limit); isc_result_t dns_rdataset_getnoqname(dns_rdataset_t rdataset, dns_name_t name, dns_rdataset_t neg, dns_rdataset_t negsig); /%< Return the noqname proof for this record. * * Requires: \li 'rdataset' to be valid and #DNS_RDATASETATTR_NOQNAME to be set. \li 'name' to be valid. \li 'neg' and 'negsig' to be valid and not associated. / isc_result_t dns_rdataset_addnoqname(dns_rdataset_t rdataset, dns_name_t name); /%< Associate a noqname proof with this record. * Sets #DNS_RDATASETATTR_NOQNAME if successful. * Adjusts the 'rdataset->ttl' to minimum of the 'rdataset->ttl' and * the 'nsec'/'nsec3' and 'rrsig(nsec)'/'rrsig(nsec3)' ttl. * * Requires: \li 'rdataset' to be valid and #DNS_RDATASETATTR_NOQNAME to be set. \li 'name' to be valid and have NSEC or NSEC3 and associated RRSIG * rdatasets. / isc_result_t dns_rdataset_getclosest(dns_rdataset_t rdataset, dns_name_t name, dns_rdataset_t nsec, dns_rdataset_t nsecsig); /%< * Return the closest encloser for this record. * * Requires: \li 'rdataset' to be valid and #DNS_RDATASETATTR_CLOSEST to be set. \li 'name' to be valid. \li 'nsec' and 'nsecsig' to be valid and not associated. / isc_result_t dns_rdataset_addclosest(dns_rdataset_t rdataset, const dns_name_t name); /%< Associate a closest encloset proof with this record. * Sets #DNS_RDATASETATTR_CLOSEST if successful. * Adjusts the 'rdataset->ttl' to minimum of the 'rdataset->ttl' and * the 'nsec' and 'rrsig(nsec)' ttl. * * Requires: \li 'rdataset' to be valid and #DNS_RDATASETATTR_CLOSEST to be set. \li 'name' to be valid and have NSEC3 and RRSIG(NSEC3) rdatasets. / void dns_rdataset_settrust(dns_rdataset_t rdataset, dns_trust_t trust); /%< Set the trust of the 'rdataset' to trust in any in the backing database. * The local trust level of 'rdataset' is also set. / void dns_rdataset_expire(dns_rdataset_t rdataset); /%< Mark the rdataset to be expired in the backing database. / void dns_rdataset_clearprefetch(dns_rdataset_t rdataset); /%< Clear the PREFETCH attribute for the given rdataset in the * underlying database. * * In the cache database, this signals that the rdataset is not * eligible to be prefetched when the TTL is close to expiring. * It has no function in other databases. / void dns_rdataset_setownercase(dns_rdataset_t rdataset, const dns_name_t name); /%< * Store the casing of 'name', the owner name of 'rdataset', into * a bitfield so that the name can be capitalized the same when when * the rdataset is used later. This sets the CASESET attribute. / void dns_rdataset_getownercase(const dns_rdataset_t rdataset, dns_name_t name); /%< * If the CASESET attribute is set, retrieve the case bitfield that was * previously stored by dns_rdataset_getownername(), and capitalize 'name' * according to it. If CASESET is not set, do nothing. / isc_result_t dns_rdataset_addglue(dns_rdataset_t rdataset, dns_dbversion_t version, dns_message_t msg); /%< Add glue records for rdataset to the additional section of message in * 'msg'. 'rdataset' must be of type NS. * * In case a successful result is not returned, the caller should try to * add glue directly to the message by iterating for additional data. * * Requires: * \li 'rdataset' is a valid NS rdataset. * \li 'version' is the DB version. * \li 'msg' is the DNS message to which the glue should be added. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOTIMPLEMENTED \li #ISC_R_FAILURE \li Any error that dns_rdata_additionaldata() can return. / void dns_rdataset_trimttl(dns_rdataset_t rdataset, dns_rdataset_t sigrdataset, dns_rdata_rrsig_t rrsig, isc_stdtime_t now, bool acceptexpired); /%< Trim the ttl of 'rdataset' and 'sigrdataset' so that they will expire * at or before 'rrsig->expiretime'. If 'acceptexpired' is true and the * signature has expired or will expire in the next 120 seconds, limit * the ttl to be no more than 120 seconds. * * The ttl is further limited by the original ttl as stored in 'rrsig' * and the original ttl values of 'rdataset' and 'sigrdataset'. * * Requires: * \li 'rdataset' is a valid rdataset. * \li 'sigrdataset' is a valid rdataset. * \li 'rrsig' is non NULL. / const char dns_trust_totext(dns_trust_t trust); /%< Display trust in textual form. / ISC_LANG_ENDDECLS #endif / DNS_RDATASET_H / ��dns/keytable.h��0000644��00000017277�15125204631�0007316 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_KEYTABLE_H #define DNS_KEYTABLE_H 1 /** * Module Info **/ /! \file * \brief * The keytable module provides services for storing and retrieving DNSSEC * trusted keys, as well as the ability to find the deepest matching key * for a given domain name. * * MP: \li The module ensures appropriate synchronization of data structures it creates and manipulates. * * Resources: \li TBS * Security: \li No anticipated impact. / #include <stdbool.h> #include <isc/lang.h> #include <isc/magic.h> #include <isc/refcount.h> #include <isc/rwlock.h> #include <isc/stdtime.h> #include <dns/rdatastruct.h> #include <dns/types.h> #include <dst/dst.h> ISC_LANG_BEGINDECLS isc_result_t dns_keytable_create(isc_mem_t mctx, dns_keytable_t keytablep); /%< * Create a keytable. * * Requires: * \li 'mctx' is a valid memory context. \li keytablep != NULL && keytablep == NULL * * Ensures: * \li On success, keytablep is a valid, empty key table. * * Returns: * \li ISC_R_SUCCESS \li Any other result indicates failure. / void dns_keytable_attach(dns_keytable_t source, dns_keytable_t targetp); /%< * Attach targetp to source. * Requires: * \li 'source' is a valid keytable. \li 'targetp' points to a NULL dns_keytable_t . * * Ensures: * \li targetp is attached to source. / void dns_keytable_detach(dns_keytable_t keytablep); /%< * Detach keytablep from its keytable. * Requires: * \li 'keytablep' points to a valid keytable. * Ensures: * \li keytablep is NULL. * \li If 'keytablep' is the last reference to the keytable, * all resources used by the keytable will be freed / isc_result_t dns_keytable_add(dns_keytable_t keytable, bool managed, bool initial, dns_name_t name, dns_rdata_ds_t ds); /%< Add a key to 'keytable'. The keynode associated with 'name' * is updated with the DS specified in 'ds'. * * The value of keynode->managed is set to 'managed', and the * value of keynode->initial is set to 'initial'. (Note: 'initial' * should only be used when adding managed-keys from configuration. * This indicates the key is in "initializing" state, and has not yet * been confirmed with a key refresh query. Once a key refresh query * has validated, we update the keynode with initial == false.) * * Notes: * \li If the key already exists in the table, adding it again has no effect and ISC_R_SUCCESS is returned. * * Requires: * \li 'keytable' points to a valid keytable. \li 'ds' is not NULL. \li if 'initial' is true then 'managed' must also be true. * Returns: * \li ISC_R_SUCCESS \li ISC_R_EXISTS * \li Any other result indicates failure. / isc_result_t dns_keytable_marksecure(dns_keytable_t keytable, const dns_name_t name); /%< Add a null key to 'keytable' for name 'name'. This marks the * name as a secure domain, but doesn't supply any key data to allow the * domain to be validated. (Used when automated trust anchor management * has gotten broken by a zone misconfiguration; for example, when the * active key has been revoked but the stand-by key was still in its 30-day * waiting period for validity.) * * Notes: * \li If a key already exists in the table, ISC_R_EXISTS is returned and nothing is done. * * Requires: * \li 'keytable' points to a valid keytable. \li keyp != NULL && keyp is a valid dst_key_t . * Returns: * \li ISC_R_SUCCESS \li ISC_R_EXISTS * \li Any other result indicates failure. / isc_result_t dns_keytable_delete(dns_keytable_t keytable, const dns_name_t keyname); /%< Delete all trust anchors from 'keytable' matching name 'keyname' * * Requires: * \li 'keytable' points to a valid keytable. \li 'name' is not NULL * Returns: * \li ISC_R_SUCCESS \li Any other result indicates failure. / isc_result_t dns_keytable_deletekey(dns_keytable_t keytable, const dns_name_t keyname, dns_rdata_dnskey_t dnskey); /%< * Remove the trust anchor matching the name 'keyname' and the DNSKEY * rdata struct 'dnskey' from 'keytable'. * * Requires: * \li 'keytable' points to a valid keytable. \li 'dnskey' is not NULL * * Returns: * \li ISC_R_SUCCESS \li Any other result indicates failure. / isc_result_t dns_keytable_find(dns_keytable_t keytable, const dns_name_t keyname, dns_keynode_t *keynodep); /%< * Search for the first instance of a trust anchor named 'name' in * 'keytable', without regard to keyid and algorithm. * * Requires: * \li 'keytable' is a valid keytable. \li 'name' is a valid absolute name. \li keynodep != NULL && keynodep == NULL * * Returns: * \li ISC_R_SUCCESS \li ISC_R_NOTFOUND * \li Any other result indicates an error. / isc_result_t dns_keytable_finddeepestmatch(dns_keytable_t keytable, const dns_name_t name, dns_name_t foundname); /%< * Search for the deepest match of 'name' in 'keytable'. * * Requires: * \li 'keytable' is a valid keytable. \li 'name' is a valid absolute name. \li 'foundname' is a name with a dedicated buffer. * Returns: * \li ISC_R_SUCCESS \li ISC_R_NOTFOUND * \li Any other result indicates an error. / void dns_keytable_detachkeynode(dns_keytable_t keytable, dns_keynode_t keynodep); /%< * Detach a keynode found via dns_keytable_find(). * * Requires: * \li keynodep is a valid keynode returned by a call to dns_keytable_find(). * * Ensures: * \li keynodep == NULL / isc_result_t dns_keytable_issecuredomain(dns_keytable_t keytable, const dns_name_t name, dns_name_t foundname, bool wantdnssecp); /%< * Is 'name' at or beneath a trusted key? * * Requires: * \li 'keytable' is a valid keytable. \li 'name' is a valid absolute name. \li 'foundanme' is NULL or is a pointer to an initialized dns_name_t \li 'wantsdnssecp' is a valid bool. * * Ensures: * \li On success, wantsdnssecp will be true if and only if 'name' * is at or beneath a trusted key. If 'foundname' is not NULL, then * it will be updated to contain the name of the closest enclosing * trust anchor. * * Returns: * \li ISC_R_SUCCESS \li Any other result is an error. / isc_result_t dns_keytable_dump(dns_keytable_t keytable, FILE fp); /%< Dump the keytable on fp. / isc_result_t dns_keytable_totext(dns_keytable_t keytable, isc_buffer_t *buf); /%< * Dump the keytable to buffer at 'buf' / bool dns_keynode_dsset(dns_keynode_t keynode, dns_rdataset_t rdataset); /%< * Clone the DS RRset associated with 'keynode' into 'rdataset' if * it exists. 'dns_rdataset_disassociate(rdataset)' needs to be * called when done. * * Returns: \li true if there is a DS RRset. \li false if there isn't DS RRset. * * Requires: \li 'keynode' is valid. \li 'rdataset' is valid or NULL. / bool dns_keynode_managed(dns_keynode_t keynode); /%< Is this flagged as a managed key? / bool dns_keynode_initial(dns_keynode_t keynode); /%< Is this flagged as an initializing key? / void dns_keynode_trust(dns_keynode_t keynode); /%< Sets keynode->initial to false in order to mark the key as * trusted: no longer an initializing key. / isc_result_t dns_keytable_forall(dns_keytable_t keytable, void (func)(dns_keytable_t , dns_keynode_t , dns_name_t , void ), void arg); ISC_LANG_ENDDECLS #endif /* DNS_KEYTABLE_H / ��dns/enumclass.h��0000644��00000002304�15125204631�0007471 0��ustar�00��/ * Copyright (C) 1998-2025 Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. / /************ *********** *********** THIS FILE IS AUTOMATICALLY GENERATED BY gen.c. *********** DO NOT EDIT! *********** ************/ /! \file / #ifndef DNS_ENUMCLASS_H #define DNS_ENUMCLASS_H 1 enum { dns_rdataclass_reserved0 = 0, #define dns_rdataclass_reserved0 \ ((dns_rdataclass_t)dns_rdataclass_reserved0) dns_rdataclass_in = 1, #define dns_rdataclass_in ((dns_rdataclass_t)dns_rdataclass_in) dns_rdataclass_chaos = 3, #define dns_rdataclass_chaos ((dns_rdataclass_t)dns_rdataclass_chaos) dns_rdataclass_ch = 3, #define dns_rdataclass_ch ((dns_rdataclass_t)dns_rdataclass_ch) dns_rdataclass_hs = 4, #define dns_rdataclass_hs ((dns_rdataclass_t)dns_rdataclass_hs) dns_rdataclass_none = 254, #define dns_rdataclass_none ((dns_rdataclass_t)dns_rdataclass_none) dns_rdataclass_any = 255 #define dns_rdataclass_any ((dns_rdataclass_t)dns_rdataclass_any) }; #endif / DNS_ENUMCLASS_H / ��dns/rdatasetiter.h��0000644��00000007510�15125204631�0010176 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_RDATASETITER_H #define DNS_RDATASETITER_H 1 /** * Module Info **/ /! \file dns/rdatasetiter.h * \brief * The DNS Rdataset Iterator interface allows iteration of all of the * rdatasets at a node. * * The dns_rdatasetiter_t type is like a "virtual class". To actually use * it, an implementation of the class is required. This implementation is * supplied by the database. * * It is the client's responsibility to call dns_rdataset_disassociate() * on all rdatasets returned. * * XXX more XXX * * MP: \li The iterator itself is not locked. The caller must ensure synchronization. * \li The iterator methods ensure appropriate database locking. * Reliability: \li No anticipated impact. * Resources: \li TBS * Security: \li No anticipated impact. * Standards: \li None. / /*** * Imports */ #include <isc/lang.h> #include <isc/magic.h> #include <isc/stdtime.h> #include <dns/types.h> ISC_LANG_BEGINDECLS /* * Types **/ typedef struct dns_rdatasetitermethods { void (destroy)(dns_rdatasetiter_t *iteratorp); isc_result_t (first)(dns_rdatasetiter_t iterator); isc_result_t (next)(dns_rdatasetiter_t iterator); void (current)(dns_rdatasetiter_t iterator, dns_rdataset_t rdataset); } dns_rdatasetitermethods_t; #define DNS_RDATASETITER_MAGIC ISC_MAGIC('D', 'N', 'S', 'i') #define DNS_RDATASETITER_VALID(i) ISC_MAGIC_VALID(i, DNS_RDATASETITER_MAGIC) /% This structure is actually just the common prefix of a DNS db * implementation's version of a dns_rdatasetiter_t. * \brief * Direct use of this structure by clients is forbidden. DB implementations * may change the structure. 'magic' must be #DNS_RDATASETITER_MAGIC for * any of the dns_rdatasetiter routines to work. DB implementations must * maintain all DB rdataset iterator invariants. / struct dns_rdatasetiter { / Unlocked. / unsigned int magic; dns_rdatasetitermethods_t methods; dns_db_t db; dns_dbnode_t node; dns_dbversion_t version; isc_stdtime_t now; }; void dns_rdatasetiter_destroy(dns_rdatasetiter_t iteratorp); /%< * Destroy 'iteratorp'. * Requires: * \li 'iteratorp' is a valid iterator. * * Ensures: * \li All resources used by the iterator are freed. \li iteratorp == NULL. / isc_result_t dns_rdatasetiter_first(dns_rdatasetiter_t iterator); /%< Move the rdataset cursor to the first rdataset at the node (if any). * * Requires: \li 'iterator' is a valid iterator. * Returns: \li ISC_R_SUCCESS \li ISC_R_NOMORE There are no rdatasets at the node. * \li Other results are possible, depending on the DB implementation. / isc_result_t dns_rdatasetiter_next(dns_rdatasetiter_t iterator); /%< * Move the rdataset cursor to the next rdataset at the node (if any). * * Requires: \li 'iterator' is a valid iterator. * Returns: \li ISC_R_SUCCESS \li ISC_R_NOMORE There are no more rdatasets at the * node. * \li Other results are possible, depending on the DB implementation. / void dns_rdatasetiter_current(dns_rdatasetiter_t iterator, dns_rdataset_t rdataset); /%< Return the current rdataset. * * Requires: \li 'iterator' is a valid iterator. \li 'rdataset' is a valid, disassociated rdataset. \li The rdataset cursor of 'iterator' is at a valid location (i.e. the result of last call to a cursor movement command was #ISC_R_SUCCESS). / ISC_LANG_ENDDECLS #endif / DNS_RDATASETITER_H / ��dns/diff.h��0000644��00000015577�15125204631�0006427 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_DIFF_H #define DNS_DIFF_H 1 /** * Module Info **/ /! \file dns/diff.h * \brief * A diff is a convenience type representing a list of changes to be * made to a database. / / * Imports */ #include <isc/lang.h> #include <isc/magic.h> #include <dns/name.h> #include <dns/rdata.h> #include <dns/types.h> /* * Types / /% * A dns_difftuple_t represents a single RR being added or deleted. * The RR type and class are in the 'rdata' member; the class is always * the real one, not a DynDNS meta-class, so that the rdatas can be * compared using dns_rdata_compare(). The TTL is significant * even for deletions, because a deletion/addition pair cannot * be canceled out if the TTL differs (it might be an explicit * TTL update). * * Tuples are also used to represent complete RRs with owner * names for a couple of other purposes, such as the * individual RRs of a "RRset exists (value dependent)" * prerequisite set. In this case, op==DNS_DIFFOP_EXISTS, * and the TTL is ignored. * * DNS_DIFFOP_RESIGN will cause the 'resign' attribute of the resulting RRset to be recomputed to be 'resign' seconds before the earliest RRSIG * timeexpire. / typedef enum { DNS_DIFFOP_ADD = 0, /%< Add an RR. / DNS_DIFFOP_DEL = 1, /%< Delete an RR. / DNS_DIFFOP_EXISTS = 2, /%< Assert RR existence. / DNS_DIFFOP_ADDRESIGN = 4, /%< ADD + RESIGN. / DNS_DIFFOP_DELRESIGN = 5 /%< DEL + RESIGN. / } dns_diffop_t; typedef struct dns_difftuple dns_difftuple_t; typedef ISC_LIST(dns_difftuple_t) dns_difftuplelist_t; #define DNS_DIFFTUPLE_MAGIC ISC_MAGIC('D', 'I', 'F', 'T') #define DNS_DIFFTUPLE_VALID(t) ISC_MAGIC_VALID(t, DNS_DIFFTUPLE_MAGIC) struct dns_difftuple { unsigned int magic; isc_mem_t mctx; dns_diffop_t op; dns_name_t name; dns_ttl_t ttl; dns_rdata_t rdata; ISC_LINK(dns_difftuple_t) link; /* Variable-size name data and rdata follows. / }; /% * A dns_diff_t represents a set of changes being applied to * a zone. Diffs are also used to represent "RRset exists * (value dependent)" prerequisites. / typedef struct dns_diff dns_diff_t; #define DNS_DIFF_MAGIC ISC_MAGIC('D', 'I', 'F', 'F') #define DNS_DIFF_VALID(t) ISC_MAGIC_VALID(t, DNS_DIFF_MAGIC) struct dns_diff { unsigned int magic; isc_mem_t mctx; dns_difftuplelist_t tuples; }; /* Type of comparison function for sorting diffs. / typedef int dns_diff_compare_func(const void , const void ); / * Functions */ ISC_LANG_BEGINDECLS /***********************************************************************/ / * Manipulation of diffs and tuples. / isc_result_t dns_difftuple_create(isc_mem_t mctx, dns_diffop_t op, const dns_name_t name, dns_ttl_t ttl, dns_rdata_t rdata, dns_difftuple_t *tp); /%< * Create a tuple. Deep copies are made of the name and rdata, so * they need not remain valid after the call. * * Requires: \li tp != NULL && tp == NULL. * Returns: \li ISC_R_SUCCESS \li ISC_R_NOMEMORY / void dns_difftuple_free(dns_difftuple_t tp); /%< * Free a tuple. * * Requires: * \li *tp is a valid tuple. * Ensures: * \li tp == NULL \li All memory used by the tuple is freed. / isc_result_t dns_difftuple_copy(dns_difftuple_t orig, dns_difftuple_t *copyp); /%< * Copy a tuple. * * Requires: * \li 'orig' points to a valid tuple \li copyp != NULL && copyp == NULL / void dns_diff_init(isc_mem_t mctx, dns_diff_t diff); /%< * Initialize a diff. * * Requires: * \li 'diff' points to an uninitialized dns_diff_t * \li allocated by the caller. * * Ensures: * \li 'diff' is a valid, empty diff. / void dns_diff_clear(dns_diff_t diff); /%< * Clear a diff, destroying all its tuples. * * Requires: * \li 'diff' points to a valid dns_diff_t. * * Ensures: * \li Any tuples in the diff are destroyed. * The diff now empty, but it is still valid * and may be reused without calling dns_diff_init * again. The only memory used is that of the * dns_diff_t structure itself. * * Notes: * \li Managing the memory of the dns_diff_t structure itself * is the caller's responsibility. / void dns_diff_append(dns_diff_t diff, dns_difftuple_t *tuple); /%< * Append a single tuple to a diff. * \li 'diff' is a valid diff. \li 'tuple' is a valid tuple. * Ensures: \li tuple is NULL. \li The tuple has been freed, or will be freed when the diff is cleared. / void dns_diff_appendminimal(dns_diff_t diff, dns_difftuple_t tuple); /%< * Append 'tuple' to 'diff', removing any duplicate * or conflicting updates as needed to create a minimal diff. * * Requires: \li 'diff' is a minimal diff. * Ensures: \li 'diff' is still a minimal diff. \li tuple is NULL. \li The tuple has been freed, or will be freed when the diff is * cleared. * / isc_result_t dns_diff_sort(dns_diff_t diff, dns_diff_compare_func compare); /%< * Sort 'diff' in-place according to the comparison function 'compare'. / isc_result_t dns_diff_apply(dns_diff_t diff, dns_db_t db, dns_dbversion_t ver); isc_result_t dns_diff_applysilently(dns_diff_t diff, dns_db_t db, dns_dbversion_t ver); /%< * Apply 'diff' to the database 'db'. * * dns_diff_apply() logs warnings about updates with no effect or * with inconsistent TTLs; dns_diff_applysilently() does not. * * For efficiency, the diff should be sorted by owner name. * If it is not sorted, operation will still be correct, * but less efficient. * * Requires: \li diff is a valid diff (possibly empty), containing * tuples of type #DNS_DIFFOP_ADD and/or * For #DNS_DIFFOP_DEL tuples, the TTL is ignored. * / isc_result_t dns_diff_load(dns_diff_t diff, dns_addrdatasetfunc_t addfunc, void add_private); /%< * Like dns_diff_apply, but for use when loading a new database * instead of modifying an existing one. This bypasses the * database transaction mechanisms. * * Requires: \li 'addfunc' is a valid dns_addradatasetfunc_t obtained from dns_db_beginload() * \li 'add_private' points to a corresponding dns_dbload_t * (XXX why is it a void pointer, then?) / isc_result_t dns_diff_print(dns_diff_t diff, FILE file); /%< * Print the differences to 'file' or if 'file' is NULL via the * logging system. * * Require: \li 'diff' to be valid. \li 'file' to refer to a open file or NULL. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li #ISC_R_UNEXPECTED \li any error from dns_rdataset_totext() / ISC_LANG_ENDDECLS #endif / DNS_DIFF_H / ��dns/rdataclass.h��0000644��00000004310�15125204631�0007617 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_RDATACLASS_H #define DNS_RDATACLASS_H 1 /! \file dns/rdataclass.h / #include <isc/lang.h> #include <dns/types.h> ISC_LANG_BEGINDECLS isc_result_t dns_rdataclass_fromtext(dns_rdataclass_t classp, isc_textregion_t source); /%< * Convert the text 'source' refers to into a DNS class. * * Requires: \li 'classp' is a valid pointer. \li 'source' is a valid text region. * Returns: \li #ISC_R_SUCCESS on success \li #DNS_R_UNKNOWN class is unknown / isc_result_t dns_rdataclass_totext(dns_rdataclass_t rdclass, isc_buffer_t target); /%< Put a textual representation of class 'rdclass' into 'target'. * * Requires: \li 'rdclass' is a valid class. \li 'target' is a valid text buffer. * Ensures, * if the result is success: \li The used space in 'target' is updated. * Returns: \li #ISC_R_SUCCESS on success \li #ISC_R_NOSPACE target buffer is too small / isc_result_t dns_rdataclass_tounknowntext(dns_rdataclass_t rdclass, isc_buffer_t target); /%< Put textual RFC3597 CLASSXXXX representation of class 'rdclass' into * 'target'. * * Requires: \li 'rdclass' is a valid class. \li 'target' is a valid text buffer. * Ensures, * if the result is success: \li The used space in 'target' is updated. * Returns: \li #ISC_R_SUCCESS on success \li #ISC_R_NOSPACE target buffer is too small / void dns_rdataclass_format(dns_rdataclass_t rdclass, char array, unsigned int size); /%< Format a human-readable representation of the class 'rdclass' * into the character array 'array', which is of size 'size'. * The resulting string is guaranteed to be null-terminated. / #define DNS_RDATACLASS_FORMATSIZE sizeof("CLASS65535") /%< * Minimum size of array to pass to dns_rdataclass_format(). / ISC_LANG_ENDDECLS #endif / DNS_RDATACLASS_H / ��dns/masterdump.h��0000644��00000023625�15125204631�0007671 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_MASTERDUMP_H #define DNS_MASTERDUMP_H 1 /! \file dns/masterdump.h / / * Imports */ #include <stdio.h> #include <isc/lang.h> #include <dns/types.h> /* * Types / typedef struct dns_master_style dns_master_style_t; / * Definitions **/ / * Flags affecting master file formatting. Flags 0x0000FFFF * define the formatting of the rdata part and are defined in * rdata.h. / /% Omit the owner name when possible. / #define DNS_STYLEFLAG_OMIT_OWNER 0x000010000ULL /% * Omit the TTL when possible. If DNS_STYLEFLAG_TTL is * also set, this means no TTLs are ever printed * because $TTL directives are generated before every * change in the TTL. In this case, no columns need to * be reserved for the TTL. Master files generated with * these options will be rejected by BIND 4.x because it * does not recognize the $TTL directive. * * If DNS_STYLEFLAG_TTL is not also set, the TTL will be * omitted when it is equal to the previous TTL. * This is correct according to RFC1035, but the * TTLs may be silently misinterpreted by older * versions of BIND which use the SOA MINTTL as a * default TTL value. / #define DNS_STYLEFLAG_OMIT_TTL 0x000020000ULL /% Omit the class when possible. / #define DNS_STYLEFLAG_OMIT_CLASS 0x000040000ULL /% Output $TTL directives. / #define DNS_STYLEFLAG_TTL 0x000080000ULL /% * Output $ORIGIN directives and print owner names relative to * the origin when possible. / #define DNS_STYLEFLAG_REL_OWNER 0x000100000ULL /% Print domain names in RR data in relative form when possible. * For this to take effect, DNS_STYLEFLAG_REL_OWNER must also be set. / #define DNS_STYLEFLAG_REL_DATA 0x000200000ULL /% Print the trust level of each rdataset. / #define DNS_STYLEFLAG_TRUST 0x000400000ULL /% Print negative caching entries. / #define DNS_STYLEFLAG_NCACHE 0x000800000ULL /% Never print the TTL. / #define DNS_STYLEFLAG_NO_TTL 0x001000000ULL /% Never print the CLASS. / #define DNS_STYLEFLAG_NO_CLASS 0x002000000ULL /% Report re-signing time. / #define DNS_STYLEFLAG_RESIGN 0x004000000ULL /% Don't printout the cryptographic parts of DNSSEC records. / #define DNS_STYLEFLAG_NOCRYPTO 0x008000000ULL /% Comment out data by prepending with ";" / #define DNS_STYLEFLAG_COMMENTDATA 0x010000000ULL /% Print TTL with human-readable units. / #define DNS_STYLEFLAG_TTL_UNITS 0x020000000ULL /% Indent output. / #define DNS_STYLEFLAG_INDENT 0x040000000ULL /% Output in YAML style. / #define DNS_STYLEFLAG_YAML 0x080000000ULL /% Print ECS cache entries as comments (reserved for future use). / #define DNS_STYLEFLAG_ECSCACHE 0x100000000ULL /% Print expired cache entries. / #define DNS_STYLEFLAG_EXPIRED 0x200000000ULL ISC_LANG_BEGINDECLS / * Constants **/ /% * The default master file style. * * This uses $TTL directives to avoid the need to dedicate a * tab stop for the TTL. The class is only printed for the first * rrset in the file and shares a tab stop with the RR type. / LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_default; /% * A master file style that dumps zones to a very generic format easily * imported/checked with external tools. / LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_full; /% * A master file style that prints explicit TTL values on each * record line, never using $TTL statements. The TTL has a tab * stop of its own, but the class and type share one. / LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_explicitttl; /% * A master style format designed for cache files. It prints explicit TTL * values on each record line and never uses $ORIGIN or relative names. / LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_cache; /% * A master style format designed for cache files. The same as above but * this also prints expired entries. / LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_cache_with_expired; /% * A master style that prints name, ttl, class, type, and value on * every line. Similar to explicitttl above, but more verbose. * Intended for generating master files which can be easily parsed * by perl scripts and similar applications. / LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_simple; /% * The style used for debugging, "dig" output, etc. / LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_debug; /% * Similar to dns_master_style_debug but data is prepended with ";" / LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_comment; /% * Similar to dns_master_style_debug but data is indented with "\t" (tab) / LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_indent; /% * The style used for dumping "key" zones. / LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_keyzone; /% * YAML-compatible output / LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_yaml; / * Functions **/ void dns_dumpctx_attach(dns_dumpctx_t source, dns_dumpctx_t *target); /%< * Attach to a dump context. * * Require: \li 'source' to be valid. \li 'target' to be non NULL and 'target' to be NULL. / void dns_dumpctx_detach(dns_dumpctx_t *dctxp); /%< * Detach from a dump context. * * Require: \li 'dctxp' to point to a valid dump context. * Ensures: \li 'dctxp' is NULL. / void dns_dumpctx_cancel(dns_dumpctx_t dctx); /%< Cancel a in progress dump. * * Require: \li 'dctx' to be valid. / dns_dbversion_t * dns_dumpctx_version(dns_dumpctx_t dctx); /%< * Return the version handle (if any) of the database being dumped. * * Require: \li 'dctx' to be valid. / dns_db_t * dns_dumpctx_db(dns_dumpctx_t dctx); /%< * Return the database being dumped. * * Require: \li 'dctx' to be valid. / /@{/ isc_result_t dns_master_dumptostreamasync(isc_mem_t mctx, dns_db_t db, dns_dbversion_t version, const dns_master_style_t style, FILE f, isc_task_t task, dns_dumpdonefunc_t done, void done_arg, dns_dumpctx_t dctxp); isc_result_t dns_master_dumptostream(isc_mem_t mctx, dns_db_t db, dns_dbversion_t version, const dns_master_style_t style, dns_masterformat_t format, dns_masterrawheader_t header, FILE f); /%< * Dump the database 'db' to the steam 'f' in the specified format by * 'format'. If the format is dns_masterformat_text (the RFC1035 format), * 'style' specifies the file style (e.g., &dns_master_style_default). * * If 'format' is dns_masterformat_raw, then 'header' can contain * information to be written to the file header. * * Temporary dynamic memory may be allocated from 'mctx'. * * Require: \li 'task' to be valid. \li 'done' to be non NULL. \li 'dctxp' to be non NULL && 'dctxp' to be NULL. * * Returns: \li ISC_R_SUCCESS \li ISC_R_NOMEMORY \li Any database or rrset iterator error. \li Any dns_rdata_totext() error code. / /@}/ /@{/ isc_result_t dns_master_dumpasync(isc_mem_t mctx, dns_db_t db, dns_dbversion_t version, const dns_master_style_t style, const char filename, isc_task_t task, dns_dumpdonefunc_t done, void done_arg, dns_dumpctx_t *dctxp, dns_masterformat_t format, dns_masterrawheader_t header); isc_result_t dns_master_dump(isc_mem_t mctx, dns_db_t db, dns_dbversion_t version, const dns_master_style_t style, const char filename, dns_masterformat_t format, dns_masterrawheader_t header); /%< Dump the database 'db' to the file 'filename' in the specified format by * 'format'. If the format is dns_masterformat_text (the RFC1035 format), * 'style' specifies the file style (e.g., &dns_master_style_default). * * If 'format' is dns_masterformat_raw, then 'header' can contain * information to be written to the file header. * * Temporary dynamic memory may be allocated from 'mctx'. * * Returns: \li ISC_R_SUCCESS \li ISC_R_NOMEMORY \li Any database or rrset iterator error. \li Any dns_rdata_totext() error code. / /@}/ isc_result_t dns_master_rdatasettotext(const dns_name_t owner_name, dns_rdataset_t rdataset, const dns_master_style_t style, dns_indent_t indent, isc_buffer_t target); /%< Convert 'rdataset' to text format, storing the result in 'target'. * * Notes: \li The rdata cursor position will be changed. * Requires: \li 'rdataset' is a valid non-question rdataset. \li 'rdataset' is not empty. / isc_result_t dns_master_questiontotext(const dns_name_t owner_name, dns_rdataset_t rdataset, const dns_master_style_t style, isc_buffer_t target); isc_result_t dns_master_dumpnodetostream(isc_mem_t mctx, dns_db_t db, dns_dbversion_t version, dns_dbnode_t node, const dns_name_t name, const dns_master_style_t style, FILE f); isc_result_t dns_master_dumpnode(isc_mem_t mctx, dns_db_t db, dns_dbversion_t version, dns_dbnode_t node, const dns_name_t name, const dns_master_style_t style, const char filename); dns_masterstyle_flags_t dns_master_styleflags(const dns_master_style_t style); isc_result_t dns_master_stylecreate(dns_master_style_t style, dns_masterstyle_flags_t flags, unsigned int ttl_column, unsigned int class_column, unsigned int type_column, unsigned int rdata_column, unsigned int line_length, unsigned int tab_width, unsigned int split_width, isc_mem_t mctx); void dns_master_styledestroy(dns_master_style_t *style, isc_mem_t mctx); ISC_LANG_ENDDECLS #endif /* DNS_MASTERDUMP_H / ��dns/nta.h��0000644��00000011356�15125204631�0006270 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_NTA_H #define DNS_NTA_H 1 /** * Module Info **/ /! \file * \brief * The NTA module provides services for storing and retrieving negative * trust anchors, and determine whether a given domain is subject to * DNSSEC validation. / #include <inttypes.h> #include <stdbool.h> #include <isc/buffer.h> #include <isc/lang.h> #include <isc/magic.h> #include <isc/refcount.h> #include <isc/rwlock.h> #include <isc/stdtime.h> #include <isc/task.h> #include <isc/timer.h> #include <dns/rdataset.h> #include <dns/resolver.h> #include <dns/types.h> #include <dns/view.h> ISC_LANG_BEGINDECLS struct dns_ntatable { / Unlocked. / unsigned int magic; dns_view_t view; isc_rwlock_t rwlock; isc_taskmgr_t taskmgr; isc_timermgr_t timermgr; isc_task_t task; / Protected by atomics / isc_refcount_t references; / Locked by rwlock. / dns_rbt_t table; bool shuttingdown; }; #define NTATABLE_MAGIC ISC_MAGIC('N', 'T', 'A', 't') #define VALID_NTATABLE(nt) ISC_MAGIC_VALID(nt, NTATABLE_MAGIC) isc_result_t dns_ntatable_create(dns_view_t view, isc_taskmgr_t taskmgr, isc_timermgr_t timermgr, dns_ntatable_t ntatablep); /%< * Create an NTA table in view 'view'. * * Requires: * \li 'view' is a valid view. \li 'tmgr' is a valid timer manager. \li ntatablep != NULL && ntatablep == NULL * * Ensures: * \li On success, ntatablep is a valid, empty NTA table. * * Returns: * \li ISC_R_SUCCESS \li Any other result indicates failure. / void dns_ntatable_attach(dns_ntatable_t source, dns_ntatable_t *targetp); /%< * Attach targetp to source. * Requires: * \li 'source' is a valid ntatable. \li 'targetp' points to a NULL dns_ntatable_t . * * Ensures: * \li targetp is attached to source. / void dns_ntatable_detach(dns_ntatable_t ntatablep); /%< * Detach ntatablep from its ntatable. * Requires: * \li 'ntatablep' points to a valid ntatable. * Ensures: * \li ntatablep is NULL. * \li If 'ntatablep' is the last reference to the ntatable, * all resources used by the ntatable will be freed / isc_result_t dns_ntatable_add(dns_ntatable_t ntatable, const dns_name_t name, bool force, isc_stdtime_t now, uint32_t lifetime); /%< * Add a negative trust anchor to 'ntatable' for name 'name', * which will expire at time 'now' + 'lifetime'. If 'force' is true, * then the NTA will persist for the entire specified lifetime. * If it is false, then the name will be queried periodically and * validation will be attempted to see whether it's still bogus; * if validation is successful, the NTA will be allowed to expire * early and validation below the NTA will resume. * * Notes: * \li If an NTA already exists in the table, its expiry time is updated. * * Requires: * \li 'ntatable' points to a valid ntatable. \li 'name' points to a valid name. * Returns: * \li ISC_R_SUCCESS \li Any other result indicates failure. / isc_result_t dns_ntatable_delete(dns_ntatable_t ntatable, const dns_name_t keyname); /%< Delete node(s) from 'ntatable' matching name 'keyname' * * Requires: * \li 'ntatable' points to a valid ntatable. \li 'name' is not NULL * Returns: * \li ISC_R_SUCCESS \li Any other result indicates failure. / bool dns_ntatable_covered(dns_ntatable_t ntatable, isc_stdtime_t now, const dns_name_t name, const dns_name_t anchor); /%< * Return true if 'name' is below a non-expired negative trust * anchor which in turn is at or below 'anchor'. * * If 'ntatable' has not been initialized, return false. * * Requires: * \li 'ntatable' is NULL or is a valid ntatable. \li 'name' is a valid absolute name. / isc_result_t dns_ntatable_totext(dns_ntatable_t ntatable, const char view, isc_buffer_t *buf); /%< * Dump the NTA table to buffer at 'buf', with view names * * Requires: * \li "ntatable" is a valid table. * * \li "buf" is a valid buffer. / isc_result_t dns_ntatable_dump(dns_ntatable_t ntatable, FILE fp); /%< Dump the NTA table to the file opened as 'fp'. / isc_result_t dns_ntatable_save(dns_ntatable_t ntatable, FILE fp); /%< * Save the NTA table to the file opened as 'fp', for later loading. / void dns_ntatable_shutdown(dns_ntatable_t ntatable); /%< Cancel future checks to see if NTAs can be removed. / ISC_LANG_ENDDECLS #endif / DNS_NTA_H / ��dns/events.h��0000644��00000010543�15125204631�0007007 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_EVENTS_H #define DNS_EVENTS_H 1 #include <isc/eventclass.h> /! \file dns/events.h * \brief * Registry of DNS event numbers. / #define DNS_EVENT_FETCHCONTROL (ISC_EVENTCLASS_DNS + 0) #define DNS_EVENT_FETCHDONE (ISC_EVENTCLASS_DNS + 1) #define DNS_EVENT_VIEWRESSHUTDOWN (ISC_EVENTCLASS_DNS + 2) #define DNS_EVENT_VIEWADBSHUTDOWN (ISC_EVENTCLASS_DNS + 3) #define DNS_EVENT_UPDATE (ISC_EVENTCLASS_DNS + 4) #define DNS_EVENT_UPDATEDONE (ISC_EVENTCLASS_DNS + 5) #define DNS_EVENT_DISPATCH (ISC_EVENTCLASS_DNS + 6) #define DNS_EVENT_TCPMSG (ISC_EVENTCLASS_DNS + 7) #define DNS_EVENT_ADBMOREADDRESSES (ISC_EVENTCLASS_DNS + 8) #define DNS_EVENT_ADBNOMOREADDRESSES (ISC_EVENTCLASS_DNS + 9) #define DNS_EVENT_ADBCANCELED (ISC_EVENTCLASS_DNS + 10) #define DNS_EVENT_ADBNAMEDELETED (ISC_EVENTCLASS_DNS + 11) #define DNS_EVENT_ADBSHUTDOWN (ISC_EVENTCLASS_DNS + 12) #define DNS_EVENT_ADBEXPIRED (ISC_EVENTCLASS_DNS + 13) #define DNS_EVENT_ADBCONTROL (ISC_EVENTCLASS_DNS + 14) #define DNS_EVENT_CACHECLEAN (ISC_EVENTCLASS_DNS + 15) #define DNS_EVENT_BYADDRDONE (ISC_EVENTCLASS_DNS + 16) #define DNS_EVENT_ZONECONTROL (ISC_EVENTCLASS_DNS + 17) #define DNS_EVENT_DBDESTROYED (ISC_EVENTCLASS_DNS + 18) #define DNS_EVENT_VALIDATORDONE (ISC_EVENTCLASS_DNS + 19) #define DNS_EVENT_REQUESTDONE (ISC_EVENTCLASS_DNS + 20) #define DNS_EVENT_VALIDATORSTART (ISC_EVENTCLASS_DNS + 21) #define DNS_EVENT_VIEWREQSHUTDOWN (ISC_EVENTCLASS_DNS + 22) #define DNS_EVENT_NOTIFYSENDTOADDR (ISC_EVENTCLASS_DNS + 23) #define DNS_EVENT_ZONE (ISC_EVENTCLASS_DNS + 24) #define DNS_EVENT_ZONESTARTXFRIN (ISC_EVENTCLASS_DNS + 25) #define DNS_EVENT_MASTERQUANTUM (ISC_EVENTCLASS_DNS + 26) #define DNS_EVENT_CACHEOVERMEM (ISC_EVENTCLASS_DNS + 27) #define DNS_EVENT_MASTERNEXTZONE (ISC_EVENTCLASS_DNS + 28) #define DNS_EVENT_IOREADY (ISC_EVENTCLASS_DNS + 29) #define DNS_EVENT_LOOKUPDONE (ISC_EVENTCLASS_DNS + 30) #define DNS_EVENT_RBTDEADNODES (ISC_EVENTCLASS_DNS + 31) #define DNS_EVENT_DISPATCHCONTROL (ISC_EVENTCLASS_DNS + 32) #define DNS_EVENT_REQUESTCONTROL (ISC_EVENTCLASS_DNS + 33) #define DNS_EVENT_DUMPQUANTUM (ISC_EVENTCLASS_DNS + 34) #define DNS_EVENT_IMPORTRECVDONE (ISC_EVENTCLASS_DNS + 35) #define DNS_EVENT_FREESTORAGE (ISC_EVENTCLASS_DNS + 36) #define DNS_EVENT_VIEWACACHESHUTDOWN (ISC_EVENTCLASS_DNS + 37) #define DNS_EVENT_ACACHECONTROL (ISC_EVENTCLASS_DNS + 38) #define DNS_EVENT_ACACHECLEAN (ISC_EVENTCLASS_DNS + 39) #define DNS_EVENT_ACACHEOVERMEM (ISC_EVENTCLASS_DNS + 40) #define DNS_EVENT_RBTPRUNE (ISC_EVENTCLASS_DNS + 41) #define DNS_EVENT_MANAGEKEYS (ISC_EVENTCLASS_DNS + 42) #define DNS_EVENT_CLIENTRESDONE (ISC_EVENTCLASS_DNS + 43) #define DNS_EVENT_CLIENTREQDONE (ISC_EVENTCLASS_DNS + 44) #define DNS_EVENT_ADBGROWENTRIES (ISC_EVENTCLASS_DNS + 45) #define DNS_EVENT_ADBGROWNAMES (ISC_EVENTCLASS_DNS + 46) #define DNS_EVENT_ZONESECURESERIAL (ISC_EVENTCLASS_DNS + 47) #define DNS_EVENT_ZONESECUREDB (ISC_EVENTCLASS_DNS + 48) #define DNS_EVENT_ZONELOAD (ISC_EVENTCLASS_DNS + 49) #define DNS_EVENT_KEYDONE (ISC_EVENTCLASS_DNS + 50) #define DNS_EVENT_SETNSEC3PARAM (ISC_EVENTCLASS_DNS + 51) #define DNS_EVENT_SETSERIAL (ISC_EVENTCLASS_DNS + 52) #define DNS_EVENT_CATZUPDATED (ISC_EVENTCLASS_DNS + 53) #define DNS_EVENT_CATZADDZONE (ISC_EVENTCLASS_DNS + 54) #define DNS_EVENT_CATZMODZONE (ISC_EVENTCLASS_DNS + 55) #define DNS_EVENT_CATZDELZONE (ISC_EVENTCLASS_DNS + 56) #define DNS_EVENT_RPZUPDATED (ISC_EVENTCLASS_DNS + 57) #define DNS_EVENT_STARTUPDATE (ISC_EVENTCLASS_DNS + 58) #define DNS_EVENT_TRYSTALE (ISC_EVENTCLASS_DNS + 59) #define DNS_EVENT_ZONEFLUSH (ISC_EVENTCLASS_DNS + 60) #define DNS_EVENT_CHECKDSSENDTOADDR (ISC_EVENTCLASS_DNS + 61) #define DNS_EVENT_FIRSTEVENT (ISC_EVENTCLASS_DNS + 0) #define DNS_EVENT_LASTEVENT (ISC_EVENTCLASS_DNS + 65535) #endif / DNS_EVENTS_H / ��dns/dbtable.h��0000644��00000006137�15125204631�0007104 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_DBTABLE_H #define DNS_DBTABLE_H 1 /** * Module Info **/ /! \file dns/dbtable.h * \brief * DNS DB Tables * * XXX TBS XXX * * MP: \li The module ensures appropriate synchronization of data structures it creates and manipulates. * * Reliability: \li No anticipated impact. * Resources: \li None. * Security: \li No anticipated impact. * Standards: \li None. / #include <isc/lang.h> #include <dns/types.h> #define DNS_DBTABLEFIND_NOEXACT 0x01 ISC_LANG_BEGINDECLS isc_result_t dns_dbtable_create(isc_mem_t mctx, dns_rdataclass_t rdclass, dns_dbtable_t dbtablep); /%< * Make a new dbtable of class 'rdclass' * * Requires: \li mctx != NULL \li dbtablep != NULL && dptablep == NULL \li 'rdclass' is a valid class * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li #ISC_R_UNEXPECTED / void dns_dbtable_attach(dns_dbtable_t source, dns_dbtable_t targetp); /%< * Attach 'targetp' to 'source'. * Requires: * \li 'source' is a valid dbtable. \li 'targetp' points to a NULL dns_dbtable_t . * * Ensures: * \li targetp is attached to source. / void dns_dbtable_detach(dns_dbtable_t dbtablep); /%< * Detach dbtablep from its dbtable. * Requires: * \li 'dbtablep' points to a valid dbtable. * * Ensures: * \li dbtablep is NULL. * \li If 'dbtablep' is the last reference to the dbtable, * all resources used by the dbtable will be freed / isc_result_t dns_dbtable_add(dns_dbtable_t dbtable, dns_db_t db); /%< * Add 'db' to 'dbtable'. * * Requires: \li 'dbtable' is a valid dbtable. \li 'db' is a valid database with the same class as 'dbtable' / void dns_dbtable_remove(dns_dbtable_t dbtable, dns_db_t db); /%< Remove 'db' from 'dbtable'. * * Requires: \li 'db' was previously added to 'dbtable'. / void dns_dbtable_adddefault(dns_dbtable_t dbtable, dns_db_t db); /%< Use 'db' as the result of a dns_dbtable_find() if no better match is * available. / void dns_dbtable_getdefault(dns_dbtable_t dbtable, dns_db_t *db); /%< * Get the 'db' used as the result of a dns_dbtable_find() * if no better match is available. / void dns_dbtable_removedefault(dns_dbtable_t dbtable); /%< Remove the default db from 'dbtable'. / isc_result_t dns_dbtable_find(dns_dbtable_t dbtable, const dns_name_t name, unsigned int options, dns_db_t dbp); /%< * Find the deepest match to 'name' in the dbtable, and return it * * Notes: \li If the DNS_DBTABLEFIND_NOEXACT option is set, the best partial match (if any) to 'name' will be returned. * * Returns: * \li #ISC_R_SUCCESS on success \li something else: no default and match / ISC_LANG_ENDDECLS #endif /* DNS_DBTABLE_H / ��dns/sdlz.h��0000644��00000033412�15125204631�0006457 0��ustar�00��/ * Portions Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / * Copyright (C) 2002 Stichting NLnet, Netherlands, stichting@nlnet.nl. * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the * above copyright notice and this permission notice appear in all * copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND STICHTING NLNET * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL * STICHTING NLNET BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS * OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE * USE OR PERFORMANCE OF THIS SOFTWARE. * * The development of Dynamically Loadable Zones (DLZ) for Bind 9 was * conceived and contributed by Rob Butler. * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the * above copyright notice and this permission notice appear in all * copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND ROB BUTLER * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL * ROB BUTLER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS * OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE * USE OR PERFORMANCE OF THIS SOFTWARE. / /! \file dns/sdlz.h / #ifndef SDLZ_H #define SDLZ_H 1 #include <inttypes.h> #include <stdbool.h> #include <dns/clientinfo.h> #include <dns/dlz.h> ISC_LANG_BEGINDECLS #define DNS_SDLZFLAG_THREADSAFE 0x00000001U #define DNS_SDLZFLAG_RELATIVEOWNER 0x00000002U #define DNS_SDLZFLAG_RELATIVERDATA 0x00000004U / A simple DLZ database. / typedef struct dns_sdlz_db dns_sdlz_db_t; / A simple DLZ database lookup in progress. / typedef struct dns_sdlzlookup dns_sdlzlookup_t; / A simple DLZ database traversal in progress. / typedef struct dns_sdlzallnodes dns_sdlzallnodes_t; typedef isc_result_t (dns_sdlzallnodesfunc_t)(const char zone, void driverarg, void dbdata, dns_sdlzallnodes_t allnodes); /%< Method prototype. Drivers implementing the SDLZ interface may * supply an all nodes method. This method is called when the DNS * server is performing a zone transfer query, after the allow zone * transfer method has been called. This method is only called if the * allow zone transfer method returned ISC_R_SUCCESS. This method and * the allow zone transfer method are both required for zone transfers * to be supported. If the driver generates data dynamically (instead * of searching in a database for it) it should not implement this * function as a zone transfer would be meaningless. A SDLZ driver * does not have to implement an all nodes method. / typedef isc_result_t (dns_sdlzallowzonexfr_t)(void driverarg, void dbdata, const char name, const char client); /%< Method prototype. Drivers implementing the SDLZ interface may * supply an allow zone transfer method. This method is called when * the DNS server is performing a zone transfer query, before the all * nodes method can be called. This method and the all node method * are both required for zone transfers to be supported. If the * driver generates data dynamically (instead of searching in a * database for it) it should not implement this function as a zone * transfer would be meaningless. A SDLZ driver does not have to * implement an allow zone transfer method. * * This method should return ISC_R_SUCCESS if the zone is supported by * the database and a zone transfer is allowed for the specified * client. If the zone is supported by the database, but zone * transfers are not allowed for the specified client this method * should return ISC_R_NOPERM.. Lastly the method should return * ISC_R_NOTFOUND if the zone is not supported by the database. If an * error occurs it should return a result code indicating the type of * error. / typedef isc_result_t (dns_sdlzauthorityfunc_t)(const char zone, void driverarg, void dbdata, dns_sdlzlookup_t lookup); /%< Method prototype. Drivers implementing the SDLZ interface may * supply an authority method. This method is called when the DNS * server is performing a query, after both the find zone and lookup * methods have been called. This method is required if the lookup * function does not supply authority information for the dns * record. A SDLZ driver does not have to implement an authority * method. / typedef isc_result_t (dns_sdlzcreate_t)(const char dlzname, unsigned int argc, char argv[], void driverarg, void dbdata); /%< * Method prototype. Drivers implementing the SDLZ interface may * supply a create method. This method is called when the DNS server * is starting up and creating drivers for use later. A SDLZ driver * does not have to implement a create method. / typedef void (dns_sdlzdestroy_t)(void driverarg, void dbdata); /%< Method prototype. Drivers implementing the SDLZ interface may * supply a destroy method. This method is called when the DNS server * is shutting down and no longer needs the driver. A SDLZ driver does * not have to implement a destroy method. / typedef isc_result_t (dns_sdlzfindzone_t)(void driverarg, void dbdata, const char name, dns_clientinfomethods_t methods, dns_clientinfo_t clientinfo); /%< * Method prototype. Drivers implementing the SDLZ interface MUST * supply a find zone method. This method is called when the DNS * server is performing a query to to determine if 'name' is a * supported dns zone. The find zone method will be called with the * longest possible name first, and continue to be called with * successively shorter domain names, until any of the following * occur: * * \li 1) the function returns (ISC_R_SUCCESS) indicating a zone name * match. * * \li 2) a problem occurs, and the functions returns anything other than * (ISC_R_NOTFOUND) * * \li 3) we run out of domain name labels. I.E. we have tried the * shortest domain name * * \li 4) the number of labels in the domain name is less than min_labels * for dns_dlzfindzone * * The driver's find zone method should return ISC_R_SUCCESS if the * zone is supported by the database. Otherwise it should return * ISC_R_NOTFOUND, if the zone is not supported. If an error occurs * it should return a result code indicating the type of error. / typedef isc_result_t (dns_sdlzlookupfunc_t)(const char zone, const char name, void driverarg, void dbdata, dns_sdlzlookup_t lookup, dns_clientinfomethods_t methods, dns_clientinfo_t clientinfo); /%< * Method prototype. Drivers implementing the SDLZ interface MUST * supply a lookup method. This method is called when the * DNS server is performing a query, after the find zone and before any * other methods have been called. This function returns DNS record * information using the dns_sdlz_putrr and dns_sdlz_putsoa functions. * If this function supplies authority information for the DNS record * the authority method is not required. If it does not, the * authority function is required. * * The 'methods' and 'clientinfo' args allow an SDLZ driver to retrieve * information about the querying client (such as source IP address) * from the caller. / typedef isc_result_t (dns_sdlznewversion_t)(const char zone, void driverarg, void dbdata, void versionp); /%< * Method prototype. Drivers implementing the SDLZ interface may * supply a newversion method. This method is called to start a * write transaction on a zone and should only be implemented by * writeable backends. * When implemented, the driver should create a new transaction, and * fill versionp with a pointer to the transaction state. The closeversion function will be called to close the transaction. / typedef void (dns_sdlzcloseversion_t)(const char zone, bool commit, void driverarg, void dbdata, void versionp); /%< * Method prototype. Drivers implementing the SDLZ interface must * supply a closeversion method if they supply a newversion method. * When implemented, the driver should close the given transaction, * committing changes if 'commit' is true. If 'commit' is not true * then all changes should be discarded and the database rolled back. * If the call is successful then versionp should be set to NULL / typedef isc_result_t (dns_sdlzconfigure_t)(dns_view_t view, dns_dlzdb_t dlzdb, void driverarg, void dbdata); /%< * Method prototype. Drivers implementing the SDLZ interface may * supply a configure method. When supplied, it will be called * immediately after the create method to give the driver a chance * to configure writeable zones / typedef bool (dns_sdlzssumatch_t)(const char signer, const char name, const char tcpaddr, const char type, const char key, uint32_t keydatalen, unsigned char keydata, void driverarg, void dbdata); /%< Method prototype. Drivers implementing the SDLZ interface may * supply a ssumatch method. If supplied, then ssumatch will be * called to authorize any zone updates. The driver should return * true to allow the update, and false to deny it. For a DLZ * controlled zone, this is the only access control on updates. / typedef isc_result_t (dns_sdlzmodrdataset_t)(const char name, const char rdatastr, void driverarg, void dbdata, void version); /%< * Method prototype. Drivers implementing the SDLZ interface may * supply addrdataset and subtractrdataset methods. If supplied, then these * will be called when rdatasets are added/subtracted during * updates. The version parameter comes from a call to the sdlz * newversion() method from the driver. The rdataset parameter is a * linearise string representation of the rdataset change. The format * is the same as used by dig when displaying records. The fields are * tab delimited. / typedef isc_result_t (dns_sdlzdelrdataset_t)(const char name, const char type, void driverarg, void dbdata, void version); /%< * Method prototype. Drivers implementing the SDLZ interface may * supply a delrdataset method. If supplied, then this * function will be called when rdatasets are deleted during * updates. The call should remove all rdatasets of the given type for * the specified name. / typedef struct dns_sdlzmethods { dns_sdlzcreate_t create; dns_sdlzdestroy_t destroy; dns_sdlzfindzone_t findzone; dns_sdlzlookupfunc_t lookup; dns_sdlzauthorityfunc_t authority; dns_sdlzallnodesfunc_t allnodes; dns_sdlzallowzonexfr_t allowzonexfr; dns_sdlznewversion_t newversion; dns_sdlzcloseversion_t closeversion; dns_sdlzconfigure_t configure; dns_sdlzssumatch_t ssumatch; dns_sdlzmodrdataset_t addrdataset; dns_sdlzmodrdataset_t subtractrdataset; dns_sdlzdelrdataset_t delrdataset; } dns_sdlzmethods_t; isc_result_t dns_sdlzregister(const char drivername, const dns_sdlzmethods_t methods, void driverarg, unsigned int flags, isc_mem_t mctx, dns_sdlzimplementation_t sdlzimp); /%< * Register a dynamically loadable zones (dlz) driver for the database * type 'drivername', implemented by the functions in 'methods'. * sdlzimp must point to a NULL dns_sdlzimplementation_t pointer. * That is, sdlzimp != NULL && sdlzimp == NULL. It will be assigned a value that will later be used to identify the driver when * deregistering it. / void dns_sdlzunregister(dns_sdlzimplementation_t sdlzimp); /%< * Removes the sdlz driver from the list of registered sdlz drivers. * There must be no active sdlz drivers of this type when this * function is called. / typedef isc_result_t dns_sdlz_putnamedrr_t(dns_sdlzallnodes_t allnodes, const char name, const char type, dns_ttl_t ttl, const char data); dns_sdlz_putnamedrr_t dns_sdlz_putnamedrr; /%< * Add a single resource record to the allnodes structure to be later * parsed into a zone transfer response. / typedef isc_result_t dns_sdlz_putrr_t(dns_sdlzlookup_t lookup, const char type, dns_ttl_t ttl, const char data); dns_sdlz_putrr_t dns_sdlz_putrr; /%< Add a single resource record to the lookup structure to be later * parsed into a query response. / typedef isc_result_t dns_sdlz_putsoa_t(dns_sdlzlookup_t lookup, const char mname, const char rname, uint32_t serial); dns_sdlz_putsoa_t dns_sdlz_putsoa; /%< This function may optionally be called from the 'authority' * callback to simplify construction of the SOA record for 'zone'. It * will provide a SOA listing 'mname' as as the master server and * 'rname' as the responsible person mailbox. It is the * responsibility of the driver to increment the serial number between * responses if necessary. All other SOA fields will have reasonable * default values. / typedef isc_result_t dns_sdlz_setdb_t(dns_dlzdb_t dlzdatabase, dns_rdataclass_t rdclass, const dns_name_t name, dns_db_t dbp); dns_sdlz_setdb_t dns_sdlz_setdb; /%< * Create the database pointers for a writeable SDLZ zone / ISC_LANG_ENDDECLS #endif / SDLZ_H / ��dns/tsig.h��0000644��00000020461�15125204631�0006451 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_TSIG_H #define DNS_TSIG_H 1 /! \file dns/tsig.h / #include <stdbool.h> #include <isc/lang.h> #include <isc/refcount.h> #include <isc/rwlock.h> #include <isc/stdio.h> #include <isc/stdtime.h> #include <dns/name.h> #include <dns/types.h> #include <dst/dst.h> #include <pk11/site.h> / * Algorithms. / LIBDNS_EXTERNAL_DATA extern const dns_name_t dns_tsig_hmacmd5_name; #define DNS_TSIG_HMACMD5_NAME dns_tsig_hmacmd5_name LIBDNS_EXTERNAL_DATA extern const dns_name_t dns_tsig_gssapi_name; #define DNS_TSIG_GSSAPI_NAME dns_tsig_gssapi_name LIBDNS_EXTERNAL_DATA extern const dns_name_t dns_tsig_gssapims_name; #define DNS_TSIG_GSSAPIMS_NAME dns_tsig_gssapims_name LIBDNS_EXTERNAL_DATA extern const dns_name_t dns_tsig_hmacsha1_name; #define DNS_TSIG_HMACSHA1_NAME dns_tsig_hmacsha1_name LIBDNS_EXTERNAL_DATA extern const dns_name_t dns_tsig_hmacsha224_name; #define DNS_TSIG_HMACSHA224_NAME dns_tsig_hmacsha224_name LIBDNS_EXTERNAL_DATA extern const dns_name_t dns_tsig_hmacsha256_name; #define DNS_TSIG_HMACSHA256_NAME dns_tsig_hmacsha256_name LIBDNS_EXTERNAL_DATA extern const dns_name_t dns_tsig_hmacsha384_name; #define DNS_TSIG_HMACSHA384_NAME dns_tsig_hmacsha384_name LIBDNS_EXTERNAL_DATA extern const dns_name_t dns_tsig_hmacsha512_name; #define DNS_TSIG_HMACSHA512_NAME dns_tsig_hmacsha512_name /% * Default fudge value. / #define DNS_TSIG_FUDGE 300 struct dns_tsig_keyring { dns_rbt_t keys; unsigned int writecount; isc_rwlock_t lock; isc_mem_t mctx; / * LRU list of generated key along with a count of the keys on the * list and a maximum size. / unsigned int generated; unsigned int maxgenerated; ISC_LIST(dns_tsigkey_t) lru; isc_refcount_t references; }; struct dns_tsigkey { / Unlocked / unsigned int magic; /%< Magic number. / isc_mem_t mctx; dst_key_t key; /%< Key / dns_name_t name; /%< Key name / const dns_name_t algorithm; /%< Algorithm name / dns_name_t creator; /%< name that created secret / bool generated; /%< was this generated? / isc_stdtime_t inception; /%< start of validity period / isc_stdtime_t expire; /%< end of validity period / dns_tsig_keyring_t ring; /%< the enclosing keyring / isc_refcount_t refs; /%< reference counter / ISC_LINK(dns_tsigkey_t) link; }; ISC_LANG_BEGINDECLS const dns_name_t * dns_tsigkey_identity(const dns_tsigkey_t tsigkey); /%< * Returns the identity of the provided TSIG key. * * Requires: \li 'tsigkey' is a valid TSIG key or NULL * Returns: \li NULL if 'tsigkey' was NULL \li identity of the provided TSIG key / isc_result_t dns_tsigkey_create(const dns_name_t name, const dns_name_t algorithm, unsigned char secret, int length, bool generated, const dns_name_t creator, isc_stdtime_t inception, isc_stdtime_t expire, isc_mem_t mctx, dns_tsig_keyring_t ring, dns_tsigkey_t key); isc_result_t dns_tsigkey_createfromkey(const dns_name_t name, const dns_name_t algorithm, dst_key_t dstkey, bool generated, const dns_name_t creator, isc_stdtime_t inception, isc_stdtime_t expire, isc_mem_t mctx, dns_tsig_keyring_t ring, dns_tsigkey_t key); /%< * Creates a tsig key structure and saves it in the keyring. If key is * not NULL, key will contain a copy of the key. The keys validity period is specified by (inception, expire), and will not expire if * inception == expire. If the key was generated, the creating identity, * if there is one, should be in the creator parameter. Specifying an * unimplemented algorithm will cause failure only if dstkey != NULL; this * allows a transient key with an invalid algorithm to exist long enough * to generate a BADKEY response. * * If dns_tsigkey_createfromkey is successful a new reference to 'dstkey' * will have been made. * * Requires: \li 'name' is a valid dns_name_t \li 'algorithm' is a valid dns_name_t \li 'secret' is a valid pointer \li 'length' is an integer >= 0 \li 'dstkey' is a valid dst key or NULL \li 'creator' points to a valid dns_name_t or is NULL \li 'mctx' is a valid memory context \li 'ring' is a valid TSIG keyring or NULL \li 'key' or 'key' must be NULL * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_EXISTS - a key with this name already exists \li #ISC_R_NOTIMPLEMENTED - algorithm is not implemented \li #ISC_R_NOMEMORY / void dns_tsigkey_attach(dns_tsigkey_t source, dns_tsigkey_t *targetp); /%< * Attach 'targetp' to 'source'. * Requires: \li 'key' is a valid TSIG key * Ensures: \li targetp is attached to source. / void dns_tsigkey_detach(dns_tsigkey_t keyp); /%< * Detaches from the tsig key structure pointed to by 'key'. * Requires: \li 'keyp' is not NULL and 'keyp' is a valid TSIG key * * Ensures: \li 'keyp' points to NULL / void dns_tsigkey_setdeleted(dns_tsigkey_t key); /%< * Prevents this key from being used again. It will be deleted when * no references exist. * * Requires: \li 'key' is a valid TSIG key on a keyring / isc_result_t dns_tsig_sign(dns_message_t msg); /%< * Generates a TSIG record for this message * * Requires: \li 'msg' is a valid message \li 'msg->tsigkey' is a valid TSIG key \li 'msg->tsig' is NULL * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li #ISC_R_NOSPACE \li #DNS_R_EXPECTEDTSIG * - this is a response & msg->querytsig is NULL / isc_result_t dns_tsig_verify(isc_buffer_t source, dns_message_t msg, dns_tsig_keyring_t ring1, dns_tsig_keyring_t ring2); /%< * Verifies the TSIG record in this message * * Requires: \li 'source' is a valid buffer containing the unparsed message \li 'msg' is a valid message \li 'msg->tsigkey' is a valid TSIG key if this is a response \li 'msg->tsig' is NULL \li 'msg->querytsig' is not NULL if this is a response \li 'ring1' and 'ring2' are each either a valid keyring or NULL * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li #DNS_R_EXPECTEDTSIG - A TSIG was expected but not seen \li #DNS_R_UNEXPECTEDTSIG - A TSIG was seen but not expected \li #DNS_R_TSIGERRORSET - the TSIG verified but ->error was set and this is a query \li #DNS_R_CLOCKSKEW - the TSIG failed to verify because of the time was out of the allowed range. \li #DNS_R_TSIGVERIFYFAILURE - the TSIG failed to verify \li #DNS_R_EXPECTEDRESPONSE - the message was set over TCP and * should have been a response, * but was not. / isc_result_t dns_tsigkey_find(dns_tsigkey_t tsigkey, const dns_name_t name, const dns_name_t algorithm, dns_tsig_keyring_t ring); /%< Returns the TSIG key corresponding to this name and (possibly) * algorithm. Also increments the key's reference counter. * * Requires: \li 'tsigkey' is not NULL \li 'tsigkey' is NULL \li 'name' is a valid dns_name_t \li 'algorithm' is a valid dns_name_t or NULL \li 'ring' is a valid keyring * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOTFOUND / isc_result_t dns_tsigkeyring_create(isc_mem_t mctx, dns_tsig_keyring_t *ringp); /%< * Create an empty TSIG key ring. * * Requires: \li 'mctx' is not NULL \li 'ringp' is not NULL, and 'ringp' is NULL * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY / isc_result_t dns_tsigkeyring_add(dns_tsig_keyring_t ring, const dns_name_t name, dns_tsigkey_t tkey); /%< Place a TSIG key onto a key ring. * * Requires: \li 'ring', 'name' and 'tkey' are not NULL * Returns: \li #ISC_R_SUCCESS \li Any other value indicates failure. / void dns_tsigkeyring_attach(dns_tsig_keyring_t source, dns_tsig_keyring_t target); void dns_tsigkeyring_detach(dns_tsig_keyring_t ringp); isc_result_t dns_tsigkeyring_dumpanddetach(dns_tsig_keyring_t *ringp, FILE fp); /%< Destroy a TSIG key ring. * * Requires: \li 'ringp' is not NULL / void dns_keyring_restore(dns_tsig_keyring_t ring, FILE fp); ISC_LANG_ENDDECLS #endif /* DNS_TSIG_H / ��dns/master.h��0000644��00000021122�15125204631�0006771 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_MASTER_H #define DNS_MASTER_H 1 /! \file dns/master.h / / * Imports **/ #include <inttypes.h> #include <stdio.h> #include <isc/lang.h> #include <dns/types.h> / * Flags to be passed in the 'options' argument in the functions below. / #define DNS_MASTER_AGETTL 0x00000001 /%< Age the ttl based on $DATE. / #define DNS_MASTER_MANYERRORS \ 0x00000002 /%< Continue processing on errors. \ / #define DNS_MASTER_NOINCLUDE 0x00000004 /%< Disallow $INCLUDE directives. / #define DNS_MASTER_ZONE 0x00000008 /%< Loading a zone master file. / #define DNS_MASTER_HINT 0x00000010 /%< Loading a hint master file. / #define DNS_MASTER_SLAVE 0x00000020 /%< Loading a slave master file. / #define DNS_MASTER_CHECKNS \ 0x00000040 /%< \ * Check NS records to see \ * if they are an address \ / #define DNS_MASTER_FATALNS \ 0x00000080 /%< \ * Treat DNS_MASTER_CHECKNS \ * matches as fatal \ / #define DNS_MASTER_CHECKNAMES 0x00000100 #define DNS_MASTER_CHECKNAMESFAIL 0x00000200 #define DNS_MASTER_CHECKWILDCARD \ 0x00000400 / Check for internal wildcards. \ / #define DNS_MASTER_CHECKMX 0x00000800 #define DNS_MASTER_CHECKMXFAIL 0x00001000 #define DNS_MASTER_RESIGN 0x00002000 #define DNS_MASTER_KEY 0x00004000 /%< Loading a key zone master file. / #define DNS_MASTER_NOTTL 0x00008000 /%< Don't require ttl. / #define DNS_MASTER_CHECKTTL 0x00010000 /%< Check max-zone-ttl / ISC_LANG_BEGINDECLS / * Structures that implement the "raw" format for master dump. * These are provided for a reference purpose only; in the actual * encoding, we directly read/write each field so that the encoded data * is always "packed", regardless of the hardware architecture. / #define DNS_RAWFORMAT_VERSION 1 / * Flags to indicate the status of the data in the raw file header / #define DNS_MASTERRAW_COMPAT 0x01 #define DNS_MASTERRAW_SOURCESERIALSET 0x02 #define DNS_MASTERRAW_LASTXFRINSET 0x04 / Common header / struct dns_masterrawheader { uint32_t format; / must be * dns_masterformat_raw * or * dns_masterformat_map / uint32_t version; / compatibility for future * extensions / uint32_t dumptime; / timestamp on creation * (currently unused) / uint32_t flags; / Flags / uint32_t sourceserial; / Source serial number (used * by inline-signing zones) / uint32_t lastxfrin; / timestamp of last transfer * (used by slave zones) / }; / The structure for each RRset / typedef struct { uint32_t totallen; / length of the data for this * RRset, including the * "header" part / dns_rdataclass_t rdclass; / 16-bit class / dns_rdatatype_t type; / 16-bit type / dns_rdatatype_t covers; / same as type / dns_ttl_t ttl; / 32-bit TTL / uint32_t nrdata; / number of RRs in this set / / followed by encoded owner name, and then rdata / } dns_masterrawrdataset_t; / * Method prototype: a callback to register each include file as * it is encountered. / typedef void (dns_masterincludecb_t)(const char file, void arg); /* * Function **/ isc_result_t dns_master_loadfile(const char master_file, dns_name_t top, dns_name_t origin, dns_rdataclass_t zclass, unsigned int options, uint32_t resign, dns_rdatacallbacks_t callbacks, dns_masterincludecb_t include_cb, void include_arg, isc_mem_t mctx, dns_masterformat_t format, dns_ttl_t maxttl); isc_result_t dns_master_loadstream(FILE stream, dns_name_t top, dns_name_t origin, dns_rdataclass_t zclass, unsigned int options, dns_rdatacallbacks_t callbacks, isc_mem_t mctx); isc_result_t dns_master_loadbuffer(isc_buffer_t buffer, dns_name_t top, dns_name_t origin, dns_rdataclass_t zclass, unsigned int options, dns_rdatacallbacks_t callbacks, isc_mem_t mctx); isc_result_t dns_master_loadlexer(isc_lex_t lex, dns_name_t top, dns_name_t origin, dns_rdataclass_t zclass, unsigned int options, dns_rdatacallbacks_t callbacks, isc_mem_t mctx); isc_result_t dns_master_loadfileinc(const char master_file, dns_name_t top, dns_name_t origin, dns_rdataclass_t zclass, unsigned int options, uint32_t resign, dns_rdatacallbacks_t callbacks, isc_task_t task, dns_loaddonefunc_t done, void done_arg, dns_loadctx_t *ctxp, dns_masterincludecb_t include_cb, void include_arg, isc_mem_t mctx, dns_masterformat_t format, uint32_t maxttl); isc_result_t dns_master_loadstreaminc(FILE stream, dns_name_t top, dns_name_t origin, dns_rdataclass_t zclass, unsigned int options, dns_rdatacallbacks_t callbacks, isc_task_t task, dns_loaddonefunc_t done, void done_arg, dns_loadctx_t ctxp, isc_mem_t mctx); isc_result_t dns_master_loadbufferinc(isc_buffer_t buffer, dns_name_t top, dns_name_t origin, dns_rdataclass_t zclass, unsigned int options, dns_rdatacallbacks_t callbacks, isc_task_t task, dns_loaddonefunc_t done, void done_arg, dns_loadctx_t *ctxp, isc_mem_t mctx); isc_result_t dns_master_loadlexerinc(isc_lex_t lex, dns_name_t top, dns_name_t origin, dns_rdataclass_t zclass, unsigned int options, dns_rdatacallbacks_t callbacks, isc_task_t task, dns_loaddonefunc_t done, void done_arg, dns_loadctx_t *ctxp, isc_mem_t mctx); /%< Loads a RFC1305 master file from a file, stream, buffer, or existing * lexer into rdatasets and then calls 'callbacks->commit' to commit the * rdatasets. Rdata memory belongs to dns_master_load and will be * reused / released when the callback completes. dns_load_master will * abort if callbacks->commit returns any value other than ISC_R_SUCCESS. * * If 'DNS_MASTER_AGETTL' is set and the master file contains one or more * $DATE directives, the TTLs of the data will be aged accordingly. * * 'callbacks->commit' is assumed to call 'callbacks->error' or * 'callbacks->warn' to generate any error messages required. * * 'done' is called with 'done_arg' and a result code when the loading * is completed or has failed. If the initial setup fails 'done' is * not called. * * 'resign' the number of seconds before a RRSIG expires that it should * be re-signed. 0 is used if not provided. * * Requires: \li 'master_file' points to a valid string. \li 'lexer' points to a valid lexer. \li 'top' points to a valid name. \li 'origin' points to a valid name. \li 'callbacks->commit' points to a valid function. \li 'callbacks->error' points to a valid function. \li 'callbacks->warn' points to a valid function. \li 'mctx' points to a valid memory context. \li 'task' and 'done' to be valid. \li 'lmgr' to be valid. \li 'ctxp != NULL && ctxp == NULL'. * Returns: \li ISC_R_SUCCESS upon successfully loading the master file. \li ISC_R_SEENINCLUDE upon successfully loading the master file with * a $INCLUDE statement. \li ISC_R_NOMEMORY out of memory. \li ISC_R_UNEXPECTEDEND expected to be able to read a input token and * there was not one. \li ISC_R_UNEXPECTED \li DNS_R_NOOWNER failed to specify a ownername. \li DNS_R_NOTTL failed to specify a ttl. \li DNS_R_BADCLASS record class did not match zone class. \li DNS_R_CONTINUE load still in progress (dns_master_loadinc() only). \li Any dns_rdata_fromtext() error code. \li Any error code from callbacks->commit(). / void dns_loadctx_detach(dns_loadctx_t ctxp); /%< * Detach from the load context. * * Requires: \li 'ctxp' to be valid. * * Ensures: \li 'ctxp == NULL' / void dns_loadctx_attach(dns_loadctx_t source, dns_loadctx_t *target); /%< * Attach to the load context. * * Requires: \li 'source' to be valid. \li 'target != NULL && target == NULL'. / void dns_loadctx_cancel(dns_loadctx_t ctx); /%< * Cancel loading the zone file associated with this load context. * * Requires: \li 'ctx' to be valid / void dns_master_initrawheader(dns_masterrawheader_t header); /%< * Initializes the header for a raw master file, setting all * values to zero. / ISC_LANG_ENDDECLS #endif / DNS_MASTER_H / ��dns/librpz.h��0000644��00000075251�15125204631�0007014 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / * Define the interface from a DNS resolver to the Response Policy Zone * library, librpz. * * This file should be included only the interface functions between the * resolver and librpz to avoid name space pollution. * * Copyright (c) 2016-2017 Farsight Security, Inc. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * * version 1.2.12 / #ifndef LIBRPZ_H #define LIBRPZ_H #include <inttypes.h> #include <stdarg.h> #include <stdbool.h> #include <stdio.h> #include <arpa/nameser.h> #include <netinet/in.h> #include <sys/types.h> / * Allow either ordinary or dlopen() linking. / #ifdef LIBRPZ_INTERNAL #define LIBDEF(t, s) extern t s; #define LIBDEF_F(f) LIBDEF(librpz_##f##_t, librpz_##f) #else / ifdef LIBRPZ_INTERNAL / #define LIBDEF(t, s) #define LIBDEF_F(f) #endif / ifdef LIBRPZ_INTERNAL / / * Response Policy Zone triggers. * Comparisons of trigger precedences require * LIBRPZ_TRIG_CLIENT_IP < LIBRPZ_TRIG_QNAME < LIBRPZ_TRIG_IP * < LIBRPZ_TRIG_NSDNAME < LIBRPZ_TRIG_NSIP} / typedef enum { LIBRPZ_TRIG_BAD = 0, LIBRPZ_TRIG_CLIENT_IP = 1, LIBRPZ_TRIG_QNAME = 2, LIBRPZ_TRIG_IP = 3, LIBRPZ_TRIG_NSDNAME = 4, LIBRPZ_TRIG_NSIP = 5 } librpz_trig_t; #define LIBRPZ_TRIG_SIZE 3 / sizeof librpz_trig_t in bits / typedef uint8_t librpz_tbit_t; / one bit for each of the TRIGS_NUM * trigger types / / * Response Policy Zone Actions or policies / typedef enum { LIBRPZ_POLICY_UNDEFINED = 0, / an empty entry or no decision yet / LIBRPZ_POLICY_DELETED = 1, / placeholder for a deleted policy / LIBRPZ_POLICY_PASSTHRU = 2, / 'passthru': do not rewrite / LIBRPZ_POLICY_DROP = 3, / 'drop': do not respond / LIBRPZ_POLICY_TCP_ONLY = 4, / 'tcp-only': answer UDP with TC=1 / LIBRPZ_POLICY_NXDOMAIN = 5, / 'nxdomain': answer with NXDOMAIN / LIBRPZ_POLICY_NODATA = 6, / 'nodata': answer with ANCOUNT=0 / LIBRPZ_POLICY_RECORD = 7, / rewrite with the policy's RR / / only in client configurations to override the zone / LIBRPZ_POLICY_GIVEN, / 'given': what policy record says / LIBRPZ_POLICY_DISABLED, / at most log / LIBRPZ_POLICY_CNAME, / answer with 'cname x' / } librpz_policy_t; #define LIBRPZ_POLICY_BITS 4 / * Special policies that appear as targets of CNAMEs * NXDOMAIN is signaled by a CNAME with a "." target. * NODATA is signaled by a CNAME with a "." target. / #define LIBRPZ_RPZ_PREFIX "rpz-" #define LIBRPZ_RPZ_PASSTHRU LIBRPZ_RPZ_PREFIX "passthru" #define LIBRPZ_RPZ_DROP LIBRPZ_RPZ_PREFIX "drop" #define LIBRPZ_RPZ_TCP_ONLY LIBRPZ_RPZ_PREFIX "tcp-only" typedef uint16_t librpz_dznum_t; /* dnsrpzd zone # in [0,DZNUM_MAX] / typedef uint8_t librpz_cznum_t; / client zone # in [0,CZNUM_MAX] / / * CIDR block / typedef struct librpz_prefix { union { struct in_addr in; struct in6_addr in6; } addr; uint8_t family; uint8_t len; } librpz_prefix_t; / * A domain / typedef uint8_t librpz_dsize_t; typedef struct librpz_domain { librpz_dsize_t size; / of only .d / uint8_t d[0]; / variable length wire format / } librpz_domain_t; / * A maximal domain buffer / typedef struct librpz_domain_buf { librpz_dsize_t size; uint8_t d[NS_MAXCDNAME]; } librpz_domain_buf_t; / * A resource record without the owner name. * C compilers say that sizeof(librpz_rr_t)=12 instead of 10. / typedef struct { uint16_t type; / network byte order / uint16_t class; / network byte order / uint32_t ttl; / network byte order / uint16_t rdlength; / network byte order / uint8_t rdata[0]; / variable length / } librpz_rr_t; / * The database file might be mapped with different starting addresses * by concurrent clients (resolvers), and so all pointers are offsets. / typedef uint32_t librpz_idx_t; #define LIBRPZ_IDX_NULL 0 #define LIBRPZ_IDX_MIN 1 #define LIBRPZ_IDX_BAD ((librpz_idx_t)-1) /* * Partial decoded results of a set of RPZ queries for a single DNS response * or iteration through the mapped file. / typedef int16_t librpz_result_id_t; typedef struct librpz_result { librpz_idx_t next_rr; librpz_result_id_t hit_id; / trigger ID from resolver / librpz_policy_t zpolicy; / policy from zone / librpz_policy_t policy; / adjusted by client configuration / librpz_dznum_t dznum; / dnsrpzd zone number / librpz_cznum_t cznum; / librpz client zone number / librpz_trig_t trig : LIBRPZ_TRIG_SIZE; bool log : 1; / log rewrite given librpz_log_level * / } librpz_result_t; /* * librpz trace or log levels. / typedef enum { LIBRPZ_LOG_FATAL = 0, / always print fatal errors / LIBRPZ_LOG_ERROR = 1, / errors have this level / LIBRPZ_LOG_TRACE1 = 2, / big events such as dnsrpzd starts / LIBRPZ_LOG_TRACE2 = 3, / smaller dnsrpzd zone transfers / LIBRPZ_LOG_TRACE3 = 4, / librpz hits / LIBRPZ_LOG_TRACE4 = 5, / librpz lookups / LIBRPZ_LOG_INVALID = 999, } librpz_log_level_t; typedef librpz_log_level_t(librpz_log_level_val_t)(librpz_log_level_t level); LIBDEF_F(log_level_val) /* * Logging function that can be supplied by the resolver. * @param level is one of librpz_log_level_t * @param ctx is for use by the resolver's logging system. * NULL mean a context-free message. / typedef void(librpz_log_fnc_t)(librpz_log_level_t level, void ctx, const char buf); /* * Point librpz logging functions to the resolver's choice. / typedef void(librpz_set_log_t)(librpz_log_fnc_t new_log, const char prog_nm); LIBDEF_F(set_log) /* * librpz error messages are put in these buffers. * Use a structure instead of naked char* to let the compiler check the length. * A function defined with "foo(char buf[120])" can be called with * "char sbuf[2]; foo(sbuf)" and suffer a buffer overrun. / typedef struct { char c[120]; } librpz_emsg_t; #ifdef LIBRPZ_HAVE_ATTR #define LIBRPZ_UNUSED __attribute__((unused)) #define LIBRPZ_PF(f, l) __attribute__((format(printf, f, l))) #define LIBRPZ_NORET __attribute__((__noreturn__)) #else / ifdef LIBRPZ_HAVE_ATTR / #define LIBRPZ_UNUSED #define LIBRPZ_PF(f, l) #define LIBRPZ_NORET #endif / ifdef LIBRPZ_HAVE_ATTR / #ifdef HAVE_BUILTIN_EXPECT #define LIBRPZ_LIKELY(c) __builtin_expect(!!(c), 1) #define LIBRPZ_UNLIKELY(c) __builtin_expect(!!(c), 0) #else / ifdef HAVE_BUILTIN_EXPECT / #define LIBRPZ_LIKELY(c) (c) #define LIBRPZ_UNLIKELY(c) (c) #endif / ifdef HAVE_BUILTIN_EXPECT / typedef bool(librpz_parse_log_opt_t)(librpz_emsg_t emsg, const char arg); LIBDEF_F(parse_log_opt) typedef void(librpz_vpemsg_t)(librpz_emsg_t emsg, const char p, va_list args); LIBDEF_F(vpemsg) typedef void(librpz_pemsg_t)(librpz_emsg_t emsg, const char p, ...) LIBRPZ_PF(2, 3); LIBDEF_F(pemsg) typedef void(librpz_vlog_t)(librpz_log_level_t level, void ctx, const char p, va_list args); LIBDEF_F(vlog) typedef void(librpz_log_t)(librpz_log_level_t level, void ctx, const char p, ...) LIBRPZ_PF(3, 4); LIBDEF_F(log) typedef void(librpz_fatal_t)(int ex_code, const char p, ...) LIBRPZ_PF(2, 3); extern void librpz_fatal(int ex_code, const char p, ...) LIBRPZ_PF(2, 3) LIBRPZ_NORET; typedef void(librpz_rpz_assert_t)(const char file, unsigned line, const char p, ...) LIBRPZ_PF(3, 4); extern void librpz_rpz_assert(const char file, unsigned line, const char p, ...) LIBRPZ_PF(3, 4) LIBRPZ_NORET; typedef void(librpz_rpz_vassert_t)(const char file, uint line, const char p, va_list args); extern void librpz_rpz_vassert(const char file, uint line, const char p, va_list args) LIBRPZ_NORET; / * As far as clients are concerned, all relative pointers or indexes in a * version of the mapped file except trie node parent pointers remain valid * forever. A client must release a version so that it can be garbage * collected by the file system. When dnsrpzd needs to expand the file, * it copies the old file to a new, larger file. Clients can continue * using the old file. * * Versions can also appear in a single file. Old nodes and trie values * within the file are not destroyed until all clients using the version * that contained the old values release the version. * * A client is marked as using version by connecting to the daemon. It is * marked as using all subsequent versions. A client releases all versions * by closing the connection or a range of versions by updating is slot * in the shared memory version table. * * As far as clients are concerned, there are the following possible librpz * failures: * - malloc() or other fatal internal librpz problems indicated by * a failing return from a librpz function * All operations will fail until client handle is destroyed and * recreated with librpz_client_detach() and librpz_client_create(). * - corrupt database detected by librpz code, corrupt database detected * by dnsrpzd, or disconnection from the daemon. * Current operations will fail. * * Clients assume that the file has already been unlinked before * the corrupt flag is set so that they do not race with the server * over the corruption of a single file. A client that finds the * corrupt set knows that dnsrpzd has already crashed with * abort() and is restarting. The client can re-connect to dnsrpzd * and retransmit its configuration, backing off as usual if anything * goes wrong. * * Searches of the database by a client do not need locks against dnsrpzd or * other clients, but a lock is used to protect changes to the connection * by competing threads in the client. The client provides functions * to serialize the concurrent use of any single client handle. * Functions that do nothing are appropriate for applications that are * not "threaded" or that do not share client handles among threads. * Otherwise, functions must be provided to librpz_clientcreate(). * Something like the following works with pthreads: * * static void * lock(void mutex) { assert(pthread_mutex_lock(mutex) == 0); } * static void * unlock(void mutex) { assert(pthread_mutex_unlock(mutex) == 0); } * static void * mutex_destroy(void mutex) { assert(pthread_mutex_destroy(mutex) == 0); } * * * At every instant, all of the data and pointers in the mapped file are valid. * Changes to trie node or other data are always made so that it and * all pointers in and to it remain valid for a time. Old versions are * eventually discarded. * * Dnsrpzd periodically defines a new version by setting aside all changes * made since the previous version was defined. Subsequent changes * made (only!) by dnsrpzd will be part of the next version. * * To discard an old version, dnsrpzd must know that all clients have stopped * using that version. Clients do that by using part of the mapped file * to tell dnsrpzd the oldest version that each client is using. * Dnsrpzd assigns each connecting client an entry in the cversions array * in the mapped file. The client puts version numbers into that entry * to signal to dnsrpzd which versions that can be discarded. * Dnsrpzd is free, as far as that client is concerned, to discard all * numerically smaller versions. A client can disclaim all versions with * the version number VERSIONS_ALL or 0. * * The race between a client changing its entry and dnsrpzd discarding a * version is resolved by allowing dnsrpzd to discard all versions * smaller or equal to the client's version number. If dnsrpzd is in * the midst of discarding or about to discard version N when the * client asserts N, no harm is done. The client depends only on * the consistency of version N+1. * * This version mechanism depends in part on not being exercised too frequently * Version numbers are 32 bits long and dnsrpzd creates new versions * at most once every 30 seconds. / / * Lock functions for concurrent use of a single librpz_client_t client handle. / typedef void(librpz_mutex_t)(void mutex); /* * List of connections to dnsrpzd daemons. / typedef struct librpz_clist librpz_clist_t; / * Client's handle on dnsrpzd. / typedef struct librpz_client librpz_client_t; /* * Create the list of connections to the dnsrpzd daemon. * @param[out] emsg: error message * @param lock: start exclusive access to the client handle * @param unlock: end exclusive access to the client handle * @param mutex_destroy: release the lock * @param mutex: pointer to the lock for the client handle * @param log_ctx: NULL or resolver's context log messages / typedef librpz_clist_t (librpz_clist_create_t)(librpz_emsg_t emsg, librpz_mutex_t lock, librpz_mutex_t unlock, librpz_mutex_t mutex_destroy, void mutex, void log_ctx); LIBDEF_F(clist_create) /** * Release the list of dnsrpzd connections. / typedef void(librpz_clist_detach_t)(librpz_clist_t clistp); LIBDEF_F(clist_detach) /* * Create a librpz client handle. * @param[out] emsg: error message * @param clist: of dnsrpzd connections * @param cstr: string of configuration settings separated by ';' or '\n' * @param use_expired: true to not ignore expired zones * @return client handle or NULL if the handle could not be created / typedef librpz_client_t (librpz_client_create_t)(librpz_emsg_t emsg, librpz_clist_t clist, const char cstr, bool use_expired); LIBDEF_F(client_create) /* * Start (if necessary) dnsrpzd and connect to it. * @param[out] emsg: error message * @param client handle * @param optional: true if it is ok if starting the daemon is not allowed / typedef bool(librpz_connect_t)(librpz_emsg_t emsg, librpz_client_t client, bool optional); LIBDEF_F(connect) /* * Start to destroy a librpz client handle. * It will not be destroyed until the last set of RPZ queries represented * by a librpz_rsp_t ends. * @param client handle to be released * @return false on error / typedef void(librpz_client_detach_t)(librpz_client_t clientp); LIBDEF_F(client_detach) /* * State for a set of RPZ queries for a single DNS response * or for listing the database. / typedef struct librpz_rsp librpz_rsp_t; /* * Start a set of RPZ queries for a single DNS response. * @param[out] emsg: error message for false return or rspp=NULL @param[out] rspp created context or NULL * @param[out] min_ns_dotsp: NULL or pointer to configured MIN-NS-DOTS value * @param client state * @param have_rd: RD=1 in the DNS request * @param have_do: DO=1 in the DNS request * @return false on error / typedef bool(librpz_rsp_create_t)(librpz_emsg_t emsg, librpz_rsp_t *rspp, int min_ns_dotsp, librpz_client_t client, bool have_rd, bool have_do); LIBDEF_F(rsp_create) /* * Finish RPZ work for a DNS response. / typedef void(librpz_rsp_detach_t)(librpz_rsp_t rspp); LIBDEF_F(rsp_detach) /* * Get the final, accumulated result of a set of RPZ queries. * Yield LIBRPZ_POLICY_UNDEFINED if * - there were no hits, * - there was a dispositive hit, be we have not recursed and are required * to recurse so that evil DNS authorities will not know we are using RPZ * - we have a hit and have recursed, but later data such as NSIP could * override * @param[out] emsg * @param[out] result describes the hit * or result->policy=LIBRPZ_POLICY_UNDEFINED without a hit * @param[out] result: current policy rewrite values * @param recursed: recursion has now been done even if it was not done * when the hit was found * @param[in,out] rsp state from librpz_itr_start() * @return false on error / typedef bool(librpz_rsp_result_t)(librpz_emsg_t emsg, librpz_result_t result, bool recursed, const librpz_rsp_t rsp); LIBDEF_F(rsp_result) /** * Might looking for a trigger be worthwhile? * @param trig: look for this type of trigger * @param ipv6: true if trig is LIBRPZ_TRIG_CLIENT_IP, LIBRPZ_TRIG_IP, * or LIBRPZ_TRIG_NSIP and the IP address is IPv6 * @return: true if looking could be worthwhile / typedef bool(librpz_have_trig_t)(librpz_trig_t trig, bool ipv6, const librpz_rsp_t rsp); LIBDEF_F(have_trig) /** * Might looking for NSDNAME and NSIP triggers be worthwhile? * @return: true if looking could be worthwhile / typedef bool(librpz_have_ns_trig_t)(const librpz_rsp_t rsp); LIBDEF_F(have_ns_trig) /** * Convert the found client IP trie key to a CIDR block * @param[out] emsg * @param[out] prefix trigger * @param[in,out] rsp state from librpz_itr_start() * @return false on error / typedef bool(librpz_rsp_clientip_prefix_t)(librpz_emsg_t emsg, librpz_prefix_t prefix, librpz_rsp_t rsp); LIBDEF_F(rsp_clientip_prefix) /** * Compute the owner name of the found or result trie key, usually to log it. * An IP address key might be returned as 8.0.0.0.127.rpz-client-ip. * example.com. might be a qname trigger. example.com.rpz-nsdname. could * be an NSDNAME trigger. * @param[out] emsg * @param[out] owner domain * @param[in,out] rsp state from librpz_itr_start() * @return false on error / typedef bool(librpz_rsp_domain_t)(librpz_emsg_t emsg, librpz_domain_buf_t owner, librpz_rsp_t rsp); LIBDEF_F(rsp_domain) /** * Get the next RR of the LIBRPZ_POLICY_RECORD result after an initial use of * librpz_rsp_result() or librpz_itr_node() or after a previous use of * librpz_rsp_rr(). The RR is in uncompressed wire format including type, * class, ttl and length in network byte order. * @param[out] emsg * @param[out] typep: optional host byte order record type or ns_t_invalid (0) * @param[out] classp: class such as ns_c_in * @param[out] ttlp: TTL * @param[out] rrp: optional malloc() buffer containing the next RR or * NULL after the last RR * @param[out] result: current policy rewrite values * @param qname: used construct a wildcard CNAME * @param qname_size * @param[in,out] rsp state from librpz_itr_start() * @return false on error / typedef bool(librpz_rsp_rr_t)(librpz_emsg_t emsg, uint16_t typep, uint16_t classp, uint32_t ttlp, librpz_rr_t rrp, librpz_result_t result, const uint8_t qname, size_t qname_size, librpz_rsp_t rsp); LIBDEF_F(rsp_rr) /** * Get the next RR of the LIBRPZ_POLICY_RECORD result. * @param[out] emsg * @param[out] ttlp: TTL * @param[out] rrp: malloc() buffer with SOA RR without owner name * @param[out] result: current policy rewrite values * @param[out] origin: SOA owner name * @param[out] origin_size * @param[in,out] rsp state from librpz_itr_start() * @return false on error / typedef bool(librpz_rsp_soa_t)(librpz_emsg_t emsg, uint32_t ttlp, librpz_rr_t rrp, librpz_domain_buf_t origin, librpz_result_t result, librpz_rsp_t rsp); LIBDEF_F(rsp_soa) /** * Get the SOA serial number for a policy zone to compare with a known value * to check whether a zone transfer is complete. / typedef bool(librpz_soa_serial_t)(librpz_emsg_t emsg, uint32_t serialp, const char domain_nm, librpz_rsp_t rsp); LIBDEF_F(soa_serial) /* * Save the current policy checking state. * @param[out] emsg * @param[in,out] rsp state from librpz_itr_start() * @return false on error / typedef bool(librpz_rsp_push_t)(librpz_emsg_t emsg, librpz_rsp_t rsp); LIBDEF_F(rsp_push) #define LIBRPZ_RSP_STACK_DEPTH 3 /* * Restore the previous policy checking state. * @param[out] emsg * @param[out] result: NULL or restored policy rewrite values * @param[in,out] rsp state from librpz_itr_start() * @return false on error / typedef bool(librpz_rsp_pop_t)(librpz_emsg_t emsg, librpz_result_t result, librpz_rsp_t rsp); LIBDEF_F(rsp_pop) /** * Discard the most recently save policy checking state. * @param[out] emsg * @param[out] result: NULL or restored policy rewrite values * @return false on error / typedef bool(librpz_rsp_pop_discard_t)(librpz_emsg_t emsg, librpz_rsp_t rsp); LIBDEF_F(rsp_pop_discard) /* * Disable a zone. * @param[out] emsg * @param znum * @param[in,out] rsp state from librpz_itr_start() * @return false on error / typedef bool(librpz_rsp_forget_zone_t)(librpz_emsg_t emsg, librpz_cznum_t znum, librpz_rsp_t rsp); LIBDEF_F(rsp_forget_zone) /* * Apply RPZ to an IP address. * @param[out] emsg * @param addr: address to check * @param ipv6: true for 16 byte IPv6 instead of 4 byte IPv4 * @param trig LIBRPZ_TRIG_CLIENT_IP, LIBRPZ_TRIG_IP, or LIBRPZ_TRIG_NSIP * @param hit_id: caller chosen * @param recursed: recursion has been done * @param[in,out] rsp state from librpz_itr_start() * @return false on error / typedef bool(librpz_ck_ip_t)(librpz_emsg_t emsg, const void addr, uint family, librpz_trig_t trig, librpz_result_id_t hit_id, bool recursed, librpz_rsp_t rsp); LIBDEF_F(ck_ip) /** * Apply RPZ to a wire-format domain. * @param[out] emsg * @param domain in wire format * @param domain_size * @param trig LIBRPZ_TRIG_QNAME or LIBRPZ_TRIG_NSDNAME * @param hit_id: caller chosen * @param recursed: recursion has been done * @param[in,out] rsp state from librpz_itr_start() * @return false on error / typedef bool(librpz_ck_domain_t)(librpz_emsg_t emsg, const uint8_t domain, size_t domain_size, librpz_trig_t trig, librpz_result_id_t hit_id, bool recursed, librpz_rsp_t rsp); LIBDEF_F(ck_domain) /** * Ask dnsrpzd to refresh a zone. * @param[out] emsg error message * @param librpz_domain_t domain to refresh * @param client context * @return false after error / typedef bool(librpz_zone_refresh_t)(librpz_emsg_t emsg, const char domain, librpz_rsp_t rsp); LIBDEF_F(zone_refresh) /** * Get a string describing the database * @param license: include the license * @param cfiles: include the configuration file names * @param listens: include the local notify IP addresses * @param[out] emsg error message if the result is null * @param client context * @return malloc'ed string or NULL after error / typedef char (librpz_db_info_t)(librpz_emsg_t emsg, bool license, bool cfiles, bool listens, librpz_rsp_t rsp); LIBDEF_F(db_info) /** * Start a context for listing the nodes and/or zones in the mapped file * @param[out] emsg: error message for false return or rspp=NULL @param[out] rspp: created context or NULL * @param client context * @return false after error / typedef bool(librpz_itr_start_t)(librpz_emsg_t emsg, librpz_rsp_t *rspp, librpz_client_t client); LIBDEF_F(itr_start) /** * Get mapped file memory allocation statistics. * @param[out] emsg: error message * @param rsp state from librpz_itr_start() * @return malloc'ed string or NULL after error / typedef char (librpz_mf_stats_t)(librpz_emsg_t emsg, librpz_rsp_t rsp); LIBDEF_F(mf_stats) /** * Get versions currently used by clients. * @param[out] emsg: error message * @param[in,out] rsp: state from librpz_itr_start() * @return malloc'ed string or NULL after error / typedef char (librpz_vers_stats_t)(librpz_emsg_t emsg, librpz_rsp_t rsp); LIBDEF_F(vers_stats) /** * Allocate a string describing the next zone or "" after the last zone. * @param[out] emsg * @param all_zones to list all instead of only requested zones * @param[in,out] rsp state from librpz_rsp_start() * @return malloc'ed string or NULL after error / typedef char (librpz_itr_zone_t)(librpz_emsg_t emsg, bool all_zones, librpz_rsp_t rsp); LIBDEF_F(itr_zone) /** * Describe the next trie node while dumping the database. * @param[out] emsg * @param[out] result describes node * or result->policy=LIBRPZ_POLICY_UNDEFINED after the last node. * @param all_zones to list all instead of only requested zones * @param[in,out] rsp state from librpz_itr_start() * @return: false on error / typedef bool(librpz_itr_node_t)(librpz_emsg_t emsg, librpz_result_t result, bool all_zones, librpz_rsp_t rsp); LIBDEF_F(itr_node) /** * RPZ policy to string with a backup buffer of POLICY2STR_SIZE size / typedef const char (librpz_policy2str_t)(librpz_policy_t policy, char buf, size_t buf_size); #define POLICY2STR_SIZE sizeof("policy xxxxxx") LIBDEF_F(policy2str) /* * Trigger type to string. / typedef const char (librpz_trig2str_t)(librpz_trig_t trig); LIBDEF_F(trig2str) /** * Convert a number of seconds to a zone file duration string / typedef const char (librpz_secs2str_t)(time_t secs, char buf, size_t buf_size); #define SECS2STR_SIZE sizeof("1234567w7d24h59m59s") LIBDEF_F(secs2str) /* * Parse a duration with 's', 'm', 'h', 'd', and 'w' units. / typedef bool(librpz_str2secs_t)(librpz_emsg_t emsg, time_t val, const char str0); LIBDEF_F(str2secs) /** * Translate selected rtypes to strings / typedef const char (librpz_rtype2str_t)(uint type, char buf, size_t buf_size); #define RTYPE2STR_SIZE sizeof("type xxxxx") LIBDEF_F(rtype2str) /* * Local version of ns_name_ntop() for portability. / typedef int(librpz_domain_ntop_t)(const u_char src, char dst, size_t dstsiz); LIBDEF_F(domain_ntop) /* * Local version of ns_name_pton(). / typedef int(librpz_domain_pton2_t)(const char src, u_char dst, size_t dstsiz, size_t dstlen, bool lower); LIBDEF_F(domain_pton2) typedef union socku socku_t; typedef socku_t (librpz_mk_inet_su_t)(socku_t su, const struct in_addr addrp, in_port_t port); LIBDEF_F(mk_inet_su) typedef socku_t (librpz_mk_inet6_su_t)(socku_t su, const struct in6_addr addrp, uint32_t scope_id, in_port_t port); LIBDEF_F(mk_inet6_su) typedef bool(librpz_str2su_t)(socku_t sup, const char str); LIBDEF_F(str2su) typedef char (librpz_su2str_t)(char str, size_t str_len, const socku_t su); LIBDEF_F(su2str) #define SU2STR_SIZE (INET6_ADDRSTRLEN + 1 + 6 + 1) /* * default path to dnsrpzd / LIBDEF(const char , librpz_dnsrpzd_path) #undef LIBDEF /* * This is the dlopen() interface to librpz. / typedef const struct { const char dnsrpzd_path; const char version; librpz_parse_log_opt_t parse_log_opt; librpz_log_level_val_t log_level_val; librpz_set_log_t set_log; librpz_vpemsg_t vpemsg; librpz_pemsg_t pemsg; librpz_vlog_t vlog; librpz_log_t log; librpz_fatal_t fatal LIBRPZ_NORET; librpz_rpz_assert_t rpz_assert LIBRPZ_NORET; librpz_rpz_vassert_t rpz_vassert LIBRPZ_NORET; librpz_clist_create_t clist_create; librpz_clist_detach_t clist_detach; librpz_client_create_t client_create; librpz_connect_t connect; librpz_client_detach_t client_detach; librpz_rsp_create_t rsp_create; librpz_rsp_detach_t rsp_detach; librpz_rsp_result_t rsp_result; librpz_have_trig_t have_trig; librpz_have_ns_trig_t have_ns_trig; librpz_rsp_clientip_prefix_t rsp_clientip_prefix; librpz_rsp_domain_t rsp_domain; librpz_rsp_rr_t rsp_rr; librpz_rsp_soa_t rsp_soa; librpz_soa_serial_t soa_serial; librpz_rsp_push_t rsp_push; librpz_rsp_pop_t rsp_pop; librpz_rsp_pop_discard_t rsp_pop_discard; librpz_rsp_forget_zone_t rsp_forget_zone; librpz_ck_ip_t ck_ip; librpz_ck_domain_t ck_domain; librpz_zone_refresh_t zone_refresh; librpz_db_info_t db_info; librpz_itr_start_t itr_start; librpz_mf_stats_t mf_stats; librpz_vers_stats_t vers_stats; librpz_itr_zone_t itr_zone; librpz_itr_node_t itr_node; librpz_policy2str_t policy2str; librpz_trig2str_t trig2str; librpz_secs2str_t secs2str; librpz_str2secs_t str2secs; librpz_rtype2str_t rtype2str; librpz_domain_ntop_t domain_ntop; librpz_domain_pton2_t domain_pton2; librpz_mk_inet_su_t mk_inet_su; librpz_mk_inet6_su_t mk_inet6_su; librpz_str2su_t str2su; librpz_su2str_t su2str; } librpz_0_t; extern librpz_0_t librpz_def_0; /* * Future versions can be upward compatible by defining LIBRPZ_DEF as * librpz_X_t. / #define LIBRPZ_DEF librpz_def_0 #define LIBRPZ_DEF_STR "librpz_def_0" typedef librpz_0_t librpz_t; extern librpz_t librpz; #if LIBRPZ_LIB_OPEN == 2 #include <dlfcn.h> /** * link-load librpz * @param[out] emsg: error message * @param[in,out] dl_handle: NULL or pointer to new dlopen handle * @param[in] path: librpz.so path * @return address of interface structure or NULL on failure / static inline librpz_t librpz_lib_open(librpz_emsg_t emsg, void dl_handle, const char path) { void handle; librpz_t new_librpz; emsg->c[0] = '\0'; /* * Close a previously opened handle on librpz.so. / if (dl_handle != NULL && dl_handle != NULL) { if (dlclose(dl_handle) != 0) { snprintf(emsg->c, sizeof(librpz_emsg_t), "dlopen(NULL): %s", dlerror()); return (NULL); } dl_handle = NULL; } /* * First try the main executable of the process in case it was * linked to librpz. * Do not worry if we cannot search the main executable of the process. / handle = dlopen(NULL, RTLD_NOW \| RTLD_LOCAL); if (handle != NULL) { new_librpz = dlsym(handle, LIBRPZ_DEF_STR); if (new_librpz != NULL) { if (dl_handle != NULL) { dl_handle = handle; } return (new_librpz); } if (dlclose(handle) != 0) { snprintf(emsg->c, sizeof(librpz_emsg_t), "dlsym(NULL, " LIBRPZ_DEF_STR "): %s", dlerror()); return (NULL); } } if (path == NULL \|\| path[0] == '\0') { snprintf(emsg->c, sizeof(librpz_emsg_t), "librpz not linked and no dlopen() path provided"); return (NULL); } handle = dlopen(path, RTLD_NOW \| RTLD_LOCAL); if (handle == NULL) { snprintf(emsg->c, sizeof(librpz_emsg_t), "dlopen(%s): %s", path, dlerror()); return (NULL); } new_librpz = dlsym(handle, LIBRPZ_DEF_STR); if (new_librpz != NULL) { if (dl_handle != NULL) { dl_handle = handle; } return (new_librpz); } snprintf(emsg->c, sizeof(librpz_emsg_t), "dlsym(%s, " LIBRPZ_DEF_STR "): %s", path, dlerror()); dlclose(handle); return (NULL); } #elif defined(LIBRPZ_LIB_OPEN) / * Statically link to the librpz.so DSO on systems without dlopen() / static inline librpz_t librpz_lib_open(librpz_emsg_t emsg, void dl_handle, const char path) { (void)(path); if (dl_handle != NULL) { dl_handle = NULL; } #if LIBRPZ_LIB_OPEN == 1 emsg->c[0] = '\0'; return (&LIBRPZ_DEF); #else / if LIBRPZ_LIB_OPEN == 1 / snprintf(emsg->c, sizeof(librpz_emsg_t), "librpz not available via ./configure"); return (NULL); #endif / LIBRPZ_LIB_OPEN / } #endif / LIBRPZ_LIB_OPEN / #endif / LIBRPZ_H / ��dns/keymgr.h��0000644��00000010013�15125204631�0006771 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_KEYMGR_H #define DNS_KEYMGR_H 1 /! \file dns/keymgr.h / #include <isc/lang.h> #include <isc/stdtime.h> #include <dns/types.h> #include <dst/dst.h> ISC_LANG_BEGINDECLS isc_result_t dns_keymgr_run(const dns_name_t origin, dns_rdataclass_t rdclass, const char directory, isc_mem_t mctx, dns_dnsseckeylist_t keyring, dns_dnsseckeylist_t dnskeys, dns_kasp_t kasp, isc_stdtime_t now, isc_stdtime_t nexttime); /%< Manage keys in 'keyring' and update timing data according to 'kasp' policy. * Create new keys for 'origin' if necessary in 'directory'. Append all such * keys, along with use hints gleaned from their metadata, onto 'keyring'. * * Update key states and store changes back to disk. Store when to run next * in 'nexttime'. * * Requires: \li 'origin' is a valid FQDN. \li 'mctx' is a valid memory context. \li 'keyring' is not NULL. \li 'kasp' is not NULL. * * Returns: \li #ISC_R_SUCCESS \li any error returned by dst_key_generate(), isc_dir_open(), * dst_key_to_file(), or dns_dnsseckey_create(). * * Ensures: \li On error, keypool is unchanged / isc_result_t dns_keymgr_checkds(dns_kasp_t kasp, dns_dnsseckeylist_t keyring, const char directory, isc_stdtime_t now, isc_stdtime_t when, bool dspublish); isc_result_t dns_keymgr_checkds_id(dns_kasp_t kasp, dns_dnsseckeylist_t keyring, const char directory, isc_stdtime_t now, isc_stdtime_t when, bool dspublish, dns_keytag_t id, unsigned int algorithm); /%< Check DS for one key in 'keyring'. The key must have the KSK role. * If 'dspublish' is set to true, set the DS Publish time to 'now'. * If 'dspublish' is set to false, set the DS Removed time to 'now'. * If a specific key 'id' is given it must match the keytag. * If the 'algorithm' is non-zero, it must match the key's algorithm. * The result is stored in the key state file. * * Requires: \li 'kasp' is not NULL. \li 'keyring' is not NULL. * * Returns: \li #ISC_R_SUCCESS (No error). \li #DNS_R_NOKEYMATCH (No matching keys found). \li #DNS_R_TOOMANYKEYS (More than one matching keys found). / isc_result_t dns_keymgr_rollover(dns_kasp_t kasp, dns_dnsseckeylist_t keyring, const char directory, isc_stdtime_t now, isc_stdtime_t when, dns_keytag_t id, unsigned int algorithm); /%< Rollover key with given 'id'. If the 'algorithm' is non-zero, it must * match the key's algorithm. The changes are stored in the key state file. * * A rollover means adjusting the key metadata so that keymgr will start the * actual rollover on the next run. Update the 'inactive' time and adjust * key lifetime to match the 'when' to rollover time. * * The 'when' time may be in the past. In that case keymgr will roll the * key as soon as possible. * * The 'when' time may be in the future. This may extend the lifetime, * overriding the default lifetime from the policy. * * Requires: \li 'kasp' is not NULL. \li 'keyring' is not NULL. * * Returns: \li #ISC_R_SUCCESS (No error). \li #DNS_R_NOKEYMATCH (No matching keys found). \li #DNS_R_TOOMANYKEYS (More than one matching keys found). \li #DNS_R_KEYNOTACTIVE (Key is not active). * / void dns_keymgr_status(dns_kasp_t kasp, dns_dnsseckeylist_t keyring, isc_stdtime_t now, char out, size_t out_len); /%< Retrieve the status of given 'kasp' policy and keys in the * 'keyring' and store the printable output in the 'out' buffer. * * Requires: \li 'kasp' is not NULL. \li 'keyring' is not NULL. \li 'out' is not NULL. * Returns: \li Printable status in 'out'. / ISC_LANG_ENDDECLS #endif / DNS_KEYMGR_H / ��dns/rdataslab.h��0000644��00000010221�15125204631�0007431 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_RDATASLAB_H #define DNS_RDATASLAB_H 1 /! \file dns/rdataslab.h * \brief * Implements storage of rdatasets into slabs of memory. * * MP: \li Clients of this module must impose any required synchronization. * Reliability: \li This module deals with low-level byte streams. Errors in any of the functions are likely to crash the server or corrupt memory. * \li If the caller passes invalid memory references, these functions are likely to crash the server or corrupt memory. * * Resources: \li None. * Security: \li None. * Standards: \li None. / /* * Imports **/ #include <stdbool.h> #include <isc/lang.h> #include <dns/types.h> ISC_LANG_BEGINDECLS #define DNS_RDATASLAB_FORCE 0x1 #define DNS_RDATASLAB_EXACT 0x2 #define DNS_RDATASLAB_OFFLINE 0x01 / RRSIG is for offline DNSKEY / #define DNS_RDATASLAB_WARNMASK \ 0x0E /%< RRSIG(DNSKEY) expired \ * warnings number mask. / #define DNS_RDATASLAB_WARNSHIFT \ 1 /%< How many bits to shift to find \ * remaining expired warning number. / / * Functions **/ isc_result_t dns_rdataslab_fromrdataset(dns_rdataset_t rdataset, isc_mem_t mctx, isc_region_t region, unsigned int reservelen, uint32_t limit); /%< Slabify a rdataset. The slab area will be allocated and returned * in 'region'. * * Requires: \li 'rdataset' is valid. * Ensures: \li 'region' will have base pointing to the start of allocated memory, with the slabified region beginning at region->base + reservelen. * region->length contains the total length allocated. * * Returns: \li ISC_R_SUCCESS - successful completion \li ISC_R_NOMEMORY - no memory. \li XXX others / unsigned int dns_rdataslab_size(unsigned char slab, unsigned int reservelen); /%< * Return the total size of an rdataslab. * * Requires: \li 'slab' points to a slab. * Returns: \li The number of bytes in the slab, including the reservelen. / unsigned int dns_rdataslab_rdatasize(unsigned char slab, unsigned int reservelen); /%< * Return the size of the rdata in an rdataslab. * * Requires: \li 'slab' points to a slab. / unsigned int dns_rdataslab_count(unsigned char slab, unsigned int reservelen); /%< * Return the number of records in the rdataslab * * Requires: \li 'slab' points to a slab. * Returns: \li The number of records in the slab. / isc_result_t dns_rdataslab_merge(unsigned char oslab, unsigned char nslab, unsigned int reservelen, isc_mem_t mctx, dns_rdataclass_t rdclass, dns_rdatatype_t type, unsigned int flags, uint32_t maxrrperset, unsigned char tslabp); /%< * Merge 'oslab' and 'nslab'. / isc_result_t dns_rdataslab_subtract(unsigned char mslab, unsigned char sslab, unsigned int reservelen, isc_mem_t mctx, dns_rdataclass_t rdclass, dns_rdatatype_t type, unsigned int flags, unsigned char *tslabp); /%< * Subtract 'sslab' from 'mslab'. If 'exact' is true then all elements * of 'sslab' must exist in 'mslab'. * * XXX * valid flags are DNS_RDATASLAB_EXACT / bool dns_rdataslab_equal(unsigned char slab1, unsigned char slab2, unsigned int reservelen); /%< * Compare two rdataslabs for equality. This does _not_ do a full * DNSSEC comparison. * * Requires: \li 'slab1' and 'slab2' point to slabs. * Returns: \li true if the slabs are equal, false otherwise. / bool dns_rdataslab_equalx(unsigned char slab1, unsigned char slab2, unsigned int reservelen, dns_rdataclass_t rdclass, dns_rdatatype_t type); /%< Compare two rdataslabs for DNSSEC equality. * * Requires: \li 'slab1' and 'slab2' point to slabs. * Returns: \li true if the slabs are equal, #false otherwise. / ISC_LANG_ENDDECLS #endif /* DNS_RDATASLAB_H / ��dns/lmdb.h��0000644��00000001413�15125204631�0006415 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once #define DNS_LMDB_COMMON_FLAGS (MDB_CREATE \| MDB_NOSUBDIR \| MDB_NOLOCK) #ifndef __OpenBSD__ #define DNS_LMDB_FLAGS (DNS_LMDB_COMMON_FLAGS) #else / __OpenBSD__ / / * OpenBSD does not have a unified buffer cache, which requires both reads and * writes to be performed using mmap(). / #define DNS_LMDB_FLAGS (DNS_LMDB_COMMON_FLAGS \| MDB_WRITEMAP) #endif / __OpenBSD__ / ��dns/ecdb.h��0000644��00000001446�15125204631�0006402 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_ECDB_H #define DNS_ECDB_H 1 /** * Module Info **/ / TBD / / * Imports */ #include <dns/types.h> /* * Types / / * Functions **/ ISC_LANG_BEGINDECLS / TBD: describe those / isc_result_t dns_ecdb_register(isc_mem_t mctx, dns_dbimplementation_t dbimp); void dns_ecdb_unregister(dns_dbimplementation_t dbimp); ISC_LANG_ENDDECLS #endif /* DNS_ECDB_H / ��dns/byaddr.h��0000644��00000007016�15125204631�0006751 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_BYADDR_H #define DNS_BYADDR_H 1 /** * Module Info **/ /! \file dns/byaddr.h * \brief * The byaddr module provides reverse lookup services for IPv4 and IPv6 * addresses. * * MP: \li The module ensures appropriate synchronization of data structures it creates and manipulates. * * Reliability: \li No anticipated impact. * Resources: \li TBS * Security: \li No anticipated impact. * Standards: \li RFCs: 1034, 1035, 2181, TBS \li Drafts: TBS / #include <isc/event.h> #include <isc/lang.h> #include <dns/types.h> ISC_LANG_BEGINDECLS /% * A 'dns_byaddrevent_t' is returned when a byaddr completes. * The sender field will be set to the byaddr that completed. If 'result' * is ISC_R_SUCCESS, then 'names' will contain a list of names associated * with the address. The recipient of the event must not change the list * and must not refer to any of the name data after the event is freed. / typedef struct dns_byaddrevent { ISC_EVENT_COMMON(struct dns_byaddrevent); isc_result_t result; dns_namelist_t names; } dns_byaddrevent_t; isc_result_t dns_byaddr_create(isc_mem_t mctx, const isc_netaddr_t address, dns_view_t view, unsigned int options, isc_task_t task, isc_taskaction_t action, void arg, dns_byaddr_t *byaddrp); /%< * Find the domain name of 'address'. * * Notes: * \li There is a reverse lookup format for IPv6 addresses, 'nibble' \li The 'nibble' format for that address is * \code * 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa. * \endcode * * Requires: * \li 'mctx' is a valid mctx. \li 'address' is a valid IPv4 or IPv6 address. \li 'view' is a valid view which has a resolver. \li 'task' is a valid task. \li byaddrp != NULL && byaddrp == NULL * * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY * \li Any resolver-related error (e.g. #ISC_R_SHUTTINGDOWN) may also be returned. / void dns_byaddr_cancel(dns_byaddr_t byaddr); /%< Cancel 'byaddr'. * * Notes: * \li If 'byaddr' has not completed, post its #DNS_EVENT_BYADDRDONE event with a result code of #ISC_R_CANCELED. * * Requires: * \li 'byaddr' is a valid byaddr. / void dns_byaddr_destroy(dns_byaddr_t *byaddrp); /%< * Destroy 'byaddr'. * * Requires: * \li 'byaddrp' is a valid byaddr. * \li The caller has received the #DNS_EVENT_BYADDRDONE event (either because the byaddr completed or because dns_byaddr_cancel() was called). * * Ensures: * \li byaddrp == NULL. / isc_result_t dns_byaddr_createptrname(const isc_netaddr_t address, unsigned int options, dns_name_t name); /%< * Creates a name that would be used in a PTR query for this address. The * nibble flag indicates that the 'nibble' format is to be used if an IPv6 * address is provided, instead of the 'bitstring' format. Since we dropped * the support of the bitstring labels, it is expected that the flag is always * set. 'options' are the same as for dns_byaddr_create(). * * Requires: * * \li 'address' is a valid address. * \li 'name' is a valid name with a dedicated buffer. / ISC_LANG_ENDDECLS #endif / DNS_BYADDR_H / ��dns/order.h��0000644��00000003732�15125204631�0006620 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_ORDER_H #define DNS_ORDER_H 1 /! \file dns/order.h / #include <isc/lang.h> #include <isc/types.h> #include <dns/types.h> ISC_LANG_BEGINDECLS isc_result_t dns_order_create(isc_mem_t mctx, dns_order_t *orderp); /%< * Create a order object. * * Requires: * \li 'orderp' to be non NULL and 'orderp == NULL'. \li 'mctx' to be valid. * * Returns: \li ISC_R_SUCCESS \li ISC_R_NOMEMORY / isc_result_t dns_order_add(dns_order_t order, const dns_name_t name, dns_rdatatype_t rdtype, dns_rdataclass_t rdclass, unsigned int mode); /%< * Add a entry to the end of the order list. * * Requires: * \li 'order' to be valid. \li 'name' to be valid. \li 'mode' to be one of #DNS_RDATASETATTR_RANDOMIZE, * #DNS_RDATASETATTR_FIXEDORDER or zero (#DNS_RDATASETATTR_CYCLIC). * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY / unsigned int dns_order_find(dns_order_t order, const dns_name_t name, dns_rdatatype_t rdtype, dns_rdataclass_t rdclass); /%< * Find the first matching entry on the list. * * Requires: \li 'order' to be valid. \li 'name' to be valid. * * Returns the mode set by dns_order_add() or zero. / void dns_order_attach(dns_order_t source, dns_order_t *target); /%< * Attach to the 'source' object. * * Requires: * \li 'source' to be valid. \li 'target' to be non NULL and 'target == NULL'. / void dns_order_detach(dns_order_t orderp); /%< * Detach from the object. Clean up if last this was the last * reference. * * Requires: \li 'orderp' to be valid. / ISC_LANG_ENDDECLS #endif / DNS_ORDER_H / ��dns/rdata.h��0000644��00000054044�15125204631�0006602 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_RDATA_H #define DNS_RDATA_H 1 /** * Module Info **/ /! \file dns/rdata.h * \brief * Provides facilities for manipulating DNS rdata, including conversions to * and from wire format and text format. * * Given the large amount of rdata possible in a nameserver, it was important * to come up with a very efficient way of storing rdata, but at the same * time allow it to be manipulated. * * The decision was to store rdata in uncompressed wire format, * and not to make it a fully abstracted object; i.e. certain parts of the * server know rdata is stored that way. This saves a lot of memory, and * makes adding rdata to messages easy. Having much of the server know * the representation would be perilous, and we certainly don't want each * user of rdata to be manipulating such a low-level structure. This is * where the rdata module comes in. The module allows rdata handles to be * created and attached to uncompressed wire format regions. All rdata * operations and conversions are done through these handles. * * Implementation Notes: * \li The routines in this module are expected to be synthesized by the build process from a set of source files, one per rdata type. For * portability, it's probably best that the building be done by a C * program. Adding a new rdata type will be a simple matter of adding * a file to a directory and rebuilding the server. All knowledge of * the format of a particular rdata type is in this file. * * MP: \li Clients of this module must impose any required synchronization. * Reliability: \li This module deals with low-level byte streams. Errors in any of the functions are likely to crash the server or corrupt memory. * \li Rdata is typed, and the caller must know what type of rdata it has. A caller that gets this wrong could crash the server. * \li The fromstruct() and tostruct() routines use a void pointer to * represent the structure. The caller must ensure that it passes a * pointer to the appropriate type, or the server could crash or memory * could be corrupted. * * Resources: \li None. * Security: * \li WARNING * * dns_rdata_fromwire() deals with raw network data. An error in * this routine could result in the failure or hijacking of the server. * * Standards: \li RFC1035 \li Draft EDNS0 (0) \li Draft EDNS1 (0) \li Draft Binary Labels (2) \li Draft Local Compression (1) \li Various RFCs for particular types; these will be documented in the * sources files of the types. * / / * Imports */ #include <stdbool.h> #include <isc/lang.h> #include <dns/message.h> #include <dns/name.h> #include <dns/types.h> ISC_LANG_BEGINDECLS /* * Types / /% *** An 'rdata' is a handle to a binary region. The handle has an RR * class and type, and the data in the binary region is in the format * of the given class and type. **/ /% * Clients are strongly discouraged from using this type directly, with * the exception of the 'link' field which may be used directly for whatever * purpose the client desires. / struct dns_rdata { unsigned char data; unsigned int length; dns_rdataclass_t rdclass; dns_rdatatype_t type; unsigned int flags; ISC_LINK(dns_rdata_t) link; }; #define DNS_RDATA_INIT \ { \ NULL, 0, 0, 0, 0, { (void )(-1), (void )(-1) } \ } #define DNS_RDATA_CHECKINITIALIZED #ifdef DNS_RDATA_CHECKINITIALIZED #define DNS_RDATA_INITIALIZED(rdata) \ ((rdata)->data == NULL && (rdata)->length == 0 && \ (rdata)->rdclass == 0 && (rdata)->type == 0 && (rdata)->flags == 0 && \ !ISC_LINK_LINKED((rdata), link)) #else /* ifdef DNS_RDATA_CHECKINITIALIZED / #ifdef ISC_LIST_CHECKINIT #define DNS_RDATA_INITIALIZED(rdata) (!ISC_LINK_LINKED((rdata), link)) #else / ifdef ISC_LIST_CHECKINIT / #define DNS_RDATA_INITIALIZED(rdata) true #endif / ifdef ISC_LIST_CHECKINIT / #endif / ifdef DNS_RDATA_CHECKINITIALIZED / #define DNS_RDATA_UPDATE 0x0001 /%< update pseudo record. / #define DNS_RDATA_OFFLINE 0x0002 /%< RRSIG has a offline key. / #define DNS_RDATA_VALIDFLAGS(rdata) \ (((rdata)->flags & ~(DNS_RDATA_UPDATE \| DNS_RDATA_OFFLINE)) == 0) / * The maximum length of a RDATA that can be sent on the wire. * Max packet size (65535) less header (12), less name (1), type (2), * class (2), ttl(4), length (2). * * None of the defined types that support name compression can exceed * this and all new types are to be sent uncompressed. / #define DNS_RDATA_MAXLENGTH 65512U / * Flags affecting rdata formatting style. Flags 0xFFFF0000 * are used by masterfile-level formatting and defined elsewhere. * See additional comments at dns_rdata_tofmttext(). / /% Split the rdata into multiple lines to try to keep it * within the "width". / #define DNS_STYLEFLAG_MULTILINE 0x00000001ULL /% Output explanatory comments. / #define DNS_STYLEFLAG_COMMENT 0x00000002ULL #define DNS_STYLEFLAG_RRCOMMENT 0x00000004ULL /% Output KEYDATA in human readable format. / #define DNS_STYLEFLAG_KEYDATA 0x00000008ULL /% Output textual RR type and RDATA in RFC 3597 unknown format / #define DNS_STYLEFLAG_UNKNOWNFORMAT 0x00000010ULL /% Print AAAA record fully expanded / #define DNS_STYLEFLAG_EXPANDAAAA 0x00000020ULL #define DNS_RDATA_DOWNCASE DNS_NAME_DOWNCASE #define DNS_RDATA_CHECKNAMES DNS_NAME_CHECKNAMES #define DNS_RDATA_CHECKNAMESFAIL DNS_NAME_CHECKNAMESFAIL #define DNS_RDATA_CHECKREVERSE DNS_NAME_CHECKREVERSE #define DNS_RDATA_CHECKMX DNS_NAME_CHECKMX #define DNS_RDATA_CHECKMXFAIL DNS_NAME_CHECKMXFAIL #define DNS_RDATA_UNKNOWNESCAPE 0x80000000 / * Initialization **/ void dns_rdata_init(dns_rdata_t rdata); /%< Make 'rdata' empty. * * Requires: * 'rdata' is a valid rdata (i.e. not NULL, points to a struct dns_rdata) / void dns_rdata_reset(dns_rdata_t rdata); /%< Make 'rdata' empty. * * Requires: \li 'rdata' is a previously initialized rdata and is not linked. / void dns_rdata_clone(const dns_rdata_t src, dns_rdata_t target); /%< Clone 'target' from 'src'. * * Requires: \li 'src' to be initialized. \li 'target' to be initialized. / / * Comparisons **/ int dns_rdata_compare(const dns_rdata_t rdata1, const dns_rdata_t rdata2); /%< * Determine the relative ordering under the DNSSEC order relation of * 'rdata1' and 'rdata2'. * * Requires: * \li 'rdata1' is a valid, non-empty rdata \li 'rdata2' is a valid, non-empty rdata * Returns: \li < 0 'rdata1' is less than 'rdata2' \li 0 'rdata1' is equal to 'rdata2' \li > 0 'rdata1' is greater than 'rdata2' / int dns_rdata_casecompare(const dns_rdata_t rdata1, const dns_rdata_t rdata2); /%< dns_rdata_casecompare() is similar to dns_rdata_compare() but also * compares domain names case insensitively in known rdata types that * are treated as opaque data by dns_rdata_compare(). * * Requires: * \li 'rdata1' is a valid, non-empty rdata \li 'rdata2' is a valid, non-empty rdata * Returns: \li < 0 'rdata1' is less than 'rdata2' \li 0 'rdata1' is equal to 'rdata2' \li > 0 'rdata1' is greater than 'rdata2' / /* * Conversions **/ void dns_rdata_fromregion(dns_rdata_t rdata, dns_rdataclass_t rdclass, dns_rdatatype_t type, isc_region_t r); /%< * Make 'rdata' refer to region 'r'. * * Requires: * \li The data in 'r' is properly formatted for whatever type it is. / void dns_rdata_toregion(const dns_rdata_t rdata, isc_region_t r); /%< Make 'r' refer to 'rdata'. / isc_result_t dns_rdata_fromwire(dns_rdata_t rdata, dns_rdataclass_t rdclass, dns_rdatatype_t type, isc_buffer_t source, dns_decompress_t dctx, unsigned int options, isc_buffer_t target); /%< * Copy the possibly-compressed rdata at source into the target region. * * Notes: \li Name decompression policy is controlled by 'dctx'. * 'options' \li DNS_RDATA_DOWNCASE downcase domain names when they are copied into target. * * Requires: * \li 'rdclass' and 'type' are valid. \li 'source' is a valid buffer, and the active region of 'source' references the rdata to be processed. * \li 'target' is a valid buffer. \li 'dctx' is a valid decompression context. * Ensures, * if result is success: * \li If 'rdata' is not NULL, it is attached to the target. * \li The conditions dns_name_fromwire() ensures for names hold * for all names in the rdata. * \li The current location in source is advanced, and the used space * in target is updated. * * Result: \li Success \li Any non-success status from dns_name_fromwire() \li Various 'Bad Form' class failures depending on class and type \li Bad Form: Input too short \li Resource Limit: Not enough space / isc_result_t dns_rdata_towire(dns_rdata_t rdata, dns_compress_t cctx, isc_buffer_t target); /%< * Convert 'rdata' into wire format, compressing it as specified by the * compression context 'cctx', and storing the result in 'target'. * * Notes: \li If the compression context allows global compression, then the global compression table may be updated. * * Requires: \li 'rdata' is a valid, non-empty rdata \li target is a valid buffer \li Any offsets specified in a global compression table are valid for target. * * Ensures, * if the result is success: * \li The used space in target is updated. * * Returns: \li Success \li Any non-success status from dns_name_towire() \li Resource Limit: Not enough space / isc_result_t dns_rdata_fromtext(dns_rdata_t rdata, dns_rdataclass_t rdclass, dns_rdatatype_t type, isc_lex_t lexer, const dns_name_t origin, unsigned int options, isc_mem_t mctx, isc_buffer_t target, dns_rdatacallbacks_t callbacks); /%< Convert the textual representation of a DNS rdata into uncompressed wire * form stored in the target region. Tokens constituting the text of the rdata * are taken from 'lexer'. * * Notes: \li Relative domain names in the rdata will have 'origin' appended to them. A NULL origin implies "origin == dns_rootname". * * * 'options' \li DNS_RDATA_DOWNCASE downcase domain names when they are copied into target. \li DNS_RDATA_CHECKNAMES perform checknames checks. \li DNS_RDATA_CHECKNAMESFAIL fail if the checknames check fail. If * not set a warning will be issued. \li DNS_RDATA_CHECKREVERSE this should set if the owner name ends in IP6.ARPA, IP6.INT or IN-ADDR.ARPA. * * Requires: * \li 'rdclass' and 'type' are valid. \li 'lexer' is a valid isc_lex_t. \li 'mctx' is a valid isc_mem_t. \li 'target' is a valid region. \li 'origin' if non NULL it must be absolute. \li 'callbacks' to be NULL or callbacks->warn and callbacks->error be initialized. * * Ensures, * if result is success: \li If 'rdata' is not NULL, it is attached to the target. \li The conditions dns_name_fromtext() ensures for names hold for all names in the rdata. * \li The used space in target is updated. * Result: \li Success \li Translated result codes from isc_lex_gettoken \li Various 'Bad Form' class failures depending on class and type \li Bad Form: Input too short \li Resource Limit: Not enough space \li Resource Limit: Not enough memory / isc_result_t dns_rdata_totext(dns_rdata_t rdata, const dns_name_t origin, isc_buffer_t target); /%< Convert 'rdata' into text format, storing the result in 'target'. * The text will consist of a single line, with fields separated by * single spaces. * * Notes: \li If 'origin' is not NULL, then any names in the rdata that are subdomains of 'origin' will be made relative it. * \li XXX Do we really* want to support 'origin'? I'm inclined towards "no" * at the moment. * * Requires: * \li 'rdata' is a valid, non-empty rdata \li 'origin' is NULL, or is a valid name \li 'target' is a valid text buffer * Ensures, * if the result is success: * * \li The used space in target is updated. * * Returns: \li Success \li Any non-success status from dns_name_totext() \li Resource Limit: Not enough space / isc_result_t dns_rdata_tofmttext(dns_rdata_t rdata, const dns_name_t origin, dns_masterstyle_flags_t flags, unsigned int width, unsigned int split_width, const char linebreak, isc_buffer_t target); /%< Like dns_rdata_totext, but do formatted output suitable for * database dumps. This is intended for use by dns_db_dump(); * library users are discouraged from calling it directly. * * If (flags & #DNS_STYLEFLAG_MULTILINE) != 0, attempt to stay * within 'width' by breaking the text into multiple lines. * The string 'linebreak' is inserted between lines, and parentheses * are added when necessary. Because RRs contain unbreakable elements * such as domain names whose length is variable, unpredictable, and * potentially large, there is no guarantee that the lines will * not exceed 'width' anyway. * * If (flags & #DNS_STYLEFLAG_MULTILINE) == 0, the rdata is always * printed as a single line, and no parentheses are used. * The 'width' and 'linebreak' arguments are ignored. * * If (flags & #DNS_STYLEFLAG_COMMENT) != 0, output explanatory * comments next to things like the SOA timer fields. Some * comments (e.g., the SOA ones) are only printed when multiline * output is selected. * * base64 rdata text (e.g., DNSKEY records) will be split into chunks * of 'split_width' characters. If split_width == 0, the text will * not be split at all. If split_width == UINT_MAX (0xffffffff), then * it is undefined and falls back to the default value of 'width' / isc_result_t dns_rdata_fromstruct(dns_rdata_t rdata, dns_rdataclass_t rdclass, dns_rdatatype_t type, void source, isc_buffer_t target); /%< Convert the C structure representation of an rdata into uncompressed wire * format in 'target'. * * XXX Should we have a 'size' parameter as a sanity check on target? * * Requires: * \li 'rdclass' and 'type' are valid. \li 'source' points to a valid C struct for the class and type. \li 'target' is a valid buffer. \li All structure pointers to memory blocks should be NULL if their corresponding length values are zero. * * Ensures, * if result is success: * \li If 'rdata' is not NULL, it is attached to the target. * * \li The used space in 'target' is updated. * * Result: \li Success \li Various 'Bad Form' class failures depending on class and type \li Resource Limit: Not enough space / isc_result_t dns_rdata_tostruct(const dns_rdata_t rdata, void target, isc_mem_t mctx); /%< * Convert an rdata into its C structure representation. * * If 'mctx' is NULL then 'rdata' must persist while 'target' is being used. * * If 'mctx' is non NULL then memory will be allocated if required. * * Requires: * \li 'rdata' is a valid, non-empty, non-pseudo rdata. \li 'target' to point to a valid pointer for the type and class. * Result: \li Success \li Resource Limit: Not enough memory / void dns_rdata_freestruct(void source); /%< Free dynamic memory attached to 'source' (if any). * * Requires: * \li 'source' to point to the structure previously filled in by dns_rdata_tostruct(). / bool dns_rdatatype_ismeta(dns_rdatatype_t type); /%< * Return true iff the rdata type 'type' is a meta-type * like ANY or AXFR. / bool dns_rdatatype_issingleton(dns_rdatatype_t type); /%< * Return true iff the rdata type 'type' is a singleton type, * like CNAME or SOA. * * Requires: * \li 'type' is a valid rdata type. * / bool dns_rdataclass_ismeta(dns_rdataclass_t rdclass); /%< * Return true iff the rdata class 'rdclass' is a meta-class * like ANY or NONE. / bool dns_rdatatype_isdnssec(dns_rdatatype_t type); /%< * Return true iff 'type' is one of the DNSSEC * rdata types that may exist alongside a CNAME record. * * Requires: * \li 'type' is a valid rdata type. / bool dns_rdatatype_iszonecutauth(dns_rdatatype_t type); /%< * Return true iff rdata of type 'type' is considered authoritative * data (not glue) in the NSEC chain when it occurs in the parent zone * at a zone cut. * * Requires: * \li 'type' is a valid rdata type. * / bool dns_rdatatype_isknown(dns_rdatatype_t type); /%< * Return true iff the rdata type 'type' is known. * * Requires: * \li 'type' is a valid rdata type. * / isc_result_t dns_rdata_additionaldata(dns_rdata_t rdata, dns_additionaldatafunc_t add, void arg); /%< * Call 'add' for each name and type from 'rdata' which is subject to * additional section processing. * * Requires: * \li 'rdata' is a valid, non-empty rdata. \li 'add' is a valid dns_additionalfunc_t. * Ensures: * \li If successful, then add() will have been called for each name and type subject to additional section processing. * \li If add() returns something other than #ISC_R_SUCCESS, that result will be returned as the result of dns_rdata_additionaldata(). * * Returns: * \li ISC_R_SUCCESS \li Many other results are possible if not successful. / isc_result_t dns_rdata_digest(dns_rdata_t rdata, dns_digestfunc_t digest, void arg); /%< Send 'rdata' in DNSSEC canonical form to 'digest'. * * Note: \li 'digest' may be called more than once by dns_rdata_digest(). The concatenation of all the regions, in the order they were given * to 'digest', will be the DNSSEC canonical form of 'rdata'. * * Requires: * \li 'rdata' is a valid, non-empty rdata. \li 'digest' is a valid dns_digestfunc_t. * Ensures: * \li If successful, then all of the rdata's data has been sent, in DNSSEC canonical form, to 'digest'. * \li If digest() returns something other than ISC_R_SUCCESS, that result will be returned as the result of dns_rdata_digest(). * * Returns: * \li ISC_R_SUCCESS \li Many other results are possible if not successful. / bool dns_rdatatype_questiononly(dns_rdatatype_t type); /%< Return true iff rdata of type 'type' can only appear in the question * section of a properly formatted message. * * Requires: * \li 'type' is a valid rdata type. * / bool dns_rdatatype_notquestion(dns_rdatatype_t type); /%< * Return true iff rdata of type 'type' can not appear in the question * section of a properly formatted message. * * Requires: * \li 'type' is a valid rdata type. * / bool dns_rdatatype_atparent(dns_rdatatype_t type); /%< * Return true iff rdata of type 'type' should appear at the parent of * a zone cut. * * Requires: * \li 'type' is a valid rdata type. * / bool dns_rdatatype_atcname(dns_rdatatype_t type); /%< * Return true iff rdata of type 'type' can appear beside a cname. * * Requires: * \li 'type' is a valid rdata type. * / bool dns_rdatatype_followadditional(dns_rdatatype_t type); /%< * Return true if adding a record of type 'type' to the ADDITIONAL section * of a message can itself trigger the addition of still more data to the * additional section. * * (For example: adding SRV to the ADDITIONAL section may trigger * the addition of address records associated with that SRV.) * * Requires: * \li 'type' is a valid rdata type. * / unsigned int dns_rdatatype_attributes(dns_rdatatype_t rdtype); /%< * Return attributes for the given type. * * Requires: \li 'rdtype' are known. * Returns: \li a bitmask consisting of the following flags. / /% only one may exist for a name / #define DNS_RDATATYPEATTR_SINGLETON 0x00000001U /% requires no other data be present / #define DNS_RDATATYPEATTR_EXCLUSIVE 0x00000002U /% Is a meta type / #define DNS_RDATATYPEATTR_META 0x00000004U /% Is a DNSSEC type, like RRSIG or NSEC / #define DNS_RDATATYPEATTR_DNSSEC 0x00000008U /% Is a zone cut authority type / #define DNS_RDATATYPEATTR_ZONECUTAUTH 0x00000010U /% Is reserved (unusable) / #define DNS_RDATATYPEATTR_RESERVED 0x00000020U /% Is an unknown type / #define DNS_RDATATYPEATTR_UNKNOWN 0x00000040U /% Is META, and can only be in a question section / #define DNS_RDATATYPEATTR_QUESTIONONLY 0x00000080U /% Is META, and can NOT be in a question section / #define DNS_RDATATYPEATTR_NOTQUESTION 0x00000100U /% Is present at zone cuts in the parent, not the child / #define DNS_RDATATYPEATTR_ATPARENT 0x00000200U /% Can exist along side a CNAME / #define DNS_RDATATYPEATTR_ATCNAME 0x00000400U /% Follow additional / #define DNS_RDATATYPEATTR_FOLLOWADDITIONAL 0x00000800U dns_rdatatype_t dns_rdata_covers(dns_rdata_t rdata); /%< * Return the rdatatype that this type covers. * * Requires: \li 'rdata' is a valid, non-empty rdata. \li 'rdata' is a type that covers other rdata types. * Returns: \li The type covered. / bool dns_rdata_checkowner(const dns_name_t name, dns_rdataclass_t rdclass, dns_rdatatype_t type, bool wildcard); / * Returns whether this is a valid ownername for this <type,class>. * If wildcard is true allow the first label to be a wildcard if * appropriate. * * Requires: * 'name' is a valid name. / bool dns_rdata_checknames(dns_rdata_t rdata, const dns_name_t owner, dns_name_t bad); /* * Returns whether 'rdata' contains valid domain names. The checks are * sensitive to the owner name. * * If 'bad' is non-NULL and a domain name fails the check the * the offending name will be return in 'bad' by cloning from * the 'rdata' contents. * * Requires: * 'rdata' to be valid. * 'owner' to be valid. * 'bad' to be NULL or valid. / void dns_rdata_exists(dns_rdata_t rdata, dns_rdatatype_t type); void dns_rdata_notexist(dns_rdata_t rdata, dns_rdatatype_t type); void dns_rdata_deleterrset(dns_rdata_t rdata, dns_rdatatype_t type); void dns_rdata_makedelete(dns_rdata_t rdata); const char dns_rdata_updateop(dns_rdata_t rdata, dns_section_t section); ISC_LANG_ENDDECLS #endif / DNS_RDATA_H / ��dns/clientinfo.h��0000644��00000003737�15125204631�0007644 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_CLIENTINFO_H #define DNS_CLIENTINFO_H 1 /** * Module Info **/ /! \file dns/clientinfo.h * \brief * The DNS clientinfo interface allows libdns to retrieve information * about the client from the caller. * * The clientinfo interface is used by the DNS DB and DLZ interfaces; * it allows databases to modify their answers on the basis of information * about the client, such as source IP address. * * dns_clientinfo_t contains a pointer to an opaque structure containing * client information in some form. dns_clientinfomethods_t contains a * list of methods which operate on that opaque structure to return * potentially useful data. Both structures also contain versioning * information. / /** * Imports */ #include <inttypes.h> #include <isc/sockaddr.h> #include <isc/types.h> ISC_LANG_BEGINDECLS /* * Types **/ #define DNS_CLIENTINFO_VERSION 2 typedef struct dns_clientinfo { uint16_t version; void data; void dbversion; } dns_clientinfo_t; typedef isc_result_t (dns_clientinfo_sourceip_t)(dns_clientinfo_t client, isc_sockaddr_t addrp); #define DNS_CLIENTINFOMETHODS_VERSION 2 #define DNS_CLIENTINFOMETHODS_AGE 1 typedef struct dns_clientinfomethods { uint16_t version; uint16_t age; dns_clientinfo_sourceip_t sourceip; } dns_clientinfomethods_t; /** * Methods **/ void dns_clientinfomethods_init(dns_clientinfomethods_t methods, dns_clientinfo_sourceip_t sourceip); void dns_clientinfo_init(dns_clientinfo_t ci, void data, void versionp); ISC_LANG_ENDDECLS #endif / DNS_CLIENTINFO_H / ��dns/dlz_dlopen.h��0000644��00000010452�15125204631�0007634 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! \file dns/dlz_dlopen.h / #ifndef DLZ_DLOPEN_H #define DLZ_DLOPEN_H #include <inttypes.h> #include <stdbool.h> #include <dns/sdlz.h> ISC_LANG_BEGINDECLS / * This header provides a minimal set of defines and typedefs needed * for the entry points of an external DLZ module for bind9. / #define DLZ_DLOPEN_VERSION 3 #define DLZ_DLOPEN_AGE 0 / * dlz_dlopen_version() is required for all DLZ external drivers. It * should return DLZ_DLOPEN_VERSION / typedef int dlz_dlopen_version_t(unsigned int flags); /* * dlz_dlopen_create() is required for all DLZ external drivers. / typedef isc_result_t dlz_dlopen_create_t(const char dlzname, unsigned int argc, char argv[], void dbdata, ...); / * dlz_dlopen_destroy() is optional, and will be called when the * driver is unloaded if supplied / typedef void dlz_dlopen_destroy_t(void dbdata); /* * dlz_dlopen_findzonedb() is required for all DLZ external drivers / typedef isc_result_t dlz_dlopen_findzonedb_t(void dbdata, const char name, dns_clientinfomethods_t methods, dns_clientinfo_t clientinfo); / * dlz_dlopen_lookup() is required for all DLZ external drivers / typedef isc_result_t dlz_dlopen_lookup_t(const char zone, const char name, void dbdata, dns_sdlzlookup_t lookup, dns_clientinfomethods_t methods, dns_clientinfo_t clientinfo); / * dlz_dlopen_authority is optional() if dlz_dlopen_lookup() * supplies authority information for the dns record / typedef isc_result_t dlz_dlopen_authority_t(const char zone, void dbdata, dns_sdlzlookup_t lookup); /* * dlz_dlopen_allowzonexfr() is optional, and should be supplied if * you want to support zone transfers / typedef isc_result_t dlz_dlopen_allowzonexfr_t(void dbdata, const char name, const char client); /* * dlz_dlopen_allnodes() is optional, but must be supplied if supply a * dlz_dlopen_allowzonexfr() function / typedef isc_result_t dlz_dlopen_allnodes_t(const char zone, void dbdata, dns_sdlzallnodes_t allnodes); /* * dlz_dlopen_newversion() is optional. It should be supplied if you * want to support dynamic updates. / typedef isc_result_t dlz_dlopen_newversion_t(const char zone, void dbdata, void versionp); / * dlz_closeversion() is optional, but must be supplied if you supply * a dlz_newversion() function / typedef void dlz_dlopen_closeversion_t(const char zone, bool commit, void dbdata, void versionp); / * dlz_dlopen_configure() is optional, but must be supplied if you * want to support dynamic updates / typedef isc_result_t dlz_dlopen_configure_t(dns_view_t view, dns_dlzdb_t dlzdb, void dbdata); /* * dlz_dlopen_setclientcallback() is optional, but must be supplied if you * want to retrieve information about the client (e.g., source address) * before sending a replay. / typedef isc_result_t dlz_dlopen_setclientcallback_t(dns_view_t view, void dbdata); / * dlz_dlopen_ssumatch() is optional, but must be supplied if you want * to support dynamic updates / typedef bool dlz_dlopen_ssumatch_t(const char signer, const char name, const char tcpaddr, const char type, const char key, uint32_t keydatalen, unsigned char keydata, void dbdata); /* * dlz_dlopen_addrdataset() is optional, but must be supplied if you * want to support dynamic updates / typedef isc_result_t dlz_dlopen_addrdataset_t(const char name, const char rdatastr, void dbdata, void version); / * dlz_dlopen_subrdataset() is optional, but must be supplied if you * want to support dynamic updates / typedef isc_result_t dlz_dlopen_subrdataset_t(const char name, const char rdatastr, void dbdata, void version); / * dlz_dlopen_delrdataset() is optional, but must be supplied if you * want to support dynamic updates / typedef isc_result_t dlz_dlopen_delrdataset_t(const char name, const char type, void dbdata, void version); ISC_LANG_ENDDECLS #endif / ifndef DLZ_DLOPEN_H / ��dns/dsdigest.h��0000644��00000003261�15125204631�0007310 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_DSDIGEST_H #define DNS_DSDIGEST_H 1 /! \file dns/dsdigest.h / #include <isc/lang.h> #include <dns/types.h> ISC_LANG_BEGINDECLS isc_result_t dns_dsdigest_fromtext(dns_dsdigest_t dsdigestp, isc_textregion_t source); /%< * Convert the text 'source' refers to into a DS digest type value. * The text may contain either a mnemonic digest name or a decimal * digest number. * * Requires: \li 'dsdigestp' is a valid pointer. \li 'source' is a valid text region. * Returns: \li ISC_R_SUCCESS on success \li ISC_R_RANGE numeric type is out of range \li DNS_R_UNKNOWN mnemonic type is unknown / isc_result_t dns_dsdigest_totext(dns_dsdigest_t dsdigest, isc_buffer_t target); /%< * Put a textual representation of the DS digest type 'dsdigest' * into 'target'. * * Requires: \li 'dsdigest' is a valid dsdigest. \li 'target' is a valid text buffer. * Ensures, * if the result is success: \li The used space in 'target' is updated. * Returns: \li ISC_R_SUCCESS on success \li ISC_R_NOSPACE target buffer is too small / #define DNS_DSDIGEST_FORMATSIZE 20 void dns_dsdigest_format(dns_dsdigest_t typ, char cp, unsigned int size); /%< Wrapper for dns_dsdigest_totext(), writing text into 'cp' / ISC_LANG_ENDDECLS #endif / DNS_DSDIGEST_H / ��dns/kasp.h��0000644��00000027534�15125204631�0006451 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_KASP_H #define DNS_KASP_H 1 /** * Module Info **/ /! \file dns/kasp.h * \brief * DNSSEC Key and Signing Policy (KASP) * * A "kasp" is a DNSSEC policy, that determines how a zone should be * signed and maintained. / #include <isc/lang.h> #include <isc/magic.h> #include <isc/mutex.h> #include <isc/refcount.h> #include <dns/types.h> ISC_LANG_BEGINDECLS / Stores a KASP key / struct dns_kasp_key { isc_mem_t mctx; /* Locked by themselves. / isc_refcount_t references; / Under owner's locking control. / ISC_LINK(struct dns_kasp_key) link; / Configuration / uint32_t lifetime; uint8_t algorithm; int length; uint8_t role; }; struct dns_kasp_nsec3param { uint8_t saltlen; uint8_t algorithm; uint8_t iterations; bool optout; }; / Stores a DNSSEC policy / struct dns_kasp { unsigned int magic; isc_mem_t mctx; char name; / Internals. / isc_mutex_t lock; bool frozen; / Locked by themselves. / isc_refcount_t references; / Under owner's locking control. / ISC_LINK(struct dns_kasp) link; / Configuration: signatures / uint32_t signatures_refresh; uint32_t signatures_validity; uint32_t signatures_validity_dnskey; / Configuration: Keys / dns_kasp_keylist_t keys; dns_ttl_t dnskey_ttl; / Configuration: Denial of existence / bool nsec3; dns_kasp_nsec3param_t nsec3param; / Configuration: Timings / uint32_t publish_safety; uint32_t retire_safety; uint32_t purge_keys; / Zone settings / dns_ttl_t zone_max_ttl; uint32_t zone_propagation_delay; / Parent settings / dns_ttl_t parent_ds_ttl; uint32_t parent_propagation_delay; }; #define DNS_KASP_MAGIC ISC_MAGIC('K', 'A', 'S', 'P') #define DNS_KASP_VALID(kasp) ISC_MAGIC_VALID(kasp, DNS_KASP_MAGIC) / Defaults / #define DNS_KASP_SIG_REFRESH (86400 5) #define DNS_KASP_SIG_VALIDITY (86400 * 14) #define DNS_KASP_SIG_VALIDITY_DNSKEY (86400 * 14) #define DNS_KASP_KEY_TTL (3600) #define DNS_KASP_DS_TTL (86400) #define DNS_KASP_PUBLISH_SAFETY (3600) #define DNS_KASP_PURGE_KEYS (86400 * 90) #define DNS_KASP_RETIRE_SAFETY (3600) #define DNS_KASP_ZONE_MAXTTL (86400) #define DNS_KASP_ZONE_PROPDELAY (300) #define DNS_KASP_PARENT_PROPDELAY (3600) /* Key roles / #define DNS_KASP_KEY_ROLE_KSK 0x01 #define DNS_KASP_KEY_ROLE_ZSK 0x02 isc_result_t dns_kasp_create(isc_mem_t mctx, const char name, dns_kasp_t kaspp); /%< * Create a KASP. * * Requires: * \li 'mctx' is a valid memory context. \li 'name' is a valid C string. \li kaspp != NULL && kaspp == NULL * * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY * \li Other errors are possible. / void dns_kasp_attach(dns_kasp_t source, dns_kasp_t targetp); /%< * Attach 'targetp' to 'source'. * Requires: * \li 'source' is a valid, frozen kasp. \li 'targetp' points to a NULL dns_kasp_t . * * Ensures: * \li targetp is attached to source. * \li While targetp is attached, the kasp will not shut down. / void dns_kasp_detach(dns_kasp_t kaspp); /%< * Detach KASP. * * Requires: * \li 'kaspp' points to a valid dns_kasp_t * * Ensures: * \li kaspp is NULL. / void dns_kasp_freeze(dns_kasp_t kasp); /%< Freeze kasp. No changes can be made to kasp configuration while frozen. * * Requires: * \li 'kasp' is a valid, unfrozen kasp. * Ensures: * \li 'kasp' is frozen. / void dns_kasp_thaw(dns_kasp_t kasp); /%< * Thaw kasp. * * Requires: * \li 'kasp' is a valid, frozen kasp. * Ensures: * \li 'kasp' is no longer frozen. / const char * dns_kasp_getname(dns_kasp_t kasp); /%< * Get kasp name. * * Requires: * \li 'kasp' is a valid kasp. * Returns: * \li name of 'kasp'. / uint32_t dns_kasp_signdelay(dns_kasp_t kasp); /%< * Get the delay that is needed to ensure that all existing RRsets have been * re-signed with a successor key. This is the signature validity minus the * signature refresh time (that indicates how far before signature expiry an * RRSIG should be refreshed). * * Requires: * \li 'kasp' is a valid, frozen kasp. * Returns: * \li signature refresh interval. / uint32_t dns_kasp_sigrefresh(dns_kasp_t kasp); /%< * Get signature refresh interval. * * Requires: * \li 'kasp' is a valid, frozen kasp. * Returns: * \li signature refresh interval. / void dns_kasp_setsigrefresh(dns_kasp_t kasp, uint32_t value); /%< * Set signature refresh interval. * * Requires: * \li 'kasp' is a valid, thawed kasp. / uint32_t dns_kasp_sigvalidity(dns_kasp_t kasp); uint32_t dns_kasp_sigvalidity_dnskey(dns_kasp_t kasp); /%< Get signature validity. * * Requires: * \li 'kasp' is a valid, frozen kasp. * Returns: * \li signature validity. / void dns_kasp_setsigvalidity(dns_kasp_t kasp, uint32_t value); void dns_kasp_setsigvalidity_dnskey(dns_kasp_t kasp, uint32_t value); /%< Set signature validity. * * Requires: * \li 'kasp' is a valid, thawed kasp. / dns_ttl_t dns_kasp_dnskeyttl(dns_kasp_t kasp); /%< * Get DNSKEY TTL. * * Requires: * \li 'kasp' is a valid, frozen kasp. * Returns: * \li DNSKEY TTL. / void dns_kasp_setdnskeyttl(dns_kasp_t kasp, dns_ttl_t ttl); /%< * Set DNSKEY TTL. * * Requires: * \li 'kasp' is a valid, thawed kasp. / uint32_t dns_kasp_purgekeys(dns_kasp_t kasp); /%< * Get purge keys interval. * * Requires: * \li 'kasp' is a valid, frozen kasp. * Returns: * \li Purge keys interval. / void dns_kasp_setpurgekeys(dns_kasp_t kasp, uint32_t value); /%< * Set purge keys interval. * * Requires: * \li 'kasp' is a valid, thawed kasp. / uint32_t dns_kasp_publishsafety(dns_kasp_t kasp); /%< * Get publish safety interval. * * Requires: * \li 'kasp' is a valid, frozen kasp. * Returns: * \li Publish safety interval. / void dns_kasp_setpublishsafety(dns_kasp_t kasp, uint32_t value); /%< * Set publish safety interval. * * Requires: * \li 'kasp' is a valid, thawed kasp. / uint32_t dns_kasp_retiresafety(dns_kasp_t kasp); /%< * Get retire safety interval. * * Requires: * \li 'kasp' is a valid, frozen kasp. * Returns: * \li Retire safety interval. / void dns_kasp_setretiresafety(dns_kasp_t kasp, uint32_t value); /%< * Set retire safety interval. * * Requires: * \li 'kasp' is a valid, thawed kasp. / dns_ttl_t dns_kasp_zonemaxttl(dns_kasp_t kasp); /%< * Get maximum zone TTL. * * Requires: * \li 'kasp' is a valid, frozen kasp. * Returns: * \li Maximum zone TTL. / void dns_kasp_setzonemaxttl(dns_kasp_t kasp, dns_ttl_t ttl); /%< * Set maximum zone TTL. * * Requires: * \li 'kasp' is a valid, thawed kasp. / uint32_t dns_kasp_zonepropagationdelay(dns_kasp_t kasp); /%< * Get zone propagation delay. * * Requires: * \li 'kasp' is a valid, frozen kasp. * Returns: * \li Zone propagation delay. / void dns_kasp_setzonepropagationdelay(dns_kasp_t kasp, uint32_t value); /%< * Set zone propagation delay. * * Requires: * \li 'kasp' is a valid, thawed kasp. / dns_ttl_t dns_kasp_dsttl(dns_kasp_t kasp); /%< * Get DS TTL (should match that of the parent DS record). * * Requires: * \li 'kasp' is a valid, frozen kasp. * Returns: * \li Expected parent DS TTL. / void dns_kasp_setdsttl(dns_kasp_t kasp, dns_ttl_t ttl); /%< * Set DS TTL. * * Requires: * \li 'kasp' is a valid, thawed kasp. / uint32_t dns_kasp_parentpropagationdelay(dns_kasp_t kasp); /%< * Get parent zone propagation delay. * * Requires: * \li 'kasp' is a valid, frozen kasp. * Returns: * \li Parent zone propagation delay. / void dns_kasp_setparentpropagationdelay(dns_kasp_t kasp, uint32_t value); /%< * Set parent propagation delay. * * Requires: * \li 'kasp' is a valid, thawed kasp. / isc_result_t dns_kasplist_find(dns_kasplist_t list, const char name, dns_kasp_t *kaspp); /%< * Search for a kasp with name 'name' in 'list'. * If found, 'kaspp' is (strongly) attached to it. * Requires: * \li 'kaspp' points to a NULL dns_kasp_t . * * Returns: * \li #ISC_R_SUCCESS A matching kasp was found. \li #ISC_R_NOTFOUND No matching kasp was found. / dns_kasp_keylist_t dns_kasp_keys(dns_kasp_t kasp); /%< Get the list of kasp keys. * * Requires: * \li 'kasp' is a valid, frozen kasp. * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY * \li Other errors are possible. / bool dns_kasp_keylist_empty(dns_kasp_t kasp); /%< * Check if the keylist is empty. * * Requires: * \li 'kasp' is a valid kasp. * Returns: * \li true if the keylist is empty, false otherwise. / void dns_kasp_addkey(dns_kasp_t kasp, dns_kasp_key_t key); /%< Add a key. * * Requires: * \li 'kasp' is a valid, thawed kasp. \li 'key' is not NULL. / isc_result_t dns_kasp_key_create(dns_kasp_t kasp, dns_kasp_key_t *keyp); /%< * Create a key inside a KASP. * * Requires: * \li 'kasp' is a valid kasp. \li keyp != NULL && keyp == NULL * * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY * \li Other errors are possible. / void dns_kasp_key_destroy(dns_kasp_key_t key); /%< * Destroy a KASP key. * * Requires: * \li key != NULL / uint32_t dns_kasp_key_algorithm(dns_kasp_key_t key); /%< * Get the key algorithm. * * Requires: * \li key != NULL * Returns: * \li Key algorithm. / unsigned int dns_kasp_key_size(dns_kasp_key_t key); /%< * Get the key size. * * Requires: * \li key != NULL * Returns: * \li Configured key size, or default key size for key algorithm if no size configured. / uint32_t dns_kasp_key_lifetime(dns_kasp_key_t key); /%< The lifetime of this key (how long may this key be active?) * * Requires: * \li key != NULL * Returns: * \li Lifetime of key. / bool dns_kasp_key_ksk(dns_kasp_key_t key); /%< Does this key act as a KSK? * * Requires: * \li key != NULL * Returns: * \li True, if the key role has DNS_KASP_KEY_ROLE_KSK set. \li False, otherwise. * / bool dns_kasp_key_zsk(dns_kasp_key_t key); /%< Does this key act as a ZSK? * * Requires: * \li key != NULL * Returns: * \li True, if the key role has DNS_KASP_KEY_ROLE_ZSK set. \li False, otherwise. * / bool dns_kasp_nsec3(dns_kasp_t kasp); /%< Return true if NSEC3 chain should be used. * * Requires: * \li 'kasp' is a valid, frozen kasp. / uint8_t dns_kasp_nsec3iter(dns_kasp_t kasp); /%< The number of NSEC3 iterations to use. * * Requires: * \li 'kasp' is a valid, frozen kasp. \li 'kasp->nsec3' is true. * / uint8_t dns_kasp_nsec3flags(dns_kasp_t kasp); /%< The NSEC3 flags field value. * * Requires: * \li 'kasp' is a valid, frozen kasp. \li 'kasp->nsec3' is true. * / uint8_t dns_kasp_nsec3saltlen(dns_kasp_t kasp); /%< The NSEC3 salt length. * * Requires: * \li 'kasp' is a valid, frozen kasp. \li 'kasp->nsec3' is true. * / void dns_kasp_setnsec3(dns_kasp_t kasp, bool nsec3); /%< Set to use NSEC3 if 'nsec3' is 'true', otherwise policy will use NSEC. * * Requires: * \li 'kasp' is a valid, unfrozen kasp. / void dns_kasp_setnsec3param(dns_kasp_t kasp, uint8_t iter, bool optout, uint8_t saltlen); /%< Set the desired NSEC3 parameters. * * Requires: * \li 'kasp' is a valid, unfrozen kasp. \li 'kasp->nsec3' is true. * / ISC_LANG_ENDDECLS #endif / DNS_KASP_H / ��dns/dnssec.h��0000644��00000030451�15125204631�0006762 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_DNSSEC_H #define DNS_DNSSEC_H 1 /! \file dns/dnssec.h / #include <stdbool.h> #include <isc/lang.h> #include <isc/stats.h> #include <isc/stdtime.h> #include <dns/diff.h> #include <dns/types.h> #include <dst/dst.h> ISC_LANG_BEGINDECLS LIBDNS_EXTERNAL_DATA extern isc_stats_t dns_dnssec_stats; /%< Maximum number of keys supported in a zone. / #define DNS_MAXZONEKEYS 32 /* * Indicates how the signer found this key: in the key repository, at the * zone apex, or specified by the user. / typedef enum { dns_keysource_unknown, dns_keysource_repository, dns_keysource_zoneapex, dns_keysource_user } dns_keysource_t; / * A DNSSEC key and hints about its intended use gleaned from metadata / struct dns_dnsseckey { dst_key_t key; bool hint_publish; /% metadata says to publish / bool force_publish; /% publish regardless of metadata / bool hint_sign; /% metadata says to sign with this * key / bool force_sign; /% sign with key regardless of * metadata / bool hint_revoke; /% metadata says revoke key / bool hint_remove; /% metadata says don't publish / bool is_active; /% key is already active / bool first_sign; /% key is newly becoming active / bool purge; /% remove key files / unsigned int prepublish; /% how long until active? / dns_keysource_t source; /% how the key was found / bool ksk; /% this is a key-signing key / bool zsk; /% this is a zone-signing key / bool legacy; /% this is old-style key with no * metadata (possibly generated by * an older version of BIND9) and * should be ignored when searching * for keys to import into the zone / unsigned int index; /% position in list / ISC_LINK(dns_dnsseckey_t) link; }; isc_result_t dns_dnssec_keyfromrdata(const dns_name_t name, const dns_rdata_t rdata, isc_mem_t mctx, dst_key_t *key); /%< * Creates a DST key from a DNS record. Basically a wrapper around * dst_key_fromdns(). * * Requires: \li 'name' is not NULL \li 'rdata' is not NULL \li 'mctx' is not NULL \li 'key' is not NULL \li 'key' is NULL * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li DST_R_INVALIDPUBLICKEY \li various errors from dns_name_totext / isc_result_t dns_dnssec_sign(const dns_name_t name, dns_rdataset_t set, dst_key_t key, isc_stdtime_t inception, isc_stdtime_t expire, isc_mem_t mctx, isc_buffer_t buffer, dns_rdata_t sigrdata); /%< * Generates a RRSIG record covering this rdataset. This has no effect * on existing RRSIG records. * * Requires: \li 'name' (the owner name of the record) is a valid name \li 'set' is a valid rdataset \li 'key' is a valid key \li 'inception' is not NULL \li 'expire' is not NULL \li 'mctx' is not NULL \li 'buffer' is not NULL \li 'sigrdata' is not NULL * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li #ISC_R_NOSPACE \li #DNS_R_INVALIDTIME - the expiration is before the inception \li #DNS_R_KEYUNAUTHORIZED - the key cannot sign this data (either it is not a zone key or its flags prevent * authentication) \li DST_R_ / isc_result_t dns_dnssec_verify(const dns_name_t name, dns_rdataset_t set, dst_key_t key, bool ignoretime, unsigned int maxbits, isc_mem_t mctx, dns_rdata_t sigrdata, dns_name_t wild); /%< * Verifies the RRSIG record covering this rdataset signed by a specific * key. This does not determine if the key's owner is authorized to sign * this record, as this requires a resolver or database. * If 'ignoretime' is true, temporal validity will not be checked. * * 'maxbits' specifies the maximum number of rsa exponent bits accepted. * * Requires: \li 'name' (the owner name of the record) is a valid name \li 'set' is a valid rdataset \li 'key' is a valid key \li 'mctx' is not NULL \li 'sigrdata' is a valid rdata containing a SIG record \li 'wild' if non-NULL then is a valid and has a buffer. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li #DNS_R_FROMWILDCARD - the signature is valid and is from a wildcard expansion. dns_dnssec_verify2() only. * 'wild' contains the name of the wildcard if non-NULL. \li #DNS_R_SIGINVALID - the signature fails to verify \li #DNS_R_SIGEXPIRED - the signature has expired \li #DNS_R_SIGFUTURE - the signature's validity period has not begun \li #DNS_R_KEYUNAUTHORIZED - the key cannot sign this data (either * it is not a zone key or its flags prevent * authentication) \li DST_R_ / /@{/ isc_result_t dns_dnssec_findzonekeys(dns_db_t db, dns_dbversion_t ver, dns_dbnode_t node, const dns_name_t name, const char directory, isc_stdtime_t now, isc_mem_t mctx, unsigned int maxkeys, dst_key_t keys, unsigned int nkeys); /%< Finds a set of zone keys. * XXX temporary - this should be handled in dns_zone_t. / /@}/ bool dns_dnssec_keyactive(dst_key_t key, isc_stdtime_t now); /%< * Returns true if 'key' is active as of the time specified * in 'now' (i.e., if the activation date has passed, inactivation or * deletion date has not yet been reached, and the key is not revoked * -- or if it is a legacy key without metadata). Otherwise returns * false. * * Requires: \li 'key' is a valid key / isc_result_t dns_dnssec_signmessage(dns_message_t msg, dst_key_t key); /%< Signs a message with a SIG(0) record. This is implicitly called by * dns_message_renderend() if msg->sig0key is not NULL. * * Requires: \li 'msg' is a valid message \li 'key' is a valid key that can be used for signing * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li DST_R_ / isc_result_t dns_dnssec_verifymessage(isc_buffer_t source, dns_message_t msg, dst_key_t key); /%< Verifies a message signed by a SIG(0) record. This is not * called implicitly by dns_message_parse(). If dns_message_signer() * is called before dns_dnssec_verifymessage(), it will return * #DNS_R_NOTVERIFIEDYET. dns_dnssec_verifymessage() will set * the verified_sig0 flag in msg if the verify succeeds, and * the sig0status field otherwise. * * Requires: \li 'source' is a valid buffer containing the unparsed message \li 'msg' is a valid message \li 'key' is a valid key * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li #ISC_R_NOTFOUND - no SIG(0) was found \li #DNS_R_SIGINVALID - the SIG record is not well-formed or * was not generated by the key. \li DST_R_ / bool dns_dnssec_selfsigns(dns_rdata_t rdata, const dns_name_t name, dns_rdataset_t rdataset, dns_rdataset_t sigrdataset, bool ignoretime, isc_mem_t mctx); bool dns_dnssec_signs(dns_rdata_t rdata, const dns_name_t name, dns_rdataset_t rdataset, dns_rdataset_t sigrdataset, bool ignoretime, isc_mem_t mctx); /%< * Verify that 'rdataset' is validly signed in 'sigrdataset' by * the key in 'rdata'. * * dns_dnssec_selfsigns() requires that rdataset be a DNSKEY or KEY * rrset. dns_dnssec_signs() works on any rrset. / isc_result_t dns_dnsseckey_create(isc_mem_t mctx, dst_key_t dstkey, dns_dnsseckey_t dkp); /%< Create and initialize a dns_dnsseckey_t structure. * * Requires: \li 'dkp' is not NULL and 'dkp' is NULL. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY / void dns_dnsseckey_destroy(isc_mem_t mctx, dns_dnsseckey_t *dkp); /%< * Reclaim a dns_dnsseckey_t structure. * * Requires: \li 'dkp' is not NULL and 'dkp' is not NULL. * * Ensures: \li 'dkp' is NULL. / void dns_dnssec_get_hints(dns_dnsseckey_t key, isc_stdtime_t now); /%< Get hints on DNSSEC key whether this key can be published * and/or is active. Timing metadata is compared to 'now'. * * Requires: \li 'key' is a pointer to a DNSSEC key and is not NULL. / isc_result_t dns_dnssec_findmatchingkeys(const dns_name_t origin, const char directory, isc_stdtime_t now, isc_mem_t mctx, dns_dnsseckeylist_t keylist); /%< Search 'directory' for K* key files matching the name in 'origin'. * Append all such keys, along with use hints gleaned from their * metadata, onto 'keylist'. Skip any unsupported algorithms. * * Requires: \li 'keylist' is not NULL * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOTFOUND \li #ISC_R_NOMEMORY \li any error returned by dns_name_totext(), isc_dir_open(), or * dst_key_fromnamedfile() * * Ensures: \li On error, keylist is unchanged / isc_result_t dns_dnssec_keylistfromrdataset(const dns_name_t origin, const char directory, isc_mem_t mctx, dns_rdataset_t keyset, dns_rdataset_t keysigs, dns_rdataset_t soasigs, bool savekeys, bool publickey, dns_dnsseckeylist_t keylist); /%< * Append the contents of a DNSKEY rdataset 'keyset' to 'keylist'. * Omit duplicates. If 'publickey' is false, search 'directory' for * matching key files, and load the private keys that go with * the public ones. If 'savekeys' is true, mark the keys so * they will not be deleted or inactivated regardless of metadata. * * 'keysigs' and 'soasigs', if not NULL and associated, contain the * RRSIGS for the DNSKEY and SOA records respectively and are used to mark * whether a key is already active in the zone. / isc_result_t dns_dnssec_updatekeys(dns_dnsseckeylist_t keys, dns_dnsseckeylist_t newkeys, dns_dnsseckeylist_t removed, const dns_name_t origin, dns_ttl_t hint_ttl, dns_diff_t diff, isc_mem_t mctx, void (report)(const char , ...)); /%< * Update the list of keys in 'keys' with new key information in 'newkeys'. * * For each key in 'newkeys', see if it has a match in 'keys'. * - If not, and if the metadata says the key should be published: * add it to 'keys', and place a dns_difftuple into 'diff' so * the key can be added to the DNSKEY set. If the metadata says it * should be active, set the first_sign flag. * - If so, and if the metadata says it should be removed: * remove it from 'keys', and place a dns_difftuple into 'diff' so * the key can be removed from the DNSKEY set. if 'removed' is non-NULL, * copy the key into that list; otherwise destroy it. * - Otherwise, make sure keys has current metadata. * * 'hint_ttl' is the TTL to use for the DNSKEY RRset if there is no * existing RRset, and if none of the keys to be added has a default TTL * (in which case we would use the shortest one). If the TTL is longer * than the time until a new key will be activated, then we have to delay * the key's activation. * * 'report' points to a function for reporting status. * * On completion, any remaining keys in 'newkeys' are freed. / isc_result_t dns_dnssec_syncupdate(dns_dnsseckeylist_t keys, dns_dnsseckeylist_t rmkeys, dns_rdataset_t cds, dns_rdataset_t cdnskey, isc_stdtime_t now, dns_ttl_t hint_ttl, dns_diff_t diff, isc_mem_t mctx); /%< * Update the CDS and CDNSKEY RRsets, adding and removing keys as needed. * * Returns: \li ISC_R_SUCCESS \li Other values indicate error / isc_result_t dns_dnssec_syncdelete(dns_rdataset_t cds, dns_rdataset_t cdnskey, dns_name_t origin, dns_rdataclass_t zclass, dns_ttl_t ttl, dns_diff_t diff, isc_mem_t mctx, bool dnssec_insecure); /%< Add or remove the CDS DELETE record and the CDNSKEY DELETE record. * If 'dnssec_insecure' is true, the DELETE records should be present. * Otherwise, the DELETE records must be removed from the RRsets (if present). * * Returns: \li ISC_R_SUCCESS \li Other values indicate error / isc_result_t dns_dnssec_matchdskey(dns_name_t name, dns_rdata_t dsrdata, dns_rdataset_t keyset, dns_rdata_t keyrdata); /%< * Given a DS rdata and a DNSKEY RRset, find the DNSKEY rdata that matches * the DS, and place it in 'keyrdata'. * * Returns: \li ISC_R_SUCCESS \li ISC_R_NOTFOUND \li Other values indicate error / ISC_LANG_ENDDECLS #endif /* DNS_DNSSEC_H / ��dns/nsec3.h��0000644��00000020102�15125204632�0006507 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_NSEC3_H #define DNS_NSEC3_H 1 #include <stdbool.h> #include <isc/iterated_hash.h> #include <isc/lang.h> #include <isc/log.h> #include <dns/db.h> #include <dns/diff.h> #include <dns/name.h> #include <dns/rdatastruct.h> #include <dns/types.h> #define DNS_NSEC3_SALTSIZE 255 #define DNS_NSEC3_MAXITERATIONS 150U / * hash = 1, flags =1, iterations = 2, salt length = 1, salt = 255 (max) * hash length = 1, hash = 255 (max), bitmap = 8192 + 512 (max) / #define DNS_NSEC3_BUFFERSIZE (6 + 255 + 255 + 8192 + 512) / * hash = 1, flags = 1, iterations = 2, salt length = 1, salt = 255 (max) / #define DNS_NSEC3PARAM_BUFFERSIZE (5 + 255) / * Test "unknown" algorithm. Is mapped to dns_hash_sha1. / #define DNS_NSEC3_UNKNOWNALG ((dns_hash_t)245U) ISC_LANG_BEGINDECLS isc_result_t dns_nsec3_buildrdata(dns_db_t db, dns_dbversion_t version, dns_dbnode_t node, unsigned int hashalg, unsigned int optin, unsigned int iterations, const unsigned char salt, size_t salt_length, const unsigned char nexthash, size_t hash_length, unsigned char buffer, dns_rdata_t rdata); /%< Build the rdata of a NSEC3 record for the data at 'node'. * Note: 'node' is not the node where the NSEC3 record will be stored. * * Requires: * buffer Points to a temporary buffer of at least * DNS_NSEC_BUFFERSIZE bytes. * rdata Points to an initialized dns_rdata_t. * * Ensures: * rdata Contains a valid NSEC3 rdata. The 'data' member refers to 'buffer'. / bool dns_nsec3_typepresent(dns_rdata_t nsec, dns_rdatatype_t type); /%< Determine if a type is marked as present in an NSEC3 record. * * Requires: * 'nsec' points to a valid rdataset of type NSEC3 / isc_result_t dns_nsec3_generate_salt(unsigned char salt, size_t saltlen); /%< Generate a salt with the given salt length. / isc_result_t dns_nsec3_hashname(dns_fixedname_t result, unsigned char rethash[NSEC3_MAX_HASH_LENGTH], size_t hash_length, const dns_name_t name, const dns_name_t origin, dns_hash_t hashalg, unsigned int iterations, const unsigned char salt, size_t saltlength); /%< Make a hashed domain name from an unhashed one. If rethash is not NULL * the raw hash is stored there. / unsigned int dns_nsec3_hashlength(dns_hash_t hash); /%< * Return the length of the hash produced by the specified algorithm * or zero when unknown. / bool dns_nsec3_supportedhash(dns_hash_t hash); /%< * Return whether we support this hash algorithm or not. / isc_result_t dns_nsec3_addnsec3(dns_db_t db, dns_dbversion_t version, const dns_name_t name, const dns_rdata_nsec3param_t nsec3param, dns_ttl_t nsecttl, bool unsecure, dns_diff_t diff); isc_result_t dns_nsec3_addnsec3s(dns_db_t db, dns_dbversion_t version, const dns_name_t name, dns_ttl_t nsecttl, bool unsecure, dns_diff_t diff); isc_result_t dns_nsec3_addnsec3sx(dns_db_t db, dns_dbversion_t version, const dns_name_t name, dns_ttl_t nsecttl, bool unsecure, dns_rdatatype_t private, dns_diff_t diff); /%< Add NSEC3 records for 'name', recording the change in 'diff'. * Adjust previous NSEC3 records, if any, to reflect the addition. * The existing NSEC3 records are removed. * * dns_nsec3_addnsec3() will only add records to the chain identified by * 'nsec3param'. * * 'unsecure' should be set to reflect if this is a potentially * unsecure delegation (no DS record). * * dns_nsec3_addnsec3s() will examine the NSEC3PARAM RRset to determine which * chains to be updated. NSEC3PARAM records with the DNS_NSEC3FLAG_CREATE * will be preferentially chosen over NSEC3PARAM records without * DNS_NSEC3FLAG_CREATE set. NSEC3PARAM records with DNS_NSEC3FLAG_REMOVE * set will be ignored by dns_nsec3_addnsec3s(). If DNS_NSEC3FLAG_CREATE * is set then the new NSEC3 will have OPTOUT set to match the that in the * NSEC3PARAM record otherwise OPTOUT will be inherited from the previous * record in the chain. * * dns_nsec3_addnsec3sx() is similar to dns_nsec3_addnsec3s() but 'private' * specifies the type of the private rdataset to be checked in addition to * the nsec3param rdataset at the zone apex. * * Requires: * 'db' to be valid. * 'version' to be valid or NULL. * 'name' to be valid. * 'nsec3param' to be valid. * 'diff' to be valid. / isc_result_t dns_nsec3_delnsec3(dns_db_t db, dns_dbversion_t version, const dns_name_t name, const dns_rdata_nsec3param_t nsec3param, dns_diff_t diff); isc_result_t dns_nsec3_delnsec3s(dns_db_t db, dns_dbversion_t version, const dns_name_t name, dns_diff_t diff); isc_result_t dns_nsec3_delnsec3sx(dns_db_t db, dns_dbversion_t version, const dns_name_t name, dns_rdatatype_t private, dns_diff_t diff); /%< Remove NSEC3 records for 'name', recording the change in 'diff'. * Adjust previous NSEC3 records, if any, to reflect the removal. * * dns_nsec3_delnsec3() performs the above for the chain identified by * 'nsec3param'. * * dns_nsec3_delnsec3s() examines the NSEC3PARAM RRset in a similar manner * to dns_nsec3_addnsec3s(). Unlike dns_nsec3_addnsec3s() updated NSEC3 * records have the OPTOUT flag preserved. * * dns_nsec3_delnsec3sx() is similar to dns_nsec3_delnsec3s() but 'private' * specifies the type of the private rdataset to be checked in addition to * the nsec3param rdataset at the zone apex. * * Requires: * 'db' to be valid. * 'version' to be valid or NULL. * 'name' to be valid. * 'nsec3param' to be valid. * 'diff' to be valid. / isc_result_t dns_nsec3_active(dns_db_t db, dns_dbversion_t version, bool complete, bool answer); isc_result_t dns_nsec3_activex(dns_db_t db, dns_dbversion_t version, bool complete, dns_rdatatype_t private, bool answer); /%< * Check if there are any complete/to be built NSEC3 chains. * If 'complete' is true only complete chains will be recognized. * * dns_nsec3_activex() is similar to dns_nsec3_active() but 'private' * specifies the type of the private rdataset to be checked in addition to * the nsec3param rdataset at the zone apex. * * Requires: * 'db' to be valid. * 'version' to be valid or NULL. * 'answer' to be non NULL. / unsigned int dns_nsec3_maxiterations(void); /%< * Return the maximum permissible number of NSEC3 iterations. / bool dns_nsec3param_fromprivate(dns_rdata_t src, dns_rdata_t target, unsigned char buf, size_t buflen); /%< Convert a private rdata to a nsec3param rdata. * * Return true if 'src' could be successfully converted. * * 'buf' should be at least DNS_NSEC3PARAM_BUFFERSIZE in size. / void dns_nsec3param_toprivate(dns_rdata_t src, dns_rdata_t target, dns_rdatatype_t privatetype, unsigned char buf, size_t buflen); /%< Convert a nsec3param rdata to a private rdata. * * 'buf' should be at least src->length + 1 in size. / isc_result_t dns_nsec3param_salttotext(dns_rdata_nsec3param_t nsec3param, char dst, size_t dstlen); /%< * Convert the salt of given NSEC3PARAM RDATA into hex-encoded, NULL-terminated * text stored at "dst". * * Requires: * \li "dst" to have enough space (as indicated by "dstlen") to hold the resulting text and its NULL-terminating byte. / isc_result_t dns_nsec3param_deletechains(dns_db_t db, dns_dbversion_t ver, dns_zone_t zone, bool nonsec, dns_diff_t diff); /%< * Mark NSEC3PARAM for deletion. / isc_result_t dns_nsec3_noexistnodata(dns_rdatatype_t type, const dns_name_t name, const dns_name_t nsec3name, dns_rdataset_t nsec3set, dns_name_t zonename, bool exists, bool data, bool optout, bool unknown, bool setclosest, bool setnearest, dns_name_t closest, dns_name_t nearest, dns_nseclog_t logit, void arg); ISC_LANG_ENDDECLS #endif /* DNS_NSEC3_H / ��dns/zone.h��0000644��00000200007�15125204632�0006453 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_ZONE_H #define DNS_ZONE_H 1 /! \file dns/zone.h / / * Imports **/ #include <inttypes.h> #include <stdbool.h> #include <stdio.h> #include <isc/formatcheck.h> #include <isc/lang.h> #include <isc/rwlock.h> #include <dns/catz.h> #include <dns/master.h> #include <dns/masterdump.h> #include <dns/rdatastruct.h> #include <dns/rpz.h> #include <dns/types.h> #include <dns/zt.h> typedef enum { dns_zone_none, dns_zone_primary, dns_zone_secondary, dns_zone_mirror, dns_zone_stub, dns_zone_staticstub, dns_zone_key, dns_zone_dlz, dns_zone_redirect } dns_zonetype_t; #ifndef dns_zone_master #define dns_zone_master dns_zone_primary #endif / dns_zone_master / #ifndef dns_zone_slave #define dns_zone_slave dns_zone_secondary #endif / dns_zone_slave / typedef enum { dns_zonestat_none = 0, dns_zonestat_terse, dns_zonestat_full } dns_zonestat_level_t; typedef enum { DNS_ZONEOPT_MANYERRORS = 1 << 0, /%< return many errors on load / DNS_ZONEOPT_IXFRFROMDIFFS = 1 << 1, /%< calculate differences / DNS_ZONEOPT_NOMERGE = 1 << 2, /%< don't merge journal / DNS_ZONEOPT_CHECKNS = 1 << 3, /%< check if NS's are addresses / DNS_ZONEOPT_FATALNS = 1 << 4, /%< DNS_ZONEOPT_CHECKNS is fatal / DNS_ZONEOPT_MULTIMASTER = 1 << 5, /%< this zone has multiple primaries / DNS_ZONEOPT_USEALTXFRSRC = 1 << 6, /%< use alternate transfer sources / DNS_ZONEOPT_CHECKNAMES = 1 << 7, /%< check-names / DNS_ZONEOPT_CHECKNAMESFAIL = 1 << 8, /%< fatal check-name failures / DNS_ZONEOPT_CHECKWILDCARD = 1 << 9, /%< check for internal wildcards / DNS_ZONEOPT_CHECKMX = 1 << 10, /%< check-mx / DNS_ZONEOPT_CHECKMXFAIL = 1 << 11, /%< fatal check-mx failures / DNS_ZONEOPT_CHECKINTEGRITY = 1 << 12, /%< perform integrity checks / DNS_ZONEOPT_CHECKSIBLING = 1 << 13, /%< perform sibling glue checks / DNS_ZONEOPT_NOCHECKNS = 1 << 14, /%< disable IN NS address checks / DNS_ZONEOPT_WARNMXCNAME = 1 << 15, /%< warn on MX CNAME check / DNS_ZONEOPT_IGNOREMXCNAME = 1 << 16, /%< ignore MX CNAME check / DNS_ZONEOPT_WARNSRVCNAME = 1 << 17, /%< warn on SRV CNAME check / DNS_ZONEOPT_IGNORESRVCNAME = 1 << 18, /%< ignore SRV CNAME check / DNS_ZONEOPT_UPDATECHECKKSK = 1 << 19, /%< check dnskey KSK flag / DNS_ZONEOPT_TRYTCPREFRESH = 1 << 20, /%< try tcp refresh on udp failure / DNS_ZONEOPT_NOTIFYTOSOA = 1 << 21, /%< Notify the SOA MNAME / DNS_ZONEOPT_NSEC3TESTZONE = 1 << 22, /%< nsec3-test-zone / DNS_ZONEOPT_SECURETOINSECURE = 1 << 23, /%< dnssec-secure-to-insecure / DNS_ZONEOPT_DNSKEYKSKONLY = 1 << 24, /%< dnssec-dnskey-kskonly / DNS_ZONEOPT_CHECKDUPRR = 1 << 25, /%< check-dup-records / DNS_ZONEOPT_CHECKDUPRRFAIL = 1 << 26, /%< fatal check-dup-records * failures / DNS_ZONEOPT_CHECKSPF = 1 << 27, /%< check SPF records / DNS_ZONEOPT_CHECKTTL = 1 << 28, /%< check max-zone-ttl / DNS_ZONEOPT_AUTOEMPTY = 1 << 29, /%< automatic empty zone / DNS_ZONEOPT___MAX = UINT64_MAX, / trick to make the ENUM 64-bit wide / } dns_zoneopt_t; / * Zone key maintenance options / typedef enum { DNS_ZONEKEY_ALLOW = 0x00000001U, /%< fetch keys on command / DNS_ZONEKEY_MAINTAIN = 0x00000002U, /%< publish/sign on schedule / DNS_ZONEKEY_CREATE = 0x00000004U, /%< make keys when needed / DNS_ZONEKEY_FULLSIGN = 0x00000008U, /%< roll to new keys immediately / DNS_ZONEKEY_NORESIGN = 0x00000010U, /%< no automatic resigning / DNS_ZONEKEY___MAX = UINT64_MAX, / trick to make the ENUM 64-bit wide / } dns_zonekey_t; #ifndef DNS_ZONE_MINREFRESH #define DNS_ZONE_MINREFRESH 300 /%< 5 minutes / #endif / ifndef DNS_ZONE_MINREFRESH / #ifndef DNS_ZONE_MAXREFRESH #define DNS_ZONE_MAXREFRESH 2419200 /%< 4 weeks / #endif / ifndef DNS_ZONE_MAXREFRESH / #ifndef DNS_ZONE_DEFAULTREFRESH #define DNS_ZONE_DEFAULTREFRESH 3600 /%< 1 hour / #endif / ifndef DNS_ZONE_DEFAULTREFRESH / #ifndef DNS_ZONE_MINRETRY #define DNS_ZONE_MINRETRY 300 /%< 5 minutes / #endif / ifndef DNS_ZONE_MINRETRY / #ifndef DNS_ZONE_MAXRETRY #define DNS_ZONE_MAXRETRY 1209600 /%< 2 weeks / #endif / ifndef DNS_ZONE_MAXRETRY / #ifndef DNS_ZONE_DEFAULTRETRY #define DNS_ZONE_DEFAULTRETRY \ 60 /%< 1 minute, subject to \ * exponential backoff / #endif / ifndef DNS_ZONE_DEFAULTRETRY / #define DNS_ZONESTATE_XFERRUNNING 1 #define DNS_ZONESTATE_XFERDEFERRED 2 #define DNS_ZONESTATE_SOAQUERY 3 #define DNS_ZONESTATE_ANY 4 #define DNS_ZONESTATE_AUTOMATIC 5 ISC_LANG_BEGINDECLS / * Functions */ isc_result_t dns_zone_create(dns_zone_t zonep, isc_mem_t mctx); /%< * Creates a new empty zone and attach 'zonep' to it. * Requires: \li 'zonep' to point to a NULL pointer. \li 'mctx' to be a valid memory context. * * Ensures: \li 'zonep' refers to a valid zone. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li #ISC_R_UNEXPECTED / isc_result_t dns_zone_makedb(dns_zone_t zone, dns_db_t dbp); /%< * Creates a new empty database for the 'zone'. * * Requires: \li 'zone' to be a valid zone. \li 'dbp' to point to NULL pointer. * * Returns: \li dns_db_create() error codes. / void dns_zone_setclass(dns_zone_t zone, dns_rdataclass_t rdclass); /%< * Sets the class of a zone. This operation can only be performed * once on a zone. * * Require: \li 'zone' to be a valid zone. \li dns_zone_setclass() not to have been called since the zone was * created. \li 'rdclass' != dns_rdataclass_none. / dns_rdataclass_t dns_zone_getclass(dns_zone_t zone); /%< * Returns the current zone class. * * Requires: \li 'zone' to be a valid zone. / isc_result_t dns_zone_getserial(dns_zone_t zone, uint32_t serialp); /%< Returns the current serial number of the zone. On success, the SOA * serial of the zone will be copied into 'serialp'. * Requires: \li 'zone' to be a valid zone. \li 'serialp' to be non NULL * * Returns: \li #ISC_R_SUCCESS \li #DNS_R_NOTLOADED zone DB is not loaded / void dns_zone_settype(dns_zone_t zone, dns_zonetype_t type); /%< Sets the zone type. This operation can only be performed once on * a zone. * * Requires: \li 'zone' to be a valid zone. \li dns_zone_settype() not to have been called since the zone was * created. \li 'type' != dns_zone_none / void dns_zone_setview(dns_zone_t zone, dns_view_t view); /%< Associate the zone with a view. * * Require: \li 'zone' to be a valid zone. / dns_view_t * dns_zone_getview(dns_zone_t zone); /%< * Returns the zone's associated view. * * Requires: \li 'zone' to be a valid zone. / void dns_zone_setviewcommit(dns_zone_t zone); /%< * Commit the previous view saved internally via dns_zone_setview(). * * Require: \li 'zone' to be a valid zone. / void dns_zone_setviewrevert(dns_zone_t zone); /%< * Revert the most recent dns_zone_setview() on this zone, * restoring the previous view. * * Require: \li 'zone' to be a valid zone. / isc_result_t dns_zone_setorigin(dns_zone_t zone, const dns_name_t origin); /%< Sets the zones origin to 'origin'. * * Require: \li 'zone' to be a valid zone. \li 'origin' to be non NULL. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY / dns_name_t dns_zone_getorigin(dns_zone_t zone); /%< * Returns the value of the origin. * * Require: \li 'zone' to be a valid zone. / isc_result_t dns_zone_setfile(dns_zone_t zone, const char file, dns_masterformat_t format, const dns_master_style_t style); /%< * Sets the name of the master file in the format of 'format' from which * the zone loads its database to 'file'. * * For zones that have no associated master file, 'file' will be NULL. * * For zones with persistent databases, the file name * setting is ignored. * * Require: \li 'zone' to be a valid zone. * Returns: \li #ISC_R_NOMEMORY \li #ISC_R_SUCCESS / const char dns_zone_getfile(dns_zone_t zone); /%< * Gets the name of the zone's master file, if any. * * Requires: \li 'zone' to be valid initialised zone. * Returns: \li Pointer to null-terminated file name, or NULL. / void dns_zone_setmaxrecords(dns_zone_t zone, uint32_t records); /%< * Sets the maximum number of records permitted in a zone. * 0 implies unlimited. * * Requires: \li 'zone' to be valid initialised zone. * Returns: \li void / uint32_t dns_zone_getmaxrecords(dns_zone_t zone); /%< * Gets the maximum number of records permitted in a zone. * 0 implies unlimited. * * Requires: \li 'zone' to be valid initialised zone. * Returns: \li uint32_t maxrecords. / void dns_zone_setmaxrrperset(dns_zone_t zone, uint32_t maxrrperset); /%< * Sets the maximum number of records per rrset permitted in a zone. * 0 implies unlimited. * * Requires: \li 'zone' to be valid initialised zone. * Returns: \li void / void dns_zone_setmaxtypepername(dns_zone_t zone, uint32_t maxtypepername); /%< * Sets the maximum number of resource record types per owner name * permitted in a zone. 0 implies unlimited. * * Requires: \li 'zone' to be valid initialised zone. * Returns: \li void / void dns_zone_setmaxttl(dns_zone_t zone, uint32_t maxttl); /%< * Sets the max ttl of the zone. * * Requires: \li 'zone' to be valid initialised zone. * Returns: \li void / dns_ttl_t dns_zone_getmaxttl(dns_zone_t zone); /%< * Gets the max ttl of the zone. * * Requires: \li 'zone' to be valid initialised zone. * Returns: \li dns_ttl_t maxttl. / void dns_zone_lock_keyfiles(dns_zone_t zone); /%< * Lock associated keyfiles for this zone. * * Require: \li 'zone' to be a valid zone. / void dns_zone_unlock_keyfiles(dns_zone_t zone); /%< * Unlock associated keyfiles for this zone. * * Require: \li 'zone' to be a valid zone. / isc_result_t dns_zone_load(dns_zone_t zone, bool newonly); isc_result_t dns_zone_loadandthaw(dns_zone_t zone); /%< Cause the database to be loaded from its backing store. * Confirm that the minimum requirements for the zone type are * met, otherwise DNS_R_BADZONE is returned. * * If newonly is set dns_zone_load() only loads new zones. * dns_zone_loadandthaw() is similar to dns_zone_load() but will * also re-enable DNS UPDATEs when the load completes. * * Require: \li 'zone' to be a valid zone. * Returns: \li #ISC_R_UNEXPECTED \li #ISC_R_SUCCESS \li DNS_R_CONTINUE Incremental load has been queued. \li DNS_R_UPTODATE The zone has already been loaded based on * file system timestamps. \li DNS_R_BADZONE \li Any result value from dns_db_load(). / isc_result_t dns_zone_asyncload(dns_zone_t zone, bool newonly, dns_zt_zoneloaded_t done, void arg); /%< * Cause the database to be loaded from its backing store asynchronously. * Other zone maintenance functions are suspended until this is complete. * When finished, 'done' is called to inform the caller, with 'arg' as * its first argument and 'zone' as its second. (Normally, 'arg' is * expected to point to the zone table but is left undefined for testing * purposes.) * * Require: \li 'zone' to be a valid zone. * Returns: \li #ISC_R_ALREADYRUNNING \li #ISC_R_SUCCESS \li #ISC_R_FAILURE \li #ISC_R_NOMEMORY / bool dns__zone_loadpending(dns_zone_t zone); /%< Indicates whether the zone is waiting to be loaded asynchronously. * (Not currently intended for use outside of this module and associated * tests.) / void dns_zone_attach(dns_zone_t source, dns_zone_t *target); /%< * Attach 'target' to 'source' incrementing its external reference count. * * Require: \li 'zone' to be a valid zone. \li 'target' to be non NULL and 'target' to be NULL. / void dns_zone_detach(dns_zone_t *zonep); /%< * Detach from a zone decrementing its external reference count. * If this was the last external reference to the zone it will be * shut down and eventually freed. * * Require: \li 'zonep' to point to a valid zone. / void dns_zone_iattach(dns_zone_t source, dns_zone_t target); /%< * Attach 'target' to 'source' incrementing its internal reference count. This is intended for use by operations * such as zone transfers that need to prevent the zone * object from being freed but not from shutting down. * * Require: \li The caller is running in the context of the zone's task. \li 'zone' to be a valid zone. \li 'target' to be non NULL and 'target' to be NULL. / void dns_zone_idetach(dns_zone_t zonep); /%< * Detach from a zone decrementing its internal reference count. * If there are no more internal or external references to the * zone, it will be freed. * * Require: \li The caller is running in the context of the zone's task. \li 'zonep' to point to a valid zone. / isc_result_t dns_zone_getdb(dns_zone_t zone, dns_db_t *dbp); /%< * Attach 'dbp' to the database to if it exists otherwise return DNS_R_NOTLOADED. * * Require: \li 'zone' to be a valid zone. \li 'dbp' to be != NULL && 'dbp' == NULL. * Returns: \li #ISC_R_SUCCESS \li DNS_R_NOTLOADED / void dns_zone_setdb(dns_zone_t zone, dns_db_t db); /%< * Sets the zone database to 'db'. * * This function is expected to be used to configure a zone with a * database which is not loaded from a file or zone transfer. * It can be used for a general purpose zone, but right now its use * is limited to static-stub zones to avoid possible undiscovered * problems in the general cases. * * Require: \li 'zone' to be a valid zone of static-stub. \li zone doesn't have a database. / void dns_zone_setdbtype(dns_zone_t zone, unsigned int dbargc, const char const dbargv); /%< Sets the database type to dbargv[0] and database arguments * to subsequent dbargv elements. * 'db_type' is not checked to see if it is a valid database type. * * Require: \li 'zone' to be a valid zone. \li 'database' to be non NULL. \li 'dbargc' to be >= 1 \li 'dbargv' to point to dbargc NULL-terminated strings / isc_result_t dns_zone_getdbtype(dns_zone_t zone, char **argv, isc_mem_t mctx); /%< Returns the current dbtype. isc_mem_free() should be used * to free 'argv' after use. * * Require: \li 'zone' to be a valid zone. \li 'argv' to be non NULL and argv to be NULL. \li 'mctx' to be valid. * * Returns: \li #ISC_R_NOMEMORY \li #ISC_R_SUCCESS / void dns_zone_markdirty(dns_zone_t zone); /%< Mark a zone as 'dirty'. * * Require: \li 'zone' to be a valid zone. / void dns_zone_expire(dns_zone_t zone); /%< * Mark the zone as expired. If the zone requires dumping cause it to * be initiated. Set the refresh and retry intervals to there default * values and unload the zone. * * Require \li 'zone' to be a valid zone. / void dns_zone_refresh(dns_zone_t zone); /%< * Initiate zone up to date checks. The zone must already be being * managed. * * Require \li 'zone' to be a valid zone. / isc_result_t dns_zone_flush(dns_zone_t zone); /%< * Write the zone to database if there are uncommitted changes. * * Require: \li 'zone' to be a valid zone. / isc_result_t dns_zone_dump(dns_zone_t zone); /%< * Write the zone to database. * * Require: \li 'zone' to be a valid zone. / isc_result_t dns_zone_dumptostream(dns_zone_t zone, FILE fd, dns_masterformat_t format, const dns_master_style_t style, const uint32_t rawversion); /%< * Write the zone to stream 'fd' in the specified 'format'. * If the 'format' is dns_masterformat_text (RFC1035), 'style' also * specifies the file style (e.g., &dns_master_style_default). * * dns_zone_dumptostream() is a backward-compatible form of * dns_zone_dumptostream2(), which always uses the dns_masterformat_text * format and the dns_master_style_default style. * * dns_zone_dumptostream2() is a backward-compatible form of * dns_zone_dumptostream3(), which always uses the current * default raw file format version. * * Note that dns_zone_dumptostream3() is the most flexible form. It * can also provide the functionality of dns_zone_fulldumptostream(). * * Require: \li 'zone' to be a valid zone. \li 'fd' to be a stream open for writing. / void dns_zone_maintenance(dns_zone_t zone); /%< Perform regular maintenance on the zone. This is called as a * result of a zone being managed. * * Require \li 'zone' to be a valid zone. / isc_result_t dns_zone_setprimaries(dns_zone_t zone, const isc_sockaddr_t primaries, uint32_t count); isc_result_t dns_zone_setprimarieswithkeys(dns_zone_t zone, const isc_sockaddr_t primaries, dns_name_t *keynames, uint32_t count); /%< * Set the list of master servers for the zone. * * Require: \li 'zone' to be a valid zone. \li 'primaries' array of isc_sockaddr_t with port set or NULL. \li 'count' the number of primaries. \li 'keynames' array of dns_name_t's for tsig keys or NULL. * \li If 'primaries' is NULL then 'count' must be zero. * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li Any result dns_name_dup() can return, if keynames!=NULL / isc_result_t dns_zone_setparentals(dns_zone_t zone, const isc_sockaddr_t parentals, dns_name_t *keynames, uint32_t count); /%< * Set the list of parental agents for the zone. * * Require: \li 'zone' to be a valid zone. \li 'parentals' array of isc_sockaddr_t with port set or NULL. \li 'count' the number of primaries. \li 'keynames' array of dns_name_t's for tsig keys or NULL. * \li If 'parentals' is NULL then 'count' must be zero. * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li Any result dns_name_dup() can return, if keynames!=NULL / isc_result_t dns_zone_setalsonotify(dns_zone_t zone, const isc_sockaddr_t notify, uint32_t count); isc_result_t dns_zone_setalsonotifywithkeys(dns_zone_t zone, const isc_sockaddr_t notify, dns_name_t *keynames, uint32_t count); isc_result_t dns_zone_setalsonotifydscpkeys(dns_zone_t zone, const isc_sockaddr_t notify, const isc_dscp_t dscps, dns_name_t *keynames, uint32_t count); /%< * Set the list of additional servers to be notified when * a zone changes. To clear the list use 'count = 0'. * * dns_zone_alsonotifywithkeys() allows each notify address to * be associated with a TSIG key. * * Require: \li 'zone' to be a valid zone. \li 'notify' to be non-NULL if count != 0. \li 'count' to be the number of notifiees. * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY / void dns_zone_unload(dns_zone_t zone); /%< detach the database from the zone structure. * * Require: \li 'zone' to be a valid zone. / dns_kasp_t * dns_zone_getkasp(dns_zone_t zone); /%< * Returns the current kasp. * * Require: \li 'zone' to be a valid zone. / void dns_zone_setkasp(dns_zone_t zone, dns_kasp_t kasp); /%< Set kasp for zone. If a kasp is already set, it will be detached. * * Requires: \li 'zone' to be a valid zone. / void dns_zone_setoption(dns_zone_t zone, dns_zoneopt_t option, bool value); /%< * Set the given options on ('value' == true) or off * ('value' == #false). * * Require: \li 'zone' to be a valid zone. / dns_zoneopt_t dns_zone_getoptions(dns_zone_t zone); /%< * Returns the current zone options. * * Require: \li 'zone' to be a valid zone. / void dns_zone_setkeyopt(dns_zone_t zone, unsigned int option, bool value); /%< * Set key options on ('value' == true) or off ('value' == * #false). * * Require: \li 'zone' to be a valid zone. / unsigned int dns_zone_getkeyopts(dns_zone_t zone); /%< * Returns the current zone key options. * * Require: \li 'zone' to be a valid zone. / void dns_zone_setminrefreshtime(dns_zone_t zone, uint32_t val); /%< * Set the minimum refresh time. * * Requires: \li 'zone' is valid. \li val > 0. / void dns_zone_setmaxrefreshtime(dns_zone_t zone, uint32_t val); /%< Set the maximum refresh time. * * Requires: \li 'zone' is valid. \li val > 0. / void dns_zone_setminretrytime(dns_zone_t zone, uint32_t val); /%< Set the minimum retry time. * * Requires: \li 'zone' is valid. \li val > 0. / void dns_zone_setmaxretrytime(dns_zone_t zone, uint32_t val); /%< Set the maximum retry time. * * Requires: \li 'zone' is valid. val > 0. / isc_result_t dns_zone_setxfrsource4(dns_zone_t zone, const isc_sockaddr_t xfrsource); isc_result_t dns_zone_setaltxfrsource4(dns_zone_t zone, const isc_sockaddr_t xfrsource); /%< * Set the source address to be used in IPv4 zone transfers. * * Require: \li 'zone' to be a valid zone. \li 'xfrsource' to contain the address. * * Returns: \li #ISC_R_SUCCESS / isc_sockaddr_t * dns_zone_getxfrsource4(dns_zone_t zone); isc_sockaddr_t dns_zone_getaltxfrsource4(dns_zone_t zone); /%< * Returns the source address set by a previous dns_zone_setxfrsource4 * call, or the default of inaddr_any, port 0. * * Require: \li 'zone' to be a valid zone. / isc_result_t dns_zone_setxfrsource4dscp(dns_zone_t zone, isc_dscp_t dscp); isc_result_t dns_zone_setaltxfrsource4dscp(dns_zone_t zone, isc_dscp_t dscp); /%< Set the DSCP value associated with the transfer/alt-transfer source. * * Require: \li 'zone' to be a valid zone. * Returns: \li #ISC_R_SUCCESS / isc_dscp_t dns_zone_getxfrsource4dscp(dns_zone_t zone); isc_dscp_t dns_zone_getaltxfrsource4dscp(dns_zone_t zone); /%/ Get the DSCP value associated with the transfer/alt-transfer source. * * Require: \li 'zone' to be a valid zone. / isc_result_t dns_zone_setxfrsource6(dns_zone_t zone, const isc_sockaddr_t xfrsource); isc_result_t dns_zone_setaltxfrsource6(dns_zone_t zone, const isc_sockaddr_t xfrsource); /%< Set the source address to be used in IPv6 zone transfers. * * Require: \li 'zone' to be a valid zone. \li 'xfrsource' to contain the address. * * Returns: \li #ISC_R_SUCCESS / isc_sockaddr_t * dns_zone_getxfrsource6(dns_zone_t zone); isc_sockaddr_t dns_zone_getaltxfrsource6(dns_zone_t zone); /%< * Returns the source address set by a previous dns_zone_setxfrsource6 * call, or the default of in6addr_any, port 0. * * Require: \li 'zone' to be a valid zone. / isc_dscp_t dns_zone_getxfrsource6dscp(dns_zone_t zone); isc_dscp_t dns_zone_getaltxfrsource6dscp(dns_zone_t zone); /%/ Get the DSCP value associated with the transfer/alt-transfer source. * * Require: \li 'zone' to be a valid zone. / isc_result_t dns_zone_setxfrsource6dscp(dns_zone_t zone, isc_dscp_t dscp); isc_result_t dns_zone_setaltxfrsource6dscp(dns_zone_t zone, isc_dscp_t dscp); /%< Set the DSCP value associated with the transfer/alt-transfer source. * * Require: \li 'zone' to be a valid zone. * Returns: \li #ISC_R_SUCCESS / isc_result_t dns_zone_setparentalsrc4(dns_zone_t zone, const isc_sockaddr_t parentalsrc); /%< Set the source address to be used with IPv4 parental DS queries. * * Require: \li 'zone' to be a valid zone. \li 'parentalsrc' to contain the address. * * Returns: \li #ISC_R_SUCCESS / isc_sockaddr_t * dns_zone_getparentalsrc4(dns_zone_t zone); /%< * Returns the source address set by a previous dns_zone_setparentalsrc4 * call, or the default of inaddr_any, port 0. * * Require: \li 'zone' to be a valid zone. / isc_dscp_t dns_zone_getparentalsrc4dscp(dns_zone_t zone); /%/ * Get the DSCP value associated with the IPv4 parental source. * * Require: \li 'zone' to be a valid zone. / isc_result_t dns_zone_setparentalsrc4dscp(dns_zone_t zone, isc_dscp_t dscp); /%< * Set the DSCP value associated with the IPv4 parental source. * * Require: \li 'zone' to be a valid zone. * Returns: \li #ISC_R_SUCCESS / isc_result_t dns_zone_setparentalsrc6(dns_zone_t zone, const isc_sockaddr_t parentalsrc); /%< Set the source address to be used with IPv6 parental DS queries. * * Require: \li 'zone' to be a valid zone. \li 'parentalsrc' to contain the address. * * Returns: \li #ISC_R_SUCCESS / isc_sockaddr_t * dns_zone_getparentalsrc6(dns_zone_t zone); /%< * Returns the source address set by a previous dns_zone_setparentalsrc6 * call, or the default of in6addr_any, port 0. * * Require: \li 'zone' to be a valid zone. / isc_dscp_t dns_zone_getparentalsrc6dscp(dns_zone_t zone); /%/ * Get the DSCP value associated with the IPv6 parental source. * * Require: \li 'zone' to be a valid zone. / isc_result_t dns_zone_setparentalsrc6dscp(dns_zone_t zone, isc_dscp_t dscp); /%< * Set the DSCP value associated with the IPv6 parental source. * * Require: \li 'zone' to be a valid zone. * Returns: \li #ISC_R_SUCCESS / isc_result_t dns_zone_setnotifysrc4(dns_zone_t zone, const isc_sockaddr_t notifysrc); /%< Set the source address to be used with IPv4 NOTIFY messages. * * Require: \li 'zone' to be a valid zone. \li 'notifysrc' to contain the address. * * Returns: \li #ISC_R_SUCCESS / isc_sockaddr_t * dns_zone_getnotifysrc4(dns_zone_t zone); /%< * Returns the source address set by a previous dns_zone_setnotifysrc4 * call, or the default of inaddr_any, port 0. * * Require: \li 'zone' to be a valid zone. / isc_dscp_t dns_zone_getnotifysrc4dscp(dns_zone_t zone); /%/ * Get the DSCP value associated with the IPv4 notify source. * * Require: \li 'zone' to be a valid zone. / isc_result_t dns_zone_setnotifysrc4dscp(dns_zone_t zone, isc_dscp_t dscp); /%< * Set the DSCP value associated with the IPv4 notify source. * * Require: \li 'zone' to be a valid zone. * Returns: \li #ISC_R_SUCCESS / isc_result_t dns_zone_setnotifysrc6(dns_zone_t zone, const isc_sockaddr_t notifysrc); /%< Set the source address to be used with IPv6 NOTIFY messages. * * Require: \li 'zone' to be a valid zone. \li 'notifysrc' to contain the address. * * Returns: \li #ISC_R_SUCCESS / isc_sockaddr_t * dns_zone_getnotifysrc6(dns_zone_t zone); /%< * Returns the source address set by a previous dns_zone_setnotifysrc6 * call, or the default of in6addr_any, port 0. * * Require: \li 'zone' to be a valid zone. / isc_dscp_t dns_zone_getnotifysrc6dscp(dns_zone_t zone); /%/ * Get the DSCP value associated with the IPv6 notify source. * * Require: \li 'zone' to be a valid zone. / isc_result_t dns_zone_setnotifysrc6dscp(dns_zone_t zone, isc_dscp_t dscp); /%< * Set the DSCP value associated with the IPv6 notify source. * * Require: \li 'zone' to be a valid zone. * Returns: \li #ISC_R_SUCCESS / void dns_zone_setnotifyacl(dns_zone_t zone, dns_acl_t acl); /%< Sets the notify acl list for the zone. * * Require: \li 'zone' to be a valid zone. \li 'acl' to be a valid acl. / void dns_zone_setqueryacl(dns_zone_t zone, dns_acl_t acl); /%< * Sets the query acl list for the zone. * * Require: \li 'zone' to be a valid zone. \li 'acl' to be a valid acl. / void dns_zone_setqueryonacl(dns_zone_t zone, dns_acl_t acl); /%< * Sets the query-on acl list for the zone. * * Require: \li 'zone' to be a valid zone. \li 'acl' to be a valid acl. / void dns_zone_setupdateacl(dns_zone_t zone, dns_acl_t acl); /%< * Sets the update acl list for the zone. * * Require: \li 'zone' to be a valid zone. \li 'acl' to be valid acl. / void dns_zone_setforwardacl(dns_zone_t zone, dns_acl_t acl); /%< * Sets the forward unsigned updates acl list for the zone. * * Require: \li 'zone' to be a valid zone. \li 'acl' to be valid acl. / void dns_zone_setxfracl(dns_zone_t zone, dns_acl_t acl); /%< * Sets the transfer acl list for the zone. * * Require: \li 'zone' to be a valid zone. \li 'acl' to be valid acl. / dns_acl_t dns_zone_getnotifyacl(dns_zone_t zone); /%< * Returns the current notify acl or NULL. * * Require: \li 'zone' to be a valid zone. * Returns: \li acl a pointer to the acl. \li NULL / dns_acl_t dns_zone_getqueryacl(dns_zone_t zone); /%< * Returns the current query acl or NULL. * * Require: \li 'zone' to be a valid zone. * Returns: \li acl a pointer to the acl. \li NULL / dns_acl_t dns_zone_getqueryonacl(dns_zone_t zone); /%< * Returns the current query-on acl or NULL. * * Require: \li 'zone' to be a valid zone. * Returns: \li acl a pointer to the acl. \li NULL / dns_acl_t dns_zone_getupdateacl(dns_zone_t zone); /%< * Returns the current update acl or NULL. * * Require: \li 'zone' to be a valid zone. * Returns: \li acl a pointer to the acl. \li NULL / dns_acl_t dns_zone_getforwardacl(dns_zone_t zone); /%< * Returns the current forward unsigned updates acl or NULL. * * Require: \li 'zone' to be a valid zone. * Returns: \li acl a pointer to the acl. \li NULL / dns_acl_t dns_zone_getxfracl(dns_zone_t zone); /%< * Returns the current transfer acl or NULL. * * Require: \li 'zone' to be a valid zone. * Returns: \li acl a pointer to the acl. \li NULL / void dns_zone_clearupdateacl(dns_zone_t zone); /%< Clear the current update acl. * * Require: \li 'zone' to be a valid zone. / void dns_zone_clearforwardacl(dns_zone_t zone); /%< * Clear the current forward unsigned updates acl. * * Require: \li 'zone' to be a valid zone. / void dns_zone_clearnotifyacl(dns_zone_t zone); /%< * Clear the current notify acl. * * Require: \li 'zone' to be a valid zone. / void dns_zone_clearqueryacl(dns_zone_t zone); /%< * Clear the current query acl. * * Require: \li 'zone' to be a valid zone. / void dns_zone_clearqueryonacl(dns_zone_t zone); /%< * Clear the current query-on acl. * * Require: \li 'zone' to be a valid zone. / void dns_zone_clearxfracl(dns_zone_t zone); /%< * Clear the current transfer acl. * * Require: \li 'zone' to be a valid zone. / bool dns_zone_getupdatedisabled(dns_zone_t zone); /%< * Return update disabled. * Transient unless called when running in isc_task_exclusive() mode. / void dns_zone_setupdatedisabled(dns_zone_t zone, bool state); /%< Set update disabled. * Should only be called only when running in isc_task_exclusive() mode. * Failure to do so may result in updates being committed after the * call has been made. / bool dns_zone_getzeronosoattl(dns_zone_t zone); /%< Return zero-no-soa-ttl status. / void dns_zone_setzeronosoattl(dns_zone_t zone, bool state); /%< Set zero-no-soa-ttl status. / void dns_zone_setchecknames(dns_zone_t zone, dns_severity_t severity); /%< Set the severity of name checking when loading a zone. * * Require: * \li 'zone' to be a valid zone. / dns_severity_t dns_zone_getchecknames(dns_zone_t zone); /%< Return the current severity of name checking. * * Require: \li 'zone' to be a valid zone. / void dns_zone_setjournalsize(dns_zone_t zone, int32_t size); /%< * Sets the journal size for the zone. * * Requires: \li 'zone' to be a valid zone. / int32_t dns_zone_getjournalsize(dns_zone_t zone); /%< * Return the journal size as set with a previous call to * dns_zone_setjournalsize(). * * Requires: \li 'zone' to be a valid zone. / isc_result_t dns_zone_notifyreceive(dns_zone_t zone, isc_sockaddr_t from, isc_sockaddr_t to, dns_message_t msg); /%< Tell the zone that it has received a NOTIFY message from another * server. This may cause some zone maintenance activity to occur. * * Requires: \li 'zone' to be a valid zone. \li 'from' to contain the address of the server from which 'msg' was received. \li 'msg' a message with opcode NOTIFY and qr clear. * Returns: \li DNS_R_REFUSED \li DNS_R_NOTIMP \li DNS_R_FORMERR \li DNS_R_SUCCESS / void dns_zone_setmaxxfrin(dns_zone_t zone, uint32_t maxxfrin); /%< Set the maximum time (in seconds) that a zone transfer in (AXFR/IXFR) * of this zone will use before being aborted. * * Requires: * \li 'zone' to be valid initialised zone. / uint32_t dns_zone_getmaxxfrin(dns_zone_t zone); /%< Returns the maximum transfer time for this zone. This will be * either the value set by the last call to dns_zone_setmaxxfrin() or * the default value of 1 hour. * * Requires: \li 'zone' to be valid initialised zone. / void dns_zone_setmaxxfrout(dns_zone_t zone, uint32_t maxxfrout); /%< * Set the maximum time (in seconds) that a zone transfer out (AXFR/IXFR) * of this zone will use before being aborted. * * Requires: * \li 'zone' to be valid initialised zone. / uint32_t dns_zone_getmaxxfrout(dns_zone_t zone); /%< Returns the maximum transfer time for this zone. This will be * either the value set by the last call to dns_zone_setmaxxfrout() or * the default value of 1 hour. * * Requires: \li 'zone' to be valid initialised zone. / isc_result_t dns_zone_setjournal(dns_zone_t zone, const char myjournal); /%< Sets the filename used for journaling updates / IXFR transfers. * The default journal name is set by dns_zone_setfile() to be * "file.jnl". If 'myjournal' is NULL, the zone will have no * journal name. * * Requires: \li 'zone' to be a valid zone. * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY / char dns_zone_getjournal(dns_zone_t zone); /%< * Returns the journal name associated with this zone. * If no journal has been set this will be NULL. * * Requires: \li 'zone' to be valid initialised zone. / dns_zonetype_t dns_zone_gettype(dns_zone_t zone); /%< * Returns the type of the zone (master/slave/etc.) * * Requires: \li 'zone' to be valid initialised zone. / dns_zonetype_t dns_zone_getredirecttype(dns_zone_t zone); /%< * Returns whether the redirect zone is configured as a master or a * slave zone. * * Requires: \li 'zone' to be valid initialised zone. \li 'zone' to be a redirect zone. * * Returns: \li 'dns_zone_primary' \li 'dns_zone_secondary' / void dns_zone_settask(dns_zone_t zone, isc_task_t task); /%< * Give a zone a task to work with. Any current task will be detached. * * Requires: \li 'zone' to be valid. \li 'task' to be valid. / void dns_zone_gettask(dns_zone_t zone, isc_task_t *target); /%< * Attach 'target' to the zone's task. * Requires: \li 'zone' to be valid initialised zone. \li 'zone' to have a task. \li 'target' to be != NULL && 'target' == NULL. / void dns_zone_notify(dns_zone_t zone); /%< Generate notify events for this zone. * * Requires: \li 'zone' to be a valid zone. / isc_result_t dns_zone_replacedb(dns_zone_t zone, dns_db_t db, bool dump); /%< Replace the database of "zone" with a new database "db". * * If "dump" is true, then the new zone contents are dumped * into to the zone's master file for persistence. When replacing * a zone database by one just loaded from a master file, set * "dump" to false to avoid a redundant redump of the data just * loaded. Otherwise, it should be set to true. * * If the "diff-on-reload" option is enabled in the configuration file, * the differences between the old and the new database are added to the * journal file, and the master file dump is postponed. * * Requires: * \li 'zone' to be a valid zone. * * Returns: * \li DNS_R_SUCCESS * \li DNS_R_BADZONE zone failed basic consistency checks: * * a single SOA must exist * * some NS records must exist. * Others / uint32_t dns_zone_getidlein(dns_zone_t zone); /%< Requires: * \li 'zone' to be a valid zone. * * Returns: * \li number of seconds of idle time before we abort the transfer in. / void dns_zone_setidlein(dns_zone_t zone, uint32_t idlein); /%< \li Set the idle timeout for transfer the. * \li Zero set the default value, 1 hour. * * Requires: * \li 'zone' to be a valid zone. / uint32_t dns_zone_getidleout(dns_zone_t zone); /%< * Requires: * \li 'zone' to be a valid zone. * * Returns: * \li number of seconds of idle time before we abort a transfer out. / void dns_zone_setidleout(dns_zone_t zone, uint32_t idleout); /%< \li Set the idle timeout for transfers out. * \li Zero set the default value, 1 hour. * * Requires: * \li 'zone' to be a valid zone. / void dns_zone_getssutable(dns_zone_t zone, dns_ssutable_t *table); /%< * Get the simple-secure-update policy table. * * Requires: * \li 'zone' to be a valid zone. / void dns_zone_setssutable(dns_zone_t zone, dns_ssutable_t table); /%< * Set / clear the simple-secure-update policy table. * * Requires: * \li 'zone' to be a valid zone. / isc_mem_t dns_zone_getmctx(dns_zone_t zone); /%< * Get the memory context of a zone. * * Requires: * \li 'zone' to be a valid zone. / dns_zonemgr_t dns_zone_getmgr(dns_zone_t zone); /%< * If 'zone' is managed return the zone manager otherwise NULL. * * Requires: * \li 'zone' to be a valid zone. / void dns_zone_setsigvalidityinterval(dns_zone_t zone, uint32_t interval); /%< Set the zone's general signature validity interval. This is the length * of time for which DNSSEC signatures created as a result of dynamic * updates to secure zones will remain valid, in seconds. * * Requires: * \li 'zone' to be a valid zone. / uint32_t dns_zone_getsigvalidityinterval(dns_zone_t zone); /%< Get the zone's general signature validity interval. * * Requires: * \li 'zone' to be a valid zone. / void dns_zone_setkeyvalidityinterval(dns_zone_t zone, uint32_t interval); /%< Set the zone's DNSKEY signature validity interval. This is the length * of time for which DNSSEC signatures created for DNSKEY records * will remain valid, in seconds. * * If this value is set to zero, then the regular signature validity * interval (see dns_zone_setsigvalidityinterval(), above) is used * for all RRSIGs. However, if this value is nonzero, then it is used * as the validity interval for RRSIGs covering DNSKEY and CDNSKEY * RRsets. * * Requires: * \li 'zone' to be a valid zone. / uint32_t dns_zone_getkeyvalidityinterval(dns_zone_t zone); /%< Get the zone's DNSKEY signature validity interval. * * Requires: * \li 'zone' to be a valid zone. / void dns_zone_setsigresigninginterval(dns_zone_t zone, uint32_t interval); /%< Set the zone's RRSIG re-signing interval. A dynamic zone's RRSIG's * will be re-signed 'interval' amount of time before they expire. * * Requires: * \li 'zone' to be a valid zone. / uint32_t dns_zone_getsigresigninginterval(dns_zone_t zone); /%< Get the zone's RRSIG re-signing interval. * * Requires: * \li 'zone' to be a valid zone. / void dns_zone_setnotifytype(dns_zone_t zone, dns_notifytype_t notifytype); /%< Sets zone notify method to "notifytype" / isc_result_t dns_zone_forwardupdate(dns_zone_t zone, dns_message_t msg, dns_updatecallback_t callback, void callback_arg); /%< Forward 'msg' to each master in turn until we get an answer or we * have exhausted the list of primaries. 'callback' will be called with * ISC_R_SUCCESS if we get an answer and the returned message will be * passed as 'answer_message', otherwise a non ISC_R_SUCCESS result code * will be passed and answer_message will be NULL. The callback function * is responsible for destroying 'answer_message'. * (callback)(callback_arg, result, answer_message); * * Require: \li 'zone' to be valid \li 'msg' to be valid. \li 'callback' to be non NULL. Returns: \li #ISC_R_SUCCESS if the message has been forwarded, \li #ISC_R_NOMEMORY \li Others / isc_result_t dns_zone_next(dns_zone_t zone, dns_zone_t next); /%< * Find the next zone in the list of managed zones. * * Requires: \li 'zone' to be valid \li The zone manager for the indicated zone MUST be locked * by the caller. This is not checked. \li 'next' be non-NULL, and 'next' be NULL. * * Ensures: \li 'next' points to a valid zone (result ISC_R_SUCCESS) or to NULL (result ISC_R_NOMORE). / isc_result_t dns_zone_first(dns_zonemgr_t zmgr, dns_zone_t *first); /%< * Find the first zone in the list of managed zones. * * Requires: \li 'zonemgr' to be valid \li The zone manager for the indicated zone MUST be locked * by the caller. This is not checked. \li 'first' be non-NULL, and 'first' be NULL * * Ensures: \li 'first' points to a valid zone (result ISC_R_SUCCESS) or to NULL (result ISC_R_NOMORE). / isc_result_t dns_zone_setkeydirectory(dns_zone_t zone, const char directory); /%< * Sets the name of the directory where private keys used for * online signing of dynamic zones are found. * * Require: \li 'zone' to be a valid zone. * Returns: \li #ISC_R_NOMEMORY \li #ISC_R_SUCCESS / const char dns_zone_getkeydirectory(dns_zone_t zone); /%< * Gets the name of the directory where private keys used for * online signing of dynamic zones are found. * * Requires: \li 'zone' to be valid initialised zone. * Returns: * Pointer to null-terminated file name, or NULL. / isc_result_t dns_zone_getdnsseckeys(dns_zone_t zone, dns_db_t db, dns_dbversion_t ver, isc_stdtime_t now, dns_dnsseckeylist_t keys); /% * Find DNSSEC keys used for signing with dnssec-policy. Load these keys * into 'keys'. * * Requires: \li 'zone' to be valid initialised zone. \li 'keys' to be an initialised DNSSEC keylist. * * Returns: \li #ISC_R_SUCCESS \li Error / isc_result_t dns_zonemgr_create(isc_mem_t mctx, isc_taskmgr_t taskmgr, isc_timermgr_t timermgr, isc_socketmgr_t socketmgr, dns_zonemgr_t zmgrp); /%< * Create a zone manager. Note: the zone manager will not be able to * manage any zones until dns_zonemgr_setsize() has been run. * * Requires: \li 'mctx' to be a valid memory context. \li 'taskmgr' to be a valid task manager. \li 'timermgr' to be a valid timer manager. \li 'zmgrp' to point to a NULL pointer. / isc_result_t dns_zonemgr_setsize(dns_zonemgr_t zmgr, int num_zones); /%< Set the size of the zone manager task pool. This must be run * before zmgr can be used for managing zones. Currently, it can only * be run once; the task pool cannot be resized. * * Requires: \li zmgr is a valid zone manager. \li zmgr->zonetasks has been initialized. / isc_result_t dns_zonemgr_createzone(dns_zonemgr_t zmgr, dns_zone_t *zonep); /%< * Allocate a new zone using a memory context from the * zone manager's memory context pool. * * Require: \li 'zmgr' to be a valid zone manager. \li 'zonep' != NULL and 'zonep' == NULL. / isc_result_t dns_zonemgr_managezone(dns_zonemgr_t zmgr, dns_zone_t zone); /%< Bring the zone under control of a zone manager. * * Require: \li 'zmgr' to be a valid zone manager. \li 'zone' to be a valid zone. / isc_result_t dns_zonemgr_forcemaint(dns_zonemgr_t zmgr); /%< Force zone maintenance of all loaded zones managed by 'zmgr' * to take place at the system's earliest convenience. / void dns__zonemgr_run(isc_task_t task, isc_event_t event); /%< * Event handler to call dns_zonemgr_forcemaint(); used to start * zone operations from a unit test. Not intended for use outside * libdns or related tests. / void dns_zonemgr_resumexfrs(dns_zonemgr_t zmgr); /%< Attempt to start any stalled zone transfers. / void dns_zonemgr_shutdown(dns_zonemgr_t zmgr); /%< Shut down the zone manager. * * Requires: \li 'zmgr' to be a valid zone manager. / void dns_zonemgr_attach(dns_zonemgr_t source, dns_zonemgr_t target); /%< * Attach 'target' to 'source' incrementing its external reference count. * * Require: \li 'zone' to be a valid zone. \li 'target' to be non NULL and 'target' to be NULL. / void dns_zonemgr_detach(dns_zonemgr_t *zmgrp); /%< * Detach from a zone manager. * * Requires: \li 'zmgrp' is a valid, non-NULL zone manager pointer. * * Ensures: \li 'zmgrp' is NULL. / void dns_zonemgr_releasezone(dns_zonemgr_t zmgr, dns_zone_t zone); /%< * Release 'zone' from the managed by 'zmgr'. 'zmgr' is implicitly * detached from 'zone'. * * Requires: \li 'zmgr' to be a valid zone manager. \li 'zone' to be a valid zone. \li 'zmgr' == 'zone->zmgr' * Ensures: \li 'zone->zmgr' == NULL; / isc_taskmgr_t * dns_zonemgr_gettaskmgr(dns_zonemgr_t zmgr); /% * Get the tasmkgr object attached to 'zmgr'. / void dns_zonemgr_settransfersin(dns_zonemgr_t zmgr, uint32_t value); /%< Set the maximum number of simultaneous transfers in allowed by * the zone manager. * * Requires: \li 'zmgr' to be a valid zone manager. / uint32_t dns_zonemgr_getttransfersin(dns_zonemgr_t zmgr); /%< * Return the maximum number of simultaneous transfers in allowed. * * Requires: \li 'zmgr' to be a valid zone manager. / void dns_zonemgr_settransfersperns(dns_zonemgr_t zmgr, uint32_t value); /%< * Set the number of zone transfers allowed per nameserver. * * Requires: \li 'zmgr' to be a valid zone manager / uint32_t dns_zonemgr_getttransfersperns(dns_zonemgr_t zmgr); /%< * Return the number of transfers allowed per nameserver. * * Requires: \li 'zmgr' to be a valid zone manager. / void dns_zonemgr_setiolimit(dns_zonemgr_t zmgr, uint32_t iolimit); /%< * Set the number of simultaneous file descriptors available for * reading and writing masterfiles. * * Requires: \li 'zmgr' to be a valid zone manager. \li 'iolimit' to be positive. / uint32_t dns_zonemgr_getiolimit(dns_zonemgr_t zmgr); /%< Get the number of simultaneous file descriptors available for * reading and writing masterfiles. * * Requires: \li 'zmgr' to be a valid zone manager. / void dns_zonemgr_setcheckdsrate(dns_zonemgr_t zmgr, unsigned int value); /%< * Set the number of parental DS queries sent per second. * * Requires: \li 'zmgr' to be a valid zone manager / void dns_zonemgr_setnotifyrate(dns_zonemgr_t zmgr, unsigned int value); /%< * Set the number of NOTIFY requests sent per second. * * Requires: \li 'zmgr' to be a valid zone manager / void dns_zonemgr_setstartupnotifyrate(dns_zonemgr_t zmgr, unsigned int value); /%< * Set the number of startup NOTIFY requests sent per second. * * Requires: \li 'zmgr' to be a valid zone manager / void dns_zonemgr_setserialqueryrate(dns_zonemgr_t zmgr, unsigned int value); /%< * Set the number of SOA queries sent per second. * * Requires: \li 'zmgr' to be a valid zone manager / unsigned int dns_zonemgr_getnotifyrate(dns_zonemgr_t zmgr); /%< * Return the number of NOTIFY requests sent per second. * * Requires: \li 'zmgr' to be a valid zone manager. / unsigned int dns_zonemgr_getstartupnotifyrate(dns_zonemgr_t zmgr); /%< * Return the number of startup NOTIFY requests sent per second. * * Requires: \li 'zmgr' to be a valid zone manager. / unsigned int dns_zonemgr_getserialqueryrate(dns_zonemgr_t zmgr); /%< * Return the number of SOA queries sent per second. * * Requires: \li 'zmgr' to be a valid zone manager. / unsigned int dns_zonemgr_getcount(dns_zonemgr_t zmgr, int state); /%< * Returns the number of zones in the specified state. * * Requires: \li 'zmgr' to be a valid zone manager. \li 'state' to be a valid DNS_ZONESTATE_ constant. / void dns_zonemgr_unreachableadd(dns_zonemgr_t zmgr, isc_sockaddr_t remote, isc_sockaddr_t local, isc_time_t now); /%< * Add the pair of addresses to the unreachable cache. * * Requires: \li 'zmgr' to be a valid zone manager. \li 'remote' to be a valid sockaddr. \li 'local' to be a valid sockaddr. / bool dns_zonemgr_unreachable(dns_zonemgr_t zmgr, isc_sockaddr_t remote, isc_sockaddr_t local, isc_time_t now); /%< Returns true if the given local/remote address pair * is found in the zone maanger's unreachable cache. * * Requires: \li 'zmgr' to be a valid zone manager. \li 'remote' to be a valid sockaddr. \li 'local' to be a valid sockaddr. \li 'now' != NULL / void dns_zonemgr_unreachabledel(dns_zonemgr_t zmgr, isc_sockaddr_t remote, isc_sockaddr_t local); /%< Remove the pair of addresses from the unreachable cache. * * Requires: \li 'zmgr' to be a valid zone manager. \li 'remote' to be a valid sockaddr. \li 'local' to be a valid sockaddr. / void dns_zone_forcereload(dns_zone_t zone); /%< * Force a reload of specified zone. * * Requires: \li 'zone' to be a valid zone. / bool dns_zone_isforced(dns_zone_t zone); /%< * Check if the zone is waiting a forced reload. * * Requires: * \li 'zone' to be a valid zone. / isc_result_t dns_zone_setstatistics(dns_zone_t zone, bool on); /%< This function is obsoleted by dns_zone_setrequeststats(). / uint64_t dns_zone_getstatscounters(dns_zone_t zone); /%< * This function is obsoleted by dns_zone_getrequeststats(). / void dns_zone_setstats(dns_zone_t zone, isc_stats_t stats); /%< * Set a general zone-maintenance statistics set 'stats' for 'zone'. This * function is expected to be called only on zone creation (when necessary). * Once installed, it cannot be removed or replaced. Also, there is no * interface to get the installed stats from the zone; the caller must keep the * stats to reference (e.g. dump) it later. * * Requires: * \li 'zone' to be a valid zone and does not have a statistics set already * installed. * \li stats is a valid statistics supporting zone statistics counters (see dns/stats.h). / void dns_zone_setrequeststats(dns_zone_t zone, isc_stats_t stats); void dns_zone_setrcvquerystats(dns_zone_t zone, dns_stats_t stats); void dns_zone_setdnssecsignstats(dns_zone_t zone, dns_stats_t stats); /%< * Set additional statistics sets to zone. These are attached to the zone * but are not counted in the zone module; only the caller updates the * counters. * * Requires: * \li 'zone' to be a valid zone. * \li stats is a valid statistics. / isc_stats_t * dns_zone_getrequeststats(dns_zone_t zone); dns_stats_t dns_zone_getrcvquerystats(dns_zone_t zone); dns_stats_t dns_zone_getdnssecsignstats(dns_zone_t zone); /%< * Get the additional statistics for zone, if one is installed. * * Requires: * \li 'zone' to be a valid zone. * * Returns: * \li when available, a pointer to the statistics set installed in zone; * otherwise NULL. / void dns_zone_dialup(dns_zone_t zone); /%< Perform dialup-time maintenance on 'zone'. / void dns_zone_setdialup(dns_zone_t zone, dns_dialuptype_t dialup); /%< Set the dialup type of 'zone' to 'dialup'. * * Requires: * \li 'zone' to be valid initialised zone. \li 'dialup' to be a valid dialup type. / void dns_zone_logv(dns_zone_t zone, isc_logcategory_t category, int level, const char prefix, const char msg, va_list ap); /%< Log the message 'msg...' at 'level' using log category 'category', including * text that identifies the message as applying to 'zone'. If the (optional) * 'prefix' is not NULL, it will be placed at the start of the entire log line. / void dns_zone_log(dns_zone_t zone, int level, const char msg, ...) ISC_FORMAT_PRINTF(3, 4); /%< * Log the message 'msg...' at 'level', including text that identifies * the message as applying to 'zone'. / void dns_zone_logc(dns_zone_t zone, isc_logcategory_t category, int level, const char msg, ...) ISC_FORMAT_PRINTF(4, 5); /%< Log the message 'msg...' at 'level', including text that identifies * the message as applying to 'zone'. / void dns_zone_name(dns_zone_t zone, char buf, size_t len); /%< * Return the name of the zone with class and view. * * Requires: \li 'zone' to be valid. \li 'buf' to be non NULL. / void dns_zone_nameonly(dns_zone_t zone, char buf, size_t len); /%< * Return the name of the zone only. * * Requires: \li 'zone' to be valid. \li 'buf' to be non NULL. / isc_result_t dns_zone_checknames(dns_zone_t zone, const dns_name_t name, dns_rdata_t rdata); /%< Check if this record meets the check-names policy. * * Requires: * 'zone' to be valid. * 'name' to be valid. * 'rdata' to be valid. * * Returns: * DNS_R_SUCCESS passed checks. * DNS_R_BADOWNERNAME failed ownername checks. * DNS_R_BADNAME failed rdata checks. / void dns_zone_setcheckmx(dns_zone_t zone, dns_checkmxfunc_t checkmx); /%< Set the post load integrity callback function 'checkmx'. * 'checkmx' will be called if the MX TARGET is not within the zone. * * Require: * 'zone' to be a valid zone. / void dns_zone_setchecksrv(dns_zone_t zone, dns_checkmxfunc_t checksrv); /%< Set the post load integrity callback function 'checksrv'. * 'checksrv' will be called if the SRV TARGET is not within the zone. * * Require: * 'zone' to be a valid zone. / void dns_zone_setcheckns(dns_zone_t zone, dns_checknsfunc_t checkns); /%< Set the post load integrity callback function 'checkns'. * 'checkns' will be called if the NS TARGET is not within the zone. * * Require: * 'zone' to be a valid zone. / void dns_zone_setnotifydelay(dns_zone_t zone, uint32_t delay); /%< Set the minimum delay between sets of notify messages. * * Requires: * 'zone' to be valid. / uint32_t dns_zone_getnotifydelay(dns_zone_t zone); /%< Get the minimum delay between sets of notify messages. * * Requires: * 'zone' to be valid. / void dns_zone_setisself(dns_zone_t zone, dns_isselffunc_t isself, void arg); /%< * Set the isself callback function and argument. * * bool * isself(dns_view_t myview, dns_tsigkey_t mykey, * const isc_netaddr_t srcaddr, const isc_netaddr_t destaddr, * dns_rdataclass_t rdclass, void arg); * 'isself' returns true if a non-recursive query from 'srcaddr' to * 'destaddr' with optional key 'mykey' for class 'rdclass' would be * delivered to 'myview'. / void dns_zone_setnodes(dns_zone_t zone, uint32_t nodes); /%< Set the number of nodes that will be checked per quantum. / void dns_zone_setsignatures(dns_zone_t zone, uint32_t signatures); /%< Set the number of signatures that will be generated per quantum. / uint32_t dns_zone_getsignatures(dns_zone_t zone); /%< Get the number of signatures that will be generated per quantum. / isc_result_t dns_zone_signwithkey(dns_zone_t zone, dns_secalg_t algorithm, uint16_t keyid, bool deleteit); /%< Initiate/resume signing of the entire zone with the zone DNSKEY(s) * that match the given algorithm and keyid. / isc_result_t dns_zone_addnsec3chain(dns_zone_t zone, dns_rdata_nsec3param_t nsec3param); /%< * Incrementally add a NSEC3 chain that corresponds to 'nsec3param'. / void dns_zone_setprivatetype(dns_zone_t zone, dns_rdatatype_t type); dns_rdatatype_t dns_zone_getprivatetype(dns_zone_t zone); / * Get/Set the private record type. It is expected that these interfaces * will not be permanent. / void dns_zone_rekey(dns_zone_t zone, bool fullsign); /%< Update the zone's DNSKEY set from the key repository. * * If 'fullsign' is true, trigger an immediate full signing of * the zone with the new key. Otherwise, if there are no keys or * if the new keys are for algorithms that have already signed the * zone, then the zone can be re-signed incrementally. / isc_result_t dns_zone_nscheck(dns_zone_t zone, dns_db_t db, dns_dbversion_t version, unsigned int errors); /% * Check if the name servers for the zone are sane (have address, don't * refer to CNAMEs/DNAMEs. The number of constiancy errors detected in * returned in 'errors' * Requires: * \li 'zone' to be valid. * \li 'db' to be valid. * \li 'version' to be valid or NULL. * \li 'errors' to be non NULL. * * Returns: * ISC_R_SUCCESS if there were no errors examining the zone contents. / isc_result_t dns_zone_cdscheck(dns_zone_t zone, dns_db_t db, dns_dbversion_t version); /% Check if CSD, CDNSKEY and DNSKEY are consistent. * * Requires: * \li 'zone' to be valid. * \li 'db' to be valid. * \li 'version' to be valid or NULL. * * Returns: \li #ISC_R_SUCCESS \li #DNS_R_BADCDS \li #DNS_R_BADCDNSKEY Others / void dns_zone_setadded(dns_zone_t zone, bool added); /% Sets the value of zone->added, which should be true for * zones that were originally added by "rndc addzone". * * Requires: * \li 'zone' to be valid. / bool dns_zone_getadded(dns_zone_t zone); /% Returns true if the zone was originally added at runtime * using "rndc addzone". * * Requires: * \li 'zone' to be valid. / void dns_zone_setautomatic(dns_zone_t zone, bool automatic); /% Sets the value of zone->automatic, which should be true for * zones that were automatically added by named. * * Requires: * \li 'zone' to be valid. / bool dns_zone_getautomatic(dns_zone_t zone); /% Returns true if the zone was added automatically by named. * * Requires: * \li 'zone' to be valid. / isc_result_t dns_zone_dlzpostload(dns_zone_t zone, dns_db_t db); /% * Load the origin names for a writeable DLZ database. / bool dns_zone_isdynamic(dns_zone_t zone, bool ignore_freeze); /% Return true iff the zone is "dynamic", in the sense that the zone's * master file (if any) is written by the server, rather than being * updated manually and read by the server. * * This is true for slave zones, stub zones, key zones, and zones that * allow dynamic updates either by having an update policy ("ssutable") * or an "allow-update" ACL with a value other than exactly "{ none; }". * * If 'ignore_freeze' is true, then the zone which has had updates disabled * will still report itself to be dynamic. * * Requires: * \li 'zone' to be valid. / isc_result_t dns_zone_setrefreshkeyinterval(dns_zone_t zone, uint32_t interval); /% Sets the frequency, in minutes, with which the key repository will be * checked to see if the keys for this zone have been updated. Any value * higher than 1440 minutes (24 hours) will be silently reduced. A * value of zero will return an out-of-range error. * * Requires: * \li 'zone' to be valid. / bool dns_zone_getrequestexpire(dns_zone_t zone); /% Returns the true/false value of the request-expire option in the zone. * * Requires: * \li 'zone' to be valid. / void dns_zone_setrequestexpire(dns_zone_t zone, bool flag); /% Sets the request-expire option for the zone. Either true or false. The * default value is determined by the setting of this option in the view. * * Requires: * \li 'zone' to be valid. / bool dns_zone_getrequestixfr(dns_zone_t zone); /% Returns the true/false value of the request-ixfr option in the zone. * * Requires: * \li 'zone' to be valid. / void dns_zone_setrequestixfr(dns_zone_t zone, bool flag); /% Sets the request-ixfr option for the zone. Either true or false. The * default value is determined by the setting of this option in the view. * * Requires: * \li 'zone' to be valid. / uint32_t dns_zone_getixfrratio(dns_zone_t zone); /% Returns the zone's current IXFR ratio. * * Requires: * \li 'zone' to be valid. / void dns_zone_setixfrratio(dns_zone_t zone, uint32_t ratio); /% Sets the ratio of IXFR size to zone size above which we use an AXFR * response, expressed as a percentage. Cannot exceed 100. * * Requires: * \li 'zone' to be valid. / void dns_zone_setserialupdatemethod(dns_zone_t zone, dns_updatemethod_t method); /% Sets the update method to use when incrementing the zone serial number * due to a DDNS update. Valid options are dns_updatemethod_increment * and dns_updatemethod_unixtime. * * Requires: * \li 'zone' to be valid. / dns_updatemethod_t dns_zone_getserialupdatemethod(dns_zone_t zone); /% Returns the update method to be used when incrementing the zone serial * number due to a DDNS update. * * Requires: * \li 'zone' to be valid. / isc_result_t dns_zone_link(dns_zone_t zone, dns_zone_t raw); void dns_zone_getraw(dns_zone_t zone, dns_zone_t *raw); isc_result_t dns_zone_keydone(dns_zone_t zone, const char data); isc_result_t dns_zone_setnsec3param(dns_zone_t zone, uint8_t hash, uint8_t flags, uint16_t iter, uint8_t saltlen, unsigned char salt, bool replace, bool resalt); /% * Set the NSEC3 parameters for the zone. * * If 'replace' is true, then the existing NSEC3 chain, if any, will * be replaced with the new one. If 'hash' is zero, then the replacement * chain will be NSEC rather than NSEC3. If 'resalt' is true, or if 'salt' * is NULL, generate a new salt with the given salt length. * * Requires: * \li 'zone' to be valid. / void dns_zone_setrawdata(dns_zone_t zone, dns_masterrawheader_t header); /% * Set the data to be included in the header when the zone is dumped in * binary format. / isc_result_t dns_zone_synckeyzone(dns_zone_t zone); /% Force the managed key zone to synchronize, and start the key * maintenance timer. / isc_result_t dns_zone_getloadtime(dns_zone_t zone, isc_time_t loadtime); /% * Return the time when the zone was last loaded. / isc_result_t dns_zone_getrefreshtime(dns_zone_t zone, isc_time_t refreshtime); /% * Return the time when the (slave) zone will need to be refreshed. / isc_result_t dns_zone_getexpiretime(dns_zone_t zone, isc_time_t expiretime); /% * Return the time when the (slave) zone will expire. / isc_result_t dns_zone_getrefreshkeytime(dns_zone_t zone, isc_time_t refreshkeytime); /% * Return the time of the next scheduled DNSSEC key event. / unsigned int dns_zone_getincludes(dns_zone_t zone, char **includesp); /% * Return the number include files that were encountered * during load. If the number is greater than zero, 'includesp' * will point to an array containing the filenames. * * The array and its contents need to be freed using isc_mem_free. / isc_result_t dns_zone_rpz_enable(dns_zone_t zone, dns_rpz_zones_t rpzs, dns_rpz_num_t rpz_num); /% * Set the response policy associated with a zone. / void dns_zone_rpz_enable_db(dns_zone_t zone, dns_db_t db); /% * If a zone is a response policy zone, mark its new database. / dns_rpz_num_t dns_zone_get_rpz_num(dns_zone_t zone); void dns_zone_catz_enable(dns_zone_t zone, dns_catz_zones_t catzs); /%< Enable zone as catalog zone. * * Requires: * * \li 'zone' is a valid zone object * \li 'catzs' is not NULL * \li prior to calling, zone->catzs is NULL or is equal to 'catzs' / void dns_zone_catz_enable_db(dns_zone_t zone, dns_db_t db); /%< * If 'zone' is a catalog zone, then set up a notify-on-update trigger * in its database. (If not a catalog zone, this function has no effect.) * * Requires: * * \li 'zone' is a valid zone object * \li 'db' is not NULL / void dns_zone_set_parentcatz(dns_zone_t zone, dns_catz_zone_t catz); /%< * Set parent catalog zone for this zone * * Requires: * * \li 'zone' is a valid zone object * \li 'catz' is not NULL / dns_catz_zone_t dns_zone_get_parentcatz(const dns_zone_t zone); /%< * Get parent catalog zone for this zone * * Requires: * * \li 'zone' is a valid zone object / void dns_zone_setstatlevel(dns_zone_t zone, dns_zonestat_level_t level); dns_zonestat_level_t dns_zone_getstatlevel(dns_zone_t zone); /% * Set and get the statistics reporting level for the zone; * full, terse, or none. / isc_result_t dns_zone_setserial(dns_zone_t zone, uint32_t serial); /% Set the zone's serial to 'serial'. / ISC_LANG_ENDDECLS isc_stats_t dns_zone_getgluecachestats(dns_zone_t zone); /%< * Get the glue cache statistics for zone. * * Requires: * \li 'zone' to be a valid zone. * * Returns: * \li if present, a pointer to the statistics set installed in zone; * otherwise NULL. / bool dns_zone_isloaded(dns_zone_t zone); /%< Return true if 'zone' was loaded and has not expired yet, return * false otherwise. / isc_result_t dns_zone_verifydb(dns_zone_t zone, dns_db_t db, dns_dbversion_t ver); /%< If 'zone' is a mirror zone, perform DNSSEC validation of version 'ver' of * its database, 'db'. Ensure that the DNSKEY RRset at zone apex is signed by * at least one trust anchor specified for the view that 'zone' is assigned to. * If 'ver' is NULL, use the current version of 'db'. * * If 'zone' is not a mirror zone, return ISC_R_SUCCESS immediately. * * Returns: * * \li #ISC_R_SUCCESS either 'zone' is not a mirror zone or 'zone' is * a mirror zone and all DNSSEC checks succeeded * and the DNSKEY RRset at zone apex is signed by * a trusted key * * \li #DNS_R_VERIFYFAILURE any other case / const char dns_zonetype_name(dns_zonetype_t type); /%< Return the name of the zone type 'type'. / #endif / DNS_ZONE_H / ��dns/rdatalist.h��0000644��00000004775�15125204632�0007505 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_RDATALIST_H #define DNS_RDATALIST_H 1 /** * Module Info **/ /! \file dns/rdatalist.h * \brief * A DNS rdatalist is a list of rdata of a common type and class. * * MP: \li Clients of this module must impose any required synchronization. * Reliability: \li No anticipated impact. * Resources: \li TBS * Security: \li No anticipated impact. * Standards: \li None. / #include <isc/lang.h> #include <dns/types.h> /% Clients may use this type directly. / struct dns_rdatalist { dns_rdataclass_t rdclass; dns_rdatatype_t type; dns_rdatatype_t covers; dns_ttl_t ttl; ISC_LIST(dns_rdata_t) rdata; ISC_LINK(dns_rdatalist_t) link; /%< * Case vector. If the bit is set then the corresponding * character in the owner name needs to be AND'd with 0x20, * rendering that character upper case. / unsigned char upper[32]; }; ISC_LANG_BEGINDECLS void dns_rdatalist_init(dns_rdatalist_t rdatalist); /%< Initialize rdatalist. * * Ensures: \li All fields of rdatalist have been initialized to their default values. / isc_result_t dns_rdatalist_tordataset(dns_rdatalist_t rdatalist, dns_rdataset_t rdataset); /%< * Make 'rdataset' refer to the rdata in 'rdatalist'. * * Note: \li The caller must ensure that 'rdatalist' remains valid and unchanged while 'rdataset' is associated with it. * * Requires: * \li 'rdatalist' is a valid rdatalist. \li 'rdataset' is a valid rdataset that is not currently associated with any rdata. * * Ensures, * on success, * \li 'rdataset' is associated with the rdata in rdatalist. * Returns: \li #ISC_R_SUCCESS / isc_result_t dns_rdatalist_fromrdataset(dns_rdataset_t rdataset, dns_rdatalist_t rdatalist); /%< * Point 'rdatalist' to the rdatalist in 'rdataset'. * * Requires: * \li 'rdatalist' is a pointer to a NULL dns_rdatalist_t pointer. \li 'rdataset' is a valid rdataset associated with an rdatalist. * Ensures, * on success, * \li 'rdatalist' is pointed to the rdatalist in rdataset. * Returns: \li #ISC_R_SUCCESS / ISC_LANG_ENDDECLS #endif /* DNS_RDATALIST_H / ��dns/nsec.h��0000644��00000005771�15125204632�0006443 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_NSEC_H #define DNS_NSEC_H 1 /! \file dns/nsec.h / #include <stdbool.h> #include <isc/lang.h> #include <dns/name.h> #include <dns/types.h> #define DNS_NSEC_BUFFERSIZE (DNS_NAME_MAXWIRE + 8192 + 512) ISC_LANG_BEGINDECLS isc_result_t dns_nsec_buildrdata(dns_db_t db, dns_dbversion_t version, dns_dbnode_t node, const dns_name_t target, unsigned char buffer, dns_rdata_t rdata); /%< * Build the rdata of a NSEC record. * * Requires: \li buffer Points to a temporary buffer of at least DNS_NSEC_BUFFERSIZE bytes. \li rdata Points to an initialized dns_rdata_t. * Ensures: * \li rdata Contains a valid NSEC rdata. The 'data' member refers to 'buffer'. / isc_result_t dns_nsec_build(dns_db_t db, dns_dbversion_t version, dns_dbnode_t node, const dns_name_t target, dns_ttl_t ttl); /%< * Build a NSEC record and add it to a database. / bool dns_nsec_typepresent(dns_rdata_t nsec, dns_rdatatype_t type); /%< Determine if a type is marked as present in an NSEC record. * * Requires: \li 'nsec' points to a valid rdataset of type NSEC / isc_result_t dns_nsec_nseconly(dns_db_t db, dns_dbversion_t version, bool answer); / * Report whether the DNSKEY RRset has a NSEC only algorithm. Unknown * algorithms are assumed to support NSEC3. If DNSKEY is not found, * answer is set to false, and ISC_R_NOTFOUND is returned. * Requires: * 'answer' to be non NULL. / unsigned int dns_nsec_compressbitmap(unsigned char map, const unsigned char raw, unsigned int max_type); /%< * Convert a raw bitmap into a compressed windowed bit map. 'map' and 'raw' * may overlap. * * Returns the length of the compressed windowed bit map. / void dns_nsec_setbit(unsigned char array, unsigned int type, unsigned int bit); /%< Set type bit in raw 'array' to 'bit'. / bool dns_nsec_isset(const unsigned char array, unsigned int type); /%< Test if the corresponding 'type' bit is set in 'array'. / isc_result_t dns_nsec_noexistnodata(dns_rdatatype_t type, const dns_name_t name, const dns_name_t nsecname, dns_rdataset_t nsecset, bool exists, bool data, dns_name_t wild, dns_nseclog_t log, void arg); /% Return ISC_R_SUCCESS if we can determine that the name doesn't exist * or we can determine whether there is data or not at the name. * If the name does not exist return the wildcard name. * * Return DNS_R_DNAME when the NSEC indicates that name is covered by * a DNAME. 'wild' is not set in this case. * * Return ISC_R_IGNORE when the NSEC is not the appropriate one. / ISC_LANG_ENDDECLS #endif / DNS_NSEC_H / ��dns/tsec.h��0000644��00000005602�15125204632�0006442 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_TSEC_H #define DNS_TSEC_H 1 /** * Module Info **/ /! \file * * \brief * The TSEC (Transaction Security) module is an abstraction layer for managing * DNS transaction mechanisms such as TSIG or SIG(0). A TSEC structure is a * mechanism-independent object containing key information specific to the * mechanism, and is expected to be used as an argument to other modules * that use transaction security in a mechanism-independent manner. * * MP: \li A TSEC structure is expected to be thread-specific. No inter-thread synchronization is ensured in multiple access to a single TSEC * structure. * * Resources: \li TBS * Security: \li This module does not handle any low-level data directly, and so no security issue specific to this module is anticipated. / #include <dns/types.h> #include <dst/dst.h> ISC_LANG_BEGINDECLS / * Types **/ /% * Transaction security types. / typedef enum { dns_tsectype_none, dns_tsectype_tsig, dns_tsectype_sig0 } dns_tsectype_t; isc_result_t dns_tsec_create(isc_mem_t mctx, dns_tsectype_t type, dst_key_t key, dns_tsec_t tsecp); /%< * Create a TSEC structure and stores a type-dependent key structure in it. * For a TSIG key (type is dns_tsectype_tsig), dns_tsec_create() creates a * TSIG key structure from 'key' and keeps it in the structure. For other types, this function simply retains 'key' in the structure. In either case, the ownership of 'key' is transferred to the TSEC module; the caller must not modify or destroy it after the call to dns_tsec_create(). * * Requires: * \li 'mctx' is a valid memory context. \li 'type' is a valid value of dns_tsectype_t (see above). \li 'key' is a valid key. \li tsecp != NULL && tsecp == NULL. * * Returns: * \li #ISC_R_SUCCESS On success. \li Anything else Failure. / void dns_tsec_destroy(dns_tsec_t *tsecp); /%< * Destroy the TSEC structure. The stored key is also detached or destroyed. * * Requires * \li 'tsecp' is a valid TSEC structure. * * Ensures * \li tsecp == NULL. * / dns_tsectype_t dns_tsec_gettype(dns_tsec_t tsec); /%< Return the TSEC type of 'tsec'. * Requires * \li 'tsec' is a valid TSEC structure. / void dns_tsec_getkey(dns_tsec_t tsec, void keyp); /%< * Return the TSEC key of 'tsec' in 'keyp'. * * Requires * \li keyp != NULL * Ensures * \li tsecp points to a valid key structure depending on the TSEC type. / ISC_LANG_ENDDECLS #endif / DNS_TSEC_H / ��dns/iptable.h��0000644��00000002761�15125204632�0007127 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_IPTABLE_H #define DNS_IPTABLE_H 1 #include <inttypes.h> #include <stdbool.h> #include <isc/lang.h> #include <isc/magic.h> #include <isc/radix.h> #include <dns/types.h> struct dns_iptable { unsigned int magic; isc_mem_t mctx; isc_refcount_t refcount; isc_radix_tree_t radix; ISC_LINK(dns_iptable_t) nextincache; }; #define DNS_IPTABLE_MAGIC ISC_MAGIC('T', 'a', 'b', 'l') #define DNS_IPTABLE_VALID(a) ISC_MAGIC_VALID(a, DNS_IPTABLE_MAGIC) / * Functions **/ ISC_LANG_BEGINDECLS isc_result_t dns_iptable_create(isc_mem_t mctx, dns_iptable_t *target); / * Create a new IP table and the underlying radix structure / isc_result_t dns_iptable_addprefix(dns_iptable_t tab, const isc_netaddr_t addr, uint16_t bitlen, bool pos); / * Add an IP prefix to an existing IP table / isc_result_t dns_iptable_merge(dns_iptable_t tab, dns_iptable_t source, bool pos); / * Merge one IP table into another one. / void dns_iptable_attach(dns_iptable_t source, dns_iptable_t target); void dns_iptable_detach(dns_iptable_t tabp); ISC_LANG_ENDDECLS #endif /* DNS_IPTABLE_H / ��dns/tkey.h��0000644��00000016747�15125204632�0006474 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_TKEY_H #define DNS_TKEY_H 1 /! \file dns/tkey.h / #include <inttypes.h> #include <stdbool.h> #include <isc/lang.h> #include <dns/types.h> #include <dst/dst.h> #include <dst/gssapi.h> ISC_LANG_BEGINDECLS / Key agreement modes / #define DNS_TKEYMODE_SERVERASSIGNED 1 #define DNS_TKEYMODE_DIFFIEHELLMAN 2 #define DNS_TKEYMODE_GSSAPI 3 #define DNS_TKEYMODE_RESOLVERASSIGNED 4 #define DNS_TKEYMODE_DELETE 5 struct dns_tkeyctx { dst_key_t dhkey; dns_name_t domain; dns_gss_cred_id_t gsscred; isc_mem_t mctx; char gssapi_keytab; }; isc_result_t dns_tkeyctx_create(isc_mem_t mctx, dns_tkeyctx_t *tctxp); /%< * Create an empty TKEY context. * * Requires: \li 'mctx' is not NULL \li 'tctx' is not NULL \li 'tctx' is NULL * * Returns \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li return codes from dns_name_fromtext() / void dns_tkeyctx_destroy(dns_tkeyctx_t *tctxp); /%< * Frees all data associated with the TKEY context * * Requires: \li 'tctx' is not NULL \li 'tctx' is not NULL / isc_result_t dns_tkey_processquery(dns_message_t msg, dns_tkeyctx_t tctx, dns_tsig_keyring_t ring); /%< * Processes a query containing a TKEY record, adding or deleting TSIG * keys if necessary, and modifies the message to contain the response. * * Requires: \li 'msg' is a valid message \li 'tctx' is a valid TKEY context \li 'ring' is a valid TSIG keyring * Returns \li #ISC_R_SUCCESS msg was updated (the TKEY operation succeeded, or msg now includes a TKEY with an error set) * DNS_R_FORMERR the packet was malformed (missing a TKEY * or KEY). \li other An error occurred while processing the message / isc_result_t dns_tkey_builddhquery(dns_message_t msg, dst_key_t key, const dns_name_t name, const dns_name_t algorithm, isc_buffer_t nonce, uint32_t lifetime); /%< * Builds a query containing a TKEY that will generate a shared * secret using a Diffie-Hellman key exchange. The shared key * will be of the specified algorithm (only DNS_TSIG_HMACMD5_NAME * is supported), and will be named either 'name', * 'name' + server chosen domain, or random data + server chosen domain * if 'name' == dns_rootname. If nonce is not NULL, it supplies * random data used in the shared secret computation. The key is * requested to have the specified lifetime (in seconds) * * * Requires: \li 'msg' is a valid message \li 'key' is a valid Diffie Hellman dst key \li 'name' is a valid name \li 'algorithm' is a valid name * * Returns: \li #ISC_R_SUCCESS msg was successfully updated to include the query to be sent \li other an error occurred while building the message / isc_result_t dns_tkey_buildgssquery(dns_message_t msg, const dns_name_t name, const dns_name_t gname, isc_buffer_t intoken, uint32_t lifetime, dns_gss_ctx_id_t context, bool win2k, isc_mem_t mctx, char *err_message); /%< * Builds a query containing a TKEY that will generate a GSSAPI context. * The key is requested to have the specified lifetime (in seconds). * * Requires: \li 'msg' is a valid message \li 'name' is a valid name \li 'gname' is a valid name \li 'context' is a pointer to a valid gss_ctx_id_t * (which may have the value GSS_C_NO_CONTEXT) \li 'win2k' when true says to turn on some hacks to work with the non-standard GSS-TSIG of Windows 2000 * * Returns: \li ISC_R_SUCCESS msg was successfully updated to include the query to be sent \li other an error occurred while building the message \li err_message optional error message / isc_result_t dns_tkey_builddeletequery(dns_message_t msg, dns_tsigkey_t key); /%< Builds a query containing a TKEY record that will delete the * specified shared secret from the server. * * Requires: \li 'msg' is a valid message \li 'key' is a valid TSIG key * * Returns: \li #ISC_R_SUCCESS msg was successfully updated to include the query to be sent \li other an error occurred while building the message / isc_result_t dns_tkey_processdhresponse(dns_message_t qmsg, dns_message_t rmsg, dst_key_t key, isc_buffer_t nonce, dns_tsigkey_t *outkey, dns_tsig_keyring_t ring); /%< Processes a response to a query containing a TKEY that was * designed to generate a shared secret using a Diffie-Hellman key * exchange. If the query was successful, a new shared key * is created and added to the list of shared keys. * * Requires: \li 'qmsg' is a valid message (the query) \li 'rmsg' is a valid message (the response) \li 'key' is a valid Diffie Hellman dst key \li 'outkey' is either NULL or a pointer to NULL \li 'ring' is a valid keyring or NULL * Returns: \li #ISC_R_SUCCESS the shared key was successfully added \li #ISC_R_NOTFOUND an error occurred while looking for a * component of the query or response / isc_result_t dns_tkey_processgssresponse(dns_message_t qmsg, dns_message_t rmsg, const dns_name_t gname, dns_gss_ctx_id_t context, isc_buffer_t outtoken, dns_tsigkey_t *outkey, dns_tsig_keyring_t ring, char *err_message); /%< * XXX / isc_result_t dns_tkey_processdeleteresponse(dns_message_t qmsg, dns_message_t rmsg, dns_tsig_keyring_t ring); /%< Processes a response to a query containing a TKEY that was * designed to delete a shared secret. If the query was successful, * the shared key is deleted from the list of shared keys. * * Requires: \li 'qmsg' is a valid message (the query) \li 'rmsg' is a valid message (the response) \li 'ring' is not NULL * Returns: \li #ISC_R_SUCCESS the shared key was successfully deleted \li #ISC_R_NOTFOUND an error occurred while looking for a * component of the query or response / isc_result_t dns_tkey_gssnegotiate(dns_message_t qmsg, dns_message_t rmsg, const dns_name_t server, dns_gss_ctx_id_t context, dns_tsigkey_t outkey, dns_tsig_keyring_t ring, bool win2k, char *err_message); / * Client side negotiation of GSS-TSIG. Process the response * to a TKEY, and establish a TSIG key if negotiation was successful. * Build a response to the input TKEY message. Can take multiple * calls to successfully establish the context. * * Requires: * 'qmsg' is a valid message, the original TKEY request; * it will be filled with the new message to send * 'rmsg' is a valid message, the incoming TKEY message * 'server' is the server name * 'context' is the input context handle * 'outkey' receives the established key, if non-NULL; * if non-NULL must point to NULL * 'ring' is the keyring in which to establish the key, * or NULL * 'win2k' when true says to turn on some hacks to work * with the non-standard GSS-TSIG of Windows 2000 * * Returns: * ISC_R_SUCCESS context was successfully established * ISC_R_NOTFOUND couldn't find a needed part of the query * or response * DNS_R_CONTINUE additional context negotiation is required; * send the new qmsg to the server / ISC_LANG_ENDDECLS #endif / DNS_TKEY_H / ��dns/time.h��0000644��00000003235�15125204632�0006442 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_TIME_H #define DNS_TIME_H 1 /! \file dns/time.h / / * Imports */ #include <inttypes.h> #include <isc/buffer.h> #include <isc/lang.h> ISC_LANG_BEGINDECLS /* * Functions / isc_result_t dns_time64_fromtext(const char source, int64_t target); /%< * Convert a date and time in YYYYMMDDHHMMSS text format at 'source' * into to a 64-bit count of seconds since Jan 1 1970 0:00 GMT. * Store the count at 'target'. / isc_result_t dns_time32_fromtext(const char source, uint32_t target); /%< * Like dns_time64_fromtext, but returns the second count modulo 2^32 * as per RFC2535. / isc_result_t dns_time64_totext(int64_t value, isc_buffer_t target); /%< Convert a 64-bit count of seconds since Jan 1 1970 0:00 GMT into * a YYYYMMDDHHMMSS text representation and append it to 'target'. / isc_result_t dns_time32_totext(uint32_t value, isc_buffer_t target); /%< Like dns_time64_totext, but for a 32-bit cyclic time value. * Of those dates whose counts of seconds since Jan 1 1970 0:00 GMT * are congruent with 'value' modulo 2^32, the one closest to the * current date is chosen. / int64_t dns_time64_from32(uint32_t value); /%< * Covert a 32-bit cyclic time value into a 64 bit time stamp. / ISC_LANG_ENDDECLS #endif / DNS_TIME_H / ��dns/portlist.h��0000644��00000004065�15125204632�0007366 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! \file dns/portlist.h / #include <stdbool.h> #include <isc/lang.h> #include <isc/net.h> #include <isc/types.h> #include <dns/types.h> #ifndef DNS_PORTLIST_H #define DNS_PORTLIST_H 1 ISC_LANG_BEGINDECLS isc_result_t dns_portlist_create(isc_mem_t mctx, dns_portlist_t *portlistp); /%< * Create a port list. * * Requires: \li 'mctx' to be valid. \li 'portlistp' to be non NULL and 'portlistp' to be NULL; * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li #ISC_R_UNEXPECTED / isc_result_t dns_portlist_add(dns_portlist_t portlist, int af, in_port_t port); /%< * Add the given <port,af> tuple to the portlist. * * Requires: \li 'portlist' to be valid. \li 'af' to be AF_INET or AF_INET6 * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY / void dns_portlist_remove(dns_portlist_t portlist, int af, in_port_t port); /%< Remove the given <port,af> tuple to the portlist. * * Requires: \li 'portlist' to be valid. \li 'af' to be AF_INET or AF_INET6 / bool dns_portlist_match(dns_portlist_t portlist, int af, in_port_t port); /%< Find the given <port,af> tuple to the portlist. * * Requires: \li 'portlist' to be valid. \li 'af' to be AF_INET or AF_INET6 * * Returns * \li #true if the tuple is found, false otherwise. / void dns_portlist_attach(dns_portlist_t portlist, dns_portlist_t *portlistp); /%< * Attach to a port list. * * Requires: \li 'portlist' to be valid. \li 'portlistp' to be non NULL and 'portlistp' to be NULL; / void dns_portlist_detach(dns_portlist_t *portlistp); /%< * Detach from a port list. * * Requires: \li 'portlistp' to be valid. / ISC_LANG_ENDDECLS #endif / DNS_PORTLIST_H / ��dns/edns.h��0000644��00000001417�15125204632�0006435 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DNS_EDNS_H #define DNS_EDNS_H 1 /% * The maximum version on EDNS supported by this build. / #define DNS_EDNS_VERSION 0 #ifdef DRAFT_ANDREWS_EDNS1 #undef DNS_EDNS_VERSION / * Warning: this currently disables sending COOKIE requests in resolver.c / #define DNS_EDNS_VERSION 1 / draft-andrews-edns1 / #endif / ifdef DRAFT_ANDREWS_EDNS1 / #endif / ifndef DNS_EDNS_H / ��dns/dlz.h��0000644��00000025174�15125204632�0006303 0��ustar�00��/ * Portions Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / * Copyright (C) 2002 Stichting NLnet, Netherlands, stichting@nlnet.nl. * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the * above copyright notice and this permission notice appear in all * copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND STICHTING NLNET * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL * STICHTING NLNET BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS * OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE * USE OR PERFORMANCE OF THIS SOFTWARE. * * The development of Dynamically Loadable Zones (DLZ) for Bind 9 was * conceived and contributed by Rob Butler. * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the * above copyright notice and this permission notice appear in all * copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND ROB BUTLER * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL * ROB BUTLER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS * OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE * USE OR PERFORMANCE OF THIS SOFTWARE. / /! \file dns/dlz.h / #ifndef DLZ_H #define DLZ_H 1 /** * Module Info **/ / * DLZ Interface * * The DLZ interface allows zones to be looked up using a driver instead of * Bind's default in memory zone table. * * * Reliability: * No anticipated impact. * * Resources: * * Security: * No anticipated impact. * * Standards: * None. / /** * Imports */ #include <stdbool.h> #include <isc/lang.h> #include <dns/clientinfo.h> #include <dns/name.h> #include <dns/types.h> #include <dns/view.h> #include <dst/dst.h> ISC_LANG_BEGINDECLS /* * Types / #define DNS_DLZ_MAGIC ISC_MAGIC('D', 'L', 'Z', 'D') #define DNS_DLZ_VALID(dlz) ISC_MAGIC_VALID(dlz, DNS_DLZ_MAGIC) typedef isc_result_t (dns_dlzallowzonexfr_t)(void driverarg, void dbdata, isc_mem_t mctx, dns_rdataclass_t rdclass, const dns_name_t name, const isc_sockaddr_t clientaddr, dns_db_t dbp); /%< * Method prototype. Drivers implementing the DLZ interface MUST * supply an allow zone transfer method. This method is called when * the DNS server is performing a zone transfer query. The driver's * method should return ISC_R_SUCCESS and a database pointer to the * name server if the zone is supported by the database, and zone * transfer is allowed. If the view's transfer acl should be used, * then the driver's method should return ISC_R_DEFAULT. Otherwise, * it should return ISC_R_NOTFOUND if the zone is not supported by * the database, or ISC_R_NOPERM if zone transfers are not allowed. * If an error occurs, the result code should indicate the type of error. / typedef isc_result_t (dns_dlzcreate_t)(isc_mem_t mctx, const char dlzname, unsigned int argc, char argv[], void driverarg, void *dbdata); /%< * Method prototype. Drivers implementing the DLZ interface MUST * supply a create method. This method is called when the DNS server * is starting up and creating drivers for use later. / typedef void (dns_dlzdestroy_t)(void driverarg, void dbdata); /%< * Method prototype. Drivers implementing the DLZ interface MUST * supply a destroy method. This method is called when the DNS server * is shutting down and no longer needs the driver. / typedef isc_result_t (dns_dlzfindzone_t)(void driverarg, void dbdata, isc_mem_t mctx, dns_rdataclass_t rdclass, const dns_name_t name, dns_clientinfomethods_t methods, dns_clientinfo_t clientinfo, dns_db_t *dbp); /%< * Method prototype. Drivers implementing the DLZ interface MUST * supply a find zone method. This method is called when the DNS * server is performing a query. The find zone method will be called * with the longest possible name first, and continue to be called * with successively shorter domain names, until any of the following * occur: * * \li 1) a match is found, and the function returns (ISC_R_SUCCESS) * * \li 2) a problem occurs, and the functions returns anything other * than (ISC_R_NOTFOUND) * \li 3) we run out of domain name labels. I.E. we have tried the * shortest domain name * \li 4) the number of labels in the domain name is less than * min_labels for dns_dlzfindzone * * The driver's find zone method should return ISC_R_SUCCESS and a * database pointer to the name server if the zone is supported by the * database. Otherwise it will return ISC_R_NOTFOUND, and a null * pointer if the zone is not supported. If an error occurs it should * return a result code indicating the type of error. / typedef isc_result_t (dns_dlzconfigure_t)(void driverarg, void dbdata, dns_view_t view, dns_dlzdb_t dlzdb); /%< Method prototype. Drivers implementing the DLZ interface may * optionally supply a configure method. If supplied, this will be * called immediately after the create method is called. The driver * may call configuration functions during the configure call / typedef bool (dns_dlzssumatch_t)(const dns_name_t signer, const dns_name_t name, const isc_netaddr_t tcpaddr, dns_rdatatype_t type, const dst_key_t key, void driverarg, void dbdata); /%< Method prototype. Drivers implementing the DLZ interface may * optionally supply a ssumatch method. If supplied, this will be * called to authorize update requests / /% the methods supplied by a DLZ driver / typedef struct dns_dlzmethods { dns_dlzcreate_t create; dns_dlzdestroy_t destroy; dns_dlzfindzone_t findzone; dns_dlzallowzonexfr_t allowzonexfr; dns_dlzconfigure_t configure; dns_dlzssumatch_t ssumatch; } dns_dlzmethods_t; /% information about a DLZ driver / struct dns_dlzimplementation { const char name; const dns_dlzmethods_t methods; isc_mem_t mctx; void driverarg; ISC_LINK(dns_dlzimplementation_t) link; }; typedef isc_result_t (dlzconfigure_callback_t)(dns_view_t , dns_dlzdb_t , dns_zone_t ); /% An instance of a DLZ driver / struct dns_dlzdb { unsigned int magic; isc_mem_t mctx; dns_dlzimplementation_t implementation; void dbdata; dlzconfigure_callback_t configure_callback; bool search; char dlzname; ISC_LINK(dns_dlzdb_t) link; dns_ssutable_t ssutable; }; /* * Method declarations **/ isc_result_t dns_dlzallowzonexfr(dns_view_t view, const dns_name_t name, const isc_sockaddr_t clientaddr, dns_db_t *dbp); /%< * This method is called when the DNS server is performing a zone * transfer query. It will call the DLZ driver's allow zone transfer * method. / isc_result_t dns_dlzcreate(isc_mem_t mctx, const char dlzname, const char drivername, unsigned int argc, char argv[], dns_dlzdb_t dbp); /%< * This method is called when the DNS server is starting up and * creating drivers for use later. It will search the DLZ driver list * for 'drivername' and return a DLZ driver via dbp if a match is * found. If the DLZ driver supplies a create method, this function * will call it. / void dns_dlzdestroy(dns_dlzdb_t dbp); /%< * This method is called when the DNS server is shutting down and no * longer needs the driver. If the DLZ driver supplies a destroy * methods, this function will call it. / isc_result_t dns_dlzregister(const char drivername, const dns_dlzmethods_t methods, void driverarg, isc_mem_t mctx, dns_dlzimplementation_t dlzimp); /%< * Register a dynamically loadable zones (DLZ) driver for the database * type 'drivername', implemented by the functions in 'methods'. * dlzimp must point to a NULL dlz_implementation_t pointer. That is, * dlzimp != NULL && dlzimp == NULL. It will be assigned a value that will later be used to identify the driver when deregistering it. / isc_result_t dns_dlzstrtoargv(isc_mem_t mctx, char s, unsigned int argcp, char **argvp); /%< * This method is called when the name server is starting up to parse * the DLZ driver command line from named.conf. Basically it splits * up a string into and argc / argv. The primary difference of this * method is items between braces { } are considered only 1 word. for * example the command line "this is { one grouped phrase } and this * isn't" would be parsed into: * * \li argv[0]: "this" * \li argv[1]: "is" * \li argv{2]: " one grouped phrase " * \li argv[3]: "and" * \li argv[4]: "this" * \li argv{5}: "isn't" * * braces should NOT be nested, more than one grouping in the command * line is allowed. Notice, argv[2] has an extra space at the * beginning and end. Extra spaces are not stripped between a * grouping. You can do so in your driver if needed, or be sure not * to put extra spaces before / after the braces. / void dns_dlzunregister(dns_dlzimplementation_t dlzimp); /%< * Removes the dlz driver from the list of registered dlz drivers. * There must be no active dlz drivers of this type when this function * is called. / typedef isc_result_t dns_dlz_writeablezone_t(dns_view_t view, dns_dlzdb_t dlzdb, const char zone_name); dns_dlz_writeablezone_t dns_dlz_writeablezone; /%< creates a writeable DLZ zone. Must be called from within the * configure() method of a DLZ driver. / isc_result_t dns_dlzconfigure(dns_view_t view, dns_dlzdb_t dlzdb, dlzconfigure_callback_t callback); /%< * call a DLZ drivers configure method, if supplied / bool dns_dlz_ssumatch(dns_dlzdb_t dlzdatabase, const dns_name_t signer, const dns_name_t name, const isc_netaddr_t tcpaddr, dns_rdatatype_t type, const dst_key_t key); /%< call a DLZ drivers ssumatch method, if supplied. Otherwise return false / ISC_LANG_ENDDECLS #endif / DLZ_H / ��dns/dnstap.h��0000644��00000023721�15125204632�0006777 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef _DNSTAP_H #define _DNSTAP_H /** * Module Info **/ /! \file * \brief * The dt (dnstap) module provides fast passive logging of DNS messages. * Protocol Buffers. The protobuf schema for Dnstap messages is in the * file dnstap.proto, which is compiled to dnstap.pb-c.c and dnstap.pb-c.h. / #include <inttypes.h> #include <stdbool.h> struct fstrm_iothr_options; #include <isc/log.h> #include <isc/refcount.h> #include <isc/region.h> #include <isc/sockaddr.h> #include <isc/time.h> #include <isc/types.h> #include <dns/name.h> #include <dns/rdataclass.h> #include <dns/rdatatype.h> #include <dns/types.h> /% * Dnstap message types: * * STUB QUERY: SQ * STUB RESPONSE: SR * CLIENT QUERY: CQ * CLIENT RESPONSE: CR * AUTH QUERY: AQ * AUTH RESPONSE: AR * RESOLVER QUERY: RQ * RESOLVER RESPONSE: RR * FORWARDER QUERY: FQ * FORWARDER RESPONSE: FR / #define DNS_DTTYPE_SQ 0x0001 #define DNS_DTTYPE_SR 0x0002 #define DNS_DTTYPE_CQ 0x0004 #define DNS_DTTYPE_CR 0x0008 #define DNS_DTTYPE_AQ 0x0010 #define DNS_DTTYPE_AR 0x0020 #define DNS_DTTYPE_RQ 0x0040 #define DNS_DTTYPE_RR 0x0080 #define DNS_DTTYPE_FQ 0x0100 #define DNS_DTTYPE_FR 0x0200 #define DNS_DTTYPE_TQ 0x0400 #define DNS_DTTYPE_TR 0x0800 #define DNS_DTTYPE_UQ 0x1000 #define DNS_DTTYPE_UR 0x2000 #define DNS_DTTYPE_QUERY \ (DNS_DTTYPE_SQ \| DNS_DTTYPE_CQ \| DNS_DTTYPE_AQ \| DNS_DTTYPE_RQ \| \ DNS_DTTYPE_FQ \| DNS_DTTYPE_TQ \| DNS_DTTYPE_UQ) #define DNS_DTTYPE_RESPONSE \ (DNS_DTTYPE_SR \| DNS_DTTYPE_CR \| DNS_DTTYPE_AR \| DNS_DTTYPE_RR \| \ DNS_DTTYPE_FR \| DNS_DTTYPE_TR \| DNS_DTTYPE_UR) #define DNS_DTTYPE_ALL (DNS_DTTYPE_QUERY \| DNS_DTTYPE_RESPONSE) typedef enum { dns_dtmode_none = 0, dns_dtmode_file, dns_dtmode_unix } dns_dtmode_t; typedef struct dns_dthandle dns_dthandle_t; #ifdef HAVE_DNSTAP struct dns_dtdata { isc_mem_t mctx; void frame; bool query; bool tcp; dns_dtmsgtype_t type; isc_time_t qtime; isc_time_t rtime; isc_region_t qaddr; isc_region_t raddr; uint32_t qport; uint32_t rport; isc_region_t msgdata; dns_message_t msg; char namebuf[DNS_NAME_FORMATSIZE]; char typebuf[DNS_RDATATYPE_FORMATSIZE]; char classbuf[DNS_RDATACLASS_FORMATSIZE]; }; #endif /* HAVE_DNSTAP / isc_result_t dns_dt_create(isc_mem_t mctx, dns_dtmode_t mode, const char path, struct fstrm_iothr_options foptp, isc_task_t reopen_task, dns_dtenv_t *envp); /%< * Create and initialize the dnstap environment. * * There should be a single global dnstap environment for the server; * copies of it will be attached to each view. * * Notes: * \li 'path' refers to a UNIX domain socket by default. It may optionally be prepended with "socket:" or "file:". If prepended * with "file:", then dnstap logs are sent to a file instead of a * socket. * \li 'foptp' set the options for fstrm_iothr_init(). 'foptp' must have have had the number of input queues set and this should be set * to the number of worker threads. Additionally the queue model * should also be set. Other options may be set if desired. * If dns_dt_create succeeds the foptp is set to NULL. \li 'reopen_task' needs to be set to the task in the context of which dns_dt_reopen() will be called. This is not an optional parameter: * using dns_dt_create() (which sets 'reopen_task' to NULL) is only * allowed in unit tests. * * Requires: * \li 'mctx' is a valid memory context. \li 'path' is a valid C string. \li 'foptp' is non NULL. \li envp != NULL && envp == NULL * * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY * \li Other errors are possible. / isc_result_t dns_dt_setupfile(dns_dtenv_t env, uint64_t max_size, int rolls, isc_log_rollsuffix_t suffix); /%< * Sets up the dnstap logfile limits. * * 'max_size' is the size a log file may grow before it is rolled * * 'rolls' is the number of rolled files to retain. * * 'suffix' is the logfile suffix setting, increment or timestamp. * * Requires: * \li 'env' is a valid dnstap environment. * Returns: \li #ISC_R_SUCCESS on success \li #ISC_R_INVALIDFILE if dnstap is set to use a UNIX domain socket / isc_result_t dns_dt_reopen(dns_dtenv_t env, int roll); /%< Reopens files established by dns_dt_create2(). * * If 'roll' is non-negative and 'env->mode' is dns_dtmode_file, * then the file is automatically rolled over before reopening. * The value of 'roll' indicates the number of backup log files to * keep. If 'roll' is negative, or if 'env->mode' is dns_dtmode_unix, * then the channel is simply reopened. * * Note: dns_dt_reopen() uses task-exclusive mode and must be run in the * context of env->reopen_task. * * Requires: \li 'env' is a valid dnstap environment. / isc_result_t dns_dt_setidentity(dns_dtenv_t env, const char identity); isc_result_t dns_dt_setversion(dns_dtenv_t env, const char version); /%< Set the "identity" and "version" strings to be sent in dnstap messages. * * Requires: * \li 'env' is a valid dnstap environment. / void dns_dt_attach(dns_dtenv_t source, dns_dtenv_t destp); /%< * Attach 'destp' to 'source', incrementing the reference counter. * Requires: * \li 'source' is a valid dnstap environment. \li 'destp' is not NULL and 'destp' is NULL. * \li destp is attached to source. / void dns_dt_detach(dns_dtenv_t envp); /%< * Detach 'envp', decrementing the reference counter. * Requires: * \li 'envp' is a valid dnstap environment. * * Ensures: * \li 'envp' will be destroyed when the number of references reaches zero. * \li 'envp' is NULL. / isc_result_t dns_dt_getstats(dns_dtenv_t env, isc_stats_t *statsp); /%< * Attach to the stats struct if it exists. * * Requires: * \li 'env' is a valid dnstap environment. \li 'statsp' is non NULL and 'statsp' is NULL. * * Returns: * \li ISC_R_SUCCESS \li ISC_R_NOTFOUND / void dns_dt_send(dns_view_t view, dns_dtmsgtype_t msgtype, isc_sockaddr_t qaddr, isc_sockaddr_t dstaddr, bool tcp, isc_region_t zone, isc_time_t qtime, isc_time_t rtime, isc_buffer_t buf); /%< * Sends a dnstap message to the log, if 'msgtype' is one of the message * types represented in 'view->dttypes'. * * Parameters are: 'qaddr' (query address, i.e, the address of the * query initiator); 'raddr' (response address, i.e., the address of * the query responder); 'tcp' (boolean indicating whether the transaction * was over TCP); 'zone' (the authoritative zone or bailiwick, in * uncompressed wire format), 'qtime' and 'rtime' (query and response * times; if NULL, they are set to the current time); and 'buf' (the * DNS message being logged, in wire format). * * Requires: * \li 'view' is a valid view, and 'view->dtenv' is NULL or is a valid dnstap environment. / isc_result_t dns_dt_parse(isc_mem_t mctx, isc_region_t src, dns_dtdata_t destp); /%< * Converts a raw dnstap frame in 'src' to a parsed dnstap data structure * in 'destp'. * Requires: \li 'src' is not NULL \li 'destp' is not NULL and 'destp' points to a valid buffer. * * Returns: \li #ISC_R_SUCCESS on success \li Other errors are possible. / isc_result_t dns_dt_datatotext(dns_dtdata_t d, isc_buffer_t dest); /%< * Converts a parsed dnstap data structure 'd' to text, storing * the result in the buffer 'dest'. If 'dest' points to a dynamically * allocated buffer, then it may be reallocated as needed. * * (XXX: add a 'long_form' option to generate a detailed listing of * dnstap data instead * of a one-line summary.) * * Requires: \li 'd' is not NULL \li 'dest' is not NULL and 'dest' points to a valid buffer. * * Returns: \li #ISC_R_SUCCESS on success \li #ISC_R_NOSPACE if buffer is not dynamic and runs out of space \li #ISC_R_NOMEMORY if buffer is dynamic but memory could not be allocated \li Other errors are possible. / void dns_dtdata_free(dns_dtdata_t *dp); /%< * Frees the specified dns_dtdata structure and all its members, * and sets dp to NULL. / isc_result_t dns_dt_open(const char filename, dns_dtmode_t mode, isc_mem_t mctx, dns_dthandle_t *handlep); /%< * Opens a dnstap framestream at 'filename' and stores a pointer to the * reader object in a dns_dthandle_t structure. * * The caller is responsible for allocating the handle structure. * * (XXX: Currently only file readers are supported, not unix-domain socket * readers.) * * Requires: * \li 'filename' is not NULL. \li 'handlep' is not NULL and 'handlep' is NULL. * \li 'mctx' is not a valid memory context. * * Returns: * \li #ISC_R_SUCCESS on success \li #ISC_R_NOTIMPLEMENTED if 'mode' is not dns_dtmode_file. (XXX) \li #ISC_R_NOMEMORY if the fstrm library was unable to allocate a reader or options structure \li #ISC_R_FAILURE if 'filename' could not be opened. \li #DNS_R_BADDNSTAP if 'filename' does not contain a dnstap * framestream. / isc_result_t dns_dt_getframe(dns_dthandle_t handle, uint8_t *bufp, size_t sizep); /%< Read a dnstap frame from the framstream reader in 'handle', storing * a pointer to it in 'bufp' and its size in 'sizep'. * * Requires: * \li 'handle' is not NULL \li 'bufp' is not NULL \li 'sizep' is not NULL * Ensures: * \li if returning ISC_R_SUCCESS then 'bufp' is not NULL * Returns: * \li #ISC_R_SUCCESS on success \li #ISC_R_NOMORE at the end of the frame stream \li #ISC_R_FAILURE for any other failure / void dns_dt_close(dns_dthandle_t *handlep); /%< * Closes the dnstap file referenced by 'handle'. * * Requires: * \li 'handlep' is not NULL / #endif / _DNSTAP_H / ��pk11/site.h��0000644��00000000655�15125204632�0006443 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once /! \file pk11/site.h / ��irs/platform.h��0000644��00000001213�15125204632�0007333 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! \file / #ifndef IRS_PLATFORM_H #define IRS_PLATFORM_H 1 /** * Platform-dependent defines. **/ #define LIBIRS_EXTERNAL_DATA / * Tell Emacs to use C mode on this file. * Local Variables: * mode: c * End: / #endif / IRS_PLATFORM_H / ��irs/resconf.h��0000644��00000005215�15125204632�0007154 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef IRS_RESCONF_H #define IRS_RESCONF_H 1 /! \file * * \brief * The IRS resconf module parses the legacy "/etc/resolv.conf" file and * creates the corresponding configuration objects for the DNS library * modules. / #include <irs/types.h> /% * A DNS search list specified in the 'domain' or 'search' statements * in the "resolv.conf" file. / typedef struct irs_resconf_search { char domain; ISC_LINK(struct irs_resconf_search) link; } irs_resconf_search_t; typedef ISC_LIST(irs_resconf_search_t) irs_resconf_searchlist_t; ISC_LANG_BEGINDECLS isc_result_t irs_resconf_load(isc_mem_t mctx, const char filename, irs_resconf_t *confp); /%< * Load the resolver configuration file 'filename' in the "resolv.conf" format, * and create a new irs_resconf_t object from the configuration. If the file * is not found ISC_R_FILENOTFOUND is returned with the structure initialized * as if file contained only: * * nameserver ::1 * nameserver 127.0.0.1 * * Notes: * \li Currently, only the following options are supported: nameserver, domain, search, sortlist, ndots, and options. * In addition, 'sortlist' is not actually effective; it's parsed, but * the application cannot use the configuration. * * Returns: * \li ISC_R_SUCCESS on success * \li ISC_R_FILENOTFOUND if the file was not found. confp will be valid. \li other on error. * * Requires: * \li 'mctx' is a valid memory context. \li 'filename' != NULL \li 'confp' != NULL && 'confp' == NULL / void irs_resconf_destroy(irs_resconf_t confp); /%< * Destroy the resconf object. * * Requires: * \li 'confp' is a valid resconf object. * * Ensures: * \li confp == NULL / isc_sockaddrlist_t irs_resconf_getnameservers(irs_resconf_t conf); /%< * Return a list of name server addresses stored in 'conf'. * * Requires: * \li 'conf' is a valid resconf object. / irs_resconf_searchlist_t * irs_resconf_getsearchlist(irs_resconf_t conf); /%< * Return the search list stored in 'conf'. * * Requires: * \li 'conf' is a valid resconf object. / unsigned int irs_resconf_getndots(irs_resconf_t conf); /%< * Return the 'ndots' value stored in 'conf'. * * Requires: * \li 'conf' is a valid resconf object. / ISC_LANG_ENDDECLS #endif /* IRS_RESCONF_H / ��irs/context.h��0000644��00000006652�15125204632�0007207 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef IRS_CONTEXT_H #define IRS_CONTEXT_H 1 /! \file * * \brief * The IRS context module provides an abstract interface to the DNS library * with an application. An IRS context object initializes and holds various * resources used in the DNS library. / #include <dns/types.h> #include <irs/types.h> ISC_LANG_BEGINDECLS isc_result_t irs_context_create(irs_context_t contextp); /%< * Create an IRS context. It internally initializes the ISC and DNS libraries * (if not yet), creates a DNS client object and initializes the client using * the configuration files parsed via the 'resconf' and 'dnsconf' IRS modules. * Some of the internally initialized objects can be used by the application * via irs_context_getxxx() functions (see below). * * Requires: * \li contextp != NULL && contextp == NULL. / isc_result_t irs_context_get(irs_context_t contextp); /%< * Return an IRS context for the calling thread. If no IRS context is * associated to the thread, this function creates a new one by calling * irs_context_create(), and associates it with the thread as a thread specific * data value. This function is provided for standard libraries that are * expected to be thread-safe but do not accept an appropriate IRS context * as a library parameter, e.g., getaddrinfo(). * * Requires: * \li contextp != NULL && contextp == NULL. / void irs_context_destroy(irs_context_t contextp); /%< * Destroy an IRS context. * * Requires: * \li 'contextp' is a valid IRS context. * * Ensures: \li 'contextp' == NULL. / isc_mem_t irs_context_getmctx(irs_context_t context); /%< * Return the memory context held in the context. * * Requires: * \li 'context' is a valid IRS context. / isc_appctx_t * irs_context_getappctx(irs_context_t context); /%< * Return the application context held in the context. * * Requires: * \li 'context' is a valid IRS context. / isc_taskmgr_t * irs_context_gettaskmgr(irs_context_t context); /%< * Return the task manager held in the context. * * Requires: * \li 'context' is a valid IRS context. / isc_timermgr_t * irs_context_gettimermgr(irs_context_t context); /%< * Return the timer manager held in the context. * * Requires: * \li 'context' is a valid IRS context. / isc_task_t * irs_context_gettask(irs_context_t context); /%< * Return the task object held in the context. * * Requires: * \li 'context' is a valid IRS context. / dns_client_t * irs_context_getdnsclient(irs_context_t context); /%< * Return the DNS client object held in the context. * * Requires: * \li 'context' is a valid IRS context. / irs_resconf_t * irs_context_getresconf(irs_context_t context); /%< * Return the resolver configuration object held in the context. * * Requires: * \li 'context' is a valid IRS context. / irs_dnsconf_t * irs_context_getdnsconf(irs_context_t context); /%< * Return the advanced DNS configuration object held in the context. * * Requires: * \li 'context' is a valid IRS context. / ISC_LANG_ENDDECLS #endif /* IRS_CONTEXT_H / ��irs/netdb.h��0000644��00000010671�15125204632�0006613 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! \file / #ifndef IRS_NETDB_H #define IRS_NETDB_H 1 #include <stddef.h> / Required on FreeBSD (and others?) for size_t. / #include <netdb.h> / Contractual provision. / / * Undefine all #defines we are interested in as <netdb.h> may or may not have * defined them. / / * Error return codes from gethostbyname() and gethostbyaddr() * (left in extern int h_errno). / #undef NETDB_INTERNAL #undef NETDB_SUCCESS #undef HOST_NOT_FOUND #undef TRY_AGAIN #undef NO_RECOVERY #undef NO_DATA #undef NO_ADDRESS #define NETDB_INTERNAL -1 / see errno / #define NETDB_SUCCESS 0 / no problem / #define HOST_NOT_FOUND 1 / Authoritative Answer Host not found / #define TRY_AGAIN 2 / Non-Authoritive Host not found, or SERVERFAIL / #define NO_RECOVERY 3 / Non recoverable errors, FORMERR, REFUSED, NOTIMP / #define NO_DATA 4 / Valid name, no data record of requested type / #define NO_ADDRESS NO_DATA / no address, look for MX record / / * Error return codes from getaddrinfo(). EAI_INSECUREDATA is our own extension * and it's very unlikely to be already defined, but undef it just in case; it * at least doesn't do any harm. / #undef EAI_ADDRFAMILY #undef EAI_AGAIN #undef EAI_BADFLAGS #undef EAI_FAIL #undef EAI_FAMILY #undef EAI_MEMORY #undef EAI_NODATA #undef EAI_NONAME #undef EAI_SERVICE #undef EAI_SOCKTYPE #undef EAI_SYSTEM #undef EAI_BADHINTS #undef EAI_PROTOCOL #undef EAI_OVERFLOW #undef EAI_INSECUREDATA #undef EAI_MAX #define EAI_ADDRFAMILY 1 / address family for hostname not supported / #define EAI_AGAIN 2 / temporary failure in name resolution / #define EAI_BADFLAGS 3 / invalid value for ai_flags / #define EAI_FAIL 4 / non-recoverable failure in name resolution / #define EAI_FAMILY 5 / ai_family not supported / #define EAI_MEMORY 6 / memory allocation failure / #define EAI_NODATA 7 / no address associated with hostname / #define EAI_NONAME 8 / hostname nor servname provided, or not known / #define EAI_SERVICE 9 / servname not supported for ai_socktype / #define EAI_SOCKTYPE 10 / ai_socktype not supported / #define EAI_SYSTEM 11 / system error returned in errno / #define EAI_BADHINTS 12 #define EAI_PROTOCOL 13 #define EAI_OVERFLOW 14 #define EAI_INSECUREDATA 15 #define EAI_MAX 16 / * Flag values for getaddrinfo() / #undef AI_PASSIVE #undef AI_CANONNAME #undef AI_NUMERICHOST #define AI_PASSIVE 0x00000001 #define AI_CANONNAME 0x00000002 #define AI_NUMERICHOST 0x00000004 / * Flag values for getipnodebyname() / #undef AI_V4MAPPED #undef AI_ALL #undef AI_ADDRCONFIG #undef AI_DEFAULT #define AI_V4MAPPED 0x00000008 #define AI_ALL 0x00000010 #define AI_ADDRCONFIG 0x00000020 #define AI_DEFAULT (AI_V4MAPPED\|AI_ADDRCONFIG) / * Constants for getnameinfo() / #undef NI_MAXHOST #undef NI_MAXSERV #define NI_MAXHOST 1025 #define NI_MAXSERV 32 / * Flag values for getnameinfo() / #undef NI_NOFQDN #undef NI_NUMERICHOST #undef NI_NAMEREQD #undef NI_NUMERICSERV #undef NI_DGRAM #undef NI_NUMERICSCOPE #define NI_NOFQDN 0x00000001 #define NI_NUMERICHOST 0x00000002 #define NI_NAMEREQD 0x00000004 #define NI_NUMERICSERV 0x00000008 #define NI_DGRAM 0x00000010 / * Define to map into irs_ namespace. / #define IRS_NAMESPACE #ifdef IRS_NAMESPACE / * Use our versions not the ones from the C library. / #ifdef getnameinfo #undef getnameinfo #endif #define getnameinfo irs_getnameinfo #ifdef getaddrinfo #undef getaddrinfo #endif #define getaddrinfo irs_getaddrinfo #ifdef freeaddrinfo #undef freeaddrinfo #endif #define freeaddrinfo irs_freeaddrinfo #ifdef gai_strerror #undef gai_strerror #endif #define gai_strerror irs_gai_strerror int getaddrinfo(const char hostname, const char servname, const struct addrinfo hints, struct addrinfo *res); int getnameinfo(const struct sockaddr sa, socklen_t salen, char host, socklen_t hostlen, char serv, socklen_t servlen, int flags); void freeaddrinfo (struct addrinfo ai); const char gai_strerror(int ecode); #endif /* IRS_NAMESPACE / / * Tell Emacs to use C mode on this file. * Local variables: * mode: c * End: / #endif / IRS_NETDB_H / ��irs/types.h��0000644��00000001377�15125204632�0006666 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef IRS_TYPES_H #define IRS_TYPES_H 1 / Core Types. Alphabetized by defined type. / /%< per-thread IRS context / typedef struct irs_context irs_context_t; /%< resolv.conf configuration information / typedef struct irs_resconf irs_resconf_t; /%< advanced DNS-related configuration information / typedef struct irs_dnsconf irs_dnsconf_t; #endif / IRS_TYPES_H / ��irs/version.h��0000644��00000000745�15125204632�0007205 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! \file / #include <irs/platform.h> LIBIRS_EXTERNAL_DATA extern const char irs_version[]; ��irs/dnsconf.h��0000644��00000004661�15125204632�0007153 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef IRS_DNSCONF_H #define IRS_DNSCONF_H 1 /! \file * * \brief * The IRS dnsconf module parses an "advanced" configuration file related to * the DNS library, such as trust anchors for DNSSEC validation, and creates * the corresponding configuration objects for the DNS library modules. * * Notes: * This module is very experimental and the configuration syntax or library * interfaces may change in future versions. Currently, only static * key configuration is supported; "trusted-keys" and "trust-anchors"/ * "managed-keys" statements will be parsed exactly as they are in * named.conf, except that "trust-anchors" and "managed-keys" entries will * be treated as if they were configured with "static-key", even if they * were actually configured with "initial-key". / #include <irs/types.h> /% * A compound structure storing DNS key information mainly for DNSSEC * validation. A dns_key_t object will be created using the 'keyname' and * 'keydatabuf' members with the dst_key_fromdns() function. / typedef struct irs_dnsconf_dnskey { dns_name_t keyname; isc_buffer_t keydatabuf; ISC_LINK(struct irs_dnsconf_dnskey) link; } irs_dnsconf_dnskey_t; typedef ISC_LIST(irs_dnsconf_dnskey_t) irs_dnsconf_dnskeylist_t; ISC_LANG_BEGINDECLS isc_result_t irs_dnsconf_load(isc_mem_t mctx, const char filename, irs_dnsconf_t confp); /%< * Load the "advanced" DNS configuration file 'filename' in the "dns.conf" * format, and create a new irs_dnsconf_t object from the configuration. * * Requires: * \li 'mctx' is a valid memory context. \li 'filename' != NULL \li 'confp' != NULL && 'confp' == NULL / void irs_dnsconf_destroy(irs_dnsconf_t confp); /%< * Destroy the dnsconf object. * * Requires: * \li 'confp' is a valid dnsconf object. * * Ensures: * \li confp == NULL / irs_dnsconf_dnskeylist_t irs_dnsconf_gettrustedkeys(irs_dnsconf_t conf); /%< * Return a list of key information stored in 'conf'. * * Requires: * \li 'conf' is a valid dnsconf object. / ISC_LANG_ENDDECLS #endif /* IRS_DNSCONF_H / ��isc/list.h��0000644��00000017625�15125204632�0006461 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_LIST_H #define ISC_LIST_H 1 #include <isc/assertions.h> #ifdef ISC_LIST_CHECKINIT #define ISC_LINK_INSIST(x) ISC_INSIST(x) #else / ifdef ISC_LIST_CHECKINIT / #define ISC_LINK_INSIST(x) #endif / ifdef ISC_LIST_CHECKINIT / #define ISC_LIST(type) \ struct { \ type head, tail; \ } #define ISC_LIST_INIT(list) \ do { \ (list).head = NULL; \ (list).tail = NULL; \ } while (0) #define ISC_LINK(type) \ struct { \ type prev, next; \ } #define ISC_LINK_INIT_TYPE(elt, link, type) \ do { \ (elt)->link.prev = (type )(-1); \ (elt)->link.next = (type )(-1); \ } while (0) #define ISC_LINK_INIT(elt, link) ISC_LINK_INIT_TYPE(elt, link, void) #define ISC_LINK_LINKED(elt, link) ((void )((elt)->link.prev) != (void )(-1)) #define ISC_LIST_HEAD(list) ((list).head) #define ISC_LIST_TAIL(list) ((list).tail) #define ISC_LIST_EMPTY(list) ((list).head == NULL) #define __ISC_LIST_PREPENDUNSAFE(list, elt, link) \ do { \ if ((list).head != NULL) { \ (list).head->link.prev = (elt); \ } else { \ (list).tail = (elt); \ } \ (elt)->link.prev = NULL; \ (elt)->link.next = (list).head; \ (list).head = (elt); \ } while (0) #define ISC_LIST_PREPEND(list, elt, link) \ do { \ ISC_LINK_INSIST(!ISC_LINK_LINKED(elt, link)); \ __ISC_LIST_PREPENDUNSAFE(list, elt, link); \ } while (0) #define ISC_LIST_INITANDPREPEND(list, elt, link) \ __ISC_LIST_PREPENDUNSAFE(list, elt, link) #define __ISC_LIST_APPENDUNSAFE(list, elt, link) \ do { \ if ((list).tail != NULL) { \ (list).tail->link.next = (elt); \ } else { \ (list).head = (elt); \ } \ (elt)->link.prev = (list).tail; \ (elt)->link.next = NULL; \ (list).tail = (elt); \ } while (0) #define ISC_LIST_APPEND(list, elt, link) \ do { \ ISC_LINK_INSIST(!ISC_LINK_LINKED(elt, link)); \ __ISC_LIST_APPENDUNSAFE(list, elt, link); \ } while (0) #define ISC_LIST_INITANDAPPEND(list, elt, link) \ __ISC_LIST_APPENDUNSAFE(list, elt, link) #define __ISC_LIST_UNLINKUNSAFE_TYPE(list, elt, link, type) \ do { \ if ((elt)->link.next != NULL) { \ (elt)->link.next->link.prev = (elt)->link.prev; \ } else { \ ISC_INSIST((list).tail == (elt)); \ (list).tail = (elt)->link.prev; \ } \ if ((elt)->link.prev != NULL) { \ (elt)->link.prev->link.next = (elt)->link.next; \ } else { \ ISC_INSIST((list).head == (elt)); \ (list).head = (elt)->link.next; \ } \ (elt)->link.prev = (type )(-1); \ (elt)->link.next = (type )(-1); \ ISC_INSIST((list).head != (elt)); \ ISC_INSIST((list).tail != (elt)); \ } while (0) #define __ISC_LIST_UNLINKUNSAFE(list, elt, link) \ __ISC_LIST_UNLINKUNSAFE_TYPE(list, elt, link, void) #define ISC_LIST_UNLINK_TYPE(list, elt, link, type) \ do { \ ISC_LINK_INSIST(ISC_LINK_LINKED(elt, link)); \ __ISC_LIST_UNLINKUNSAFE_TYPE(list, elt, link, type); \ } while (0) #define ISC_LIST_UNLINK(list, elt, link) \ ISC_LIST_UNLINK_TYPE(list, elt, link, void) #define ISC_LIST_PREV(elt, link) ((elt)->link.prev) #define ISC_LIST_NEXT(elt, link) ((elt)->link.next) #define __ISC_LIST_INSERTBEFOREUNSAFE(list, before, elt, link) \ do { \ if ((before)->link.prev == NULL) { \ ISC_LIST_PREPEND(list, elt, link); \ } else { \ (elt)->link.prev = (before)->link.prev; \ (before)->link.prev = (elt); \ (elt)->link.prev->link.next = (elt); \ (elt)->link.next = (before); \ } \ } while (0) #define ISC_LIST_INSERTBEFORE(list, before, elt, link) \ do { \ ISC_LINK_INSIST(ISC_LINK_LINKED(before, link)); \ ISC_LINK_INSIST(!ISC_LINK_LINKED(elt, link)); \ __ISC_LIST_INSERTBEFOREUNSAFE(list, before, elt, link); \ } while (0) #define __ISC_LIST_INSERTAFTERUNSAFE(list, after, elt, link) \ do { \ if ((after)->link.next == NULL) { \ ISC_LIST_APPEND(list, elt, link); \ } else { \ (elt)->link.next = (after)->link.next; \ (after)->link.next = (elt); \ (elt)->link.next->link.prev = (elt); \ (elt)->link.prev = (after); \ } \ } while (0) #define ISC_LIST_INSERTAFTER(list, after, elt, link) \ do { \ ISC_LINK_INSIST(ISC_LINK_LINKED(after, link)); \ ISC_LINK_INSIST(!ISC_LINK_LINKED(elt, link)); \ __ISC_LIST_INSERTAFTERUNSAFE(list, after, elt, link); \ } while (0) #define ISC_LIST_APPENDLIST(list1, list2, link) \ do { \ if (ISC_LIST_EMPTY(list1)) { \ (list1) = (list2); \ } else if (!ISC_LIST_EMPTY(list2)) { \ (list1).tail->link.next = (list2).head; \ (list2).head->link.prev = (list1).tail; \ (list1).tail = (list2).tail; \ } \ (list2).head = NULL; \ (list2).tail = NULL; \ } while (0) #define ISC_LIST_PREPENDLIST(list1, list2, link) \ do { \ if (ISC_LIST_EMPTY(list1)) { \ (list1) = (list2); \ } else if (!ISC_LIST_EMPTY(list2)) { \ (list2).tail->link.next = (list1).head; \ (list1).head->link.prev = (list2).tail; \ (list1).head = (list2).head; \ } \ (list2).head = NULL; \ (list2).tail = NULL; \ } while (0) #define ISC_LIST_ENQUEUE(list, elt, link) ISC_LIST_APPEND(list, elt, link) #define __ISC_LIST_ENQUEUEUNSAFE(list, elt, link) \ __ISC_LIST_APPENDUNSAFE(list, elt, link) #define ISC_LIST_DEQUEUE(list, elt, link) \ ISC_LIST_UNLINK_TYPE(list, elt, link, void) #define ISC_LIST_DEQUEUE_TYPE(list, elt, link, type) \ ISC_LIST_UNLINK_TYPE(list, elt, link, type) #define __ISC_LIST_DEQUEUEUNSAFE(list, elt, link) \ __ISC_LIST_UNLINKUNSAFE_TYPE(list, elt, link, void) #define __ISC_LIST_DEQUEUEUNSAFE_TYPE(list, elt, link, type) \ __ISC_LIST_UNLINKUNSAFE_TYPE(list, elt, link, type) #endif / ISC_LIST_H / ��isc/netscope.h��0000644��00000001706�15125204632�0007317 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_NETSCOPE_H #define ISC_NETSCOPE_H 1 /! \file isc/netscope.h / #include <inttypes.h> ISC_LANG_BEGINDECLS /% * Convert a string of an IPv6 scope zone to zone index. If the conversion * succeeds, 'zoneid' will store the index value. * * XXXJT: when a standard interface for this purpose is defined, * we should use it. * * Returns: * \li ISC_R_SUCCESS: conversion succeeds * \li ISC_R_FAILURE: conversion fails / isc_result_t isc_netscope_pton(int af, char scopename, void addr, uint32_t zoneid); ISC_LANG_ENDDECLS #endif /* ISC_NETSCOPE_H / ��isc/os.h��0000644��00000001375�15125204632�0006122 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_OS_H #define ISC_OS_H 1 /! \file isc/os.h / #include <isc/lang.h> ISC_LANG_BEGINDECLS /%< * Hardcode the L1 cacheline size of the CPU to 64. / #define ISC_OS_CACHELINE_SIZE 64 unsigned int isc_os_ncpus(void); /%< * Return the number of CPUs available on the system, or 1 if this cannot * be determined. / ISC_LANG_ENDDECLS #endif / ISC_OS_H / ��isc/result.h��0000644��00000012714�15125204632�0007016 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_RESULT_H #define ISC_RESULT_H 1 /! \file isc/result.h / #include <isc/lang.h> #include <isc/types.h> #define ISC_R_SUCCESS 0 /%< success / #define ISC_R_NOMEMORY 1 /%< out of memory / #define ISC_R_TIMEDOUT 2 /%< timed out / #define ISC_R_NOTHREADS 3 /%< no available threads / #define ISC_R_ADDRNOTAVAIL 4 /%< address not available / #define ISC_R_ADDRINUSE 5 /%< address in use / #define ISC_R_NOPERM 6 /%< permission denied / #define ISC_R_NOCONN 7 /%< no pending connections / #define ISC_R_NETUNREACH 8 /%< network unreachable / #define ISC_R_HOSTUNREACH 9 /%< host unreachable / #define ISC_R_NETDOWN 10 /%< network down / #define ISC_R_HOSTDOWN 11 /%< host down / #define ISC_R_CONNREFUSED 12 /%< connection refused / #define ISC_R_NORESOURCES 13 /%< not enough free resources / #define ISC_R_EOF 14 /%< end of file / #define ISC_R_BOUND 15 /%< socket already bound / #define ISC_R_RELOAD 16 /%< reload / #define ISC_R_SUSPEND ISC_R_RELOAD /%< alias of 'reload' / #define ISC_R_LOCKBUSY 17 /%< lock busy / #define ISC_R_EXISTS 18 /%< already exists / #define ISC_R_NOSPACE 19 /%< ran out of space / #define ISC_R_CANCELED 20 /%< operation canceled / #define ISC_R_NOTBOUND 21 /%< socket is not bound / #define ISC_R_SHUTTINGDOWN 22 /%< shutting down / #define ISC_R_NOTFOUND 23 /%< not found / #define ISC_R_UNEXPECTEDEND 24 /%< unexpected end of input / #define ISC_R_FAILURE 25 /%< generic failure / #define ISC_R_IOERROR 26 /%< I/O error / #define ISC_R_NOTIMPLEMENTED 27 /%< not implemented / #define ISC_R_UNBALANCED 28 /%< unbalanced parentheses / #define ISC_R_NOMORE 29 /%< no more / #define ISC_R_INVALIDFILE 30 /%< invalid file / #define ISC_R_BADBASE64 31 /%< bad base64 encoding / #define ISC_R_UNEXPECTEDTOKEN 32 /%< unexpected token / #define ISC_R_QUOTA 33 /%< quota reached / #define ISC_R_UNEXPECTED 34 /%< unexpected error / #define ISC_R_ALREADYRUNNING 35 /%< already running / #define ISC_R_IGNORE 36 /%< ignore / #define ISC_R_MASKNONCONTIG 37 /%< addr mask not contiguous / #define ISC_R_FILENOTFOUND 38 /%< file not found / #define ISC_R_FILEEXISTS 39 /%< file already exists / #define ISC_R_NOTCONNECTED 40 /%< socket is not connected / #define ISC_R_RANGE 41 /%< out of range / #define ISC_R_NOENTROPY 42 /%< out of entropy / #define ISC_R_MULTICAST 43 /%< invalid use of multicast / #define ISC_R_NOTFILE 44 /%< not a file / #define ISC_R_NOTDIRECTORY 45 /%< not a directory / #define ISC_R_EMPTY 46 /%< queue is empty / #define ISC_R_FAMILYMISMATCH 47 /%< address family mismatch / #define ISC_R_FAMILYNOSUPPORT 48 /%< AF not supported / #define ISC_R_BADHEX 49 /%< bad hex encoding / #define ISC_R_TOOMANYOPENFILES 50 /%< too many open files / #define ISC_R_NOTBLOCKING 51 /%< not blocking / #define ISC_R_UNBALANCEDQUOTES 52 /%< unbalanced quotes / #define ISC_R_INPROGRESS 53 /%< operation in progress / #define ISC_R_CONNECTIONRESET 54 /%< connection reset / #define ISC_R_SOFTQUOTA 55 /%< soft quota reached / #define ISC_R_BADNUMBER 56 /%< not a valid number / #define ISC_R_DISABLED 57 /%< disabled / #define ISC_R_MAXSIZE 58 /%< max size / #define ISC_R_BADADDRESSFORM 59 /%< invalid address format / #define ISC_R_BADBASE32 60 /%< bad base32 encoding / #define ISC_R_UNSET 61 /%< unset / #define ISC_R_MULTIPLE 62 /%< multiple / #define ISC_R_WOULDBLOCK 63 /%< would block / #define ISC_R_COMPLETE 64 /%< complete / #define ISC_R_CRYPTOFAILURE 65 /%< cryptography library failure / #define ISC_R_DISCQUOTA 66 /%< disc quota / #define ISC_R_DISCFULL 67 /%< disc full / #define ISC_R_DEFAULT 68 /%< default / #define ISC_R_IPV4PREFIX 69 /%< IPv4 prefix / #define ISC_R_TLSERROR 70 /%< TLS error / #define ISC_R_HTTP2ALPNERROR 71 /%< ALPN for HTTP/2 failed / /% Not a result code: the number of results. / #define ISC_R_NRESULTS 72 ISC_LANG_BEGINDECLS const char isc_result_totext(isc_result_t); /%< Convert an isc_result_t into a string message describing the result. / const char isc_result_toid(isc_result_t); /%< Convert an isc_result_t into a string identifier such as * "ISC_R_SUCCESS". / isc_result_t isc_result_register(unsigned int base, unsigned int nresults, const char text, int set); isc_result_t isc_result_registerids(unsigned int base, unsigned int nresults, const char ids, int set); ISC_LANG_ENDDECLS #endif / ISC_RESULT_H / ��isc/once.h��0000644��00000001377�15125204632�0006427 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_ONCE_H #define ISC_ONCE_H 1 /! \file / #include <pthread.h> #include <isc/platform.h> #include <isc/result.h> typedef pthread_once_t isc_once_t; #define ISC_ONCE_INIT PTHREAD_ONCE_INIT / XXX We could do fancier error handling... / #define isc_once_do(op, f) \ ((pthread_once((op), (f)) == 0) ? ISC_R_SUCCESS : ISC_R_UNEXPECTED) #endif / ISC_ONCE_H / ��isc/print.h��0000644��00000001250�15125204632�0006625 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_PRINT_H #define ISC_PRINT_H 1 /! \file isc/print.h / / * Imports **/ #include <isc/formatcheck.h> / Required for ISC_FORMAT_PRINTF() macro. / #include <isc/lang.h> #include <isc/platform.h> / * Functions **/ #include <stdio.h> #endif / ISC_PRINT_H / ��isc/ht.h��0000644��00000010605�15125204632�0006110 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / ! \file / #pragma once #include <inttypes.h> #include <string.h> #include <isc/result.h> #include <isc/types.h> typedef struct isc_ht isc_ht_t; typedef struct isc_ht_iter isc_ht_iter_t; enum { ISC_HT_CASE_SENSITIVE = 0x00, ISC_HT_CASE_INSENSITIVE = 0x01 }; /% * Initialize hashtable at htp, using memory context and size of (1<<bits) * If 'options' contains ISC_HT_CASE_INSENSITIVE, then upper- and lower-case * letters in key values will generate the same hash values; this can be used * when the key for a hash table is a DNS name. * * Requires: \li 'htp' is not NULL and 'htp' is NULL. \li 'mctx' is a valid memory context. \li 'bits' >=1 and 'bits' <=32 * * Returns: \li #ISC_R_NOMEMORY -- not enough memory to create pool \li #ISC_R_SUCCESS -- all is well. / isc_result_t isc_ht_init(isc_ht_t htp, isc_mem_t mctx, uint8_t bits, unsigned int options); /% Destroy hashtable, freeing everything * * Requires: * \li 'htp' is valid hashtable / void isc_ht_destroy(isc_ht_t *htp); /% * Add a node to hashtable, pointed by binary key 'key' of size 'keysize'; * set its value to 'value' * * Requires: \li 'ht' is a valid hashtable \li write-lock * * Returns: \li #ISC_R_NOMEMORY -- not enough memory to create pool \li #ISC_R_EXISTS -- node of the same key already exists \li #ISC_R_SUCCESS -- all is well. / isc_result_t isc_ht_add(isc_ht_t ht, const unsigned char key, const uint32_t keysize, void value); /% * Find a node matching 'key'/'keysize' in hashtable 'ht'; * if found, set 'valuep' to its value. (If 'valuep' is NULL, then simply return SUCCESS or NOTFOUND to indicate whether the * key exists in the hashtable.) * * Requires: * \li 'ht' is a valid hashtable * \li read-lock * * Returns: * \li #ISC_R_SUCCESS -- success * \li #ISC_R_NOTFOUND -- key not found / isc_result_t isc_ht_find(const isc_ht_t ht, const unsigned char key, const uint32_t keysize, void valuep); /% * Delete node from hashtable * * Requires: \li ht is a valid hashtable \li write-lock * * Returns: \li #ISC_R_NOTFOUND -- key not found \li #ISC_R_SUCCESS -- all is well / isc_result_t isc_ht_delete(isc_ht_t ht, const unsigned char key, const uint32_t keysize); /% * Create an iterator for the hashtable; point 'itp' to it. * Requires: \li 'ht' is a valid hashtable \li 'itp' is non NULL and 'itp' is NULL. / isc_result_t isc_ht_iter_create(isc_ht_t ht, isc_ht_iter_t itp); /% * Destroy the iterator 'itp', set it to NULL * Requires: \li 'itp' is non NULL and 'itp' is non NULL. / void isc_ht_iter_destroy(isc_ht_iter_t itp); /% * Set an iterator to the first entry. * * Requires: \li 'it' is non NULL. * Returns: * \li #ISC_R_SUCCESS -- success * \li #ISC_R_NOMORE -- no data in the hashtable / isc_result_t isc_ht_iter_first(isc_ht_iter_t it); /% Set an iterator to the next entry. * * Requires: \li 'it' is non NULL. * Returns: * \li #ISC_R_SUCCESS -- success * \li #ISC_R_NOMORE -- end of hashtable reached / isc_result_t isc_ht_iter_next(isc_ht_iter_t it); /% Delete current entry and set an iterator to the next entry. * * Requires: \li 'it' is non NULL. * Returns: * \li #ISC_R_SUCCESS -- success * \li #ISC_R_NOMORE -- end of hashtable reached / isc_result_t isc_ht_iter_delcurrent_next(isc_ht_iter_t it); /% Set 'value' to the current value under the iterator * * Requires: \li 'it' is non NULL. \li 'valuep' is non NULL and 'valuep' is NULL. / void isc_ht_iter_current(isc_ht_iter_t it, void valuep); /% * Set 'key' and 'keysize to the current key and keysize for the value * under the iterator * * Requires: \li 'it' is non NULL. \li 'key' is non NULL and 'key' is NULL. \li 'keysize' is non NULL. / void isc_ht_iter_currentkey(isc_ht_iter_t it, unsigned char *key, size_t keysize); /% Returns the number of items in the hashtable. * * Requires: \li 'ht' is a valid hashtable / size_t isc_ht_count(const isc_ht_t ht); ��isc/app.h��0000644��00000015743�15125204632�0006265 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_APP_H #define ISC_APP_H 1 /** * Module Info **/ /! \file isc/app.h * \brief ISC Application Support * * Dealing with program termination can be difficult, especially in a * multithreaded program. The routines in this module help coordinate * the shutdown process. They are used as follows by the initial (main) * thread of the application: * \li isc_app_start(); Call very early in main(), before any other threads have been created. * \li isc_app_run(); This will post any on-run events, and then block until application * shutdown is requested. A shutdown * request is made by calling * isc_app_shutdown(), or by sending * SIGINT or SIGTERM to the process. * After isc_app_run() returns, the * application should shutdown itself. * \li isc_app_finish(); Call very late in main(). * Applications that want to use SIGHUP/isc_app_reload() to trigger reloading * should check the result of isc_app_run() and call the reload routine if * the result is ISC_R_RELOAD. They should then call isc_app_run() again * to resume waiting for reload or termination. * * Use of this module is not required. In particular, isc_app_start() is * NOT an ISC library initialization routine. * * This module also supports per-thread 'application contexts'. With this * mode, a thread-based application will have a separate context, in which * it uses other ISC library services such as tasks or timers. Signals are * not caught in this mode, so that the application can handle the signals * in its preferred way. * * \li MP: * Clients must ensure that isc_app_start(), isc_app_run(), and * isc_app_finish() are called at most once. isc_app_shutdown() * is safe to use by any thread (provided isc_app_start() has been * called previously). * * The same note applies to isc_app_ctxXXX() functions, but in this case * it's a per-thread restriction. For example, a thread with an * application context must ensure that isc_app_ctxstart() with the * context is called at most once. * * \li Reliability: * No anticipated impact. * * \li Resources: * None. * * \li Security: * No anticipated impact. * * \li Standards: * None. / #include <stdbool.h> #include <isc/eventclass.h> #include <isc/lang.h> #include <isc/magic.h> #include <isc/result.h> / * Types **/ typedef isc_event_t isc_appevent_t; #define ISC_APPEVENT_FIRSTEVENT (ISC_EVENTCLASS_APP + 0) #define ISC_APPEVENT_SHUTDOWN (ISC_EVENTCLASS_APP + 1) #define ISC_APPEVENT_LASTEVENT (ISC_EVENTCLASS_APP + 65535) ISC_LANG_BEGINDECLS isc_result_t isc_app_ctxstart(isc_appctx_t ctx); isc_result_t isc_app_start(void); /!< \brief Start an ISC library application. * * Notes: * This call should be made before any other ISC library call, and as * close to the beginning of the application as possible. * * Requires: \li 'ctx' is a valid application context (for app_ctxstart()). / isc_result_t isc_app_ctxonrun(isc_appctx_t ctx, isc_mem_t mctx, isc_task_t task, isc_taskaction_t action, void arg); isc_result_t isc_app_onrun(isc_mem_t mctx, isc_task_t task, isc_taskaction_t action, void arg); /!< * \brief Request delivery of an event when the application is run. * * Requires: \li isc_app_start() has been called. \li 'ctx' is a valid application context (for app_ctxonrun()). * * Returns: * ISC_R_SUCCESS * ISC_R_NOMEMORY / isc_result_t isc_app_ctxrun(isc_appctx_t ctx); isc_result_t isc_app_run(void); /!< \brief Run an ISC library application. * * Notes: \li The caller (typically the initial thread of an application) will block until shutdown is requested. When the call returns, the * caller should start shutting down the application. * * Requires: \li isc_app_[ctx]start() has been called. * Ensures: \li Any events requested via isc_app_onrun() will have been posted (in FIFO order) before isc_app_run() blocks. \li 'ctx' is a valid application context (for app_ctxrun()). * Returns: \li ISC_R_SUCCESS Shutdown has been requested. \li ISC_R_RELOAD Reload has been requested. / bool isc_app_isrunning(void); /!< * \brief Return if the ISC library application is running. * * Returns: \li true App is running. \li false App is not running. / void isc_app_ctxshutdown(isc_appctx_t ctx); void isc_app_shutdown(void); /!< \brief Request application shutdown. * * Notes: \li It is safe to call isc_app_shutdown() multiple times. Shutdown will only be triggered once. * * Requires: \li isc_app_[ctx]run() has been called. \li 'ctx' is a valid application context (for app_ctxshutdown()). * * Returns: \li ISC_R_SUCCESS \li ISC_R_UNEXPECTED / void isc_app_ctxsuspend(isc_appctx_t ctx); /!< \brief This has the same behavior as isc_app_ctxsuspend(). / void isc_app_reload(void); /!< * \brief Request application reload. * * Requires: \li isc_app_run() has been called. * Returns: \li ISC_R_SUCCESS \li ISC_R_UNEXPECTED / void isc_app_ctxfinish(isc_appctx_t ctx); void isc_app_finish(void); /!< \brief Finish an ISC library application. * * Notes: \li This call should be made at or near the end of main(). * Requires: \li isc_app_start() has been called. \li 'ctx' is a valid application context (for app_ctxfinish()). * * Ensures: \li Any resources allocated by isc_app_start() have been released. / void isc_app_block(void); /!< \brief Indicate that a blocking operation will be performed. * * Notes: \li If a blocking operation is in process, a call to isc_app_shutdown() or an external signal will abort the program, rather than allowing * clean shutdown. This is primarily useful for reading user input. * * Requires: * \li isc_app_start() has been called. * \li No other blocking operations are in progress. / void isc_app_unblock(void); /!< * \brief Indicate that a blocking operation is complete. * * Notes: * \li When a blocking operation has completed, return the program to a * state where a call to isc_app_shutdown() or an external signal will * shutdown normally. * * Requires: * \li isc_app_start() has been called. * \li isc_app_block() has been called by the same thread. / isc_result_t isc_appctx_create(isc_mem_t mctx, isc_appctx_t *ctxp); /!< * \brief Create an application context. * * Requires: \li 'mctx' is a valid memory context. \li 'ctxp' != NULL && ctxp == NULL. / void isc_appctx_destroy(isc_appctx_t *ctxp); /!< * \brief Destroy an application context. * * Requires: \li 'ctxp' is a valid application context. * * Ensures: \li ctxp == NULL. / ISC_LANG_ENDDECLS #endif / ISC_APP_H / ��isc/condition.h��0000644��00000003572�15125204632�0007470 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once /! \file / #include <errno.h> #include <isc/error.h> #include <isc/lang.h> #include <isc/mutex.h> #include <isc/result.h> #include <isc/strerr.h> #include <isc/string.h> #include <isc/types.h> typedef pthread_cond_t isc_condition_t; #define isc_condition_init(cond) \ if (pthread_cond_init(cond, NULL) != 0) { \ char isc_condition_strbuf[ISC_STRERRORSIZE]; \ strerror_r(errno, isc_condition_strbuf, \ sizeof(isc_condition_strbuf)); \ isc_error_fatal(__FILE__, __LINE__, \ "pthread_cond_init failed: %s", \ isc_condition_strbuf); \ } #if ISC_MUTEX_PROFILE #define isc_condition_wait(cp, mp) \ ((pthread_cond_wait((cp), &((mp)->mutex)) == 0) ? ISC_R_SUCCESS \ : ISC_R_UNEXPECTED) #else / if ISC_MUTEX_PROFILE / #define isc_condition_wait(cp, mp) \ ((pthread_cond_wait((cp), (mp)) == 0) ? ISC_R_SUCCESS \ : ISC_R_UNEXPECTED) #endif / if ISC_MUTEX_PROFILE / #define isc_condition_signal(cp) \ ((pthread_cond_signal((cp)) == 0) ? ISC_R_SUCCESS : ISC_R_UNEXPECTED) #define isc_condition_broadcast(cp) \ ((pthread_cond_broadcast((cp)) == 0) ? ISC_R_SUCCESS : ISC_R_UNEXPECTED) #define isc_condition_destroy(cp) \ ((pthread_cond_destroy((cp)) == 0) ? ISC_R_SUCCESS : ISC_R_UNEXPECTED) ISC_LANG_BEGINDECLS isc_result_t isc_condition_waituntil(isc_condition_t , isc_mutex_t , isc_time_t ); ISC_LANG_ENDDECLS ��isc/md.h��0000644��00000013200�15125204632�0006067 0��ustar�00��/* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! * \file isc/md.h * \brief This is the header file for message digest algorithms. / #pragma once #include <isc/lang.h> #include <isc/platform.h> #include <isc/result.h> #include <isc/types.h> typedef void isc_md_t; /* * isc_md_type_t: * @ISC_MD_MD5: MD5 * @ISC_MD_SHA1: SHA-1 * @ISC_MD_SHA224: SHA-224 * @ISC_MD_SHA256: SHA-256 * @ISC_MD_SHA384: SHA-384 * @ISC_MD_SHA512: SHA-512 * * Enumeration of supported message digest algorithms. / typedef void isc_md_type_t; #define ISC_MD_MD5 isc__md_md5() #define ISC_MD_SHA1 isc__md_sha1() #define ISC_MD_SHA224 isc__md_sha224() #define ISC_MD_SHA256 isc__md_sha256() #define ISC_MD_SHA384 isc__md_sha384() #define ISC_MD_SHA512 isc__md_sha512() const isc_md_type_t isc__md_md5(void); const isc_md_type_t * isc__md_sha1(void); const isc_md_type_t * isc__md_sha224(void); const isc_md_type_t * isc__md_sha256(void); const isc_md_type_t * isc__md_sha384(void); const isc_md_type_t * isc__md_sha512(void); #define ISC_MD5_DIGESTLENGTH isc_md_type_get_size(ISC_MD_MD5) #define ISC_MD5_BLOCK_LENGTH isc_md_type_get_block_size(ISC_MD_MD5) #define ISC_SHA1_DIGESTLENGTH isc_md_type_get_size(ISC_MD_SHA1) #define ISC_SHA1_BLOCK_LENGTH isc_md_type_get_block_size(ISC_MD_SHA1) #define ISC_SHA224_DIGESTLENGTH isc_md_type_get_size(ISC_MD_SHA224) #define ISC_SHA224_BLOCK_LENGTH isc_md_type_get_block_size(ISC_MD_SHA224) #define ISC_SHA256_DIGESTLENGTH isc_md_type_get_size(ISC_MD_SHA256) #define ISC_SHA256_BLOCK_LENGTH isc_md_type_get_block_size(ISC_MD_SHA256) #define ISC_SHA384_DIGESTLENGTH isc_md_type_get_size(ISC_MD_SHA384) #define ISC_SHA384_BLOCK_LENGTH isc_md_type_get_block_size(ISC_MD_SHA384) #define ISC_SHA512_DIGESTLENGTH isc_md_type_get_size(ISC_MD_SHA512) #define ISC_SHA512_BLOCK_LENGTH isc_md_type_get_block_size(ISC_MD_SHA512) #define ISC_MAX_MD_SIZE 64U /* EVP_MAX_MD_SIZE / #define ISC_MAX_BLOCK_SIZE 128U / ISC_SHA512_BLOCK_LENGTH / /* * isc_md: * @type: the digest type * @buf: the data to hash * @len: the length of the data to hash * @digest: the output buffer * @digestlen: the length of the data written to @digest * * This function hashes @len bytes of data at @buf and places the result in * @digest. If the @digestlen parameter is not NULL then the number of bytes of * data written (i.e. the length of the digest) will be written to the integer * at @digestlen, at most ISC_MAX_MD_SIZE bytes will be written. / isc_result_t isc_md(const isc_md_type_t type, const unsigned char buf, const size_t len, unsigned char digest, unsigned int digestlen); /* * isc_md_new: * * This function allocates, initializes and returns a digest context. / isc_md_t isc_md_new(void); /** * isc_md_free: * @md: message digest context * * This function cleans up digest context ctx and frees up the space allocated * to it. / void isc_md_free(isc_md_t ); /** * isc_md_init: * @md: message digest context * @type: digest type * * This function sets up digest context @md to use a digest @type. @md must be * initialized before calling this function. / isc_result_t isc_md_init(isc_md_t , const isc_md_type_t md_type); /* * isc_md_reset: * @md: message digest context * * This function resets the digest context ctx. This can be used to reuse an * already existing context. / isc_result_t isc_md_reset(isc_md_t md); /** * isc_md_update: * @md: message digest context * @buf: data to hash * @len: length of the data to hash * * This function hashes @len bytes of data at @buf into the digest context @md. * This function can be called several times on the same @md to hash additional * data. / isc_result_t isc_md_update(isc_md_t md, const unsigned char buf, const size_t len); /* * isc_md_final: * @md: message digest context * @digest: the output buffer * @digestlen: the length of the data written to @digest * * This function retrieves the digest value from @md and places it in @digest. * If the @digestlen parameter is not NULL then the number of bytes of data * written (i.e. the length of the digest) will be written to the integer at * @digestlen, at most ISC_MAX_MD_SIZE bytes will be written. After calling * this function no additional calls to isc_md_update() can be made. / isc_result_t isc_md_final(isc_md_t md, unsigned char digest, unsigned int digestlen); /** * isc_md_get_type: * @md: message digest contezt * * This function return the isc_md_type_t previously set for the supplied * message digest context or NULL if no isc_md_type_t has been set. / const isc_md_type_t isc_md_get_md_type(isc_md_t md); /* * isc_md_size: * * This function return the size of the message digest when passed an isc_md_t * structure, i.e. the size of the hash. / size_t isc_md_get_size(isc_md_t md); /** * isc_md_block_size: * * This function return the block size of the message digest when passed an * isc_md_t structure. / size_t isc_md_get_block_size(isc_md_t md); /** * isc_md_size: * * This function return the size of the message digest when passed an * isc_md_type_t , i.e. the size of the hash. / size_t isc_md_type_get_size(const isc_md_type_t md_type); /** * isc_md_block_size: * * This function return the block size of the message digest when passed an * isc_md_type_t. / size_t isc_md_type_get_block_size(const isc_md_type_t md_type); ��isc/netaddr.h��0000644��00000011262�15125204632�0007116 0��ustar�00��/* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_NETADDR_H #define ISC_NETADDR_H 1 /! \file isc/netaddr.h / #include <inttypes.h> #include <stdbool.h> #include <isc/lang.h> #include <isc/net.h> #include <isc/types.h> #ifdef ISC_PLATFORM_HAVESYSUNH #include <sys/types.h> #include <sys/un.h> #endif / ifdef ISC_PLATFORM_HAVESYSUNH / ISC_LANG_BEGINDECLS struct isc_netaddr { unsigned int family; union { struct in_addr in; struct in6_addr in6; #ifdef ISC_PLATFORM_HAVESYSUNH char un[sizeof(((struct sockaddr_un )0)->sun_path)]; #endif /* ifdef ISC_PLATFORM_HAVESYSUNH / } type; uint32_t zone; }; bool isc_netaddr_equal(const isc_netaddr_t a, const isc_netaddr_t b); /%< * Compare network addresses 'a' and 'b'. Return #true if * they are equal, #false if not. / bool isc_netaddr_eqprefix(const isc_netaddr_t a, const isc_netaddr_t b, unsigned int prefixlen); /%< * Compare the 'prefixlen' most significant bits of the network * addresses 'a' and 'b'. If 'b''s scope is zero then 'a''s scope is * ignored. Return #true if they are equal, #false if not. / isc_result_t isc_netaddr_masktoprefixlen(const isc_netaddr_t s, unsigned int lenp); /%< * Convert a netmask in 's' into a prefix length in 'lenp'. The mask should consist of zero or more '1' bits in the * most significant part of the address, followed by '0' bits. * If this is not the case, #ISC_R_MASKNONCONTIG is returned. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_MASKNONCONTIG / isc_result_t isc_netaddr_totext(const isc_netaddr_t netaddr, isc_buffer_t target); /%< * Append a text representation of 'sockaddr' to the buffer 'target'. * The text is NOT null terminated. Handles IPv4 and IPv6 addresses. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOSPACE The text or the null termination did not fit. \li #ISC_R_FAILURE Unspecified failure / void isc_netaddr_format(const isc_netaddr_t na, char array, unsigned int size); /%< Format a human-readable representation of the network address 'na' into the character array 'array', which is of size 'size'. * The resulting string is guaranteed to be null-terminated. / #define ISC_NETADDR_FORMATSIZE \ sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:XXX.XXX.XXX.XXX%SSSSSSSSSS") /%< * Minimum size of array to pass to isc_netaddr_format(). / void isc_netaddr_fromsockaddr(isc_netaddr_t netaddr, const isc_sockaddr_t source); void isc_netaddr_fromin(isc_netaddr_t netaddr, const struct in_addr ina); void isc_netaddr_fromin6(isc_netaddr_t netaddr, const struct in6_addr ina6); isc_result_t isc_netaddr_frompath(isc_netaddr_t netaddr, const char path); void isc_netaddr_setzone(isc_netaddr_t netaddr, uint32_t zone); uint32_t isc_netaddr_getzone(const isc_netaddr_t netaddr); void isc_netaddr_any(isc_netaddr_t netaddr); /%< Return the IPv4 wildcard address. / void isc_netaddr_any6(isc_netaddr_t netaddr); /%< Return the IPv6 wildcard address. / void isc_netaddr_unspec(isc_netaddr_t netaddr); /%< Initialize as AF_UNSPEC address. / bool isc_netaddr_ismulticast(const isc_netaddr_t na); /%< Returns true if the address is a multicast address. / bool isc_netaddr_isexperimental(const isc_netaddr_t na); /%< Returns true if the address is a experimental (CLASS E) address. / bool isc_netaddr_islinklocal(const isc_netaddr_t na); /%< Returns #true if the address is a link local address. / bool isc_netaddr_issitelocal(const isc_netaddr_t na); /%< Returns #true if the address is a site local address. / bool isc_netaddr_isnetzero(const isc_netaddr_t na); /%< Returns #true if the address is in net zero. / void isc_netaddr_fromv4mapped(isc_netaddr_t t, const isc_netaddr_t s); /%< * Convert an IPv6 v4mapped address into an IPv4 address. / isc_result_t isc_netaddr_prefixok(const isc_netaddr_t na, unsigned int prefixlen); /* * Test whether the netaddr 'na' and 'prefixlen' are consistent. * e.g. prefixlen within range. * na does not have bits set which are not covered by the prefixlen. * * Returns: * ISC_R_SUCCESS * ISC_R_RANGE prefixlen out of range * ISC_R_NOTIMPLEMENTED unsupported family * ISC_R_FAILURE extra bits. / bool isc_netaddr_isloopback(const isc_netaddr_t na); /* * Test whether the netaddr 'na' is a loopback IPv4 or IPv6 address (in * 127.0.0.0/8 or ::1). / ISC_LANG_ENDDECLS #endif / ISC_NETADDR_H / ��isc/thread.h��0000644��00000003564�15125204632�0006752 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_THREAD_H #define ISC_THREAD_H 1 /! \file / #include <pthread.h> #if defined(HAVE_PTHREAD_NP_H) #include <pthread_np.h> #endif / if defined(HAVE_PTHREAD_NP_H) / #include <isc/lang.h> #include <isc/result.h> #if defined(HAVE_THREAD_LOCAL) #include <threads.h> extern thread_local size_t isc_tid_v; #elif defined(HAVE___THREAD) extern __thread size_t isc_tid_v; #endif / if defined(HAVE_THREAD_LOCAL) / ISC_LANG_BEGINDECLS typedef pthread_t isc_thread_t; typedef void isc_threadresult_t; typedef void isc_threadarg_t; typedef isc_threadresult_t (isc_threadfunc_t)(isc_threadarg_t); void isc_thread_create(isc_threadfunc_t, isc_threadarg_t, isc_thread_t ); void isc_thread_join(isc_thread_t thread, isc_threadresult_t result); void isc_thread_setconcurrency(unsigned int level); void isc_thread_yield(void); void isc_thread_setname(isc_thread_t thread, const char name); isc_result_t isc_thread_setaffinity(int cpu); #define isc_thread_self (uintptr_t) pthread_self / * Thread-Local Storage **/ #if defined(HAVE_TLS) #if defined(HAVE_THREAD_LOCAL) #define ISC_THREAD_LOCAL static thread_local #elif defined(HAVE___THREAD) #define ISC_THREAD_LOCAL static __thread #else / if defined(HAVE_THREAD_LOCAL) / #error "Unknown method for defining a TLS variable!" #endif / if defined(HAVE_THREAD_LOCAL) / #else / if defined(HAVE_TLS) / #error "Thread-local storage support is required!" #endif / if defined(HAVE_TLS) / ISC_LANG_ENDDECLS #endif / ISC_THREAD_H / ��isc/strerr.h��0000644��00000001077�15125204632�0007021 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once /! \file isc/strerr.h / #include <isc/string.h> #if defined(strerror_r) #undef strerror_r #endif / if defined(strerror_r) / #define strerror_r isc_string_strerror_r ��isc/magic.h��0000644��00000001747�15125204632�0006564 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_MAGIC_H #define ISC_MAGIC_H 1 #include <isc/likely.h> /! \file isc/magic.h / typedef struct { unsigned int magic; } isc__magic_t; /% * To use this macro the magic number MUST be the first thing in the * structure, and MUST be of type "unsigned int". * The intent of this is to allow magic numbers to be checked even though * the object is otherwise opaque. / #define ISC_MAGIC_VALID(a, b) \ (ISC_LIKELY((a) != NULL) && \ ISC_LIKELY(((const isc__magic_t )(a))->magic == (b))) #define ISC_MAGIC(a, b, c, d) ((a) << 24 \| (b) << 16 \| (c) << 8 \| (d)) #endif /* ISC_MAGIC_H / ��isc/base64.h��0000644��00000005461�15125204632�0006565 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_BASE64_H #define ISC_BASE64_H 1 /! \file isc/base64.h / #include <isc/lang.h> #include <isc/types.h> ISC_LANG_BEGINDECLS / * Functions **/ isc_result_t isc_base64_totext(isc_region_t source, int wordlength, const char wordbreak, isc_buffer_t target); /!< \brief Convert data into base64 encoded text. * * Notes: \li The base64 encoded text in 'target' will be divided into words of at most 'wordlength' characters, separated by * the 'wordbreak' string. No parentheses will surround * the text. * * Requires: \li 'source' is a region containing binary data \li 'target' is a text buffer containing available space \li 'wordbreak' points to a null-terminated string of zero or more whitespace characters * * Ensures: \li target will contain the base64 encoded version of the data in source. The 'used' pointer in target will be advanced as * necessary. / isc_result_t isc_base64_decodestring(const char cstr, isc_buffer_t target); /!< * \brief Decode a null-terminated base64 string. * * Requires: \li 'cstr' is non-null. \li 'target' is a valid buffer. * * Returns: \li #ISC_R_SUCCESS -- the entire decoded representation of 'cstring' fit in 'target'. \li #ISC_R_BADBASE64 -- 'cstr' is not a valid base64 encoding. * Other error returns are any possible error code from: \li isc_lex_create(), \li isc_lex_openbuffer(), \li isc_base64_tobuffer(). / isc_result_t isc_base64_tobuffer(isc_lex_t lexer, isc_buffer_t target, int length); /!< \brief Convert base64 encoded text from a lexer context into * `target`. If 'length' is non-negative, it is the expected number of * encoded octets to convert. * * If 'length' is -1 then 0 or more encoded octets are expected. * If 'length' is -2 then 1 or more encoded octets are expected. * * Returns: \li #ISC_R_BADBASE64 -- invalid base64 encoding. \li #ISC_R_UNEXPECTEDEND: the text does not contain the expected * number of encoded octets. * * Requires: \li 'lexer' is a valid lexer context \li 'target' is a buffer containing binary data \li 'length' is -2, -1, or non-negative * Ensures: \li target will contain the data represented by the base64 encoded string parsed by the lexer. No more than `length` octets will * be read, if `length` is non-negative. The 'used' pointer in * 'target' will be advanced as necessary. / ISC_LANG_ENDDECLS #endif / ISC_BASE64_H / ��isc/hash.h��0000644��00000003161�15125204632�0006417 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_HASH_H #define ISC_HASH_H 1 #include <inttypes.h> #include <stdbool.h> #include "isc/lang.h" #include "isc/types.h" / * Functions **/ ISC_LANG_BEGINDECLS const void isc_hash_get_initializer(void); void isc_hash_set_initializer(const void initializer); #define isc_hash_function isc_hash64 uint32_t isc_hash32(const void data, const size_t length, const bool case_sensitive); uint64_t isc_hash64(const void data, const size_t length, const bool case_sensitive); /!< * \brief Calculate a hash over data. * * This hash function is useful for hashtables. The hash function is * opaque and not important to the caller. The returned hash values are * non-deterministic and will have different mapping every time a * process using this library is run, but will have uniform * distribution. * * isc_hash_32/64() calculates the hash from start to end over the * input data. * * 'data' is the data to be hashed. * * 'length' is the size of the data to be hashed. * * 'case_sensitive' specifies whether the hash key should be treated as * case_sensitive values. It should typically be false if the hash key * is a DNS name. * * Returns: * \li 32 or 64-bit hash value / ISC_LANG_ENDDECLS #endif / ISC_HASH_H / ��isc/random.h��0000644��00000002712�15125204632�0006755 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once #include <inttypes.h> #include <stdlib.h> #include <isc/lang.h> #include <isc/types.h> /! \file isc/random.h * \brief Implements wrapper around a cryptographically secure * pseudo-random number generator. * / ISC_LANG_BEGINDECLS uint8_t isc_random8(void); /!< * \brief Returns a single 8-bit random value. / uint16_t isc_random16(void); /!< * \brief Returns a single 16-bit random value. / uint32_t isc_random32(void); /!< * \brief Returns a single 32-bit random value. / void isc_random_buf(void buf, size_t buflen); /!< \brief Fills the region buf of length buflen with random data. / uint32_t isc_random_uniform(uint32_t upper_bound); /!< * \brief Will return a single 32-bit value, uniformly distributed but * less than upper_bound. This is recommended over * constructions like ``isc_random() % upper_bound'' as it * avoids "modulo bias" when the upper bound is not a power of * two. In the worst case, this function may require multiple * iterations to ensure uniformity. / ISC_LANG_ENDDECLS ��isc/lfsr.h��0000644��00000005613�15125204632�0006446 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_LFSR_H #define ISC_LFSR_H 1 /! \file isc/lfsr.h / #include <inttypes.h> #include <isc/lang.h> #include <isc/types.h> typedef struct isc_lfsr isc_lfsr_t; /% * This function is called when reseeding is needed. It is allowed to * modify any state in the LFSR in any way it sees fit OTHER THAN "bits". * * It MUST set "count" to a new value or the lfsr will never reseed again. * * Also, a reseed will never occur in the middle of an extraction. This * is purely an optimization, and is probably what one would want. / typedef void (isc_lfsrreseed_t)(isc_lfsr_t , void ); /% The members of this structure can be used by the application, but care * needs to be taken to not change state once the lfsr is in operation. / struct isc_lfsr { uint32_t state; /%< previous state / unsigned int bits; /%< length / uint32_t tap; /%< bit taps / unsigned int count; /%< reseed count (in BITS!) / isc_lfsrreseed_t reseed; /%< reseed function / void arg; /%< reseed function argument / }; ISC_LANG_BEGINDECLS void isc_lfsr_init(isc_lfsr_t lfsr, uint32_t state, unsigned int bits, uint32_t tap, unsigned int count, isc_lfsrreseed_t reseed, void arg); /%< Initialize an LFSR. * * Note: * \li Putting untrusted values into this function will cause the LFSR to generate (perhaps) non-maximal length sequences. * * Requires: * \li lfsr != NULL \li 8 <= bits <= 32 \li tap != 0 / void isc_lfsr_generate(isc_lfsr_t lfsr, void data, unsigned int count); /%< Returns "count" bytes of data from the LFSR. * * Requires: * \li lfsr be valid. \li data != NULL. \li count > 0. / void isc_lfsr_skip(isc_lfsr_t lfsr, unsigned int skip); /%< * Skip "skip" states. * * Requires: * \li lfsr be valid. / uint32_t isc_lfsr_generate32(isc_lfsr_t lfsr1, isc_lfsr_t lfsr2); /%< Given two LFSRs, use the current state from each to skip entries in the * other. The next states are then xor'd together and returned. * * WARNING: * \li This function is used only for very, very low security data, such as DNS message IDs where it is desired to have an unpredictable * stream of bytes that are harder to predict than a simple flooding * attack. * * Notes: * \li Since the current state from each of the LFSRs is used to skip state in the other, it is important that no state be leaked * from either LFSR. * * Requires: * \li lfsr1 and lfsr2 be valid. \li 1 <= skipbits <= 31 / ISC_LANG_ENDDECLS #endif /* ISC_LFSR_H / ��isc/formatcheck.h��0000644��00000001654�15125204632�0007767 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_FORMATCHECK_H #define ISC_FORMATCHECK_H 1 /! \file isc/formatcheck.h / /% * ISC_FORMAT_PRINTF(). * * \li fmt is the location of the format string parameter. * \li args is the location of the first argument (or 0 for no argument * checking). * * Note: * \li The first parameter is 1, not 0. / #ifdef __GNUC__ #define ISC_FORMAT_PRINTF(fmt, args) \ __attribute__((__format__(__printf__, fmt, args))) #else / ifdef __GNUC__ / #define ISC_FORMAT_PRINTF(fmt, args) #endif / ifdef __GNUC__ / #endif / ISC_FORMATCHECK_H / ��isc/counter.h��0000644��00000003602�15125204632�0007153 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_COUNTER_H #define ISC_COUNTER_H 1 /** * Module Info **/ /! \file isc/counter.h * * \brief The isc_counter_t object is a simplified version of the * isc_quota_t object; it tracks the consumption of limited * resources, returning an error condition when the quota is * exceeded. However, unlike isc_quota_t, attaching and detaching * from a counter object does not increment or decrement the counter. / / * Imports. */ #include <isc/lang.h> #include <isc/mutex.h> #include <isc/types.h> /* * Types. **/ ISC_LANG_BEGINDECLS isc_result_t isc_counter_create(isc_mem_t mctx, int limit, isc_counter_t *counterp); /%< * Allocate and initialize a counter object. / isc_result_t isc_counter_increment(isc_counter_t counter); /%< Increment the counter. * * If the counter limit is nonzero and has been reached, then * return ISC_R_QUOTA, otherwise ISC_R_SUCCESS. (The counter is * incremented regardless of return value.) / unsigned int isc_counter_used(isc_counter_t counter); /%< Return the current counter value. / void isc_counter_setlimit(isc_counter_t counter, int limit); /%< Set the counter limit. / void isc_counter_attach(isc_counter_t source, isc_counter_t *targetp); /%< * Attach to a counter object, increasing its reference counter. / void isc_counter_detach(isc_counter_t counterp); /%< * Detach (and destroy if reference counter has dropped to zero) * a counter object. / ISC_LANG_ENDDECLS #endif / ISC_COUNTER_H / ��isc/lex.h��0000644��00000023424�15125204632�0006270 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_LEX_H #define ISC_LEX_H 1 /** * Module Info **/ /! \file isc/lex.h * \brief The "lex" module provides a lightweight tokenizer. It can operate * on files or buffers, and can handle "include". It is designed for * parsing of DNS master files and the BIND configuration file, but * should be general enough to tokenize other things, e.g. HTTP. * * \li MP: * No synchronization is provided. Clients must ensure exclusive * access. * * \li Reliability: * No anticipated impact. * * \li Resources: * TBS * * \li Security: * No anticipated impact. * * \li Standards: * None. / / * Imports */ #include <stdbool.h> #include <stdio.h> #include <isc/lang.h> #include <isc/region.h> #include <isc/types.h> ISC_LANG_BEGINDECLS /* * Options / /@{/ /! * Various options for isc_lex_gettoken(). / #define ISC_LEXOPT_EOL 0x0001 /%< Want end-of-line token. / #define ISC_LEXOPT_EOF 0x0002 /%< Want end-of-file token. / #define ISC_LEXOPT_INITIALWS 0x0004 /%< Want initial whitespace. / #define ISC_LEXOPT_NUMBER 0x0008 /%< Recognize numbers. / #define ISC_LEXOPT_QSTRING 0x0010 /%< Recognize qstrings. / /@}/ /@{/ /! * The ISC_LEXOPT_DNSMULTILINE option handles the processing of '(' and ')' in * the DNS master file format. If this option is set, then the * ISC_LEXOPT_INITIALWS and ISC_LEXOPT_EOL options will be ignored when * the paren count is > 0. To use this option, '(' and ')' must be special * characters. / #define ISC_LEXOPT_DNSMULTILINE 0x0020 /%< Handle '(' and ')'. / #define ISC_LEXOPT_NOMORE 0x0040 /%< Want "no more" token. / #define ISC_LEXOPT_CNUMBER 0x0080 /%< Recognize octal and hex. / #define ISC_LEXOPT_ESCAPE 0x0100 /%< Recognize escapes. / #define ISC_LEXOPT_QSTRINGMULTILINE 0x0200 /%< Allow multiline "" strings / #define ISC_LEXOPT_OCTAL 0x0400 /%< Expect a octal number. / #define ISC_LEXOPT_BTEXT 0x0800 /%< Bracketed text. / #define ISC_LEXOPT_VPAIR 0x1000 /%< Recognize value pair. / #define ISC_LEXOPT_QVPAIR 0x2000 /%< Recognize quoted value pair. / /@}/ /@{/ /! * Various commenting styles, which may be changed at any time with * isc_lex_setcomments(). / #define ISC_LEXCOMMENT_C 0x01 #define ISC_LEXCOMMENT_CPLUSPLUS 0x02 #define ISC_LEXCOMMENT_SHELL 0x04 #define ISC_LEXCOMMENT_DNSMASTERFILE 0x08 /@}/ / * Types **/ /! Lex / typedef char isc_lexspecials_t[256]; / Tokens / typedef enum { isc_tokentype_unknown = 0, isc_tokentype_string = 1, isc_tokentype_number = 2, isc_tokentype_qstring = 3, isc_tokentype_eol = 4, isc_tokentype_eof = 5, isc_tokentype_initialws = 6, isc_tokentype_special = 7, isc_tokentype_nomore = 8, isc_tokentype_btext = 9, isc_tokentype_vpair = 10, isc_tokentype_qvpair = 11, } isc_tokentype_t; typedef union { char as_char; unsigned long as_ulong; isc_region_t as_region; isc_textregion_t as_textregion; void as_pointer; } isc_tokenvalue_t; typedef struct isc_token { isc_tokentype_t type; isc_tokenvalue_t value; } isc_token_t; /* * Functions **/ isc_result_t isc_lex_create(isc_mem_t mctx, size_t max_token, isc_lex_t *lexp); /%< * Create a lexer. * * 'max_token' is a hint of the number of bytes in the largest token. * * Requires: \li 'lexp' is a valid lexer. * * Ensures: \li On success, lexp is attached to the newly created lexer. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY / void isc_lex_destroy(isc_lex_t lexp); /%< * Destroy the lexer. * * Requires: \li 'lexp' is a valid lexer. * * Ensures: \li lexp == NULL / unsigned int isc_lex_getcomments(isc_lex_t lex); /%< Return the current lexer commenting styles. * * Requires: \li 'lex' is a valid lexer. * Returns: \li The commenting styles which are currently allowed. / void isc_lex_setcomments(isc_lex_t lex, unsigned int comments); /%< * Set allowed lexer commenting styles. * * Requires: \li 'lex' is a valid lexer. \li 'comments' has meaningful values. / void isc_lex_getspecials(isc_lex_t lex, isc_lexspecials_t specials); /%< * Put the current list of specials into 'specials'. * * Requires: \li 'lex' is a valid lexer. / void isc_lex_setspecials(isc_lex_t lex, isc_lexspecials_t specials); /!< * The characters in 'specials' are returned as tokens. Along with * whitespace, they delimit strings and numbers. * * Note: \li Comment processing takes precedence over special character recognition. * * Requires: \li 'lex' is a valid lexer. / isc_result_t isc_lex_openfile(isc_lex_t lex, const char filename); /%< Open 'filename' and make it the current input source for 'lex'. * * Requires: \li 'lex' is a valid lexer. \li filename is a valid C string. * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY Out of memory \li #ISC_R_NOTFOUND File not found \li #ISC_R_NOPERM No permission to open file \li #ISC_R_FAILURE Couldn't open file, not sure why \li #ISC_R_UNEXPECTED / isc_result_t isc_lex_openstream(isc_lex_t lex, FILE stream); /%< * Make 'stream' the current input source for 'lex'. * * Requires: \li 'lex' is a valid lexer. \li 'stream' is a valid C stream. * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY Out of memory / isc_result_t isc_lex_openbuffer(isc_lex_t lex, isc_buffer_t buffer); /%< * Make 'buffer' the current input source for 'lex'. * * Requires: \li 'lex' is a valid lexer. \li 'buffer' is a valid buffer. * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY Out of memory / isc_result_t isc_lex_close(isc_lex_t lex); /%< Close the most recently opened object (i.e. file or buffer). * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMORE No more input sources / isc_result_t isc_lex_gettoken(isc_lex_t lex, unsigned int options, isc_token_t tokenp); /%< * Get the next token. * * Requires: \li 'lex' is a valid lexer. \li 'lex' has an input source. \li 'options' contains valid options. \li 'tokenp' is a valid pointer. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_UNEXPECTEDEND \li #ISC_R_NOMEMORY * These two results are returned only if their corresponding lexer * options are not set. * \li #ISC_R_EOF End of input source \li #ISC_R_NOMORE No more input sources / isc_result_t isc_lex_getmastertoken(isc_lex_t lex, isc_token_t token, isc_tokentype_t expect, bool eol); /%< * Get the next token from a DNS master file type stream. This is a * convenience function that sets appropriate options and handles quoted * strings and end of line correctly for master files. It also ungets * unexpected tokens. If `eol` is set then expect end-of-line otherwise * eol is a error. * * Requires: \li 'lex' is a valid lexer. \li 'token' is a valid pointer * Returns: * * \li any return code from isc_lex_gettoken(). / isc_result_t isc_lex_getoctaltoken(isc_lex_t lex, isc_token_t token, bool eol); /%< * Get the next token from a DNS master file type stream. This is a * convenience function that sets appropriate options and handles end * of line correctly for master files. It also ungets unexpected tokens. * If `eol` is set then expect end-of-line otherwise eol is a error. * * Requires: \li 'lex' is a valid lexer. \li 'token' is a valid pointer * Returns: * * \li any return code from isc_lex_gettoken(). / void isc_lex_ungettoken(isc_lex_t lex, isc_token_t tokenp); /%< * Unget the current token. * * Requires: \li 'lex' is a valid lexer. \li 'lex' has an input source. \li 'tokenp' points to a valid token. \li There is no ungotten token already. / void isc_lex_getlasttokentext(isc_lex_t lex, isc_token_t tokenp, isc_region_t r); /%< * Returns a region containing the text of the last token returned. * * Requires: \li 'lex' is a valid lexer. \li 'lex' has an input source. \li 'tokenp' points to a valid token. \li A token has been gotten and not ungotten. / char * isc_lex_getsourcename(isc_lex_t lex); /%< * Return the input source name. * * Requires: \li 'lex' is a valid lexer. * Returns: * \li source name or NULL if no current source. \li result valid while current input source exists. / unsigned long isc_lex_getsourceline(isc_lex_t lex); /%< * Return the input source line number. * * Requires: \li 'lex' is a valid lexer. * Returns: \li Current line number or 0 if no current source. / isc_result_t isc_lex_setsourcename(isc_lex_t lex, const char name); /%< Assigns a new name to the input source. * * Requires: * * \li 'lex' is a valid lexer. * * Returns: * \li #ISC_R_SUCCESS * \li #ISC_R_NOMEMORY * \li #ISC_R_NOTFOUND - there are no sources. / isc_result_t isc_lex_setsourceline(isc_lex_t lex, unsigned long line); /%< Assigns a new line number to the input source. This can be used * when parsing a buffer that's been excerpted from the middle a file, * allowing logged messages to display the correct line number, * rather than the line number within the buffer. * * Requires: * * \li 'lex' is a valid lexer. * * Returns: * \li #ISC_R_SUCCESS * \li #ISC_R_NOTFOUND - there are no sources. / bool isc_lex_isfile(isc_lex_t lex); /%< Return whether the current input source is a file. * * Requires: \li 'lex' is a valid lexer. * Returns: * \li #true if the current input is a file, \li #false otherwise. / ISC_LANG_ENDDECLS #endif /* ISC_LEX_H / ��isc/cmocka.h��0000644��00000002547�15125204632�0006740 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! \file isc/cmocka.h / #pragma once #include <cmocka.h> #include <isc/lang.h> ISC_LANG_BEGINDECLS / * Copy the test identified by 'name' from 'tests' to 'selected'. / #define cmocka_add_test_byname(tests, name, selected) \ _cmocka_add_test_byname(tests, sizeof(tests) / sizeof(tests[0]), name, \ selected, \ sizeof(selected) / sizeof(selected[0])) static inline bool _cmocka_add_test_byname(const struct CMUnitTest tests, size_t ntests, const char name, struct CMUnitTest selected, size_t nselected) { size_t i, j; for (i = 0; i < ntests && tests[i].name != NULL; i++) { if (strcmp(tests[i].name, name) != 0) { continue; } for (j = 0; j < nselected && selected[j].name != NULL; j++) { if (strcmp(tests[j].name, name) == 0) { break; } } if (j < nselected && selected[j].name == NULL) { selected[j] = tests[i]; } return (true); } return (false); } ISC_LANG_ENDDECLS ��isc/commandline.h��0000644��00000003257�15125204632�0007770 0��ustar�00��/* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_COMMANDLINE_H #define ISC_COMMANDLINE_H 1 /! \file isc/commandline.h / #include <stdbool.h> #include <isc/lang.h> #include <isc/platform.h> #include <isc/result.h> /% Index into parent argv vector. / LIBISC_EXTERNAL_DATA extern int isc_commandline_index; /% Character checked for validity. / LIBISC_EXTERNAL_DATA extern int isc_commandline_option; /% Argument associated with option. / LIBISC_EXTERNAL_DATA extern char isc_commandline_argument; /% For printing error messages. / LIBISC_EXTERNAL_DATA extern char isc_commandline_progname; /% Print error message. / LIBISC_EXTERNAL_DATA extern bool isc_commandline_errprint; /% Reset getopt. / LIBISC_EXTERNAL_DATA extern bool isc_commandline_reset; ISC_LANG_BEGINDECLS int isc_commandline_parse(int argc, char const argv, const char options); /%< Parse a command line (similar to getopt()) / isc_result_t isc_commandline_strtoargv(isc_mem_t mctx, char s, unsigned int argcp, char **argvp, unsigned int n); /%< * Tokenize the string "s" into whitespace-separated words, * returning the number of words in 'argcp' and an array of pointers to the words in 'argvp'. The caller must free the array using isc_mem_free(). The string * is modified in-place. / ISC_LANG_ENDDECLS #endif / ISC_COMMANDLINE_H / ��isc/log.h��0000644��00000063601�15125204632�0006262 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_LOG_H #define ISC_LOG_H 1 /! \file isc/log.h / #include <stdarg.h> #include <stdbool.h> #include <stdio.h> #include <syslog.h> / XXXDCL NT / #include <isc/formatcheck.h> #include <isc/lang.h> #include <isc/platform.h> #include <isc/types.h> /@{/ /! * \brief Severity levels, patterned after Unix's syslog levels. * / #define ISC_LOG_DEBUG(level) (level) /! * #ISC_LOG_DYNAMIC can only be used for defining channels with * isc_log_createchannel(), not to specify a level in isc_log_write(). / #define ISC_LOG_DYNAMIC 0 #define ISC_LOG_INFO (-1) #define ISC_LOG_NOTICE (-2) #define ISC_LOG_WARNING (-3) #define ISC_LOG_ERROR (-4) #define ISC_LOG_CRITICAL (-5) /@}/ /@{/ /! * \brief Destinations. / #define ISC_LOG_TONULL 1 #define ISC_LOG_TOSYSLOG 2 #define ISC_LOG_TOFILE 3 #define ISC_LOG_TOFILEDESC 4 /@}/ /@{/ /% * Channel flags. / #define ISC_LOG_PRINTTIME 0x00001 #define ISC_LOG_PRINTLEVEL 0x00002 #define ISC_LOG_PRINTCATEGORY 0x00004 #define ISC_LOG_PRINTMODULE 0x00008 #define ISC_LOG_PRINTTAG 0x00010 / tag and ":" / #define ISC_LOG_PRINTPREFIX 0x00020 / tag only, no colon / #define ISC_LOG_PRINTALL 0x0003F #define ISC_LOG_BUFFERED 0x00040 #define ISC_LOG_DEBUGONLY 0x01000 #define ISC_LOG_OPENERR 0x08000 / internal / #define ISC_LOG_ISO8601 0x10000 / if PRINTTIME, use ISO8601 / #define ISC_LOG_UTC 0x20000 / if PRINTTIME, use UTC / /@}/ /@{/ /! * \brief Other options. * * XXXDCL INFINITE doesn't yet work. Arguably it isn't needed, but * since I am intend to make large number of versions work efficiently, * INFINITE is going to be trivial to add to that. / #define ISC_LOG_ROLLINFINITE (-1) #define ISC_LOG_ROLLNEVER (-2) #define ISC_LOG_MAX_VERSIONS 256 /@}/ /@{/ /! * \brief Type of suffix used on rolled log files. / typedef enum { isc_log_rollsuffix_increment, isc_log_rollsuffix_timestamp } isc_log_rollsuffix_t; /@}/ /! * \brief Used to name the categories used by a library. * * An array of isc_logcategory * structures names each category, and the id value is initialized by calling * isc_log_registercategories. / struct isc_logcategory { const char name; unsigned int id; }; /% Similar to isc_logcategory, but for all the modules a library defines. / struct isc_logmodule { const char name; unsigned int id; }; /% The isc_logfile structure is initialized as part of an isc_logdestination * before calling isc_log_createchannel(). * * When defining an #ISC_LOG_TOFILE * channel the name, versions and maximum_size should be set before calling * isc_log_createchannel(). To define an #ISC_LOG_TOFILEDESC channel set only * the stream before the call. * * Setting maximum_size to zero implies no maximum. / typedef struct isc_logfile { FILE stream; /%< Initialized to NULL for #ISC_LOG_TOFILE. / const char name; /%< NULL for #ISC_LOG_TOFILEDESC. / int versions; /* >= 0, #ISC_LOG_ROLLNEVER, * #ISC_LOG_ROLLINFINITE. / isc_log_rollsuffix_t suffix; /% * stdio's ftell is standardized to return a long, which may well not * be big enough for the largest file supportable by the operating * system (though it is _probably_ big enough for the largest log * anyone would want). st_size returned by fstat should be typedef'd * to a size large enough for the largest possible file on a system. / isc_offset_t maximum_size; bool maximum_reached; /%< Private. / } isc_logfile_t; /% * Passed to isc_log_createchannel to define the attributes of either * a stdio or a syslog log. / typedef union isc_logdestination { isc_logfile_t file; int facility; / XXXDCL NT / } isc_logdestination_t; /@{/ /% * The built-in categories of libisc. * * Each library registering categories should provide library_LOGCATEGORY_name * definitions with indexes into its isc_logcategory structure corresponding to * the order of the names. / LIBISC_EXTERNAL_DATA extern isc_logcategory_t isc_categories[]; LIBISC_EXTERNAL_DATA extern isc_log_t isc_lctx; LIBISC_EXTERNAL_DATA extern isc_logmodule_t isc_modules[]; /@}/ /@{/ /% Do not log directly to DEFAULT. Use another category. When in doubt, * use GENERAL. / #define ISC_LOGCATEGORY_DEFAULT (&isc_categories[0]) #define ISC_LOGCATEGORY_GENERAL (&isc_categories[1]) /@}/ #define ISC_LOGMODULE_SOCKET (&isc_modules[0]) #define ISC_LOGMODULE_TIME (&isc_modules[1]) #define ISC_LOGMODULE_INTERFACE (&isc_modules[2]) #define ISC_LOGMODULE_TIMER (&isc_modules[3]) #define ISC_LOGMODULE_FILE (&isc_modules[4]) #define ISC_LOGMODULE_NETMGR (&isc_modules[5]) #define ISC_LOGMODULE_OTHER (&isc_modules[6]) ISC_LANG_BEGINDECLS void isc_log_create(isc_mem_t mctx, isc_log_t lctxp, isc_logconfig_t lcfgp); /%< Establish a new logging context, with default channels. * * Notes: \li isc_log_create() calls isc_logconfig_create(), so see its comment below for more information. * * Requires: \li mctx is a valid memory context. \li lctxp is not null and lctxp is null. \li lcfgp is null or lcfgp is not null and lcfgp is null. * Ensures: \li lctxp will point to a valid logging context if all of the necessary * memory was allocated, or NULL otherwise. \li lcfgp will point to a valid logging configuration if all of the * necessary memory was allocated, or NULL otherwise. \li On failure, no additional memory is allocated. / void isc_logconfig_create(isc_log_t lctx, isc_logconfig_t lcfgp); /%< * Create the data structure that holds all of the configurable information * about where messages are actually supposed to be sent -- the information * that could changed based on some configuration file, as opposed to the * the category/module specification of isc_log_[v]write[1] that is compiled * into a program, or the debug_level which is dynamic state information. * * Notes: \li It is necessary to specify the logging context the configuration will be used with because the number of categories and modules * needs to be known in order to set the configuration. However, * the configuration is not used by the logging context until the * isc_logconfig_use function is called. * \li The memory context used for operations that allocate memory for the configuration is that of the logging context, as specified * in the isc_log_create call. * \li Four default channels are established: \verbatim * default_syslog * - log to syslog's daemon facility #ISC_LOG_INFO or higher * default_stderr * - log to stderr #ISC_LOG_INFO or higher * default_debug * - log to stderr #ISC_LOG_DEBUG dynamically * null * - log nothing \endverbatim * Requires: \li lctx is a valid logging context. \li lcftp is not null and lcfgp is null. * Ensures: \li lcfgp will point to a valid logging context if all of the necessary * memory was allocated, or NULL otherwise. \li On failure, no additional memory is allocated. / void isc_logconfig_use(isc_log_t lctx, isc_logconfig_t lcfg); /%< Associate a new configuration with a logging context. * * Notes: \li This is thread safe. The logging context will lock a mutex before attempting to swap in the new configuration, and isc_log_doit * (the internal function used by all of isc_log_[v]write[1]) locks * the same lock for the duration of its use of the configuration. * * Requires: \li lctx is a valid logging context. \li lcfg is a valid logging configuration. \li lctx is the same configuration given to isc_logconfig_create when the configuration was created. * * Ensures: \li Future calls to isc_log_write will use the new configuration. / void isc_log_destroy(isc_log_t *lctxp); /%< * Deallocate the memory associated with a logging context. * * Requires: \li lctx is a valid logging context. * * Ensures: \li All of the memory associated with the logging context is returned to the free memory pool. * \li Any open files are closed. \li The logging context is marked as invalid. / void isc_logconfig_destroy(isc_logconfig_t *lcfgp); /%< * Destroy a logging configuration. * * Requires: \li lcfgp is not null and lcfgp is a valid logging configuration. \li The logging configuration is not in use by an existing logging context. * Ensures: \li All memory allocated for the configuration is freed. \li The configuration is marked as invalid. / void isc_log_registercategories(isc_log_t lctx, isc_logcategory_t categories[]); /%< * Identify logging categories a library will use. * * Notes: \li A category should only be registered once, but no mechanism enforces this rule. * \li The end of the categories array is identified by a NULL name. \li Because the name is used by #ISC_LOG_PRINTCATEGORY, it should not be altered or destroyed after isc_log_registercategories(). * \li Because each element of the categories array is used by isc_log_categorybyname, it should not be altered or destroyed * after registration. * \li The value of the id integer in each structure is overwritten by this function, and so id need not be initialized to any particular * value prior to the function call. * \li A subsequent call to isc_log_registercategories with the same logging context (but new categories) will cause the last * element of the categories array from the prior call to have * its "name" member changed from NULL to point to the new * categories array, and its "id" member set to UINT_MAX. * * Requires: \li lctx is a valid logging context. \li categories != NULL. \li categories[0].name != NULL. * Ensures: * \li There are references to each category in the logging context, * so they can be used with isc_log_usechannel() and isc_log_write(). / void isc_log_registermodules(isc_log_t lctx, isc_logmodule_t modules[]); /%< Identify logging categories a library will use. * * Notes: \li A module should only be registered once, but no mechanism enforces this rule. * \li The end of the modules array is identified by a NULL name. \li Because the name is used by #ISC_LOG_PRINTMODULE, it should not be altered or destroyed after isc_log_registermodules(). * \li Because each element of the modules array is used by isc_log_modulebyname, it should not be altered or destroyed * after registration. * \li The value of the id integer in each structure is overwritten by this function, and so id need not be initialized to any particular * value prior to the function call. * \li A subsequent call to isc_log_registermodules with the same logging context (but new modules) will cause the last * element of the modules array from the prior call to have * its "name" member changed from NULL to point to the new * modules array, and its "id" member set to UINT_MAX. * * Requires: \li lctx is a valid logging context. \li modules != NULL. \li modules[0].name != NULL; * Ensures: \li Each module has a reference in the logging context, so they can be used with isc_log_usechannel() and isc_log_write(). / void isc_log_createchannel(isc_logconfig_t lcfg, const char name, unsigned int type, int level, const isc_logdestination_t destination, unsigned int flags); /%< Specify the parameters of a logging channel. * * Notes: \li The name argument is copied to memory in the logging context, so it can be altered or destroyed after isc_log_createchannel(). * \li Defining a very large number of channels will have a performance impact on isc_log_usechannel(), since the names are searched * linearly until a match is made. This same issue does not affect * isc_log_write, however. * \li Channel names can be redefined; this is primarily useful for programs that want their own definition of default_syslog, default_debug * and default_stderr. * \li Any channel that is redefined will not affect logging that was already directed to its original definition, _except_ for the * default_stderr channel. This case is handled specially so that * the default logging category can be changed by redefining * default_stderr. (XXXDCL Though now that I think of it, the default * logging category can be changed with only one additional function * call by defining a new channel and then calling isc_log_usechannel() * for #ISC_LOGCATEGORY_DEFAULT.) * \li Specifying #ISC_LOG_PRINTTIME or #ISC_LOG_PRINTTAG for syslog is allowed, but probably not what you wanted to do. * * #ISC_LOG_DEBUGONLY will mark the channel as usable only when the * debug level of the logging context (see isc_log_setdebuglevel) * is non-zero. * * Requires: \li lcfg is a valid logging configuration. \li name is not NULL. \li type is #ISC_LOG_TOSYSLOG, #ISC_LOG_TOFILE, #ISC_LOG_TOFILEDESC or #ISC_LOG_TONULL. * \li destination is not NULL unless type is #ISC_LOG_TONULL. \li level is >= #ISC_LOG_CRITICAL (the most negative logging level). \li flags does not include any bits aside from the ISC_LOG_PRINT bits, * #ISC_LOG_DEBUGONLY or #ISC_LOG_BUFFERED. * * Ensures: \li #ISC_R_SUCCESS A channel with the given name is usable with * isc_log_usechannel(). * \li #ISC_R_NOMEMORY or #ISC_R_UNEXPECTED No additional memory is being used by the logging context. * Any channel that previously existed with the given name * is not redefined. / isc_result_t isc_log_usechannel(isc_logconfig_t lcfg, const char name, const isc_logcategory_t category, const isc_logmodule_t module); /%< * Associate a named logging channel with a category and module that * will use it. * * Notes: \li The name is searched for linearly in the set of known channel names until a match is found. (Note the performance impact of a very large * number of named channels.) When multiple channels of the same * name are defined, the most recent definition is found. * \li Specifying a very large number of channels for a category will have a moderate impact on performance in isc_log_write(), as each * call looks up the category for the start of a linked list, which * it follows all the way to the end to find matching modules. The * test for matching modules is integral, though. * \li If category is NULL, then the channel is associated with the indicated module for all known categories (including the "default" category). * \li If module is NULL, then the channel is associated with every module that uses that category. * \li Passing both category and module as NULL would make every log message use the indicated channel. * * \li Specifying a channel that is #ISC_LOG_TONULL for a category/module pair * has no effect on any other channels associated with that pair, * regardless of ordering. Thus you cannot use it to "mask out" one * category/module pair when you have specified some other channel that * is also used by that category/module pair. * * Requires: \li lcfg is a valid logging configuration. \li category is NULL or has an id that is in the range of known ids. * module is NULL or has an id that is in the range of known ids. * * Ensures: \li #ISC_R_SUCCESS The channel will be used by the indicated category/module * arguments. * \li #ISC_R_NOMEMORY If assignment for a specific category has been requested, * the channel has not been associated with the indicated * category/module arguments and no additional memory is * used by the logging context. * If assignment for all categories has been requested * then _some_ may have succeeded (starting with category * "default" and progressing through the order of categories * passed to isc_log_registercategories()) and additional memory * is being used by whatever assignments succeeded. * * Returns: \li #ISC_R_SUCCESS Success \li #ISC_R_NOMEMORY Resource limit: Out of memory / / Attention: next four comments PRECEDE code / /! * \brief * Write a message to the log channels. * * Notes: \li lctx can be NULL; this is allowed so that programs which use libraries that use the ISC logging system are not required to * also use it. * \li The format argument is a printf(3) string, with additional arguments as necessary. * * Requires: \li lctx is a valid logging context. \li The category and module arguments must have ids that are in the range of known ids, as established by isc_log_registercategories() * and isc_log_registermodules(). * \li level != #ISC_LOG_DYNAMIC. ISC_LOG_DYNAMIC is used only to define channels, and explicit debugging level must be identified for * isc_log_write() via ISC_LOG_DEBUG(level). * \li format != NULL. * Ensures: \li The log message is written to every channel associated with the indicated category/module pair. * * Returns: \li Nothing. Failure to log a message is not construed as a meaningful error. / void isc_log_write(isc_log_t lctx, isc_logcategory_t category, isc_logmodule_t module, int level, const char format, ...) ISC_FORMAT_PRINTF(5, 6); /% * Write a message to the log channels. * * Notes: \li lctx can be NULL; this is allowed so that programs which use libraries that use the ISC logging system are not required to * also use it. * \li The format argument is a printf(3) string, with additional arguments as necessary. * * Requires: \li lctx is a valid logging context. \li The category and module arguments must have ids that are in the range of known ids, as established by isc_log_registercategories() * and isc_log_registermodules(). * \li level != #ISC_LOG_DYNAMIC. ISC_LOG_DYNAMIC is used only to define channels, and explicit debugging level must be identified for * isc_log_write() via ISC_LOG_DEBUG(level). * \li format != NULL. * Ensures: \li The log message is written to every channel associated with the indicated category/module pair. * * Returns: \li Nothing. Failure to log a message is not construed as a meaningful error. / void isc_log_vwrite(isc_log_t lctx, isc_logcategory_t category, isc_logmodule_t module, int level, const char format, va_list args) ISC_FORMAT_PRINTF(5, 0); /% * Write a message to the log channels, pruning duplicates that occur within * a configurable amount of seconds (see isc_log_[sg]etduplicateinterval). * This function is otherwise identical to isc_log_write(). / void isc_log_write1(isc_log_t lctx, isc_logcategory_t category, isc_logmodule_t module, int level, const char format, ...) ISC_FORMAT_PRINTF(5, 6); /% * Write a message to the log channels, pruning duplicates that occur within * a configurable amount of seconds (see isc_log_[sg]etduplicateinterval). * This function is otherwise identical to isc_log_vwrite(). / void isc_log_vwrite1(isc_log_t lctx, isc_logcategory_t category, isc_logmodule_t module, int level, const char format, va_list args) ISC_FORMAT_PRINTF(5, 0); void isc_log_setdebuglevel(isc_log_t lctx, unsigned int level); /%< Set the debugging level used for logging. * * Notes: \li Setting the debugging level to 0 disables debugging log messages. * Requires: \li lctx is a valid logging context. * Ensures: \li The debugging level is set to the requested value. / unsigned int isc_log_getdebuglevel(isc_log_t lctx); /%< * Get the current debugging level. * * Notes: \li This is provided so that a program can have a notion of "increment debugging level" or "decrement debugging level" * without needing to keep track of what the current level is. * \li A return value of 0 indicates that debugging messages are disabled. * Requires: \li lctx is a valid logging context. * Ensures: \li The current logging debugging level is returned. / bool isc_log_wouldlog(isc_log_t lctx, int level); /%< * Determine whether logging something to 'lctx' at 'level' would * actually cause something to be logged somewhere. * * If #false is returned, it is guaranteed that nothing would * be logged, allowing the caller to omit unnecessary * isc_log_write() calls and possible message preformatting. / void isc_log_setduplicateinterval(isc_logconfig_t lcfg, unsigned int interval); /%< Set the interval over which duplicate log messages will be ignored * by isc_log_[v]write1(), in seconds. * * Notes: \li Increasing the duplicate interval from X to Y will not necessarily filter out duplicates of messages logged in Y - X seconds since the * increase. (Example: Message1 is logged at midnight. Message2 * is logged at 00:01:00, when the interval is only 30 seconds, causing * Message1 to be expired from the log message history. Then the interval * is increased to 3000 (five minutes) and at 00:04:00 Message1 is logged * again. It will appear the second time even though less than five * passed since the first occurrence. * * Requires: \li lctx is a valid logging context. / unsigned int isc_log_getduplicateinterval(isc_logconfig_t lcfg); /%< * Get the current duplicate filtering interval. * * Requires: \li lctx is a valid logging context. * Returns: \li The current duplicate filtering interval. / void isc_log_settag(isc_logconfig_t lcfg, const char tag); /%< Set the program name or other identifier for #ISC_LOG_PRINTTAG. * * Requires: \li lcfg is a valid logging configuration. * Notes: \li If this function has not set the tag to a non-NULL, non-empty value, then the #ISC_LOG_PRINTTAG channel flag will not print anything. * Unlike some implementations of syslog on Unix systems, you must set * the tag in order to get it logged. It is not implicitly derived from * the program name (which is pretty impossible to infer portably). * \li Setting the tag to NULL or the empty string will also cause the #ISC_LOG_PRINTTAG channel flag to not print anything. If tag equals the * empty string, calls to isc_log_gettag will return NULL. * * XXXDCL when creating a new isc_logconfig_t, it might be nice if the tag * of the currently active isc_logconfig_t was inherited. this does not * currently happen. / char isc_log_gettag(isc_logconfig_t lcfg); /%< * Get the current identifier printed with #ISC_LOG_PRINTTAG. * * Requires: \li lcfg is a valid logging configuration. * Notes: \li Since isc_log_settag() will not associate a zero-length string with the logging configuration, attempts to do so will cause * this function to return NULL. However, a determined programmer * will observe that (currently) a tag of length greater than zero * could be set, and then modified to be zero length. * * Returns: \li A pointer to the current identifier, or NULL if none has been set. / void isc_log_opensyslog(const char tag, int options, int facility); /%< * Initialize syslog logging. * * Notes: \li XXXDCL NT This is currently equivalent to openlog(), but is not going to remain * that way. In the meantime, the arguments are all identical to * those used by openlog(3), as follows: * * \code * tag: The string to use in the position of the program * name in syslog messages. Most (all?) syslogs * will use basename(argv[0]) if tag is NULL. * * options: LOG_CONS, LOG_PID, LOG_NDELAY ... whatever your * syslog supports. * * facility: The default syslog facility. This is irrelevant * since isc_log_write will ALWAYS use the channel's * declared facility. * \endcode * \li Zero effort has been made (yet) to accommodate systems with openlog() that only takes two arguments, or to identify valid syslog * facilities or options for any given architecture. * \li It is necessary to call isc_log_opensyslog() to initialize syslogging on machines which do not support network connections to * syslogd because they require a Unix domain socket to be used. Since * this is a chore to determine at run-time, it is suggested that it * always be called by programs using the ISC logging system. * * Requires: \li Nothing. * Ensures: \li openlog() is called to initialize the syslog system. / void isc_log_closefilelogs(isc_log_t lctx); /%< * Close all open files used by #ISC_LOG_TOFILE channels. * * Notes: \li This function is provided for programs that want to use their own log rolling mechanism rather than the one provided internally. * For example, a program that wanted to keep daily logs would define * a channel which used #ISC_LOG_ROLLNEVER, then once a day would * rename the log file and call isc_log_closefilelogs(). * \li #ISC_LOG_TOFILEDESC channels are unaffected. * Requires: \li lctx is a valid context. * Ensures: \li The open files are closed and will be reopened when they are next needed. / isc_logcategory_t isc_log_categorybyname(isc_log_t lctx, const char name); /%< Find a category by its name. * * Notes: \li The string name of a category is not required to be unique. * Requires: \li lctx is a valid context. \li name is not NULL. * * Returns: \li A pointer to the _first_ isc_logcategory_t structure used by "name". \li NULL if no category exists by that name. / isc_logmodule_t * isc_log_modulebyname(isc_log_t lctx, const char name); /%< Find a module by its name. * * Notes: \li The string name of a module is not required to be unique. * Requires: \li lctx is a valid context. \li name is not NULL. * * Returns: \li A pointer to the _first_ isc_logmodule_t structure used by "name". \li NULL if no module exists by that name. / void isc_log_setcontext(isc_log_t lctx); /%< * Sets the context used by the libisc for logging. * * Requires: \li lctx be a valid context. / isc_result_t isc_logfile_roll(isc_logfile_t file); /%< * Roll a logfile. * * Requires: \li file is not NULL. / ISC_LANG_ENDDECLS #endif /* ISC_LOG_H / ��isc/queue.h��0000644��00000002471�15125204632�0006623 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once #include <isc/mem.h> typedef struct isc_queue isc_queue_t; isc_queue_t isc_queue_new(isc_mem_t mctx, int max_threads); /%< * Create a new fetch-and-add array queue. * * 'max_threads' is currently unused. In the future it can be used * to pass a maximum threads parameter when creating hazard pointers, * but currently `isc_hp_t` uses a hard-coded value. / void isc_queue_enqueue(isc_queue_t queue, uintptr_t item); /%< Enqueue an object pointer 'item' at the tail of the queue. * * Requires: * \li 'item' is not null. / uintptr_t isc_queue_dequeue(isc_queue_t queue); /%< Remove an object pointer from the head of the queue and return the * pointer. If the queue is empty, return `nulluintptr` (the uintptr_t * representation of NULL). * * Requires: * \li 'queue' is not null. / void isc_queue_destroy(isc_queue_t queue); /%< Destroy a queue. * * Requires: * \li 'queue' is not null. / ��isc/hex.h��0000644��00000005365�15125204632�0006270 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_HEX_H #define ISC_HEX_H 1 /! \file isc/hex.h / #include <isc/lang.h> #include <isc/types.h> ISC_LANG_BEGINDECLS / * Functions **/ isc_result_t isc_hex_totext(isc_region_t source, int wordlength, const char wordbreak, isc_buffer_t target); /!< \brief Convert data into hex encoded text. * * Notes: \li The hex encoded text in 'target' will be divided into words of at most 'wordlength' characters, separated by * the 'wordbreak' string. No parentheses will surround * the text. * * Requires: \li 'source' is a region containing binary data \li 'target' is a text buffer containing available space \li 'wordbreak' points to a null-terminated string of zero or more whitespace characters * * Ensures: \li target will contain the hex encoded version of the data in source. The 'used' pointer in target will be advanced as * necessary. / isc_result_t isc_hex_decodestring(const char cstr, isc_buffer_t target); /!< * \brief Decode a null-terminated hex string. * * Requires: \li 'cstr' is non-null. \li 'target' is a valid buffer. * * Returns: \li #ISC_R_SUCCESS -- the entire decoded representation of 'cstring' fit in 'target'. \li #ISC_R_BADHEX -- 'cstr' is not a valid hex encoding. * Other error returns are any possible error code from: * isc_lex_create(), * isc_lex_openbuffer(), * isc_hex_tobuffer(). / isc_result_t isc_hex_tobuffer(isc_lex_t lexer, isc_buffer_t target, int length); /!< * \brief Convert hex-encoded text from a lexer context into * `target`. If 'length' is non-negative, it is the expected number of * encoded octets to convert. * * If 'length' is -1 then 0 or more encoded octets are expected. * If 'length' is -2 then 1 or more encoded octets are expected. * * Returns: \li #ISC_R_BADHEX -- invalid hex encoding \li #ISC_R_UNEXPECTEDEND: the text does not contain the expected * number of encoded octets. * * Requires: \li 'lexer' is a valid lexer context \li 'target' is a buffer containing binary data \li 'length' is -2, -1, or non-negative * Ensures: \li target will contain the data represented by the hex encoded string parsed by the lexer. No more than `length` octets will * be read, if `length` is non-negative. The 'used' pointer in * 'target' will be advanced as necessary. / ISC_LANG_ENDDECLS #endif / ISC_HEX_H / ��isc/radix.h��0000644��00000015553�15125204632�0006613 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef _RADIX_H #define _RADIX_H #include <inttypes.h> #include <string.h> #include <isc/magic.h> #include <isc/mutex.h> #include <isc/net.h> #include <isc/refcount.h> #include <isc/types.h> #define NETADDR_TO_PREFIX_T(na, pt, bits) \ do { \ const void p = na; \ memset(&(pt), 0, sizeof(pt)); \ if (p != NULL) { \ (pt).family = (na)->family; \ (pt).bitlen = (bits); \ if ((pt).family == AF_INET6) { \ memmove(&(pt).add.sin6, &(na)->type.in6, \ ((bits) + 7) / 8); \ } else \ memmove(&(pt).add.sin, &(na)->type.in, \ ((bits) + 7) / 8); \ } else { \ (pt).family = AF_UNSPEC; \ (pt).bitlen = 0; \ } \ isc_refcount_init(&(pt).refcount, 0); \ } while (0) typedef struct isc_prefix { isc_mem_t mctx; unsigned int family; / AF_INET \| AF_INET6, or AF_UNSPEC for * "any" / unsigned int bitlen; / 0 for "any" / isc_refcount_t refcount; union { struct in_addr sin; struct in6_addr sin6; } add; } isc_prefix_t; typedef void (isc_radix_destroyfunc_t)(void ); typedef void (isc_radix_processfunc_t)(isc_prefix_t , void ); #define isc_prefix_tochar(prefix) ((char )&(prefix)->add.sin) #define isc_prefix_touchar(prefix) ((u_char )&(prefix)->add.sin) / * We need "first match" when we search the radix tree to preserve * compatibility with the existing ACL implementation. Radix trees * naturally lend themselves to "best match". In order to get "first match" * behavior, we keep track of the order in which entries are added to the * tree--and when a search is made, we find all matching entries, and * return the one that was added first. * * An IPv4 prefix and an IPv6 prefix may share a radix tree node if they * have the same length and bit pattern (e.g., 127/8 and 7f::/8). To * disambiguate between them, node_num and data are two-element arrays: * * - node_num[0] and data[0] are used for IPv4 client addresses * - node_num[1] and data[1] are used for IPv6 client addresses * * A prefix of 0/0 (aka "any" or "none"), is always stored as IPv4, * but matches all IPv6 addresses too. / #define RADIX_V4 0 #define RADIX_V6 1 #define RADIX_FAMILIES 2 #define ISC_RADIX_FAMILY(p) (((p)->family == AF_INET6) ? RADIX_V6 : RADIX_V4) typedef struct isc_radix_node { isc_mem_t mctx; uint32_t bit; /* bit length of the prefix / isc_prefix_t prefix; /* who we are in radix tree / struct isc_radix_node l, r; / left and right children / struct isc_radix_node parent; /* may be used / void data[RADIX_FAMILIES]; /* pointers to IPv4 * and IPV6 data / int node_num[RADIX_FAMILIES]; / which node * this was in * the tree, * or -1 for glue * nodes / } isc_radix_node_t; #define RADIX_TREE_MAGIC ISC_MAGIC('R', 'd', 'x', 'T'); #define RADIX_TREE_VALID(a) ISC_MAGIC_VALID(a, RADIX_TREE_MAGIC); typedef struct isc_radix_tree { unsigned int magic; isc_mem_t mctx; isc_radix_node_t head; uint32_t maxbits; / for IP, 32 bit addresses / int num_active_node; / for debugging purposes / int num_added_node; / total number of nodes / } isc_radix_tree_t; isc_result_t isc_radix_search(isc_radix_tree_t radix, isc_radix_node_t *target, isc_prefix_t prefix); /%< Search 'radix' for the best match to 'prefix'. * Return the node found in 'target'. * Requires: * \li 'radix' to be valid. * \li 'target' is not NULL and "target" is NULL. \li 'prefix' to be valid. * * Returns: * \li ISC_R_NOTFOUND * \li ISC_R_SUCCESS / isc_result_t isc_radix_insert(isc_radix_tree_t radix, isc_radix_node_t *target, isc_radix_node_t source, isc_prefix_t prefix); /%< * Insert 'source' or 'prefix' into the radix tree 'radix'. * Return the node added in 'target'. * * Requires: * \li 'radix' to be valid. * \li 'target' is not NULL and "target" is NULL. \li 'prefix' to be valid or 'source' to be non NULL and contain * a valid prefix. * * Returns: * \li ISC_R_NOMEMORY * \li ISC_R_SUCCESS / void isc_radix_remove(isc_radix_tree_t radix, isc_radix_node_t node); /%< * Remove the node 'node' from the radix tree 'radix'. * * Requires: * \li 'radix' to be valid. * \li 'node' to be valid. / isc_result_t isc_radix_create(isc_mem_t mctx, isc_radix_tree_t *target, int maxbits); /%< * Create a radix tree with a maximum depth of 'maxbits'; * * Requires: * \li 'mctx' to be valid. * \li 'target' to be non NULL and 'target' to be NULL. \li 'maxbits' to be less than or equal to RADIX_MAXBITS. * * Returns: * \li ISC_R_NOMEMORY * \li ISC_R_SUCCESS / void isc_radix_destroy(isc_radix_tree_t radix, isc_radix_destroyfunc_t func); /%< Destroy a radix tree optionally calling 'func' to clean up node data. * * Requires: * \li 'radix' to be valid. / void isc_radix_process(isc_radix_tree_t radix, isc_radix_processfunc_t func); /%< Walk a radix tree calling 'func' to process node data. * * Requires: * \li 'radix' to be valid. * \li 'func' to point to a function. / #define RADIX_MAXBITS 128 #define RADIX_NBIT(x) (0x80 >> ((x)&0x7f)) #define RADIX_NBYTE(x) ((x) >> 3) #define RADIX_WALK(Xhead, Xnode) \ do { \ isc_radix_node_t Xstack[RADIX_MAXBITS + 1]; \ isc_radix_node_t *Xsp = Xstack; \ isc_radix_node_t Xrn = (Xhead); \ while ((Xnode = Xrn)) { \ if (Xnode->prefix) #define RADIX_WALK_END \ if (Xrn->l) { \ if (Xrn->r) { \ Xsp++ = Xrn->r; \ } \ Xrn = Xrn->l; \ } else if (Xrn->r) { \ Xrn = Xrn->r; \ } else if (Xsp != Xstack) { \ Xrn = (--Xsp); \ } else { \ Xrn = (isc_radix_node_t )0; \ } \ } \ } \ while (0) #endif / _RADIX_H / ��isc/fsaccess.h��0000644��00000016435�15125204632�0007276 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_FSACCESS_H #define ISC_FSACCESS_H 1 /! \file isc/fsaccess.h * \brief The ISC filesystem access module encapsulates the setting of file * and directory access permissions into one API that is meant to be * portable to multiple operating systems. * * The two primary operating system flavors that are initially accommodated * are POSIX and Windows NT 4.0 and later. The Windows NT access model is * considerable more flexible than POSIX's model (as much as I am loathe to * admit it), and so the ISC API has a higher degree of complexity than would * be needed to simply address POSIX's needs. * * The full breadth of NT's flexibility is not available either, for the * present time. Much of it is to provide compatibility with what Unix * programmers are expecting. This is also due to not yet really needing all * of the functionality of an NT system (or, for that matter, a POSIX system) * in BIND9, and so resolving how to handle the various incompatibilities has * been a purely theoretical exercise with no operational experience to * indicate how flawed the thinking may be. * * Some of the more notable dumbing down of NT for this API includes: * \li Each of FILE_READ_DATA and FILE_READ_EA are set with #ISC_FSACCESS_READ. * \li All of FILE_WRITE_DATA, FILE_WRITE_EA and FILE_APPEND_DATA are * set with #ISC_FSACCESS_WRITE. FILE_WRITE_ATTRIBUTES is not set * so as to be consistent with Unix, where only the owner of the file * or the superuser can change the attributes/mode of a file. * * \li Both of FILE_ADD_FILE and FILE_ADD_SUBDIRECTORY are set with * #ISC_FSACCESS_CREATECHILD. This is similar to setting the WRITE * permission on a Unix directory. * * \li SYNCHRONIZE is always set for files and directories, unless someone * can give me a reason why this is a bad idea. * * \li READ_CONTROL and FILE_READ_ATTRIBUTES are always set; this is * consistent with Unix, where any file or directory can be stat()'d * unless the directory path disallows complete access somewhere along * the way. * * \li WRITE_DAC is only set for the owner. This too is consistent with * Unix, and is tighter security than allowing anyone else to be * able to set permissions. * * \li DELETE is only set for the owner. On Unix the ability to delete * a file is controlled by the directory permissions, but it isn't * currently clear to me what happens on NT if the directory has * FILE_DELETE_CHILD set but a file within it does not have DELETE * set. Always setting DELETE on the file/directory for the owner * gives maximum flexibility to the owner without exposing the * file to deletion by others. * * \li WRITE_OWNER is never set. This too is consistent with Unix, * and is also tighter security than allowing anyone to change the * ownership of the file apart from the superu..ahem, Administrator. * * \li Inheritance is set to NO_INHERITANCE. * * Unix's dumbing down includes: * * \li The sticky bit cannot be set. * * \li setuid and setgid cannot be set. * * \li Only regular files and directories can be set. * * The rest of this comment discusses a few of the incompatibilities * between the two systems that need more thought if this API is to * be extended to accommodate them. * * The Windows standard access right "DELETE" doesn't have a direct * equivalent in the Unix world, so it isn't clear what should be done * with it. * * The Unix sticky bit is not supported. While NT does have a concept * of allowing users to create files in a directory but not delete or * rename them, it does not have a concept of allowing them to be deleted * if they are owned by the user trying to delete/rename. While it is * probable that something could be cobbled together in NT 5 with inheritance, * it can't really be done in NT 4 as a single property that you could * set on a directory. You'd need to coordinate something with file creation * so that every file created had DELETE set for the owner but no one else. * * On Unix systems, setting #ISC_FSACCESS_LISTDIRECTORY sets READ. * ... setting either #ISC_FSACCESS_CREATECHILD or #ISC_FSACCESS_DELETECHILD * sets WRITE. * ... setting #ISC_FSACCESS_ACCESSCHILD sets EXECUTE. * * On NT systems, setting #ISC_FSACCESS_LISTDIRECTORY sets FILE_LIST_DIRECTORY. * ... setting #ISC_FSACCESS_CREATECHILD sets FILE_CREATE_CHILD independently. * ... setting #ISC_FSACCESS_DELETECHILD sets FILE_DELETE_CHILD independently. * ... setting #ISC_FSACCESS_ACCESSCHILD sets FILE_TRAVERSE. * * Unresolved: XXXDCL * \li What NT access right controls the ability to rename a file? * \li How does DELETE work? If a directory has FILE_DELETE_CHILD but a * file or directory within it does not have DELETE, is that file * or directory deletable? * \li To implement isc_fsaccess_get(), mapping an existing Unix permission * mode_t back to an isc_fsaccess_t is pretty trivial; however, mapping * an NT DACL could be impossible to do in a responsible way. * \li Similarly, trying to implement the functionality of being able to * say "add group writability to whatever permissions already exist" * could be tricky on NT because of the order-of-entry issue combined * with possibly having one or more matching ACEs already explicitly * granting or denying access. Because this functionality is * not yet needed by the ISC, no code has been written to try to * solve this problem. / #include <inttypes.h> #include <isc/lang.h> #include <isc/types.h> / * Trustees. / #define ISC_FSACCESS_OWNER 0x1 /%< User account. / #define ISC_FSACCESS_GROUP 0x2 /%< Primary group owner. / #define ISC_FSACCESS_OTHER 0x4 /%< Not the owner or the group owner. / #define ISC_FSACCESS_WORLD 0x7 /%< User, Group, Other. / / * Types of permission. / #define ISC_FSACCESS_READ 0x00000001 /%< File only. / #define ISC_FSACCESS_WRITE 0x00000002 /%< File only. / #define ISC_FSACCESS_EXECUTE 0x00000004 /%< File only. / #define ISC_FSACCESS_CREATECHILD 0x00000008 /%< Dir only. / #define ISC_FSACCESS_DELETECHILD 0x00000010 /%< Dir only. / #define ISC_FSACCESS_LISTDIRECTORY 0x00000020 /%< Dir only. / #define ISC_FSACCESS_ACCESSCHILD 0x00000040 /%< Dir only. / /% * Adding any permission bits beyond 0x200 would mean typedef'ing * isc_fsaccess_t as uint64_t, and redefining this value to * reflect the new range of permission types, Probably to 21 for * maximum flexibility. The number of bits has to accommodate all of * the permission types, and three full sets of them have to fit * within an isc_fsaccess_t. / #define ISC__FSACCESS_PERMISSIONBITS 10 ISC_LANG_BEGINDECLS void isc_fsaccess_add(int trustee, int permission, isc_fsaccess_t access); void isc_fsaccess_remove(int trustee, int permission, isc_fsaccess_t access); isc_result_t isc_fsaccess_set(const char path, isc_fsaccess_t access); ISC_LANG_ENDDECLS #endif /* ISC_FSACCESS_H / ��isc/nonce.h��0000644��00000001347�15125204632�0006602 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once #include <stdlib.h> #include <isc/lang.h> /! \file isc/nonce.h * \brief Provides a function for generating an arbitrarily long nonce. / ISC_LANG_BEGINDECLS void isc_nonce_buf(void buf, size_t buflen); /!< Fill 'buf', up to 'buflen' bytes, with random data from the * crypto provider's random function. / ISC_LANG_ENDDECLS ��isc/align.h��0000644��00000001071�15125204632�0006564 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once #ifdef HAVE_STDALIGN_H #include <stdalign.h> #else / ifdef HAVE_STDALIGN_H / #define alignas(x) __attribute__((__aligned__(x))) #endif / ifdef HAVE_STDALIGN_H / ��isc/platform.h��0000644��00000003503�15125204632�0007320 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_PLATFORM_H #define ISC_PLATFORM_H 1 /! \file / /** * Platform-dependent defines. */ /* * Default strerror_r buffer size / #define ISC_STRERRORSIZE 128 / * System limitations */ #include <limits.h> #ifndef NAME_MAX #define NAME_MAX 256 #endif #ifndef PATH_MAX #define PATH_MAX 1024 #endif #ifndef IOV_MAX #define IOV_MAX 1024 #endif /* * Miscellaneous. / / * Defined to <gssapi.h> or <gssapi/gssapi.h> for how to include * the GSSAPI header. / #define ISC_PLATFORM_GSSAPIHEADER <gssapi/gssapi.h> / * Defined to <gssapi_krb5.h> or <gssapi/gssapi_krb5.h> for how to * include the GSSAPI KRB5 header. / #define ISC_PLATFORM_GSSAPI_KRB5_HEADER <gssapi/gssapi_krb5.h> / * Defined to <krb5.h> or <krb5/krb5.h> for how to include * the KRB5 header. / #define ISC_PLATFORM_KRB5HEADER <krb5/krb5.h> / * Define if the platform has <sys/un.h>. / #define ISC_PLATFORM_HAVESYSUNH 1 / * Defines for the noreturn attribute. / #define ISC_PLATFORM_NORETURN_PRE #define ISC_PLATFORM_NORETURN_POST __attribute__((noreturn)) / * Windows dll support. **/ #define LIBISC_EXTERNAL_DATA #define LIBDNS_EXTERNAL_DATA #define LIBISCCC_EXTERNAL_DATA #define LIBISCCFG_EXTERNAL_DATA #define LIBNS_EXTERNAL_DATA #define LIBBIND9_EXTERNAL_DATA #define LIBTESTS_EXTERNAL_DATA / * Tell emacs to use C mode for this file. * * Local Variables: * mode: c * End: / #endif / ISC_PLATFORM_H / ��isc/offset.h��0000644��00000001257�15125204632�0006766 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_OFFSET_H #define ISC_OFFSET_H 1 /! \file * \brief * File offsets are operating-system dependent. / #include <limits.h> / Required for CHAR_BIT. / #include <stddef.h> / For Linux Standard Base. / #include <sys/types.h> typedef off_t isc_offset_t; #endif / ISC_OFFSET_H / ��isc/atomic.h��0000644��00000006012�15125204632�0006746 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once #ifdef ISC_MUTEX_ATOMICS #include <isc/mutexatomic.h> #else / ifdef ISC_MUTEX_ATOMICS / #if HAVE_STDATOMIC_H #include <stdatomic.h> #else / if HAVE_STDATOMIC_H / #include <isc/stdatomic.h> #endif / if HAVE_STDATOMIC_H / #endif / ifdef ISC_MUTEX_ATOMICS / / * We define a few additional macros to make things easier / / Relaxed Memory Ordering / #define atomic_store_relaxed(o, v) \ atomic_store_explicit((o), (v), memory_order_relaxed) #define atomic_load_relaxed(o) atomic_load_explicit((o), memory_order_relaxed) #define atomic_fetch_add_relaxed(o, v) \ atomic_fetch_add_explicit((o), (v), memory_order_relaxed) #define atomic_fetch_sub_relaxed(o, v) \ atomic_fetch_sub_explicit((o), (v), memory_order_relaxed) #define atomic_fetch_or_relaxed(o, v) \ atomic_fetch_or_explicit((o), (v), memory_order_relaxed) #define atomic_fetch_and_relaxed(o, v) \ atomic_fetch_and_explicit((o), (v), memory_order_relaxed) #define atomic_exchange_relaxed(o, v) \ atomic_exchange_explicit((o), (v), memory_order_relaxed) #define atomic_compare_exchange_weak_relaxed(o, e, d) \ atomic_compare_exchange_weak_explicit( \ (o), (e), (d), memory_order_relaxed, memory_order_relaxed) #define atomic_compare_exchange_strong_relaxed(o, e, d) \ atomic_compare_exchange_strong_explicit( \ (o), (e), (d), memory_order_relaxed, memory_order_relaxed) #define atomic_compare_exchange_strong_acq_rel(o, e, d) \ atomic_compare_exchange_strong_explicit( \ (o), (e), (d), memory_order_acq_rel, memory_order_acquire) / Acquire-Release Memory Ordering / #define atomic_store_release(o, v) \ atomic_store_explicit((o), (v), memory_order_release) #define atomic_load_acquire(o) atomic_load_explicit((o), memory_order_acquire) #define atomic_fetch_add_release(o, v) \ atomic_fetch_add_explicit((o), (v), memory_order_release) #define atomic_fetch_sub_release(o, v) \ atomic_fetch_sub_explicit((o), (v), memory_order_release) #define atomic_fetch_and_release(o, v) \ atomic_fetch_and_explicit((o), (v), memory_order_release) #define atomic_fetch_or_release(o, v) \ atomic_fetch_or_explicit((o), (v), memory_order_release) #define atomic_exchange_acq_rel(o, v) \ atomic_exchange_explicit((o), (v), memory_order_acq_rel) #define atomic_fetch_sub_acq_rel(o, v) \ atomic_fetch_sub_explicit((o), (v), memory_order_acq_rel) #define atomic_compare_exchange_weak_acq_rel(o, e, d) \ atomic_compare_exchange_weak_explicit( \ (o), (e), (d), memory_order_acq_rel, memory_order_acquire) #define atomic_compare_exchange_strong_acq_rel(o, e, d) \ atomic_compare_exchange_strong_explicit( \ (o), (e), (d), memory_order_acq_rel, memory_order_acquire) ��isc/buffer.h��0000644��00000073641�15125204632�0006757 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_BUFFER_H #define ISC_BUFFER_H 1 /** * Module Info **/ /! \file isc/buffer.h * * \brief A buffer is a region of memory, together with a set of related * subregions. Buffers are used for parsing and I/O operations. * * The 'used region' and the 'available region' are disjoint, and their * union is the buffer's region. The used region extends from the beginning * of the buffer region to the last used byte. The available region * extends from one byte greater than the last used byte to the end of the * buffer's region. The size of the used region can be changed using various * buffer commands. Initially, the used region is empty. * * The used region is further subdivided into two disjoint regions: the * 'consumed region' and the 'remaining region'. The union of these two * regions is the used region. The consumed region extends from the beginning * of the used region to the byte before the 'current' offset (if any). The * 'remaining' region extends from the current offset to the end of the used * region. The size of the consumed region can be changed using various * buffer commands. Initially, the consumed region is empty. * * The 'active region' is an (optional) subregion of the remaining region. * It extends from the current offset to an offset in the remaining region * that is selected with isc_buffer_setactive(). Initially, the active region * is empty. If the current offset advances beyond the chosen offset, the * active region will also be empty. * * \verbatim * /------------entire length---------------\ * /----- used region -----\/-- available --\ * +----------------------------------------+ * \| consumed \| remaining \| \| * +----------------------------------------+ * a b c d e * * a == base of buffer. * b == current pointer. Can be anywhere between a and d. * c == active pointer. Meaningful between b and d. * d == used pointer. * e == length of buffer. * * a-e == entire length of buffer. * a-d == used region. * a-b == consumed region. * b-d == remaining region. * b-c == optional active region. \endverbatim * The following invariants are maintained by all routines: * \code length > 0 * * base is a valid pointer to length bytes of memory * * 0 <= used <= length * * 0 <= current <= used * * 0 <= active <= used * (although active < current implies empty active region) \endcode * \li MP: * Buffers have no synchronization. Clients must ensure exclusive * access. * * \li Reliability: * No anticipated impact. * * \li Resources: * Memory: 1 pointer + 6 unsigned integers per buffer. * * \li Security: * No anticipated impact. * * \li Standards: * None. / / * Imports **/ #include <inttypes.h> #include <stdbool.h> #include <isc/assertions.h> #include <isc/formatcheck.h> #include <isc/lang.h> #include <isc/likely.h> #include <isc/magic.h> #include <isc/types.h> /! * To make many functions be inline macros (via \#define) define this. * If it is undefined, a function will be used. / / #define ISC_BUFFER_USEINLINE / ISC_LANG_BEGINDECLS /@{/ /! * Magic numbers / #define ISC_BUFFER_MAGIC 0x42756621U / Buf!. / #define ISC_BUFFER_VALID(b) ISC_MAGIC_VALID(b, ISC_BUFFER_MAGIC) /@}/ /! * Size granularity for dynamically resizable buffers; when reserving * space in a buffer, we round the allocated buffer length up to the * nearest * multiple of this value. / #define ISC_BUFFER_INCR 2048 / * The following macros MUST be used only on valid buffers. It is the * caller's responsibility to ensure this by using the ISC_BUFFER_VALID * check above, or by calling another isc_buffer_() function (rather than another macro.) / /@{/ /! * Fundamental buffer elements. (A through E in the introductory comment.) / #define isc_buffer_base(b) ((void )(b)->base) /a/ #define isc_buffer_current(b) \ ((void )((unsigned char )(b)->base + (b)->current)) /b/ #define isc_buffer_active(b) \ ((void )((unsigned char )(b)->base + (b)->active)) /c/ #define isc_buffer_used(b) \ ((void )((unsigned char )(b)->base + (b)->used)) /d/ #define isc_buffer_length(b) ((b)->length) /e/ /@}/ /@{/ /! Derived lengths. (Described in the introductory comment.) / #define isc_buffer_usedlength(b) ((b)->used) / d-a / #define isc_buffer_consumedlength(b) ((b)->current) / b-a / #define isc_buffer_remaininglength(b) ((b)->used - (b)->current) / d-b / #define isc_buffer_activelength(b) ((b)->active - (b)->current) / c-b / #define isc_buffer_availablelength(b) ((b)->length - (b)->used) / e-d / /@}/ /! * Note that the buffer structure is public. This is principally so buffer * operations can be implemented using macros. Applications are strongly * discouraged from directly manipulating the structure. / struct isc_buffer { unsigned int magic; void base; /@{/ /! The following integers are byte offsets from 'base'. / unsigned int length; unsigned int used; unsigned int current; unsigned int active; /@}/ /! linkable / ISC_LINK(isc_buffer_t) link; /! private internal elements / isc_mem_t mctx; / automatically realloc buffer at put* / bool autore; }; / * Functions **/ void isc_buffer_allocate(isc_mem_t mctx, isc_buffer_t *dynbuffer, unsigned int length); /!< * \brief Allocate a dynamic linkable buffer which has "length" bytes in the * data region. * * Requires: \li "mctx" is valid. \li "dynbuffer" is non-NULL, and "dynbuffer" is NULL. * * Note: \li Changing the buffer's length field is not permitted. / isc_result_t isc_buffer_reserve(isc_buffer_t *dynbuffer, unsigned int size); /!< * \brief Make "size" bytes of space available in the buffer. The buffer * pointer may move when you call this function. * * Requires: \li "dynbuffer" is not NULL. \li "dynbuffer" is a valid dynamic buffer. * * Returns: \li ISC_R_SUCCESS - success \li ISC_R_NOMEMORY - no memory available * * Ensures: \li "dynbuffer" will be valid on return and will contain all the * original data. However, the buffer pointer may be moved during * reallocation. / void isc_buffer_free(isc_buffer_t dynbuffer); /!< * \brief Release resources allocated for a dynamic buffer. * * Requires: \li "dynbuffer" is not NULL. \li "dynbuffer" is a valid dynamic buffer. * * Ensures: \li "dynbuffer" will be NULL on return, and all memory associated with * the dynamic buffer is returned to the memory context used in * isc_buffer_allocate(). / void isc__buffer_init(isc_buffer_t b, void base, unsigned int length); /!< * \brief Make 'b' refer to the 'length'-byte region starting at base. * * Requires: * \li 'length' > 0 \li 'base' is a pointer to a sequence of 'length' bytes. / void isc__buffer_initnull(isc_buffer_t b); /!< \brief Initialize a buffer 'b' with a null data and zero length/ / void isc_buffer_reinit(isc_buffer_t b, void base, unsigned int length); /!< * \brief Make 'b' refer to the 'length'-byte region starting at base. * Any existing data will be copied. * * Requires: * \li 'length' > 0 AND length >= previous length \li 'base' is a pointer to a sequence of 'length' bytes. / void isc__buffer_invalidate(isc_buffer_t b); /!< \brief Make 'b' an invalid buffer. * * Requires: \li 'b' is a valid buffer. * Ensures: \li If assertion checking is enabled, future attempts to use 'b' without calling isc_buffer_init() on it will cause an assertion failure. / void isc_buffer_setautorealloc(isc_buffer_t b, bool enable); /!< \brief Enable or disable autoreallocation on 'b'. * * Requires: \li 'b' is a valid dynamic buffer (b->mctx != NULL). / void isc__buffer_region(isc_buffer_t b, isc_region_t r); /!< * \brief Make 'r' refer to the region of 'b'. * * Requires: * \li 'b' is a valid buffer. \li 'r' points to a region structure. / void isc__buffer_usedregion(const isc_buffer_t b, isc_region_t r); /!< \brief Make 'r' refer to the used region of 'b'. * * Requires: * \li 'b' is a valid buffer. \li 'r' points to a region structure. / void isc__buffer_availableregion(isc_buffer_t b, isc_region_t r); /!< \brief Make 'r' refer to the available region of 'b'. * * Requires: * \li 'b' is a valid buffer. \li 'r' points to a region structure. / void isc__buffer_add(isc_buffer_t b, unsigned int n); /!< * \brief Increase the 'used' region of 'b' by 'n' bytes. * * Requires: * \li 'b' is a valid buffer \li used + n <= length / void isc__buffer_subtract(isc_buffer_t b, unsigned int n); /!< \brief Decrease the 'used' region of 'b' by 'n' bytes. * * Requires: * \li 'b' is a valid buffer \li used >= n / void isc__buffer_clear(isc_buffer_t b); /!< \brief Make the used region empty. * * Requires: * \li 'b' is a valid buffer * Ensures: * \li used = 0 / void isc__buffer_consumedregion(isc_buffer_t b, isc_region_t r); /!< * \brief Make 'r' refer to the consumed region of 'b'. * * Requires: * \li 'b' is a valid buffer. \li 'r' points to a region structure. / void isc__buffer_remainingregion(isc_buffer_t b, isc_region_t r); /!< \brief Make 'r' refer to the remaining region of 'b'. * * Requires: * \li 'b' is a valid buffer. \li 'r' points to a region structure. / void isc__buffer_activeregion(isc_buffer_t b, isc_region_t r); /!< \brief Make 'r' refer to the active region of 'b'. * * Requires: * \li 'b' is a valid buffer. \li 'r' points to a region structure. / void isc__buffer_setactive(isc_buffer_t b, unsigned int n); /!< * \brief Sets the end of the active region 'n' bytes after current. * * Requires: * \li 'b' is a valid buffer. \li current + n <= used / void isc__buffer_first(isc_buffer_t b); /!< * \brief Make the consumed region empty. * * Requires: * \li 'b' is a valid buffer * Ensures: * \li current == 0 / void isc__buffer_forward(isc_buffer_t b, unsigned int n); /!< \brief Increase the 'consumed' region of 'b' by 'n' bytes. * * Requires: * \li 'b' is a valid buffer \li current + n <= used / void isc__buffer_back(isc_buffer_t b, unsigned int n); /!< \brief Decrease the 'consumed' region of 'b' by 'n' bytes. * * Requires: * \li 'b' is a valid buffer \li n <= current / void isc_buffer_compact(isc_buffer_t b); /!< \brief Compact the used region by moving the remaining region so it occurs * at the start of the buffer. The used region is shrunk by the size of * the consumed region, and the consumed region is then made empty. * * Requires: * \li 'b' is a valid buffer * Ensures: * \li current == 0 \li The size of the used region is now equal to the size of the remaining region (as it was before the call). The contents of the used region * are those of the remaining region (as it was before the call). / uint8_t isc_buffer_getuint8(isc_buffer_t b); /!< \brief Read an unsigned 8-bit integer from 'b' and return it. * * Requires: * \li 'b' is a valid buffer. \li The length of the remaining region of 'b' is at least 1. * Ensures: * \li The current pointer in 'b' is advanced by 1. * Returns: * \li A 8-bit unsigned integer. / void isc__buffer_putuint8(isc_buffer_t b, uint8_t val); /!< * \brief Store an unsigned 8-bit integer from 'val' into 'b'. * * Requires: \li 'b' is a valid buffer. \li The length of the available region of 'b' is at least 1 or the buffer has autoreallocation enabled. * * Ensures: \li The used pointer in 'b' is advanced by 1. / uint16_t isc_buffer_getuint16(isc_buffer_t b); /!< * \brief Read an unsigned 16-bit integer in network byte order from 'b', * convert it to host byte order, and return it. * * Requires: * \li 'b' is a valid buffer. \li The length of the remaining region of 'b' is at least 2. * Ensures: * \li The current pointer in 'b' is advanced by 2. * Returns: * \li A 16-bit unsigned integer. / void isc__buffer_putuint16(isc_buffer_t b, uint16_t val); /!< * \brief Store an unsigned 16-bit integer in host byte order from 'val' * into 'b' in network byte order. * * Requires: \li 'b' is a valid buffer. \li The length of the available region of 'b' is at least 2 or the buffer has autoreallocation enabled. * * Ensures: \li The used pointer in 'b' is advanced by 2. / uint32_t isc_buffer_getuint32(isc_buffer_t b); /!< * \brief Read an unsigned 32-bit integer in network byte order from 'b', * convert it to host byte order, and return it. * * Requires: * \li 'b' is a valid buffer. \li The length of the remaining region of 'b' is at least 4. * Ensures: * \li The current pointer in 'b' is advanced by 4. * Returns: * \li A 32-bit unsigned integer. / void isc__buffer_putuint32(isc_buffer_t b, uint32_t val); /!< * \brief Store an unsigned 32-bit integer in host byte order from 'val' * into 'b' in network byte order. * * Requires: \li 'b' is a valid buffer. \li The length of the available region of 'b' is at least 4 or the buffer has autoreallocation enabled. * * Ensures: \li The used pointer in 'b' is advanced by 4. / uint64_t isc_buffer_getuint48(isc_buffer_t b); /!< * \brief Read an unsigned 48-bit integer in network byte order from 'b', * convert it to host byte order, and return it. * * Requires: * \li 'b' is a valid buffer. \li The length of the remaining region of 'b' is at least 6. * Ensures: * \li The current pointer in 'b' is advanced by 6. * Returns: * \li A 48-bit unsigned integer (stored in a 64-bit integer). / void isc__buffer_putuint48(isc_buffer_t b, uint64_t val); /!< * \brief Store an unsigned 48-bit integer in host byte order from 'val' * into 'b' in network byte order. * * Requires: \li 'b' is a valid buffer. \li The length of the available region of 'b' is at least 6 or the buffer has autoreallocation enabled. * * Ensures: \li The used pointer in 'b' is advanced by 6. / void isc__buffer_putuint24(isc_buffer_t b, uint32_t val); /!< * Store an unsigned 24-bit integer in host byte order from 'val' * into 'b' in network byte order. * * Requires: \li 'b' is a valid buffer. \li The length of the available region of 'b' is at least 3 or the buffer has autoreallocation enabled. * * Ensures: \li The used pointer in 'b' is advanced by 3. / void isc__buffer_putmem(isc_buffer_t b, const unsigned char base, unsigned int length); /!< \brief Copy 'length' bytes of memory at 'base' into 'b'. * * Requires: \li 'b' is a valid buffer. \li 'base' points to 'length' bytes of valid memory. \li The length of the available region of 'b' is at least 'length' or the buffer has autoreallocation enabled. * * Ensures: \li The used pointer in 'b' is advanced by 'length'. / void isc__buffer_putstr(isc_buffer_t b, const char source); /!< \brief Copy 'source' into 'b', not including terminating NUL. * * Requires: \li 'b' is a valid buffer. \li 'source' is a valid NULL terminated string. \li The length of the available region of 'b' is at least strlen('source') or the buffer has autoreallocation enabled. * * Ensures: \li The used pointer in 'b' is advanced by strlen('source'). / void isc_buffer_putdecint(isc_buffer_t b, int64_t v); /!< * \brief Put decimal representation of 'v' in b * * Requires: \li 'b' is a valid buffer. \li The length of the available region of 'b' is at least strlen(dec('v')) or the buffer has autoreallocation enabled. * * Ensures: \li The used pointer in 'b' is advanced by strlen(dec('v')). / isc_result_t isc_buffer_copyregion(isc_buffer_t b, const isc_region_t r); /!< \brief Copy the contents of 'r' into 'b'. * * Notes: \li If 'b' has autoreallocation enabled, and the length of 'r' is greater than the length of the available region of 'b', 'b' is reallocated. * * Requires: \li 'b' is a valid buffer. \li 'r' is a valid region. * Returns: \li ISC_R_SUCCESS \li ISC_R_NOSPACE The available region of 'b' is not * big enough. / isc_result_t isc_buffer_dup(isc_mem_t mctx, isc_buffer_t *dstp, const isc_buffer_t src); /!< \brief Allocate 'dst' and copy used contents of 'src' into it. * * Requires: \li 'dstp' is not NULL and dst is NULL. \li 'src' is a valid buffer. * Returns: \li ISC_R_SUCCESS / isc_result_t isc_buffer_printf(isc_buffer_t b, const char format, ...) ISC_FORMAT_PRINTF(2, 3); /!< \brief Append a formatted string to the used region of 'b'. * * Notes: * \li The 'format' argument is a printf(3) string, with additional arguments as necessary. * \li If 'b' has autoreallocation enabled, and the length of the formatted string is greater than the length of the available region of 'b', 'b' * is reallocated. * * Requires: * \li 'b' is a valid buffer. * Ensures: * \li The used pointer in 'b' is advanced by the number of bytes appended (excluding the terminating NULL byte). * * Returns: * \li #ISC_R_SUCCESS Operation succeeded. \li #ISC_R_NOSPACE 'b' does not allow reallocation and appending the * formatted string to it would cause it to overflow. \li #ISC_R_NOMEMORY Reallocation failed. \li #ISC_R_FAILURE Other error occurred. / ISC_LANG_ENDDECLS / * Inline macro versions of the functions. These should never be called * directly by an application, but will be used by the functions within * buffer.c. The callers should always use "isc_buffer_()" names, never ones beginning with "isc__" / /! \note * XXXDCL Something more could be done with initializing buffers that * point to const data. For example, isc_buffer_constinit() could * set a new boolean flag in the buffer structure indicating whether * the buffer was initialized with that function. * Then if the * boolean were true, the isc_buffer_put* functions could assert a * contractual requirement for a non-const buffer. * * One drawback is that the isc_buffer_* functions (macros) that return * pointers would still need to return non-const pointers to avoid compiler * warnings, so it would be up to code that uses them to have to deal * with the possibility that the buffer was initialized as const -- * a problem that they already have to deal with but have absolutely * no ability to. With a new isc_buffer_isconst() function returning * true/false, they could at least assert a contractual requirement for * non-const buffers when needed. / #define ISC__BUFFER_INIT(_b, _base, _length) \ do { \ (_b)->base = _base; \ (_b)->length = (_length); \ (_b)->used = 0; \ (_b)->current = 0; \ (_b)->active = 0; \ (_b)->mctx = NULL; \ ISC_LINK_INIT(_b, link); \ (_b)->magic = ISC_BUFFER_MAGIC; \ (_b)->autore = false; \ } while (0) #define ISC__BUFFER_INITNULL(_b) ISC__BUFFER_INIT(_b, NULL, 0) #define ISC__BUFFER_INVALIDATE(_b) \ do { \ (_b)->magic = 0; \ (_b)->base = NULL; \ (_b)->length = 0; \ (_b)->used = 0; \ (_b)->current = 0; \ (_b)->active = 0; \ } while (0) #define ISC__BUFFER_REGION(_b, _r) \ do { \ (_r)->base = (_b)->base; \ (_r)->length = (_b)->length; \ } while (0) #define ISC__BUFFER_USEDREGION(_b, _r) \ do { \ (_r)->base = (_b)->base; \ (_r)->length = (_b)->used; \ } while (0) #define ISC__BUFFER_AVAILABLEREGION(_b, _r) \ do { \ (_r)->base = isc_buffer_used(_b); \ (_r)->length = isc_buffer_availablelength(_b); \ } while (0) #define ISC__BUFFER_ADD(_b, _n) \ do { \ (_b)->used += (_n); \ } while (0) #define ISC__BUFFER_SUBTRACT(_b, _n) \ do { \ (_b)->used -= (_n); \ if ((_b)->current > (_b)->used) \ (_b)->current = (_b)->used; \ if ((_b)->active > (_b)->used) \ (_b)->active = (_b)->used; \ } while (0) #define ISC__BUFFER_CLEAR(_b) \ do { \ (_b)->used = 0; \ (_b)->current = 0; \ (_b)->active = 0; \ } while (0) #define ISC__BUFFER_CONSUMEDREGION(_b, _r) \ do { \ (_r)->base = (_b)->base; \ (_r)->length = (_b)->current; \ } while (0) #define ISC__BUFFER_REMAININGREGION(_b, _r) \ do { \ (_r)->base = isc_buffer_current(_b); \ (_r)->length = isc_buffer_remaininglength(_b); \ } while (0) #define ISC__BUFFER_ACTIVEREGION(_b, _r) \ do { \ if ((_b)->current < (_b)->active) { \ (_r)->base = isc_buffer_current(_b); \ (_r)->length = isc_buffer_activelength(_b); \ } else { \ (_r)->base = NULL; \ (_r)->length = 0; \ } \ } while (0) #define ISC__BUFFER_SETACTIVE(_b, _n) \ do { \ (_b)->active = (_b)->current + (_n); \ } while (0) #define ISC__BUFFER_FIRST(_b) \ do { \ (_b)->current = 0; \ } while (0) #define ISC__BUFFER_FORWARD(_b, _n) \ do { \ (_b)->current += (_n); \ } while (0) #define ISC__BUFFER_BACK(_b, _n) \ do { \ (_b)->current -= (_n); \ } while (0) #define ISC__BUFFER_PUTMEM(_b, _base, _length) \ do { \ if (ISC_UNLIKELY((_b)->autore)) { \ isc_buffer_t _tmp = _b; \ ISC_REQUIRE(isc_buffer_reserve(&_tmp, _length) == \ ISC_R_SUCCESS); \ } \ ISC_REQUIRE(isc_buffer_availablelength(_b) >= \ (unsigned int)_length); \ if (_length > 0U) { \ memmove(isc_buffer_used(_b), (_base), (_length)); \ (_b)->used += (_length); \ } \ } while (0) #define ISC__BUFFER_PUTSTR(_b, _source) \ do { \ unsigned int _length; \ unsigned char _cp; \ _length = (unsigned int)strlen(_source); \ if (ISC_UNLIKELY((_b)->autore)) { \ isc_buffer_t _tmp = _b; \ ISC_REQUIRE(isc_buffer_reserve(&_tmp, _length) == \ ISC_R_SUCCESS); \ } \ ISC_REQUIRE(isc_buffer_availablelength(_b) >= _length); \ _cp = isc_buffer_used(_b); \ memmove(_cp, (_source), _length); \ (_b)->used += (_length); \ } while (0) #define ISC__BUFFER_PUTUINT8(_b, _val) \ do { \ unsigned char _cp; \ / evaluate (_val) only once / \ uint8_t _val2 = (_val); \ if (ISC_UNLIKELY((_b)->autore)) { \ isc_buffer_t _tmp = _b; \ ISC_REQUIRE(isc_buffer_reserve(&_tmp, 1) == \ ISC_R_SUCCESS); \ } \ ISC_REQUIRE(isc_buffer_availablelength(_b) >= 1U); \ _cp = isc_buffer_used(_b); \ (_b)->used++; \ _cp[0] = _val2; \ } while (0) #define ISC__BUFFER_PUTUINT16(_b, _val) \ do { \ unsigned char _cp; \ / evaluate (_val) only once / \ uint16_t _val2 = (_val); \ if (ISC_UNLIKELY((_b)->autore)) { \ isc_buffer_t _tmp = _b; \ ISC_REQUIRE(isc_buffer_reserve(&_tmp, 2) == \ ISC_R_SUCCESS); \ } \ ISC_REQUIRE(isc_buffer_availablelength(_b) >= 2U); \ _cp = isc_buffer_used(_b); \ (_b)->used += 2; \ _cp[0] = (unsigned char)(_val2 >> 8); \ _cp[1] = (unsigned char)_val2; \ } while (0) #define ISC__BUFFER_PUTUINT24(_b, _val) \ do { \ unsigned char _cp; \ / evaluate (_val) only once / \ uint32_t _val2 = (_val); \ if (ISC_UNLIKELY((_b)->autore)) { \ isc_buffer_t _tmp = _b; \ ISC_REQUIRE(isc_buffer_reserve(&_tmp, 3) == \ ISC_R_SUCCESS); \ } \ ISC_REQUIRE(isc_buffer_availablelength(_b) >= 3U); \ _cp = isc_buffer_used(_b); \ (_b)->used += 3; \ _cp[0] = (unsigned char)(_val2 >> 16); \ _cp[1] = (unsigned char)(_val2 >> 8); \ _cp[2] = (unsigned char)_val2; \ } while (0) #define ISC__BUFFER_PUTUINT32(_b, _val) \ do { \ unsigned char _cp; \ / evaluate (_val) only once / \ uint32_t _val2 = (_val); \ if (ISC_UNLIKELY((_b)->autore)) { \ isc_buffer_t _tmp = _b; \ ISC_REQUIRE(isc_buffer_reserve(&_tmp, 4) == \ ISC_R_SUCCESS); \ } \ ISC_REQUIRE(isc_buffer_availablelength(_b) >= 4U); \ _cp = isc_buffer_used(_b); \ (_b)->used += 4; \ _cp[0] = (unsigned char)(_val2 >> 24); \ _cp[1] = (unsigned char)(_val2 >> 16); \ _cp[2] = (unsigned char)(_val2 >> 8); \ _cp[3] = (unsigned char)_val2; \ } while (0) #if defined(ISC_BUFFER_USEINLINE) #define isc_buffer_init ISC__BUFFER_INIT #define isc_buffer_initnull ISC__BUFFER_INITNULL #define isc_buffer_invalidate ISC__BUFFER_INVALIDATE #define isc_buffer_region ISC__BUFFER_REGION #define isc_buffer_usedregion ISC__BUFFER_USEDREGION #define isc_buffer_availableregion ISC__BUFFER_AVAILABLEREGION #define isc_buffer_add ISC__BUFFER_ADD #define isc_buffer_subtract ISC__BUFFER_SUBTRACT #define isc_buffer_clear ISC__BUFFER_CLEAR #define isc_buffer_consumedregion ISC__BUFFER_CONSUMEDREGION #define isc_buffer_remainingregion ISC__BUFFER_REMAININGREGION #define isc_buffer_activeregion ISC__BUFFER_ACTIVEREGION #define isc_buffer_setactive ISC__BUFFER_SETACTIVE #define isc_buffer_first ISC__BUFFER_FIRST #define isc_buffer_forward ISC__BUFFER_FORWARD #define isc_buffer_back ISC__BUFFER_BACK #define isc_buffer_putmem ISC__BUFFER_PUTMEM #define isc_buffer_putstr ISC__BUFFER_PUTSTR #define isc_buffer_putuint8 ISC__BUFFER_PUTUINT8 #define isc_buffer_putuint16 ISC__BUFFER_PUTUINT16 #define isc_buffer_putuint24 ISC__BUFFER_PUTUINT24 #define isc_buffer_putuint32 ISC__BUFFER_PUTUINT32 #else /* if defined(ISC_BUFFER_USEINLINE) / #define isc_buffer_init isc__buffer_init #define isc_buffer_initnull isc__buffer_initnull #define isc_buffer_invalidate isc__buffer_invalidate #define isc_buffer_region isc__buffer_region #define isc_buffer_usedregion isc__buffer_usedregion #define isc_buffer_availableregion isc__buffer_availableregion #define isc_buffer_add isc__buffer_add #define isc_buffer_subtract isc__buffer_subtract #define isc_buffer_clear isc__buffer_clear #define isc_buffer_consumedregion isc__buffer_consumedregion #define isc_buffer_remainingregion isc__buffer_remainingregion #define isc_buffer_activeregion isc__buffer_activeregion #define isc_buffer_setactive isc__buffer_setactive #define isc_buffer_first isc__buffer_first #define isc_buffer_forward isc__buffer_forward #define isc_buffer_back isc__buffer_back #define isc_buffer_putmem isc__buffer_putmem #define isc_buffer_putstr isc__buffer_putstr #define isc_buffer_putuint8 isc__buffer_putuint8 #define isc_buffer_putuint16 isc__buffer_putuint16 #define isc_buffer_putuint24 isc__buffer_putuint24 #define isc_buffer_putuint32 isc__buffer_putuint32 #endif / if defined(ISC_BUFFER_USEINLINE) / #define isc_buffer_constinit(_b, _d, _l) \ do { \ union { \ void _var; \ const void _const; \ } _deconst; \ _deconst._const = (_d); \ isc_buffer_init((_b), _deconst._var, (_l)); \ } while (0) / * No inline method for this one (yet). / #define isc_buffer_putuint48 isc__buffer_putuint48 #endif / ISC_BUFFER_H / ��isc/fuzz.h��0000644��00000001121�15125204632�0006464 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_FUZZ_H #define ISC_FUZZ_H typedef enum { isc_fuzz_none, isc_fuzz_client, isc_fuzz_tcpclient, isc_fuzz_resolver, isc_fuzz_http, isc_fuzz_rndc } isc_fuzztype_t; #endif / ISC_FUZZ_H / ��isc/resultclass.h��0000644��00000003075�15125204632�0010044 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_RESULTCLASS_H #define ISC_RESULTCLASS_H 1 /! \file isc/resultclass.h * \brief Registry of Predefined Result Type Classes * * A result class number is an unsigned 16 bit number. Each class may * contain up to 65536 results. A result code is formed by adding the * result number within the class to the class number multiplied by 65536. * * Classes < 1024 are reserved for ISC use. * Result classes >= 1024 and <= 65535 are reserved for application use. / #define ISC_RESULTCLASS_FROMNUM(num) ((num) << 16) #define ISC_RESULTCLASS_TONUM(rclass) ((rclass) >> 16) #define ISC_RESULTCLASS_SIZE 65536 #define ISC_RESULTCLASS_INCLASS(rclass, result) \ ((rclass) == ((result)&0xFFFF0000)) #define ISC_RESULTCLASS_ISC ISC_RESULTCLASS_FROMNUM(0) #define ISC_RESULTCLASS_DNS ISC_RESULTCLASS_FROMNUM(1) #define ISC_RESULTCLASS_DST ISC_RESULTCLASS_FROMNUM(2) #define ISC_RESULTCLASS_DNSRCODE ISC_RESULTCLASS_FROMNUM(3) #define ISC_RESULTCLASS_OMAPI ISC_RESULTCLASS_FROMNUM(4) #define ISC_RESULTCLASS_ISCCC ISC_RESULTCLASS_FROMNUM(5) #define ISC_RESULTCLASS_DHCP ISC_RESULTCLASS_FROMNUM(6) #define ISC_RESULTCLASS_PK11 ISC_RESULTCLASS_FROMNUM(7) #endif / ISC_RESULTCLASS_H / ��isc/stdio.h��0000644��00000003300�15125204632�0006611 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_STDIO_H #define ISC_STDIO_H 1 /! \file isc/stdio.h / /% * These functions are wrappers around the corresponding stdio functions. * * They return a detailed error code in the form of an an isc_result_t. ANSI C * does not guarantee that stdio functions set errno, hence these functions * must use platform dependent methods (e.g., the POSIX errno) to construct the * error code. / #include <stdio.h> #include <isc/lang.h> #include <isc/result.h> ISC_LANG_BEGINDECLS /% Open / isc_result_t isc_stdio_open(const char filename, const char mode, FILE fp); /% Close / isc_result_t isc_stdio_close(FILE f); /% Seek / isc_result_t isc_stdio_seek(FILE f, off_t offset, int whence); /% Tell / isc_result_t isc_stdio_tell(FILE f, off_t offsetp); /% Read / isc_result_t isc_stdio_read(void ptr, size_t size, size_t nmemb, FILE f, size_t nret); /% Write / isc_result_t isc_stdio_write(const void ptr, size_t size, size_t nmemb, FILE f, size_t nret); /% Flush / isc_result_t isc_stdio_flush(FILE f); isc_result_t isc_stdio_sync(FILE f); /%< * Invoke fsync() on the file descriptor underlying an stdio stream, or an * equivalent system-dependent operation. Note that this function has no * direct counterpart in the stdio library. / ISC_LANG_ENDDECLS #endif / ISC_STDIO_H / ��isc/stats.h��0000644��00000015041�15125204632�0006632 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_STATS_H #define ISC_STATS_H 1 /! \file isc/stats.h / #include <inttypes.h> #include <isc/types.h> /% * Statistics counters. Used as isc_statscounter_t values. / enum { /% * Socket statistics counters. / isc_sockstatscounter_udp4open = 0, isc_sockstatscounter_udp6open = 1, isc_sockstatscounter_tcp4open = 2, isc_sockstatscounter_tcp6open = 3, isc_sockstatscounter_unixopen = 4, isc_sockstatscounter_udp4openfail = 5, isc_sockstatscounter_udp6openfail = 6, isc_sockstatscounter_tcp4openfail = 7, isc_sockstatscounter_tcp6openfail = 8, isc_sockstatscounter_unixopenfail = 9, isc_sockstatscounter_udp4close = 10, isc_sockstatscounter_udp6close = 11, isc_sockstatscounter_tcp4close = 12, isc_sockstatscounter_tcp6close = 13, isc_sockstatscounter_unixclose = 14, isc_sockstatscounter_fdwatchclose = 15, isc_sockstatscounter_udp4bindfail = 16, isc_sockstatscounter_udp6bindfail = 17, isc_sockstatscounter_tcp4bindfail = 18, isc_sockstatscounter_tcp6bindfail = 19, isc_sockstatscounter_unixbindfail = 20, isc_sockstatscounter_fdwatchbindfail = 21, isc_sockstatscounter_udp4connect = 22, isc_sockstatscounter_udp6connect = 23, isc_sockstatscounter_tcp4connect = 24, isc_sockstatscounter_tcp6connect = 25, isc_sockstatscounter_unixconnect = 26, isc_sockstatscounter_fdwatchconnect = 27, isc_sockstatscounter_udp4connectfail = 28, isc_sockstatscounter_udp6connectfail = 29, isc_sockstatscounter_tcp4connectfail = 30, isc_sockstatscounter_tcp6connectfail = 31, isc_sockstatscounter_unixconnectfail = 32, isc_sockstatscounter_fdwatchconnectfail = 33, isc_sockstatscounter_tcp4accept = 34, isc_sockstatscounter_tcp6accept = 35, isc_sockstatscounter_unixaccept = 36, isc_sockstatscounter_tcp4acceptfail = 37, isc_sockstatscounter_tcp6acceptfail = 38, isc_sockstatscounter_unixacceptfail = 39, isc_sockstatscounter_udp4sendfail = 40, isc_sockstatscounter_udp6sendfail = 41, isc_sockstatscounter_tcp4sendfail = 42, isc_sockstatscounter_tcp6sendfail = 43, isc_sockstatscounter_unixsendfail = 44, isc_sockstatscounter_fdwatchsendfail = 45, isc_sockstatscounter_udp4recvfail = 46, isc_sockstatscounter_udp6recvfail = 47, isc_sockstatscounter_tcp4recvfail = 48, isc_sockstatscounter_tcp6recvfail = 49, isc_sockstatscounter_unixrecvfail = 50, isc_sockstatscounter_fdwatchrecvfail = 51, isc_sockstatscounter_udp4active = 52, isc_sockstatscounter_udp6active = 53, isc_sockstatscounter_tcp4active = 54, isc_sockstatscounter_tcp6active = 55, isc_sockstatscounter_unixactive = 56, isc_sockstatscounter_rawopen = 57, isc_sockstatscounter_rawopenfail = 58, isc_sockstatscounter_rawclose = 59, isc_sockstatscounter_rawrecvfail = 60, isc_sockstatscounter_rawactive = 61, isc_sockstatscounter_max = 62 }; ISC_LANG_BEGINDECLS /%< * Flag(s) for isc_stats_dump(). / #define ISC_STATSDUMP_VERBOSE 0x00000001 /%< dump 0-value counters / /%< * Dump callback type. / typedef void (isc_stats_dumper_t)(isc_statscounter_t, uint64_t, void ); isc_result_t isc_stats_create(isc_mem_t mctx, isc_stats_t *statsp, int ncounters); /%< * Create a statistics counter structure of general type. It counts a general * set of counters indexed by an ID between 0 and ncounters -1. * * Requires: \li 'mctx' must be a valid memory context. \li 'statsp' != NULL && 'statsp' == NULL. * * Returns: \li ISC_R_SUCCESS -- all ok \li anything else -- failure / void isc_stats_attach(isc_stats_t stats, isc_stats_t statsp); /%< * Attach to a statistics set. * * Requires: \li 'stats' is a valid isc_stats_t. \li 'statsp' != NULL && 'statsp' == NULL / void isc_stats_detach(isc_stats_t statsp); /%< * Detaches from the statistics set. * * Requires: \li 'statsp' != NULL and 'statsp' is a valid isc_stats_t. / int isc_stats_ncounters(isc_stats_t stats); /%< Returns the number of counters contained in stats. * * Requires: \li 'stats' is a valid isc_stats_t. / void isc_stats_increment(isc_stats_t stats, isc_statscounter_t counter); /%< Increment the counter-th counter of stats. * * Requires: \li 'stats' is a valid isc_stats_t. \li counter is less than the maximum available ID for the stats specified on creation. / void isc_stats_decrement(isc_stats_t stats, isc_statscounter_t counter); /%< Decrement the counter-th counter of stats. * * Requires: \li 'stats' is a valid isc_stats_t. / void isc_stats_dump(isc_stats_t stats, isc_stats_dumper_t dump_fn, void arg, unsigned int options); /%< Dump the current statistics counters in a specified way. For each counter * in stats, dump_fn is called with its current value and the given argument * arg. By default counters that have a value of 0 is skipped; if options has * the ISC_STATSDUMP_VERBOSE flag, even such counters are dumped. * * Requires: \li 'stats' is a valid isc_stats_t. / void isc_stats_set(isc_stats_t stats, uint64_t val, isc_statscounter_t counter); /%< * Set the given counter to the specified value. * * Requires: \li 'stats' is a valid isc_stats_t. / void isc_stats_set(isc_stats_t stats, uint64_t val, isc_statscounter_t counter); /%< * Set the given counter to the specified value. * * Requires: \li 'stats' is a valid isc_stats_t. / void isc_stats_update_if_greater(isc_stats_t stats, isc_statscounter_t counter, isc_statscounter_t value); /%< * Atomically assigns 'value' to 'counter' if value > counter. * * Requires: \li 'stats' is a valid isc_stats_t. \li counter is less than the maximum available ID for the stats specified on creation. / isc_statscounter_t isc_stats_get_counter(isc_stats_t stats, isc_statscounter_t counter); /%< Returns value currently stored in counter. * * Requires: \li 'stats' is a valid isc_stats_t. \li counter is less than the maximum available ID for the stats specified on creation. / void isc_stats_resize(isc_stats_t stats, int ncounters); /%< * Resize a statistics counter structure of general type. The new set of * counters are indexed by an ID between 0 and ncounters -1. * * Requires: \li 'stats' is a valid isc_stats_t. \li 'ncounters' is a non-zero positive number. / ISC_LANG_ENDDECLS #endif / ISC_STATS_H / ��isc/barrier.h��0000644��00000002034�15125204632�0007120 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once #include <isc/util.h> #if __SANITIZE_THREAD__ && !defined(WIN32) #include <pthread.h> #define isc_barrier_t pthread_barrier_t #define isc_barrier_init(barrier, count) \ pthread_barrier_init(barrier, NULL, count) #define isc_barrier_destroy(barrier) pthread_barrier_destroy(barrier) #define isc_barrier_wait(barrier) pthread_barrier_wait(barrier) #else #include <uv.h> #define isc_barrier_t uv_barrier_t #define isc_barrier_init(barrier, count) uv_barrier_init(barrier, count) #define isc_barrier_destroy(barrier) uv_barrier_destroy(barrier) #define isc_barrier_wait(barrier) uv_barrier_wait(barrier) #endif / __SANITIZE_THREAD__ / ��isc/portset.h��0000644��00000006336�15125204632�0007203 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! \file isc/portset.h * \brief Transport Protocol Port Manipulation Module * * This module provides simple utilities to handle a set of transport protocol * (UDP or TCP) port numbers, e.g., for creating an ACL list. An isc_portset_t * object is an opaque instance of a port set, for which the user can add or * remove a specific port or a range of consecutive ports. This object is * expected to be used as a temporary work space only, and does not protect * simultaneous access from multiple threads. Therefore it must not be stored * in a place that can be accessed from multiple threads. / #ifndef ISC_PORTSET_H #define ISC_PORTSET_H 1 / * Imports */ #include <stdbool.h> #include <isc/net.h> /* * Functions / ISC_LANG_BEGINDECLS isc_result_t isc_portset_create(isc_mem_t mctx, isc_portset_t *portsetp); /%< * Create a port set and initialize it as an empty set. * * Requires: \li 'mctx' to be valid. \li 'portsetp' to be non NULL and 'portsetp' to be NULL; * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY / void isc_portset_destroy(isc_mem_t mctx, isc_portset_t *portsetp); /%< * Destroy a port set. * * Requires: \li 'mctx' to be valid and must be the same context given when the port set was created. \li 'portsetp' to be a valid set. / bool isc_portset_isset(isc_portset_t portset, in_port_t port); /%< Test whether the given port is stored in the portset. * * Requires: \li 'portset' to be a valid set. * Returns * \li #true if the port is found, false otherwise. / unsigned int isc_portset_nports(isc_portset_t portset); /%< Provides the number of ports stored in the given portset. * * Requires: \li 'portset' to be a valid set. * Returns * \li the number of ports stored in portset. / void isc_portset_add(isc_portset_t portset, in_port_t port); /%< Add the given port to the portset. The port may or may not be stored in * the portset. * * Requires: \li 'portlist' to be valid. / void isc_portset_remove(isc_portset_t portset, in_port_t port); /%< * Remove the given port to the portset. The port may or may not be stored in * the portset. * * Requires: \li 'portlist' to be valid. / void isc_portset_addrange(isc_portset_t portset, in_port_t port_lo, in_port_t port_hi); /%< * Add a subset of [port_lo, port_hi] (inclusive) to the portset. Ports in the * subset may or may not be stored in portset. * * Requires: \li 'portlist' to be valid. \li port_lo <= port_hi / void isc_portset_removerange(isc_portset_t portset, in_port_t port_lo, in_port_t port_hi); /%< Subtract a subset of [port_lo, port_hi] (inclusive) from the portset. Ports * in the subset may or may not be stored in portset. * * Requires: \li 'portlist' to be valid. \li port_lo <= port_hi / ISC_LANG_ENDDECLS #endif / ISC_PORTSET_H / ��isc/likely.h��0000644��00000001544�15125204632�0006770 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_LIKELY_H #define ISC_LIKELY_H 1 /% * Performance / #ifdef CPPCHECK #define ISC_LIKELY(x) (x) #define ISC_UNLIKELY(x) (x) #else / ifdef CPPCHECK / #ifdef HAVE_BUILTIN_EXPECT #define ISC_LIKELY(x) __builtin_expect(!!(x), 1) #define ISC_UNLIKELY(x) __builtin_expect(!!(x), 0) #else / ifdef HAVE_BUILTIN_EXPECT / #define ISC_LIKELY(x) (x) #define ISC_UNLIKELY(x) (x) #endif / ifdef HAVE_BUILTIN_EXPECT / #endif / ifdef CPPCHECK / #endif / ISC_LIKELY_H / ��isc/pool.h��0000644��00000006643�15125204632�0006455 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_OBJPOOL_H #define ISC_OBJPOOL_H 1 /** * Module Info **/ /! \file isc/pool.h * \brief An object pool is a mechanism for sharing a small pool of * fungible objects among a large number of objects that depend on them. * * This is useful, for example, when it causes performance problems for * large number of zones to share a single memory context or task object, * but it would create a different set of problems for them each to have an * independent task or memory context. / / * Imports. */ #include <isc/lang.h> #include <isc/mem.h> #include <isc/types.h> ISC_LANG_BEGINDECLS /* * Types. **/ typedef void (isc_pooldeallocator_t)(void *object); typedef isc_result_t (isc_poolinitializer_t)(void *target, void arg); typedef struct isc_pool isc_pool_t; /*** * Functions. **/ isc_result_t isc_pool_create(isc_mem_t mctx, unsigned int count, isc_pooldeallocator_t free, isc_poolinitializer_t init, void initarg, isc_pool_t poolp); /%< * Create a pool of "count" object pointers. If 'free' is not NULL, * it points to a function that will detach the objects. 'init' * points to a function that will initialize the arguments, and * 'arg' to an argument to be passed into that function (for example, * a relevant manager or context object). * * Requires: * \li 'mctx' is a valid memory context. \li init != NULL \li poolp != NULL && poolp == NULL * * Ensures: * \li On success, 'poolp' points to the new object pool. * * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li #ISC_R_UNEXPECTED / void * isc_pool_get(isc_pool_t pool); /%< * Returns a pointer to an object from the pool. Currently the object * is chosen from the pool at random. (This may be changed in the future * to something that guaratees balance.) / int isc_pool_count(isc_pool_t pool); /%< Returns the number of objcts in the pool 'pool'. / isc_result_t isc_pool_expand(isc_pool_t sourcep, unsigned int count, isc_pool_t targetp); /%< * If 'size' is larger than the number of objects in the pool pointed to by * 'sourcep', then a new pool of size 'count' is allocated, the existing * objects are copied into it, additional ones created to bring the * total number up to 'count', and the resulting pool is attached to * 'targetp'. * * If 'count' is less than or equal to the number of objects in 'source', then * 'sourcep' is attached to 'targetp' without any other action being taken. * * In either case, 'sourcep' is detached. * * Requires: * * \li 'sourcep' is not NULL and 'source' is not NULL \li 'targetp' is not NULL and 'source' is NULL * Ensures: * * \li On success, 'targetp' points to a valid task pool. \li On success, 'sourcep' points to NULL. * Returns: * * \li #ISC_R_SUCCESS * \li #ISC_R_NOMEMORY / void isc_pool_destroy(isc_pool_t poolp); /%< * Destroy a task pool. The tasks in the pool are detached but not * shut down. * * Requires: * \li 'poolp' is a valid task pool. / ISC_LANG_ENDDECLS #endif /* ISC_OBJPOOL_H / ��isc/taskpool.h��0000644��00000006321�15125204632�0007331 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_TASKPOOL_H #define ISC_TASKPOOL_H 1 /** * Module Info **/ /! \file isc/taskpool.h * \brief A task pool is a mechanism for sharing a small number of tasks * among a large number of objects such that each object is * assigned a unique task, but each task may be shared by several * objects. * * Task pools are used to let objects that can exist in large * numbers (e.g., zones) use tasks for synchronization without * the memory overhead and unfair scheduling competition that * could result from creating a separate task for each object. / / * Imports. */ #include <stdbool.h> #include <isc/lang.h> #include <isc/task.h> ISC_LANG_BEGINDECLS /* * Types. */ typedef struct isc_taskpool isc_taskpool_t; /* * Functions. **/ isc_result_t isc_taskpool_create(isc_taskmgr_t tmgr, isc_mem_t mctx, unsigned int ntasks, unsigned int quantum, bool priv, isc_taskpool_t poolp); /%< * Create a task pool of "ntasks" tasks, each with quantum * "quantum". * * Requires: * \li 'tmgr' is a valid task manager. \li 'mctx' is a valid memory context. \li poolp != NULL && poolp == NULL * * Ensures: * \li On success, 'taskp' points to the new task pool. * * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li #ISC_R_UNEXPECTED / void isc_taskpool_gettask(isc_taskpool_t pool, isc_task_t targetp); /%< * Attach to a task from the pool. Currently the next task is chosen * from the pool at random. (This may be changed in the future to * something that guaratees balance.) / int isc_taskpool_size(isc_taskpool_t pool); /%< Returns the number of tasks in the task pool 'pool'. / isc_result_t isc_taskpool_expand(isc_taskpool_t sourcep, unsigned int size, bool priv, isc_taskpool_t targetp); /%< * If 'size' is larger than the number of tasks in the pool pointed to by * 'sourcep', then a new taskpool of size 'size' is allocated, the existing * tasks from are moved into it, additional tasks are created to bring the * total number up to 'size', and the resulting pool is attached to * 'targetp'. * * If 'size' is less than or equal to the tasks in pool 'source', then * 'sourcep' is attached to 'targetp' without any other action being taken. * * In either case, 'sourcep' is detached. * * Requires: * * \li 'sourcep' is not NULL and 'source' is not NULL \li 'targetp' is not NULL and 'source' is NULL * Ensures: * * \li On success, 'targetp' points to a valid task pool. \li On success, 'sourcep' points to NULL. * Returns: * * \li #ISC_R_SUCCESS * \li #ISC_R_NOMEMORY / void isc_taskpool_destroy(isc_taskpool_t poolp); /%< * Destroy a task pool. The tasks in the pool are detached but not * shut down. * * Requires: * \li 'poolp' is a valid task pool. / ISC_LANG_ENDDECLS #endif /* ISC_TASKPOOL_H / ��isc/safe.h��0000644��00000002171�15125204632�0006412 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_SAFE_H #define ISC_SAFE_H 1 /! \file isc/safe.h / #include <isc/lang.h> ISC_LANG_BEGINDECLS int isc_safe_memequal(const void , const void , size_t); /%< * Returns true iff. two blocks of memory are equal, otherwise * false. * / void isc_safe_memwipe(void , size_t); /%< Clear the memory of length `len` pointed to by `ptr`. * * Some crypto code calls memset() on stack allocated buffers just * before return so that they are wiped. Such memset() calls can be * optimized away by the compiler. We provide this external non-inline C * function to perform the memset operation so that the compiler cannot * infer about what the function does and optimize the call away. / ISC_LANG_ENDDECLS #endif / ISC_SAFE_H / ��isc/assertions.h��0000644��00000004263�15125204632�0007672 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! \file isc/assertions.h / #ifndef ISC_ASSERTIONS_H #define ISC_ASSERTIONS_H 1 #include <isc/lang.h> #include <isc/likely.h> #include <isc/platform.h> ISC_LANG_BEGINDECLS /% isc assertion type / typedef enum { isc_assertiontype_require, isc_assertiontype_ensure, isc_assertiontype_insist, isc_assertiontype_invariant } isc_assertiontype_t; typedef void (isc_assertioncallback_t)(const char , int, isc_assertiontype_t, const char ); /* coverity[+kill] / ISC_PLATFORM_NORETURN_PRE void isc_assertion_failed(const char , int, isc_assertiontype_t, const char ) ISC_PLATFORM_NORETURN_POST; void isc_assertion_setcallback(isc_assertioncallback_t); const char isc_assertion_typetotext(isc_assertiontype_t type); #define ISC_REQUIRE(cond) \ ((void)(ISC_LIKELY(cond) \|\| \ ((isc_assertion_failed)(__FILE__, __LINE__, \ isc_assertiontype_require, #cond), \ 0))) #define ISC_ENSURE(cond) \ ((void)(ISC_LIKELY(cond) \|\| \ ((isc_assertion_failed)(__FILE__, __LINE__, \ isc_assertiontype_ensure, #cond), \ 0))) #define ISC_INSIST(cond) \ ((void)(ISC_LIKELY(cond) \|\| \ ((isc_assertion_failed)(__FILE__, __LINE__, \ isc_assertiontype_insist, #cond), \ 0))) #define ISC_INVARIANT(cond) \ ((void)(ISC_LIKELY(cond) \|\| \ ((isc_assertion_failed)(__FILE__, __LINE__, \ isc_assertiontype_invariant, #cond), \ 0))) ISC_LANG_ENDDECLS #endif /* ISC_ASSERTIONS_H / ��isc/mutexatomic.h��0000644��00000023076�15125204632�0010042 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once #include <inttypes.h> #include <stdbool.h> #if HAVE_UCHAR_H #include <uchar.h> #endif / HAVE_UCHAR_H / #include <isc/mutex.h> #include <isc/util.h> #if !defined(__has_feature) #define __has_feature(x) 0 #endif / if !defined(__has_feature) / #if !defined(__has_extension) #define __has_extension(x) __has_feature(x) #endif / if !defined(__has_extension) / #if !defined(__GNUC_PREREQ__) #if defined(__GNUC__) && defined(__GNUC_MINOR__) #define __GNUC_PREREQ__(maj, min) \ ((__GNUC__ << 16) + __GNUC_MINOR__ >= ((maj) << 16) + (min)) #else / if defined(__GNUC__) && defined(__GNUC_MINOR__) / #define __GNUC_PREREQ__(maj, min) 0 #endif / if defined(__GNUC__) && defined(__GNUC_MINOR__) / #endif / if !defined(__GNUC_PREREQ__) / #if !defined(__CLANG_ATOMICS) && !defined(__GNUC_ATOMICS) #if __has_extension(c_atomic) \|\| __has_extension(cxx_atomic) #define __CLANG_ATOMICS #elif __GNUC_PREREQ__(4, 7) #define __GNUC_ATOMICS #elif !defined(__GNUC__) #error "isc/stdatomic.h does not support your compiler" #endif / if __has_extension(c_atomic) \|\| __has_extension(cxx_atomic) / #endif / if !defined(__CLANG_ATOMICS) && !defined(__GNUC_ATOMICS) / #ifndef __ATOMIC_RELAXED #define __ATOMIC_RELAXED 0 #endif / ifndef __ATOMIC_RELAXED / #ifndef __ATOMIC_CONSUME #define __ATOMIC_CONSUME 1 #endif / ifndef __ATOMIC_CONSUME / #ifndef __ATOMIC_ACQUIRE #define __ATOMIC_ACQUIRE 2 #endif / ifndef __ATOMIC_ACQUIRE / #ifndef __ATOMIC_RELEASE #define __ATOMIC_RELEASE 3 #endif / ifndef __ATOMIC_RELEASE / #ifndef __ATOMIC_ACQ_REL #define __ATOMIC_ACQ_REL 4 #endif / ifndef __ATOMIC_ACQ_REL / #ifndef __ATOMIC_SEQ_CST #define __ATOMIC_SEQ_CST 5 #endif / ifndef __ATOMIC_SEQ_CST / enum memory_order { memory_order_relaxed = __ATOMIC_RELAXED, memory_order_consume = __ATOMIC_CONSUME, memory_order_acquire = __ATOMIC_ACQUIRE, memory_order_release = __ATOMIC_RELEASE, memory_order_acq_rel = __ATOMIC_ACQ_REL, memory_order_seq_cst = __ATOMIC_SEQ_CST }; typedef enum memory_order memory_order; #define ___TYPEDEF(type, name, orig) \ typedef struct name { \ isc_mutex_t m; \ orig v; \ } type; #define _TYPEDEF_S(type) ___TYPEDEF(atomic_##type, atomic_##type##_s, type) #define _TYPEDEF_O(type, orig) \ ___TYPEDEF(atomic_##type, atomic_##type##_s, orig) #define _TYPEDEF_T(type) \ ___TYPEDEF(atomic_##type##_t, atomic_##type##_s, type##_t) #ifndef HAVE_UCHAR_H typedef uint_least16_t char16_t; typedef uint_least32_t char32_t; #endif / HAVE_UCHAR_H / _TYPEDEF_S(bool); _TYPEDEF_S(char); _TYPEDEF_O(schar, signed char); _TYPEDEF_O(uchar, unsigned char); _TYPEDEF_S(short); _TYPEDEF_O(ushort, unsigned short); _TYPEDEF_S(int); _TYPEDEF_O(uint, unsigned int); _TYPEDEF_S(long); _TYPEDEF_O(ulong, unsigned long); _TYPEDEF_O(llong, long long); _TYPEDEF_O(ullong, unsigned long long); _TYPEDEF_T(char16); _TYPEDEF_T(char32); _TYPEDEF_T(wchar); _TYPEDEF_T(int_least8); _TYPEDEF_T(uint_least8); _TYPEDEF_T(int_least16); _TYPEDEF_T(uint_least16); _TYPEDEF_T(int_least32); _TYPEDEF_T(uint_least32); _TYPEDEF_T(int_least64); _TYPEDEF_T(uint_least64); _TYPEDEF_T(int_fast8); _TYPEDEF_T(uint_fast8); _TYPEDEF_T(int_fast16); _TYPEDEF_T(uint_fast16); _TYPEDEF_T(int_fast32); _TYPEDEF_T(uint_fast32); _TYPEDEF_T(int_fast64); _TYPEDEF_T(uint_fast64); _TYPEDEF_T(intptr); _TYPEDEF_T(uintptr); _TYPEDEF_T(size); _TYPEDEF_T(ptrdiff); _TYPEDEF_T(intmax); _TYPEDEF_T(uintmax); #undef ___TYPEDEF #undef _TYPEDEF_S #undef _TYPEDEF_T #undef _TYPEDEF_O #define ATOMIC_VAR_INIT(arg) \ { \ .m = PTHREAD_MUTEX_INITIALIZER, .v = arg \ } #define atomic_init(obj, desired) \ { \ isc_mutex_init(&(obj)->m); \ (obj)->v = desired; \ } #define atomic_load_explicit(obj, order) \ ({ \ typeof((obj)->v) ___v; \ REQUIRE(isc_mutex_lock(&(obj)->m) == ISC_R_SUCCESS); \ ___v = (obj)->v; \ REQUIRE(isc_mutex_unlock(&(obj)->m) == ISC_R_SUCCESS); \ ___v; \ }) #define atomic_store_explicit(obj, desired, order) \ { \ REQUIRE(isc_mutex_lock(&(obj)->m) == ISC_R_SUCCESS); \ (obj)->v = desired; \ REQUIRE(isc_mutex_unlock(&(obj)->m) == ISC_R_SUCCESS); \ } #define atomic_fetch_add_explicit(obj, arg, order) \ ({ \ typeof((obj)->v) ___v; \ REQUIRE(isc_mutex_lock(&(obj)->m) == ISC_R_SUCCESS); \ ___v = (obj)->v; \ (obj)->v += arg; \ REQUIRE(isc_mutex_unlock(&(obj)->m) == ISC_R_SUCCESS); \ ___v; \ }) #define atomic_fetch_sub_explicit(obj, arg, order) \ ({ \ typeof((obj)->v) ___v; \ REQUIRE(isc_mutex_lock(&(obj)->m) == ISC_R_SUCCESS); \ ___v = (obj)->v; \ (obj)->v -= arg; \ REQUIRE(isc_mutex_unlock(&(obj)->m) == ISC_R_SUCCESS); \ ___v; \ }) #define atomic_fetch_and_explicit(obj, arg, order) \ ({ \ typeof((obj)->v) ___v; \ REQUIRE(isc_mutex_lock(&(obj)->m) == ISC_R_SUCCESS); \ ___v = (obj)->v; \ (obj)->v &= arg; \ REQUIRE(isc_mutex_unlock(&(obj)->m) == ISC_R_SUCCESS); \ ___v; \ }) #define atomic_fetch_or_explicit(obj, arg, order) \ ({ \ typeof((obj)->v) ___v; \ REQUIRE(isc_mutex_lock(&(obj)->m) == ISC_R_SUCCESS); \ ___v = (obj)->v; \ (obj)->v \|= arg; \ REQUIRE(isc_mutex_unlock(&(obj)->m) == ISC_R_SUCCESS); \ ___v; \ }) #define atomic_compare_exchange_strong_explicit(obj, expected, desired, succ, \ fail) \ ({ \ bool ___v; \ REQUIRE(isc_mutex_lock(&(obj)->m) == ISC_R_SUCCESS); \ ___v = ((obj)->v == expected); \ expected = (obj)->v; \ (obj)->v = ___v ? desired : (obj)->v; \ REQUIRE(isc_mutex_unlock(&(obj)->m) == ISC_R_SUCCESS); \ ___v; \ }) #define atomic_compare_exchange_weak_explicit(obj, expected, desired, succ, \ fail) \ ({ \ bool ___v; \ REQUIRE(isc_mutex_lock(&(obj)->m) == ISC_R_SUCCESS); \ ___v = ((obj)->v == expected); \ expected = (obj)->v; \ (obj)->v = ___v ? desired : (obj)->v; \ REQUIRE(isc_mutex_unlock(&(obj)->m) == ISC_R_SUCCESS); \ ___v; \ }) #define atomic_load(obj) atomic_load_explicit(obj, memory_order_seq_cst) #define atomic_store(obj, arg) \ atomic_store_explicit(obj, arg, memory_order_seq_cst) #define atomic_fetch_add(obj, arg) \ atomic_fetch_add_explicit(obj, arg, memory_order_seq_cst) #define atomic_fetch_sub(obj, arg) \ atomic_fetch_sub_explicit(obj, arg, memory_order_seq_cst) #define atomic_fetch_and(obj, arg) \ atomic_fetch_and_explicit(obj, arg, memory_order_seq_cst) #define atomic_fetch_or(obj, arg) \ atomic_fetch_or_explicit(obj, arg, memory_order_seq_cst) #define atomic_compare_exchange_strong(obj, expected, desired) \ atomic_compare_exchange_strong_explicit(obj, expected, desired, \ memory_order_seq_cst, \ memory_order_seq_cst) #define atomic_compare_exchange_weak(obj, expected, desired) \ atomic_compare_exchange_weak_explicit(obj, expected, desired, \ memory_order_seq_cst, \ memory_order_seq_cst) #define atomic_exchange_explicit(obj, desired, order) \ ({ \ typeof((obj)->v) ___v; \ REQUIRE(isc_mutex_lock(&(obj)->m) == ISC_R_SUCCESS); \ ___v = (obj)->v; \ (obj)->v = desired; \ REQUIRE(isc_mutex_unlock(&(obj)->m) == ISC_R_SUCCESS); \ ___v; \ }) #define atomic_exchange(obj, desired) \ atomic_exchange_explicit(obj, desired, memory_order_seq_cst) ��isc/crc64.h��0000644��00000001746�15125204632�0006424 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_CRC64_H #define ISC_CRC64_H 1 /! \file isc/crc64.h * \brief CRC64 in C / #include <inttypes.h> #include <isc/lang.h> #include <isc/types.h> ISC_LANG_BEGINDECLS void isc_crc64_init(uint64_t crc); /% Initialize a new CRC. * * Requires: * * 'crc' is not NULL. / void isc_crc64_update(uint64_t crc, const void data, size_t len); /% * Add data to the CRC. * * Requires: * * 'crc' is not NULL. * * 'data' is not NULL. / void isc_crc64_final(uint64_t crc); /% Finalize the CRC. * * Requires: * * 'crc' is not NULL. / ISC_LANG_ENDDECLS #endif / ISC_CRC64_H / ��isc/netdb.h��0000644��00000001534�15125204632�0006572 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_NETDB_H #define ISC_NETDB_H 1 /** * Module Info **/ /! \file * \brief * Portable netdb.h support. * * This module is responsible for defining the get<x>by<y> APIs. * * MP: \li No impact. * Reliability: \li No anticipated impact. * Resources: \li N/A. * Security: \li No anticipated impact. * Standards: \li BSD API / /* * Imports. **/ #include <netdb.h> #include <isc/net.h> #endif / ISC_NETDB_H / ��isc/syslog.h��0000644��00000001513�15125204632�0007013 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_SYSLOG_H #define ISC_SYSLOG_H 1 /! \file / #include <isc/lang.h> #include <isc/types.h> ISC_LANG_BEGINDECLS isc_result_t isc_syslog_facilityfromstring(const char str, int facilityp); /%< * Convert 'str' to the appropriate syslog facility constant. * * Requires: * \li 'str' is not NULL \li 'facilityp' is not NULL * * Returns: * \li #ISC_R_SUCCESS * \li #ISC_R_NOTFOUND / ISC_LANG_ENDDECLS #endif / ISC_SYSLOG_H / ��isc/stdtime.h��0000644��00000002560�15125204632�0007147 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_STDTIME_H #define ISC_STDTIME_H 1 /! \file / #include <inttypes.h> #include <stdlib.h> #include <isc/lang.h> /% * It's public information that 'isc_stdtime_t' is an unsigned integral type. * Applications that want maximum portability should not assume anything * about its size. / typedef uint32_t isc_stdtime_t; ISC_LANG_BEGINDECLS / / void isc_stdtime_get(isc_stdtime_t t); /%< Set 't' to the number of seconds since 00:00:00 UTC, January 1, 1970. * * Requires: * \li 't' is a valid pointer. / void isc_stdtime_tostring(isc_stdtime_t t, char out, size_t outlen); / * Convert 't' into a null-terminated string of the form * "Wed Jun 30 21:49:08 1993". Store the string in the 'out' * buffer. * * Requires: * * 't' is a valid time. * 'out' is a valid pointer. * 'outlen' is at least 26. / #define isc_stdtime_convert32(t, t32p) ((t32p) = t) /* * Convert the standard time to its 32-bit version. / ISC_LANG_ENDDECLS #endif / ISC_STDTIME_H / ��isc/socket.h��0000644��00000057070�15125204632�0006774 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_SOCKET_H #define ISC_SOCKET_H 1 /** * Module Info **/ /! \file isc/socket.h * \brief Provides TCP and UDP sockets for network I/O. The sockets are event * sources in the task system. * * When I/O completes, a completion event for the socket is posted to the * event queue of the task which requested the I/O. * * \li MP: * The module ensures appropriate synchronization of data structures it * creates and manipulates. * Clients of this module must not be holding a socket's task's lock when * making a call that affects that socket. Failure to follow this rule * can result in deadlock. * The caller must ensure that isc_socketmgr_destroy() is called only * once for a given manager. * * \li Reliability: * No anticipated impact. * * \li Resources: * TBS * * \li Security: * No anticipated impact. * * \li Standards: * None. / / * Imports */ #include <inttypes.h> #include <stdbool.h> #include <isc/event.h> #include <isc/eventclass.h> #include <isc/lang.h> #include <isc/region.h> #include <isc/sockaddr.h> #include <isc/time.h> #include <isc/types.h> ISC_LANG_BEGINDECLS /* * Constants / /% * Maximum number of buffers in a scatter/gather read/write. The operating * system in use must support at least this number (plus one on some.) / #define ISC_SOCKET_MAXSCATTERGATHER 8 /@{/ /! * Socket options: * * _REUSEADDRESS: Set SO_REUSEADDR prior to calling bind(), * if a non-zero port is specified (applies to * AF_INET and AF_INET6). / typedef enum { ISC_SOCKET_REUSEADDRESS = 0x01U, } isc_socket_options_t; /@}/ /@{/ /! * _ATTACHED: Internal use only. * _TRUNC: Packet was truncated on receive. * _CTRUNC: Packet control information was truncated. This can * indicate that the packet is not complete, even though * all the data is valid. * _TIMESTAMP: The timestamp member is valid. * _PKTINFO: The pktinfo member is valid. * _MULTICAST: The UDP packet was received via a multicast transmission. * _DSCP: The UDP DSCP value is valid. * _USEMINMTU: Set the per packet IPV6_USE_MIN_MTU flag. / typedef enum { ISC_SOCKEVENTATTR_ATTACHED = 0x10000000U, / internal / ISC_SOCKEVENTATTR_TRUNC = 0x00800000U, / public / ISC_SOCKEVENTATTR_CTRUNC = 0x00400000U, / public / ISC_SOCKEVENTATTR_TIMESTAMP = 0x00200000U, / public / ISC_SOCKEVENTATTR_PKTINFO = 0x00100000U, / public / ISC_SOCKEVENTATTR_MULTICAST = 0x00080000U, / public / ISC_SOCKEVENTATTR_DSCP = 0x00040000U, / public / ISC_SOCKEVENTATTR_USEMINMTU = 0x00020000U / public / } isc_sockeventattr_t; /@}/ / * Types **/ struct isc_socketevent { ISC_EVENT_COMMON(isc_socketevent_t); isc_result_t result; /%< OK, EOF, whatever else / unsigned int minimum; /%< minimum i/o for event / unsigned int n; /%< bytes read or written / unsigned int offset; /%< offset into buffer list / isc_region_t region; /%< for single-buffer i/o / isc_sockaddr_t address; /%< source address / isc_time_t timestamp; /%< timestamp of packet recv / struct in6_pktinfo pktinfo; /%< ipv6 pktinfo / isc_sockeventattr_t attributes; /%< see isc_sockeventattr_t * enum / isc_eventdestructor_t destroy; /%< original destructor / unsigned int dscp; /%< UDP dscp value / }; typedef struct isc_socket_newconnev isc_socket_newconnev_t; struct isc_socket_newconnev { ISC_EVENT_COMMON(isc_socket_newconnev_t); isc_socket_t newsocket; isc_result_t result; /%< OK, EOF, whatever else / isc_sockaddr_t address; /%< source address / }; typedef struct isc_socket_connev isc_socket_connev_t; struct isc_socket_connev { ISC_EVENT_COMMON(isc_socket_connev_t); isc_result_t result; /%< OK, EOF, whatever else / }; #define ISC_SOCKEVENT_ANYEVENT (0) #define ISC_SOCKEVENT_RECVDONE (ISC_EVENTCLASS_SOCKET + 1) #define ISC_SOCKEVENT_SENDDONE (ISC_EVENTCLASS_SOCKET + 2) #define ISC_SOCKEVENT_NEWCONN (ISC_EVENTCLASS_SOCKET + 3) #define ISC_SOCKEVENT_CONNECT (ISC_EVENTCLASS_SOCKET + 4) /* * Internal events. / #define ISC_SOCKEVENT_INTR (ISC_EVENTCLASS_SOCKET + 256) #define ISC_SOCKEVENT_INTW (ISC_EVENTCLASS_SOCKET + 257) typedef enum { isc_sockettype_udp = 1, isc_sockettype_tcp = 2, isc_sockettype_unix = 3, isc_sockettype_raw = 4 } isc_sockettype_t; /@{/ /! * How a socket should be shutdown in isc_socket_shutdown() calls. / #define ISC_SOCKSHUT_RECV 0x00000001 /%< close read side / #define ISC_SOCKSHUT_SEND 0x00000002 /%< close write side / #define ISC_SOCKSHUT_ALL 0x00000003 /%< close them all / /@}/ /@{/ /! * What I/O events to cancel in isc_socket_cancel() calls. / #define ISC_SOCKCANCEL_RECV 0x00000001 /%< cancel recv / #define ISC_SOCKCANCEL_SEND 0x00000002 /%< cancel send / #define ISC_SOCKCANCEL_ACCEPT 0x00000004 /%< cancel accept / #define ISC_SOCKCANCEL_CONNECT 0x00000008 /%< cancel connect / #define ISC_SOCKCANCEL_ALL 0x0000000f /%< cancel everything / /@}/ /@{/ /! * Flags for isc_socket_send() and isc_socket_recv() calls. / #define ISC_SOCKFLAG_IMMEDIATE 0x00000001 /%< send event only if needed / #define ISC_SOCKFLAG_NORETRY 0x00000002 /%< drop failed UDP sends / /@}/ / * Socket and Socket Manager Functions * * Note: all Ensures conditions apply only if the result is success for * those functions which return an isc_result. / isc_result_t isc_socket_create(isc_socketmgr_t manager, int pf, isc_sockettype_t type, isc_socket_t *socketp); /%< * Create a new 'type' socket managed by 'manager'. * * Note: * \li 'pf' is the desired protocol family, e.g. PF_INET or PF_INET6. * Requires: * \li 'manager' is a valid manager \li 'socketp' is a valid pointer, and socketp == NULL * * Ensures: * * 'socketp' is attached to the newly created socket * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li #ISC_R_NORESOURCES \li #ISC_R_UNEXPECTED / isc_result_t isc_socket_dup(isc_socket_t sock0, isc_socket_t *socketp); /%< * Duplicate an existing socket, reusing its file descriptor. / void isc_socket_cancel(isc_socket_t sock, isc_task_t task, unsigned int how); /%< * Cancel pending I/O of the type specified by "how". * * Note: if "task" is NULL, then the cancel applies to all tasks using the * socket. * * Requires: * * \li "socket" is a valid socket * * \li "task" is NULL or a valid task * * "how" is a bitmask describing the type of cancellation to perform. * The type ISC_SOCKCANCEL_ALL will cancel all pending I/O on this * socket. * * \li ISC_SOCKCANCEL_RECV: * Cancel pending isc_socket_recv() calls. * * \li ISC_SOCKCANCEL_SEND: * Cancel pending isc_socket_send() and isc_socket_sendto() calls. * * \li ISC_SOCKCANCEL_ACCEPT: * Cancel pending isc_socket_accept() calls. * * \li ISC_SOCKCANCEL_CONNECT: * Cancel pending isc_socket_connect() call. / void isc_socket_shutdown(isc_socket_t sock, unsigned int how); /%< Shutdown 'socket' according to 'how'. * * Requires: * * \li 'socket' is a valid socket. * * \li 'task' is NULL or is a valid task. * * \li If 'how' is 'ISC_SOCKSHUT_RECV' or 'ISC_SOCKSHUT_ALL' then * * The read queue must be empty. * * No further read requests may be made. * * \li If 'how' is 'ISC_SOCKSHUT_SEND' or 'ISC_SOCKSHUT_ALL' then * * The write queue must be empty. * * No further write requests may be made. / void isc_socket_attach(isc_socket_t sock, isc_socket_t *socketp); /%< * Attach socketp to socket. * Requires: * * \li 'socket' is a valid socket. * * \li 'socketp' points to a NULL socket. * * Ensures: * * \li socketp is attached to socket. / void isc_socket_detach(isc_socket_t *socketp); /%< * Detach socketp from its socket. * Requires: * * \li 'socketp' points to a valid socket. * * \li If 'socketp' is the last reference to the socket, then: * * There must be no pending I/O requests. * * Ensures: * * \li socketp is NULL. * \li If 'socketp' is the last reference to the socket, then: * * The socket will be shutdown (both reading and writing) * for all tasks. * * All resources used by the socket have been freed / isc_result_t isc_socket_open(isc_socket_t sock); /%< Open a new socket file descriptor of the given socket structure. It simply * opens a new descriptor; all of the other parameters including the socket * type are inherited from the existing socket. This function is provided to * avoid overhead of destroying and creating sockets when many short-lived * sockets are frequently opened and closed. When the efficiency is not an * issue, it should be safer to detach the unused socket and re-create a new * one. This optimization may not be available for some systems, in which * case this function will return ISC_R_NOTIMPLEMENTED and must not be used. * * Requires: * * \li there must be no other reference to this socket. * * \li 'socket' is a valid and previously closed by isc_socket_close() * * Returns: * Same as isc_socket_create(). * \li ISC_R_NOTIMPLEMENTED / isc_result_t isc_socket_close(isc_socket_t sock); /%< Close a socket file descriptor of the given socket structure. This function * is provided as an alternative to destroying an unused socket when overhead * destroying/re-creating sockets can be significant, and is expected to be * used with isc_socket_open(). This optimization may not be available for some * systems, in which case this function will return ISC_R_NOTIMPLEMENTED and * must not be used. * * Requires: * * \li The socket must have a valid descriptor. * * \li There must be no other reference to this socket. * * \li There must be no pending I/O requests. * * Returns: * \li #ISC_R_NOTIMPLEMENTED / isc_result_t isc_socket_bind(isc_socket_t sock, const isc_sockaddr_t addressp, isc_socket_options_t options); /%< * Bind 'socket' to 'addressp'. * Requires: * * \li 'socket' is a valid socket * * \li 'addressp' points to a valid isc_sockaddr. * * Returns: * * \li ISC_R_SUCCESS * \li ISC_R_NOPERM * \li ISC_R_ADDRNOTAVAIL * \li ISC_R_ADDRINUSE * \li ISC_R_BOUND * \li ISC_R_UNEXPECTED / isc_result_t isc_socket_filter(isc_socket_t sock, const char filter); /%< * Inform the kernel that it should perform accept filtering. * If filter is NULL the current filter will be removed. / isc_result_t isc_socket_listen(isc_socket_t sock, unsigned int backlog); /%< Set listen mode on the socket. After this call, the only function that * can be used (other than attach and detach) is isc_socket_accept(). * * Notes: * * \li 'backlog' is as in the UNIX system call listen() and may be * ignored by non-UNIX implementations. * * \li If 'backlog' is zero, a reasonable system default is used, usually * SOMAXCONN. * * Requires: * * \li 'socket' is a valid, bound TCP socket or a valid, bound UNIX socket. * * Returns: * * \li ISC_R_SUCCESS * \li ISC_R_UNEXPECTED / isc_result_t isc_socket_accept(isc_socket_t sock, isc_task_t task, isc_taskaction_t action, void arg); /%< Queue accept event. When a new connection is received, the task will * get an ISC_SOCKEVENT_NEWCONN event with the sender set to the listen * socket. The new socket structure is sent inside the isc_socket_newconnev_t * event type, and is attached to the task 'task'. * * REQUIRES: * \li 'socket' is a valid TCP socket that isc_socket_listen() was called * on. * * \li 'task' is a valid task * * \li 'action' is a valid action * * RETURNS: * \li ISC_R_SUCCESS * \li ISC_R_NOMEMORY * \li ISC_R_UNEXPECTED / isc_result_t isc_socket_connect(isc_socket_t sock, const isc_sockaddr_t addressp, isc_task_t task, isc_taskaction_t action, void arg); /%< * Connect 'socket' to peer with address saddr. When the connection succeeds, or when an error occurs, a CONNECT event with action 'action' * and arg 'arg' will be posted to the event queue for 'task'. * * Requires: * * \li 'socket' is a valid TCP socket * * \li 'addressp' points to a valid isc_sockaddr * * \li 'task' is a valid task * * \li 'action' is a valid action * * Returns: * * \li ISC_R_SUCCESS * \li ISC_R_NOMEMORY * \li ISC_R_UNEXPECTED * * Posted event's result code: * * \li ISC_R_SUCCESS * \li ISC_R_TIMEDOUT * \li ISC_R_CONNREFUSED * \li ISC_R_NETUNREACH * \li ISC_R_UNEXPECTED / isc_result_t isc_socket_getpeername(isc_socket_t sock, isc_sockaddr_t addressp); /%< * Get the name of the peer connected to 'socket'. * * Requires: * * \li 'socket' is a valid TCP socket. * * Returns: * * \li ISC_R_SUCCESS * \li ISC_R_TOOSMALL * \li ISC_R_UNEXPECTED / isc_result_t isc_socket_getsockname(isc_socket_t sock, isc_sockaddr_t addressp); /%< * Get the name of 'socket'. * * Requires: * * \li 'socket' is a valid socket. * * Returns: * * \li ISC_R_SUCCESS * \li ISC_R_TOOSMALL * \li ISC_R_UNEXPECTED / /@{/ isc_result_t isc_socket_recv(isc_socket_t sock, isc_region_t region, unsigned int minimum, isc_task_t task, isc_taskaction_t action, void arg); isc_result_t isc_socket_recv2(isc_socket_t sock, isc_region_t region, unsigned int minimum, isc_task_t task, isc_socketevent_t event, unsigned int flags); /! * Receive from 'socket', storing the results in region. * * Notes: * \li Let 'length' refer to the length of 'region' or to the sum of all available regions in the list of buffers 'buflist'. \li If 'minimum' is non-zero and at least that many bytes are read, the completion event will be posted to the task 'task.' If minimum * is zero, the exact number of bytes requested in the region must * be read for an event to be posted. This only makes sense for TCP * connections, and is always set to 1 byte for UDP. * \li The read will complete when the desired number of bytes have been read, if end-of-input occurs, or if an error occurs. A read done * event with the given 'action' and 'arg' will be posted to the * event queue of 'task'. * \li The caller may not modify 'region', the buffers which are passed into this function, or any data they refer to until the completion * event is received. * \li For isc_socket_recv2(): 'event' is not NULL, and the non-socket specific fields are * expected to be initialized. * \li For isc_socket_recv2(): The only defined value for 'flags' is ISC_SOCKFLAG_IMMEDIATE. If * set and the operation completes, the return value will be * ISC_R_SUCCESS and the event will be filled in and not sent. If the * operation does not complete, the return value will be * ISC_R_INPROGRESS and the event will be sent when the operation * completes. * * Requires: * \li 'socket' is a valid, bound socket. \li For isc_socket_recv(): 'region' is a valid region * \li For isc_socket_recvv(): 'buflist' is non-NULL, and 'buflist' contain at least one buffer. \li 'task' is a valid task \li For isc_socket_recv() and isc_socket_recvv(): action != NULL and is a valid action * \li For isc_socket_recv2(): event != NULL * * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_INPROGRESS \li #ISC_R_NOMEMORY \li #ISC_R_UNEXPECTED * * Event results: * \li #ISC_R_SUCCESS \li #ISC_R_UNEXPECTED \li XXX needs other net-type errors / /@}/ /@{/ isc_result_t isc_socket_send(isc_socket_t sock, isc_region_t region, isc_task_t task, isc_taskaction_t action, void arg); isc_result_t isc_socket_sendto(isc_socket_t sock, isc_region_t region, isc_task_t task, isc_taskaction_t action, void arg, const isc_sockaddr_t address, struct in6_pktinfo pktinfo); isc_result_t isc_socket_sendto2(isc_socket_t sock, isc_region_t region, isc_task_t task, const isc_sockaddr_t address, struct in6_pktinfo pktinfo, isc_socketevent_t event, unsigned int flags); /! Send the contents of 'region' to the socket's peer. * * Notes: * \li Shutting down the requestor's task may* result in any * still pending writes being dropped or completed, depending on the * underlying OS implementation. * \li If 'action' is NULL, then no completion event will be posted. \li The caller may not modify 'region', the buffers which are passed into this function, or any data they refer to until the completion * event is received. * \li For isc_socket_sendto2(): 'event' is not NULL, and the non-socket specific fields are * expected to be initialized. * \li For isc_socket_sendto2(): The only defined values for 'flags' are ISC_SOCKFLAG_IMMEDIATE * and ISC_SOCKFLAG_NORETRY. * \li If ISC_SOCKFLAG_IMMEDIATE is set and the operation completes, the return value will be ISC_R_SUCCESS and the event will be filled * in and not sent. If the operation does not complete, the return * value will be ISC_R_INPROGRESS and the event will be sent when * the operation completes. * \li ISC_SOCKFLAG_NORETRY can only be set for UDP sockets. If set and the send operation fails due to a transient error, the send * will not be retried and the error will be indicated in the event. * Using this option along with ISC_SOCKFLAG_IMMEDIATE allows the caller * to specify a region that is allocated on the stack. * * Requires: * \li 'socket' is a valid, bound socket. \li For isc_socket_send(): 'region' is a valid region * \li For isc_socket_sendv() and isc_socket_sendtov(): 'buflist' is non-NULL, and 'buflist' contain at least one buffer. \li 'task' is a valid task \li For isc_socket_sendv(), isc_socket_sendtov(), isc_socket_send(), and isc_socket_sendto(): * action == NULL or is a valid action * \li For isc_socket_sendto2(): event != NULL * * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_INPROGRESS \li #ISC_R_NOMEMORY \li #ISC_R_UNEXPECTED * * Event results: * \li #ISC_R_SUCCESS \li #ISC_R_UNEXPECTED \li XXX needs other net-type errors / /@}/ isc_result_t isc_socketmgr_create(isc_mem_t mctx, isc_socketmgr_t managerp); isc_result_t isc_socketmgr_create2(isc_mem_t mctx, isc_socketmgr_t *managerp, unsigned int maxsocks, int nthreads); /%< * Create a socket manager. If "maxsocks" is non-zero, it specifies the * maximum number of sockets that the created manager should handle. * isc_socketmgr_create() is equivalent of isc_socketmgr_create2() with * "maxsocks" being zero. * * Notes: * \li All memory will be allocated in memory context 'mctx'. * Requires: * \li 'mctx' is a valid memory context. \li 'managerp' points to a NULL isc_socketmgr_t. \li 'actx' is a valid application context (for createinctx()). * Ensures: * \li 'managerp' is a valid isc_socketmgr_t. * * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li #ISC_R_UNEXPECTED \li #ISC_R_NOTIMPLEMENTED / isc_result_t isc_socketmgr_getmaxsockets(isc_socketmgr_t manager, unsigned int nsockp); /%< * Returns in "nsockp" the maximum number of sockets this manager may open. * Requires: * \li 'manager' is a valid isc_socketmgr_t. \li 'nsockp' is not NULL. * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_NOTIMPLEMENTED / void isc_socketmgr_setstats(isc_socketmgr_t manager, isc_stats_t stats); /%< * Set a general socket statistics counter set 'stats' for 'manager'. * * Requires: * \li 'manager' is valid, hasn't opened any socket, and doesn't have * stats already set. * \li stats is a valid statistics supporting socket statistics counters (see above). / void isc_socketmgr_destroy(isc_socketmgr_t managerp); /%< * Destroy a socket manager. * * Notes: * \li This routine blocks until there are no sockets left in the manager, so if the caller holds any socket references using the manager, it * must detach them before calling isc_socketmgr_destroy() or it will * block forever. * * Requires: * \li 'managerp' is a valid isc_socketmgr_t. * \li All sockets managed by this manager are fully detached. * Ensures: * \li managerp == NULL * \li All resources used by the manager have been freed. / isc_sockettype_t isc_socket_gettype(isc_socket_t sock); /%< * Returns the socket type for "sock." * * Requires: * \li "sock" is a valid socket. / /@{/ void isc_socket_ipv6only(isc_socket_t sock, bool yes); /%< * If the socket is an IPv6 socket set/clear the IPV6_IPV6ONLY socket * option if the host OS supports this option. * * Requires: \li 'sock' is a valid socket. / /@}/ void isc_socket_dscp(isc_socket_t sock, isc_dscp_t dscp); /%< * Sets the Differentiated Services Code Point (DSCP) field for packets * transmitted on this socket. If 'dscp' is -1, return immediately. * * Requires: \li 'sock' is a valid socket. / isc_socketevent_t * isc_socket_socketevent(isc_mem_t mctx, void sender, isc_eventtype_t eventtype, isc_taskaction_t action, void arg); /%< * Get a isc_socketevent_t to be used with isc_socket_sendto2(), etc. / void isc_socket_cleanunix(const isc_sockaddr_t addr, bool active); /%< Cleanup UNIX domain sockets in the file-system. If 'active' is true * then just unlink the socket. If 'active' is false try to determine * if there is a listener of the socket or not. If no listener is found * then unlink socket. * * Prior to unlinking the path is tested to see if it a socket. * * Note: there are a number of race conditions which cannot be avoided * both in the filesystem and any application using UNIX domain * sockets (e.g. socket is tested between bind() and listen(), * the socket is deleted and replaced in the file-system between * stat() and unlink()). / isc_result_t isc_socket_permunix(const isc_sockaddr_t sockaddr, uint32_t perm, uint32_t owner, uint32_t group); /%< Set ownership and file permissions on the UNIX domain socket. * * Note: On Solaris this secures the directory containing * the socket as Solaris do not honour the filesystem * permissions on the socket. * * Requires: * \li 'sockaddr' to be a valid UNIX domain sockaddr. * * Returns: * \li #ISC_R_SUCCESS * \li #ISC_R_FAILURE / void isc_socket_setname(isc_socket_t socket, const char name, void tag); /%< Set the name and optional tag for a socket. This allows tracking of the * owner or purpose for this socket, and is useful for tracing and statistics * reporting. / const char isc_socket_getname(isc_socket_t socket); /%< * Get the name associated with a socket, if any. / void isc_socket_gettag(isc_socket_t socket); /%< * Get the tag associated with a socket, if any. / int isc_socket_getfd(isc_socket_t socket); /%< Get the file descriptor associated with a socket / void isc_socketmgr_setreserved(isc_socketmgr_t mgr, uint32_t); /%< Temporary. For use by named only. / void isc_socketmgr_maxudp(isc_socketmgr_t mgr, unsigned int maxudp); /%< Test interface. Drop UDP packet > 'maxudp'. / bool isc_socket_hasreuseport(void); /%< * Return true if there is SO_REUSEPORT support / #ifdef HAVE_LIBXML2 int isc_socketmgr_renderxml(isc_socketmgr_t mgr, void writer0); /%< * Render internal statistics and other state into the XML document. / #endif / HAVE_LIBXML2 / #ifdef HAVE_JSON_C isc_result_t isc_socketmgr_renderjson(isc_socketmgr_t mgr, void stats0); /%< * Render internal statistics and other state into JSON format. / #endif / HAVE_JSON_C / /%< * See isc_socketmgr_create() above. / typedef isc_result_t (isc_socketmgrcreatefunc_t)(isc_mem_t mctx, isc_socketmgr_t managerp); ISC_LANG_ENDDECLS #endif / ISC_SOCKET_H / ��isc/stat.h��0000644��00000001443�15125204632�0006450 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_STAT_H #define ISC_STAT_H 1 /** * Module Info **/ / * Portable <sys/stat.h> support. * * This module is responsible for defining S_IS??? macros. * * MP: * No impact. * * Reliability: * No anticipated impact. * * Resources: * N/A. * * Security: * No anticipated impact. * / / * Imports. **/ #include <sys/stat.h> #include <sys/types.h> #endif / ISC_STAT_H / ��isc/refcount.h��0000644��00000011757�15125204632�0007333 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once #include <inttypes.h> #include <isc/assertions.h> #include <isc/atomic.h> #include <isc/error.h> #include <isc/lang.h> #include <isc/mutex.h> #include <isc/platform.h> #include <isc/types.h> /! \file isc/refcount.h * \brief Implements a locked reference counter. * * These macros uses C11(-like) atomic functions to implement reference * counting. The isc_refcount_t type must not be accessed directly. / ISC_LANG_BEGINDECLS typedef atomic_uint_fast32_t isc_refcount_t; /* \def isc_refcount_init(ref, n) * \brief Initialize the reference counter. * \param[in] ref pointer to reference counter. * \param[in] n an initial number of references. * \return nothing. * * \warning No memory barrier are being imposed here. / #define isc_refcount_init(target, value) atomic_init(target, value) /* \def isc_refcount_current(ref) * \brief Returns current number of references. * \param[in] ref pointer to reference counter. * \returns current value of reference counter. * * Undo implicit promotion to 64 bits in our Windows implementation of * atomic_load_explicit() by casting to uint_fast32_t. / #define isc_refcount_current(target) (uint_fast32_t) atomic_load_acquire(target) /* \def isc_refcount_destroy(ref) * \brief a destructor that makes sure that all references were cleared. * \param[in] ref pointer to reference counter. * \returns nothing. / #define isc_refcount_destroy(target) \ ISC_REQUIRE(isc_refcount_current(target) == 0) /* \def isc_refcount_increment0(ref) * \brief increases reference counter by 1. * \param[in] ref pointer to reference counter. * \returns previous value of reference counter. / #if _MSC_VER static inline uint_fast32_t isc_refcount_increment0(isc_refcount_t target) { uint_fast32_t __v; __v = (uint_fast32_t)atomic_fetch_add_relaxed(target, 1); INSIST(__v < UINT32_MAX); return (__v); } #else /* _MSC_VER / #define isc_refcount_increment0(target) \ ({ \ / cppcheck-suppress shadowVariable / \ uint_fast32_t __v; \ __v = atomic_fetch_add_relaxed(target, 1); \ INSIST(__v < UINT32_MAX); \ __v; \ }) #endif / _MSC_VER / /* \def isc_refcount_increment(ref) * \brief increases reference counter by 1. * \param[in] ref pointer to reference counter. * \returns previous value of reference counter. / #if _MSC_VER static inline uint_fast32_t isc_refcount_increment(isc_refcount_t target) { uint_fast32_t __v; __v = (uint_fast32_t)atomic_fetch_add_relaxed(target, 1); INSIST(__v > 0 && __v < UINT32_MAX); return (__v); } #else /* _MSC_VER / #define isc_refcount_increment(target) \ ({ \ / cppcheck-suppress shadowVariable / \ uint_fast32_t __v; \ __v = atomic_fetch_add_relaxed(target, 1); \ INSIST(__v > 0 && __v < UINT32_MAX); \ __v; \ }) #endif / _MSC_VER / /* \def isc_refcount_decrement(ref) * \brief decreases reference counter by 1. * \param[in] ref pointer to reference counter. * \returns previous value of reference counter. / #if _MSC_VER static inline uint_fast32_t isc_refcount_decrement(isc_refcount_t target) { uint_fast32_t __v; __v = (uint_fast32_t)atomic_fetch_sub_acq_rel(target, 1); INSIST(__v > 0); return (__v); } #else /* _MSC_VER / #define isc_refcount_decrement(target) \ ({ \ / cppcheck-suppress shadowVariable / \ uint_fast32_t __v; \ __v = atomic_fetch_sub_acq_rel(target, 1); \ INSIST(__v > 0); \ __v; \ }) #endif / _MSC_VER / #define isc_refcount_decrementz(target) \ do { \ uint_fast32_t _refs = isc_refcount_decrement(target); \ ISC_INSIST(_refs == 1); \ } while (0) #define isc_refcount_decrement1(target) \ do { \ uint_fast32_t _refs = isc_refcount_decrement(target); \ ISC_INSIST(_refs > 1); \ } while (0) #define isc_refcount_decrement0(target) \ do { \ uint_fast32_t _refs = isc_refcount_decrement(target); \ ISC_INSIST(_refs > 0); \ } while (0) ISC_LANG_ENDDECLS ��isc/event.h��0000644��00000006562�15125204632�0006625 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_EVENT_H #define ISC_EVENT_H 1 /! \file isc/event.h / #include <isc/lang.h> #include <isc/types.h> /** * Events. **/ typedef void (isc_eventdestructor_t)(isc_event_t ); #define ISC_EVENT_COMMON(ltype) \ size_t ev_size; \ unsigned int ev_attributes; \ void ev_tag; \ isc_eventtype_t ev_type; \ isc_taskaction_t ev_action; \ void ev_arg; \ void ev_sender; \ isc_eventdestructor_t ev_destroy; \ void ev_destroy_arg; \ ISC_LINK(ltype) ev_link; \ ISC_LINK(ltype) ev_ratelink /% * Attributes matching a mask of 0x000000ff are reserved for the task library's * definition. Attributes of 0xffffff00 may be used by the application * or non-ISC libraries. / #define ISC_EVENTATTR_NOPURGE 0x00000001 /% * The ISC_EVENTATTR_CANCELED attribute is intended to indicate * that an event is delivered as a result of a canceled operation * rather than successful completion, by mutual agreement * between the sender and receiver. It is not set or used by * the task system. / #define ISC_EVENTATTR_CANCELED 0x00000002 #define ISC_EVENT_INIT(event, sz, at, ta, ty, ac, ar, sn, df, da) \ do { \ (event)->ev_size = (sz); \ (event)->ev_attributes = (at); \ (event)->ev_tag = (ta); \ (event)->ev_type = (ty); \ (event)->ev_action = (ac); \ (event)->ev_arg = (ar); \ (event)->ev_sender = (sn); \ (event)->ev_destroy = (df); \ (event)->ev_destroy_arg = (da); \ ISC_LINK_INIT((event), ev_link); \ ISC_LINK_INIT((event), ev_ratelink); \ } while (0) /% * This structure is public because "subclassing" it may be useful when * defining new event types. / struct isc_event { ISC_EVENT_COMMON(struct isc_event); }; #define ISC_EVENTTYPE_FIRSTEVENT 0x00000000 #define ISC_EVENTTYPE_LASTEVENT 0xffffffff #define ISC_EVENT_PTR(p) ((isc_event_t )(void )(p)) ISC_LANG_BEGINDECLS isc_event_t * isc_event_allocate(isc_mem_t mctx, void sender, isc_eventtype_t type, isc_taskaction_t action, void arg, size_t size); isc_event_t isc_event_constallocate(isc_mem_t mctx, void sender, isc_eventtype_t type, isc_taskaction_t action, const void arg, size_t size); /%< * Allocate an event structure. * * Allocate and initialize in a structure with initial elements * defined by: * * \code * struct { * ISC_EVENT_COMMON(struct isc_event); * ... * }; * \endcode * * Requires: \li 'size' >= sizeof(struct isc_event) \li 'action' to be non NULL * * Returns: \li a pointer to a initialized structure of the requested size. \li NULL if unable to allocate memory. / void isc_event_free(isc_event_t ); ISC_LANG_ENDDECLS #endif / ISC_EVENT_H / ��isc/symtab.h��0000644��00000010345�15125204632�0006775 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_SYMTAB_H #define ISC_SYMTAB_H 1 /** * Module Info **/ /! \file isc/symtab.h * \brief Provides a simple memory-based symbol table. * * Keys are C strings, and key comparisons are case-insensitive. A type may * be specified when looking up, defining, or undefining. A type value of * 0 means "match any type"; any other value will only match the given * type. * * It's possible that a client will attempt to define a <key, type, value> * tuple when a tuple with the given key and type already exists in the table. * What to do in this case is specified by the client. Possible policies are: * \li #isc_symexists_reject Disallow the define, returning #ISC_R_EXISTS \li #isc_symexists_replace Replace the old value with the new. The * undefine action (if provided) will be called * with the old <key, type, value> tuple. \li #isc_symexists_add Add the new tuple, leaving the old tuple in the table. Subsequent lookups will retrieve * the most-recently-defined tuple. * * A lookup of a key using type 0 will return the most-recently defined * symbol with that key. An undefine of a key using type 0 will undefine the * most-recently defined symbol with that key. Trying to define a key with * type 0 is illegal. * * The symbol table library does not make a copy the key field, so the * caller must ensure that any key it passes to isc_symtab_define() will not * change until it calls isc_symtab_undefine() or isc_symtab_destroy(). * * A user-specified action will be called (if provided) when a symbol is * undefined. It can be used to free memory associated with keys and/or * values. * * A symbol table is implemented as a hash table of lists; the size of the * hash table is set by the 'size' parameter to isc_symtbl_create(). When * the number of entries in the symbol table reaches three quarters of this * value, the hash table is reallocated with size doubled, in order to * optimize lookup performance. This has a negative effect on insertion * performance, which can be mitigated by sizing the table appropriately * when creating it. * * \li MP: * The callers of this module must ensure any required synchronization. * * \li Reliability: * No anticipated impact. * * \li Resources: * TBS * * \li Security: * No anticipated impact. * * \li Standards: * None. / / * Imports. **/ #include <stdbool.h> #include <isc/lang.h> #include <isc/types.h> / * Symbol Tables. / /% Symbol table value. / typedef union isc_symvalue { void as_pointer; const void as_cpointer; int as_integer; unsigned int as_uinteger; } isc_symvalue_t; typedef void (isc_symtabaction_t)(char key, unsigned int type, isc_symvalue_t value, void userarg); /% Symbol table exists. / typedef enum { isc_symexists_reject = 0, /%< Disallow the define / isc_symexists_replace = 1, /%< Replace the old value with the new / isc_symexists_add = 2 /%< Add the new tuple / } isc_symexists_t; ISC_LANG_BEGINDECLS /% Create a symbol table. / isc_result_t isc_symtab_create(isc_mem_t mctx, unsigned int size, isc_symtabaction_t undefine_action, void undefine_arg, bool case_sensitive, isc_symtab_t *symtabp); /% Destroy a symbol table. / void isc_symtab_destroy(isc_symtab_t symtabp); /% Lookup a symbol table. / isc_result_t isc_symtab_lookup(isc_symtab_t symtab, const char key, unsigned int type, isc_symvalue_t value); /% Define a symbol table. / isc_result_t isc_symtab_define(isc_symtab_t symtab, const char key, unsigned int type, isc_symvalue_t value, isc_symexists_t exists_policy); /% Undefine a symbol table. / isc_result_t isc_symtab_undefine(isc_symtab_t symtab, const char key, unsigned int type); /% Return the number of items in a symbol table. / unsigned int isc_symtab_count(isc_symtab_t symtab); ISC_LANG_ENDDECLS #endif / ISC_SYMTAB_H / ��isc/rwlock.h��0000644��00000004747�15125204632�0007010 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_RWLOCK_H #define ISC_RWLOCK_H 1 #include <inttypes.h> /! \file isc/rwlock.h / #include <isc/atomic.h> #include <isc/condition.h> #include <isc/lang.h> #include <isc/platform.h> #include <isc/types.h> ISC_LANG_BEGINDECLS typedef enum { isc_rwlocktype_none = 0, isc_rwlocktype_read, isc_rwlocktype_write } isc_rwlocktype_t; #if USE_PTHREAD_RWLOCK #include <pthread.h> struct isc_rwlock { pthread_rwlock_t rwlock; atomic_bool downgrade; }; #else / USE_PTHREAD_RWLOCK / struct isc_rwlock { / Unlocked. / unsigned int magic; isc_mutex_t lock; atomic_int_fast32_t spins; / * When some atomic instructions with hardware assistance are * available, rwlock will use those so that concurrent readers do not * interfere with each other through mutex as long as no writers * appear, massively reducing the lock overhead in the typical case. * * The basic algorithm of this approach is the "simple * writer-preference lock" shown in the following URL: * http://www.cs.rochester.edu/u/scott/synchronization/pseudocode/rw.html * but our implementation does not rely on the spin lock unlike the * original algorithm to be more portable as a user space application. / / Read or modified atomically. / atomic_int_fast32_t write_requests; atomic_int_fast32_t write_completions; atomic_int_fast32_t cnt_and_flag; / Locked by lock. / isc_condition_t readable; isc_condition_t writeable; unsigned int readers_waiting; / Locked by rwlock itself. / atomic_uint_fast32_t write_granted; / Unlocked. / unsigned int write_quota; }; #endif / USE_PTHREAD_RWLOCK / void isc_rwlock_init(isc_rwlock_t rwl, unsigned int read_quota, unsigned int write_quota); isc_result_t isc_rwlock_lock(isc_rwlock_t rwl, isc_rwlocktype_t type); isc_result_t isc_rwlock_trylock(isc_rwlock_t rwl, isc_rwlocktype_t type); isc_result_t isc_rwlock_unlock(isc_rwlock_t rwl, isc_rwlocktype_t type); isc_result_t isc_rwlock_tryupgrade(isc_rwlock_t rwl); void isc_rwlock_downgrade(isc_rwlock_t rwl); void isc_rwlock_destroy(isc_rwlock_t rwl); ISC_LANG_ENDDECLS #endif /* ISC_RWLOCK_H / ��isc/parseint.h��0000644��00000003005�15125204632�0007316 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_PARSEINT_H #define ISC_PARSEINT_H 1 #include <inttypes.h> #include <isc/lang.h> #include <isc/types.h> /! \file isc/parseint.h * \brief Parse integers, in a saner way than atoi() or strtoul() do. / / * Functions **/ ISC_LANG_BEGINDECLS isc_result_t isc_parse_uint32(uint32_t uip, const char string, int base); isc_result_t isc_parse_uint16(uint16_t uip, const char string, int base); isc_result_t isc_parse_uint8(uint8_t uip, const char string, int base); /%< * Parse the null-terminated string 'string' containing a base 'base' * integer, storing the result in 'uip'. The base is interpreted * as in strtoul(). Unlike strtoul(), leading whitespace, minus or * plus signs are not accepted, and all errors (including overflow) * are reported uniformly through the return value. * * Requires: \li 'string' points to a null-terminated string \li 0 <= 'base' <= 36 * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_BADNUMBER The string is not numeric (in the given base) \li #ISC_R_RANGE The number is not representable as the requested type. / ISC_LANG_ENDDECLS #endif /* ISC_PARSEINT_H / ��isc/base32.h��0000644��00000010545�15125204632�0006557 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_BASE32_H #define ISC_BASE32_H 1 /! \file / / * Routines for manipulating base 32 and base 32 hex encoded data. * Based on RFC 4648. * * Base 32 hex preserves the sort order of data when it is encoded / * decoded. * * Base 32 hex "np" is base 32 hex but no padding is produced or accepted. / #include <isc/lang.h> #include <isc/types.h> ISC_LANG_BEGINDECLS / * Functions **/ isc_result_t isc_base32_totext(isc_region_t source, int wordlength, const char wordbreak, isc_buffer_t target); isc_result_t isc_base32hex_totext(isc_region_t source, int wordlength, const char wordbreak, isc_buffer_t target); isc_result_t isc_base32hexnp_totext(isc_region_t source, int wordlength, const char wordbreak, isc_buffer_t target); /!< \brief Convert data into base32 encoded text. * * Notes: \li The base32 encoded text in 'target' will be divided into words of at most 'wordlength' characters, separated by * the 'wordbreak' string. No parentheses will surround * the text. * * Requires: \li 'source' is a region containing binary data \li 'target' is a text buffer containing available space \li 'wordbreak' points to a null-terminated string of zero or more whitespace characters * * Ensures: \li target will contain the base32 encoded version of the data in source. The 'used' pointer in target will be advanced as * necessary. / isc_result_t isc_base32_decodestring(const char cstr, isc_buffer_t target); isc_result_t isc_base32hex_decodestring(const char cstr, isc_buffer_t target); isc_result_t isc_base32hexnp_decodestring(const char cstr, isc_buffer_t target); /!< * \brief Decode a null-terminated string in base32, base32hex, or * base32hex non-padded. * * Requires: \li 'cstr' is non-null. \li 'target' is a valid buffer. * * Returns: \li #ISC_R_SUCCESS -- the entire decoded representation of 'cstring' fit in 'target'. \li #ISC_R_BADBASE32 -- 'cstr' is not a valid base32 encoding. * Other error returns are any possible error code from: \li isc_lex_create(), \li isc_lex_openbuffer(), \li isc_base32_tobuffer(). / isc_result_t isc_base32_tobuffer(isc_lex_t lexer, isc_buffer_t target, int length); isc_result_t isc_base32hex_tobuffer(isc_lex_t lexer, isc_buffer_t target, int length); isc_result_t isc_base32hexnp_tobuffer(isc_lex_t lexer, isc_buffer_t target, int length); /!< \brief Convert text encoded in base32, base32hex, or base32hex * non-padded from a lexer context into `target`. If 'length' is * non-negative, it is the expected number of encoded octets to convert. * * If 'length' is -1 then 0 or more encoded octets are expected. * If 'length' is -2 then 1 or more encoded octets are expected. * * Returns: \li #ISC_R_BADBASE32 -- invalid base32 encoding. \li #ISC_R_UNEXPECTEDEND: the text does not contain the expected * number of encoded octets. * * Requires: \li 'lexer' is a valid lexer context \li 'target' is a buffer containing binary data \li 'length' is -2, -1, or non-negative * Ensures: \li target will contain the data represented by the base32 encoded string parsed by the lexer. No more than `length` octets will * be read, if `length` is non-negative. The 'used' pointer in * 'target' will be advanced as necessary. / isc_result_t isc_base32_decoderegion(isc_region_t source, isc_buffer_t target); isc_result_t isc_base32hex_decoderegion(isc_region_t source, isc_buffer_t target); isc_result_t isc_base32hexnp_decoderegion(isc_region_t source, isc_buffer_t target); /!< * \brief Decode a packed (no white space permitted) region in * base32, base32hex or base32hex non-padded. * * Requires: \li 'source' is a valid region. \li 'target' is a valid buffer. * * Returns: \li #ISC_R_SUCCESS -- the entire decoded representation of 'cstring' fit in 'target'. \li #ISC_R_BADBASE32 -- 'source' is not a valid base32 encoding. / ISC_LANG_ENDDECLS #endif /* ISC_BASE32_H / ��isc/iterated_hash.h��0000644��00000001645�15125204632�0010305 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once #include <isc/lang.h> / * The maximal hash length that can be encoded in a name * using base32hex. floor(255/8)5 / #define NSEC3_MAX_HASH_LENGTH 155 /* * The maximum has that can be encoded in a single label using * base32hex. floor(63/8)5 / #define NSEC3_MAX_LABEL_HASH 35 ISC_LANG_BEGINDECLS int isc_iterated_hash(unsigned char out, const unsigned int hashalg, const int iterations, const unsigned char salt, const int saltlength, const unsigned char in, const int inlength); ISC_LANG_ENDDECLS ��isc/error.h��0000644��00000002632�15125204632�0006627 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_ERROR_H #define ISC_ERROR_H 1 /! \file isc/error.h / #include <stdarg.h> #include <isc/formatcheck.h> #include <isc/lang.h> #include <isc/likely.h> #include <isc/platform.h> ISC_LANG_BEGINDECLS typedef void (isc_errorcallback_t)(const char , int, const char , va_list); /% set unexpected error / void isc_error_setunexpected(isc_errorcallback_t); /% set fatal error / void isc_error_setfatal(isc_errorcallback_t); /% unexpected error / void isc_error_unexpected(const char , int, const char , ...) ISC_FORMAT_PRINTF(3, 4); /% fatal error / ISC_PLATFORM_NORETURN_PRE void isc_error_fatal(const char , int, const char , ...) ISC_FORMAT_PRINTF(3, 4) ISC_PLATFORM_NORETURN_POST; /% runtimecheck error / ISC_PLATFORM_NORETURN_PRE void isc_error_runtimecheck(const char , int, const char ) ISC_PLATFORM_NORETURN_POST; #define ISC_ERROR_RUNTIMECHECK(cond) \ ((void)(ISC_LIKELY(cond) \|\| \ ((isc_error_runtimecheck)(__FILE__, __LINE__, #cond), 0))) ISC_LANG_ENDDECLS #endif /* ISC_ERROR_H / ��isc/mutexblock.h��0000644��00000002212�15125204632�0007645 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_MUTEXBLOCK_H #define ISC_MUTEXBLOCK_H 1 /! \file isc/mutexblock.h / #include <isc/lang.h> #include <isc/mutex.h> #include <isc/types.h> ISC_LANG_BEGINDECLS void isc_mutexblock_init(isc_mutex_t block, unsigned int count); /%< Initialize a block of locks. If an error occurs all initialized locks * will be destroyed, if possible. * * Requires: * \li block != NULL \li count > 0 / void isc_mutexblock_destroy(isc_mutex_t block, unsigned int count); /%< Destroy a block of locks. * * Requires: * \li block != NULL \li count > 0 \li Each lock in the block be initialized via isc_mutex_init() or the whole block was initialized via isc_mutex_initblock(). * / ISC_LANG_ENDDECLS #endif / ISC_MUTEXBLOCK_H / ��isc/eventclass.h��0000644��00000002642�15125204632�0007646 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_EVENTCLASS_H #define ISC_EVENTCLASS_H 1 /! \file isc/eventclass.h *** Registry of Predefined Event Type Classes **/ /% * An event class is an unsigned 16 bit number. Each class may contain up * to 65536 events. An event type is formed by adding the event number * within the class to the class number. * / #define ISC_EVENTCLASS(eclass) ((eclass) << 16) /@{/ /! * Classes < 1024 are reserved for ISC use. * Event classes >= 1024 and <= 65535 are reserved for application use. / #define ISC_EVENTCLASS_TASK ISC_EVENTCLASS(0) #define ISC_EVENTCLASS_TIMER ISC_EVENTCLASS(1) #define ISC_EVENTCLASS_SOCKET ISC_EVENTCLASS(2) #define ISC_EVENTCLASS_FILE ISC_EVENTCLASS(3) #define ISC_EVENTCLASS_DNS ISC_EVENTCLASS(4) #define ISC_EVENTCLASS_APP ISC_EVENTCLASS(5) #define ISC_EVENTCLASS_OMAPI ISC_EVENTCLASS(6) #define ISC_EVENTCLASS_RATELIMITER ISC_EVENTCLASS(7) #define ISC_EVENTCLASS_ISCCC ISC_EVENTCLASS(8) #define ISC_EVENTCLASS_NS ISC_EVENTCLASS(9) /@}/ #endif / ISC_EVENTCLASS_H / ��isc/region.h��0000644��00000004272�15125204632�0006763 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_REGION_H #define ISC_REGION_H 1 /! \file isc/region.h / #include <isc/lang.h> #include <isc/types.h> struct isc_region { unsigned char base; unsigned int length; }; struct isc_textregion { char base; unsigned int length; }; / XXXDCL questionable ... bears discussion. we have been putting off * discussing the region api. / struct isc_constregion { const void base; unsigned int length; }; struct isc_consttextregion { const char base; unsigned int length; }; /@{/ /! * The region structure is not opaque, and is usually directly manipulated. * Some macros are defined below for convenience. / #define isc_region_consume(r, l) \ do { \ isc_region_t _r = (r); \ unsigned int _l = (l); \ INSIST(_r->length >= _l); \ _r->base += _l; \ _r->length -= _l; \ } while (0) #define isc_textregion_consume(r, l) \ do { \ isc_textregion_t _r = (r); \ unsigned int _l = (l); \ INSIST(_r->length >= _l); \ _r->base += _l; \ _r->length -= _l; \ } while (0) #define isc_constregion_consume(r, l) \ do { \ isc_constregion_t _r = (r); \ unsigned int _l = (l); \ INSIST(_r->length >= _l); \ _r->base += _l; \ _r->length -= _l; \ } while (0) /@}/ ISC_LANG_BEGINDECLS int isc_region_compare(isc_region_t r1, isc_region_t r2); /%< Compares the contents of two regions * * Requires: \li 'r1' is a valid region \li 'r2' is a valid region * * Returns: \li < 0 if r1 is lexicographically less than r2 \li = 0 if r1 is lexicographically identical to r2 \li > 0 if r1 is lexicographically greater than r2 / ISC_LANG_ENDDECLS #endif /* ISC_REGION_H / ��isc/ratelimiter.h��0000644��00000006644�15125204632�0010026 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_RATELIMITER_H #define ISC_RATELIMITER_H 1 /** * Module Info **/ /! \file isc/ratelimiter.h * \brief A rate limiter is a mechanism for dispatching events at a limited * rate. This is intended to be used when sending zone maintenance * SOA queries, NOTIFY messages, etc. / / * Imports. */ #include <inttypes.h> #include <stdbool.h> #include <isc/lang.h> #include <isc/types.h> ISC_LANG_BEGINDECLS /* * Functions. **/ isc_result_t isc_ratelimiter_create(isc_mem_t mctx, isc_timermgr_t timermgr, isc_task_t task, isc_ratelimiter_t *ratelimiterp); /%< * Create a rate limiter. The execution interval is initially undefined. / isc_result_t isc_ratelimiter_setinterval(isc_ratelimiter_t rl, isc_interval_t interval); /!< * Set the minimum interval between event executions. * The interval value is copied, so the caller need not preserve it. * * Requires: * 'interval' is a nonzero interval. / void isc_ratelimiter_setpertic(isc_ratelimiter_t rl, uint32_t perint); /%< * Set the number of events processed per interval timer tick. * If 'perint' is zero it is treated as 1. / void isc_ratelimiter_setpushpop(isc_ratelimiter_t rl, bool pushpop); /%< Set / clear the ratelimiter to from push pop mode rather * first in - first out mode (default). / isc_result_t isc_ratelimiter_enqueue(isc_ratelimiter_t rl, isc_task_t task, isc_event_t eventp); /%< * Queue an event for rate-limited execution. * * This is similar * to doing an isc_task_send() to the 'task', except that the * execution may be delayed to achieve the desired rate of * execution. * * '(eventp)->ev_sender' is used to hold the task. The caller must ensure that the task exists until the event is delivered. * * Requires: \li An interval has been set by calling isc_ratelimiter_setinterval(). * \li 'task' to be non NULL. \li '(eventp)->ev_sender' to be NULL. / isc_result_t isc_ratelimiter_dequeue(isc_ratelimiter_t rl, isc_event_t event); /* * Dequeue a event off the ratelimiter queue. * * Returns: * \li ISC_R_NOTFOUND if the event is no longer linked to the rate limiter. * \li ISC_R_SUCCESS / void isc_ratelimiter_shutdown(isc_ratelimiter_t ratelimiter); /%< Shut down a rate limiter. * * Ensures: \li All events that have not yet been dispatched to the task are dispatched immediately with * the #ISC_EVENTATTR_CANCELED bit set in ev_attributes. * \li Further attempts to enqueue events will fail with #ISC_R_SHUTTINGDOWN. * \li The rate limiter is no longer attached to its task. / void isc_ratelimiter_attach(isc_ratelimiter_t source, isc_ratelimiter_t target); /%< * Attach to a rate limiter. / void isc_ratelimiter_detach(isc_ratelimiter_t ratelimiterp); /%< * Detach from a rate limiter. / isc_result_t isc_ratelimiter_stall(isc_ratelimiter_t rl); /%< Stall event processing. / isc_result_t isc_ratelimiter_release(isc_ratelimiter_t rl); /%< Release a stalled rate limiter. / ISC_LANG_ENDDECLS #endif / ISC_RATELIMITER_H / ��isc/timer.h��0000644��00000017431�15125204632�0006621 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_TIMER_H #define ISC_TIMER_H 1 /** * Module Info **/ /! \file isc/timer.h * \brief Provides timers which are event sources in the task system. * * Three types of timers are supported: * \li 'ticker' timers generate a periodic tick event. \li 'once' timers generate an idle timeout event if they are idle for too long, and generate a life timeout event if their lifetime expires. * They are used to implement both (possibly expiring) idle timers and * 'one-shot' timers. * \li 'limited' timers generate a periodic tick event until they reach their lifetime when they generate a life timeout event. * \li 'inactive' timers generate no events. * Timers can change type. It is typical to create a timer as * an 'inactive' timer and then change it into a 'ticker' or * 'once' timer. * \li MP: The module ensures appropriate synchronization of data structures it * creates and manipulates. * Clients of this module must not be holding a timer's task's lock when * making a call that affects that timer. Failure to follow this rule * can result in deadlock. * The caller must ensure that isc_timermgr_destroy() is called only * once for a given manager. * * \li Reliability: * No anticipated impact. * * \li Resources: * TBS * * \li Security: * No anticipated impact. * * \li Standards: * None. / / * Imports */ #include <stdbool.h> #include <isc/event.h> #include <isc/eventclass.h> #include <isc/lang.h> #include <isc/time.h> #include <isc/types.h> ISC_LANG_BEGINDECLS /* * Types / /% Timer Type / typedef enum { isc_timertype_undefined = -1, /%< Undefined / isc_timertype_ticker = 0, /%< Ticker / isc_timertype_once = 1, /%< Once / isc_timertype_limited = 2, /%< Limited / isc_timertype_inactive = 3 /%< Inactive / } isc_timertype_t; typedef struct isc_timerevent { struct isc_event common; isc_time_t due; } isc_timerevent_t; #define ISC_TIMEREVENT_FIRSTEVENT (ISC_EVENTCLASS_TIMER + 0) #define ISC_TIMEREVENT_TICK (ISC_EVENTCLASS_TIMER + 1) #define ISC_TIMEREVENT_IDLE (ISC_EVENTCLASS_TIMER + 2) #define ISC_TIMEREVENT_LIFE (ISC_EVENTCLASS_TIMER + 3) #define ISC_TIMEREVENT_LASTEVENT (ISC_EVENTCLASS_TIMER + 65535) / * Timer and Timer Manager Functions * * Note: all Ensures conditions apply only if the result is success for * those functions which return an isc_result_t. / isc_result_t isc_timer_create(isc_timermgr_t manager, isc_timertype_t type, const isc_time_t expires, const isc_interval_t interval, isc_task_t task, isc_taskaction_t action, void arg, isc_timer_t *timerp); /%< * Create a new 'type' timer managed by 'manager'. The timers parameters * are specified by 'expires' and 'interval'. Events will be posted to * 'task' and when dispatched 'action' will be called with 'arg' as the * arg value. The new timer is returned in 'timerp'. * * Notes: * \li For ticker timers, the timer will generate a 'tick' event every 'interval' seconds. The value of 'expires' is ignored. * \li For once timers, 'expires' specifies the time when a life timeout event should be generated. If 'expires' is 0 (the epoch), then no life * timeout will be generated. 'interval' specifies how long the timer * can be idle before it generates an idle timeout. If 0, then no * idle timeout will be generated. * \li If 'expires' is NULL, the epoch will be used. * If 'interval' is NULL, the zero interval will be used. * * Requires: * \li 'manager' is a valid manager \li 'task' is a valid task \li 'action' is a valid action \li 'expires' points to a valid time, or is NULL. \li 'interval' points to a valid interval, or is NULL. \li type == isc_timertype_inactive \|\| ('expires' and 'interval' are not both 0) * \li 'timerp' is a valid pointer, and timerp == NULL * * Ensures: * \li 'timerp' is attached to the newly created timer * \li The timer is attached to the task \li An idle timeout will not be generated until at least Now + the timer's interval if 'timer' is a once timer with a non-zero * interval. * * Returns: * \li Success \li No memory \li Unexpected error / isc_result_t isc_timer_reset(isc_timer_t timer, isc_timertype_t type, const isc_time_t expires, const isc_interval_t interval, bool purge); /%< * Change the timer's type, expires, and interval values to the given * values. If 'purge' is TRUE, any pending events from this timer * are purged from its task's event queue. * * Notes: * \li If 'expires' is NULL, the epoch will be used. \li If 'interval' is NULL, the zero interval will be used. * Requires: * \li 'timer' is a valid timer \li The same requirements that isc_timer_create() imposes on 'type', 'expires' and 'interval' apply. * * Ensures: * \li An idle timeout will not be generated until at least Now + the timer's interval if 'timer' is a once timer with a non-zero * interval. * * Returns: * \li Success \li No memory \li Unexpected error / isc_result_t isc_timer_touch(isc_timer_t timer); /%< * Set the last-touched time of 'timer' to the current time. * * Requires: * \li 'timer' is a valid once timer. * Ensures: * \li An idle timeout will not be generated until at least Now + the timer's interval if 'timer' is a once timer with a non-zero * interval. * * Returns: * \li Success \li Unexpected error / void isc_timer_attach(isc_timer_t timer, isc_timer_t *timerp); /%< * Attach timerp to timer. * Requires: * \li 'timer' is a valid timer. \li 'timerp' points to a NULL timer. * Ensures: * \li timerp is attached to timer. / void isc_timer_detach(isc_timer_t timerp); /%< * Detach timerp from its timer. * Requires: * \li 'timerp' points to a valid timer. * Ensures: * \li timerp is NULL. * \li If 'timerp' is the last reference to the timer, * then: * \code The timer will be shutdown * * The timer will detach from its task * * All resources used by the timer have been freed * * Any events already posted by the timer will be purged. * Therefore, if isc_timer_detach() is called in the context * of the timer's task, it is guaranteed that no more * timer event callbacks will run after the call. \endcode / isc_timertype_t isc_timer_gettype(isc_timer_t timer); /%< * Return the timer type. * * Requires: * \li 'timer' to be a valid timer. / isc_result_t isc_timermgr_create(isc_mem_t mctx, isc_timermgr_t managerp); /%< * Create a timer manager. * * Notes: * \li All memory will be allocated in memory context 'mctx'. * Requires: * \li 'mctx' is a valid memory context. \li 'managerp' points to a NULL isc_timermgr_t. * Ensures: * \li 'managerp' is a valid isc_timermgr_t. * * Returns: * \li Success \li No memory \li Unexpected error / void isc_timermgr_destroy(isc_timermgr_t *managerp); /%< * Destroy a timer manager. * * Notes: * \li This routine blocks until there are no timers left in the manager, so if the caller holds any timer references using the manager, it * must detach them before calling isc_timermgr_destroy() or it will * block forever. * * Requires: * \li 'managerp' is a valid isc_timermgr_t. * * Ensures: * \li managerp == NULL * \li All resources used by the manager have been freed. / void isc_timermgr_poke(isc_timermgr_t m); ISC_LANG_ENDDECLS #endif / ISC_TIMER_H / ��isc/tm.h��0000644��00000001576�15125204632�0006124 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_TM_H #define ISC_TM_H 1 /! \file isc/tm.h * Provides portable conversion routines for struct tm. / #include <time.h> #include <isc/lang.h> #include <isc/types.h> ISC_LANG_BEGINDECLS time_t isc_tm_timegm(struct tm tm); /* * Convert a tm structure to time_t, using UTC rather than the local * time zone. / char isc_tm_strptime(const char buf, const char fmt, struct tm tm); / * Parse a formatted date string into struct tm. / ISC_LANG_ENDDECLS #endif / ISC_TIMER_H / ��isc/types.h��0000644��00000013336�15125204632�0006645 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_TYPES_H #define ISC_TYPES_H 1 #include <isc/bind9.h> /! \file isc/types.h * \brief * OS-specific types, from the OS-specific include directories. / #include <inttypes.h> #include <stdbool.h> #include <isc/offset.h> / * XXXDCL This is just for ISC_LIST and ISC_LINK, but gets all of the other * list macros too. / #include <isc/list.h> / Core Types. Alphabetized by defined type. / typedef struct isc_astack isc_astack_t; /%< Array-based fast stack / typedef struct isc_appctx isc_appctx_t; /%< Application context / typedef struct isc_backtrace_symmap isc_backtrace_symmap_t; /%< Symbol Table * Entry / typedef struct isc_buffer isc_buffer_t; /%< Buffer / typedef ISC_LIST(isc_buffer_t) isc_bufferlist_t; /%< Buffer List / typedef struct isc_constregion isc_constregion_t; /%< Const region / typedef struct isc_consttextregion isc_consttextregion_t; /%< Const Text Region / typedef struct isc_counter isc_counter_t; /%< Counter / typedef int16_t isc_dscp_t; /%< Diffserv code point / typedef struct isc_event isc_event_t; /%< Event / typedef ISC_LIST(isc_event_t) isc_eventlist_t; /%< Event List / typedef unsigned int isc_eventtype_t; /%< Event Type / typedef uint32_t isc_fsaccess_t; /%< FS Access / typedef struct isc_hash isc_hash_t; /%< Hash / typedef struct isc_hp isc_hp_t; /%< Hazard * pointer / typedef struct isc_httpd isc_httpd_t; /%< HTTP client / typedef void(isc_httpdfree_t)(isc_buffer_t , void ); /%< HTTP free function / typedef struct isc_httpdmgr isc_httpdmgr_t; /%< HTTP manager / typedef struct isc_httpdurl isc_httpdurl_t; /%< HTTP URL / typedef void(isc_httpdondestroy_t)(void ); /%< Callback on destroying httpd / typedef struct isc_interface isc_interface_t; /%< Interface / typedef struct isc_interfaceiter isc_interfaceiter_t; /%< Interface Iterator / typedef struct isc_interval isc_interval_t; /%< Interval / typedef struct isc_lex isc_lex_t; /%< Lex / typedef struct isc_log isc_log_t; /%< Log / typedef struct isc_logcategory isc_logcategory_t; /%< Log Category / typedef struct isc_logconfig isc_logconfig_t; /%< Log Configuration / typedef struct isc_logmodule isc_logmodule_t; /%< Log Module / typedef struct isc_mem isc_mem_t; /%< Memory / typedef struct isc_mempool isc_mempool_t; /%< Memory Pool / typedef struct isc_netaddr isc_netaddr_t; /%< Net Address / typedef struct isc_nm isc_nm_t; /%< Network manager / typedef struct isc_nmsocket isc_nmsocket_t; /%< Network manager socket / typedef struct isc_nmhandle isc_nmhandle_t; /%< Network manager handle / typedef struct isc_portset isc_portset_t; /%< Port Set / typedef struct isc_quota isc_quota_t; /%< Quota / typedef struct isc_ratelimiter isc_ratelimiter_t; /%< Rate Limiter / typedef struct isc_region isc_region_t; /%< Region / typedef uint64_t isc_resourcevalue_t; /%< Resource Value / typedef unsigned int isc_result_t; /%< Result / typedef struct isc_rwlock isc_rwlock_t; /%< Read Write Lock / typedef struct isc_sockaddr isc_sockaddr_t; /%< Socket Address / typedef ISC_LIST(isc_sockaddr_t) isc_sockaddrlist_t; /%< Socket Address List / typedef struct isc_socket isc_socket_t; /%< Socket / typedef struct isc_socketevent isc_socketevent_t; /%< Socket Event / typedef struct isc_socketmgr isc_socketmgr_t; /%< Socket Manager / typedef struct isc_stats isc_stats_t; /%< Statistics / #if defined(_WIN32) && !defined(_WIN64) typedef int_fast32_t isc_statscounter_t; /%< Statistics Counter / #else / if defined(_WIN32) && !defined(_WIN64) / typedef int_fast64_t isc_statscounter_t; #endif / if defined(_WIN32) && !defined(_WIN64) / typedef struct isc_symtab isc_symtab_t; /%< Symbol Table / typedef struct isc_task isc_task_t; /%< Task / typedef ISC_LIST(isc_task_t) isc_tasklist_t; /%< Task List / typedef struct isc_taskmgr isc_taskmgr_t; /%< Task Manager / typedef struct isc_textregion isc_textregion_t; /%< Text Region / typedef struct isc_time isc_time_t; /%< Time / typedef struct isc_timer isc_timer_t; /%< Timer / typedef struct isc_timermgr isc_timermgr_t; /%< Timer Manager / typedef void (isc_taskaction_t)(isc_task_t , isc_event_t ); typedef int (isc_sockfdwatch_t)(isc_task_t , isc_socket_t , void , int); /* The following cannot be listed alphabetically due to forward reference / typedef isc_result_t(isc_httpdaction_t)( const char url, isc_httpdurl_t urlinfo, const char querystring, const char headers, void arg, unsigned int retcode, const char retmsg, const char mimetype, isc_buffer_t body, isc_httpdfree_t freecb, void freecb_args); typedef bool(isc_httpdclientok_t)(const isc_sockaddr_t , void ); /% Resource / typedef enum { isc_resource_coresize = 1, isc_resource_cputime, isc_resource_datasize, isc_resource_filesize, isc_resource_lockedmemory, isc_resource_openfiles, isc_resource_processes, isc_resource_residentsize, isc_resource_stacksize } isc_resource_t; /% Statistics formats (text file or XML) / typedef enum { isc_statsformat_file, isc_statsformat_xml, isc_statsformat_json } isc_statsformat_t; #endif /* ISC_TYPES_H / ��isc/siphash.h��0000644��00000001624�15125204632�0007135 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! \file isc/siphash.h / #pragma once #include <isc/lang.h> #include <isc/platform.h> #include <isc/types.h> #define ISC_SIPHASH24_KEY_LENGTH 128 / 8 #define ISC_SIPHASH24_TAG_LENGTH 64 / 8 #define ISC_HALFSIPHASH24_KEY_LENGTH 64 / 8 #define ISC_HALFSIPHASH24_TAG_LENGTH 32 / 8 ISC_LANG_BEGINDECLS void isc_siphash24(const uint8_t key, const uint8_t in, const size_t inlen, uint8_t out); void isc_halfsiphash24(const uint8_t key, const uint8_t in, const size_t inlen, uint8_t out); ISC_LANG_ENDDECLS ��isc/lib.h��0000644��00000002203�15125204632�0006236 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once /! \file isc/lib.h / #include <isc/lang.h> #include <isc/types.h> ISC_LANG_BEGINDECLS void isc_lib_register(void); /!< * \brief Register the ISC library implementations for some base services * such as memory or event management and handling socket or timer events. * An external application that wants to use the ISC library must call this * function very early in main(). / #ifdef WIN32 int isc_lib_ntservice(int(WINAPI mainfunc)(int argc, char argv[]), int argc, char argv[]); /!< \brief Execute a special routine needed when running as a Windows Service. / #endif / ifdef WIN32 / extern void isc_enable_constructors(void); /!< * \brief Enable constructor linkage in non-libtool static builds. / ISC_LANG_ENDDECLS ��isc/quota.h��0000644��00000006750�15125204632�0006634 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_QUOTA_H #define ISC_QUOTA_H 1 /** * Module Info **/ /! \file isc/quota.h * * \brief The isc_quota_t object is a simple helper object for implementing * quotas on things like the number of simultaneous connections to * a server. It keeps track of the amount of quota in use, and * encapsulates the locking necessary to allow multiple tasks to * share a quota. / / * Imports. */ #include <isc/atomic.h> #include <isc/lang.h> #include <isc/magic.h> #include <isc/mutex.h> #include <isc/types.h> /* * Types. **/ ISC_LANG_BEGINDECLS /% isc_quota_cb - quota callback structure / typedef struct isc_quota_cb isc_quota_cb_t; typedef void (isc_quota_cb_func_t)(isc_quota_t quota, void data); struct isc_quota_cb { int magic; isc_quota_cb_func_t cb_func; void data; ISC_LINK(isc_quota_cb_t) link; }; /% isc_quota structure / struct isc_quota { int magic; atomic_uint_fast32_t max; atomic_uint_fast32_t used; atomic_uint_fast32_t soft; atomic_uint_fast32_t waiting; isc_mutex_t cblock; ISC_LIST(isc_quota_cb_t) cbs; }; void isc_quota_init(isc_quota_t quota, unsigned int max); /%< Initialize a quota object. / void isc_quota_destroy(isc_quota_t quota); /%< Destroy a quota object. / void isc_quota_soft(isc_quota_t quota, unsigned int soft); /%< Set a soft quota. / void isc_quota_max(isc_quota_t quota, unsigned int max); /%< Re-set a maximum quota. / unsigned int isc_quota_getmax(isc_quota_t quota); /%< Get the maximum quota. / unsigned int isc_quota_getsoft(isc_quota_t quota); /%< Get the soft quota. / unsigned int isc_quota_getused(isc_quota_t quota); /%< Get the current usage of quota. / isc_result_t isc_quota_attach(isc_quota_t quota, isc_quota_t *p); /%< * * Attempt to reserve one unit of 'quota', and also attaches 'p' to the quota if successful (ISC_R_SUCCESS or ISC_R_SOFTQUOTA). * * Returns: * \li #ISC_R_SUCCESS Success * \li #ISC_R_SOFTQUOTA Success soft quota reached * \li #ISC_R_QUOTA Quota is full / isc_result_t isc_quota_attach_cb(isc_quota_t quota, isc_quota_t *p, isc_quota_cb_t cb); /%< * Like isc_quota_attach(), but if there's no quota left then cb->cb_func will * be called when we are attached to quota. * * Note: It's the caller's responsibility to make sure that we don't end up * with a huge number of callbacks waiting, making it easy to create a * resource exhaustion attack. For example, in the case of TCP listening, * we simply don't accept new connections when the quota is exceeded, so * the number of callbacks waiting in the queue will be limited by the * listen() backlog. * * Returns: * \li #ISC_R_SUCCESS Success * \li #ISC_R_SOFTQUOTA Success soft quota reached * \li #ISC_R_QUOTA Quota is full / void isc_quota_cb_init(isc_quota_cb_t cb, isc_quota_cb_func_t cb_func, void data); /%< * Initialize isc_quota_cb_t - setup the list, set the callback and data. / void isc_quota_detach(isc_quota_t p); /%< * Release one unit of quota, and also detaches 'p' from the quota. / ISC_LANG_ENDDECLS #endif /* ISC_QUOTA_H / ��isc/meminfo.h��0000644��00000001306�15125204632�0007125 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_MEMINFO_H #define ISC_MEMINFO_H 1 #include <inttypes.h> #include <isc/lang.h> #include <isc/types.h> ISC_LANG_BEGINDECLS uint64_t isc_meminfo_totalphys(void); /%< * Return total available physical memory in bytes, or 0 if this cannot * be determined / ISC_LANG_ENDDECLS #endif / ISC_MEMINFO_H / ��isc/errno.h��0000644��00000001223�15125204632�0006616 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_ERRNO_H #define ISC_ERRNO_H 1 /! \file isc/file.h / #include <isc/types.h> ISC_LANG_BEGINDECLS isc_result_t isc_errno_toresult(int err); /!< * \brief Convert a POSIX errno value to an ISC result code. / ISC_LANG_ENDDECLS #endif / ISC_ERRNO_H / ��isc/mutex.h��0000644��00000010122�15125204632�0006631 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_MUTEX_H #define ISC_MUTEX_H 1 /! \file / #include <pthread.h> #include <stdio.h> #include <isc/lang.h> #include <isc/result.h> / for ISC_R_ codes / ISC_LANG_BEGINDECLS /! * Supply mutex attributes that enable deadlock detection * (helpful when debugging). This is system dependent and * currently only supported on NetBSD. / #if ISC_MUTEX_DEBUG && defined(__NetBSD__) && defined(PTHREAD_MUTEX_ERRORCHECK) extern pthread_mutexattr_t isc__mutex_attrs; #define ISC__MUTEX_ATTRS &isc__mutex_attrs #else / if ISC_MUTEX_DEBUG && defined(__NetBSD__) && \ * defined(PTHREAD_MUTEX_ERRORCHECK) / #define ISC__MUTEX_ATTRS NULL #endif / if ISC_MUTEX_DEBUG && defined(__NetBSD__) && \ * defined(PTHREAD_MUTEX_ERRORCHECK) / / XXX We could do fancier error handling... / /! * Define ISC_MUTEX_PROFILE to turn on profiling of mutexes by line. When * enabled, isc_mutex_stats() can be used to print a table showing the * number of times each type of mutex was locked and the amount of time * waiting to obtain the lock. / #ifndef ISC_MUTEX_PROFILE #define ISC_MUTEX_PROFILE 0 #endif / ifndef ISC_MUTEX_PROFILE / #if ISC_MUTEX_PROFILE typedef struct isc_mutexstats isc_mutexstats_t; typedef struct { pthread_mutex_t mutex; /%< The actual mutex. / isc_mutexstats_t stats; /%< Mutex statistics. / } isc_mutex_t; #else /* if ISC_MUTEX_PROFILE / typedef pthread_mutex_t isc_mutex_t; #endif / if ISC_MUTEX_PROFILE / #if ISC_MUTEX_PROFILE #define isc_mutex_init(mp) isc_mutex_init_profile((mp), __FILE__, __LINE__) #else / if ISC_MUTEX_PROFILE / #if ISC_MUTEX_DEBUG && defined(PTHREAD_MUTEX_ERRORCHECK) #define isc_mutex_init(mp) isc_mutex_init_errcheck((mp)) #else / if ISC_MUTEX_DEBUG && defined(PTHREAD_MUTEX_ERRORCHECK) / #define isc_mutex_init(mp) isc__mutex_init((mp), __FILE__, __LINE__) void isc__mutex_init(isc_mutex_t mp, const char file, unsigned int line); #endif / if ISC_MUTEX_DEBUG && defined(PTHREAD_MUTEX_ERRORCHECK) / #endif / if ISC_MUTEX_PROFILE / #if ISC_MUTEX_PROFILE #define isc_mutex_lock(mp) isc_mutex_lock_profile((mp), __FILE__, __LINE__) #else / if ISC_MUTEX_PROFILE / #define isc_mutex_lock(mp) \ ((pthread_mutex_lock((mp)) == 0) ? ISC_R_SUCCESS : ISC_R_UNEXPECTED) #endif / if ISC_MUTEX_PROFILE / #if ISC_MUTEX_PROFILE #define isc_mutex_unlock(mp) isc_mutex_unlock_profile((mp), __FILE__, __LINE__) #else / if ISC_MUTEX_PROFILE / #define isc_mutex_unlock(mp) \ ((pthread_mutex_unlock((mp)) == 0) ? ISC_R_SUCCESS : ISC_R_UNEXPECTED) #endif / if ISC_MUTEX_PROFILE / #if ISC_MUTEX_PROFILE #define isc_mutex_trylock(mp) \ ((pthread_mutex_trylock((&(mp)->mutex)) == 0) ? ISC_R_SUCCESS \ : ISC_R_LOCKBUSY) #else / if ISC_MUTEX_PROFILE / #define isc_mutex_trylock(mp) \ ((pthread_mutex_trylock((mp)) == 0) ? ISC_R_SUCCESS : ISC_R_LOCKBUSY) #endif / if ISC_MUTEX_PROFILE / #if ISC_MUTEX_PROFILE #define isc_mutex_destroy(mp) \ RUNTIME_CHECK(pthread_mutex_destroy((&(mp)->mutex)) == 0) #else / if ISC_MUTEX_PROFILE / #define isc_mutex_destroy(mp) RUNTIME_CHECK(pthread_mutex_destroy((mp)) == 0) #endif / if ISC_MUTEX_PROFILE / #if ISC_MUTEX_PROFILE #define isc_mutex_stats(fp) isc_mutex_statsprofile(fp); #else / if ISC_MUTEX_PROFILE / #define isc_mutex_stats(fp) #endif / if ISC_MUTEX_PROFILE / #if ISC_MUTEX_PROFILE void isc_mutex_init_profile(isc_mutex_t mp, const char _file, int _line); isc_result_t isc_mutex_lock_profile(isc_mutex_t mp, const char _file, int _line); isc_result_t isc_mutex_unlock_profile(isc_mutex_t mp, const char _file, int _line); void isc_mutex_statsprofile(FILE fp); #endif /* ISC_MUTEX_PROFILE / void isc_mutex_init_errcheck(isc_mutex_t mp); ISC_LANG_ENDDECLS #endif /* ISC_MUTEX_H / ��isc/deprecated.h��0000644��00000001226�15125204632�0007574 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_DEPRECATED_H #define ISC_DEPRECATED_H #if (__GNUC__ + 0) > 3 #define ISC_DEPRECATED __attribute__((deprecated)) #else / if (__GNUC__ + 0) > 3 / #define ISC_DEPRECATED / none / #endif / __GNUC__ > 3/ #endif / ifndef ISC_DEPRECATED_H / ��isc/hmac.h��0000644��00000007602�15125204632�0006410 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! * \file isc/hmac.h * \brief This is the header for for message authentication code. / #pragma once #include <isc/lang.h> #include <isc/md.h> #include <isc/platform.h> #include <isc/result.h> #include <isc/types.h> typedef void isc_hmac_t; /* * isc_hmac: * @type: the digest type * @key: the key * @keylen: the length of the key * @buf: data to hash * @len: length of the data to hash * @digest: the output buffer * @digestlen: the length of the data written to @digest * * This function computes the message authentication code using a digest type * @type with key @key which is @keylen bytes long from data in @buf which is * @len bytes long, and places the output into @digest, which must have space * for the hash function output (use ISC_MAX_MD_SIZE if unsure). If the * @digestlen parameter is not NULL then the number of bytes of data written * (i.e. the length of the digest) will be written to the @digestlen. / isc_result_t isc_hmac(const isc_md_type_t type, const void key, const int keylen, const unsigned char buf, const size_t len, unsigned char digest, unsigned int digestlen); /** * isc_hmac_new: * * This function allocates, initializes and returns HMAC context. / isc_hmac_t isc_hmac_new(void); /** * isc_hmac_free: * @md: HMAC context * * This function cleans up HMAC context and frees up the space allocated to it. / void isc_hmac_free(isc_hmac_t hmac); /** * isc_hmac_init: * @md: HMAC context * @key: HMAC key * @keylen: HMAC key length * @type: digest type * * This function sets up HMAC context to use a hash function of @type and key * @key which is @keylen bytes long. / isc_result_t isc_hmac_init(isc_hmac_t hmac, const void key, size_t keylen, const isc_md_type_t type); /** * isc_hmac_reset: * @hmac: HMAC context * * This function resets the HMAC context. This can be used to reuse an already * existing context. / isc_result_t isc_hmac_reset(isc_hmac_t hmac); /** * isc_hmac_update: * @hmac: HMAC context * @buf: data to hash * @len: length of the data to hash * * This function can be called repeatedly with chunks of the message @buf to be * authenticated which is @len bytes long. / isc_result_t isc_hmac_update(isc_hmac_t hmac, const unsigned char buf, const size_t len); /* * isc_hmac_final: * @hmac: HMAC context * @digest: the output buffer * @digestlen: the length of the data written to @digest * * This function retrieves the message authentication code from @hmac and places * it in @digest, which must have space for the hash function output. If the * @digestlen parameter is not NULL then the number of bytes of data written * (i.e. the length of the digest) will be written to the @digestlen. After * calling this function no additional calls to isc_hmac_update() can be made. / isc_result_t isc_hmac_final(isc_hmac_t hmac, unsigned char digest, unsigned int digestlen); /** * isc_hmac_md_type: * @hmac: HMAC context * * This function return the isc_md_type_t previously set for the supplied * HMAC context or NULL if no isc_md_type_t has been set. / const isc_md_type_t isc_hmac_get_md_type(isc_hmac_t hmac); /* * isc_hmac_get_size: * * This function return the size of the message digest when passed an isc_hmac_t * structure, i.e. the size of the hash. / size_t isc_hmac_get_size(isc_hmac_t hmac); /** * isc_hmac_get_block_size: * * This function return the block size of the message digest when passed an * isc_hmac_t structure. / int isc_hmac_get_block_size(isc_hmac_t hmac); ��isc/bufferlist.h��0000644��00000002655�15125204632�0007650 0��ustar�00��/* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_BUFFERLIST_H #define ISC_BUFFERLIST_H 1 /** * Module Info **/ /! \file isc/bufferlist.h * * \brief Buffer lists have no synchronization. Clients must ensure exclusive * access. * * \li Reliability: * No anticipated impact. * * \li Security: * No anticipated impact. * * \li Standards: * None. / / * Imports */ #include <isc/lang.h> #include <isc/types.h> ISC_LANG_BEGINDECLS /* * Functions / unsigned int isc_bufferlist_usedcount(isc_bufferlist_t bl); /!< \brief Return the length of the sum of all used regions of all buffers in * the buffer list 'bl' * * Requires: * \li 'bl' is not NULL. * Returns: \li sum of all used regions' lengths. / unsigned int isc_bufferlist_availablecount(isc_bufferlist_t bl); /!< * \brief Return the length of the sum of all available regions of all buffers * in the buffer list 'bl' * * Requires: * \li 'bl' is not NULL. * Returns: \li sum of all available regions' lengths. / ISC_LANG_ENDDECLS #endif /* ISC_BUFFERLIST_H / ��isc/hp.h��0000644��00000010754�15125204632�0006111 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / * Hazard Pointer implementation. * * This work is based on C++ code available from: * https://github.com/pramalhe/ConcurrencyFreaks/ * * Copyright (c) 2014-2016, Pedro Ramalhete, Andreia Correia * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * Neither the name of Concurrency Freaks nor the * names of its contributors may be used to endorse or promote products * derived from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF * THE POSSIBILITY OF SUCH DAMAGE. / #pragma once #include <isc/atomic.h> #include <isc/mem.h> #include <isc/string.h> #include <isc/types.h> #include <isc/util.h> /% * Hazard pointers are a mechanism for protecting objects in memory * from being deleted by other threads while in use. This allows * safe lock-free data structures. * * This is an adaptation of the ConcurrencyFreaks implementation in C. * More details available at https://github.com/pramalhe/ConcurrencyFreaks, * in the file HazardPointers.hpp. / typedef void(isc_hp_deletefunc_t)(void ); void isc_hp_init(int max_threads); /%< Initialize hazard pointer constants - isc__hp_max_threads. If more threads * will try to access hp it will assert. / isc_hp_t isc_hp_new(isc_mem_t mctx, size_t max_hps, isc_hp_deletefunc_t deletefunc); /%< Create a new hazard pointer array of size 'max_hps' (or a reasonable * default value if 'max_hps' is 0). The function 'deletefunc' will be * used to delete objects protected by hazard pointers when it becomes * safe to retire them. / void isc_hp_destroy(isc_hp_t hp); /%< Destroy a hazard pointer array and clean up all objects protected * by hazard pointers. / void isc_hp_clear(isc_hp_t hp); /%< Clear all hazard pointers in the array for the current thread. * * Progress condition: wait-free bounded (by max_hps) / void isc_hp_clear_one(isc_hp_t hp, int ihp); /%< Clear a specified hazard pointer in the array for the current thread. * * Progress condition: wait-free population oblivious. / uintptr_t isc_hp_protect(isc_hp_t hp, int ihp, atomic_uintptr_t atom); /%< * Protect an object referenced by 'atom' with a hazard pointer for the * current thread. * * Progress condition: lock-free. / uintptr_t isc_hp_protect_ptr(isc_hp_t hp, int ihp, atomic_uintptr_t ptr); /%< This returns the same value that is passed as ptr, which is sometimes * useful. * * Progress condition: wait-free population oblivious. / uintptr_t isc_hp_protect_release(isc_hp_t hp, int ihp, atomic_uintptr_t ptr); /%< Same as isc_hp_protect_ptr(), but explicitly uses memory_order_release. * * Progress condition: wait-free population oblivious. / void isc_hp_retire(isc_hp_t hp, uintptr_t ptr); /%< Retire an object that is no longer in use by any thread, calling * the delete function that was specified in isc_hp_new(). * * Progress condition: wait-free bounded (by the number of threads squared) / ��isc/version.h��0000644��00000000763�15125204632�0007166 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! \file isc/version.h / #include <isc/platform.h> LIBISC_EXTERNAL_DATA extern const char isc_version[]; ��isc/serial.h��0000644��00000002527�15125204632�0006760 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_SERIAL_H #define ISC_SERIAL_H 1 #include <inttypes.h> #include <stdbool.h> #include <isc/lang.h> #include <isc/types.h> /! \file isc/serial.h * \brief Implement 32 bit serial space arithmetic comparison functions. * Note: Undefined results are returned as false. / / * Functions **/ ISC_LANG_BEGINDECLS bool isc_serial_lt(uint32_t a, uint32_t b); /%< * Return true if 'a' < 'b' otherwise false. / bool isc_serial_gt(uint32_t a, uint32_t b); /%< * Return true if 'a' > 'b' otherwise false. / bool isc_serial_le(uint32_t a, uint32_t b); /%< * Return true if 'a' <= 'b' otherwise false. / bool isc_serial_ge(uint32_t a, uint32_t b); /%< * Return true if 'a' >= 'b' otherwise false. / bool isc_serial_eq(uint32_t a, uint32_t b); /%< * Return true if 'a' == 'b' otherwise false. / bool isc_serial_ne(uint32_t a, uint32_t b); /%< * Return true if 'a' != 'b' otherwise false. / ISC_LANG_ENDDECLS #endif / ISC_SERIAL_H / ��isc/managers.h��0000644��00000001410�15125204632�0007264 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once #include <isc/netmgr.h> #include <isc/result.h> #include <isc/socket.h> #include <isc/task.h> #include <isc/timer.h> typedef struct isc_managers isc_managers_t; isc_result_t isc_managers_create(isc_mem_t mctx, size_t workers, size_t quantum, isc_nm_t netmgrp, isc_taskmgr_t taskmgrp); void isc_managers_destroy(isc_nm_t netmgrp, isc_taskmgr_t taskmgrp); ��isc/bind9.h��0000644��00000001475�15125204632�0006507 0��ustar�00��/* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_BIND9_H #define ISC_BIND9_H 1 #include <stdbool.h> #include <isc/platform.h> / * This determines whether we are using the libisc/libdns libraries * in BIND9 or in some other application. For BIND9 (named and related * tools) it must be set to true at runtime. Export library clients * will call isc_lib_register(), which will set it to false. / LIBISC_EXTERNAL_DATA extern bool isc_bind9; #endif / ISC_BIND9_H / ��isc/file.h��0000644��00000026625�15125204632�0006425 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_FILE_H #define ISC_FILE_H 1 /! \file isc/file.h / #include <stdbool.h> #include <stdio.h> #include <isc/lang.h> #include <isc/stat.h> #include <isc/types.h> ISC_LANG_BEGINDECLS isc_result_t isc_file_settime(const char file, isc_time_t time); isc_result_t isc_file_mode(const char file, mode_t modep); isc_result_t isc_file_getmodtime(const char file, isc_time_t time); /!< * \brief Get the time of last modification of a file. * * Notes: \li The time that is set is relative to the (OS-specific) epoch, as are all isc_time_t structures. * * Requires: \li file != NULL. \li time != NULL. * * Ensures: \li If the file could not be accessed, 'time' is unchanged. * Returns: \li #ISC_R_SUCCESS Success. \li #ISC_R_NOTFOUND No such file exists. \li #ISC_R_INVALIDFILE The path specified was not usable by the operating system. \li #ISC_R_NOPERM The file's metainformation could not be retrieved because * permission was denied to some part of the file's path. \li #ISC_R_IOERROR Hardware error interacting with the filesystem. \li #ISC_R_UNEXPECTED Something totally unexpected happened. * / isc_result_t isc_file_mktemplate(const char path, char buf, size_t buflen); /!< * \brief Generate a template string suitable for use with * isc_file_openunique(). * * Notes: \li This function is intended to make creating temporary files portable between different operating systems. * \li The path is prepended to an implementation-defined string and placed into buf. The string has no path characters in it, * and its maximum length is 14 characters plus a NUL. Thus * buflen should be at least strlen(path) + 15 characters or * an error will be returned. * * Requires: \li buf != NULL. * Ensures: \li If result == #ISC_R_SUCCESS: buf contains a string suitable for use as the template argument * to isc_file_openunique(). * \li If result != #ISC_R_SUCCESS: buf is unchanged. * * Returns: \li #ISC_R_SUCCESS Success. \li #ISC_R_NOSPACE buflen indicates buf is too small for the catenation * of the path with the internal template string. / isc_result_t isc_file_openunique(char templet, FILE *fp); isc_result_t isc_file_openuniqueprivate(char templet, FILE *fp); isc_result_t isc_file_openuniquemode(char templet, int mode, FILE *fp); isc_result_t isc_file_bopenunique(char templet, FILE *fp); isc_result_t isc_file_bopenuniqueprivate(char templet, FILE *fp); isc_result_t isc_file_bopenuniquemode(char templet, int mode, FILE *fp); /!< * \brief Create and open a file with a unique name based on 'templet'. * isc_file_bopen() open the file in binary mode in Windows. isc_file_open() open the file in text mode in Windows. * Notes: \li 'template' is a reserved work in C++. If you want to complain about the spelling of 'templet', first look it up in the * Merriam-Webster English dictionary. (http://www.m-w.com/) * \li This function works by using the template to generate file names. The template must be a writable string, as it is modified in place. * Trailing X characters in the file name (full file name on Unix, * basename on Win32 -- eg, tmp-XXXXXX vs XXXXXX.tmp, respectively) * are replaced with ASCII characters until a non-existent filename * is found. If the template does not include pathname information, * the files in the working directory of the program are searched. * \li isc_file_mktemplate is a good, portable way to get a template. * Requires: \li 'fp' is non-NULL and 'fp' is NULL. * \li 'template' is non-NULL, and of a form suitable for use by the system as described above. * * Ensures: \li If result is #ISC_R_SUCCESS: fp points to an stream opening in stdio's "w+" mode. \li If result is not #ISC_R_SUCCESS: fp is NULL. * No file is open. Even if one was created (but unable * to be reopened as a stdio FILE pointer) then it has been * removed. * \li This function does not* ensure that the template string has not been * modified, even if the operation was unsuccessful. * * Returns: \li #ISC_R_SUCCESS Success. \li #ISC_R_EXISTS No file with a unique name could be created based on the * template. \li #ISC_R_INVALIDFILE The path specified was not usable by the operating system. \li #ISC_R_NOPERM The file could not be created because permission was denied * to some part of the file's path. \li #ISC_R_IOERROR Hardware error interacting with the filesystem. \li #ISC_R_UNEXPECTED Something totally unexpected happened. / isc_result_t isc_file_remove(const char filename); /!< \brief Remove the file named by 'filename'. / isc_result_t isc_file_rename(const char oldname, const char newname); /!< * \brief Rename the file 'oldname' to 'newname'. / bool isc_file_exists(const char pathname); /!< \brief Return #true if the calling process can tell that the given file * exists. Will not return true if the calling process has insufficient * privileges to search the entire path. / bool isc_file_isabsolute(const char filename); /!< \brief Return #true if the given file name is absolute. / isc_result_t isc_file_isplainfile(const char name); isc_result_t isc_file_isplainfilefd(int fd); /!< \brief Check that the file is a plain file * * Returns: \li #ISC_R_SUCCESS Success. The file is a plain file. \li #ISC_R_INVALIDFILE The path specified was not usable by the operating system. \li #ISC_R_FILENOTFOUND The file does not exist. This return code comes from * errno=ENOENT when stat returns -1. This code is mentioned * here, because in logconf.c, it is the one rcode that is * permitted in addition to ISC_R_SUCCESS. This is done since * the next call in logconf.c is to isc_stdio_open(), which * will create the file if it can. \li other ISC_R_ errors translated from errno * These occur when stat returns -1 and an errno. / isc_result_t isc_file_isdirectory(const char name); /!< \brief Check that 'name' exists and is a directory. * * Returns: \li #ISC_R_SUCCESS Success, file is a directory. \li #ISC_R_INVALIDFILE File is not a directory. \li #ISC_R_FILENOTFOUND File does not exist. \li other ISC_R_ errors translated from errno * These occur when stat returns -1 and an errno. / bool isc_file_iscurrentdir(const char filename); /!< \brief Return #true if the given file name is the current directory ("."). / bool isc_file_ischdiridempotent(const char filename); /%< Return #true if calling chdir(filename) multiple times will give * the same result as calling it once. / const char isc_file_basename(const char filename); /%< * Return the final component of the path in the file name. / isc_result_t isc_file_progname(const char filename, char buf, size_t buflen); /!< * \brief Given an operating system specific file name "filename" * referring to a program, return the canonical program name. * * Any directory prefix or executable file name extension (if * used on the OS in case) is stripped. On systems where program * names are case insensitive, the name is canonicalized to all * lower case. The name is written to 'buf', an array of 'buflen' * chars, and null terminated. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOSPACE The name did not fit in 'buf'. / isc_result_t isc_file_template(const char path, const char templet, char buf, size_t buflen); /%< Create an OS specific template using 'path' to define the directory * 'templet' to describe the filename and store the result in 'buf' * such that path can be renamed to buf atomically. / isc_result_t isc_file_renameunique(const char file, char templet); /%< * Rename 'file' using 'templet' as a template for the new file name. / isc_result_t isc_file_absolutepath(const char filename, char path, size_t pathlen); /%< * Given a file name, return the fully qualified path to the file. / / * XXX We should also have a isc_file_writeeopen() function * for safely open a file in a publicly writable directory * (see write_open() in BIND 8's ns_config.c). / isc_result_t isc_file_truncate(const char filename, isc_offset_t size); /%< Truncate/extend the file specified to 'size' bytes. / isc_result_t isc_file_safecreate(const char filename, FILE *fp); /%< * Open 'filename' for writing, truncating if necessary. Ensure that * if it existed it was a normal file. If creating the file, ensure * that only the owner can read/write it. / isc_result_t isc_file_splitpath(isc_mem_t mctx, const char path, char dirname, char const basename); /%< * Split a path into dirname and basename. If 'path' contains no slash * (or, on windows, backslash), then 'dirname' is set to ".". * Allocates memory for 'dirname', which can be freed with isc_mem_free(). * Returns: * - ISC_R_SUCCESS on success * - ISC_R_INVALIDFILE if 'path' is empty or ends with '/' * - ISC_R_NOMEMORY if unable to allocate memory / isc_result_t isc_file_getsize(const char file, off_t size); /%< * Return the size of the file (stored in the parameter pointed * to by 'size') in bytes. * * Returns: * - ISC_R_SUCCESS on success / isc_result_t isc_file_getsizefd(int fd, off_t size); /%< Return the size of the file (stored in the parameter pointed * to by 'size') in bytes. * * Returns: * - ISC_R_SUCCESS on success / void isc_file_mmap(void addr, size_t len, int prot, int flags, int fd, off_t offset); /%< * Portable front-end to mmap(). If mmap() is not defined on this * platform, then we simulate it by calling malloc() and read(). * (In this event, the addr, prot, and flags parameters are ignored). / int isc_file_munmap(void addr, size_t len); /%< Portable front-end to munmap(). If munmap() is not defined on * this platform, then we simply free the memory. / isc_result_t isc_file_sanitize(const char dir, const char base, const char ext, char path, size_t length); /%< * Generate a sanitized filename, such as for MKEYS or NZF files. * * Historically, MKEYS and NZF files used SHA256 hashes of the view * name for the filename; this was to deal with the possibility of * forbidden characters such as "/" being in a view name, and to * avoid problems with case-insensitive file systems. * * Given a basename 'base' and an extension 'ext', this function checks * for the existence of file using the old-style name format in directory * 'dir'. If found, it returns the path to that file. If there is no * file already in place, a new pathname is generated; if the basename * contains any excluded characters, then a truncated SHA256 hash is * used, otherwise the basename is used. The path name is copied * into 'path', which must point to a buffer of at least 'length' * bytes. * * Requires: * - base != NULL * - path != NULL * * Returns: * - ISC_R_SUCCESS on success * - ISC_R_NOSPACE if the resulting path would be longer than 'length' / bool isc_file_isdirwritable(const char path); /%< Return true if the path is a directory and is writable / ISC_LANG_ENDDECLS #endif / ISC_FILE_H / ��isc/string.h��0000644��00000001523�15125204632�0007002 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once /! \file isc/string.h / #include <string.h> #include "isc/lang.h" #include "isc/platform.h" ISC_LANG_BEGINDECLS #if !defined(HAVE_STRLCPY) size_t strlcpy(char dst, const char src, size_t size); #endif / !defined(HAVE_STRLCPY) / #if !defined(HAVE_STRLCAT) size_t strlcat(char dst, const char src, size_t size); #endif / if !defined(HAVE_STRLCAT) / int isc_string_strerror_r(int errnum, char buf, size_t buflen); ISC_LANG_ENDDECLS ��isc/httpd.h��0000644��00000004363�15125204632�0006624 0��ustar�00��/* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_HTTPD_H #define ISC_HTTPD_H 1 /! \file / #include <stdbool.h> #include <isc/event.h> #include <isc/eventclass.h> #include <isc/mutex.h> #include <isc/task.h> #include <isc/time.h> #include <isc/types.h> /% * HTTP urls. These are the URLs we manage, and the function to call to * provide the data for it. We pass in the base url (so the same function * can handle multiple requests), and a structure to fill in to return a * result to the client. We also pass in a pointer to be filled in for * the data cleanup function. / struct isc_httpdurl { char url; isc_httpdaction_t action; void action_arg; bool isstatic; isc_time_t loadtime; ISC_LINK(isc_httpdurl_t) link; }; #define HTTPD_EVENTCLASS ISC_EVENTCLASS(4300) #define HTTPD_SHUTDOWN (HTTPD_EVENTCLASS + 0x0001) #define ISC_HTTPDMGR_FLAGSHUTTINGDOWN 0x00000001 /* * Create a new http daemon which will send, once every time period, * a http-like header followed by HTTP data. / isc_result_t isc_httpdmgr_create(isc_mem_t mctx, isc_socket_t sock, isc_task_t task, isc_httpdclientok_t client_ok, isc_httpdondestroy_t ondestory, void cb_arg, isc_timermgr_t tmgr, isc_httpdmgr_t httpdp); void isc_httpdmgr_shutdown(isc_httpdmgr_t httpdp); isc_result_t isc_httpdmgr_addurl(isc_httpdmgr_t httpdmgr, const char url, isc_httpdaction_t func, void arg); isc_result_t isc_httpdmgr_addurl2(isc_httpdmgr_t httpdmgr, const char url, bool isstatic, isc_httpdaction_t func, void arg); isc_result_t isc_httpd_response(isc_httpd_t httpd); isc_result_t isc_httpd_addheader(isc_httpd_t httpd, const char name, const char val); isc_result_t isc_httpd_addheaderuint(isc_httpd_t httpd, const char name, int val); isc_result_t isc_httpd_endheaders(isc_httpd_t httpd); void isc_httpd_setfinishhook(void (fn)(void)); #endif /* ISC_HTTPD_H / ��isc/task.h��0000644��00000041346�15125204632�0006445 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once /** * Module Info **/ /! \file isc/task.h * \brief The task system provides a lightweight execution context, which is * basically an event queue. * * When a task's event queue is non-empty, the * task is runnable. A small work crew of threads, typically one per CPU, * execute runnable tasks by dispatching the events on the tasks' event * queues. Context switching between tasks is fast. * * \li MP: * The module ensures appropriate synchronization of data structures it * creates and manipulates. * The caller must ensure that isc_taskmgr_destroy() is called only * once for a given manager. * * \li Reliability: * No anticipated impact. * * \li Resources: * TBS * * \li Security: * No anticipated impact. * * \li Standards: * None. * * \section purge Purging and Unsending * * Events which have been queued for a task but not delivered may be removed * from the task's event queue by purging or unsending. * * With both types, the caller specifies a matching pattern that selects * events based upon their sender, type, and tag. * * Purging calls isc_event_free() on the matching events. * * Unsending returns a list of events that matched the pattern. * The caller is then responsible for them. * * Consumers of events should purge, not unsend. * * Producers of events often want to remove events when the caller indicates * it is no longer interested in the object, e.g. by canceling a timer. * Sometimes this can be done by purging, but for some event types, the * calls to isc_event_free() cause deadlock because the event free routine * wants to acquire a lock the caller is already holding. Unsending instead * of purging solves this problem. As a general rule, producers should only * unsend events which they have sent. / / * Imports. */ #include <stdbool.h> #include <isc/eventclass.h> #include <isc/lang.h> #include <isc/netmgr.h> #include <isc/stdtime.h> #include <isc/types.h> #define ISC_TASKEVENT_FIRSTEVENT (ISC_EVENTCLASS_TASK + 0) #define ISC_TASKEVENT_SHUTDOWN (ISC_EVENTCLASS_TASK + 1) #define ISC_TASKEVENT_TEST (ISC_EVENTCLASS_TASK + 1) #define ISC_TASKEVENT_LASTEVENT (ISC_EVENTCLASS_TASK + 65535) /* * Tasks. */ ISC_LANG_BEGINDECLS /* * Types / typedef enum { isc_taskmgrmode_normal = 0, isc_taskmgrmode_privileged } isc_taskmgrmode_t; isc_result_t isc_task_create(isc_taskmgr_t manager, unsigned int quantum, isc_task_t *taskp); isc_result_t isc_task_create_bound(isc_taskmgr_t manager, unsigned int quantum, isc_task_t *taskp, int threadid); /%< * Create a task, optionally bound to a particular threadid. * * Notes: * \li If 'quantum' is non-zero, then only that many events can be dispatched before the task must yield to other tasks waiting to execute. If * quantum is zero, then the default quantum of the task manager will * be used. * \li The 'quantum' option may be removed from isc_task_create() in the future. If this happens, isc_task_getquantum() and * isc_task_setquantum() will be provided. * * Requires: * \li 'manager' is a valid task manager. \li taskp != NULL && taskp == NULL * * Ensures: * \li On success, 'taskp' is bound to the new task. * * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li #ISC_R_UNEXPECTED \li #ISC_R_SHUTTINGDOWN / void isc_task_ready(isc_task_t task); /%< Enqueue the task onto netmgr queue. / isc_result_t isc_task_run(isc_task_t task); /%< Run all the queued events for the 'task', returning * when the queue is empty or the number of events executed * exceeds the 'quantum' specified when the task was created. * * Requires: * \li 'task' is a valid task. * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_QUOTA / void isc_task_attach(isc_task_t source, isc_task_t *targetp); /%< * Attach targetp to source. * Requires: * \li 'source' is a valid task. \li 'targetp' points to a NULL isc_task_t . * * Ensures: * \li targetp is attached to source. / void isc_task_detach(isc_task_t taskp); /%< * Detach taskp from its task. * Requires: * \li 'taskp' is a valid task. * * Ensures: * \li taskp is NULL. * \li If 'taskp' is the last reference to the task, the task is idle (has * an empty event queue), and has not been shutdown, the task will be * shutdown. * \li If 'taskp' is the last reference to the task and * the task has been shutdown, * all resources used by the task will be freed. / void isc_task_send(isc_task_t task, isc_event_t *eventp); void isc_task_sendto(isc_task_t task, isc_event_t *eventp, int c); /%< * Send 'event' to 'task', if task is idle try starting it on cpu 'c' If 'c' is smaller than 0 then cpu is selected randomly. * * Requires: * \li 'task' is a valid task. \li eventp != NULL && eventp != NULL. * Ensures: * \li eventp == NULL. / void isc_task_sendtoanddetach(isc_task_t taskp, isc_event_t eventp, int c); void isc_task_sendanddetach(isc_task_t taskp, isc_event_t eventp); /%< * Send 'event' to 'taskp' and then detach 'taskp' from its task. If task is idle try starting it on cpu 'c' * If 'c' is smaller than 0 then cpu is selected randomly. * * Requires: * \li 'taskp' is a valid task. \li eventp != NULL && eventp != NULL. * * Ensures: * \li eventp == NULL. * \li taskp == NULL. * \li If 'taskp' is the last reference to the task, the task is * idle (has an empty event queue), and has not been shutdown, * the task will be shutdown. * \li If 'taskp' is the last reference to the task and * the task has been shutdown, * all resources used by the task will be freed. / unsigned int isc_task_purgerange(isc_task_t task, void sender, isc_eventtype_t first, isc_eventtype_t last, void tag); /%< Purge events from a task's event queue. * * Requires: * \li 'task' is a valid task. \li last >= first * Ensures: * \li Events in the event queue of 'task' whose sender is 'sender', whose type is >= first and <= last, and whose tag is 'tag' will be purged, * unless they are marked as unpurgable. * \li A sender of NULL will match any sender. A NULL tag matches any tag. * * Returns: * \li The number of events purged. / unsigned int isc_task_purge(isc_task_t task, void sender, isc_eventtype_t type, void tag); /%< * Purge events from a task's event queue. * * Notes: * \li This function is equivalent to \code isc_task_purgerange(task, sender, type, type, tag); \endcode * Requires: * \li 'task' is a valid task. * Ensures: * \li Events in the event queue of 'task' whose sender is 'sender', whose type is 'type', and whose tag is 'tag' will be purged, unless they * are marked as unpurgable. * \li A sender of NULL will match any sender. A NULL tag matches any tag. * * Returns: * \li The number of events purged. / bool isc_task_purgeevent(isc_task_t task, isc_event_t event); /%< Purge 'event' from a task's event queue. * * XXXRTH: WARNING: This method may be removed before beta. * * Notes: * \li If 'event' is on the task's event queue, it will be purged, unless it is marked as unpurgeable. 'event' does not have to be * on the task's event queue; in fact, it can even be an invalid * pointer. Purging only occurs if the event is actually on the task's * event queue. * * \li Purging never changes the state of the task. * * Requires: * \li 'task' is a valid task. * Ensures: * \li 'event' is not in the event queue for 'task'. * Returns: * \li #true The event was purged. \li #false The event was not in the event queue, * or was marked unpurgeable. / unsigned int isc_task_unsendrange(isc_task_t task, void sender, isc_eventtype_t first, isc_eventtype_t last, void tag, isc_eventlist_t events); /%< * Remove events from a task's event queue. * * Requires: * \li 'task' is a valid task. \li last >= first. \li events is a valid list. * * Ensures: * \li Events in the event queue of 'task' whose sender is 'sender', whose type is >= first and <= last, and whose tag is 'tag' will be dequeued * and appended to events. \li A sender of NULL will match any sender. A NULL tag matches any tag. * * Returns: * \li The number of events unsent. / unsigned int isc_task_unsend(isc_task_t task, void sender, isc_eventtype_t type, void tag, isc_eventlist_t events); /%< Remove events from a task's event queue. * * Notes: * \li This function is equivalent to \code isc_task_unsendrange(task, sender, type, type, tag, events); \endcode * Requires: * \li 'task' is a valid task. \li events is a valid list. * * Ensures: * \li Events in the event queue of 'task' whose sender is 'sender', whose type is 'type', and whose tag is 'tag' will be dequeued and appended * to events. * Returns: * \li The number of events unsent. / isc_result_t isc_task_onshutdown(isc_task_t task, isc_taskaction_t action, void arg); /%< Send a shutdown event with action 'action' and argument 'arg' when * 'task' is shutdown. * * Notes: * \li Shutdown events are posted in LIFO order. * Requires: * \li 'task' is a valid task. \li 'action' is a valid task action. * Ensures: * \li When the task is shutdown, shutdown events requested with isc_task_onshutdown() will be appended to the task's event queue. * * * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li #ISC_R_SHUTTINGDOWN Task is shutting down. / void isc_task_shutdown(isc_task_t task); /%< * Shutdown 'task'. * * Notes: * \li Shutting down a task causes any shutdown events requested with isc_task_onshutdown() to be posted (in LIFO order). The task * moves into a "shutting down" mode which prevents further calls * to isc_task_onshutdown(). * \li Trying to shutdown a task that has already been shutdown has no effect. * * Requires: * \li 'task' is a valid task. * Ensures: * \li Any shutdown events requested with isc_task_onshutdown() have been posted (in LIFO order). / void isc_task_destroy(isc_task_t taskp); /%< * Destroy 'taskp'. * Notes: * \li This call is equivalent to: \code isc_task_shutdown(taskp); isc_task_detach(taskp); \endcode * Requires: * * 'taskp' is a valid task. * Ensures: * \li Any shutdown events requested with isc_task_onshutdown() have been posted (in LIFO order). * \li taskp == NULL * \li If 'taskp' is the last reference to the task, * all resources used by the task will be freed. / void isc_task_setname(isc_task_t task, const char name, void tag); /%< Name 'task'. * * Notes: * \li Only the first 15 characters of 'name' will be copied. \li Naming a task is currently only useful for debugging purposes. * Requires: * \li 'task' is a valid task. / const char * isc_task_getname(isc_task_t task); /%< * Get the name of 'task', as previously set using isc_task_setname(). * * Notes: \li This function is for debugging purposes only. * Requires: \li 'task' is a valid task. * Returns: \li A non-NULL pointer to a null-terminated string. If the task has not been named, the string is * empty. * / isc_nm_t isc_task_getnetmgr(isc_task_t task); void isc_task_gettag(isc_task_t task); /%< * Get the tag value for 'task', as previously set using isc_task_settag(). * * Notes: \li This function is for debugging purposes only. * Requires: \li 'task' is a valid task. / isc_result_t isc_task_beginexclusive(isc_task_t task); /%< * Request exclusive access for 'task', which must be the calling * task. Waits for any other concurrently executing tasks to finish their * current event, and prevents any new events from executing in any of the * tasks sharing a task manager with 'task'. * It also pauses processing of network events in netmgr if it was provided * when taskmgr was created. * * The exclusive access must be relinquished by calling * isc_task_endexclusive() before returning from the current event handler. * * Requires: \li 'task' is the calling task. * Returns: \li #ISC_R_SUCCESS The current task now has exclusive access. \li #ISC_R_LOCKBUSY Another task has already requested exclusive * access. / void isc_task_endexclusive(isc_task_t task); /%< Relinquish the exclusive access obtained by isc_task_beginexclusive(), * allowing other tasks to execute. * * Requires: \li 'task' is the calling task, and has obtained exclusive access by calling isc_task_spl(). / void isc_task_pause(isc_task_t task0); void isc_task_unpause(isc_task_t task0); /%< * Pause/unpause this task. Pausing a task removes it from the ready * queue if it is present there; this ensures that the task will not * run again until unpaused. This is necessary when the libuv network * thread executes a function which schedules task manager events; this * prevents the task manager from executing the next event in a task * before the network thread has finished. * * Requires: \li 'task' is a valid task, and is not already paused or shutting down. / void isc_task_getcurrenttime(isc_task_t task, isc_stdtime_t t); void isc_task_getcurrenttimex(isc_task_t task, isc_time_t t); /%< Provide the most recent timestamp on the task. The timestamp is considered * as the "current time". * * isc_task_getcurrentime() returns the time in one-second granularity; * isc_task_getcurrentimex() returns it in nanosecond granularity. * * Requires: \li 'task' is a valid task. \li 't' is a valid non NULL pointer. * * Ensures: \li 't' has the "current time". / bool isc_task_exiting(isc_task_t t); /%< Returns true if the task is in the process of shutting down, * false otherwise. * * Requires: \li 'task' is a valid task. / void isc_task_setprivilege(isc_task_t task, bool priv); /%< * Set or unset the task's "privileged" flag depending on the value of * 'priv'. * * Under normal circumstances this flag has no effect on the task behavior, * but when the task manager has been set to privileged execution mode via * isc_taskmgr_setmode(), only tasks with the flag set will be executed, * and all other tasks will wait until they're done. Once all privileged * tasks have finished executing, the task manager resumes running * non-privileged tasks. * * Requires: \li 'task' is a valid task. / bool isc_task_getprivilege(isc_task_t task); /%< * Returns the current value of the task's privilege flag. * * Requires: \li 'task' is a valid task. / bool isc_task_privileged(isc_task_t task); /%< * Returns true if the task's privilege flag is set and the task * manager is currently in privileged mode. * * Requires: \li 'task' is a valid task. / /*** * Task Manager. **/ void isc_taskmgr_attach(isc_taskmgr_t , isc_taskmgr_t ); void isc_taskmgr_detach(isc_taskmgr_t ); /%< Attach/detach the task manager. / void isc_taskmgr_setmode(isc_taskmgr_t manager, isc_taskmgrmode_t mode); isc_taskmgrmode_t isc_taskmgr_mode(isc_taskmgr_t manager); /%< * Set/get the operating mode of the task manager. Valid modes are: * \li isc_taskmgrmode_normal \li isc_taskmgrmode_privileged * * In privileged execution mode, only tasks that have had the "privilege" * flag set via isc_task_setprivilege() can be executed. When all such * tasks are complete, non-privileged tasks resume running. The task calling * this function should be in task-exclusive mode; the privileged tasks * will be run after isc_task_endexclusive() is called. * * Requires: * \li 'manager' is a valid task manager. / void isc_taskmgr_setexcltask(isc_taskmgr_t mgr, isc_task_t task); /%< Set a task which will be used for all task-exclusive operations. * * Requires: \li 'manager' is a valid task manager. \li 'task' is a valid task. / isc_result_t isc_taskmgr_excltask(isc_taskmgr_t mgr, isc_task_t taskp); /%< * Attach 'taskp' to the task set by isc_taskmgr_getexcltask(). This task should be used whenever running in task-exclusive mode, * so as to prevent deadlock between two exclusive tasks. * * Requires: \li 'manager' is a valid task manager. \li taskp != NULL && taskp == NULL / #ifdef HAVE_LIBXML2 int isc_taskmgr_renderxml(isc_taskmgr_t mgr, void writer0); #endif / ifdef HAVE_LIBXML2 / #ifdef HAVE_JSON_C isc_result_t isc_taskmgr_renderjson(isc_taskmgr_t mgr, void tasksobj0); #endif / HAVE_JSON_C / ISC_LANG_ENDDECLS ��isc/netmgr.h��0000644��00000036564�15125204632�0007005 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once #include <isc/mem.h> #include <isc/region.h> #include <isc/result.h> #include <isc/types.h> / * Replacement for isc_sockettype_t provided by socket.h. / typedef enum { isc_socktype_tcp = 1, isc_socktype_udp = 2, isc_socktype_unix = 3, isc_socktype_raw = 4 } isc_socktype_t; typedef void (isc_nm_recv_cb_t)(isc_nmhandle_t handle, isc_result_t eresult, isc_region_t region, void cbarg); /%< * Callback function to be used when receiving a packet. * * 'handle' the handle that can be used to send back the answer. * 'eresult' the result of the event. * 'region' contains the received data, if any. It will be freed * after return by caller. * 'cbarg' the callback argument passed to isc_nm_listenudp(), * isc_nm_listentcpdns(), or isc_nm_read(). / typedef isc_result_t (isc_nm_accept_cb_t)(isc_nmhandle_t handle, isc_result_t result, void cbarg); /%< Callback function to be used when accepting a connection. (This differs * from isc_nm_cb_t below in that it returns a result code.) * * 'handle' the handle that can be used to send back the answer. * 'eresult' the result of the event. * 'cbarg' the callback argument passed to isc_nm_listentcp() or * isc_nm_listentcpdns(). / typedef void (isc_nm_cb_t)(isc_nmhandle_t handle, isc_result_t result, void cbarg); /%< Callback function for other network completion events (send, connect). * * 'handle' the handle on which the event took place. * 'eresult' the result of the event. * 'cbarg' the callback argument passed to isc_nm_send(), * isc_nm_tcp_connect(), or isc_nm_listentcp() / typedef void (isc_nm_opaquecb_t)(void arg); /%< * Opaque callback function, used for isc_nmhandle 'reset' and 'free' * callbacks. / typedef void (isc_nm_workcb_t)(void arg); typedef void (isc_nm_after_workcb_t)(void arg, isc_result_t result); /%< * Callback functions for libuv threadpool work (see uv_work_t) / void isc_nm_attach(isc_nm_t mgr, isc_nm_t dst); void isc_nm_detach(isc_nm_t mgr0); /%< Attach/detach a network manager. When all references have been * released, the network manager is shut down, freeing all resources. * Destroy is working the same way as detach, but it actively waits * for all other references to be gone. / / Return thread ID of current thread, or ISC_NETMGR_TID_UNKNOWN / int isc_nm_tid(void); void isc_nmsocket_close(isc_nmsocket_t sockp); /%< * isc_nmsocket_close() detaches a listening socket that was * created by isc_nm_listenudp(), isc_nm_listentcp(), or * isc_nm_listentcpdns(). Once there are no remaining child * sockets with active handles, the socket will be closed. / #ifdef NETMGR_TRACE #define isc_nmhandle_attach(handle, dest) \ isc__nmhandle_attach(handle, dest, __FILE__, __LINE__, __func__) #define isc_nmhandle_detach(handlep) \ isc__nmhandle_detach(handlep, __FILE__, __LINE__, __func__) #define FLARG , const char file, unsigned int line, const char func #else #define isc_nmhandle_attach(handle, dest) isc__nmhandle_attach(handle, dest) #define isc_nmhandle_detach(handlep) isc__nmhandle_detach(handlep) #define FLARG #endif void isc__nmhandle_attach(isc_nmhandle_t handle, isc_nmhandle_t dest FLARG); void isc__nmhandle_detach(isc_nmhandle_t handlep FLARG); /%< Increment/decrement the reference counter in a netmgr handle, * but (unlike the attach/detach functions) do not change the pointer * value. If reference counters drop to zero, the handle can be * marked inactive, possibly triggering deletion of its associated * socket. * * (This will be used to prevent a client from being cleaned up when * it's passed to an isc_task event handler. The libuv code would not * otherwise know that the handle was in use and might free it, along * with the client.) / #undef FLARG void isc_nmhandle_getdata(isc_nmhandle_t handle); void isc_nmhandle_getextra(isc_nmhandle_t handle); bool isc_nmhandle_is_stream(isc_nmhandle_t handle); void isc_nmhandle_setdata(isc_nmhandle_t handle, void arg, isc_nm_opaquecb_t doreset, isc_nm_opaquecb_t dofree); /%< isc_nmhandle_t has a void* opaque field (for example, ns_client_t). * We reuse handle and `opaque` can also be reused between calls. * This function sets this field and two callbacks: * - doreset resets the `opaque` to initial state * - dofree frees everything associated with `opaque` / void isc_nmhandle_settimeout(isc_nmhandle_t handle, uint32_t timeout); void isc_nmhandle_cleartimeout(isc_nmhandle_t handle); /%< * Set/clear the read/recv timeout for the socket connected to 'handle' * to 'timeout' (in milliseconds), and reset the timer. * * When this is called on a 'wrapper' socket handle (for example, * a TCPDNS socket wrapping a TCP connection), the timer is set for * both socket layers. / void isc_nmhandle_keepalive(isc_nmhandle_t handle, bool value); /%< Enable/disable keepalive on this connection by setting it to 'value'. * * When keepalive is active, we switch to using the keepalive timeout * to determine when to close a connection, rather than the idle timeout. * * This applies only to TCP-based DNS connections (i.e., TCPDNS). * On other types of connection it has no effect. / isc_sockaddr_t isc_nmhandle_peeraddr(isc_nmhandle_t handle); /%< Return the peer address for the given handle. / isc_sockaddr_t isc_nmhandle_localaddr(isc_nmhandle_t handle); /%< Return the local address for the given handle. / isc_nm_t isc_nmhandle_netmgr(isc_nmhandle_t handle); /%< * Return a pointer to the netmgr object for the given handle. / isc_result_t isc_nm_listenudp(isc_nm_t mgr, isc_sockaddr_t iface, isc_nm_recv_cb_t cb, void cbarg, size_t extrasize, isc_nmsocket_t *sockp); /%< * Start listening for UDP packets on interface 'iface' using net manager * 'mgr'. * * On success, 'sockp' will be updated to contain a new listening UDP socket. * * When a packet is received on the socket, 'cb' will be called with 'cbarg' * as its argument. * * When handles are allocated for the socket, 'extrasize' additional bytes * can be allocated along with the handle for an associated object, which * can then be freed automatically when the handle is destroyed. / void isc_nm_udpconnect(isc_nm_t mgr, isc_sockaddr_t local, isc_sockaddr_t peer, isc_nm_cb_t cb, void cbarg, unsigned int timeout, size_t extrahandlesize); /%< * Open a UDP socket, bind to 'local' and connect to 'peer', and * immediately call 'cb' with a handle so that the caller can begin * sending packets over UDP. * * When handles are allocated for the socket, 'extrasize' additional bytes * can be allocated along with the handle for an associated object, which * can then be freed automatically when the handle is destroyed. * * 'timeout' specifies the timeout interval in milliseconds. * * The connected socket can only be accessed via the handle passed to * 'cb'. / void isc_nm_stoplistening(isc_nmsocket_t sock); /%< Stop listening on socket 'sock'. / void isc_nm_pause(isc_nm_t mgr); /%< Pause all processing, equivalent to taskmgr exclusive tasks. * It won't return until all workers have been paused. / void isc_nm_resume(isc_nm_t mgr); /%< Resume paused processing. It will return immediately after signalling * workers to resume. / void isc_nm_read(isc_nmhandle_t handle, isc_nm_recv_cb_t cb, void cbarg); / * Begin (or continue) reading on the socket associated with 'handle', and * update its recv callback to 'cb', which will be called as soon as there * is data to process. / void isc_nm_pauseread(isc_nmhandle_t handle); /%< Pause reading on this handle's socket, but remember the callback. * * Requires: * \li 'handle' is a valid netmgr handle. / void isc_nm_cancelread(isc_nmhandle_t handle); /%< Cancel reading on a connected socket. Calls the read/recv callback on * active handles with a result code of ISC_R_CANCELED. * * Requires: * \li 'sock' is a valid netmgr socket * \li ...for which a read/recv callback has been defined. / void isc_nm_resumeread(isc_nmhandle_t handle); /%< Resume reading on the handle's socket. * * Requires: * \li 'handle' is a valid netmgr handle. * \li ...for a socket with a defined read/recv callback. / void isc_nm_send(isc_nmhandle_t handle, isc_region_t region, isc_nm_cb_t cb, void cbarg); /%< Send the data in 'region' via 'handle'. Afterward, the callback 'cb' is * called with the argument 'cbarg'. * * 'region' is not copied; it has to be allocated beforehand and freed * in 'cb'. / isc_result_t isc_nm_listentcp(isc_nm_t mgr, isc_sockaddr_t iface, isc_nm_accept_cb_t accept_cb, void accept_cbarg, size_t extrahandlesize, int backlog, isc_quota_t quota, isc_nmsocket_t sockp); /%< * Start listening for raw messages over the TCP interface 'iface', using * net manager 'mgr'. * * On success, 'sockp' will be updated to contain a new listening TCP * socket. * * When connection is accepted on the socket, 'accept_cb' will be called with * 'accept_cbarg' as its argument. The callback is expected to start a read. * * When handles are allocated for the socket, 'extrasize' additional bytes * will be allocated along with the handle for an associated object. * * If 'quota' is not NULL, then the socket is attached to the specified * quota. This allows us to enforce TCP client quota limits. * / void isc_nm_tcpconnect(isc_nm_t mgr, isc_sockaddr_t local, isc_sockaddr_t peer, isc_nm_cb_t cb, void cbarg, unsigned int timeout, size_t extrahandlesize); /%< * Create a socket using netmgr 'mgr', bind it to the address 'local', * and connect it to the address 'peer'. * * When the connection is complete or has timed out, call 'cb' with * argument 'cbarg'. Allocate 'extrahandlesize' additional bytes along * with the handle to use for an associated object. * * 'timeout' specifies the timeout interval in milliseconds. * * The connected socket can only be accessed via the handle passed to * 'cb'. / isc_result_t isc_nm_listentcpdns(isc_nm_t mgr, isc_sockaddr_t iface, isc_nm_recv_cb_t recv_cb, void recv_cbarg, isc_nm_accept_cb_t accept_cb, void accept_cbarg, size_t extrahandlesize, int backlog, isc_quota_t quota, isc_nmsocket_t *sockp); /%< * Start listening for DNS messages over the TCP interface 'iface', using * net manager 'mgr'. * * On success, 'sockp' will be updated to contain a new listening TCPDNS * socket. This is a wrapper around a raw TCP socket, which sends and * receives DNS messages via that socket. It handles message buffering * and pipelining, and automatically prepends messages with a two-byte * length field. * * When a complete DNS message is received on the socket, 'cb' will be * called with 'cbarg' as its argument. * * When a new TCPDNS connection is accepted, 'accept_cb' will be called * with 'accept_cbarg' as its argument. * * When handles are allocated for the socket, 'extrasize' additional bytes * will be allocated along with the handle for an associated object * (typically ns_client). * * 'quota' is passed to isc_nm_listentcp() when opening the raw TCP socket. / void isc_nm_tcpdns_sequential(isc_nmhandle_t handle); /%< Disable pipelining on this connection. Each DNS packet will be only * processed after the previous completes. * * The socket must be unpaused after the query is processed. This is done * the response is sent, or if we're dropping the query, it will be done * when a handle is fully dereferenced by calling the socket's * closehandle_cb callback. * * Note: This can only be run while a message is being processed; if it is * run before any messages are read, no messages will be read. * * Also note: once this has been set, it cannot be reversed for a given * connection. / void isc_nm_tcpdns_keepalive(isc_nmhandle_t handle, bool value); /%< Enable/disable keepalive on this connection by setting it to 'value'. * * When keepalive is active, we switch to using the keepalive timeout * to determine when to close a connection, rather than the idle timeout. / void isc_nm_settimeouts(isc_nm_t mgr, uint32_t init, uint32_t idle, uint32_t keepalive, uint32_t advertised); /%< Sets the initial, idle, and keepalive timeout values (in milliseconds) to use * for TCP connections, and the timeout value to advertise in responses using * the EDNS TCP Keepalive option (which should ordinarily be the same * as 'keepalive'), in milliseconds. * * Requires: * \li 'mgr' is a valid netmgr. / void isc_nm_gettimeouts(isc_nm_t mgr, uint32_t initial, uint32_t idle, uint32_t keepalive, uint32_t advertised); /%< Gets the initial, idle, keepalive, or advertised timeout values, * in milliseconds. * * Any integer pointer parameter not set to NULL will be updated to * contain the corresponding timeout value. * * Requires: * \li 'mgr' is a valid netmgr. / void isc_nm_maxudp(isc_nm_t mgr, uint32_t maxudp); /%< Simulate a broken firewall that blocks UDP messages larger than a given * size. / void isc_nm_setstats(isc_nm_t mgr, isc_stats_t stats); /%< * Set a socket statistics counter set 'stats' for 'mgr'. * * Requires: \li 'mgr' is valid and doesn't have stats already set. \li stats is a valid set of statistics counters supporting the full range of socket-related stats counter numbers. / void isc_nm_tcpdnsconnect(isc_nm_t mgr, isc_sockaddr_t local, isc_sockaddr_t peer, isc_nm_cb_t cb, void cbarg, unsigned int timeout, size_t extrahandlesize); /%< * Establish a DNS client connection via a TCP connection, bound to * the address 'local' and connected to the address 'peer'. * * When the connection is complete or has timed out, call 'cb' with * argument 'cbarg'. Allocate 'extrahandlesize' additional bytes along * with the handle to use for an associated object. * * 'timeout' specifies the timeout interval in milliseconds. * * The connected socket can only be accessed via the handle passed to * 'cb'. / #define ISC_NM_TASK_SLOW_OFFSET -2 #define ISC_NM_TASK_SLOW(i) (ISC_NM_TASK_SLOW_OFFSET - 1 - i) void isc_nm_task_enqueue(isc_nm_t mgr, isc_task_t task, int threadid); /%< * Enqueue the 'task' onto the netmgr ievents queue. * * Requires: * \li 'mgr' is a valid netmgr object * \li 'task' is a valid task * \li 'threadid' is either the preferred netmgr tid or -1, in which case * tid will be picked randomly. The threadid is capped (by modulo) to * maximum number of 'workers' as specifed in isc_nm_start() / void isc_nm_work_offload(isc_nm_t mgr, isc_nm_workcb_t work_cb, isc_nm_after_workcb_t after_work_cb, void data); /%< * Schedules a job to be handled by the libuv thread pool (see uv_work_t). * The function specified in `work_cb` will be run by a thread in the * thread pool; when complete, the `after_work_cb` function will run. * * Requires: * \li 'mgr' is a valid netmgr object. * \li We are currently running in a network manager thread. / void isc__nm_force_tid(int tid); /%< * Force the thread ID to 'tid'. This is STRICTLY for use in unit * tests and should not be used in any production code. / ��isc/heap.h��0000644��00000012217�15125204632�0006413 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_HEAP_H #define ISC_HEAP_H 1 /! \file isc/heap.h / #include <stdbool.h> #include <isc/lang.h> #include <isc/types.h> ISC_LANG_BEGINDECLS /% * The comparison function returns true if the first argument has * higher priority than the second argument, and false otherwise. / typedef bool (isc_heapcompare_t)(void , void ); /% The index function allows the client of the heap to receive a callback * when an item's index number changes. This allows it to maintain * sync with its external state, but still delete itself, since deletions * from the heap require the index be provided. / typedef void (isc_heapindex_t)(void , unsigned int); /% * The heapaction function is used when iterating over the heap. * * NOTE: The heap structure CANNOT BE MODIFIED during the call to * isc_heap_foreach(). / typedef void (isc_heapaction_t)(void , void ); typedef struct isc_heap isc_heap_t; isc_result_t isc_heap_create(isc_mem_t mctx, isc_heapcompare_t compare, isc_heapindex_t index, unsigned int size_increment, isc_heap_t heapp); /!< * \brief Create a new heap. The heap is implemented using a space-efficient * storage method. When the heap elements are deleted space is not freed * but will be reused when new elements are inserted. * * Heap elements are indexed from 1. * * Requires: \li "mctx" is valid. \li "compare" is a function which takes two void * arguments and * returns true if the first argument has a higher priority than * the second, and false otherwise. \li "index" is a function which takes a void , and an unsigned int * argument. This function will be called whenever an element's * index value changes, so it may continue to delete itself from the * heap. This option may be NULL if this functionality is unneeded. \li "size_increment" is a hint about how large the heap should grow when resizing is needed. If this is 0, a default size will be * used, which is currently 1024, allowing space for an additional 1024 * heap elements to be inserted before adding more space. \li "heapp" is not NULL, and "heap" is NULL. * * Returns: \li ISC_R_SUCCESS - success \li ISC_R_NOMEMORY - insufficient memory / void isc_heap_destroy(isc_heap_t heapp); /!< * \brief Destroys a heap. * * Requires: \li "heapp" is not NULL and "heap" points to a valid isc_heap_t. / isc_result_t isc_heap_insert(isc_heap_t heap, void elt); /!< * \brief Inserts a new element into a heap. * * Requires: \li "heapp" is not NULL and "heap" points to a valid isc_heap_t. / void isc_heap_delete(isc_heap_t heap, unsigned int index); /!< \brief Deletes an element from a heap, by element index. * * Requires: \li "heapp" is not NULL and "heap" points to a valid isc_heap_t. \li "index" is a valid element index, as provided by the "index" callback provided during heap creation. / void isc_heap_increased(isc_heap_t heap, unsigned int index); /!< \brief Indicates to the heap that an element's priority has increased. * This function MUST be called whenever an element has increased in priority. * * Requires: \li "heapp" is not NULL and "heap" points to a valid isc_heap_t. \li "index" is a valid element index, as provided by the "index" callback provided during heap creation. / void isc_heap_decreased(isc_heap_t heap, unsigned int index); /!< \brief Indicates to the heap that an element's priority has decreased. * This function MUST be called whenever an element has decreased in priority. * * Requires: \li "heapp" is not NULL and "heap" points to a valid isc_heap_t. \li "index" is a valid element index, as provided by the "index" callback provided during heap creation. / void isc_heap_element(isc_heap_t heap, unsigned int index); /!< * \brief Returns the element for a specific element index. * * Requires: \li "heapp" is not NULL and "heap" points to a valid isc_heap_t. \li "index" is a valid element index, as provided by the "index" callback provided during heap creation. * * Returns: \li A pointer to the element for the element index. / void isc_heap_foreach(isc_heap_t heap, isc_heapaction_t action, void uap); /!< \brief Iterate over the heap, calling an action for each element. The * order of iteration is not sorted. * * Requires: \li "heapp" is not NULL and "heap" points to a valid isc_heap_t. \li "action" is not NULL, and is a function which takes two arguments. The first is a void , representing the element, and the second is "uap" as provided to isc_heap_foreach. \li "uap" is a caller-provided argument, and may be NULL. * Note: \li The heap structure CANNOT be modified during this iteration. The only safe function to call while iterating the heap is isc_heap_element(). / ISC_LANG_ENDDECLS #endif / ISC_HEAP_H / ��isc/util.h��0000644��00000033723�15125204632�0006460 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_UTIL_H #define ISC_UTIL_H 1 #include <inttypes.h> /! \file isc/util.h * NOTE: * * This file is not to be included from any <isc/???.h> (or other) library * files. * * \brief * Including this file puts several macros in your name space that are * not protected (as all the other ISC functions/macros do) by prepending * ISC_ or isc_ to the name. / / * General Macros. **/ /% * Use this to hide unused function arguments. * \code * int * foo(char bar) { * UNUSED(bar); * } * \endcode / #define UNUSED(x) (void)(x) #if __GNUC__ >= 8 && !defined(__clang__) #define ISC_NONSTRING __attribute__((nonstring)) #else / if __GNUC__ >= 8 && !defined(__clang__) / #define ISC_NONSTRING #endif / __GNUC__ / #if HAVE_FUNC_ATTRIBUTE_CONSTRUCTOR && HAVE_FUNC_ATTRIBUTE_DESTRUCTOR #define ISC_CONSTRUCTOR __attribute__((constructor)) #define ISC_DESTRUCTOR __attribute__((destructor)) #elif WIN32 #define ISC_CONSTRUCTOR #define ISC_DESTRUCTOR #endif /% * The opposite: silent warnings about stored values which are never read. / #define POST(x) (void)(x) #define ISC_MAX(a, b) ((a) > (b) ? (a) : (b)) #define ISC_MIN(a, b) ((a) < (b) ? (a) : (b)) #define ISC_CLAMP(v, x, y) ((v) < (x) ? (x) : ((v) > (y) ? (y) : (v))) /% * Use this to remove the const qualifier of a variable to assign it to * a non-const variable or pass it as a non-const function argument ... * but only when you are sure it won't then be changed! * This is necessary to sometimes shut up some compilers * (as with gcc -Wcast-qual) when there is just no other good way to avoid the * situation. / #define DE_CONST(konst, var) \ do { \ union { \ const void k; \ void v; \ } _u; \ _u.k = konst; \ var = _u.v; \ } while (0) #define ARRAY_SIZE(x) (sizeof(x) / sizeof(x[0])) /% * Use this in translation units that would otherwise be empty, to * suppress compiler warnings. / #define EMPTY_TRANSLATION_UNIT extern int isc__empty; /% * We use macros instead of calling the routines directly because * the capital letters make the locking stand out. * We RUNTIME_CHECK for success since in general there's no way * for us to continue if they fail. / #ifdef ISC_UTIL_TRACEON #define ISC_UTIL_TRACE(a) a #include <stdio.h> / Required for fprintf/stderr when tracing. / #else / ifdef ISC_UTIL_TRACEON / #define ISC_UTIL_TRACE(a) #endif / ifdef ISC_UTIL_TRACEON / #include <isc/result.h> / Contractual promise. / #define LOCK(lp) \ do { \ ISC_UTIL_TRACE(fprintf(stderr, "LOCKING %p %s %d\n", (lp), \ __FILE__, __LINE__)); \ RUNTIME_CHECK(isc_mutex_lock((lp)) == ISC_R_SUCCESS); \ ISC_UTIL_TRACE(fprintf(stderr, "LOCKED %p %s %d\n", (lp), \ __FILE__, __LINE__)); \ } while (0) #define UNLOCK(lp) \ do { \ RUNTIME_CHECK(isc_mutex_unlock((lp)) == ISC_R_SUCCESS); \ ISC_UTIL_TRACE(fprintf(stderr, "UNLOCKED %p %s %d\n", (lp), \ __FILE__, __LINE__)); \ } while (0) #define BROADCAST(cvp) \ do { \ ISC_UTIL_TRACE(fprintf(stderr, "BROADCAST %p %s %d\n", (cvp), \ __FILE__, __LINE__)); \ RUNTIME_CHECK(isc_condition_broadcast((cvp)) == \ ISC_R_SUCCESS); \ } while (0) #define SIGNAL(cvp) \ do { \ ISC_UTIL_TRACE(fprintf(stderr, "SIGNAL %p %s %d\n", (cvp), \ __FILE__, __LINE__)); \ RUNTIME_CHECK(isc_condition_signal((cvp)) == ISC_R_SUCCESS); \ } while (0) #define WAIT(cvp, lp) \ do { \ ISC_UTIL_TRACE(fprintf(stderr, "WAIT %p LOCK %p %s %d\n", \ (cvp), (lp), __FILE__, __LINE__)); \ RUNTIME_CHECK(isc_condition_wait((cvp), (lp)) == \ ISC_R_SUCCESS); \ ISC_UTIL_TRACE(fprintf(stderr, "WAITED %p LOCKED %p %s %d\n", \ (cvp), (lp), __FILE__, __LINE__)); \ } while (0) / * isc_condition_waituntil can return ISC_R_TIMEDOUT, so we * don't RUNTIME_CHECK the result. * * XXX Also, can't really debug this then... / #define WAITUNTIL(cvp, lp, tp) isc_condition_waituntil((cvp), (lp), (tp)) #define RWLOCK(lp, t) \ do { \ ISC_UTIL_TRACE(fprintf(stderr, "RWLOCK %p, %d %s %d\n", (lp), \ (t), __FILE__, __LINE__)); \ RUNTIME_CHECK(isc_rwlock_lock((lp), (t)) == ISC_R_SUCCESS); \ ISC_UTIL_TRACE(fprintf(stderr, "RWLOCKED %p, %d %s %d\n", \ (lp), (t), __FILE__, __LINE__)); \ } while (0) #define RWUNLOCK(lp, t) \ do { \ ISC_UTIL_TRACE(fprintf(stderr, "RWUNLOCK %p, %d %s %d\n", \ (lp), (t), __FILE__, __LINE__)); \ RUNTIME_CHECK(isc_rwlock_unlock((lp), (t)) == ISC_R_SUCCESS); \ } while (0) / * List Macros. / #include <isc/list.h> / Contractual promise. / #define LIST(type) ISC_LIST(type) #define INIT_LIST(type) ISC_LIST_INIT(type) #define LINK(type) ISC_LINK(type) #define INIT_LINK(elt, link) ISC_LINK_INIT(elt, link) #define HEAD(list) ISC_LIST_HEAD(list) #define TAIL(list) ISC_LIST_TAIL(list) #define EMPTY(list) ISC_LIST_EMPTY(list) #define PREV(elt, link) ISC_LIST_PREV(elt, link) #define NEXT(elt, link) ISC_LIST_NEXT(elt, link) #define APPEND(list, elt, link) ISC_LIST_APPEND(list, elt, link) #define PREPEND(list, elt, link) ISC_LIST_PREPEND(list, elt, link) #define UNLINK(list, elt, link) ISC_LIST_UNLINK(list, elt, link) #define ENQUEUE(list, elt, link) ISC_LIST_APPEND(list, elt, link) #define DEQUEUE(list, elt, link) ISC_LIST_UNLINK(list, elt, link) #define INSERTBEFORE(li, b, e, ln) ISC_LIST_INSERTBEFORE(li, b, e, ln) #define INSERTAFTER(li, a, e, ln) ISC_LIST_INSERTAFTER(li, a, e, ln) #define APPENDLIST(list1, list2, link) ISC_LIST_APPENDLIST(list1, list2, link) /% * Performance / #include <isc/likely.h> #ifdef HAVE_BUILTIN_UNREACHABLE #define ISC_UNREACHABLE() __builtin_unreachable(); #else / ifdef HAVE_BUILTIN_UNREACHABLE / #define ISC_UNREACHABLE() #endif / ifdef HAVE_BUILTIN_UNREACHABLE / #if !defined(__has_feature) #define __has_feature(x) 0 #endif / if !defined(__has_feature) / / GCC defines __SANITIZE_ADDRESS__, so reuse the macro for clang / #if __has_feature(address_sanitizer) #define __SANITIZE_ADDRESS__ 1 #endif / if __has_feature(address_sanitizer) / #if __has_feature(thread_sanitizer) #define __SANITIZE_THREAD__ 1 #endif / if __has_feature(thread_sanitizer) / #if __SANITIZE_THREAD__ #define ISC_NO_SANITIZE_THREAD __attribute__((no_sanitize("thread"))) #else / if __SANITIZE_THREAD__ / #define ISC_NO_SANITIZE_THREAD #endif / if __SANITIZE_THREAD__ / #if __GNUC__ > 4 \|\| (__GNUC__ == 4 && __GNUC_MINOR >= 6) #define STATIC_ASSERT(cond, msg) _Static_assert(cond, msg) #elif __has_feature(c_static_assert) #define STATIC_ASSERT(cond, msg) _Static_assert(cond, msg) #else / if __GNUC__ > 4 \|\| (__GNUC__ == 4 && __GNUC_MINOR >= 6) / #define STATIC_ASSERT(cond, msg) INSIST(cond) #endif / if __GNUC__ > 4 \|\| (__GNUC__ == 4 && __GNUC_MINOR >= 6) / #ifdef UNIT_TESTING extern void mock_assert(const int result, const char const expression, const char const file, const int line); / * Allow clang to determine that the following code is not reached * by calling abort() if the condition fails. The abort() will * never be executed as mock_assert() and _assert_true() longjmp * or exit if the condition is false. / #define REQUIRE(expression) \ ((!(expression)) \ ? (mock_assert(0, #expression, __FILE__, __LINE__), abort()) \ : (void)0) #define ENSURE(expression) \ ((!(int)(expression)) \ ? (mock_assert(0, #expression, __FILE__, __LINE__), abort()) \ : (void)0) #define INSIST(expression) \ ((!(expression)) \ ? (mock_assert(0, #expression, __FILE__, __LINE__), abort()) \ : (void)0) #define INVARIANT(expression) \ ((!(expression)) \ ? (mock_assert(0, #expression, __FILE__, __LINE__), abort()) \ : (void)0) #define _assert_true(c, e, f, l) \ ((c) ? (void)0 : (_assert_true(0, e, f, l), abort())) #define _assert_int_equal(a, b, f, l) \ (((a) == (b)) ? (void)0 : (_assert_int_equal(a, b, f, l), abort())) #define _assert_int_not_equal(a, b, f, l) \ (((a) != (b)) ? (void)0 : (_assert_int_not_equal(a, b, f, l), abort())) #else / UNIT_TESTING / #ifndef CPPCHECK / * Assertions / #include <isc/assertions.h> / Contractual promise. / /% Require Assertion / #define REQUIRE(e) ISC_REQUIRE(e) /% Ensure Assertion / #define ENSURE(e) ISC_ENSURE(e) /% Insist Assertion / #define INSIST(e) ISC_INSIST(e) /% Invariant Assertion / #define INVARIANT(e) ISC_INVARIANT(e) #else / CPPCHECK / /% Require Assertion / #define REQUIRE(e) \ if (!(e)) \ abort() /% Ensure Assertion / #define ENSURE(e) \ if (!(e)) \ abort() /% Insist Assertion / #define INSIST(e) \ if (!(e)) \ abort() /% Invariant Assertion / #define INVARIANT(e) \ if (!(e)) \ abort() #endif / CPPCHECK / #endif / UNIT_TESTING / / * Errors / #include <isc/error.h> / Contractual promise. / /% Unexpected Error / #define UNEXPECTED_ERROR isc_error_unexpected /% Fatal Error / #define FATAL_ERROR isc_error_fatal #ifdef UNIT_TESTING #define RUNTIME_CHECK(expression) \ ((!(expression)) \ ? (mock_assert(0, #expression, __FILE__, __LINE__), abort()) \ : (void)0) #else / UNIT_TESTING / #ifndef CPPCHECK /% Runtime Check / #define RUNTIME_CHECK(cond) ISC_ERROR_RUNTIMECHECK(cond) #else / ifndef CPPCHECK / #define RUNTIME_CHECK(e) \ if (!(e)) \ abort() #endif / ifndef CPPCHECK / #endif / UNIT_TESTING / /% * Time / #define TIME_NOW(tp) RUNTIME_CHECK(isc_time_now((tp)) == ISC_R_SUCCESS) #define TIME_NOW_HIRES(tp) \ RUNTIME_CHECK(isc_time_now_hires((tp)) == ISC_R_SUCCESS) /% * Alignment / #ifdef __GNUC__ #define ISC_ALIGN(x, a) (((x) + (a)-1) & ~((typeof(x))(a)-1)) #else / ifdef __GNUC__ / #define ISC_ALIGN(x, a) (((x) + (a)-1) & ~((uintmax_t)(a)-1)) #endif / ifdef __GNUC__ / #if HAVE_FUNC_ATTRIBUTE_RETURNS_NONNULL #define ISC_ATTR_RETURNS_NONNULL __attribute__((returns_nonnull)) #else #define ISC_ATTR_RETURNS_NONNULL #endif / * Support for malloc attributes. / #ifdef HAVE_FUNC_ATTRIBUTE_MALLOC / * Indicates that a function is malloc-like, i.e., that the * pointer P returned by the function cannot alias any other * pointer valid when the function returns. / #define ISC_ATTR_MALLOC __attribute__((malloc)) #if HAVE_MALLOC_EXT_ATTR / * Associates deallocator as a suitable deallocation function * for pointers returned from the function marked with the attribute. / #define ISC_ATTR_DEALLOCATOR(deallocator) __attribute__((malloc(deallocator))) / * Similar to ISC_ATTR_DEALLOCATOR, but allows to speficy an index "idx", * which denotes the positional argument to which when the pointer is passed * in calls to deallocator has the effect of deallocating it. / #define ISC_ATTR_DEALLOCATOR_IDX(deallocator, idx) \ __attribute__((malloc(deallocator, idx))) / * Combines both ISC_ATTR_MALLOC and ISC_ATTR_DEALLOCATOR attributes. / #define ISC_ATTR_MALLOC_DEALLOCATOR(deallocator) \ __attribute__((malloc, malloc(deallocator))) / * Similar to ISC_ATTR_MALLOC_DEALLOCATOR, but allows to speficy an index "idx", * which denotes the positional argument to which when the pointer is passed * in calls to deallocator has the effect of deallocating it. / #define ISC_ATTR_MALLOC_DEALLOCATOR_IDX(deallocator, idx) \ __attribute__((malloc, malloc(deallocator, idx))) #else / #ifdef HAVE_MALLOC_EXT_ATTR / / * There is support for malloc attribute but not for * extended attributes, so macros that combine attribute malloc * with a deallocator will only expand to malloc attribute. / #define ISC_ATTR_DEALLOCATOR(deallocator) #define ISC_ATTR_DEALLOCATOR_IDX(deallocator, idx) #define ISC_ATTR_MALLOC_DEALLOCATOR(deallocator) ISC_ATTR_MALLOC #define ISC_ATTR_MALLOC_DEALLOCATOR_IDX(deallocator, idx) ISC_ATTR_MALLOC #endif #else / #ifdef HAVE_FUNC_ATTRIBUTE_MALLOC / / * There is no support for malloc attribute. / #define ISC_ATTR_MALLOC #define ISC_ATTR_DEALLOCATOR(deallocator) #define ISC_ATTR_DEALLOCATOR_IDX(deallocator, idx) #define ISC_ATTR_MALLOC_DEALLOCATOR(deallocator) #define ISC_ATTR_MALLOC_DEALLOCATOR_IDX(deallocator, idx) #endif / HAVE_FUNC_ATTRIBUTE_MALLOC / /% * Misc / #include <isc/deprecated.h> #endif / ISC_UTIL_H / ��isc/endian.h��0000644��00000011404�15125204632�0006731 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once #if defined(__DragonFly__) \|\| defined(__FreeBSD__) \|\| defined(__NetBSD__) \|\| \ defined(__OpenBSD__) \|\| defined(__bsdi__) #include <sys/endian.h> / * Recent BSDs should have [bl]e{16,32,64}toh() defined in <sys/endian.h>. * Older ones might not, but these should have the alternatively named * [bl]etoh{16,32,64}() functions defined. / #ifndef be16toh #define be16toh(x) betoh16(x) #define le16toh(x) letoh16(x) #define be32toh(x) betoh32(x) #define le32toh(x) letoh32(x) #define be64toh(x) betoh64(x) #define le64toh(x) letoh64(x) #endif / !be16toh / #elif defined(_WIN32) / * Windows is always little-endian and has its own byte-swapping routines, so * use these. / #include <stdlib.h> #define htobe16(x) _byteswap_ushort(x) #define htole16(x) (x) #define be16toh(x) _byteswap_ushort(x) #define le16toh(x) (x) #define htobe32(x) _byteswap_ulong(x) #define htole32(x) (x) #define be32toh(x) _byteswap_ulong(x) #define le32toh(x) (x) #define htobe64(x) _byteswap_uint64(x) #define htole64(x) (x) #define be64toh(x) _byteswap_uint64(x) #define le64toh(x) (x) #elif defined __APPLE__ / * macOS has its own byte-swapping routines, so use these. / #include <libkern/OSByteOrder.h> #define htobe16(x) OSSwapHostToBigInt16(x) #define htole16(x) OSSwapHostToLittleInt16(x) #define be16toh(x) OSSwapBigToHostInt16(x) #define le16toh(x) OSSwapLittleToHostInt16(x) #define htobe32(x) OSSwapHostToBigInt32(x) #define htole32(x) OSSwapHostToLittleInt32(x) #define be32toh(x) OSSwapBigToHostInt32(x) #define le32toh(x) OSSwapLittleToHostInt32(x) #define htobe64(x) OSSwapHostToBigInt64(x) #define htole64(x) OSSwapHostToLittleInt64(x) #define be64toh(x) OSSwapBigToHostInt64(x) #define le64toh(x) OSSwapLittleToHostInt64(x) #elif defined(sun) \|\| defined(__sun) \|\| defined(__SVR4) / * For Solaris, rely on the fallback definitions below, though use * Solaris-specific versions of bswap_{16,32,64}(). / #include <sys/byteorder.h> #define bswap_16(x) BSWAP_16(x) #define bswap_32(x) BSWAP_32(x) #define bswap_64(x) BSWAP_64(x) #elif defined(__ANDROID__) \|\| defined(__CYGWIN__) \|\| defined(__GNUC__) \|\| \ defined(__GNU__) #include <byteswap.h> #include <endian.h> #else / if defined(__DragonFly__) \|\| defined(__FreeBSD__) \|\| \ * defined(__NetBSD__) \|\| defined(__OpenBSD__) \|\| defined(__bsdi__) / #endif / Specific platform support / / * Fallback definitions. / #include <inttypes.h> #ifndef bswap_16 #define bswap_16(x) \ ((uint16_t)((((uint16_t)(x)&0xff00) >> 8) \| \ (((uint16_t)(x)&0x00ff) << 8))) #endif / !bswap_16 / #ifndef bswap_32 #define bswap_32(x) \ ((uint32_t)((((uint32_t)(x)&0xff000000) >> 24) \| \ (((uint32_t)(x)&0x00ff0000) >> 8) \| \ (((uint32_t)(x)&0x0000ff00) << 8) \| \ (((uint32_t)(x)&0x000000ff) << 24))) #endif / !bswap_32 / #ifndef bswap_64 #define bswap_64(x) \ ((uint64_t)((((uint64_t)(x)&0xff00000000000000ULL) >> 56) \| \ (((uint64_t)(x)&0x00ff000000000000ULL) >> 40) \| \ (((uint64_t)(x)&0x0000ff0000000000ULL) >> 24) \| \ (((uint64_t)(x)&0x000000ff00000000ULL) >> 8) \| \ (((uint64_t)(x)&0x00000000ff000000ULL) << 8) \| \ (((uint64_t)(x)&0x0000000000ff0000ULL) << 24) \| \ (((uint64_t)(x)&0x000000000000ff00ULL) << 40) \| \ (((uint64_t)(x)&0x00000000000000ffULL) << 56))) #endif / !bswap_64 / #ifndef htobe16 #if WORDS_BIGENDIAN #define htobe16(x) (x) #define htole16(x) bswap_16(x) #define be16toh(x) (x) #define le16toh(x) bswap_16(x) #else / WORDS_BIGENDIAN / #define htobe16(x) bswap_16(x) #define htole16(x) (x) #define be16toh(x) bswap_16(x) #define le16toh(x) (x) #endif / WORDS_BIGENDIAN / #endif / !htobe16 / #ifndef htobe32 #if WORDS_BIGENDIAN #define htobe32(x) (x) #define htole32(x) bswap_32(x) #define be32toh(x) (x) #define le32toh(x) bswap_32(x) #else / WORDS_BIGENDIAN / #define htobe32(x) bswap_32(x) #define htole32(x) (x) #define be32toh(x) bswap_32(x) #define le32toh(x) (x) #endif / WORDS_BIGENDIAN / #endif / !htobe32 / #ifndef htobe64 #if WORDS_BIGENDIAN #define htobe64(x) (x) #define htole64(x) bswap_64(x) #define be64toh(x) (x) #define le64toh(x) bswap_64(x) #else / WORDS_BIGENDIAN / #define htobe64(x) bswap_64(x) #define htole64(x) (x) #define be64toh(x) bswap_64(x) #define le64toh(x) (x) #endif / WORDS_BIGENDIAN / #endif / !htobe64 / ��isc/regex.h��0000644��00000001377�15125204632�0006615 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_REGEX_H #define ISC_REGEX_H 1 /! \file isc/regex.h / #include <isc/lang.h> #include <isc/types.h> ISC_LANG_BEGINDECLS int isc_regex_validate(const char expression); /%< Check a regular expression for syntactic correctness. * * Returns: \li -1 on error. \li the number of groups in the expression. / ISC_LANG_ENDDECLS #endif / ISC_REGEX_H / ��isc/utf8.h��0000644��00000001640�15125204632�0006362 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! \file isc/utf8.h / #pragma once #include <isc/lang.h> #include <isc/types.h> ISC_LANG_BEGINDECLS bool isc_utf8_bom(const unsigned char buf, size_t len); /< Returns 'true' if the string of bytes in 'buf' starts * with an UTF-8 Byte Order Mark. * * Requires: \li 'buf' != NULL / bool isc_utf8_valid(const unsigned char buf, size_t len); /< * Returns 'true' if the string of bytes in 'buf' is a valid UTF-8 * byte sequence otherwise 'false' is returned. * * Requires: \li 'buf' != NULL / ISC_LANG_ENDDECLS ��isc/lang.h��0000644��00000001256�15125204632�0006420 0��ustar�00��/* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_LANG_H #define ISC_LANG_H 1 /! \file isc/lang.h / #ifdef __cplusplus #define ISC_LANG_BEGINDECLS extern "C" { #define ISC_LANG_ENDDECLS } #else / ifdef __cplusplus / #define ISC_LANG_BEGINDECLS #define ISC_LANG_ENDDECLS #endif / ifdef __cplusplus / #endif / ISC_LANG_H / ��isc/stdatomic.h��0000644��00000021634�15125204632�0007470 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once #include <inttypes.h> #include <stdbool.h> #include <stddef.h> #if HAVE_UCHAR_H #include <uchar.h> #endif / HAVE_UCHAR_H / #if !defined(__has_feature) #define __has_feature(x) 0 #endif / if !defined(__has_feature) / #if !defined(__has_extension) #define __has_extension(x) __has_feature(x) #endif / if !defined(__has_extension) / #if !defined(__GNUC_PREREQ__) #if defined(__GNUC__) && defined(__GNUC_MINOR__) #define __GNUC_PREREQ__(maj, min) \ ((__GNUC__ << 16) + __GNUC_MINOR__ >= ((maj) << 16) + (min)) #else / if defined(__GNUC__) && defined(__GNUC_MINOR__) / #define __GNUC_PREREQ__(maj, min) 0 #endif / if defined(__GNUC__) && defined(__GNUC_MINOR__) / #endif / if !defined(__GNUC_PREREQ__) / #if !defined(__CLANG_ATOMICS) && !defined(__GNUC_ATOMICS) #if __has_extension(c_atomic) \|\| __has_extension(cxx_atomic) #define __CLANG_ATOMICS #elif __GNUC_PREREQ__(4, 7) #define __GNUC_ATOMICS #elif !defined(__GNUC__) #error "isc/stdatomic.h does not support your compiler" #endif / if __has_extension(c_atomic) \|\| __has_extension(cxx_atomic) / #endif / if !defined(__CLANG_ATOMICS) && !defined(__GNUC_ATOMICS) / #define ATOMIC_VAR_INIT(x) x #ifndef __ATOMIC_RELAXED #define __ATOMIC_RELAXED 0 #endif / ifndef __ATOMIC_RELAXED / #ifndef __ATOMIC_CONSUME #define __ATOMIC_CONSUME 1 #endif / ifndef __ATOMIC_CONSUME / #ifndef __ATOMIC_ACQUIRE #define __ATOMIC_ACQUIRE 2 #endif / ifndef __ATOMIC_ACQUIRE / #ifndef __ATOMIC_RELEASE #define __ATOMIC_RELEASE 3 #endif / ifndef __ATOMIC_RELEASE / #ifndef __ATOMIC_ACQ_REL #define __ATOMIC_ACQ_REL 4 #endif / ifndef __ATOMIC_ACQ_REL / #ifndef __ATOMIC_SEQ_CST #define __ATOMIC_SEQ_CST 5 #endif / ifndef __ATOMIC_SEQ_CST / enum memory_order { memory_order_relaxed = __ATOMIC_RELAXED, memory_order_consume = __ATOMIC_CONSUME, memory_order_acquire = __ATOMIC_ACQUIRE, memory_order_release = __ATOMIC_RELEASE, memory_order_acq_rel = __ATOMIC_ACQ_REL, memory_order_seq_cst = __ATOMIC_SEQ_CST }; typedef enum memory_order memory_order; #ifndef HAVE_UCHAR_H typedef uint_least16_t char16_t; typedef uint_least32_t char32_t; #endif / HAVE_UCHAR_H / typedef bool atomic_bool; typedef char atomic_char; typedef signed char atomic_schar; typedef unsigned char atomic_uchar; typedef short atomic_short; typedef unsigned short atomic_ushort; typedef int atomic_int; typedef unsigned int atomic_uint; typedef long atomic_long; typedef unsigned long atomic_ulong; typedef long long atomic_llong; typedef unsigned long long atomic_ullong; typedef char16_t atomic_char16_t; typedef char32_t atomic_char32_t; typedef wchar_t atomic_wchar_t; typedef int_least8_t atomic_int_least8_t; typedef uint_least8_t atomic_uint_least8_t; typedef int_least16_t atomic_int_least16_t; typedef uint_least16_t atomic_uint_least16_t; typedef int_least32_t atomic_int_least32_t; typedef uint_least32_t atomic_uint_least32_t; typedef int_least64_t atomic_int_least64_t; typedef uint_least64_t atomic_uint_least64_t; typedef int_fast8_t atomic_int_fast8_t; typedef uint_fast8_t atomic_uint_fast8_t; typedef int_fast16_t atomic_int_fast16_t; typedef uint_fast16_t atomic_uint_fast16_t; typedef int_fast32_t atomic_int_fast32_t; typedef uint_fast32_t atomic_uint_fast32_t; typedef int_fast64_t atomic_int_fast64_t; typedef uint_fast64_t atomic_uint_fast64_t; typedef intptr_t atomic_intptr_t; typedef uintptr_t atomic_uintptr_t; typedef size_t atomic_size_t; typedef ptrdiff_t atomic_ptrdiff_t; typedef intmax_t atomic_intmax_t; typedef uintmax_t atomic_uintmax_t; #if defined(__CLANG_ATOMICS) / __c11_atomic builtins / #define atomic_init(obj, desired) __c11_atomic_init(obj, desired) #define atomic_load_explicit(obj, order) __c11_atomic_load(obj, order) #define atomic_store_explicit(obj, desired, order) \ __c11_atomic_store(obj, desired, order) #define atomic_fetch_add_explicit(obj, arg, order) \ __c11_atomic_fetch_add(obj, arg, order) #define atomic_fetch_sub_explicit(obj, arg, order) \ __c11_atomic_fetch_sub(obj, arg, order) #define atomic_fetch_and_explicit(obj, arg, order) \ __c11_atomic_fetch_and(obj, arg, order) #define atomic_fetch_or_explicit(obj, arg, order) \ __c11_atomic_fetch_or(obj, arg, order) #define atomic_compare_exchange_strong_explicit(obj, expected, desired, succ, \ fail) \ __c11_atomic_compare_exchange_strong_explicit(obj, expected, desired, \ succ, fail) #define atomic_compare_exchange_weak_explicit(obj, expected, desired, succ, \ fail) \ __c11_atomic_compare_exchange_weak_explicit(obj, expected, desired, \ succ, fail) #define atomic_exchange_explicit(obj, desired, order) \ __c11_atomic_exchange_explicit(obj, expected, order) #elif defined(__GNUC_ATOMICS) / __atomic builtins / #define atomic_init(obj, desired) (obj = desired) #define atomic_load_explicit(obj, order) __atomic_load_n(obj, order) #define atomic_store_explicit(obj, desired, order) \ __atomic_store_n(obj, desired, order) #define atomic_fetch_add_explicit(obj, arg, order) \ __atomic_fetch_add(obj, arg, order) #define atomic_fetch_sub_explicit(obj, arg, order) \ __atomic_fetch_sub(obj, arg, order) #define atomic_fetch_and_explicit(obj, arg, order) \ __atomic_fetch_and(obj, arg, order) #define atomic_fetch_or_explicit(obj, arg, order) \ __atomic_fetch_or(obj, arg, order) #define atomic_compare_exchange_strong_explicit(obj, expected, desired, succ, \ fail) \ __atomic_compare_exchange_n(obj, expected, desired, 0, succ, fail) #define atomic_compare_exchange_weak_explicit(obj, expected, desired, succ, \ fail) \ __atomic_compare_exchange_n(obj, expected, desired, 1, succ, fail) #define atomic_exchange_explicit(obj, desired, order) \ __atomic_exchange_n(obj, desired, order) #else /* __sync builtins / #define atomic_init(obj, desired) (obj = desired) #define atomic_load_explicit(obj, order) __sync_fetch_and_add(obj, 0) #define atomic_store_explicit(obj, desired, order) \ do { \ __sync_synchronize(); \ obj = desired; \ __sync_synchronize(); \ } while (0); #define atomic_fetch_add_explicit(obj, arg, order) \ __sync_fetch_and_add(obj, arg) #define atomic_fetch_sub_explicit(obj, arg, order) \ __sync_fetch_and_sub(obj, arg, order) #define atomic_fetch_and_explicit(obj, arg, order) \ __sync_fetch_and_and(obj, arg, order) #define atomic_fetch_or_explicit(obj, arg, order) \ __sync_fetch_and_or(obj, arg, order) #define atomic_compare_exchange_strong_explicit(obj, expected, desired, succ, \ fail) \ ({ \ __typeof__(obj) __v; \ _Bool __r; \ __v = (__typeof__(obj))__sync_val_compare_and_swap( \ obj, (expected), desired); \ __r = ((__typeof__(obj))(expected) == __v); \ (expected) = __v; \ __r; \ }) #define atomic_compare_exchange_weak_explicit(obj, expected, desired, succ, \ fail) \ atomic_compare_exchange_strong_explicit(obj, expected, desired, succ, \ fail) #define atomic_exchange_explicit(obj, desired, order) \ __sync_lock_test_and_set(obj, desired) #endif /* if defined(__CLANG_ATOMICS) / #define atomic_load(obj) atomic_load_explicit(obj, memory_order_seq_cst) #define atomic_store(obj, arg) \ atomic_store_explicit(obj, arg, memory_order_seq_cst) #define atomic_fetch_add(obj, arg) \ atomic_fetch_add_explicit(obj, arg, memory_order_seq_cst) #define atomic_fetch_sub(obj, arg) \ atomic_fetch_sub_explicit(obj, arg, memory_order_seq_cst) #define atomic_fetch_and(obj, arg) \ atomic_fetch_and_explicit(obj, arg, memory_order_seq_cst) #define atomic_fetch_or(obj, arg) \ atomic_fetch_or_explicit(obj, arg, memory_order_seq_cst) #define atomic_compare_exchange_strong(obj, expected, desired) \ atomic_compare_exchange_strong_explicit(obj, expected, desired, \ memory_order_seq_cst, \ memory_order_seq_cst) #define atomic_compare_exchange_weak(obj, expected, desired) \ atomic_compare_exchange_weak_explicit(obj, expected, desired, \ memory_order_seq_cst, \ memory_order_seq_cst) #define atomic_exchange(obj, desired) \ atomic_exchange_explicit(obj, desired, memory_order_seq_cst) ��isc/sockaddr.h��0000644��00000014203�15125204632�0007265 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_SOCKADDR_H #define ISC_SOCKADDR_H 1 /! \file isc/sockaddr.h / #include <stdbool.h> #include <isc/lang.h> #include <isc/net.h> #include <isc/types.h> #ifdef ISC_PLATFORM_HAVESYSUNH #include <sys/un.h> #endif / ifdef ISC_PLATFORM_HAVESYSUNH / struct isc_sockaddr { union { struct sockaddr sa; struct sockaddr_in sin; struct sockaddr_in6 sin6; struct sockaddr_storage ss; #ifdef ISC_PLATFORM_HAVESYSUNH struct sockaddr_un sunix; #endif / ifdef ISC_PLATFORM_HAVESYSUNH / } type; unsigned int length; / XXXRTH beginning? / ISC_LINK(struct isc_sockaddr) link; }; #define ISC_SOCKADDR_CMPADDR \ 0x0001 /%< compare the address \ * sin_addr/sin6_addr / #define ISC_SOCKADDR_CMPPORT \ 0x0002 /%< compare the port \ * sin_port/sin6_port / #define ISC_SOCKADDR_CMPSCOPE \ 0x0004 /%< compare the scope \ * sin6_scope / #define ISC_SOCKADDR_CMPSCOPEZERO \ 0x0008 /%< when comparing scopes \ * zero scopes always match / ISC_LANG_BEGINDECLS bool isc_sockaddr_compare(const isc_sockaddr_t a, const isc_sockaddr_t b, unsigned int flags); /%< * Compare the elements of the two address ('a' and 'b') as specified * by 'flags' and report if they are equal or not. * * 'flags' is set from ISC_SOCKADDR_CMP. / bool isc_sockaddr_equal(const isc_sockaddr_t a, const isc_sockaddr_t b); /%< Return true iff the socket addresses 'a' and 'b' are equal. / bool isc_sockaddr_eqaddr(const isc_sockaddr_t a, const isc_sockaddr_t b); /%< * Return true iff the address parts of the socket addresses * 'a' and 'b' are equal, ignoring the ports. / bool isc_sockaddr_eqaddrprefix(const isc_sockaddr_t a, const isc_sockaddr_t b, unsigned int prefixlen); /%< * Return true iff the most significant 'prefixlen' bits of the * socket addresses 'a' and 'b' are equal, ignoring the ports. * If 'b''s scope is zero then 'a''s scope will be ignored. / unsigned int isc_sockaddr_hash(const isc_sockaddr_t sockaddr, bool address_only); /%< Return a hash value for the socket address 'sockaddr'. If 'address_only' * is true, the hash value will not depend on the port. * * IPv6 addresses containing mapped IPv4 addresses generate the same hash * value as the equivalent IPv4 address. / void isc_sockaddr_any(isc_sockaddr_t sockaddr); /%< Return the IPv4 wildcard address. / void isc_sockaddr_any6(isc_sockaddr_t sockaddr); /%< Return the IPv6 wildcard address. / void isc_sockaddr_anyofpf(isc_sockaddr_t sockaddr, int family); /%< Set 'sockaddr' to the wildcard address of protocol family 'family'. * * Requires: * \li 'family' is AF_INET or AF_INET6. / void isc_sockaddr_fromin(isc_sockaddr_t sockaddr, const struct in_addr ina, in_port_t port); /%< * Construct an isc_sockaddr_t from an IPv4 address and port. / void isc_sockaddr_fromin6(isc_sockaddr_t sockaddr, const struct in6_addr ina6, in_port_t port); /%< * Construct an isc_sockaddr_t from an IPv6 address and port. / void isc_sockaddr_v6fromin(isc_sockaddr_t sockaddr, const struct in_addr ina, in_port_t port); /%< * Construct an IPv6 isc_sockaddr_t representing a mapped IPv4 address. / void isc_sockaddr_fromnetaddr(isc_sockaddr_t sockaddr, const isc_netaddr_t na, in_port_t port); /%< * Construct an isc_sockaddr_t from an isc_netaddr_t and port. / int isc_sockaddr_pf(const isc_sockaddr_t sockaddr); /%< Get the protocol family of 'sockaddr'. * * Requires: * \li 'sockaddr' is a valid sockaddr with an address family of AF_INET or AF_INET6. * * Returns: * \li The protocol family of 'sockaddr', e.g. PF_INET or PF_INET6. / void isc_sockaddr_setport(isc_sockaddr_t sockaddr, in_port_t port); /%< * Set the port of 'sockaddr' to 'port'. / in_port_t isc_sockaddr_getport(const isc_sockaddr_t sockaddr); /%< Get the port stored in 'sockaddr'. / isc_result_t isc_sockaddr_totext(const isc_sockaddr_t sockaddr, isc_buffer_t target); /%< * Append a text representation of 'sockaddr' to the buffer 'target'. * The text will include both the IP address (v4 or v6) and the port. * The text is null terminated, but the terminating null is not * part of the buffer's used region. * * Returns: * \li ISC_R_SUCCESS * \li ISC_R_NOSPACE The text or the null termination did not fit. / void isc_sockaddr_format(const isc_sockaddr_t sa, char array, unsigned int size); /%< * Format a human-readable representation of the socket address 'sa' into the character array 'array', which is of size 'size'. * The resulting string is guaranteed to be null-terminated. / bool isc_sockaddr_ismulticast(const isc_sockaddr_t sa); /%< Returns #true if the address is a multicast address. / bool isc_sockaddr_isexperimental(const isc_sockaddr_t sa); /* * Returns true if the address is a experimental (CLASS E) address. / bool isc_sockaddr_islinklocal(const isc_sockaddr_t sa); /%< Returns true if the address is a link local address. / bool isc_sockaddr_issitelocal(const isc_sockaddr_t sa); /%< Returns true if the address is a sitelocal address. / bool isc_sockaddr_isnetzero(const isc_sockaddr_t sa); /%< Returns true if the address is in net zero. / isc_result_t isc_sockaddr_frompath(isc_sockaddr_t sockaddr, const char path); / * Create a UNIX domain sockaddr that refers to path. * * Returns: * \li ISC_R_NOSPACE * \li ISC_R_NOTIMPLEMENTED * \li ISC_R_SUCCESS / isc_result_t isc_sockaddr_fromsockaddr(isc_sockaddr_t isa, const struct sockaddr sa); #define ISC_SOCKADDR_FORMATSIZE \ sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:XXX.XXX.XXX.XXX%SSSSSSSSSS#" \ "YYYYY") /%< * Minimum size of array to pass to isc_sockaddr_format(). / ISC_LANG_ENDDECLS #endif / ISC_SOCKADDR_H / ��isc/net.h��0000644��00000020564�15125204632�0006270 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_NET_H #define ISC_NET_H 1 /** * Module Info **/ /! \file * \brief * Basic Networking Types * * This module is responsible for defining the following basic networking * types: * \li struct in_addr \li struct in6_addr \li struct in6_pktinfo \li struct sockaddr \li struct sockaddr_in \li struct sockaddr_in6 \li struct sockaddr_storage \li in_port_t * * It ensures that the AF_ and PF_ macros are defined. * * It declares ntoh[sl]() and hton[sl](). * * It declares inet_ntop(), and inet_pton(). * * It ensures that #INADDR_LOOPBACK, #INADDR_ANY, #IN6ADDR_ANY_INIT, * IN6ADDR_V4MAPPED_INIT, in6addr_any, and in6addr_loopback are available. * * It ensures that IN_MULTICAST() is available to check for multicast * addresses. * * MP: \li No impact. * Reliability: \li No anticipated impact. * Resources: \li N/A. * Security: \li No anticipated impact. * Standards: \li BSD Socket API \li RFC2553 / / * Imports. **/ #include <inttypes.h> #include <isc/lang.h> #include <isc/platform.h> #include <isc/types.h> #include <arpa/inet.h> / Contractual promise. / #include <net/if.h> #include <netinet/in.h> / Contractual promise. / #include <sys/socket.h> / Contractual promise. / #include <sys/types.h> #ifndef IN6ADDR_LOOPBACK_INIT #ifdef s6_addr /% IPv6 address loopback init / #define IN6ADDR_LOOPBACK_INIT \ { \ { \ { \ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1 \ } \ } \ } #else / ifdef s6_addr / #define IN6ADDR_LOOPBACK_INIT \ { \ { \ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1 \ } \ } #endif / ifdef s6_addr / #endif / ifndef IN6ADDR_LOOPBACK_INIT / #ifndef IN6ADDR_V4MAPPED_INIT #ifdef s6_addr /% IPv6 v4mapped prefix init / #define IN6ADDR_V4MAPPED_INIT \ { \ { \ { \ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xff, 0xff, 0, \ 0, 0, 0 \ } \ } \ } #else / ifdef s6_addr / #define IN6ADDR_V4MAPPED_INIT \ { \ { \ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xff, 0xff, 0, 0, 0, 0 \ } \ } #endif / ifdef s6_addr / #endif / ifndef IN6ADDR_V4MAPPED_INIT / #ifndef IN6_IS_ADDR_V4MAPPED /% Is IPv6 address V4 mapped? / #define IN6_IS_ADDR_V4MAPPED(x) \ (memcmp((x)->s6_addr, in6addr_any.s6_addr, 10) == 0 && \ (x)->s6_addr[10] == 0xff && (x)->s6_addr[11] == 0xff) #endif / ifndef IN6_IS_ADDR_V4MAPPED / #ifndef IN6_IS_ADDR_V4COMPAT /% Is IPv6 address V4 compatible? / #define IN6_IS_ADDR_V4COMPAT(x) \ (memcmp((x)->s6_addr, in6addr_any.s6_addr, 12) == 0 && \ ((x)->s6_addr[12] != 0 \|\| (x)->s6_addr[13] != 0 \|\| \ (x)->s6_addr[14] != 0 \|\| \ ((x)->s6_addr[15] != 0 && (x)->s6_addr[15] != 1))) #endif / ifndef IN6_IS_ADDR_V4COMPAT / #ifndef IN6_IS_ADDR_MULTICAST /% Is IPv6 address multicast? / #define IN6_IS_ADDR_MULTICAST(a) ((a)->s6_addr[0] == 0xff) #endif / ifndef IN6_IS_ADDR_MULTICAST / #ifndef IN6_IS_ADDR_LINKLOCAL /% Is IPv6 address linklocal? / #define IN6_IS_ADDR_LINKLOCAL(a) \ (((a)->s6_addr[0] == 0xfe) && (((a)->s6_addr[1] & 0xc0) == 0x80)) #endif / ifndef IN6_IS_ADDR_LINKLOCAL / #ifndef IN6_IS_ADDR_SITELOCAL /% is IPv6 address sitelocal? / #define IN6_IS_ADDR_SITELOCAL(a) \ (((a)->s6_addr[0] == 0xfe) && (((a)->s6_addr[1] & 0xc0) == 0xc0)) #endif / ifndef IN6_IS_ADDR_SITELOCAL / #ifndef IN6_IS_ADDR_LOOPBACK /% is IPv6 address loopback? / #define IN6_IS_ADDR_LOOPBACK(x) \ (memcmp((x)->s6_addr, in6addr_loopback.s6_addr, 16) == 0) #endif / ifndef IN6_IS_ADDR_LOOPBACK / #ifndef AF_INET6 /% IPv6 / #define AF_INET6 99 #endif / ifndef AF_INET6 / #ifndef PF_INET6 /% IPv6 / #define PF_INET6 AF_INET6 #endif / ifndef PF_INET6 / #ifndef INADDR_ANY /% inaddr any / #define INADDR_ANY 0x00000000UL #endif / ifndef INADDR_ANY / #ifndef INADDR_LOOPBACK /% inaddr loopback / #define INADDR_LOOPBACK 0x7f000001UL #endif / ifndef INADDR_LOOPBACK / #ifndef MSG_TRUNC /% * If this system does not have MSG_TRUNC (as returned from recvmsg()) * ISC_PLATFORM_RECVOVERFLOW will be defined. This will enable the MSG_TRUNC * faking code in socket.c. / #define ISC_PLATFORM_RECVOVERFLOW #endif / ifndef MSG_TRUNC / /% IP address. / #define ISC__IPADDR(x) ((uint32_t)htonl((uint32_t)(x))) /% Is IP address multicast? / #define ISC_IPADDR_ISMULTICAST(i) \ (((uint32_t)(i)&ISC__IPADDR(0xf0000000)) == ISC__IPADDR(0xe0000000)) #define ISC_IPADDR_ISEXPERIMENTAL(i) \ (((uint32_t)(i)&ISC__IPADDR(0xf0000000)) == ISC__IPADDR(0xf0000000)) / * Functions. **/ ISC_LANG_BEGINDECLS isc_result_t isc_net_probeipv4(void); /%< * Check if the system's kernel supports IPv4. * * Returns: * \li #ISC_R_SUCCESS IPv4 is supported. \li #ISC_R_NOTFOUND IPv4 is not supported. \li #ISC_R_DISABLED IPv4 is disabled. \li #ISC_R_UNEXPECTED / isc_result_t isc_net_probeipv6(void); /%< * Check if the system's kernel supports IPv6. * * Returns: * \li #ISC_R_SUCCESS IPv6 is supported. \li #ISC_R_NOTFOUND IPv6 is not supported. \li #ISC_R_DISABLED IPv6 is disabled. \li #ISC_R_UNEXPECTED / isc_result_t isc_net_probe_ipv6only(void); /%< * Check if the system's kernel supports the IPV6_V6ONLY socket option. * * Returns: * \li #ISC_R_SUCCESS the option is supported for both TCP and UDP. \li #ISC_R_NOTFOUND IPv6 itself or the option is not supported. \li #ISC_R_UNEXPECTED / isc_result_t isc_net_probe_ipv6pktinfo(void); /* * Check if the system's kernel supports the IPV6_(RECV)PKTINFO socket option * for UDP sockets. * * Returns: * * \li #ISC_R_SUCCESS the option is supported. * \li #ISC_R_NOTFOUND IPv6 itself or the option is not supported. * \li #ISC_R_UNEXPECTED / void isc_net_disableipv4(void); void isc_net_disableipv6(void); void isc_net_enableipv4(void); void isc_net_enableipv6(void); isc_result_t isc_net_probeunix(void); / * Returns whether UNIX domain sockets are supported. / #define ISC_NET_DSCPRECVV4 0x01 / Can receive sent DSCP value IPv4 / #define ISC_NET_DSCPRECVV6 0x02 / Can receive sent DSCP value IPv6 / #define ISC_NET_DSCPSETV4 0x04 / Can set DSCP on socket IPv4 / #define ISC_NET_DSCPSETV6 0x08 / Can set DSCP on socket IPv6 / #define ISC_NET_DSCPPKTV4 0x10 / Can set DSCP on per packet IPv4 / #define ISC_NET_DSCPPKTV6 0x20 / Can set DSCP on per packet IPv6 / #define ISC_NET_DSCPALL 0x3f / All valid flags / unsigned int isc_net_probedscp(void); /%< * Probe the level of DSCP support. / isc_result_t isc_net_getudpportrange(int af, in_port_t low, in_port_t high); /%< * Returns system's default range of ephemeral UDP ports, if defined. * If the range is not available or unknown, ISC_NET_PORTRANGELOW and * ISC_NET_PORTRANGEHIGH will be returned. * * Requires: * \li 'low' and 'high' must be non NULL. * Returns: * \li low and high will be the ports specifying the low and high ends of the range. / ISC_LANG_ENDDECLS #endif / ISC_NET_H / ��isc/url.h��0000644��00000005171�15125204632�0006301 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / / * Copyright Joyent, Inc. and other Node contributors. All rights reserved. * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to * deal in the Software without restriction, including without limitation the * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or * sell copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS * IN THE SOFTWARE. / #include <stdbool.h> #include <stdint.h> #include <isc/result.h> / * Compile with -DHTTP_PARSER_STRICT=0 to make less checks, but run * faster / #ifndef HTTP_PARSER_STRICT #define HTTP_PARSER_STRICT 1 #endif typedef enum { ISC_UF_SCHEMA = 0, ISC_UF_HOST = 1, ISC_UF_PORT = 2, ISC_UF_PATH = 3, ISC_UF_QUERY = 4, ISC_UF_FRAGMENT = 5, ISC_UF_USERINFO = 6, ISC_UF_MAX = 7 } isc_url_field_t; / Result structure for isc_url_parse(). * * Callers should index into field_data[] with UF_* values iff field_set * has the relevant (1 << UF_) bit set. As a courtesy to clients (and because we probably have padding left over), we convert any port to * a uint16_t. / typedef struct { uint16_t field_set; / Bitmask of (1 << UF_) values / uint16_t port; /* Converted UF_PORT string / struct { uint16_t off; / Offset into buffer in which field starts / uint16_t len; / Length of run in buffer / } field_data[ISC_UF_MAX]; } isc_url_parser_t; isc_result_t isc_url_parse(const char buf, size_t buflen, bool is_connect, isc_url_parser_t up); /%< * Parse a URL; return nonzero on failure / ��isc/resource.h��0000644��00000005454�15125204632�0007332 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_RESOURCE_H #define ISC_RESOURCE_H 1 /! \file isc/resource.h / #include <isc/lang.h> #include <isc/types.h> #define ISC_RESOURCE_UNLIMITED ((isc_resourcevalue_t)UINT64_MAX) ISC_LANG_BEGINDECLS isc_result_t isc_resource_setlimit(isc_resource_t resource, isc_resourcevalue_t value); /%< * Set the maximum limit for a system resource. * * Notes: \li If 'value' exceeds the maximum possible on the operating system, it is silently limited to that maximum -- or to "infinity", if * the operating system has that concept. #ISC_RESOURCE_UNLIMITED * can be used to explicitly ask for the maximum. * * Requires: \li 'resource' is a valid member of the isc_resource_t enumeration. * Returns: \li #ISC_R_SUCCESS Success. \li #ISC_R_NOTIMPLEMENTED 'resource' is not a type known by the OS. \li #ISC_R_NOPERM The calling process did not have adequate permission to change the resource limit. / isc_result_t isc_resource_getlimit(isc_resource_t resource, isc_resourcevalue_t value); /%< Get the maximum limit for a system resource. * * Notes: \li 'value' is set to the maximum limit. \li #ISC_RESOURCE_UNLIMITED is the maximum value of isc_resourcevalue_t. \li On many (all?) Unix systems, RLIM_INFINITY is a valid value that is significantly less than #ISC_RESOURCE_UNLIMITED, but which in practice * behaves the same. * \li The current ISC libdns configuration file parser assigns a value of UINT32_MAX for a size_spec of "unlimited" and ISC_UNIT32_MAX - 1 * for "default", the latter of which is supposed to represent "the * limit that was in force when the server started". Since these are * valid values in the middle of the range of isc_resourcevalue_t, * there is the possibility for confusion over what exactly those * particular values are supposed to represent in a particular context -- * discrete integral values or generalized concepts. * * Requires: \li 'resource' is a valid member of the isc_resource_t enumeration. * Returns: \li #ISC_R_SUCCESS Success. \li #ISC_R_NOTIMPLEMENTED 'resource' is not a type known by the OS. / isc_result_t isc_resource_getcurlimit(isc_resource_t resource, isc_resourcevalue_t value); /%< Same as isc_resource_getlimit(), but returns the current (soft) limit. * * Returns: \li #ISC_R_SUCCESS Success. \li #ISC_R_NOTIMPLEMENTED 'resource' is not a type known by the OS. / ISC_LANG_ENDDECLS #endif / ISC_RESOURCE_H / ��isc/backtrace.h��0000644��00000007466�15125204632�0007427 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! \file isc/backtrace.h * \brief provide a back trace of the running process to help debug problems. * * This module tries to get a back trace of the process using some platform * dependent way when available. It also manages an internal symbol table * that maps function addresses used in the process to their textual symbols. * This module is expected to be used to help debug when some fatal error * happens. * * IMPORTANT NOTE: since the (major) intended use case of this module is * dumping a back trace on a fatal error, normally followed by self termination, * functions defined in this module generally doesn't employ assertion checks * (if it did, a program bug could cause infinite recursive calls to a * backtrace function). These functions still perform minimal checks and return * ISC_R_FAILURE if they detect an error, but the caller should therefore be * very careful about the use of these functions, and generally discouraged to * use them except in an exit path. The exception is * isc_backtrace_getsymbolfromindex(), which is expected to be used in a * non-error-handling context and validates arguments with assertion checks. / #ifndef ISC_BACKTRACE_H #define ISC_BACKTRACE_H 1 / * Imports */ #include <isc/types.h> /* * Types / struct isc_backtrace_symmap { void addr; const char symbol; }; LIBISC_EXTERNAL_DATA extern const int isc__backtrace_nsymbols; LIBISC_EXTERNAL_DATA extern const isc_backtrace_symmap_t isc__backtrace_symtable[]; / * Functions */ ISC_LANG_BEGINDECLS isc_result_t isc_backtrace_gettrace(void addrs, int maxaddrs, int nframes); /%< * Get a back trace of the running process above this function itself. On * success, addrs[i] will store the address of the call point of the i-th * stack frame (addrs[0] is the caller of this function). nframes will store the total number of frames. * * Requires (note that these are not ensured by assertion checks, see above): * \li 'addrs' is a valid array containing at least 'maxaddrs' void entries. * \li 'nframes' must be non NULL. * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_FAILURE \li #ISC_R_NOTFOUND \li #ISC_R_NOTIMPLEMENTED / isc_result_t isc_backtrace_getsymbolfromindex(int index, const void addrp, const char symbolp); /%< * Returns the content of the internal symbol table of the given index. * On success, addrsp and symbolp point to the address and the symbol of * the 'index'th entry of the table, respectively. If 'index' is not in the * range of the symbol table, ISC_R_RANGE will be returned. * * Requires * \li 'addrp' must be non NULL && 'addrp' == NULL. * \li 'symbolp' must be non NULL && 'symbolp' == NULL. * * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_RANGE / isc_result_t isc_backtrace_getsymbol(const void addr, const char *symbolp, unsigned long offsetp); /%< Searches the internal symbol table for the symbol that most matches the * given 'addr'. On success, 'symbolp' will point to the name of function to which the address 'addr' belong, and 'offsetp' will store the offset from the function's entry address to 'addr'. * * Requires (note that these are not ensured by assertion checks, see above): * \li 'symbolp' must be non NULL && 'symbolp' == NULL. * \li 'offsetp' must be non NULL. * Returns: * \li #ISC_R_SUCCESS \li #ISC_R_FAILURE \li #ISC_R_NOTFOUND / ISC_LANG_ENDDECLS #endif /* ISC_BACKTRACE_H / ��isc/errno2result.h��0000644��00000001605�15125204632�0010143 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef UNIX_ERRNO2RESULT_H #define UNIX_ERRNO2RESULT_H 1 /! \file / / XXXDCL this should be moved to lib/isc/include/isc/errno2result.h. / #include <errno.h> / Provides errno. / #include <stdbool.h> #include <isc/lang.h> #include <isc/types.h> ISC_LANG_BEGINDECLS #define isc__errno2result(x) isc___errno2result(x, true, __FILE__, __LINE__) isc_result_t isc___errno2result(int posixerrno, bool dolog, const char file, unsigned int line); ISC_LANG_ENDDECLS #endif /* UNIX_ERRNO2RESULT_H / ��isc/aes.h��0000644��00000001767�15125204632�0006256 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! \file isc/aes.h / #ifndef ISC_AES_H #define ISC_AES_H 1 #include <isc/lang.h> #include <isc/platform.h> #include <isc/types.h> #define ISC_AES128_KEYLENGTH 16U #define ISC_AES192_KEYLENGTH 24U #define ISC_AES256_KEYLENGTH 32U #define ISC_AES_BLOCK_LENGTH 16U ISC_LANG_BEGINDECLS void isc_aes128_crypt(const unsigned char key, const unsigned char in, unsigned char out); void isc_aes192_crypt(const unsigned char key, const unsigned char in, unsigned char out); void isc_aes256_crypt(const unsigned char key, const unsigned char in, unsigned char out); ISC_LANG_ENDDECLS #endif /* ISC_AES_H / ��isc/time.h��0000644��00000025542�15125204632�0006441 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_TIME_H #define ISC_TIME_H 1 /! \file / #include <inttypes.h> #include <stdbool.h> #include <isc/lang.h> #include <isc/types.h> / * Intervals **/ /! * \brief * The contents of this structure are private, and MUST NOT be accessed * directly by callers. * * The contents are exposed only to allow callers to avoid dynamic allocation. / struct isc_interval { unsigned int seconds; unsigned int nanoseconds; }; extern const isc_interval_t const isc_interval_zero; /* * ISC_FORMATHTTPTIMESTAMP_SIZE needs to be 30 in C locale and potentially * more for other locales to handle longer national abbreviations when * expanding strftime's %a and %b. / #define ISC_FORMATHTTPTIMESTAMP_SIZE 50 ISC_LANG_BEGINDECLS void isc_interval_set(isc_interval_t i, unsigned int seconds, unsigned int nanoseconds); /%< Set 'i' to a value representing an interval of 'seconds' seconds and * 'nanoseconds' nanoseconds, suitable for use in isc_time_add() and * isc_time_subtract(). * * Requires: * \li 't' is a valid pointer. \li nanoseconds < 1000000000. / bool isc_interval_iszero(const isc_interval_t i); /%< Returns true iff. 'i' is the zero interval. * * Requires: * \li 'i' is a valid pointer. / /* * Absolute Times **/ /% * The contents of this structure are private, and MUST NOT be accessed * directly by callers. * * The contents are exposed only to allow callers to avoid dynamic allocation. / struct isc_time { unsigned int seconds; unsigned int nanoseconds; }; extern const isc_time_t const isc_time_epoch; void isc_time_set(isc_time_t t, unsigned int seconds, unsigned int nanoseconds); /%< * Set 't' to a value which represents the given number of seconds and * nanoseconds since 00:00:00 January 1, 1970, UTC. * * Notes: \li The Unix version of this call is equivalent to: \code * isc_time_settoepoch(t); * isc_interval_set(i, seconds, nanoseconds); * isc_time_add(t, i, t); \endcode * Requires: \li 't' is a valid pointer. \li nanoseconds < 1000000000. / void isc_time_settoepoch(isc_time_t t); /%< Set 't' to the time of the epoch. * * Notes: \li The date of the epoch is platform-dependent. * Requires: * \li 't' is a valid pointer. / bool isc_time_isepoch(const isc_time_t t); /%< * Returns true iff. 't' is the epoch ("time zero"). * * Requires: * \li 't' is a valid pointer. / isc_result_t isc_time_now(isc_time_t t); /%< * Set 't' to the current absolute time. * * Requires: * \li 't' is a valid pointer. * Returns: * \li Success \li Unexpected error * Getting the time from the system failed. \li Out of range The time from the system is too large to be represented * in the current definition of isc_time_t. / isc_result_t isc_time_now_hires(isc_time_t t); /%< Set 't' to the current absolute time. Uses higher resolution clocks * recommended when microsecond accuracy is required. * * Requires: * \li 't' is a valid pointer. * Returns: * \li Success \li Unexpected error * Getting the time from the system failed. \li Out of range The time from the system is too large to be represented * in the current definition of isc_time_t. / isc_result_t isc_time_nowplusinterval(isc_time_t t, const isc_interval_t i); /%< * Set t to the current absolute time + i. * Note: \li This call is equivalent to: \code isc_time_now(t); * isc_time_add(t, i, t); \endcode * Requires: * \li 't' and 'i' are valid pointers. * Returns: * \li Success \li Unexpected error * Getting the time from the system failed. \li Out of range The interval added to the time from the system is too large to * be represented in the current definition of isc_time_t. / int isc_time_compare(const isc_time_t t1, const isc_time_t t2); /%< * Compare the times referenced by 't1' and 't2' * * Requires: * \li 't1' and 't2' are valid pointers. * Returns: * \li -1 t1 < t2 (comparing times, not pointers) \li 0 t1 = t2 \li 1 t1 > t2 / isc_result_t isc_time_add(const isc_time_t t, const isc_interval_t i, isc_time_t result); /%< * Add 'i' to 't', storing the result in 'result'. * * Requires: * \li 't', 'i', and 'result' are valid pointers. * Returns: \li Success \li Out of range * The interval added to the time is too large to * be represented in the current definition of isc_time_t. / isc_result_t isc_time_subtract(const isc_time_t t, const isc_interval_t i, isc_time_t result); /%< Subtract 'i' from 't', storing the result in 'result'. * * Requires: * \li 't', 'i', and 'result' are valid pointers. * Returns: \li Success \li Out of range * The interval is larger than the time since the epoch. / uint64_t isc_time_microdiff(const isc_time_t t1, const isc_time_t t2); /%< * Find the difference in microseconds between time t1 and time t2. * t2 is the subtrahend of t1; ie, difference = t1 - t2. * * Requires: * \li 't1' and 't2' are valid pointers. * Returns: \li The difference of t1 - t2, or 0 if t1 <= t2. / uint32_t isc_time_seconds(const isc_time_t t); /%< * Return the number of seconds since the epoch stored in a time structure. * * Requires: * \li 't' is a valid pointer. / isc_result_t isc_time_secondsastimet(const isc_time_t t, time_t secondsp); /%< Ensure the number of seconds in an isc_time_t is representable by a time_t. * * Notes: \li The number of seconds stored in an isc_time_t might be larger than the number of seconds a time_t is able to handle. Since * time_t is mostly opaque according to the ANSI/ISO standard * (essentially, all you can be sure of is that it is an arithmetic type, * not even necessarily integral), it can be tricky to ensure that * the isc_time_t is in the range a time_t can handle. Use this * function in place of isc_time_seconds() any time you need to set a * time_t from an isc_time_t. * * Requires: \li 't' is a valid pointer. * Returns: \li Success \li Out of range / uint32_t isc_time_nanoseconds(const isc_time_t t); /%< Return the number of nanoseconds stored in a time structure. * * Notes: \li This is the number of nanoseconds in excess of the number of seconds since the epoch; it will always be less than one * full second. * * Requires: \li 't' is a valid pointer. * Ensures: \li The returned value is less than 110^9. / void isc_time_formattimestamp(const isc_time_t t, char buf, unsigned int len); /%< * Format the time 't' into the buffer 'buf' of length 'len', * using a format like "30-Aug-2000 04:06:47.997" and the local time zone. * If the text does not fit in the buffer, the result is indeterminate, * but is always guaranteed to be null terminated. * * Requires: \li 'len' > 0 \li 'buf' points to an array of at least len chars * / void isc_time_formathttptimestamp(const isc_time_t t, char buf, unsigned int len); /%< * Format the time 't' into the buffer 'buf' of length 'len', * using a format like "Mon, 30 Aug 2000 04:06:47 GMT" * If the text does not fit in the buffer, the result is indeterminate, * but is always guaranteed to be null terminated. * * Requires: \li 'len' > 0 \li 'buf' points to an array of at least len chars * / isc_result_t isc_time_parsehttptimestamp(char input, isc_time_t t); /%< * Parse the time in 'input' into the isc_time_t pointed to by 't', * expecting a format like "Mon, 30 Aug 2000 04:06:47 GMT" * * Requires: \li 'buf' and 't' are not NULL. / void isc_time_formatISO8601L(const isc_time_t t, char buf, unsigned int len); /%< Format the time 't' into the buffer 'buf' of length 'len', * using the ISO8601 format: "yyyy-mm-ddThh:mm:ss" * If the text does not fit in the buffer, the result is indeterminate, * but is always guaranteed to be null terminated. * * Requires: \li 'len' > 0 \li 'buf' points to an array of at least len chars * / void isc_time_formatISO8601Lms(const isc_time_t t, char buf, unsigned int len); /%< * Format the time 't' into the buffer 'buf' of length 'len', * using the ISO8601 format: "yyyy-mm-ddThh:mm:ss.sss" * If the text does not fit in the buffer, the result is indeterminate, * but is always guaranteed to be null terminated. * * Requires: \li 'len' > 0 \li 'buf' points to an array of at least len chars * / void isc_time_formatISO8601Lus(const isc_time_t t, char buf, unsigned int len); /%< * Format the time 't' into the buffer 'buf' of length 'len', * using the ISO8601 format: "yyyy-mm-ddThh:mm:ss.ssssss" * If the text does not fit in the buffer, the result is indeterminate, * but is always guaranteed to be null terminated. * * Requires: \li 'len' > 0 \li 'buf' points to an array of at least len chars * / void isc_time_formatISO8601(const isc_time_t t, char buf, unsigned int len); /%< * Format the time 't' into the buffer 'buf' of length 'len', * using the ISO8601 format: "yyyy-mm-ddThh:mm:ssZ" * If the text does not fit in the buffer, the result is indeterminate, * but is always guaranteed to be null terminated. * * Requires: \li 'len' > 0 \li 'buf' points to an array of at least len chars * / void isc_time_formatISO8601ms(const isc_time_t t, char buf, unsigned int len); /%< * Format the time 't' into the buffer 'buf' of length 'len', * using the ISO8601 format: "yyyy-mm-ddThh:mm:ss.sssZ" * If the text does not fit in the buffer, the result is indeterminate, * but is always guaranteed to be null terminated. * * Requires: \li 'len' > 0 \li 'buf' points to an array of at least len chars * / void isc_time_formatISO8601us(const isc_time_t t, char buf, unsigned int len); /%< * Format the time 't' into the buffer 'buf' of length 'len', * using the ISO8601 format: "yyyy-mm-ddThh:mm:ss.ssssssZ" * If the text does not fit in the buffer, the result is indeterminate, * but is always guaranteed to be null terminated. * * Requires: \li 'len' > 0 \li 'buf' points to an array of at least len chars * / void isc_time_formatshorttimestamp(const isc_time_t t, char buf, unsigned int len); /%< * Format the time 't' into the buffer 'buf' of length 'len', * using the format "yyyymmddhhmmsssss" useful for file timestamping. * If the text does not fit in the buffer, the result is indeterminate, * but is always guaranteed to be null terminated. * * Requires: \li 'len' > 0 \li 'buf' points to an array of at least len chars * / ISC_LANG_ENDDECLS #endif / ISC_TIME_H / ��isc/dir.h��0000644��00000003011�15125204632�0006244 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_DIR_H #define ISC_DIR_H 1 /! \file / #include <dirent.h> #include <isc/lang.h> #include <isc/platform.h> #include <isc/result.h> #include <sys/types.h> / Required on some systems. / /% Directory Entry / typedef struct isc_direntry { char name[NAME_MAX]; unsigned int length; } isc_direntry_t; /% Directory / typedef struct isc_dir { unsigned int magic; char dirname[PATH_MAX]; isc_direntry_t entry; DIR handle; } isc_dir_t; ISC_LANG_BEGINDECLS void isc_dir_init(isc_dir_t dir); isc_result_t isc_dir_open(isc_dir_t dir, const char dirname); isc_result_t isc_dir_read(isc_dir_t dir); isc_result_t isc_dir_reset(isc_dir_t dir); void isc_dir_close(isc_dir_t dir); isc_result_t isc_dir_chdir(const char dirname); isc_result_t isc_dir_chroot(const char dirname); isc_result_t isc_dir_createunique(char templet); /!< * Use a templet (such as from isc_file_mktemplate()) to create a uniquely * named, empty directory. The templet string is modified in place. * If result == ISC_R_SUCCESS, it is the name of the directory that was * created. / ISC_LANG_ENDDECLS #endif / ISC_DIR_H / ��isc/astack.h��0000644��00000002161�15125204632�0006741 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once #include <inttypes.h> #include <isc/mem.h> #include <isc/types.h> isc_astack_t isc_astack_new(isc_mem_t mctx, size_t size); /%< * Allocate and initialize a new array stack of size 'size'. / void isc_astack_destroy(isc_astack_t stack); /%< Free an array stack 'stack'. * * Requires: * \li 'stack' is empty. / bool isc_astack_trypush(isc_astack_t stack, void obj); /%< * Try to push 'obj' onto array stack 'astack'. On failure, either * because the stack size limit has been reached or because another * thread has already changed the stack pointer, return 'false'. / void isc_astack_pop(isc_astack_t stack); /%< * Pop an object off of array stack 'stack'. If the stack is empty, * return NULL. / ��isc/mem.h��0000644��00000043246�15125204632�0006262 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_MEM_H #define ISC_MEM_H 1 /! \file isc/mem.h / #include <stdbool.h> #include <stdio.h> #include <isc/lang.h> #include <isc/mutex.h> #include <isc/platform.h> #include <isc/types.h> #include <isc/util.h> ISC_LANG_BEGINDECLS #define ISC_MEM_LOWATER 0 #define ISC_MEM_HIWATER 1 typedef void (isc_mem_water_t)(void , int); /% * Define ISC_MEM_TRACKLINES=1 to turn on detailed tracing of memory * allocation and freeing by file and line number. / #ifndef ISC_MEM_TRACKLINES #define ISC_MEM_TRACKLINES 1 #endif / ifndef ISC_MEM_TRACKLINES / /% * Define ISC_MEM_CHECKOVERRUN=1 to turn on checks for using memory outside * the requested space. This will increase the size of each allocation. * * If we are performing a Coverity static analysis then ISC_MEM_CHECKOVERRUN * can hide bugs that would otherwise discovered so force to zero. / #ifdef __COVERITY__ #undef ISC_MEM_CHECKOVERRUN #define ISC_MEM_CHECKOVERRUN 0 #endif / ifdef __COVERITY__ / #ifndef ISC_MEM_CHECKOVERRUN #define ISC_MEM_CHECKOVERRUN 1 #endif / ifndef ISC_MEM_CHECKOVERRUN / /% * Define ISC_MEMPOOL_NAMES=1 to make memory pools store a symbolic * name so that the leaking pool can be more readily identified in * case of a memory leak. / #ifndef ISC_MEMPOOL_NAMES #define ISC_MEMPOOL_NAMES 1 #endif / ifndef ISC_MEMPOOL_NAMES / LIBISC_EXTERNAL_DATA extern unsigned int isc_mem_debugging; LIBISC_EXTERNAL_DATA extern unsigned int isc_mem_defaultflags; /@{/ #define ISC_MEM_DEBUGTRACE 0x00000001U #define ISC_MEM_DEBUGRECORD 0x00000002U #define ISC_MEM_DEBUGUSAGE 0x00000004U #define ISC_MEM_DEBUGSIZE 0x00000008U #define ISC_MEM_DEBUGCTX 0x00000010U #define ISC_MEM_DEBUGALL 0x0000001FU /!< * The variable isc_mem_debugging holds a set of flags for * turning certain memory debugging options on or off at * runtime. It is initialized to the value ISC_MEM_DEGBUGGING, * which is 0 by default but may be overridden at compile time. * The following flags can be specified: * * \li #ISC_MEM_DEBUGTRACE * Log each allocation and free to isc_lctx. * * \li #ISC_MEM_DEBUGRECORD * Remember each allocation, and match them up on free. * Crash if a free doesn't match an allocation. * * \li #ISC_MEM_DEBUGUSAGE * If a hi_water mark is set, print the maximum inuse memory * every time it is raised once it exceeds the hi_water mark. * * \li #ISC_MEM_DEBUGSIZE * Check the size argument being passed to isc_mem_put() matches * that passed to isc_mem_get(). * * \li #ISC_MEM_DEBUGCTX * Check the mctx argument being passed to isc_mem_put() matches * that passed to isc_mem_get(). / /@}/ #if ISC_MEM_TRACKLINES #define _ISC_MEM_FILELINE , __FILE__, __LINE__ #define _ISC_MEM_FLARG , const char , unsigned int #else /* if ISC_MEM_TRACKLINES / #define _ISC_MEM_FILELINE #define _ISC_MEM_FLARG #endif / if ISC_MEM_TRACKLINES / /! * Define ISC_MEM_USE_INTERNAL_MALLOC=1 to use the internal malloc() * implementation in preference to the system one. The internal malloc() * is very space-efficient, and quite fast on uniprocessor systems. It * performs poorly on multiprocessor machines. * JT: we can overcome the performance issue on multiprocessor machines * by carefully separating memory contexts. / #if !defined(ISC_MEM_USE_INTERNAL_MALLOC) && !__SANITIZE_ADDRESS__ #define ISC_MEM_USE_INTERNAL_MALLOC 1 #endif / ifndef ISC_MEM_USE_INTERNAL_MALLOC / / * Flags for isc_mem_create() calls. / #define ISC_MEMFLAG_RESERVED 0x00000001 / reserved, obsoleted, don't use / #define ISC_MEMFLAG_INTERNAL 0x00000002 / use internal malloc / #define ISC_MEMFLAG_FILL \ 0x00000004 / fill with pattern after alloc and frees / #if !ISC_MEM_USE_INTERNAL_MALLOC #define ISC_MEMFLAG_DEFAULT 0 #else / if !ISC_MEM_USE_INTERNAL_MALLOC / #define ISC_MEMFLAG_DEFAULT ISC_MEMFLAG_INTERNAL \| ISC_MEMFLAG_FILL #endif / if !ISC_MEM_USE_INTERNAL_MALLOC / /% * isc_mem_putanddetach() is a convenience function for use where you * have a structure with an attached memory context. * * Given: * * \code * struct { * ... * isc_mem_t mctx; ... * } ptr; * isc_mem_t mctx; * isc_mem_putanddetach(&ptr->mctx, ptr, sizeof(ptr)); \endcode * * is the equivalent of: * * \code * mctx = NULL; * isc_mem_attach(ptr->mctx, &mctx); * isc_mem_detach(&ptr->mctx); * isc_mem_put(mctx, ptr, sizeof(ptr)); isc_mem_detach(&mctx); * \endcode / /% memory and memory pool methods / typedef struct isc_memmethods { void (memget)(isc_mem_t mctx, size_t size _ISC_MEM_FLARG); void (memput)(isc_mem_t mctx, void ptr, size_t size _ISC_MEM_FLARG); void (memputanddetach)(isc_mem_t *mctxp, void ptr, size_t size _ISC_MEM_FLARG); void (memallocate)(isc_mem_t mctx, size_t size _ISC_MEM_FLARG); void (memreallocate)(isc_mem_t mctx, void ptr, size_t size _ISC_MEM_FLARG); char (memstrdup)(isc_mem_t mctx, const char s _ISC_MEM_FLARG); char (memstrndup)(isc_mem_t mctx, const char s, size_t size _ISC_MEM_FLARG); void (memfree)(isc_mem_t mctx, void ptr _ISC_MEM_FLARG); } isc_memmethods_t; /% This structure is actually just the common prefix of a memory context * implementation's version of an isc_mem_t. * \brief * Direct use of this structure by clients is forbidden. mctx implementations * may change the structure. 'magic' must be ISCAPI_MCTX_MAGIC for any of the * isc_mem_ routines to work. mctx implementations must maintain all mctx * invariants. / struct isc_mem { unsigned int impmagic; unsigned int magic; isc_memmethods_t methods; }; #define ISCAPI_MCTX_MAGIC ISC_MAGIC('A', 'm', 'c', 'x') #define ISCAPI_MCTX_VALID(m) ((m) != NULL && (m)->magic == ISCAPI_MCTX_MAGIC) /% This is the common prefix of a memory pool context. The same note as * that for the mem structure applies. / struct isc_mempool { unsigned int impmagic; unsigned int magic; }; #define ISCAPI_MPOOL_MAGIC ISC_MAGIC('A', 'm', 'p', 'l') #define ISCAPI_MPOOL_VALID(mp) \ ((mp) != NULL && (mp)->magic == ISCAPI_MPOOL_MAGIC) /% * These functions are actually implemented in isc__mem_<function> * (two underscores). The single-underscore macros are used to pass * __FILE__ and __LINE__, and in the case of the put functions, to * set the pointer being freed to NULL in the calling function. * * Many of these functions have a further isc___mem_<function> * (three underscores) implementation, which is called indirectly * via the isc_memmethods structure in the mctx so that dynamically * loaded modules can use them even if named is statically linked. / #define ISCMEMFUNC(sfx) isc__mem_##sfx #define ISCMEMPOOLFUNC(sfx) isc__mempool_##sfx #define isc_mem_get(c, s) ISCMEMFUNC(get)((c), (s)_ISC_MEM_FILELINE) #define isc_mem_allocate(c, s) ISCMEMFUNC(allocate)((c), (s)_ISC_MEM_FILELINE) #define isc_mem_reallocate(c, p, s) \ ISCMEMFUNC(reallocate)((c), (p), (s)_ISC_MEM_FILELINE) #define isc_mem_strdup(c, p) ISCMEMFUNC(strdup)((c), (p)_ISC_MEM_FILELINE) #define isc_mem_strndup(c, p, s) \ ISCMEMFUNC(strndup)((c), (p), (s)_ISC_MEM_FILELINE) #define isc_mempool_get(c) ISCMEMPOOLFUNC(get)((c)_ISC_MEM_FILELINE) #define isc_mem_put(c, p, s) \ do { \ ISCMEMFUNC(put)((c), (p), (s)_ISC_MEM_FILELINE); \ (p) = NULL; \ } while (0) #define isc_mem_putanddetach(c, p, s) \ do { \ ISCMEMFUNC(putanddetach)((c), (p), (s)_ISC_MEM_FILELINE); \ (p) = NULL; \ } while (0) #define isc_mem_free(c, p) \ do { \ ISCMEMFUNC(free)((c), (p)_ISC_MEM_FILELINE); \ (p) = NULL; \ } while (0) #define isc_mempool_put(c, p) \ do { \ ISCMEMPOOLFUNC(put)((c), (p)_ISC_MEM_FILELINE); \ (p) = NULL; \ } while (0) /@{/ void isc_mem_create(isc_mem_t mctxp); /!< * \brief Create a memory context. * * Requires: * mctxp != NULL && mctxp == NULL / /@}/ /@{/ void isc_mem_attach(isc_mem_t , isc_mem_t ); void isc_mem_detach(isc_mem_t ); /!< * \brief Attach to / detach from a memory context. * * This is intended for applications that use multiple memory contexts * in such a way that it is not obvious when the last allocations from * a given context has been freed and destroying the context is safe. * * Most applications do not need to call these functions as they can * simply create a single memory context at the beginning of main() * and destroy it at the end of main(), thereby guaranteeing that it * is not destroyed while there are outstanding allocations. / /@}/ void isc_mem_destroy(isc_mem_t ); /%< * Destroy a memory context. / void isc_mem_stats(isc_mem_t mctx, FILE out); /%< * Print memory usage statistics for 'mctx' on the stream 'out'. / void isc_mem_setdestroycheck(isc_mem_t mctx, bool on); /%< If 'on' is true, 'mctx' will check for memory leaks when * destroyed and abort the program if any are present. / size_t isc_mem_inuse(isc_mem_t mctx); /%< Get an estimate of the amount of memory in use in 'mctx', in bytes. * This includes quantization overhead, but does not include memory * allocated from the system but not yet used. / size_t isc_mem_maxinuse(isc_mem_t mctx); /%< Get an estimate of the largest amount of memory that has been in * use in 'mctx' at any time. / size_t isc_mem_total(isc_mem_t mctx); /%< Get the total amount of memory in 'mctx', in bytes, including memory * not yet used. / bool isc_mem_isovermem(isc_mem_t mctx); /%< Return true iff the memory context is in "over memory" state, i.e., * a hiwater mark has been set and the used amount of memory has exceeds * the mark. / void isc_mem_setwater(isc_mem_t mctx, isc_mem_water_t water, void water_arg, size_t hiwater, size_t lowater); /%< * Set high and low water marks for this memory context. * * When the memory usage of 'mctx' exceeds 'hiwater', * '(water)(water_arg, #ISC_MEM_HIWATER)' will be called. 'water' needs to * call isc_mem_waterack() with #ISC_MEM_HIWATER to acknowledge the state * change. 'water' may be called multiple times. * * When the usage drops below 'lowater', 'water' will again be called, this * time with #ISC_MEM_LOWATER. 'water' need to calls isc_mem_waterack() with * #ISC_MEM_LOWATER to acknowledge the change. * * static void * water(void arg, int mark) { struct foo foo = arg; * LOCK(&foo->marklock); * if (foo->mark != mark) { * foo->mark = mark; * .... * isc_mem_waterack(foo->mctx, mark); * } * UNLOCK(&foo->marklock); * } * * If 'water' is NULL then 'water_arg', 'hi_water' and 'lo_water' are * ignored and the state is reset. * * Requires: * * 'water' is not NULL. * hi_water >= lo_water / void isc_mem_waterack(isc_mem_t ctx, int mark); /%< Called to acknowledge changes in signaled by calls to 'water'. / void isc_mem_checkdestroyed(FILE file); /%< Check that all memory contexts have been destroyed. * Prints out those that have not been. * Fatally fails if there are still active contexts. / unsigned int isc_mem_references(isc_mem_t ctx); /%< Return the current reference count. / void isc_mem_setname(isc_mem_t ctx, const char name, void tag); /%< Name 'ctx'. * * Notes: * \li Only the first 15 characters of 'name' will be copied. \li 'tag' is for debugging purposes only. * Requires: * \li 'ctx' is a valid ctx. / const char * isc_mem_getname(isc_mem_t ctx); /%< * Get the name of 'ctx', as previously set using isc_mem_setname(). * * Requires: \li 'ctx' is a valid ctx. * Returns: \li A non-NULL pointer to a null-terminated string. If the ctx has not been named, the string is * empty. / void isc_mem_gettag(isc_mem_t ctx); /%< * Get the tag value for 'task', as previously set using isc_mem_setname(). * * Requires: \li 'ctx' is a valid ctx. * Notes: \li This function is for debugging purposes only. * Requires: \li 'ctx' is a valid task. / #ifdef HAVE_LIBXML2 int isc_mem_renderxml(void writer0); /%< * Render all contexts' statistics and status in XML for writer. / #endif / HAVE_LIBXML2 / #ifdef HAVE_JSON_C isc_result_t isc_mem_renderjson(void memobj0); /%< Render all contexts' statistics and status in JSON. / #endif / HAVE_JSON_C / / * Memory pools / void isc_mempool_create(isc_mem_t mctx, size_t size, isc_mempool_t *mpctxp); /%< * Create a memory pool. * * Requires: \li mctx is a valid memory context. \li size > 0 \li mpctxp != NULL and mpctxp == NULL * * Defaults: \li maxalloc = UINT_MAX \li freemax = 1 \li fillcount = 1 * Returns: \li #ISC_R_NOMEMORY -- not enough memory to create pool \li #ISC_R_SUCCESS -- all is well. / void isc_mempool_destroy(isc_mempool_t mpctxp); /%< * Destroy a memory pool. * * Requires: \li mpctxp != NULL && mpctxp is a valid pool. \li The pool has no un"put" allocations outstanding / void isc_mempool_setname(isc_mempool_t mpctx, const char name); /%< Associate a name with a memory pool. At most 15 characters may be used. * * Requires: \li mpctx is a valid pool. \li name != NULL; / void isc_mempool_associatelock(isc_mempool_t mpctx, isc_mutex_t lock); /%< * Associate a lock with this memory pool. * * This lock is used when getting or putting items using this memory pool, * and it is also used to set or get internal state via the isc_mempool_get() and isc_mempool_set() set of functions. * Multiple pools can each share a single lock. For instance, if "manager" * type object contained pools for various sizes of events, and each of * these pools used a common lock. Note that this lock must NEVER be used * by other than mempool routines once it is given to a pool, since that can * easily cause double locking. * * Requires: * \li mpctpx is a valid pool. \li lock != NULL. \li No previous lock is assigned to this pool. \li The lock is initialized before calling this function via the normal means of doing that. / / * The following functions get/set various parameters. Note that due to * the unlocked nature of pools these are potentially random values unless * the imposed externally provided locking protocols are followed. * * Also note that the quota limits will not always take immediate effect. * For instance, setting "maxalloc" to a number smaller than the currently * allocated count is permitted. New allocations will be refused until * the count drops below this threshold. * * All functions require (in addition to other requirements): * mpctx is a valid memory pool / unsigned int isc_mempool_getfreemax(isc_mempool_t mpctx); /%< Returns the maximum allowed size of the free list. / void isc_mempool_setfreemax(isc_mempool_t mpctx, unsigned int limit); /%< Sets the maximum allowed size of the free list. / unsigned int isc_mempool_getfreecount(isc_mempool_t mpctx); /%< Returns current size of the free list. / unsigned int isc_mempool_getmaxalloc(isc_mempool_t mpctx); /!< Returns the maximum allowed number of allocations. / void isc_mempool_setmaxalloc(isc_mempool_t mpctx, unsigned int limit); /%< Sets the maximum allowed number of allocations. * * Additional requirements: \li limit > 0 / unsigned int isc_mempool_getallocated(isc_mempool_t mpctx); /%< * Returns the number of items allocated from this pool. / unsigned int isc_mempool_getfillcount(isc_mempool_t mpctx); /%< Returns the number of items allocated as a block from the parent memory * context when the free list is empty. / void isc_mempool_setfillcount(isc_mempool_t mpctx, unsigned int limit); /%< Sets the fillcount. * * Additional requirements: \li limit > 0 / #if defined(UNIT_TESTING) && defined(malloc) /* * cmocka.h redefined malloc as a macro, we #undef it * to avoid replacing ISC_ATTR_MALLOC with garbage. / #pragma push_macro("malloc") #undef malloc #define POP_MALLOC_MACRO 1 #endif / * Pseudo-private functions for use via macros. Do not call directly. / void ISCMEMFUNC(putanddetach)(isc_mem_t , void , size_t _ISC_MEM_FLARG); void ISCMEMFUNC(put)(isc_mem_t , void , size_t _ISC_MEM_FLARG); void ISCMEMFUNC(free)(isc_mem_t , void _ISC_MEM_FLARG); ISC_ATTR_RETURNS_NONNULL ISC_ATTR_MALLOC_DEALLOCATOR_IDX(ISCMEMFUNC(put), 2) void ISCMEMFUNC(get)(isc_mem_t , size_t _ISC_MEM_FLARG); ISC_ATTR_RETURNS_NONNULL ISC_ATTR_MALLOC_DEALLOCATOR_IDX(ISCMEMFUNC(free), 2) void ISCMEMFUNC(allocate)(isc_mem_t , size_t _ISC_MEM_FLARG); ISC_ATTR_RETURNS_NONNULL ISC_ATTR_DEALLOCATOR_IDX(ISCMEMFUNC(free), 2) void ISCMEMFUNC(reallocate)(isc_mem_t , void , size_t _ISC_MEM_FLARG); ISC_ATTR_RETURNS_NONNULL ISC_ATTR_MALLOC_DEALLOCATOR_IDX(ISCMEMFUNC(free), 2) char ISCMEMFUNC(strdup)(isc_mem_t , const char _ISC_MEM_FLARG); char ISCMEMFUNC(strndup)(isc_mem_t , const char , size_t _ISC_MEM_FLARG); ISC_ATTR_MALLOC_DEALLOCATOR_IDX(ISCMEMPOOLFUNC(put), 2) void ISCMEMPOOLFUNC(get)(isc_mempool_t _ISC_MEM_FLARG); void ISCMEMPOOLFUNC(put)(isc_mempool_t , void _ISC_MEM_FLARG); #ifdef POP_MALLOC_MACRO / * Restore cmocka.h macro for malloc. / #pragma pop_macro("malloc") #endif ISC_LANG_ENDDECLS #endif / ISC_MEM_H / ��isc/interfaceiter.h��0000644��00000006105�15125204632�0010321 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef ISC_INTERFACEITER_H #define ISC_INTERFACEITER_H 1 /** * Module Info **/ /! \file isc/interfaceiter.h * \brief Iterates over the list of network interfaces. * * Interfaces whose address family is not supported are ignored and never * returned by the iterator. Interfaces whose netmask, interface flags, * or similar cannot be obtained are also ignored, and the failure is logged. * * Standards: * The API for scanning varies greatly among operating systems. * This module attempts to hide the differences. / / * Imports **/ #include <inttypes.h> #include <isc/lang.h> #include <isc/netaddr.h> #include <isc/types.h> /! * \brief Public structure describing a network interface. / struct isc_interface { char name[32]; /%< Interface name, null-terminated. / unsigned int af; /%< Address family. / isc_netaddr_t address; /%< Local address. / isc_netaddr_t netmask; /%< Network mask. / isc_netaddr_t dstaddress; /%< Destination address * (point-to-point * only). / uint32_t flags; /%< Flags; see INTERFACE flags. / }; /@{/ /! Interface flags. / #define INTERFACE_F_UP 0x00000001U #define INTERFACE_F_POINTTOPOINT 0x00000002U #define INTERFACE_F_LOOPBACK 0x00000004U /@}/ / * Functions **/ ISC_LANG_BEGINDECLS isc_result_t isc_interfaceiter_create(isc_mem_t mctx, isc_interfaceiter_t *iterp); /!< * \brief Create an iterator for traversing the operating system's list * of network interfaces. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li Various network-related errors / isc_result_t isc_interfaceiter_first(isc_interfaceiter_t iter); /!< * \brief Position the iterator on the first interface. * * Returns: \li #ISC_R_SUCCESS Success. \li #ISC_R_NOMORE There are no interfaces. / isc_result_t isc_interfaceiter_current(isc_interfaceiter_t iter, isc_interface_t ifdata); /!< * \brief Get information about the interface the iterator is currently * positioned at and store it at ifdata. * Requires: \li The iterator has been successfully positioned using isc_interface_iter_first() / isc_interface_iter_next(). * * Returns: \li #ISC_R_SUCCESS Success. / isc_result_t isc_interfaceiter_next(isc_interfaceiter_t iter); /!< * \brief Position the iterator on the next interface. * * Requires: * \li The iterator has been successfully positioned using * isc_interface_iter_first() / isc_interface_iter_next(). * * Returns: \li #ISC_R_SUCCESS Success. \li #ISC_R_NOMORE There are no more interfaces. / void isc_interfaceiter_destroy(isc_interfaceiter_t iterp); /!< * \brief Destroy the iterator. / ISC_LANG_ENDDECLS #endif / ISC_INTERFACEITER_H / ��dst/result.h��0000644��00000004157�15125204633�0007035 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DST_RESULT_H #define DST_RESULT_H 1 /! \file dst/result.h / #include <isc/lang.h> #include <isc/resultclass.h> / * Nothing in this file truly depends on <isc/result.h>, but the * DST result codes are considered to be publicly derived from * the ISC result codes, so including this file buys you the ISC_R_ * namespace too. / #include <isc/result.h> / Contractual promise. / #define DST_R_UNSUPPORTEDALG (ISC_RESULTCLASS_DST + 0) #define DST_R_CRYPTOFAILURE (ISC_RESULTCLASS_DST + 1) / compat / #define DST_R_OPENSSLFAILURE DST_R_CRYPTOFAILURE #define DST_R_NOCRYPTO (ISC_RESULTCLASS_DST + 2) #define DST_R_NULLKEY (ISC_RESULTCLASS_DST + 3) #define DST_R_INVALIDPUBLICKEY (ISC_RESULTCLASS_DST + 4) #define DST_R_INVALIDPRIVATEKEY (ISC_RESULTCLASS_DST + 5) / 6 is unused / #define DST_R_WRITEERROR (ISC_RESULTCLASS_DST + 7) #define DST_R_INVALIDPARAM (ISC_RESULTCLASS_DST + 8) / 9 is unused / / 10 is unused / #define DST_R_SIGNFAILURE (ISC_RESULTCLASS_DST + 11) / 12 is unused / / 13 is unused / #define DST_R_VERIFYFAILURE (ISC_RESULTCLASS_DST + 14) #define DST_R_NOTPUBLICKEY (ISC_RESULTCLASS_DST + 15) #define DST_R_NOTPRIVATEKEY (ISC_RESULTCLASS_DST + 16) #define DST_R_KEYCANNOTCOMPUTESECRET (ISC_RESULTCLASS_DST + 17) #define DST_R_COMPUTESECRETFAILURE (ISC_RESULTCLASS_DST + 18) #define DST_R_NORANDOMNESS (ISC_RESULTCLASS_DST + 19) #define DST_R_BADKEYTYPE (ISC_RESULTCLASS_DST + 20) #define DST_R_NOENGINE (ISC_RESULTCLASS_DST + 21) #define DST_R_EXTERNALKEY (ISC_RESULTCLASS_DST + 22) #define DST_R_NRESULTS 23 / Number of results / ISC_LANG_BEGINDECLS const char dst_result_totext(isc_result_t); void dst_result_register(void); ISC_LANG_ENDDECLS #endif /* DST_RESULT_H / ��dst/gssapi.h��0000644��00000013041�15125204633�0006775 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DST_GSSAPI_H #define DST_GSSAPI_H 1 /! \file dst/gssapi.h / #include <inttypes.h> #include <stdbool.h> #include <isc/formatcheck.h> #include <isc/lang.h> #include <isc/platform.h> #include <isc/types.h> #include <dns/types.h> typedef void dns_gss_cred_id_t; typedef void dns_gss_ctx_id_t; ISC_LANG_BEGINDECLS / * Types */ /* * Functions / isc_result_t dst_gssapi_acquirecred(const dns_name_t name, bool initiate, dns_gss_cred_id_t cred); / * Acquires GSS credentials. * * Requires: * 'name' is a valid name, preferably one known by the GSS provider * 'initiate' indicates whether the credentials are for initiating or * accepting contexts * 'cred' is a pointer to NULL, which will be allocated with the * credential handle. Call dst_gssapi_releasecred to free * the memory. * * Returns: * ISC_R_SUCCESS msg was successfully updated to include the * query to be sent * other an error occurred while building the message / isc_result_t dst_gssapi_releasecred(dns_gss_cred_id_t cred); /* * Releases GSS credentials. Calling this function does release the * memory allocated for the credential in dst_gssapi_acquirecred() * * Requires: * 'mctx' is a valid memory context * 'cred' is a pointer to the credential to be released * * Returns: * ISC_R_SUCCESS credential was released successfully * other an error occurred while releaseing * the credential / isc_result_t dst_gssapi_initctx(const dns_name_t name, isc_buffer_t intoken, isc_buffer_t outtoken, dns_gss_ctx_id_t gssctx, isc_mem_t mctx, char *err_message); / * Initiates a GSS context. * * Requires: * 'name' is a valid name, preferably one known by the GSS * provider * 'intoken' is a token received from the acceptor, or NULL if * there isn't one * 'outtoken' is a buffer to receive the token generated by * gss_init_sec_context() to be sent to the acceptor * 'context' is a pointer to a valid dns_gss_ctx_id_t * (which may have the value GSS_C_NO_CONTEXT) * * Returns: * ISC_R_SUCCESS msg was successfully updated to include the * query to be sent * other an error occurred while building the message * err_message optional error message / isc_result_t dst_gssapi_acceptctx(dns_gss_cred_id_t cred, const char gssapi_keytab, isc_region_t intoken, isc_buffer_t *outtoken, dns_gss_ctx_id_t context, dns_name_t principal, isc_mem_t mctx); /* * Accepts a GSS context. * * Requires: * 'mctx' is a valid memory context * 'cred' is the acceptor's valid GSS credential handle * 'intoken' is a token received from the initiator * 'outtoken' is a pointer a buffer pointer used to return the token * generated by gss_accept_sec_context() to be sent to the * initiator * 'context' is a valid pointer to receive the generated context handle. * On the initial call, it should be a pointer to NULL, which * will be allocated as a dns_gss_ctx_id_t. Subsequent calls * should pass in the handle generated on the first call. * Call dst_gssapi_releasecred to delete the context and free * the memory. * * Requires: * 'outtoken' to != NULL && outtoken == NULL. * Returns: * ISC_R_SUCCESS msg was successfully updated to include the * query to be sent * DNS_R_CONTINUE transaction still in progress * other an error occurred while building the message / isc_result_t dst_gssapi_deletectx(isc_mem_t mctx, dns_gss_ctx_id_t gssctx); / * Destroys a GSS context. This function deletes the context from the GSS * provider and then frees the memory used by the context pointer. * * Requires: * 'mctx' is a valid memory context * 'context' is a valid GSS context * * Returns: * ISC_R_SUCCESS / void gss_log(int level, const char fmt, ...) ISC_FORMAT_PRINTF(2, 3); /* * Logging function for GSS. * * Requires * 'level' is the log level to be used, as an integer * 'fmt' is a printf format specifier / char gss_error_tostring(uint32_t major, uint32_t minor, char buf, size_t buflen); / * Render a GSS major status/minor status pair into a string * * Requires: * 'major' is a GSS major status code * 'minor' is a GSS minor status code * * Returns: * A string containing the text representation of the error codes. * Users should copy the string if they wish to keep it. / bool dst_gssapi_identitymatchesrealmkrb5(const dns_name_t signer, const dns_name_t name, const dns_name_t realm, bool subdomain); /* * Compare a "signer" (in the format of a Kerberos-format Kerberos5 * principal: host/example.com@EXAMPLE.COM) to the realm name stored * in "name" (which represents the realm name). * / bool dst_gssapi_identitymatchesrealmms(const dns_name_t signer, const dns_name_t name, const dns_name_t realm, bool subdomain); /* * Compare a "signer" (in the format of a Kerberos-format Kerberos5 * principal: host/example.com@EXAMPLE.COM) to the realm name stored * in "name" (which represents the realm name). * / ISC_LANG_ENDDECLS #endif / DST_GSSAPI_H / ��dst/dst.h��0000644��00000074516�15125204633�0006317 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef DST_DST_H #define DST_DST_H 1 /! \file dst/dst.h / #include <inttypes.h> #include <stdbool.h> #include <isc/lang.h> #include <isc/stdtime.h> #include <dns/ds.h> #include <dns/dsdigest.h> #include <dns/log.h> #include <dns/name.h> #include <dns/secalg.h> #include <dns/types.h> #include <dst/gssapi.h> ISC_LANG_BEGINDECLS / * Types **/ /% * The dst_key structure is opaque. Applications should use the accessor * functions provided to retrieve key attributes. If an application needs * to set attributes, new accessor functions will be written. / typedef struct dst_key dst_key_t; typedef struct dst_context dst_context_t; /% * Key states for the DNSSEC records related to a key: DNSKEY, RRSIG (ksk), * RRSIG (zsk), and DS. * * DST_KEY_STATE_HIDDEN: Records of this type are not published in zone. * This may be because the key parts were never * introduced in the zone, or because the key has * retired and has no records of this type left in * the zone. * DST_KEY_STATE_RUMOURED: Records of this type are published in zone, but * not long enough to ensure all resolvers know * about it. * DST_KEY_STATE_OMNIPRESENT: Records of this type are published in zone long * enough so that all resolvers that know about * these records, no longer have outdated data. * DST_KEY_STATE_UNRETENTIVE: Records of this type have been removed from the * zone, but there may be resolvers that still have * have predecessor records cached. Note that RRSIG * records in this state may actually still be in the * zone because they are reused, but retired RRSIG * records will never be refreshed: A successor key * is used to create signatures. * DST_KEY_STATE_NA: The state is not applicable for this record type. / typedef enum dst_key_state { DST_KEY_STATE_HIDDEN = 0, DST_KEY_STATE_RUMOURED = 1, DST_KEY_STATE_OMNIPRESENT = 2, DST_KEY_STATE_UNRETENTIVE = 3, DST_KEY_STATE_NA = 4 } dst_key_state_t; / DST algorithm codes / #define DST_ALG_UNKNOWN 0 #define DST_ALG_RSA 1 / Used for parsing RSASHA1, RSASHA256 and RSASHA512 / #define DST_ALG_RSAMD5 1 #define DST_ALG_DH 2 #define DST_ALG_DSA 3 #define DST_ALG_ECC 4 #define DST_ALG_RSASHA1 5 #define DST_ALG_NSEC3DSA 6 #define DST_ALG_NSEC3RSASHA1 7 #define DST_ALG_RSASHA256 8 #define DST_ALG_RSASHA512 10 #define DST_ALG_ECCGOST 12 #define DST_ALG_ECDSA256 13 #define DST_ALG_ECDSA384 14 #define DST_ALG_ED25519 15 #define DST_ALG_ED448 16 #define DST_ALG_HMACMD5 157 #define DST_ALG_GSSAPI 160 #define DST_ALG_HMACSHA1 161 / XXXMPA / #define DST_ALG_HMACSHA224 162 / XXXMPA / #define DST_ALG_HMACSHA256 163 / XXXMPA / #define DST_ALG_HMACSHA384 164 / XXXMPA / #define DST_ALG_HMACSHA512 165 / XXXMPA / #define DST_ALG_INDIRECT 252 #define DST_ALG_PRIVATE 254 #define DST_MAX_ALGS 256 /% A buffer of this size is large enough to hold any key / #define DST_KEY_MAXSIZE 1280 /% * A buffer of this size is large enough to hold the textual representation * of any key / #define DST_KEY_MAXTEXTSIZE 2048 /% 'Type' for dst_read_key() / #define DST_TYPE_KEY 0x1000000 / KEY key / #define DST_TYPE_PRIVATE 0x2000000 #define DST_TYPE_PUBLIC 0x4000000 #define DST_TYPE_STATE 0x8000000 / Key timing metadata definitions / #define DST_TIME_CREATED 0 #define DST_TIME_PUBLISH 1 #define DST_TIME_ACTIVATE 2 #define DST_TIME_REVOKE 3 #define DST_TIME_INACTIVE 4 #define DST_TIME_DELETE 5 #define DST_TIME_DSPUBLISH 6 #define DST_TIME_SYNCPUBLISH 7 #define DST_TIME_SYNCDELETE 8 #define DST_TIME_DNSKEY 9 #define DST_TIME_ZRRSIG 10 #define DST_TIME_KRRSIG 11 #define DST_TIME_DS 12 #define DST_TIME_DSDELETE 13 #define DST_MAX_TIMES 13 / Numeric metadata definitions / #define DST_NUM_PREDECESSOR 0 #define DST_NUM_SUCCESSOR 1 #define DST_NUM_MAXTTL 2 #define DST_NUM_ROLLPERIOD 3 #define DST_NUM_LIFETIME 4 #define DST_NUM_DSPUBCOUNT 5 #define DST_NUM_DSDELCOUNT 6 #define DST_MAX_NUMERIC 6 / Boolean metadata definitions / #define DST_BOOL_KSK 0 #define DST_BOOL_ZSK 1 #define DST_MAX_BOOLEAN 1 / Key state metadata definitions / #define DST_KEY_DNSKEY 0 #define DST_KEY_ZRRSIG 1 #define DST_KEY_KRRSIG 2 #define DST_KEY_DS 3 #define DST_KEY_GOAL 4 #define DST_MAX_KEYSTATES 4 / * Current format version number of the private key parser. * * When parsing a key file with the same major number but a higher minor * number, the key parser will ignore any fields it does not recognize. * Thus, DST_MINOR_VERSION should be incremented whenever new * fields are added to the private key file (such as new metadata). * * When rewriting these keys, those fields will be dropped, and the * format version set back to the current one.. * * When a key is seen with a higher major number, the key parser will * reject it as invalid. Thus, DST_MAJOR_VERSION should be incremented * and DST_MINOR_VERSION set to zero whenever there is a format change * which is not backward compatible to previous versions of the dst_key * parser, such as change in the syntax of an existing field, the removal * of a currently mandatory field, or a new field added which would * alter the functioning of the key if it were absent. / #define DST_MAJOR_VERSION 1 #define DST_MINOR_VERSION 3 / * Functions **/ isc_result_t dst_lib_init(isc_mem_t mctx, const char engine); /%< * Initializes the DST subsystem. * * Requires: * \li "mctx" is a valid memory context * * Returns: * \li ISC_R_SUCCESS * \li ISC_R_NOMEMORY * \li DST_R_NOENGINE * * Ensures: * \li DST is properly initialized. / void dst_lib_destroy(void); /%< * Releases all resources allocated by DST. / bool dst_algorithm_supported(unsigned int alg); /%< * Checks that a given algorithm is supported by DST. * * Returns: * \li true * \li false / bool dst_ds_digest_supported(unsigned int digest_type); /%< * Checks that a given digest algorithm is supported by DST. * * Returns: * \li true * \li false / isc_result_t dst_context_create(dst_key_t key, isc_mem_t mctx, isc_logcategory_t category, bool useforsigning, int maxbits, dst_context_t *dctxp); /%< * Creates a context to be used for a sign or verify operation. * * Requires: * \li "key" is a valid key. * \li "mctx" is a valid memory context. * \li dctxp != NULL && dctxp == NULL * Returns: * \li ISC_R_SUCCESS * \li ISC_R_NOMEMORY * * Ensures: * \li dctxp will contain a usable context. / void dst_context_destroy(dst_context_t *dctxp); /%< * Destroys all memory associated with a context. * * Requires: * \li dctxp != NULL && dctxp == NULL * * Ensures: * \li dctxp == NULL / isc_result_t dst_context_adddata(dst_context_t dctx, const isc_region_t data); /%< Incrementally adds data to the context to be used in a sign or verify * operation. * * Requires: * \li "dctx" is a valid context * \li "data" is a valid region * * Returns: * \li ISC_R_SUCCESS * \li DST_R_SIGNFAILURE * \li all other errors indicate failure / isc_result_t dst_context_sign(dst_context_t dctx, isc_buffer_t sig); /%< * Computes a signature using the data and key stored in the context. * * Requires: * \li "dctx" is a valid context. * \li "sig" is a valid buffer. * * Returns: * \li ISC_R_SUCCESS * \li DST_R_VERIFYFAILURE * \li all other errors indicate failure * * Ensures: * \li "sig" will contain the signature / isc_result_t dst_context_verify(dst_context_t dctx, isc_region_t sig); isc_result_t dst_context_verify2(dst_context_t dctx, unsigned int maxbits, isc_region_t sig); /%< * Verifies the signature using the data and key stored in the context. * * 'maxbits' specifies the maximum number of bits permitted in the RSA * exponent. * * Requires: * \li "dctx" is a valid context. * \li "sig" is a valid region. * * Returns: * \li ISC_R_SUCCESS * \li all other errors indicate failure * * Ensures: * \li "sig" will contain the signature / isc_result_t dst_key_computesecret(const dst_key_t pub, const dst_key_t priv, isc_buffer_t secret); /%< Computes a shared secret from two (Diffie-Hellman) keys. * * Requires: * \li "pub" is a valid key that can be used to derive a shared secret * \li "priv" is a valid private key that can be used to derive a shared secret * \li "secret" is a valid buffer * * Returns: * \li ISC_R_SUCCESS * \li any other result indicates failure * * Ensures: * \li If successful, secret will contain the derived shared secret. / isc_result_t dst_key_getfilename(dns_name_t name, dns_keytag_t id, unsigned int alg, int type, const char directory, isc_mem_t mctx, isc_buffer_t buf); /%< * Generates a key filename for the name, algorithm, and * id, and places it in the buffer 'buf'. If directory is NULL, the * current directory is assumed. * * Requires: * \li "name" is a valid absolute dns name. * \li "id" is a valid key tag identifier. * \li "alg" is a supported key algorithm. * \li "type" is DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or the bitwise union. * DST_TYPE_KEY look for a KEY record otherwise DNSKEY * \li "mctx" is a valid memory context. * \li "buf" is not NULL. * * Returns: * \li ISC_R_SUCCESS * \li any other result indicates failure / isc_result_t dst_key_fromfile(dns_name_t name, dns_keytag_t id, unsigned int alg, int type, const char directory, isc_mem_t mctx, dst_key_t *keyp); /%< * Reads a key from permanent storage. The key can either be a public or * private key, or a key state. It specified by name, algorithm, and id. If * a private key or key state is specified, the public key must also be * present. If directory is NULL, the current directory is assumed. * * Requires: * \li "name" is a valid absolute dns name. * \li "id" is a valid key tag identifier. * \li "alg" is a supported key algorithm. * \li "type" is DST_TYPE_PUBLIC, DST_TYPE_PRIVATE or the bitwise union. * DST_TYPE_KEY look for a KEY record otherwise DNSKEY. * DST_TYPE_STATE to also read the key state. * \li "mctx" is a valid memory context. * \li "keyp" is not NULL and "keyp" is NULL. * Returns: * \li ISC_R_SUCCESS * \li any other result indicates failure * * Ensures: * \li If successful, keyp will contain a valid key. / isc_result_t dst_key_fromnamedfile(const char filename, const char dirname, int type, isc_mem_t mctx, dst_key_t keyp); /%< * Reads a key from permanent storage. The key can either be a public or * private key, or a key state. It is specified by filename. If a private key * or key state is specified, the public key must also be present. * * If 'dirname' is not NULL, and 'filename' is a relative path, * then the file is looked up relative to the given directory. * If 'filename' is an absolute path, 'dirname' is ignored. * * Requires: * \li "filename" is not NULL * \li "type" is DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or the bitwise union. * DST_TYPE_KEY look for a KEY record otherwise DNSKEY. * DST_TYPE_STATE to also read the key state. * \li "mctx" is a valid memory context * \li "keyp" is not NULL and "keyp" is NULL. * Returns: * \li ISC_R_SUCCESS * \li any other result indicates failure * * Ensures: * \li If successful, keyp will contain a valid key. / isc_result_t dst_key_read_public(const char filename, int type, isc_mem_t mctx, dst_key_t *keyp); /%< * Reads a public key from permanent storage. The key must be a public key. * * Requires: * \li "filename" is not NULL. * \li "type" is DST_TYPE_KEY look for a KEY record otherwise DNSKEY. * \li "mctx" is a valid memory context. * \li "keyp" is not NULL and "keyp" is NULL. * Returns: * \li ISC_R_SUCCESS * \li DST_R_BADKEYTYPE if the key type is not the expected one * \li ISC_R_UNEXPECTEDTOKEN if the file can not be parsed as a public key * \li any other result indicates failure * * Ensures: * \li If successful, keyp will contain a valid key. / isc_result_t dst_key_read_state(const char filename, isc_mem_t mctx, dst_key_t *keyp); /%< * Reads a key state from permanent storage. * * Requires: * \li "filename" is not NULL. * \li "mctx" is a valid memory context. * \li "keyp" is not NULL and "keyp" is NULL. * Returns: * \li ISC_R_SUCCESS * \li ISC_R_UNEXPECTEDTOKEN if the file can not be parsed as a public key * \li any other result indicates failure / isc_result_t dst_key_tofile(const dst_key_t key, int type, const char directory); /%< * Writes a key to permanent storage. The key can either be a public or * private key. Public keys are written in DNS format and private keys * are written as a set of base64 encoded values. If directory is NULL, * the current directory is assumed. * * Requires: * \li "key" is a valid key. * \li "type" is DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or the bitwise union * * Returns: * \li ISC_R_SUCCESS * \li any other result indicates failure / isc_result_t dst_key_fromdns_ex(const dns_name_t name, dns_rdataclass_t rdclass, isc_buffer_t source, isc_mem_t mctx, bool no_rdata, dst_key_t *keyp); isc_result_t dst_key_fromdns(const dns_name_t name, dns_rdataclass_t rdclass, isc_buffer_t source, isc_mem_t mctx, dst_key_t *keyp); /%< * Converts a DNS KEY record into a DST key. * * Requires: * \li "name" is a valid absolute dns name. * \li "source" is a valid buffer. There must be at least 4 bytes available. * \li "mctx" is a valid memory context. * \li "keyp" is not NULL and "keyp" is NULL. * Returns: * \li ISC_R_SUCCESS * \li any other result indicates failure * * Ensures: * \li If successful, keyp will contain a valid key, and the consumed pointer in data will be advanced. / isc_result_t dst_key_todns(const dst_key_t key, isc_buffer_t target); /%< * Converts a DST key into a DNS KEY record. * * Requires: * \li "key" is a valid key. * \li "target" is a valid buffer. There must be at least 4 bytes unused. * * Returns: * \li ISC_R_SUCCESS * \li any other result indicates failure * * Ensures: * \li If successful, the used pointer in 'target' is advanced by at least 4. / isc_result_t dst_key_frombuffer(const dns_name_t name, unsigned int alg, unsigned int flags, unsigned int protocol, dns_rdataclass_t rdclass, isc_buffer_t source, isc_mem_t mctx, dst_key_t *keyp); /%< * Converts a buffer containing DNS KEY RDATA into a DST key. * * Requires: \li "name" is a valid absolute dns name. \li "alg" is a supported key algorithm. \li "source" is a valid buffer. \li "mctx" is a valid memory context. \li "keyp" is not NULL and "keyp" is NULL. * * Returns: \li ISC_R_SUCCESS \li any other result indicates failure * * Ensures: \li If successful, keyp will contain a valid key, and the consumed * pointer in source will be advanced. / isc_result_t dst_key_tobuffer(const dst_key_t key, isc_buffer_t target); /%< * Converts a DST key into DNS KEY RDATA format. * * Requires: \li "key" is a valid key. \li "target" is a valid buffer. * * Returns: \li ISC_R_SUCCESS \li any other result indicates failure * * Ensures: \li If successful, the used pointer in 'target' is advanced. / isc_result_t dst_key_privatefrombuffer(dst_key_t key, isc_buffer_t buffer); /%< Converts a public key into a private key, reading the private key * information from the buffer. The buffer should contain the same data * as the .private key file would. * * Requires: \li "key" is a valid public key. \li "buffer" is not NULL. * * Returns: \li ISC_R_SUCCESS \li any other result indicates failure * * Ensures: \li If successful, key will contain a valid private key. / dns_gss_ctx_id_t dst_key_getgssctx(const dst_key_t key); /%< * Returns the opaque key data. * Be cautions when using this value unless you know what you are doing. * * Requires: \li "key" is not NULL. * Returns: \li gssctx key data, possibly NULL. / isc_result_t dst_key_fromgssapi(const dns_name_t name, dns_gss_ctx_id_t gssctx, isc_mem_t mctx, dst_key_t *keyp, isc_region_t intoken); /%< Converts a GSSAPI opaque context id into a DST key. * * Requires: \li "name" is a valid absolute dns name. \li "gssctx" is a GSSAPI context id. \li "mctx" is a valid memory context. \li "keyp" is not NULL and "keyp" is NULL. * Returns: \li ISC_R_SUCCESS \li any other result indicates failure * * Ensures: \li If successful, keyp will contain a valid key and be responsible for * the context id. / #ifdef DST_KEY_INTERNAL isc_result_t dst_key_buildinternal(const dns_name_t name, unsigned int alg, unsigned int bits, unsigned int flags, unsigned int protocol, dns_rdataclass_t rdclass, void data, isc_mem_t mctx, dst_key_t *keyp); #endif / ifdef DST_KEY_INTERNAL / isc_result_t dst_key_fromlabel(const dns_name_t name, int alg, unsigned int flags, unsigned int protocol, dns_rdataclass_t rdclass, const char engine, const char label, const char pin, isc_mem_t mctx, dst_key_t *keyp); isc_result_t dst_key_generate(const dns_name_t name, unsigned int alg, unsigned int bits, unsigned int param, unsigned int flags, unsigned int protocol, dns_rdataclass_t rdclass, isc_mem_t mctx, dst_key_t keyp, void (callback)(int)); /%< Generate a DST key (or keypair) with the supplied parameters. The * interpretation of the "param" field depends on the algorithm: * \code * RSA: exponent * 0 use exponent 3 * !0 use Fermat4 (2^16 + 1) * DH: generator * 0 default - use well known prime if bits == 768 or 1024, * otherwise use 2 as the generator. * !0 use this value as the generator. * DSA: unused * HMACMD5: entropy * 0 default - require good entropy * !0 lack of good entropy is ok \endcode * Requires: \li "name" is a valid absolute dns name. \li "keyp" is not NULL and "keyp" is NULL. * Returns: \li ISC_R_SUCCESS \li any other result indicates failure * * Ensures: \li If successful, keyp will contain a valid key. / bool dst_key_compare(const dst_key_t key1, const dst_key_t key2); /%< * Compares two DST keys. Returns true if they match, false otherwise. * * Keys ARE NOT considered to match if one of them is the revoked version * of the other. * * Requires: \li "key1" is a valid key. \li "key2" is a valid key. * * Returns: \li true \li false / bool dst_key_pubcompare(const dst_key_t key1, const dst_key_t key2, bool match_revoked_key); /%< * Compares only the public portions of two DST keys. Returns true * if they match, false otherwise. This allows us, for example, to * determine whether a public key found in a zone matches up with a * key pair found on disk. * * If match_revoked_key is TRUE, then keys ARE considered to match if one * of them is the revoked version of the other. Otherwise, they are not. * * Requires: \li "key1" is a valid key. \li "key2" is a valid key. * * Returns: \li true \li false / bool dst_key_paramcompare(const dst_key_t key1, const dst_key_t key2); /%< * Compares the parameters of two DST keys. This is used to determine if * two (Diffie-Hellman) keys can be used to derive a shared secret. * * Requires: \li "key1" is a valid key. \li "key2" is a valid key. * * Returns: \li true \li false / void dst_key_attach(dst_key_t source, dst_key_t *target); / * Attach to a existing key increasing the reference count. * * Requires: \li 'source' to be a valid key. \li 'target' to be non-NULL and 'target' to be NULL. / void dst_key_free(dst_key_t *keyp); /%< * Decrement the key's reference counter and, when it reaches zero, * release all memory associated with the key. * * Requires: \li "keyp" is not NULL and "keyp" is a valid key. \li reference counter greater than zero. * Ensures: \li All memory associated with "keyp" will be freed. \li keyp == NULL / /%< * Accessor functions to obtain key fields. * * Require: \li "key" is a valid key. / dns_name_t * dst_key_name(const dst_key_t key); unsigned int dst_key_size(const dst_key_t key); unsigned int dst_key_proto(const dst_key_t key); unsigned int dst_key_alg(const dst_key_t key); uint32_t dst_key_flags(const dst_key_t key); dns_keytag_t dst_key_id(const dst_key_t key); dns_keytag_t dst_key_rid(const dst_key_t key); dns_rdataclass_t dst_key_class(const dst_key_t key); bool dst_key_isprivate(const dst_key_t key); bool dst_key_iszonekey(const dst_key_t key); bool dst_key_isnullkey(const dst_key_t key); isc_result_t dst_key_buildfilename(const dst_key_t key, int type, const char directory, isc_buffer_t out); /%< Generates the filename used by dst to store the specified key. * If directory is NULL, the current directory is assumed. * * Requires: \li "key" is a valid key \li "type" is either DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or 0 for no suffix. \li "out" is a valid buffer * Ensures: \li the file name will be written to "out", and the used pointer will be advanced. / isc_result_t dst_key_sigsize(const dst_key_t key, unsigned int n); /%< * Computes the size of a signature generated by the given key. * * Requires: \li "key" is a valid key. \li "n" is not NULL * * Returns: \li #ISC_R_SUCCESS \li DST_R_UNSUPPORTEDALG * * Ensures: \li "n" stores the size of a generated signature / isc_result_t dst_key_secretsize(const dst_key_t key, unsigned int n); /%< Computes the size of a shared secret generated by the given key. * * Requires: \li "key" is a valid key. \li "n" is not NULL * * Returns: \li #ISC_R_SUCCESS \li DST_R_UNSUPPORTEDALG * * Ensures: \li "n" stores the size of a generated shared secret / uint16_t dst_region_computeid(const isc_region_t source); uint16_t dst_region_computerid(const isc_region_t source); /%< Computes the (revoked) key id of the key stored in the provided * region. * * Requires: \li "source" contains a valid, non-NULL region. * Returns: \li the key id / uint16_t dst_key_getbits(const dst_key_t key); /%< * Get the number of digest bits required (0 == MAX). * * Requires: * "key" is a valid key. / void dst_key_setbits(dst_key_t key, uint16_t bits); /%< Set the number of digest bits required (0 == MAX). * * Requires: * "key" is a valid key. / void dst_key_setttl(dst_key_t key, dns_ttl_t ttl); /%< Set the default TTL to use when converting the key * to a KEY or DNSKEY RR. * * Requires: * "key" is a valid key. / dns_ttl_t dst_key_getttl(const dst_key_t key); /%< Get the default TTL to use when converting the key * to a KEY or DNSKEY RR. * * Requires: * "key" is a valid key. / isc_result_t dst_key_setflags(dst_key_t key, uint32_t flags); /* * Set the key flags, and recompute the key ID. * * Requires: * "key" is a valid key. / isc_result_t dst_key_getbool(const dst_key_t key, int type, bool valuep); /%< * Get a member of the boolean metadata array and place it in 'valuep'. * Requires: * "key" is a valid key. * "type" is no larger than DST_MAX_BOOLEAN * "valuep" is not null. / void dst_key_setbool(dst_key_t key, int type, bool value); /%< Set a member of the boolean metadata array. * * Requires: * "key" is a valid key. * "type" is no larger than DST_MAX_BOOLEAN / void dst_key_unsetbool(dst_key_t key, int type); /%< Flag a member of the boolean metadata array as "not set". * * Requires: * "key" is a valid key. * "type" is no larger than DST_MAX_BOOLEAN / isc_result_t dst_key_getnum(const dst_key_t key, int type, uint32_t valuep); /%< * Get a member of the numeric metadata array and place it in 'valuep'. * Requires: * "key" is a valid key. * "type" is no larger than DST_MAX_NUMERIC * "valuep" is not null. / void dst_key_setnum(dst_key_t key, int type, uint32_t value); /%< Set a member of the numeric metadata array. * * Requires: * "key" is a valid key. * "type" is no larger than DST_MAX_NUMERIC / void dst_key_unsetnum(dst_key_t key, int type); /%< Flag a member of the numeric metadata array as "not set". * * Requires: * "key" is a valid key. * "type" is no larger than DST_MAX_NUMERIC / isc_result_t dst_key_gettime(const dst_key_t key, int type, isc_stdtime_t timep); /%< * Get a member of the timing metadata array and place it in 'timep'. * Requires: * "key" is a valid key. * "type" is no larger than DST_MAX_TIMES * "timep" is not null. / void dst_key_settime(dst_key_t key, int type, isc_stdtime_t when); /%< Set a member of the timing metadata array. * * Requires: * "key" is a valid key. * "type" is no larger than DST_MAX_TIMES / void dst_key_unsettime(dst_key_t key, int type); /%< Flag a member of the timing metadata array as "not set". * * Requires: * "key" is a valid key. * "type" is no larger than DST_MAX_TIMES / isc_result_t dst_key_getstate(const dst_key_t key, int type, dst_key_state_t statep); /%< * Get a member of the keystate metadata array and place it in 'statep'. * Requires: * "key" is a valid key. * "type" is no larger than DST_MAX_KEYSTATES * "statep" is not null. / void dst_key_setstate(dst_key_t key, int type, dst_key_state_t state); /%< Set a member of the keystate metadata array. * * Requires: * "key" is a valid key. * "state" is a valid state. * "type" is no larger than DST_MAX_KEYSTATES / void dst_key_unsetstate(dst_key_t key, int type); /%< Flag a member of the keystate metadata array as "not set". * * Requires: * "key" is a valid key. * "type" is no larger than DST_MAX_KEYSTATES / isc_result_t dst_key_getprivateformat(const dst_key_t key, int majorp, int minorp); /%< Get the private key format version number. (If the key does not have * a private key associated with it, the version will be 0.0.) The major * version number is placed in 'majorp', and the minor version number in 'minorp'. * Requires: * "key" is a valid key. * "majorp" is not NULL. * "minorp" is not NULL. / void dst_key_setprivateformat(dst_key_t key, int major, int minor); /%< Set the private key format version number. * * Requires: * "key" is a valid key. / #define DST_KEY_FORMATSIZE (DNS_NAME_FORMATSIZE + DNS_SECALG_FORMATSIZE + 7) void dst_key_format(const dst_key_t key, char cp, unsigned int size); /%< * Write the uniquely identifying information about the key (name, * algorithm, key ID) into a string 'cp' of size 'size'. / isc_buffer_t dst_key_tkeytoken(const dst_key_t key); /%< * Return the token from the TKEY request, if any. If this key was * not negotiated via TKEY, return NULL. * * Requires: * "key" is a valid key. / isc_result_t dst_key_dump(dst_key_t key, isc_mem_t mctx, char buffer, int length); /%< Allocate 'buffer' and dump the key into it in base64 format. The buffer * is not NUL terminated. The length of the buffer is returned in length. * 'buffer' needs to be freed using isc_mem_put(mctx, buffer, length); * * Requires: * 'buffer' to be non NULL and buffer to be NULL. 'length' to be non NULL and length to be zero. * Returns: * ISC_R_SUCCESS * ISC_R_NOMEMORY * ISC_R_NOTIMPLEMENTED * others. / isc_result_t dst_key_restore(dns_name_t name, unsigned int alg, unsigned int flags, unsigned int protocol, dns_rdataclass_t rdclass, isc_mem_t mctx, const char keystr, dst_key_t *keyp); bool dst_key_inactive(const dst_key_t key); /%< Determines if the private key is missing due the key being deemed inactive. * * Requires: * 'key' to be valid. / void dst_key_setinactive(dst_key_t key, bool inactive); /%< Set key inactive state. * * Requires: * 'key' to be valid. / void dst_key_setexternal(dst_key_t key, bool value); /%< Set key external state. * * Requires: * 'key' to be valid. / bool dst_key_isexternal(dst_key_t key); /%< Check if this is an external key. * * Requires: * 'key' to be valid. / bool dst_key_haskasp(dst_key_t key); /%< Check if this key has state (and thus uses KASP). * * Requires: * 'key' to be valid. / bool dst_key_is_unused(dst_key_t key); /%< Check if this key is unused. * * Requires: * 'key' to be valid. / bool dst_key_is_published(dst_key_t key, isc_stdtime_t now, isc_stdtime_t publish); /%< * Check if it is safe to publish this key (e.g. put the DNSKEY in the zone). * * Requires: * 'key' to be valid. / bool dst_key_is_active(dst_key_t key, isc_stdtime_t now); /%< Check if this key is active. This means that it is creating RRSIG records * (ZSK), or that it is used to create a chain of trust (KSK), or both (CSK). * * Requires: * 'key' to be valid. / bool dst_key_is_signing(dst_key_t key, int role, isc_stdtime_t now, isc_stdtime_t active); /%< * Check if it is safe to use this key for signing, given the role. * * Requires: * 'key' to be valid. / bool dst_key_is_revoked(dst_key_t key, isc_stdtime_t now, isc_stdtime_t revoke); /%< * Check if this key is revoked. * * Requires: * 'key' to be valid. / bool dst_key_is_removed(dst_key_t key, isc_stdtime_t now, isc_stdtime_t remove); /%< * Check if this key is removed from the zone (e.g. the DNSKEY record should * no longer be in the zone). * * Requires: * 'key' to be valid. / dst_key_state_t dst_key_goal(dst_key_t key); /%< Get the key goal. Should be OMNIPRESENT or HIDDEN. * This can be used to determine if the key is being introduced or * is on its way out. * * Requires: * 'key' to be valid. / isc_result_t dst_key_role(dst_key_t key, bool ksk, bool zsk); /%< Get the key role. A key can have the KSK or the ZSK role, or both. * * Requires: * 'key' to be valid. / void dst_key_copy_metadata(dst_key_t to, dst_key_t from); /%< * Copy key metadata from one key to another. * * Requires: * 'to' and 'from' to be valid. / ISC_LANG_ENDDECLS #endif / DST_DST_H / ��ns/update.h��0000644��00000001370�15125204633�0006621 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef NS_UPDATE_H #define NS_UPDATE_H 1 /** * Module Info **/ /! \file * \brief * RFC2136 Dynamic Update / / * Imports */ #include <dns/result.h> #include <dns/types.h> /* * Types. / / * Functions **/ void ns_update_start(ns_client_t client, isc_nmhandle_t handle, isc_result_t sigresult); #endif / NS_UPDATE_H / ��ns/sortlist.h��0000644��00000004560�15125204633�0007226 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef NS_SORTLIST_H #define NS_SORTLIST_H 1 /! \file / #include <isc/types.h> #include <dns/acl.h> #include <dns/types.h> /% * Type for callback functions that rank addresses. / typedef int (dns_addressorderfunc_t)(const isc_netaddr_t address, const void arg); /% Return value type for setup_sortlist. / typedef enum { NS_SORTLISTTYPE_NONE, NS_SORTLISTTYPE_1ELEMENT, NS_SORTLISTTYPE_2ELEMENT } ns_sortlisttype_t; ns_sortlisttype_t ns_sortlist_setup(dns_acl_t acl, dns_aclenv_t env, isc_netaddr_t clientaddr, const void *argp); /%< * Find the sortlist statement in 'acl' (for ACL environment 'env') * that applies to 'clientaddr', if any. * * If a 1-element sortlist item applies, return NS_SORTLISTTYPE_1ELEMENT and * make 'argp' point to the matching subelement. * If a 2-element sortlist item applies, return NS_SORTLISTTYPE_2ELEMENT and * make 'argp' point to ACL that forms the second element. * If no sortlist item applies, return NS_SORTLISTTYPE_NONE and set 'argp' to NULL. / int ns_sortlist_addrorder1(const isc_netaddr_t addr, const void arg); /%< * Find the sort order of 'addr' in 'arg', the matching element * of a 1-element top-level sortlist statement. / int ns_sortlist_addrorder2(const isc_netaddr_t addr, const void arg); /%< * Find the sort order of 'addr' in 'arg', a topology-like * ACL forming the second element in a 2-element top-level * sortlist statement. / void ns_sortlist_byaddrsetup(dns_acl_t sortlist_acl, dns_aclenv_t env, isc_netaddr_t client_addr, dns_addressorderfunc_t orderp, const void argp); /%< * Find the sortlist statement in 'acl' that applies to 'clientaddr', if any. * If a sortlist statement applies, return in 'orderp' a pointer to a function for ranking network addresses based on that sortlist statement, and in * 'argp' an argument to pass to said function. If no sortlist statement applies, set 'orderp' and 'argp' to NULL. / #endif / NS_SORTLIST_H / ��ns/listenlist.h��0000644��00000003702�15125204633�0007532 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef NS_LISTENLIST_H #define NS_LISTENLIST_H 1 /** * Module Info **/ /! \file * \brief * "Listen lists", as in the "listen-on" configuration statement. / / * Imports */ #include <stdbool.h> #include <isc/net.h> #include <dns/types.h> /* * Types / typedef struct ns_listenelt ns_listenelt_t; typedef struct ns_listenlist ns_listenlist_t; struct ns_listenelt { isc_mem_t mctx; in_port_t port; isc_dscp_t dscp; /* -1 = not set, 0..63 / dns_acl_t acl; ISC_LINK(ns_listenelt_t) link; }; struct ns_listenlist { isc_mem_t mctx; int refcount; ISC_LIST(ns_listenelt_t) elts; }; / * Functions **/ isc_result_t ns_listenelt_create(isc_mem_t mctx, in_port_t port, isc_dscp_t dscp, dns_acl_t acl, ns_listenelt_t target); /%< * Create a listen-on list element. / void ns_listenelt_destroy(ns_listenelt_t elt); /%< Destroy a listen-on list element. / isc_result_t ns_listenlist_create(isc_mem_t mctx, ns_listenlist_t *target); /%< * Create a new, empty listen-on list. / void ns_listenlist_attach(ns_listenlist_t source, ns_listenlist_t *target); /%< * Attach 'target' to 'source'. / void ns_listenlist_detach(ns_listenlist_t listp); /%< * Detach 'listp'. / isc_result_t ns_listenlist_default(isc_mem_t mctx, in_port_t port, isc_dscp_t dscp, bool enabled, ns_listenlist_t *target); /%< * Create a listen-on list with default contents, matching * all addresses with port 'port' (if 'enabled' is true), * or no addresses (if 'enabled' is false). / #endif / NS_LISTENLIST_H / ��ns/client.h��0000644��00000040425�15125204633�0006621 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef NS_CLIENT_H #define NS_CLIENT_H 1 /** * Module Info **/ /! \file * \brief * This module defines two objects, ns_client_t and ns_clientmgr_t. * * An ns_client_t object handles incoming DNS requests from clients * on a given network interface. * * Each ns_client_t object can handle only one TCP connection or UDP * request at a time. Therefore, several ns_client_t objects are * typically created to serve each network interface, e.g., one * for handling TCP requests and a few (one per CPU) for handling * UDP requests. * * Incoming requests are classified as queries, zone transfer * requests, update requests, notify requests, etc, and handed off * to the appropriate request handler. When the request has been * fully handled (which can be much later), the ns_client_t must be * notified of this by calling one of the following functions * exactly once in the context of its task: * \code * ns_client_send() (sending a non-error response) * ns_client_sendraw() (sending a raw response) * ns_client_error() (sending an error response) * ns_client_drop() (sending no response, logging the reason) \endcode This will release any resources used by the request and * and allow the ns_client_t to listen for the next request. * * A ns_clientmgr_t manages a number of ns_client_t objects. * New ns_client_t objects are created by calling * ns_clientmgr_createclients(). They are destroyed by * destroying their manager. / / * Imports */ #include <inttypes.h> #include <stdbool.h> #include <isc/atomic.h> #include <isc/buffer.h> #include <isc/magic.h> #include <isc/netmgr.h> #include <isc/platform.h> #include <isc/quota.h> #include <isc/stdtime.h> #include <dns/db.h> #include <dns/ecs.h> #include <dns/fixedname.h> #include <dns/name.h> #include <dns/rdataclass.h> #include <dns/rdatatype.h> #include <dns/tcpmsg.h> #include <dns/types.h> #include <ns/query.h> #include <ns/types.h> /* * Types / #define NS_CLIENT_TCP_BUFFER_SIZE 65535 #define NS_CLIENT_SEND_BUFFER_SIZE 4096 /! * Client object states. Ordering is significant: higher-numbered * states are generally "more active", meaning that the client can * have more dynamically allocated data, outstanding events, etc. * In the list below, any such properties listed for state N * also apply to any state > N. / typedef enum { NS_CLIENTSTATE_FREED = 0, /%< * The client object no longer exists. / NS_CLIENTSTATE_INACTIVE = 1, /%< * The client object exists and has a task and timer. * Its "query" struct and sendbuf are initialized. * It has a message and OPT, both in the reset state. / NS_CLIENTSTATE_READY = 2, /%< * The client object is either a TCP or a UDP one, and * it is associated with a network interface. It is on the * client manager's list of active clients. * * If it is a TCP client object, it has a TCP listener socket * and an outstanding TCP listen request. * * If it is a UDP client object, it has a UDP listener socket * and an outstanding UDP receive request. / NS_CLIENTSTATE_WORKING = 3, /%< * The client object has received a request and is working * on it. It has a view, and it may have any of a non-reset OPT, * recursion quota, and an outstanding write request. / NS_CLIENTSTATE_RECURSING = 4, /%< * The client object is recursing. It will be on the * 'recursing' list. / NS_CLIENTSTATE_MAX = 5 /%< * Sentinel value used to indicate "no state". / } ns_clientstate_t; typedef ISC_LIST(ns_client_t) client_list_t; /% nameserver client manager structure / struct ns_clientmgr { / Unlocked. / unsigned int magic; isc_mem_t mctx; ns_server_t sctx; isc_taskmgr_t taskmgr; isc_timermgr_t timermgr; isc_task_t excl; isc_refcount_t references; int ncpus; /* Attached by clients, needed for e.g. recursion / isc_task_t taskpool; ns_interface_t interface; /* Lock covers manager state. / isc_mutex_t lock; bool exiting; / Lock covers the recursing list / isc_mutex_t reclock; client_list_t recursing; /%< Recursing clients / /%< mctx pool for clients. / isc_mem_t mctxpool; }; /% nameserver client structure / struct ns_client { unsigned int magic; isc_mem_t mctx; bool allocated; /* Do we need to free it? / ns_server_t sctx; ns_clientmgr_t manager; ns_clientstate_t state; int nupdates; bool nodetach; bool shuttingdown; unsigned int attributes; isc_task_t task; dns_view_t view; dns_dispatch_t dispatch; isc_nmhandle_t handle; / Permanent pointer to handle / isc_nmhandle_t sendhandle; /* Waiting for send callback / isc_nmhandle_t reqhandle; /* Waiting for request callback (query, update, notify) / isc_nmhandle_t fetchhandle; /* Waiting for recursive fetch / isc_nmhandle_t prefetchhandle; /* Waiting for prefetch / rpzfetch / isc_nmhandle_t updatehandle; /* Waiting for update callback / unsigned char tcpbuf; dns_message_t message; unsigned char sendbuf; dns_rdataset_t opt; uint16_t udpsize; uint16_t extflags; int16_t ednsversion; / -1 noedns / void (cleanup)(ns_client_t ); void (shutdown)(void arg, isc_result_t result); void shutdown_arg; ns_query_t query; isc_time_t requesttime; isc_stdtime_t now; isc_time_t tnow; dns_name_t signername; /%< [T]SIG key name / dns_name_t signer; /%< NULL if not valid sig / bool mortal; /%< Die after handling request / isc_quota_t recursionquota; isc_sockaddr_t peeraddr; bool peeraddr_valid; isc_netaddr_t destaddr; isc_sockaddr_t destsockaddr; dns_ecs_t ecs; /%< EDNS client subnet sent by client / struct in6_pktinfo pktinfo; isc_dscp_t dscp; /% Information about recent FORMERR response(s), for * FORMERR loop avoidance. This is separate for each * client object rather than global only to avoid * the need for locking. / struct { isc_sockaddr_t addr; isc_stdtime_t time; dns_messageid_t id; } formerrcache; /% Callback function to send a response when unit testing / void (sendcb)(isc_buffer_t buf); ISC_LINK(ns_client_t) rlink; unsigned char cookie[8]; uint32_t expire; unsigned char keytag; uint16_t keytag_len; /% Used to override the DNS response code in ns_client_error(). * If set to -1, the rcode is determined from the result code, * but if set to any other value, the least significant 12 * bits will be used as the rcode in the response message. / int32_t rcode_override; }; #define NS_CLIENT_MAGIC ISC_MAGIC('N', 'S', 'C', 'c') #define NS_CLIENT_VALID(c) ISC_MAGIC_VALID(c, NS_CLIENT_MAGIC) #define NS_CLIENTATTR_TCP 0x00001 #define NS_CLIENTATTR_RA 0x00002 /%< Client gets recursive service / #define NS_CLIENTATTR_PKTINFO 0x00004 /%< pktinfo is valid / #define NS_CLIENTATTR_MULTICAST 0x00008 /%< recv'd from multicast / #define NS_CLIENTATTR_WANTDNSSEC 0x00010 /%< include dnssec records / #define NS_CLIENTATTR_WANTNSID 0x00020 /%< include nameserver ID / / Obsolete: NS_CLIENTATTR_FILTER_AAAA 0x00040 / / Obsolete: NS_CLIENTATTR_FILTER_AAAA_RC 0x00080 / #define NS_CLIENTATTR_WANTAD 0x00100 /%< want AD in response if possible / #define NS_CLIENTATTR_WANTCOOKIE 0x00200 /%< return a COOKIE / #define NS_CLIENTATTR_HAVECOOKIE 0x00400 /%< has a valid COOKIE / #define NS_CLIENTATTR_WANTEXPIRE 0x00800 /%< return seconds to expire / #define NS_CLIENTATTR_HAVEEXPIRE 0x01000 /%< return seconds to expire / #define NS_CLIENTATTR_WANTOPT 0x02000 /%< add opt to reply / #define NS_CLIENTATTR_HAVEECS 0x04000 /%< received an ECS option / #define NS_CLIENTATTR_WANTPAD 0x08000 /%< pad reply / #define NS_CLIENTATTR_USEKEEPALIVE 0x10000 /%< use TCP keepalive / #define NS_CLIENTATTR_NOSETFC 0x20000 /%< don't set servfail cache / #define NS_CLIENTATTR_RECURSING 0x40000 /%< client is recursing / / * Flag to use with the SERVFAIL cache to indicate * that a query had the CD bit set. / #define NS_FAILCACHE_CD 0x01 #if defined(_WIN32) && !defined(_WIN64) LIBNS_EXTERNAL_DATA extern atomic_uint_fast32_t ns_client_requests; #else / if defined(_WIN32) && !defined(_WIN64) / LIBNS_EXTERNAL_DATA extern atomic_uint_fast64_t ns_client_requests; #endif / if defined(_WIN32) && !defined(_WIN64) / / * Functions **/ / * Note! These ns_client_ routines MUST be called ONLY from the client's * task in order to ensure synchronization. / void ns_client_send(ns_client_t client); /%< Finish processing the current client request and * send client->message as a response. * \brief * Note! These ns_client_ routines MUST be called ONLY from the client's * task in order to ensure synchronization. / void ns_client_sendraw(ns_client_t client, dns_message_t msg); /%< * Finish processing the current client request and * send msg as a response using client->message->id for the id. / void ns_client_error(ns_client_t client, isc_result_t result); /%< Finish processing the current client request and return * an error response to the client. The error response * will have an RCODE determined by 'result'. / void ns_client_drop(ns_client_t client, isc_result_t result); /%< Log the reason the current client request has failed; no response * will be sent. / bool ns_client_shuttingdown(ns_client_t client); /%< Return true iff the client is currently shutting down. / isc_result_t ns_client_replace(ns_client_t client); /%< Try to replace the current client with a new one, so that the * current one can go off and do some lengthy work without * leaving the dispatch/socket without service. / void ns_client_settimeout(ns_client_t client, unsigned int seconds); /%< Set a timer in the client to go off in the specified amount of time. / isc_result_t ns_clientmgr_create(isc_mem_t mctx, ns_server_t sctx, isc_taskmgr_t taskmgr, isc_timermgr_t timermgr, ns_interface_t ifp, int ncpus, ns_clientmgr_t *managerp); /%< * Create a client manager. / void ns_clientmgr_destroy(ns_clientmgr_t managerp); /%< * Destroy a client manager and all ns_client_t objects * managed by it. / isc_sockaddr_t ns_client_getsockaddr(ns_client_t client); /%< * Get the socket address of the client whose request is * currently being processed. / isc_sockaddr_t ns_client_getdestaddr(ns_client_t client); /%< * Get the destination address (server) for the request that is * currently being processed. / isc_result_t ns_client_checkaclsilent(ns_client_t client, isc_netaddr_t netaddr, dns_acl_t acl, bool default_allow); /%< Convenience function for client request ACL checking. * * Check the current client request against 'acl'. If 'acl' * is NULL, allow the request iff 'default_allow' is true. * If netaddr is NULL, check the ACL against client->peeraddr; * otherwise check it against netaddr. * * Notes: \li This is appropriate for checking allow-update, allow-query, allow-transfer, etc. It is not appropriate * for checking the blackhole list because we treat positive * matches as "allow" and negative matches as "deny"; in * the case of the blackhole list this would be backwards. * * Requires: \li 'client' points to a valid client. \li 'netaddr' points to a valid address, or is NULL. \li 'acl' points to a valid ACL, or is NULL. * Returns: \li ISC_R_SUCCESS if the request should be allowed \li DNS_R_REFUSED if the request should be denied \li No other return values are possible. / isc_result_t ns_client_checkacl(ns_client_t client, isc_sockaddr_t sockaddr, const char opname, dns_acl_t acl, bool default_allow, int log_level); /%< Like ns_client_checkaclsilent, except the outcome of the check is * logged at log level 'log_level' if denied, and at debug 3 if approved. * Log messages will refer to the request as an 'opname' request. * * Requires: \li 'client' points to a valid client. \li 'sockaddr' points to a valid address, or is NULL. \li 'acl' points to a valid ACL, or is NULL. \li 'opname' points to a null-terminated string. / void ns_client_log(ns_client_t client, isc_logcategory_t category, isc_logmodule_t module, int level, const char fmt, ...) ISC_FORMAT_PRINTF(5, 6); void ns_client_logv(ns_client_t client, isc_logcategory_t category, isc_logmodule_t module, int level, const char fmt, va_list ap) ISC_FORMAT_PRINTF(5, 0); void ns_client_aclmsg(const char msg, const dns_name_t name, dns_rdatatype_t type, dns_rdataclass_t rdclass, char buf, size_t len); #define NS_CLIENT_ACLMSGSIZE(x) \ (DNS_NAME_FORMATSIZE + DNS_RDATATYPE_FORMATSIZE + \ DNS_RDATACLASS_FORMATSIZE + sizeof(x) + sizeof("'/'")) void ns_client_recursing(ns_client_t client); /%< * Add client to end of th recursing list. / void ns_client_killoldestquery(ns_client_t client); /%< Kill the oldest recursive query (recursing list head). / void ns_client_dumprecursing(FILE f, ns_clientmgr_t manager); /%< * Dump the outstanding recursive queries to 'f'. / void ns_client_qnamereplace(ns_client_t client, dns_name_t name); /%< * Replace the qname. / isc_result_t ns_client_sourceip(dns_clientinfo_t ci, isc_sockaddr_t *addrp); isc_result_t ns_client_addopt(ns_client_t client, dns_message_t message, dns_rdataset_t opt); /%< * Get a client object from the inactive queue, or create one, as needed. * (Not intended for use outside this module and associated tests.) / void ns__client_request(isc_nmhandle_t handle, isc_result_t eresult, isc_region_t region, void arg); /%< Handle client requests. * (Not intended for use outside this module and associated tests.) / isc_result_t ns__client_tcpconn(isc_nmhandle_t handle, isc_result_t result, void arg); /%< * Called every time a TCP connection is establish. This is used for * updating TCP statistics. / dns_rdataset_t ns_client_newrdataset(ns_client_t client); void ns_client_putrdataset(ns_client_t client, dns_rdataset_t *rdatasetp); /%< * Get and release temporary rdatasets in the client message; * used in query.c and in plugins. / isc_result_t ns_client_newnamebuf(ns_client_t client); /%< Allocate a name buffer for the client message. / dns_name_t ns_client_newname(ns_client_t client, isc_buffer_t dbuf, isc_buffer_t nbuf); /%< * Get a temporary name for the client message. / isc_buffer_t ns_client_getnamebuf(ns_client_t client); /%< * Get a name buffer from the pool, or allocate a new one if needed. / void ns_client_keepname(ns_client_t client, dns_name_t name, isc_buffer_t dbuf); /%< Adjust buffer 'dbuf' to reflect that 'name' is using space in it, * and set client attributes appropriately. / void ns_client_releasename(ns_client_t client, dns_name_t *namep); /%< * Release 'name' back to the pool of temporary names for the client * message. If it is using a name buffer, relinquish its exclusive * rights on the buffer. / isc_result_t ns_client_newdbversion(ns_client_t client, unsigned int n); /%< Allocate 'n' new database versions for use by client queries. / ns_dbversion_t ns_client_getdbversion(ns_client_t client); /%< * Get a free database version for use by a client query, allocating * a new one if necessary. / ns_dbversion_t ns_client_findversion(ns_client_t client, dns_db_t db); /%< Find the correct database version to use with a client query. * If we have already done a query related to the database 'db', * make sure subsequent queries are from the same version; * otherwise, take a database version from the list of dbversions * allocated by ns_client_newdbversion(). / isc_result_t ns__client_setup(ns_client_t client, ns_clientmgr_t manager, bool new); /%< * Perform initial setup of an allocated client. / void ns__client_reset_cb(void client0); /%< Reset the client object so that it can be reused. / void ns__client_put_cb(void client0); /%< Free all resources allocated to this client object, so that * it can be freed. / #endif / NS_CLIENT_H / ��ns/log.h��0000644��00000004201�15125204633�0006114 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef NS_LOG_H #define NS_LOG_H 1 /! \file / #include <isc/log.h> #include <isc/types.h> LIBNS_EXTERNAL_DATA extern isc_log_t ns_lctx; LIBNS_EXTERNAL_DATA extern isc_logcategory_t ns_categories[]; LIBNS_EXTERNAL_DATA extern isc_logmodule_t ns_modules[]; #define NS_LOGCATEGORY_CLIENT (&ns_categories[0]) #define NS_LOGCATEGORY_NETWORK (&ns_categories[1]) #define NS_LOGCATEGORY_UPDATE (&ns_categories[2]) #define NS_LOGCATEGORY_QUERIES (&ns_categories[3]) #define NS_LOGCATEGORY_UPDATE_SECURITY (&ns_categories[4]) #define NS_LOGCATEGORY_QUERY_ERRORS (&ns_categories[5]) #define NS_LOGCATEGORY_TAT (&ns_categories[6]) #define NS_LOGCATEGORY_SERVE_STALE (&ns_categories[7]) /* * Backwards compatibility. / #define NS_LOGCATEGORY_GENERAL ISC_LOGCATEGORY_GENERAL #define NS_LOGMODULE_CLIENT (&ns_modules[0]) #define NS_LOGMODULE_QUERY (&ns_modules[1]) #define NS_LOGMODULE_INTERFACEMGR (&ns_modules[2]) #define NS_LOGMODULE_UPDATE (&ns_modules[3]) #define NS_LOGMODULE_XFER_IN (&ns_modules[4]) #define NS_LOGMODULE_XFER_OUT (&ns_modules[5]) #define NS_LOGMODULE_NOTIFY (&ns_modules[6]) #define NS_LOGMODULE_HOOKS (&ns_modules[7]) void ns_log_init(isc_log_t lctx); /%< Make the libns categories and modules available for use with the * ISC logging library. * * Requires: \li lctx is a valid logging context. \li ns_log_init() is called only once. * Ensures: \li The categories and modules defined above are available for use by isc_log_usechannnel() and isc_log_write(). / void ns_log_setcontext(isc_log_t lctx); /%< Make the libns library use the provided context for logging internal * messages. * * Requires: \li lctx is a valid logging context. / #endif /* NS_LOG_H / ��ns/stats.h��0000644��00000006654�15125204633�0006507 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef NS_STATS_H #define NS_STATS_H 1 /! \file include/ns/stats.h / #include <ns/types.h> /% * Server statistics counters. Used as isc_statscounter_t values. / enum { ns_statscounter_requestv4 = 0, ns_statscounter_requestv6 = 1, ns_statscounter_edns0in = 2, ns_statscounter_badednsver = 3, ns_statscounter_tsigin = 4, ns_statscounter_sig0in = 5, ns_statscounter_invalidsig = 6, ns_statscounter_requesttcp = 7, ns_statscounter_authrej = 8, ns_statscounter_recurserej = 9, ns_statscounter_xfrrej = 10, ns_statscounter_updaterej = 11, ns_statscounter_response = 12, ns_statscounter_truncatedresp = 13, ns_statscounter_edns0out = 14, ns_statscounter_tsigout = 15, ns_statscounter_sig0out = 16, ns_statscounter_success = 17, ns_statscounter_authans = 18, ns_statscounter_nonauthans = 19, ns_statscounter_referral = 20, ns_statscounter_nxrrset = 21, ns_statscounter_servfail = 22, ns_statscounter_formerr = 23, ns_statscounter_nxdomain = 24, ns_statscounter_recursion = 25, ns_statscounter_duplicate = 26, ns_statscounter_dropped = 27, ns_statscounter_failure = 28, ns_statscounter_xfrdone = 29, ns_statscounter_updatereqfwd = 30, ns_statscounter_updaterespfwd = 31, ns_statscounter_updatefwdfail = 32, ns_statscounter_updatedone = 33, ns_statscounter_updatefail = 34, ns_statscounter_updatebadprereq = 35, ns_statscounter_recursclients = 36, ns_statscounter_dns64 = 37, ns_statscounter_ratedropped = 38, ns_statscounter_rateslipped = 39, ns_statscounter_rpz_rewrites = 40, ns_statscounter_udp = 41, ns_statscounter_tcp = 42, ns_statscounter_nsidopt = 43, ns_statscounter_expireopt = 44, ns_statscounter_otheropt = 45, ns_statscounter_ecsopt = 46, ns_statscounter_padopt = 47, ns_statscounter_keepaliveopt = 48, ns_statscounter_nxdomainredirect = 49, ns_statscounter_nxdomainredirect_rlookup = 50, ns_statscounter_cookiein = 51, ns_statscounter_cookiebadsize = 52, ns_statscounter_cookiebadtime = 53, ns_statscounter_cookienomatch = 54, ns_statscounter_cookiematch = 55, ns_statscounter_cookienew = 56, ns_statscounter_badcookie = 57, ns_statscounter_nxdomainsynth = 58, ns_statscounter_nodatasynth = 59, ns_statscounter_wildcardsynth = 60, ns_statscounter_trystale = 61, ns_statscounter_usedstale = 62, ns_statscounter_prefetch = 63, ns_statscounter_keytagopt = 64, ns_statscounter_tcphighwater = 65, ns_statscounter_reclimitdropped = 66, ns_statscounter_updatequota = 67, ns_statscounter_max = 68, }; void ns_stats_attach(ns_stats_t stats, ns_stats_t statsp); void ns_stats_detach(ns_stats_t statsp); isc_result_t ns_stats_create(isc_mem_t mctx, int ncounters, ns_stats_t statsp); void ns_stats_increment(ns_stats_t stats, isc_statscounter_t counter); void ns_stats_decrement(ns_stats_t stats, isc_statscounter_t counter); isc_stats_t ns_stats_get(ns_stats_t stats); void ns_stats_update_if_greater(ns_stats_t stats, isc_statscounter_t counter, isc_statscounter_t value); isc_statscounter_t ns_stats_get_counter(ns_stats_t stats, isc_statscounter_t counter); #endif / NS_STATS_H / ��ns/hooks.h��0000644��00000034261�15125204633�0006467 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef NS_HOOKS_H #define NS_HOOKS_H 1 /! \file / #include <stdbool.h> #include <isc/list.h> #include <isc/magic.h> #include <isc/result.h> #include <dns/rdatatype.h> #include <ns/client.h> #include <ns/query.h> / * "Hooks" are a mechanism to call a defined function or set of functions once * a certain place in code is reached. Hook actions can inspect and alter the * state of an ongoing process, allowing processing to continue afterward or * triggering an early return. * * Currently hooks are used in two ways: in plugins, which use them to * add functionality to query processing, and in the unit tests for libns, * where they are used to inspect state before and after certain functions have * run. * * Both of these uses are limited to libns, so hooks are currently defined in * the ns/hooks.h header file, and hook-related macro and function names are * prefixed with `NS_` and `ns_`. However, the design is fairly generic and * could be repurposed for general use, e.g. as part of libisc, after some * further customization. * * Hooks are created by defining a hook point identifier in the ns_hookpoint_t * enum below, and placing a special call at a corresponding location in the * code which invokes the action(s) for that hook; there are two such special * calls currently implemented, namely the CALL_HOOK() and CALL_HOOK_NORETURN() * macros in query.c. The former macro contains a "goto cleanup" statement * which is inlined into the function into which the hook has been inserted; * this enables the hook action to cause the calling function to return from * the hook insertion point. For functions returning isc_result_t, if a hook * action intends to cause a return at hook insertion point, it also has to set * the value to be returned by the calling function. * * A hook table is an array (indexed by the value of the hook point identifier) * in which each cell contains a linked list of structures, each of which * contains a function pointer to a hook action and a pointer to data which is * to be passed to the action function when it is called. * * Each view has its own separate hook table, populated by loading plugin * modules specified in the "plugin" statements in named.conf. There is also a * special, global hook table (ns__hook_table) that is only used by libns unit * tests and whose existence can be safely ignored by plugin modules. * * Hook actions are functions which: * * - return an ns_hookresult_t value: * - if NS_HOOK_RETURN is returned by the hook action, the function * into which the hook is inserted will return and no further hook * actions at the same hook point will be invoked, * - if NS_HOOK_CONTINUE is returned by the hook action and there are * further hook actions set up at the same hook point, they will be * processed; if NS_HOOK_CONTINUE is returned and there are no * further hook actions set up at the same hook point, execution of * the function into which the hook has been inserted will be * resumed. * * - accept three pointers as arguments: * - a pointer specified by the special call at the hook insertion point, * - a pointer specified upon inserting the action into the hook table, * - a pointer to an isc_result_t value which will be returned by the * function into which the hook is inserted if the action returns * NS_HOOK_RETURN. * * In order for a hook action to be called for a given hook, a pointer to that * action function (along with an optional pointer to action-specific data) has * to be inserted into the relevant hook table entry for that hook using an * ns_hook_add() call. If multiple actions are set up at a single hook point * (e.g. by multiple plugin modules), they are processed in FIFO order, that is * they are performed in the same order in which their relevant ns_hook_add() * calls were issued. Since the configuration is loaded from a single thread, * this means that multiple actions at a single hook point are determined by * the order in which the relevant plugin modules were declared in the * configuration file(s). The hook API currently does not support changing * this order. * * As an example, consider the following hypothetical function in query.c: * * ---------------------------------------------------------------------------- * static isc_result_t * query_foo(query_ctx_t qctx) { isc_result_t result; * * CALL_HOOK(NS_QUERY_FOO_BEGIN, qctx); * * ns_client_log(qctx->client, NS_LOGCATEGORY_CLIENT, NS_LOGMODULE_QUERY, * ISC_LOG_DEBUG(99), "Lorem ipsum dolor sit amet..."); * * result = ISC_R_COMPLETE; * * cleanup: * return (result); * } * ---------------------------------------------------------------------------- * * and the following hook action: * * ---------------------------------------------------------------------------- * static ns_hookresult_t * cause_failure(void hook_data, void action_data, isc_result_t resultp) { UNUSED(hook_data); * UNUSED(action_data); * * resultp = ISC_R_FAILURE; * return (NS_HOOK_RETURN); * } * ---------------------------------------------------------------------------- * * If this hook action was installed in the hook table using: * * ---------------------------------------------------------------------------- * const ns_hook_t foo_fail = { * .action = cause_failure, * }; * * ns_hook_add(..., NS_QUERY_FOO_BEGIN, &foo_fail); * ---------------------------------------------------------------------------- * * then query_foo() would return ISC_R_FAILURE every time it is called due * to the cause_failure() hook action returning NS_HOOK_RETURN and setting * 'resultp' to ISC_R_FAILURE. query_foo() would also never log the "Lorem ipsum dolor sit amet..." message. * * Consider a different hook action: * * ---------------------------------------------------------------------------- * static ns_hookresult_t * log_qtype(void hook_data, void action_data, isc_result_t resultp) { query_ctx_t qctx = (query_ctx_t )hook_data; * FILE stream = (FILE )action_data; * * UNUSED(resultp); * * fprintf(stream, "QTYPE=%u\n", qctx->qtype); * * return (NS_HOOK_CONTINUE); * } * ---------------------------------------------------------------------------- * * If this hook action was installed in the hook table instead of * cause_failure(), using: * * ---------------------------------------------------------------------------- * const ns_hook_t foo_log_qtype = { * .action = log_qtype, * .action_data = stderr, * }; * * ns_hook_add(..., NS_QUERY_FOO_BEGIN, &foo_log_qtype); * ---------------------------------------------------------------------------- * * then the QTYPE stored in the query context passed to query_foo() would be * logged to stderr upon each call to that function; 'qctx' would be passed to * the hook action in 'hook_data' since it is specified in the CALL_HOOK() call * inside query_foo() while stderr would be passed to the hook action in * 'action_data' since it is specified in the ns_hook_t structure passed to * ns_hook_add(). As the hook action returns NS_HOOK_CONTINUE, * query_foo() would also be logging the "Lorem ipsum dolor sit amet..." * message before returning ISC_R_COMPLETE. / /! * Currently-defined hook points. So long as these are unique, * the order in which they are declared is unimportant, but * currently matches the order in which they are referenced in * query.c. / typedef enum { / hookpoints from query.c / NS_QUERY_QCTX_INITIALIZED, NS_QUERY_QCTX_DESTROYED, NS_QUERY_SETUP, NS_QUERY_START_BEGIN, NS_QUERY_LOOKUP_BEGIN, NS_QUERY_RESUME_BEGIN, NS_QUERY_RESUME_RESTORED, NS_QUERY_GOT_ANSWER_BEGIN, NS_QUERY_RESPOND_ANY_BEGIN, NS_QUERY_RESPOND_ANY_FOUND, NS_QUERY_ADDANSWER_BEGIN, NS_QUERY_RESPOND_BEGIN, NS_QUERY_NOTFOUND_BEGIN, NS_QUERY_NOTFOUND_RECURSE, NS_QUERY_PREP_DELEGATION_BEGIN, NS_QUERY_ZONE_DELEGATION_BEGIN, NS_QUERY_DELEGATION_BEGIN, NS_QUERY_DELEGATION_RECURSE_BEGIN, NS_QUERY_NODATA_BEGIN, NS_QUERY_NXDOMAIN_BEGIN, NS_QUERY_NCACHE_BEGIN, NS_QUERY_ZEROTTL_RECURSE, NS_QUERY_CNAME_BEGIN, NS_QUERY_DNAME_BEGIN, NS_QUERY_PREP_RESPONSE_BEGIN, NS_QUERY_DONE_BEGIN, NS_QUERY_DONE_SEND, / XXX other files could be added later / NS_HOOKPOINTS_COUNT / MUST BE LAST / } ns_hookpoint_t; / * Returned by a hook action to indicate how to proceed after it has * been called: continue processing, or return immediately. / typedef enum { NS_HOOK_CONTINUE, NS_HOOK_RETURN, } ns_hookresult_t; typedef ns_hookresult_t (ns_hook_action_t)(void arg, void data, isc_result_t resultp); typedef struct ns_hook { isc_mem_t mctx; ns_hook_action_t action; void action_data; ISC_LINK(struct ns_hook) link; } ns_hook_t; typedef ISC_LIST(ns_hook_t) ns_hooklist_t; typedef ns_hooklist_t ns_hooktable_t[NS_HOOKPOINTS_COUNT]; /% * ns__hook_table is a global hook table, which is used if view->hooktable * is NULL. It's intended only for use by unit tests. / LIBNS_EXTERNAL_DATA extern ns_hooktable_t ns__hook_table; /* * Plugin API version * * When the API changes, increment NS_PLUGIN_VERSION. If the * change is backward-compatible (e.g., adding a new function call * but not changing or removing an old one), increment NS_PLUGIN_AGE * as well; if not, set NS_PLUGIN_AGE to 0. / #ifndef NS_PLUGIN_VERSION #define NS_PLUGIN_VERSION 1 #define NS_PLUGIN_AGE 0 #endif / ifndef NS_PLUGIN_VERSION / typedef isc_result_t ns_plugin_register_t(const char parameters, const void cfg, const char file, unsigned long line, isc_mem_t mctx, isc_log_t lctx, void actx, ns_hooktable_t hooktable, void *instp); /%< * Called when registering a new plugin. * * 'parameters' contains the plugin configuration text. * * 'instp' will be set to the module instance handle if the function is successful. * * Returns: \li #ISC_R_SUCCESS \li #ISC_R_NOMEMORY \li Other errors are possible / typedef void ns_plugin_destroy_t(void *instp); /%< * Destroy a plugin instance. * * 'instp' must be set to NULL by the function before it returns. / typedef isc_result_t ns_plugin_check_t(const char parameters, const void cfg, const char file, unsigned long line, isc_mem_t mctx, isc_log_t lctx, void actx); /%< Check the validity of 'parameters'. / typedef int ns_plugin_version_t(void); /%< * Return the API version number a plugin was compiled with. * * If the returned version number is no greater than * NS_PLUGIN_VERSION, and no less than NS_PLUGIN_VERSION - NS_PLUGIN_AGE, * then the module is API-compatible with named. / /% * Prototypes for API functions to be defined in each module. / ns_plugin_check_t plugin_check; ns_plugin_destroy_t plugin_destroy; ns_plugin_register_t plugin_register; ns_plugin_version_t plugin_version; isc_result_t ns_plugin_expandpath(const char src, char dst, size_t dstsize); /%< * Prepare the plugin location to be passed to dlopen() based on the plugin * path or filename found in the configuration file ('src'). Store the result * in 'dst', which is 'dstsize' bytes large. * * On Unix systems, two classes of 'src' are recognized: * * - If 'src' is an absolute or relative path, it will be copied to 'dst' * verbatim. * * - If 'src' is a filename (i.e. does not contain a path separator), the * path to the directory into which named plugins are installed will be * prepended to it and the result will be stored in 'dst'. * * On Windows, 'src' is always copied to 'dst' verbatim. * * Returns: \li #ISC_R_SUCCESS Success \li #ISC_R_NOSPACE 'dst' is not large enough to hold the output string \li Other result snprintf() returned a negative value / isc_result_t ns_plugin_register(const char modpath, const char parameters, const void cfg, const char cfg_file, unsigned long cfg_line, isc_mem_t mctx, isc_log_t lctx, void actx, dns_view_t view); /%< Load the plugin module specified from the file 'modpath', and * register an instance using 'parameters'. * * 'cfg_file' and 'cfg_line' specify the location of the plugin * declaration in the configuration file. * * 'cfg' and 'actx' are the configuration context and ACL configuration * context, respectively; they are passed as void * here in order to * prevent this library from having a dependency on libisccfg). * * 'instp' will be left pointing to the instance of the plugin * created by the module's plugin_register function. / isc_result_t ns_plugin_check(const char modpath, const char parameters, const void cfg, const char cfg_file, unsigned long cfg_line, isc_mem_t mctx, isc_log_t lctx, void actx); /%< Open the plugin module at 'modpath' and check the validity of * 'parameters', logging any errors or warnings found, then * close it without configuring it. / void ns_plugins_create(isc_mem_t mctx, ns_plugins_t *listp); /%< * Create and initialize a plugin list. / void ns_plugins_free(isc_mem_t mctx, void *listp); /%< * Close each plugin module in a plugin list, then free the list object. / void ns_hooktable_free(isc_mem_t mctx, void *tablep); /%< * Free a hook table. / void ns_hook_add(ns_hooktable_t hooktable, isc_mem_t mctx, ns_hookpoint_t hookpoint, const ns_hook_t hook); /%< Allocate (using memory context 'mctx') a copy of the 'hook' structure * describing a hook action and append it to the list of hooks at 'hookpoint' * in 'hooktable'. * * Requires: \li 'hooktable' is not NULL \li 'mctx' is not NULL \li 'hookpoint' is less than NS_QUERY_HOOKS_COUNT \li 'hook' is not NULL / void ns_hooktable_init(ns_hooktable_t hooktable); /%< * Initialize a hook table. / isc_result_t ns_hooktable_create(isc_mem_t mctx, ns_hooktable_t *tablep); /%< * Allocate and initialize a hook table. / #endif / NS_HOOKS_H / ��ns/types.h��0000644��00000002056�15125204633�0006505 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef NS_TYPES_H #define NS_TYPES_H 1 /! \file / typedef struct ns_altsecret ns_altsecret_t; typedef ISC_LIST(ns_altsecret_t) ns_altsecretlist_t; typedef struct ns_client ns_client_t; typedef struct ns_clientmgr ns_clientmgr_t; typedef struct ns_plugin ns_plugin_t; typedef ISC_LIST(ns_plugin_t) ns_plugins_t; typedef struct ns_interface ns_interface_t; typedef struct ns_interfacemgr ns_interfacemgr_t; typedef struct ns_query ns_query_t; typedef struct ns_server ns_server_t; typedef struct ns_stats ns_stats_t; typedef enum { ns_cookiealg_aes, ns_cookiealg_siphash24 } ns_cookiealg_t; #define NS_COOKIE_VERSION_1 1 #endif / NS_TYPES_H / ��ns/lib.h��0000644��00000001377�15125204633�0006114 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #pragma once /! \file include/ns/lib.h / #include <isc/lang.h> #include <isc/types.h> ISC_LANG_BEGINDECLS LIBNS_EXTERNAL_DATA extern unsigned int ns_pps; isc_result_t ns_lib_init(void); /%< * A set of initialization procedures used in the NS library. / void ns_lib_shutdown(void); /%< * Free temporary resources allocated in ns_lib_init(). / ISC_LANG_ENDDECLS ��ns/server.h��0000644��00000011430�15125204633�0006643 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef NS_SERVER_H #define NS_SERVER_H 1 /! \file / #include <inttypes.h> #include <stdbool.h> #include <isc/fuzz.h> #include <isc/log.h> #include <isc/magic.h> #include <isc/quota.h> #include <isc/random.h> #include <isc/sockaddr.h> #include <isc/types.h> #include <dns/acl.h> #include <dns/types.h> #include <ns/types.h> #define NS_EVENT_CLIENTCONTROL (ISC_EVENTCLASS_NS + 0) #define NS_SERVER_LOGQUERIES 0x00000001U /%< log queries / #define NS_SERVER_NOAA 0x00000002U /%< -T noaa / #define NS_SERVER_NOSOA 0x00000004U /%< -T nosoa / #define NS_SERVER_NONEAREST 0x00000008U /%< -T nonearest / #define NS_SERVER_NOEDNS 0x00000020U /%< -T noedns / #define NS_SERVER_DROPEDNS 0x00000040U /%< -T dropedns / #define NS_SERVER_NOTCP 0x00000080U /%< -T notcp / #define NS_SERVER_DISABLE4 0x00000100U /%< -6 / #define NS_SERVER_DISABLE6 0x00000200U /%< -4 / #define NS_SERVER_FIXEDLOCAL 0x00000400U /%< -T fixedlocal / #define NS_SERVER_SIGVALINSECS 0x00000800U /%< -T sigvalinsecs / #define NS_SERVER_EDNSFORMERR 0x00001000U /%< -T ednsformerr (STD13) / #define NS_SERVER_EDNSNOTIMP 0x00002000U /%< -T ednsnotimp / #define NS_SERVER_EDNSREFUSED 0x00004000U /%< -T ednsrefused / /% * Type for callback function to get hostname. / typedef isc_result_t (ns_hostnamecb_t)(char buf, size_t len); /% * Type for callback function to signal the fuzzer thread * when built with AFL. / typedef void (ns_fuzzcb_t)(void); /% Type for callback function to get the view that can answer a query. / typedef isc_result_t (ns_matchview_t)( isc_netaddr_t srcaddr, isc_netaddr_t destaddr, dns_message_t message, dns_aclenv_t env, isc_result_t sigresultp, dns_view_t viewp); /% * Server context. / struct ns_server { unsigned int magic; isc_mem_t mctx; isc_refcount_t references; /% Server cookie secret and algorithm / unsigned char secret[32]; ns_cookiealg_t cookiealg; ns_altsecretlist_t altsecrets; bool answercookie; /% Quotas / isc_quota_t recursionquota; isc_quota_t tcpquota; isc_quota_t xfroutquota; isc_quota_t updquota; /% Test options and other configurables / uint32_t options; dns_acl_t blackholeacl; dns_acl_t keepresporder; uint16_t udpsize; uint16_t transfer_tcp_message_size; bool interface_auto; dns_tkeyctx_t tkeyctx; /% Server id for NSID / char server_id; ns_hostnamecb_t gethostname; /% Fuzzer callback / isc_fuzztype_t fuzztype; ns_fuzzcb_t fuzznotify; /% Callback to find a matching view for a query / ns_matchview_t matchingview; /% Stats counters / ns_stats_t nsstats; dns_stats_t rcvquerystats; dns_stats_t opcodestats; dns_stats_t rcodestats; isc_stats_t udpinstats4; isc_stats_t udpoutstats4; isc_stats_t udpinstats6; isc_stats_t udpoutstats6; isc_stats_t tcpinstats4; isc_stats_t tcpoutstats4; isc_stats_t tcpinstats6; isc_stats_t tcpoutstats6; unsigned int max_additional_records; }; struct ns_altsecret { ISC_LINK(ns_altsecret_t) link; unsigned char secret[32]; }; isc_result_t ns_server_create(isc_mem_t mctx, ns_matchview_t matchingview, ns_server_t sctxp); /%< * Create a server context object with default settings. / void ns_server_attach(ns_server_t src, ns_server_t *dest); /%< * Attach a server context. * * Requires: \li 'src' is valid. / void ns_server_detach(ns_server_t *sctxp); /%< * Detach from a server context. If its reference count drops to zero, destroy * it, freeing its memory. * * Requires: \li 'sctxp' is valid. * Ensures: \li 'sctxp' is NULL on return. / isc_result_t ns_server_setserverid(ns_server_t sctx, const char serverid); /%< * Set sctx->server_id to 'serverid'. If it was set previously, free the memory. * * Requires: \li 'sctx' is valid. / unsigned int ns_server_getmaxadditionalrecords(ns_server_t sctx); /%< * Returns the maximal number of records with additional addresses * provided. * * Requires: \li 'sctx' is valid. / void ns_server_setoption(ns_server_t sctx, unsigned int option, bool value); /%< * Set the given options on (if 'value' == #true) * or off (if 'value' == #false). * * Requires: \li 'sctx' is valid / bool ns_server_getoption(ns_server_t sctx, unsigned int option); /%< * Returns the current value of the specified server option. * * Requires: \li 'sctx' is valid. / #endif /* NS_SERVER_H / ��ns/version.h��0000644��00000000770�15125204633�0007027 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / /! \file include/ns/version.h / #include <isc/platform.h> LIBNS_EXTERNAL_DATA extern const char ns_version[]; ��ns/xfrout.h��0000644��00000001213�15125204633�0006662 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef NS_XFROUT_H #define NS_XFROUT_H 1 /** * Module Info **/ /! \file * \brief * Outgoing zone transfers (AXFR + IXFR). / / * Functions **/ void ns_xfr_start(ns_client_t client, dns_rdatatype_t xfrtype); #endif /* NS_XFROUT_H / ��ns/interfacemgr.h��0000644��00000012617�15125204633�0010013 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef NS_INTERFACEMGR_H #define NS_INTERFACEMGR_H 1 /** * Module Info **/ /! \file * \brief * The interface manager monitors the operating system's list * of network interfaces, creating and destroying listeners * as needed. * * Reliability: \li No impact expected. * Resources: * * Security: * \li The server will only be able to bind to the DNS port on * newly discovered interfaces if it is running as root. * * Standards: \li The API for scanning varies greatly among operating systems. This module attempts to hide the differences. / / * Imports */ #include <stdbool.h> #include <isc/magic.h> #include <isc/mem.h> #include <isc/netmgr.h> #include <isc/refcount.h> #include <isc/socket.h> #include <dns/geoip.h> #include <dns/result.h> #include <ns/listenlist.h> #include <ns/types.h> /* * Types / #define IFACE_MAGIC ISC_MAGIC('I', ':', '-', ')') #define NS_INTERFACE_VALID(t) ISC_MAGIC_VALID(t, IFACE_MAGIC) #define NS_INTERFACEFLAG_ANYADDR 0x01U /%< bound to "any" address / #define MAX_UDP_DISPATCH \ 128 /%< Maximum number of UDP dispatchers \ * to start per interface / /% The nameserver interface structure / struct ns_interface { unsigned int magic; /%< Magic number. / ns_interfacemgr_t mgr; /%< Interface manager. / isc_mutex_t lock; isc_refcount_t references; unsigned int generation; /%< Generation number. / isc_sockaddr_t addr; /%< Address and port. / unsigned int flags; /%< Interface flags / char name[32]; /%< Null terminated. / dns_dispatch_t udpdispatch[MAX_UDP_DISPATCH]; /%< UDP dispatchers. / isc_socket_t tcpsocket; /%< TCP socket. / isc_nmsocket_t udplistensocket; isc_nmsocket_t tcplistensocket; isc_dscp_t dscp; /%< "listen-on" DSCP value / isc_refcount_t ntcpaccepting; /%< Number of clients ready to accept new * TCP connections on this * interface / isc_refcount_t ntcpactive; /%< Number of clients * servicing TCP queries * (whether accepting or * connected) / int nudpdispatch; /%< Number of UDP dispatches / ns_clientmgr_t clientmgr; /%< Client manager. / ISC_LINK(ns_interface_t) link; }; /* * Functions **/ isc_result_t ns_interfacemgr_create(isc_mem_t mctx, ns_server_t sctx, isc_taskmgr_t taskmgr, isc_timermgr_t timermgr, isc_socketmgr_t socketmgr, isc_nm_t nm, dns_dispatchmgr_t dispatchmgr, isc_task_t task, unsigned int udpdisp, dns_geoip_databases_t geoip, int ncpus, ns_interfacemgr_t *mgrp); /%< * Create a new interface manager. * * Initially, the new manager will not listen on any interfaces. * Call ns_interfacemgr_setlistenon() and/or ns_interfacemgr_setlistenon6() * to set nonempty listen-on lists. / void ns_interfacemgr_attach(ns_interfacemgr_t source, ns_interfacemgr_t target); void ns_interfacemgr_detach(ns_interfacemgr_t targetp); void ns_interfacemgr_shutdown(ns_interfacemgr_t mgr); void ns_interfacemgr_setbacklog(ns_interfacemgr_t mgr, int backlog); /%< Set the size of the listen() backlog queue. / bool ns_interfacemgr_islistening(ns_interfacemgr_t mgr); /%< Return if the manager is listening on any interface. It can be called * after a scan or adjust. / isc_result_t ns_interfacemgr_scan(ns_interfacemgr_t mgr, bool verbose); /%< Scan the operatings system's list of network interfaces * and create listeners when new interfaces are discovered. * Shut down the sockets for interfaces that go away. * * This should be called once on server startup and then * periodically according to the 'interface-interval' option * in named.conf. / void ns_interfacemgr_setlistenon4(ns_interfacemgr_t mgr, ns_listenlist_t value); /%< * Set the IPv4 "listen-on" list of 'mgr' to 'value'. * The previous IPv4 listen-on list is freed. / void ns_interfacemgr_setlistenon6(ns_interfacemgr_t mgr, ns_listenlist_t value); /%< * Set the IPv6 "listen-on" list of 'mgr' to 'value'. * The previous IPv6 listen-on list is freed. / dns_aclenv_t ns_interfacemgr_getaclenv(ns_interfacemgr_t mgr); void ns_interface_attach(ns_interface_t source, ns_interface_t target); void ns_interface_detach(ns_interface_t targetp); void ns_interface_shutdown(ns_interface_t ifp); /%< * Stop listening for queries on interface 'ifp'. * May safely be called multiple times. / void ns_interfacemgr_dumprecursing(FILE f, ns_interfacemgr_t mgr); bool ns_interfacemgr_listeningon(ns_interfacemgr_t mgr, const isc_sockaddr_t addr); ns_server_t ns_interfacemgr_getserver(ns_interfacemgr_t mgr); /%< * Returns the ns_server object associated with the interface manager. / ns_interface_t ns__interfacemgr_getif(ns_interfacemgr_t mgr); ns_interface_t ns__interfacemgr_nextif(ns_interface_t ifp); / * Functions to allow external callers to walk the interfaces list. * (Not intended for use outside this module and associated tests.) / #endif / NS_INTERFACEMGR_H / ��ns/notify.h��0000644��00000002002�15125204633�0006640 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef NS_NOTIFY_H #define NS_NOTIFY_H 1 #include <ns/client.h> / * Module Info **/ /! \file * \brief * RFC1996 * A Mechanism for Prompt Notification of Zone Changes (DNS NOTIFY) / / * Functions. **/ void ns_notify_start(ns_client_t client, isc_nmhandle_t handle); /%< * Examines the incoming message to determine appropriate zone. * Returns FORMERR if there is not exactly one question. * Returns REFUSED if we do not serve the listed zone. * Pass the message to the zone module for processing * and returns the return status. * * Requires \li client to be valid. / #endif /* NS_NOTIFY_H / ��ns/query.h��0000644��00000015005�15125204633�0006504 0��ustar�00��/ * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, you can obtain one at https://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. / #ifndef NS_QUERY_H #define NS_QUERY_H 1 /! \file / #include <stdbool.h> #include <isc/buffer.h> #include <isc/netaddr.h> #include <isc/types.h> #include <dns/rdataset.h> #include <dns/resolver.h> #include <dns/rpz.h> #include <dns/types.h> #include <ns/types.h> /% nameserver database version structure / typedef struct ns_dbversion { dns_db_t db; dns_dbversion_t version; bool acl_checked; bool queryok; ISC_LINK(struct ns_dbversion) link; } ns_dbversion_t; /% * nameserver recursion parameters, to uniquely identify a recursion * query; this is used to detect a recursion loop / typedef struct ns_query_recparam { dns_rdatatype_t qtype; dns_name_t qname; dns_fixedname_t fqname; dns_name_t qdomain; dns_fixedname_t fqdomain; } ns_query_recparam_t; /% nameserver query structure / struct ns_query { unsigned int attributes; unsigned int restarts; bool timerset; dns_name_t qname; dns_name_t origqname; dns_rdatatype_t qtype; unsigned int dboptions; unsigned int fetchoptions; dns_db_t gluedb; dns_db_t authdb; dns_zone_t authzone; bool authdbset; bool isreferral; isc_mutex_t fetchlock; dns_fetch_t fetch; dns_fetch_t prefetch; dns_rpz_st_t rpz_st; isc_bufferlist_t namebufs; ISC_LIST(ns_dbversion_t) activeversions; ISC_LIST(ns_dbversion_t) freeversions; dns_rdataset_t dns64_aaaa; dns_rdataset_t dns64_sigaaaa; bool dns64_aaaaok; unsigned int dns64_aaaaoklen; unsigned int dns64_options; unsigned int dns64_ttl; struct { dns_db_t db; dns_zone_t zone; dns_dbnode_t node; dns_rdatatype_t qtype; dns_name_t fname; dns_fixedname_t fixed; isc_result_t result; dns_rdataset_t rdataset; dns_rdataset_t sigrdataset; bool authoritative; bool is_zone; } redirect; ns_query_recparam_t recparam; dns_keytag_t root_key_sentinel_keyid; bool root_key_sentinel_is_ta; bool root_key_sentinel_not_ta; }; #define NS_QUERYATTR_RECURSIONOK 0x000001 #define NS_QUERYATTR_CACHEOK 0x000002 #define NS_QUERYATTR_PARTIALANSWER 0x000004 #define NS_QUERYATTR_NAMEBUFUSED 0x000008 #define NS_QUERYATTR_RECURSING 0x000010 #define NS_QUERYATTR_QUERYOKVALID 0x000040 #define NS_QUERYATTR_QUERYOK 0x000080 #define NS_QUERYATTR_WANTRECURSION 0x000100 #define NS_QUERYATTR_SECURE 0x000200 #define NS_QUERYATTR_NOAUTHORITY 0x000400 #define NS_QUERYATTR_NOADDITIONAL 0x000800 #define NS_QUERYATTR_CACHEACLOKVALID 0x001000 #define NS_QUERYATTR_CACHEACLOK 0x002000 #define NS_QUERYATTR_DNS64 0x004000 #define NS_QUERYATTR_DNS64EXCLUDE 0x008000 #define NS_QUERYATTR_RRL_CHECKED 0x010000 #define NS_QUERYATTR_REDIRECT 0x020000 #define NS_QUERYATTR_ANSWERED 0x040000 #define NS_QUERYATTR_STALEOK 0x080000 #define NS_QUERYATTR_STALEPENDING 0x100000 typedef struct query_ctx query_ctx_t; /* query context structure / struct query_ctx { isc_buffer_t dbuf; /* name buffer / dns_name_t fname; /* found name from DB lookup / dns_name_t tname; /* temporary name, used * when processing ANY * queries / dns_rdataset_t rdataset; /* found rdataset / dns_rdataset_t sigrdataset; /* found sigrdataset / dns_rdataset_t noqname; /* rdataset needing * NOQNAME proof / dns_rdatatype_t qtype; dns_rdatatype_t type; unsigned int options; / DB lookup options / bool redirected; / nxdomain redirected? / bool is_zone; / is DB a zone DB? / bool is_staticstub_zone; bool resuming; / resumed from recursion? / bool dns64, dns64_exclude, rpz; bool authoritative; / authoritative query? / bool want_restart; / CNAME chain or other * restart needed / bool refresh_rrset; / stale RRset refresh needed / bool need_wildcardproof; / wildcard proof needed / bool nxrewrite; / negative answer from RPZ / bool findcoveringnsec; / lookup covering NSEC / bool answer_has_ns; / NS is in answer / dns_fixedname_t wildcardname; / name needing wcard proof / dns_fixedname_t dsname; / name needing DS / ns_client_t client; /* client object / bool detach_client; / client needs detaching / dns_fetchevent_t event; /* recursion event / dns_db_t db; /* zone or cache database / dns_dbversion_t version; /* DB version / dns_dbnode_t node; /* DB node / dns_db_t zdb; /* zone DB values, saved / dns_dbnode_t znode; /* while searching cache / dns_name_t zfname; /* for a better answer / dns_dbversion_t zversion; dns_rdataset_t zrdataset; dns_rdataset_t zsigrdataset; dns_rpz_st_t rpz_st; / RPZ state / dns_zone_t zone; /* zone to search / dns_view_t view; /* client view / isc_result_t result; / query result / int line; / line to report error / }; isc_result_t ns_query_done(query_ctx_t qctx); /%< Finalize this phase of the query process: * * - Clean up. * - If we have an answer ready (positive or negative), send it. * - If we need to restart for a chaining query, call ns__query_start() again. * - If we've started recursion, then just clean up; things will be * restarted via fetch_callback()/query_resume(). / isc_result_t ns_query_recurse(ns_client_t client, dns_rdatatype_t qtype, dns_name_t qname, dns_name_t qdomain, dns_rdataset_t nameservers, bool resuming); /%< * Prepare client for recursion, then create a resolver fetch, with * the event callback set to fetch_callback(). Afterward we terminate * this phase of the query, and resume with a new query context when * recursion completes. / isc_result_t ns_query_init(ns_client_t client); void ns_query_free(ns_client_t client); void ns_query_start(ns_client_t client, isc_nmhandle_t handle); void ns_query_cancel(ns_client_t client); /* * The following functions are expected to be used only within query.c * and query modules. / isc_result_t ns__query_sfcache(query_ctx_t qctx); /%< (Must not be used outside this module and its associated unit tests.) / isc_result_t ns__query_start(query_ctx_t qctx); /%< (Must not be used outside this module and its associated unit tests.) / #endif / NS_QUERY_H */ ��

| ver. 1.6 | Github | . | PHP 8.2.30 | ??????????? ?????????: 0.02 | proxy | phpinfo | ???????????