diff options
Diffstat (limited to 'contrib/bind9/lib/dns/include')
70 files changed, 17562 insertions, 0 deletions
diff --git a/contrib/bind9/lib/dns/include/Makefile.in b/contrib/bind9/lib/dns/include/Makefile.in new file mode 100644 index 0000000..0e411da --- /dev/null +++ b/contrib/bind9/lib/dns/include/Makefile.in @@ -0,0 +1,25 @@ +# Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 1998-2001 Internet Software Consortium. +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $Id: Makefile.in,v 1.11.206.1 2004/03/06 08:13:50 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +SUBDIRS = dns +TARGETS = + +@BIND9_MAKE_RULES@ diff --git a/contrib/bind9/lib/dns/include/dns/Makefile.in b/contrib/bind9/lib/dns/include/dns/Makefile.in new file mode 100644 index 0000000..267bc8d --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/Makefile.in @@ -0,0 +1,54 @@ +# Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 1998-2003 Internet Software Consortium. +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $Id: Makefile.in,v 1.43.2.1.10.6 2004/03/08 09:04:34 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +@BIND9_VERSION@ + +HEADERS = acl.h adb.h byaddr.h cache.h callbacks.h \ + cert.h compress.h \ + db.h dbiterator.h dbtable.h diff.h dispatch.h \ + dnssec.h ds.h events.h fixedname.h journal.h keyflags.h \ + keytable.h keyvalues.h lib.h log.h master.h masterdump.h \ + message.h name.h ncache.h \ + nsec.h peer.h portlist.h rbt.h rcode.h \ + rdata.h rdataclass.h rdatalist.h rdataset.h rdatasetiter.h \ + rdataslab.h rdatatype.h request.h resolver.h result.h \ + rootns.h sdb.h secalg.h secproto.h soa.h ssu.h \ + tcpmsg.h time.h tkey.h \ + tsig.h ttl.h types.h validator.h version.h view.h xfrin.h \ + zone.h zonekey.h zt.h + +GENHEADERS = enumclass.h enumtype.h rdatastruct.h + +SUBDIRS = +TARGETS = + +@BIND9_MAKE_RULES@ + +installdirs: + $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${includedir}/dns + +install:: installdirs + for i in ${HEADERS}; do \ + ${INSTALL_DATA} ${srcdir}/$$i ${DESTDIR}${includedir}/dns ; \ + done + for i in ${GENHEADERS}; do \ + ${INSTALL_DATA} $$i ${DESTDIR}${includedir}/dns ; \ + done diff --git a/contrib/bind9/lib/dns/include/dns/acl.h b/contrib/bind9/lib/dns/include/dns/acl.h new file mode 100644 index 0000000..bc723f4 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/acl.h @@ -0,0 +1,221 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2002 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: acl.h,v 1.20.52.3 2004/03/08 09:04:34 marka Exp $ */ + +#ifndef DNS_ACL_H +#define DNS_ACL_H 1 + +/***** + ***** Module Info + *****/ + +/* + * Address match list handling. + */ + +/*** + *** Imports + ***/ + +#include <isc/lang.h> +#include <isc/magic.h> +#include <isc/netaddr.h> +#include <isc/refcount.h> + +#include <dns/name.h> +#include <dns/types.h> + +/*** + *** Types + ***/ + +typedef enum { + dns_aclelementtype_ipprefix, + dns_aclelementtype_keyname, + dns_aclelementtype_nestedacl, + dns_aclelementtype_localhost, + dns_aclelementtype_localnets, + dns_aclelementtype_any +} dns_aclelemettype_t; + +typedef struct dns_aclipprefix dns_aclipprefix_t; + +struct dns_aclipprefix { + isc_netaddr_t address; /* IP4/IP6 */ + unsigned int prefixlen; +}; + +struct dns_aclelement { + dns_aclelemettype_t type; + isc_boolean_t negative; + union { + dns_aclipprefix_t ip_prefix; + dns_name_t keyname; + dns_acl_t *nestedacl; + } u; +}; + +struct dns_acl { + unsigned int magic; + isc_mem_t *mctx; + isc_refcount_t refcount; + dns_aclelement_t *elements; + unsigned int alloc; /* Elements allocated */ + unsigned int length; /* Elements initialized */ + char *name; /* Temporary use only */ + ISC_LINK(dns_acl_t) nextincache; /* Ditto */ +}; + +struct dns_aclenv { + dns_acl_t *localhost; + dns_acl_t *localnets; + isc_boolean_t match_mapped; +}; + +#define DNS_ACL_MAGIC ISC_MAGIC('D','a','c','l') +#define DNS_ACL_VALID(a) ISC_MAGIC_VALID(a, DNS_ACL_MAGIC) + +/*** + *** Functions + ***/ + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_acl_create(isc_mem_t *mctx, int n, dns_acl_t **target); +/* + * Create a new ACL with room for 'n' elements. + * The elements are uninitialized and the length is 0. + */ + +isc_result_t +dns_acl_appendelement(dns_acl_t *acl, dns_aclelement_t *elt); +/* + * Append an element to an existing ACL. + */ + +isc_result_t +dns_acl_any(isc_mem_t *mctx, dns_acl_t **target); +/* + * Create a new ACL that matches everything. + */ + +isc_result_t +dns_acl_none(isc_mem_t *mctx, dns_acl_t **target); +/* + * Create a new ACL that matches nothing. + */ + +void +dns_acl_attach(dns_acl_t *source, dns_acl_t **target); + +void +dns_acl_detach(dns_acl_t **aclp); + +isc_boolean_t +dns_aclelement_equal(dns_aclelement_t *ea, dns_aclelement_t *eb); + +isc_boolean_t +dns_acl_equal(dns_acl_t *a, dns_acl_t *b); + +isc_boolean_t +dns_acl_isinsecure(dns_acl_t *a); +/* + * Return ISC_TRUE iff the acl 'a' is considered insecure, that is, + * if it contains IP addresses other than those of the local host. + * This is intended for applications such as printing warning + * messages for suspect ACLs; it is not intended for making access + * control decisions. We make no guarantee that an ACL for which + * this function returns ISC_FALSE is safe. + */ + +isc_result_t +dns_aclenv_init(isc_mem_t *mctx, dns_aclenv_t *env); + +void +dns_aclenv_copy(dns_aclenv_t *t, dns_aclenv_t *s); + +void +dns_aclenv_destroy(dns_aclenv_t *env); + +isc_result_t +dns_acl_match(isc_netaddr_t *reqaddr, + dns_name_t *reqsigner, + dns_acl_t *acl, + dns_aclenv_t *env, + int *match, + dns_aclelement_t **matchelt); +/* + * General, low-level ACL matching. This is expected to + * be useful even for weird stuff like the topology and sortlist statements. + * + * Match the address 'reqaddr', and optionally the key name 'reqsigner', + * against 'acl'. 'reqsigner' may be NULL. + * + * If there is a positive match, '*match' will be set to a positive value + * indicating the distance from the beginning of the list. + * + * If there is a negative match, '*match' will be set to a negative value + * whose absolute value indicates the distance from the beginning of + * the list. + * + * If there is a match (either positive or negative) and 'matchelt' is + * non-NULL, *matchelt will be attached to the primitive + * (non-indirect) address match list element that matched. + * + * If there is no match, *match will be set to zero. + * + * Returns: + * ISC_R_SUCCESS Always succeeds. + */ + +isc_boolean_t +dns_aclelement_match(isc_netaddr_t *reqaddr, + dns_name_t *reqsigner, + dns_aclelement_t *e, + dns_aclenv_t *env, + dns_aclelement_t **matchelt); +/* + * Like dns_acl_match, but matches against the single ACL element 'e' + * rather than a complete list and returns ISC_TRUE iff it matched. + * To determine whether the match was prositive or negative, the + * caller should examine e->negative. Since the element 'e' may be + * a reference to a named ACL or a nested ACL, the matching element + * returned through 'matchelt' is not necessarily 'e' itself. + */ + +isc_result_t +dns_acl_elementmatch(dns_acl_t *acl, + dns_aclelement_t *elt, + dns_aclelement_t **matchelt); +/* + * Search for an ACL element in 'acl' which is exactly the same as 'elt'. + * If there is one, and 'matchelt' is non NULL, then '*matchelt' will point + * to the entry. + * + * This function is intended to be used for avoiding duplicated ACL entries + * before adding an entry. + * + * Returns: + * ISC_R_SUCCESS Match succeeds. + * ISC_R_NOTFOUND Match fails. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_ACL_H */ diff --git a/contrib/bind9/lib/dns/include/dns/adb.h b/contrib/bind9/lib/dns/include/dns/adb.h new file mode 100644 index 0000000..7a17eff --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/adb.h @@ -0,0 +1,596 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: adb.h,v 1.66.2.5.2.4 2004/03/06 08:13:50 marka Exp $ */ + +#ifndef DNS_ADB_H +#define DNS_ADB_H 1 + +/***** + ***** Module Info + *****/ + +/* + * DNS Address Database + * + * This module implements an address database (ADB) for mapping a name + * to an isc_sockaddr_t. It also provides statistical information on + * how good that address might be. + * + * A client will pass in a dns_name_t, and the ADB will walk through + * the rdataset looking up addresses associated with the name. If it + * is found on the internal lists, a structure is filled in with the + * address information and stats for found addresses. + * + * If the name cannot be found on the internal lists, a new entry will + * be created for a name if all the information needed can be found + * in the zone table or cache. This new address will then be returned. + * + * If a request must be made to remote servers to satisfy a name lookup, + * this module will start fetches to try to complete these addresses. When + * at least one more completes, an event is sent to the caller. If none of + * them resolve before the fetch times out, an event indicating this is + * sent instead. + * + * Records are stored internally until a timer expires. The timer is the + * smaller of the TTL or signature validity period. + * + * Lameness is stored per-zone, and this data hangs off each address field. + * When an address is marked lame for a given zone the address will not + * be returned to a caller. + * + * + * MP: + * + * The ADB takes care of all necessary locking. + * + * Only the task which initiated the name lookup can cancel the lookup. + * + * + * Security: + * + * None, since all data stored is required to be pre-filtered. + * (Cache needs to be sane, fetches return bounds-checked and sanity- + * checked data, caller passes a good dns_name_t for the zone, etc) + */ + +/*** + *** Imports + ***/ + +#include <isc/lang.h> +#include <isc/magic.h> +#include <isc/mem.h> +#include <isc/sockaddr.h> + +#include <dns/types.h> +#include <dns/view.h> + +ISC_LANG_BEGINDECLS + +/*** + *** Magic number checks + ***/ + +#define DNS_ADBFIND_MAGIC ISC_MAGIC('a','d','b','H') +#define DNS_ADBFIND_VALID(x) ISC_MAGIC_VALID(x, DNS_ADBFIND_MAGIC) +#define DNS_ADBADDRINFO_MAGIC ISC_MAGIC('a','d','A','I') +#define DNS_ADBADDRINFO_VALID(x) ISC_MAGIC_VALID(x, DNS_ADBADDRINFO_MAGIC) + + +/*** + *** TYPES + ***/ + +typedef struct dns_adbname dns_adbname_t; + +/* dns_adbfind_t + * + * Represents a lookup for a single name. + * + * On return, the client can safely use "list", and can reorder the list. + * Items may not be _deleted_ from this list, however, or added to it + * other than by using the dns_adb_*() API. + */ +struct dns_adbfind { + /* Public */ + unsigned int magic; /* RO: magic */ + dns_adbaddrinfolist_t list; /* RO: list of addrs */ + unsigned int query_pending; /* RO: partial list */ + unsigned int partial_result; /* RO: addrs missing */ + unsigned int options; /* RO: options */ + isc_result_t result_v4; /* RO: v4 result */ + isc_result_t result_v6; /* RO: v6 result */ + ISC_LINK(dns_adbfind_t) publink; /* RW: client use */ + + /* Private */ + isc_mutex_t lock; /* locks all below */ + in_port_t port; + int name_bucket; + unsigned int flags; + dns_adbname_t *adbname; + dns_adb_t *adb; + isc_event_t event; + ISC_LINK(dns_adbfind_t) plink; +}; + +/* + * _INET: + * _INET6: + * return addresses of that type. + * + * _EMPTYEVENT: + * Only schedule an event if no addresses are known. + * Must set _WANTEVENT for this to be meaningful. + * + * _WANTEVENT: + * An event is desired. Check this bit in the returned find to see + * if one will actually be generated. + * + * _AVOIDFETCHES: + * If set, fetches will not be generated unless no addresses are + * available in any of the address families requested. + * + * _STARTATZONE: + * Fetches will start using the closest zone data or use the root servers. + * This is useful for reestablishing glue that has expired. + * + * _GLUEOK: + * _HINTOK: + * Glue or hints are ok. These are used when matching names already + * in the adb, and when dns databases are searched. + * + * _RETURNLAME: + * Return lame servers in a find, so that all addresses are returned. + * + * _LAMEPRUNED: + * At least one address was omitted from the list because it was lame. + * This bit will NEVER be set if _RETURNLAME is set in the createfind(). + */ +#define DNS_ADBFIND_INET 0x00000001 +#define DNS_ADBFIND_INET6 0x00000002 +#define DNS_ADBFIND_ADDRESSMASK 0x00000003 + +#define DNS_ADBFIND_EMPTYEVENT 0x00000004 +#define DNS_ADBFIND_WANTEVENT 0x00000008 +#define DNS_ADBFIND_AVOIDFETCHES 0x00000010 +#define DNS_ADBFIND_STARTATZONE 0x00000020 +#define DNS_ADBFIND_GLUEOK 0x00000040 +#define DNS_ADBFIND_HINTOK 0x00000080 +#define DNS_ADBFIND_RETURNLAME 0x00000100 +#define DNS_ADBFIND_LAMEPRUNED 0x00000200 + +/* dns_adbaddrinfo_t + * + * The answers to queries come back as a list of these. + */ +struct dns_adbaddrinfo { + unsigned int magic; /* private */ + + isc_sockaddr_t sockaddr; /* [rw] */ + unsigned int srtt; /* [rw] microseconds */ + unsigned int flags; /* [rw] */ + dns_adbentry_t *entry; /* private */ + ISC_LINK(dns_adbaddrinfo_t) publink; +}; + +/* + * The event sent to the caller task is just a plain old isc_event_t. It + * contains no data other than a simple status, passed in the "type" field + * to indicate that another address resolved, or all partially resolved + * addresses have failed to resolve. + * + * "sender" is the dns_adbfind_t used to issue this query. + * + * This is simply a standard event, with the "type" set to: + * + * DNS_EVENT_ADBMOREADDRESSES -- another address resolved. + * DNS_EVENT_ADBNOMOREADDRESSES -- all pending addresses failed, + * were canceled, or otherwise will + * not be usable. + * DNS_EVENT_ADBCANCELED -- The request was canceled by a + * 3rd party. + * DNS_EVENT_ADBNAMEDELETED -- The name was deleted, so this request + * was canceled. + * + * In each of these cases, the addresses returned by the initial call + * to dns_adb_createfind() can still be used until they are no longer needed. + */ + +/**** + **** FUNCTIONS + ****/ + + +isc_result_t +dns_adb_create(isc_mem_t *mem, dns_view_t *view, isc_timermgr_t *tmgr, + isc_taskmgr_t *taskmgr, dns_adb_t **newadb); +/* + * Create a new ADB. + * + * Notes: + * + * Generally, applications should not create an ADB directly, but + * should instead call dns_view_createresolver(). + * + * Requires: + * + * 'mem' must be a valid memory context. + * + * 'view' be a pointer to a valid view. + * + * 'tmgr' be a pointer to a valid timer manager. + * + * 'taskmgr' be a pointer to a valid task manager. + * + * 'newadb' != NULL && '*newadb' == NULL. + * + * Returns: + * + * ISC_R_SUCCESS after happiness. + * ISC_R_NOMEMORY after resource allocation failure. + */ + +void +dns_adb_attach(dns_adb_t *adb, dns_adb_t **adbp); +/* + * Attach to an 'adb' to 'adbp'. + * + * Requires: + * 'adb' to be a valid dns_adb_t, created via dns_adb_create(). + * 'adbp' to be a valid pointer to a *dns_adb_t which is initialized + * to NULL. + */ + +void +dns_adb_detach(dns_adb_t **adb); +/* + * Delete the ADB. Sets *ADB to NULL. Cancels any outstanding requests. + * + * Requires: + * + * 'adb' be non-NULL and '*adb' be a valid dns_adb_t, created via + * dns_adb_create(). + */ + +void +dns_adb_whenshutdown(dns_adb_t *adb, isc_task_t *task, isc_event_t **eventp); +/* + * Send '*eventp' to 'task' when 'adb' has shutdown. + * + * Requires: + * + * '*adb' is a valid dns_adb_t. + * + * eventp != NULL && *eventp is a valid event. + * + * Ensures: + * + * *eventp == NULL + * + * The event's sender field is set to the value of adb when the event + * is sent. + */ + +void +dns_adb_shutdown(dns_adb_t *adb); +/* + * Shutdown 'adb'. + * + * Requires: + * + * '*adb' is a valid dns_adb_t. + */ + +isc_result_t +dns_adb_createfind(dns_adb_t *adb, isc_task_t *task, isc_taskaction_t action, + void *arg, dns_name_t *name, dns_name_t *zone, + unsigned int options, isc_stdtime_t now, dns_name_t *target, + in_port_t port, dns_adbfind_t **find); +/* + * Main interface for clients. The adb will look up the name given in + * "name" and will build up a list of found addresses, and perhaps start + * internal fetches to resolve names that are unknown currently. + * + * If other addresses resolve after this call completes, an event will + * be sent to the <task, taskaction, arg> with the sender of that event + * set to a pointer to the dns_adbfind_t returned by this function. + * + * If no events will be generated, the *find->result_v4 and/or result_v6 + * members may be examined for address lookup status. The usual ISC_R_SUCCESS, + * ISC_R_FAILURE, and DNS_R_NX{DOMAIN,RRSET} are returned, along with + * ISC_R_NOTFOUND meaning the ADB has not _yet_ found the values. In this + * latter case, retrying may produce more addresses. + * + * If events will be returned, the result_v[46] members are only valid + * when that event is actually returned. + * + * The list of addresses returned is unordered. The caller must impose + * any ordering required. The list will not contain "known bad" addresses, + * however. For instance, it will not return hosts that are known to be + * lame for the zone in question. + * + * The caller cannot (directly) modify the contents of the address list's + * fields other than the "link" field. All values can be read at any + * time, however. + * + * The "now" parameter is used only for determining which entries that + * have a specific time to live or expire time should be removed from + * the running database. If specified as zero, the current time will + * be retrieved and used. + * + * If 'target' is not NULL and 'name' is an alias (i.e. the name is + * CNAME'd or DNAME'd to another name), then 'target' will be updated with + * the domain name that 'name' is aliased to. + * + * All addresses returned will have the sockaddr's port set to 'port.' + * The caller may change them directly in the dns_adbaddrinfo_t since + * they are copies of the internal address only. + * + * XXXMLG Document options, especially the flags which control how + * events are sent. + * + * Requires: + * + * *adb be a valid isc_adb_t object. + * + * If events are to be sent, *task be a valid task, + * and isc_taskaction_t != NULL. + * + * *name is a valid dns_name_t. + * + * zone != NULL and *zone be a valid dns_name_t. + * + * target == NULL or target is a valid name with a buffer. + * + * find != NULL && *find == NULL. + * + * Returns: + * + * ISC_R_SUCCESS Addresses might have been returned, and events will be + * delivered for unresolved addresses. + * ISC_R_NOMORE Addresses might have been returned, but no events + * will ever be posted for this context. This is only + * returned if task != NULL. + * ISC_R_NOMEMORY insufficient resources + * DNS_R_ALIAS 'name' is an alias for another name. + * + * Calls, and returns error codes from: + * + * isc_stdtime_get() + * + * Notes: + * + * No internal reference to "name" exists after this function + * returns. + */ + +void +dns_adb_cancelfind(dns_adbfind_t *find); +/* + * Cancels the find, and sends the event off to the caller. + * + * It is an error to call dns_adb_cancelfind() on a find where + * no event is wanted, or will ever be sent. + * + * Note: + * + * It is possible that the real completion event was posted just + * before the dns_adb_cancelfind() call was made. In this case, + * dns_adb_cancelfind() will do nothing. The event callback needs + * to be prepared to find this situation (i.e. result is valid but + * the caller expects it to be canceled). + * + * Requires: + * + * 'find' be a valid dns_adbfind_t pointer. + * + * events would have been posted to the task. This can be checked + * with (find->options & DNS_ADBFIND_WANTEVENT). + * + * Ensures: + * + * The event was posted to the task. + */ + +void +dns_adb_destroyfind(dns_adbfind_t **find); +/* + * Destroys the find reference. + * + * Note: + * + * This can only be called after the event was delivered for a + * find. Additionally, the event MUST have been freed via + * isc_event_free() BEFORE this function is called. + * + * Requires: + * + * 'find' != NULL and *find be valid dns_adbfind_t pointer. + * + * Ensures: + * + * No "address found" events will be posted to the originating task + * after this function returns. + */ + +void +dns_adb_dump(dns_adb_t *adb, FILE *f); +/* + * This function is only used for debugging. It will dump as much of the + * state of the running system as possible. + * + * Requires: + * + * adb be valid. + * + * f != NULL, and is a file open for writing. + */ + +void +dns_adb_dumpfind(dns_adbfind_t *find, FILE *f); +/* + * This function is only used for debugging. Dump the data associated + * with a find. + * + * Requires: + * + * find is valid. + * + * f != NULL, and is a file open for writing. + */ + +isc_result_t +dns_adb_marklame(dns_adb_t *adb, dns_adbaddrinfo_t *addr, dns_name_t *zone, + isc_stdtime_t expire_time); +/* + * Mark the given address as lame for the zone "zone". expire_time should + * be set to the time when the entry should expire. That is, if it is to + * expire 10 minutes in the future, it should set it to (now + 10 * 60). + * + * Requires: + * + * adb be valid. + * + * addr be valid. + * + * zone be the zone used in the dns_adb_createfind() call. + * + * Returns: + * + * ISC_R_SUCCESS -- all is well. + * ISC_R_NOMEMORY -- could not mark address as lame. + */ + +/* + * A reasonable default for RTT adjustments + */ +#define DNS_ADB_RTTADJDEFAULT 7 /* default scale */ +#define DNS_ADB_RTTADJREPLACE 0 /* replace with our rtt */ +#define DNS_ADB_RTTADJAGE 10 /* age this rtt */ + +void +dns_adb_adjustsrtt(dns_adb_t *adb, dns_adbaddrinfo_t *addr, + unsigned int rtt, unsigned int factor); +/* + * Mix the round trip time into the existing smoothed rtt. The formula used + * (where srtt is the existing rtt value, and rtt and factor are arguments to + * this function): + * + * new_srtt = (old_srtt / 10 * factor) + (rtt / 10 * (10 - factor)); + * + * XXXRTH Do we want to publish the formula? What if we want to change how + * this works later on? Recommend/require that the units are + * microseconds? + * + * Requires: + * + * adb be valid. + * + * addr be valid. + * + * 0 <= factor <= 10 + * + * Note: + * + * The srtt in addr will be updated to reflect the new global + * srtt value. This may include changes made by others. + */ + +void +dns_adb_changeflags(dns_adb_t *adb, dns_adbaddrinfo_t *addr, + unsigned int bits, unsigned int mask); +/* + * Set the flags as given by: + * + * newflags = (oldflags & ~mask) | (bits & mask); + * + * Requires: + * + * adb be valid. + * + * addr be valid. + */ + +isc_result_t +dns_adb_findaddrinfo(dns_adb_t *adb, isc_sockaddr_t *sa, + dns_adbaddrinfo_t **addrp, isc_stdtime_t now); +/* + * Return a dns_adbaddrinfo_t that is associated with address 'sa'. + * + * Requires: + * + * adb is valid. + * + * sa is valid. + * + * addrp != NULL && *addrp == NULL + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * ISC_R_SHUTTINGDOWN + */ + +void +dns_adb_freeaddrinfo(dns_adb_t *adb, dns_adbaddrinfo_t **addrp); +/* + * Free a dns_adbaddrinfo_t allocated by dns_adb_findaddrinfo(). + * + * Requires: + * + * adb is valid. + * + * *addrp is a valid dns_adbaddrinfo_t *. + */ + +void +dns_adb_flush(dns_adb_t *adb); +/* + * Flushes all cached data from the adb. + * + * Requires: + * adb is valid. + */ + +void +dns_adb_setadbsize(dns_adb_t *adb, isc_uint32_t size); +/* + * Set a target memory size. If memory usage exceeds the target + * size entries will be removed before they would have expired on + * a random basis. + * + * If 'size' is 0 then memory usage is unlimited. + * + * Requires: + * 'adb' is valid. + */ + +void +dns_adb_flushname(dns_adb_t *adb, dns_name_t *name); +/* + * Flush 'name' from the adb cache. + * + * Requires: + * 'adb' is valid. + * 'name' is valid. + */ + + +ISC_LANG_ENDDECLS + +#endif /* DNS_ADB_H */ diff --git a/contrib/bind9/lib/dns/include/dns/bit.h b/contrib/bind9/lib/dns/include/dns/bit.h new file mode 100644 index 0000000..e4a7d20 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/bit.h @@ -0,0 +1,37 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2000, 2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: bit.h,v 1.7.206.1 2004/03/06 08:13:51 marka Exp $ */ + +#ifndef DNS_BIT_H +#define DNS_BIT_H 1 + +#include <isc/int.h> +#include <isc/boolean.h> + +typedef isc_uint64_t dns_bitset_t; + +#define DNS_BIT_SET(bit, bitset) \ + (*(bitset) |= ((dns_bitset_t)1 << (bit))) +#define DNS_BIT_CLEAR(bit, bitset) \ + (*(bitset) &= ~((dns_bitset_t)1 << (bit))) +#define DNS_BIT_CHECK(bit, bitset) \ + ISC_TF((*(bitset) & ((dns_bitset_t)1 << (bit))) \ + == ((dns_bitset_t)1 << (bit))) + +#endif /* DNS_BIT_H */ + diff --git a/contrib/bind9/lib/dns/include/dns/byaddr.h b/contrib/bind9/lib/dns/include/dns/byaddr.h new file mode 100644 index 0000000..8f69cd9 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/byaddr.h @@ -0,0 +1,169 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2000-2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: byaddr.h,v 1.12.2.1.2.4 2004/03/08 09:04:34 marka Exp $ */ + +#ifndef DNS_BYADDR_H +#define DNS_BYADDR_H 1 + +/***** + ***** Module Info + *****/ + +/* + * DNS ByAddr + * + * The byaddr module provides reverse lookup services for IPv4 and IPv6 + * addresses. + * + * MP: + * The module ensures appropriate synchronization of data structures it + * creates and manipulates. + * + * Reliability: + * No anticipated impact. + * + * Resources: + * <TBS> + * + * Security: + * No anticipated impact. + * + * Standards: + * RFCs: 1034, 1035, 2181, <TBS> + * Drafts: <TBS> + */ + +#include <isc/lang.h> +#include <isc/event.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +/* + * A 'dns_byaddrevent_t' is returned when a byaddr completes. + * The sender field will be set to the byaddr that completed. If 'result' + * is ISC_R_SUCCESS, then 'names' will contain a list of names associated + * with the address. The recipient of the event must not change the list + * and must not refer to any of the name data after the event is freed. + */ +typedef struct dns_byaddrevent { + ISC_EVENT_COMMON(struct dns_byaddrevent); + isc_result_t result; + dns_namelist_t names; +} dns_byaddrevent_t; + +/* + * This option is deprecated since we now only consider nibbles. +#define DNS_BYADDROPT_IPV6NIBBLE 0x0001 + */ +#define DNS_BYADDROPT_IPV6INT 0x0002 + +isc_result_t +dns_byaddr_create(isc_mem_t *mctx, isc_netaddr_t *address, dns_view_t *view, + unsigned int options, isc_task_t *task, + isc_taskaction_t action, void *arg, dns_byaddr_t **byaddrp); +/* + * Find the domain name of 'address'. + * + * Notes: + * + * There is a reverse lookup format for IPv6 addresses, 'nibble' + * + * The 'nibble' format for that address is + * + * 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa. + * + * DNS_BYADDROPT_IPV6INT can be used to get nibble lookups under ip6.int. + * + * Requires: + * + * 'mctx' is a valid mctx. + * + * 'address' is a valid IPv4 or IPv6 address. + * + * 'view' is a valid view which has a resolver. + * + * 'task' is a valid task. + * + * byaddrp != NULL && *byaddrp == NULL + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * + * Any resolver-related error (e.g. ISC_R_SHUTTINGDOWN) may also be + * returned. + */ + +void +dns_byaddr_cancel(dns_byaddr_t *byaddr); +/* + * Cancel 'byaddr'. + * + * Notes: + * + * If 'byaddr' has not completed, post its BYADDRDONE event with a + * result code of ISC_R_CANCELED. + * + * Requires: + * + * 'byaddr' is a valid byaddr. + */ + +void +dns_byaddr_destroy(dns_byaddr_t **byaddrp); +/* + * Destroy 'byaddr'. + * + * Requires: + * + * '*byaddrp' is a valid byaddr. + * + * The caller has received the BYADDRDONE event (either because the + * byaddr completed or because dns_byaddr_cancel() was called). + * + * Ensures: + * + * *byaddrp == NULL. + */ + +isc_result_t +dns_byaddr_createptrname(isc_netaddr_t *address, isc_boolean_t nibble, + dns_name_t *name); + +isc_result_t +dns_byaddr_createptrname2(isc_netaddr_t *address, unsigned int options, + dns_name_t *name); +/* + * Creates a name that would be used in a PTR query for this address. The + * nibble flag indicates that the 'nibble' format is to be used if an IPv6 + * address is provided, instead of the 'bitstring' format. Since we dropped + * the support of the bitstring labels, it is expected that the flag is always + * set. 'options' are the same as for dns_byaddr_create(). + * + * Requires: + * + * 'address' is a valid address. + * 'name' is a valid name with a dedicated buffer. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_BYADDR_H */ diff --git a/contrib/bind9/lib/dns/include/dns/cache.h b/contrib/bind9/lib/dns/include/dns/cache.h new file mode 100644 index 0000000..79c53de --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/cache.h @@ -0,0 +1,255 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: cache.h,v 1.17.12.3 2004/03/08 09:04:34 marka Exp $ */ + +#ifndef DNS_CACHE_H +#define DNS_CACHE_H 1 + +/***** + ***** Module Info + *****/ + +/* + * cache + * + * Defines dns_cache_t, the cache object. + * + * Notes: + * A cache object contains DNS data of a single class. + * Multiple classes will be handled by creating multiple + * views, each with a different class and its own cache. + * + * MP: + * See notes at the individual functions. + * + * Reliability: + * + * Resources: + * + * Security: + * + * Standards: + */ + +/*** + *** Imports + ***/ + +#include <isc/lang.h> +#include <isc/stdtime.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +/*** + *** Functions + ***/ + +isc_result_t +dns_cache_create(isc_mem_t *mctx, isc_taskmgr_t *taskmgr, + isc_timermgr_t *timermgr, dns_rdataclass_t rdclass, + const char *db_type, unsigned int db_argc, char **db_argv, + dns_cache_t **cachep); +/* + * Create a new DNS cache. + * + * Requires: + * + * 'mctx' is a valid memory context + * + * 'taskmgr' is a valid task manager and 'timermgr' is a valid timer + * manager, or both are NULL. If NULL, no periodic cleaning of the + * cache will take place. + * + * 'cachep' is a valid pointer, and *cachep == NULL + * + * Ensures: + * + * '*cachep' is attached to the newly created cache + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + +void +dns_cache_attach(dns_cache_t *cache, dns_cache_t **targetp); +/* + * Attach *targetp to cache. + * + * Requires: + * + * 'cache' is a valid cache. + * + * 'targetp' points to a NULL dns_cache_t *. + * + * Ensures: + * + * *targetp is attached to cache. + */ + +void +dns_cache_detach(dns_cache_t **cachep); +/* + * Detach *cachep from its cache. + * + * Requires: + * + * 'cachep' points to a valid cache. + * + * Ensures: + * + * *cachep is NULL. + * + * If '*cachep' is the last reference to the cache, + * + * All resources used by the cache will be freed + */ + +void +dns_cache_attachdb(dns_cache_t *cache, dns_db_t **dbp); +/* + * Attach *dbp to the cache's database. + * + * Notes: + * + * This may be used to get a reference to the database for + * the purpose of cache lookups (XXX currently it is also + * the way to add data to the cache, but having a + * separate dns_cache_add() interface instead would allow + * more control over memory usage). + * The caller should call dns_db_detach() on the reference + * when it is no longer needed. + * + * Requires: + * + * 'cache' is a valid cache. + * + * 'dbp' points to a NULL dns_db *. + * + * Ensures: + * + * *dbp is attached to the database. + */ + + +isc_result_t +dns_cache_setfilename(dns_cache_t *cahce, char *filename); +/* + * If 'filename' is non-NULL, make the cache persistent. + * The cache's data will be stored in the given file. + * If 'filename' is NULL, make the cache non-persistent. + * Files that are no longer used are not unlinked automatically. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * Various file-related failures + */ + +isc_result_t +dns_cache_load(dns_cache_t *cache); +/* + * If the cache has a file name, load the cache contents from the file. + * Previous cache contents are not discarded. + * If no file name has been set, do nothing and return success. + * + * MT: + * Multiple simultaneous attempts to load or dump the cache + * will be serialized with respect to one another, but + * the cache may be read and updated while the dump is + * in progress. Updates performed during loading + * may or may not be preserved, and reads may return + * either the old or the newly loaded data. + * + * Returns: + * + * ISC_R_SUCCESS + * Various failures depending on the database implementation type + */ + +isc_result_t +dns_cache_dump(dns_cache_t *cache); +/* + * If the cache has a file name, write the cache contents to disk, + * overwriting any preexisting file. If no file name has been set, + * do nothing and return success. + * + * MT: + * Multiple simultaneous attempts to load or dump the cache + * will be serialized with respect to one another, but + * the cache may be read and updated while the dump is + * in progress. Updates performed during the dump may + * or may not be reflected in the dumped file. + * + * Returns: + * + * ISC_R_SUCCESS + * Various failures depending on the database implementation type + */ + +isc_result_t +dns_cache_clean(dns_cache_t *cache, isc_stdtime_t now); +/* + * Force immediate cleaning of the cache, freeing all rdatasets + * whose TTL has expired as of 'now' and that have no pending + * references. + */ + +void +dns_cache_setcleaninginterval(dns_cache_t *cache, unsigned int interval); +/* + * Set the periodic cache cleaning interval to 'interval' seconds. + */ + +void +dns_cache_setcachesize(dns_cache_t *cache, isc_uint32_t size); +/* + * Set the maximum cache size. 0 means unlimited. + */ + +isc_result_t +dns_cache_flush(dns_cache_t *cache); +/* + * Flushes all data from the cache. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + +isc_result_t +dns_cache_flushname(dns_cache_t *cache, dns_name_t *name); +/* + * Flushes a given name from the cache. + * + * Requires: + * 'cache' to be valid. + * 'name' to be valid. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * other error returns. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_CACHE_H */ diff --git a/contrib/bind9/lib/dns/include/dns/callbacks.h b/contrib/bind9/lib/dns/include/dns/callbacks.h new file mode 100644 index 0000000..9c2710a --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/callbacks.h @@ -0,0 +1,83 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2002 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: callbacks.h,v 1.15.2.2.8.1 2004/03/06 08:13:51 marka Exp $ */ + +#ifndef DNS_CALLBACKS_H +#define DNS_CALLBACKS_H 1 + +/*** + *** Imports + ***/ + +#include <isc/lang.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +/*** + *** Types + ***/ + +struct dns_rdatacallbacks { + /* + * dns_load_master calls this when it has rdatasets to commit. + */ + dns_addrdatasetfunc_t add; + /* + * dns_load_master / dns_rdata_fromtext call this to issue a error. + */ + void (*error)(struct dns_rdatacallbacks *, const char *, ...); + /* + * dns_load_master / dns_rdata_fromtext call this to issue a warning. + */ + void (*warn)(struct dns_rdatacallbacks *, const char *, ...); + /* + * Private data handles for use by the above callback functions. + */ + void *add_private; + void *error_private; + void *warn_private; +}; + +/*** + *** Initialization + ***/ + +void +dns_rdatacallbacks_init(dns_rdatacallbacks_t *callbacks); +/* + * Initialize 'callbacks'. + * 'error' and 'warn' are set to default callbacks that print the + * error message through the DNS library log context. + * + * All other elements are initialized to NULL. + * + * Requires: + * 'callbacks' is a valid dns_rdatacallbacks_t, + */ + +void +dns_rdatacallbacks_init_stdio(dns_rdatacallbacks_t *callbacks); +/* + * Like dns_rdatacallbacks_init, but logs to stdio. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_CALLBACKS_H */ diff --git a/contrib/bind9/lib/dns/include/dns/cert.h b/contrib/bind9/lib/dns/include/dns/cert.h new file mode 100644 index 0000000..28a3d4c --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/cert.h @@ -0,0 +1,67 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: cert.h,v 1.12.206.1 2004/03/06 08:13:51 marka Exp $ */ + +#ifndef DNS_CERT_H +#define DNS_CERT_H 1 + +#include <isc/lang.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_cert_fromtext(dns_cert_t *certp, isc_textregion_t *source); +/* + * Convert the text 'source' refers to into a certificate type. + * The text may contain either a mnemonic type name or a decimal type number. + * + * Requires: + * 'certp' is a valid pointer. + * + * 'source' is a valid text region. + * + * Returns: + * ISC_R_SUCCESS on success + * ISC_R_RANGE numeric type is out of range + * DNS_R_UNKNOWN mnemonic type is unknown + */ + +isc_result_t +dns_cert_totext(dns_cert_t cert, isc_buffer_t *target); +/* + * Put a textual representation of certificate type 'cert' into 'target'. + * + * Requires: + * 'cert' is a valid cert. + * + * 'target' is a valid text buffer. + * + * Ensures: + * If the result is success: + * The used space in 'target' is updated. + * + * Returns: + * ISC_R_SUCCESS on success + * ISC_R_NOSPACE target buffer is too small + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_CERT_H */ diff --git a/contrib/bind9/lib/dns/include/dns/compress.h b/contrib/bind9/lib/dns/include/dns/compress.h new file mode 100644 index 0000000..0f6451c --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/compress.h @@ -0,0 +1,248 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2002 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: compress.h,v 1.29.2.2.8.1 2004/03/06 08:13:51 marka Exp $ */ + +#ifndef DNS_COMPRESS_H +#define DNS_COMPRESS_H 1 + +#include <isc/lang.h> +#include <isc/region.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +#define DNS_COMPRESS_NONE 0x00 /* no compression */ +#define DNS_COMPRESS_GLOBAL14 0x01 /* "normal" compression. */ +#define DNS_COMPRESS_ALL 0x01 /* all compression. */ + +/* + * Direct manipulation of the structures is strongly discouraged. + */ + +#define DNS_COMPRESS_TABLESIZE 64 +#define DNS_COMPRESS_INITIALNODES 16 + +typedef struct dns_compressnode dns_compressnode_t; + +struct dns_compressnode { + isc_region_t r; + isc_uint16_t offset; + isc_uint16_t count; + isc_uint8_t labels; + dns_compressnode_t *next; +}; + +struct dns_compress { + unsigned int magic; /* Magic number. */ + unsigned int allowed; /* Allowed methods. */ + int edns; /* Edns version or -1. */ + /* Global compression table. */ + dns_compressnode_t *table[DNS_COMPRESS_TABLESIZE]; + /* Preallocated nodes for the table. */ + dns_compressnode_t initialnodes[DNS_COMPRESS_INITIALNODES]; + isc_uint16_t count; /* Number of nodes. */ + isc_mem_t *mctx; /* Memory context. */ +}; + +typedef enum { + DNS_DECOMPRESS_ANY, /* Any compression */ + DNS_DECOMPRESS_STRICT, /* Allowed compression */ + DNS_DECOMPRESS_NONE /* No compression */ +} dns_decompresstype_t; + +struct dns_decompress { + unsigned int magic; /* Magic number. */ + unsigned int allowed; /* Allowed methods. */ + int edns; /* Edns version or -1. */ + dns_decompresstype_t type; /* Strict checking */ +}; + +isc_result_t +dns_compress_init(dns_compress_t *cctx, int edns, isc_mem_t *mctx); +/* + * Inialise the compression context structure pointed to by 'cctx'. + * + * Requires: + * 'cctx' is a valid dns_compress_t structure. + * 'mctx' is an initialized memory context. + * Ensures: + * cctx->global is initialized. + * + * Returns: + * ISC_R_SUCCESS + * failures from dns_rbt_create() + */ + +void +dns_compress_invalidate(dns_compress_t *cctx); + +/* + * Invalidate the compression structure pointed to by cctx. + * + * Requires: + * 'cctx' to be initialized. + */ + +void +dns_compress_setmethods(dns_compress_t *cctx, unsigned int allowed); + +/* + * Sets allowed compression methods. + * + * Requires: + * 'cctx' to be initialized. + */ + +unsigned int +dns_compress_getmethods(dns_compress_t *cctx); + +/* + * Gets allowed compression methods. + * + * Requires: + * 'cctx' to be initialized. + * + * Returns: + * allowed compression bitmap. + */ + +int +dns_compress_getedns(dns_compress_t *cctx); + +/* + * Gets edns value. + * + * Requires: + * 'cctx' to be initialized. + * + * Returns: + * -1 .. 255 + */ + +isc_boolean_t +dns_compress_findglobal(dns_compress_t *cctx, dns_name_t *name, + dns_name_t *prefix, isc_uint16_t *offset); +/* + * Finds longest possible match of 'name' in the global compression table. + * + * Requires: + * 'cctx' to be initialized. + * 'name' to be a absolute name. + * 'prefix' to be initialized. + * 'offset' to point to an isc_uint16_t. + * + * Ensures: + * 'prefix' and 'offset' are valid if ISC_TRUE is returned. + * + * Returns: + * ISC_TRUE / ISC_FALSE + */ + +void +dns_compress_add(dns_compress_t *cctx, dns_name_t *name, dns_name_t *prefix, + isc_uint16_t offset); +/* + * Add compression pointers for 'name' to the compression table, + * not replacing existing pointers. + * + * Requires: + * 'cctx' initialized + * + * 'name' must be initialized and absolute, and must remain + * valid until the message compression is complete. + * + * 'prefix' must be a prefix returned by + * dns_compress_findglobal(), or the same as 'name'. + */ + +void +dns_compress_rollback(dns_compress_t *cctx, isc_uint16_t offset); + +/* + * Remove any compression pointers from global table >= offset. + * + * Requires: + * 'cctx' is initialized. + */ + +void +dns_decompress_init(dns_decompress_t *dctx, int edns, + dns_decompresstype_t type); + +/* + * Initializes 'dctx'. + * Records 'edns' and 'type' into the structure. + * + * Requires: + * 'dctx' to be a valid pointer. + */ + +void +dns_decompress_invalidate(dns_decompress_t *dctx); + +/* + * Invalidates 'dctx'. + * + * Requires: + * 'dctx' to be initialized + */ + +void +dns_decompress_setmethods(dns_decompress_t *dctx, unsigned int allowed); + +/* + * Sets 'dctx->allowed' to 'allowed'. + * + * Requires: + * 'dctx' to be initialized + */ + +unsigned int +dns_decompress_getmethods(dns_decompress_t *dctx); + +/* + * Returns 'dctx->allowed' + * + * Requires: + * 'dctx' to be initialized + */ + +int +dns_decompress_edns(dns_decompress_t *dctx); + +/* + * Returns 'dctx->edns' + * + * Requires: + * 'dctx' to be initialized + */ + +dns_decompresstype_t +dns_decompress_type(dns_decompress_t *dctx); + +/* + * Returns 'dctx->type' + * + * Requires: + * 'dctx' to be initialized + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_COMPRESS_H */ diff --git a/contrib/bind9/lib/dns/include/dns/db.h b/contrib/bind9/lib/dns/include/dns/db.h new file mode 100644 index 0000000..8e08882 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/db.h @@ -0,0 +1,1271 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: db.h,v 1.67.12.8 2004/05/14 05:06:41 marka Exp $ */ + +#ifndef DNS_DB_H +#define DNS_DB_H 1 + +/***** + ***** Module Info + *****/ + +/* + * DNS DB + * + * The DNS DB interface allows named rdatasets to be stored and retrieved. + * + * The dns_db_t type is like a "virtual class". To actually use + * DBs, an implementation of the class is required. + * + * XXX <more> XXX + * + * MP: + * The module ensures appropriate synchronization of data structures it + * creates and manipulates. + * + * Reliability: + * No anticipated impact. + * + * Resources: + * <TBS> + * + * Security: + * No anticipated impact. + * + * Standards: + * None. + */ + +/***** + ***** Imports + *****/ + +#include <isc/lang.h> +#include <isc/magic.h> +#include <isc/ondestroy.h> +#include <isc/stdtime.h> + +#include <dns/name.h> +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +/***** + ***** Types + *****/ + +typedef struct dns_dbmethods { + void (*attach)(dns_db_t *source, dns_db_t **targetp); + void (*detach)(dns_db_t **dbp); + isc_result_t (*beginload)(dns_db_t *db, dns_addrdatasetfunc_t *addp, + dns_dbload_t **dbloadp); + isc_result_t (*endload)(dns_db_t *db, dns_dbload_t **dbloadp); + isc_result_t (*dump)(dns_db_t *db, dns_dbversion_t *version, + const char *filename); + void (*currentversion)(dns_db_t *db, + dns_dbversion_t **versionp); + isc_result_t (*newversion)(dns_db_t *db, + dns_dbversion_t **versionp); + void (*attachversion)(dns_db_t *db, dns_dbversion_t *source, + dns_dbversion_t **targetp); + void (*closeversion)(dns_db_t *db, + dns_dbversion_t **versionp, + isc_boolean_t commit); + isc_result_t (*findnode)(dns_db_t *db, dns_name_t *name, + isc_boolean_t create, + dns_dbnode_t **nodep); + isc_result_t (*find)(dns_db_t *db, dns_name_t *name, + dns_dbversion_t *version, + dns_rdatatype_t type, unsigned int options, + isc_stdtime_t now, + dns_dbnode_t **nodep, dns_name_t *foundname, + dns_rdataset_t *rdataset, + dns_rdataset_t *sigrdataset); + isc_result_t (*findzonecut)(dns_db_t *db, dns_name_t *name, + unsigned int options, isc_stdtime_t now, + dns_dbnode_t **nodep, + dns_name_t *foundname, + dns_rdataset_t *rdataset, + dns_rdataset_t *sigrdataset); + void (*attachnode)(dns_db_t *db, + dns_dbnode_t *source, + dns_dbnode_t **targetp); + void (*detachnode)(dns_db_t *db, + dns_dbnode_t **targetp); + isc_result_t (*expirenode)(dns_db_t *db, dns_dbnode_t *node, + isc_stdtime_t now); + void (*printnode)(dns_db_t *db, dns_dbnode_t *node, + FILE *out); + isc_result_t (*createiterator)(dns_db_t *db, + isc_boolean_t relative_names, + dns_dbiterator_t **iteratorp); + isc_result_t (*findrdataset)(dns_db_t *db, dns_dbnode_t *node, + dns_dbversion_t *version, + dns_rdatatype_t type, + dns_rdatatype_t covers, + isc_stdtime_t now, + dns_rdataset_t *rdataset, + dns_rdataset_t *sigrdataset); + isc_result_t (*allrdatasets)(dns_db_t *db, dns_dbnode_t *node, + dns_dbversion_t *version, + isc_stdtime_t now, + dns_rdatasetiter_t **iteratorp); + isc_result_t (*addrdataset)(dns_db_t *db, dns_dbnode_t *node, + dns_dbversion_t *version, + isc_stdtime_t now, + dns_rdataset_t *rdataset, + unsigned int options, + dns_rdataset_t *addedrdataset); + isc_result_t (*subtractrdataset)(dns_db_t *db, dns_dbnode_t *node, + dns_dbversion_t *version, + dns_rdataset_t *rdataset, + unsigned int options, + dns_rdataset_t *newrdataset); + isc_result_t (*deleterdataset)(dns_db_t *db, dns_dbnode_t *node, + dns_dbversion_t *version, + dns_rdatatype_t type, + dns_rdatatype_t covers); + isc_boolean_t (*issecure)(dns_db_t *db); + unsigned int (*nodecount)(dns_db_t *db); + isc_boolean_t (*ispersistent)(dns_db_t *db); + void (*overmem)(dns_db_t *db, isc_boolean_t overmem); + void (*settask)(dns_db_t *db, isc_task_t *); +} dns_dbmethods_t; + +typedef isc_result_t +(*dns_dbcreatefunc_t)(isc_mem_t *mctx, dns_name_t *name, + dns_dbtype_t type, dns_rdataclass_t rdclass, + unsigned int argc, char *argv[], void *driverarg, + dns_db_t **dbp); + +#define DNS_DB_MAGIC ISC_MAGIC('D','N','S','D') +#define DNS_DB_VALID(db) ISC_MAGIC_VALID(db, DNS_DB_MAGIC) + +/* + * This structure is actually just the common prefix of a DNS db + * implementation's version of a dns_db_t. + * + * Direct use of this structure by clients is forbidden. DB implementations + * may change the structure. 'magic' must be DNS_DB_MAGIC for any of the + * dns_db_ routines to work. DB implementations must maintain all DB + * invariants. + */ +struct dns_db { + unsigned int magic; + unsigned int impmagic; + dns_dbmethods_t * methods; + isc_uint16_t attributes; + dns_rdataclass_t rdclass; + dns_name_t origin; + isc_ondestroy_t ondest; + isc_mem_t * mctx; +}; + +#define DNS_DBATTR_CACHE 0x01 +#define DNS_DBATTR_STUB 0x02 + +/* + * Options that can be specified for dns_db_find(). + */ +#define DNS_DBFIND_GLUEOK 0x01 +#define DNS_DBFIND_VALIDATEGLUE 0x02 +#define DNS_DBFIND_NOWILD 0x04 +#define DNS_DBFIND_PENDINGOK 0x08 +#define DNS_DBFIND_NOEXACT 0x10 +#define DNS_DBFIND_FORCENSEC 0x20 +#define DNS_DBFIND_COVERINGNSEC 0x40 + +/* + * Options that can be specified for dns_db_addrdataset(). + */ +#define DNS_DBADD_MERGE 0x01 +#define DNS_DBADD_FORCE 0x02 +#define DNS_DBADD_EXACT 0x04 +#define DNS_DBADD_EXACTTTL 0x08 + +/* + * Options that can be specified for dns_db_subtractrdataset(). + */ +#define DNS_DBSUB_EXACT 0x01 + +/***** + ***** Methods + *****/ + +/*** + *** Basic DB Methods + ***/ + +isc_result_t +dns_db_create(isc_mem_t *mctx, const char *db_type, dns_name_t *origin, + dns_dbtype_t type, dns_rdataclass_t rdclass, + unsigned int argc, char *argv[], dns_db_t **dbp); +/* + * Create a new database using implementation 'db_type'. + * + * Notes: + * All names in the database must be subdomains of 'origin' and in class + * 'rdclass'. The database makes its own copy of the origin, so the + * caller may do whatever they like with 'origin' and its storage once the + * call returns. + * + * DB implementation-specific parameters are passed using argc and argv. + * + * Requires: + * + * dbp != NULL and *dbp == NULL + * + * 'origin' is a valid absolute domain name. + * + * mctx is a valid memory context + * + * Ensures: + * + * A copy of 'origin' has been made for the databases use, and the + * caller is free to do whatever they want with the name and storage + * associated with 'origin'. + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * ISC_R_NOTFOUND db_type not found + * + * Many other errors are possible, depending on what db_type was + * specified. + */ + +void +dns_db_attach(dns_db_t *source, dns_db_t **targetp); +/* + * Attach *targetp to source. + * + * Requires: + * + * 'source' is a valid database. + * + * 'targetp' points to a NULL dns_db_t *. + * + * Ensures: + * + * *targetp is attached to source. + */ + +void +dns_db_detach(dns_db_t **dbp); +/* + * Detach *dbp from its database. + * + * Requires: + * + * 'dbp' points to a valid database. + * + * Ensures: + * + * *dbp is NULL. + * + * If '*dbp' is the last reference to the database, + * + * All resources used by the database will be freed + */ + +isc_result_t +dns_db_ondestroy(dns_db_t *db, isc_task_t *task, isc_event_t **eventp); +/* + * Causes 'eventp' to be sent to be sent to 'task' when the database is + * destroyed. + * + * Note; ownership of the eventp is taken from the caller (and *eventp is + * set to NULL). The sender field of the event is set to 'db' before it is + * sent to the task. + */ + +isc_boolean_t +dns_db_iscache(dns_db_t *db); +/* + * Does 'db' have cache semantics? + * + * Requires: + * + * 'db' is a valid database. + * + * Returns: + * ISC_TRUE 'db' has cache semantics + * ISC_FALSE otherwise + */ + +isc_boolean_t +dns_db_iszone(dns_db_t *db); +/* + * Does 'db' have zone semantics? + * + * Requires: + * + * 'db' is a valid database. + * + * Returns: + * ISC_TRUE 'db' has zone semantics + * ISC_FALSE otherwise + */ + +isc_boolean_t +dns_db_isstub(dns_db_t *db); +/* + * Does 'db' have stub semantics? + * + * Requires: + * + * 'db' is a valid database. + * + * Returns: + * ISC_TRUE 'db' has zone semantics + * ISC_FALSE otherwise + */ + +isc_boolean_t +dns_db_issecure(dns_db_t *db); +/* + * Is 'db' secure? + * + * Requires: + * + * 'db' is a valid database with zone semantics. + * + * Returns: + * ISC_TRUE 'db' is secure. + * ISC_FALSE 'db' is not secure. + */ + +dns_name_t * +dns_db_origin(dns_db_t *db); +/* + * The origin of the database. + * + * Note: caller must not try to change this name. + * + * Requires: + * + * 'db' is a valid database. + * + * Returns: + * + * The origin of the database. + */ + +dns_rdataclass_t +dns_db_class(dns_db_t *db); +/* + * The class of the database. + * + * Requires: + * + * 'db' is a valid database. + * + * Returns: + * + * The class of the database. + */ + +isc_result_t +dns_db_beginload(dns_db_t *db, dns_addrdatasetfunc_t *addp, + dns_dbload_t **dbloadp); +/* + * Begin loading 'db'. + * + * Requires: + * + * 'db' is a valid database. + * + * This is the first attempt to load 'db'. + * + * addp != NULL && *addp == NULL + * + * dbloadp != NULL && *dbloadp == NULL + * + * Ensures: + * + * On success, *addp will be a valid dns_addrdatasetfunc_t suitable + * for loading 'db'. *dbloadp will be a valid DB load context which + * should be used as 'arg' when *addp is called. + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * + * Other results are possible, depending upon the database + * implementation used, syntax errors in the master file, etc. + */ + +isc_result_t +dns_db_endload(dns_db_t *db, dns_dbload_t **dbloadp); +/* + * Finish loading 'db'. + * + * Requires: + * + * 'db' is a valid database that is being loaded. + * + * dbloadp != NULL and *dbloadp is a valid database load context. + * + * Ensures: + * + * *dbloadp == NULL + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * + * Other results are possible, depending upon the database + * implementation used, syntax errors in the master file, etc. + */ + +isc_result_t +dns_db_load(dns_db_t *db, const char *filename); +/* + * Load master file 'filename' into 'db'. + * + * Notes: + * This routine is equivalent to calling + * + * dns_db_beginload(); + * dns_master_loadfile(); + * dns_db_endload(); + * + * Requires: + * + * 'db' is a valid database. + * + * This is the first attempt to load 'db'. + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * + * Other results are possible, depending upon the database + * implementation used, syntax errors in the master file, etc. + */ + +isc_result_t +dns_db_dump(dns_db_t *db, dns_dbversion_t *version, const char *filename); +/* + * Dump version 'version' of 'db' to master file 'filename'. + * + * Requires: + * + * 'db' is a valid database. + * + * 'version' is a valid version. + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * + * Other results are possible, depending upon the database + * implementation used, OS file errors, etc. + */ + +/*** + *** Version Methods + ***/ + +void +dns_db_currentversion(dns_db_t *db, dns_dbversion_t **versionp); +/* + * Open the current version for reading. + * + * Requires: + * + * 'db' is a valid database with zone semantics. + * + * versionp != NULL && *verisonp == NULL + * + * Ensures: + * + * On success, '*versionp' is attached to the current version. + * + */ + +isc_result_t +dns_db_newversion(dns_db_t *db, dns_dbversion_t **versionp); +/* + * Open a new version for reading and writing. + * + * Requires: + * + * 'db' is a valid database with zone semantics. + * + * versionp != NULL && *verisonp == NULL + * + * Ensures: + * + * On success, '*versionp' is attached to the current version. + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * + * Other results are possible, depending upon the database + * implementation used. + */ + +void +dns_db_attachversion(dns_db_t *db, dns_dbversion_t *source, + dns_dbversion_t **targetp); +/* + * Attach '*targetp' to 'source'. + * + * Requires: + * + * 'db' is a valid database with zone semantics. + * + * source is a valid open version + * + * targetp != NULL && *targetp == NULL + * + * Ensures: + * + * '*targetp' is attached to source. + */ + +void +dns_db_closeversion(dns_db_t *db, dns_dbversion_t **versionp, + isc_boolean_t commit); +/* + * Close version '*versionp'. + * + * Note: if '*versionp' is a read-write version and 'commit' is ISC_TRUE, + * then all changes made in the version will take effect, otherwise they + * will be rolled back. The value if 'commit' is ignored for read-only + * versions. + * + * Requires: + * + * 'db' is a valid database with zone semantics. + * + * '*versionp' refers to a valid version. + * + * If committing a writable version, then there must be no other + * outstanding references to the version (e.g. an active rdataset + * iterator). + * + * Ensures: + * + * *versionp == NULL + * + * If *versionp is a read-write version, and commit is ISC_TRUE, then + * the version will become the current version. If !commit, then all + * changes made in the version will be undone, and the version will + * not become the current version. + */ + +/*** + *** Node Methods + ***/ + +isc_result_t +dns_db_findnode(dns_db_t *db, dns_name_t *name, isc_boolean_t create, + dns_dbnode_t **nodep); +/* + * Find the node with name 'name'. + * + * Notes: + * If 'create' is ISC_TRUE and no node with name 'name' exists, then + * such a node will be created. + * + * This routine is for finding or creating a node with the specified + * name. There are no partial matches. It is not suitable for use + * in building responses to ordinary DNS queries; clients which wish + * to do that should use dns_db_find() instead. + * + * Requires: + * + * 'db' is a valid database. + * + * 'name' is a valid, non-empty, absolute name. + * + * nodep != NULL && *nodep == NULL + * + * Ensures: + * + * On success, *nodep is attached to the node with name 'name'. + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOTFOUND If !create and name not found. + * ISC_R_NOMEMORY Can only happen if create is ISC_TRUE. + * + * Other results are possible, depending upon the database + * implementation used. + */ + +isc_result_t +dns_db_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version, + dns_rdatatype_t type, unsigned int options, isc_stdtime_t now, + dns_dbnode_t **nodep, dns_name_t *foundname, + dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset); +/* + * Find the best match for 'name' and 'type' in version 'version' of 'db'. + * + * Notes: + * + * If type == dns_rdataset_any, then rdataset will not be bound. + * + * If 'options' does not have DNS_DBFIND_GLUEOK set, then no glue will + * be returned. For zone databases, glue is as defined in RFC 2181. + * For cache databases, glue is any rdataset with a trust of + * dns_trust_glue. + * + * If 'options' does not have DNS_DBFIND_PENDINGOK set, then no + * pending data will be returned. This option is only meaningful for + * cache databases. + * + * If the DNS_DBFIND_NOWILD option is set, then wildcard matching will + * be disabled. This option is only meaningful for zone databases. + * + * If the DNS_DBFIND_FORCENSEC option is set, the database is assumed to + * have NSEC records, and these will be returned when appropriate. This + * is only necessary when querying a database that was not secure + * when created. + * + * If the DNS_DBFIND_COVERINGNSEC option is set, then look for a + * NSEC record that potentially covers 'name' if a answer cannot + * be found. Note the returned NSEC needs to be checked to ensure + * that it is correct. This only affects answers returned from the + * cache. + * + * To respond to a query for SIG records, the caller should create a + * rdataset iterator and extract the signatures from each rdataset. + * + * Making queries of type ANY with DNS_DBFIND_GLUEOK is not recommended, + * because the burden of determining whether a given rdataset is valid + * glue or not falls upon the caller. + * + * The 'now' field is ignored if 'db' is a zone database. If 'db' is a + * cache database, an rdataset will not be found unless it expires after + * 'now'. Any ANY query will not match unless at least one rdataset at + * the node expires after 'now'. If 'now' is zero, then the current time + * will be used. + * + * Requires: + * + * 'db' is a valid database. + * + * 'type' is not SIG, or a meta-RR type other than 'ANY' (e.g. 'OPT'). + * + * 'nodep' is NULL, or nodep is a valid pointer and *nodep == NULL. + * + * 'foundname' is a valid name with a dedicated buffer. + * + * 'rdataset' is NULL, or is a valid unassociated rdataset. + * + * Ensures: + * On a non-error completion: + * + * If nodep != NULL, then it is bound to the found node. + * + * If foundname != NULL, then it contains the full name of the + * found node. + * + * If rdataset != NULL and type != dns_rdatatype_any, then + * rdataset is bound to the found rdataset. + * + * Returns: + * + * Non-error results are: + * + * ISC_R_SUCCESS The desired node and type were + * found. + * + * DNS_R_WILDCARD The desired node and type were + * found after performing + * wildcard matching. This is + * only returned if the + * DNS_DBFIND_INDICATEWILD + * option is set; otherwise + * ISC_R_SUCCESS is returned. + * + * DNS_R_GLUE The desired node and type were + * found, but are glue. This + * result can only occur if + * the DNS_DBFIND_GLUEOK option + * is set. This result can only + * occur if 'db' is a zone + * database. If type == + * dns_rdatatype_any, then the + * node returned may contain, or + * consist entirely of invalid + * glue (i.e. data occluded by a + * zone cut). The caller must + * take care not to return invalid + * glue to a client. + * + * DNS_R_DELEGATION The data requested is beneath + * a zone cut. node, foundname, + * and rdataset reference the + * NS RRset of the zone cut. + * If 'db' is a cache database, + * then this is the deepest known + * delegation. + * + * DNS_R_ZONECUT type == dns_rdatatype_any, and + * the desired node is a zonecut. + * The caller must take care not + * to return inappropriate glue + * to a client. This result can + * only occur if 'db' is a zone + * database and DNS_DBFIND_GLUEOK + * is set. + * + * DNS_R_DNAME The data requested is beneath + * a DNAME. node, foundname, + * and rdataset reference the + * DNAME RRset. + * + * DNS_R_CNAME The rdataset requested was not + * found, but there is a CNAME + * at the desired name. node, + * foundname, and rdataset + * reference the CNAME RRset. + * + * DNS_R_NXDOMAIN The desired name does not + * exist. + * + * DNS_R_NXRRSET The desired name exists, but + * the desired type does not. + * + * ISC_R_NOTFOUND The desired name does not + * exist, and no delegation could + * be found. This result can only + * occur if 'db' is a cache + * database. The caller should + * use its nameserver(s) of last + * resort (e.g. root hints). + * + * DNS_R_NCACHENXDOMAIN The desired name does not + * exist. 'node' is bound to the + * cache node with the desired + * name, and 'rdataset' contains + * the negative caching proof. + * + * DNS_R_NCACHENXRRSET The desired type does not + * exist. 'node' is bound to the + * cache node with the desired + * name, and 'rdataset' contains + * the negative caching proof. + * + * DNS_R_EMPTYNAME The name exists but there is + * no data at the name. + * + * DNS_R_COVERINGNSEC The returned data is a NSEC + * that potentially covers 'name'. + * + * Error results: + * + * ISC_R_NOMEMORY + * + * DNS_R_BADDB Data that is required to be + * present in the DB, e.g. an NSEC + * record in a secure zone, is not + * present. + * + * Other results are possible, and should all be treated as + * errors. + */ + +isc_result_t +dns_db_findzonecut(dns_db_t *db, dns_name_t *name, + unsigned int options, isc_stdtime_t now, + dns_dbnode_t **nodep, dns_name_t *foundname, + dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset); +/* + * Find the deepest known zonecut which encloses 'name' in 'db'. + * + * Notes: + * + * If the DNS_DBFIND_NOEXACT option is set, then the zonecut returned + * (if any) will be the deepest known ancestor of 'name'. + * + * If 'now' is zero, then the current time will be used. + * + * Requires: + * + * 'db' is a valid database with cache semantics. + * + * 'nodep' is NULL, or nodep is a valid pointer and *nodep == NULL. + * + * 'foundname' is a valid name with a dedicated buffer. + * + * 'rdataset' is NULL, or is a valid unassociated rdataset. + * + * Ensures: + * On a non-error completion: + * + * If nodep != NULL, then it is bound to the found node. + * + * If foundname != NULL, then it contains the full name of the + * found node. + * + * If rdataset != NULL and type != dns_rdatatype_any, then + * rdataset is bound to the found rdataset. + * + * Returns: + * + * Non-error results are: + * + * ISC_R_SUCCESS + * + * ISC_R_NOTFOUND + * + * Other results are possible, and should all be treated as + * errors. + */ + +void +dns_db_attachnode(dns_db_t *db, dns_dbnode_t *source, dns_dbnode_t **targetp); +/* + * Attach *targetp to source. + * + * Requires: + * + * 'db' is a valid database. + * + * 'source' is a valid node. + * + * 'targetp' points to a NULL dns_node_t *. + * + * Ensures: + * + * *targetp is attached to source. + */ + +void +dns_db_detachnode(dns_db_t *db, dns_dbnode_t **nodep); +/* + * Detach *nodep from its node. + * + * Requires: + * + * 'db' is a valid database. + * + * 'nodep' points to a valid node. + * + * Ensures: + * + * *nodep is NULL. + */ + +isc_result_t +dns_db_expirenode(dns_db_t *db, dns_dbnode_t *node, isc_stdtime_t now); +/* + * Mark as stale all records at 'node' which expire at or before 'now'. + * + * Note: if 'now' is zero, then the current time will be used. + * + * Requires: + * + * 'db' is a valid cache database. + * + * 'node' is a valid node. + */ + +void +dns_db_printnode(dns_db_t *db, dns_dbnode_t *node, FILE *out); +/* + * Print a textual representation of the contents of the node to + * 'out'. + * + * Note: this function is intended for debugging, not general use. + * + * Requires: + * + * 'db' is a valid database. + * + * 'node' is a valid node. + */ + +/*** + *** DB Iterator Creation + ***/ + +isc_result_t +dns_db_createiterator(dns_db_t *db, isc_boolean_t relative_names, + dns_dbiterator_t **iteratorp); +/* + * Create an iterator for version 'version' of 'db'. + * + * Notes: + * + * If 'relative_names' is ISC_TRUE, then node names returned by the + * iterator will be relative to the iterator's current origin. If + * ISC_FALSE, then the node names will be absolute. + * + * Requires: + * + * 'db' is a valid database. + * + * iteratorp != NULL && *iteratorp == NULL + * + * Ensures: + * + * On success, *iteratorp will be a valid database iterator. + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + +/*** + *** Rdataset Methods + ***/ + +/* + * XXXRTH Should we check for glue and pending data in dns_db_findrdataset()? + */ + +isc_result_t +dns_db_findrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, + dns_rdatatype_t type, dns_rdatatype_t covers, + isc_stdtime_t now, dns_rdataset_t *rdataset, + dns_rdataset_t *sigrdataset); +/* + * Search for an rdataset of type 'type' at 'node' that are in version + * 'version' of 'db'. If found, make 'rdataset' refer to it. + * + * Notes: + * + * If 'version' is NULL, then the current version will be used. + * + * Care must be used when using this routine to build a DNS response: + * 'node' should have been found with dns_db_find(), not + * dns_db_findnode(). No glue checking is done. No checking for + * pending data is done. + * + * The 'now' field is ignored if 'db' is a zone database. If 'db' is a + * cache database, an rdataset will not be found unless it expires after + * 'now'. If 'now' is zero, then the current time will be used. + * + * Requires: + * + * 'db' is a valid database. + * + * 'node' is a valid node. + * + * 'rdataset' is a valid, disassociated rdataset. + * + * 'sigrdataset' is a valid, disassociated rdataset, or it is NULL. + * + * If 'covers' != 0, 'type' must be SIG. + * + * 'type' is not a meta-RR type such as 'ANY' or 'OPT'. + * + * Ensures: + * + * On success, 'rdataset' is associated with the found rdataset. + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOTFOUND + * + * Other results are possible, depending upon the database + * implementation used. + */ + +isc_result_t +dns_db_allrdatasets(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, + isc_stdtime_t now, dns_rdatasetiter_t **iteratorp); +/* + * Make '*iteratorp' an rdataset iteratator for all rdatasets at 'node' in + * version 'version' of 'db'. + * + * Notes: + * + * If 'version' is NULL, then the current version will be used. + * + * The 'now' field is ignored if 'db' is a zone database. If 'db' is a + * cache database, an rdataset will not be found unless it expires after + * 'now'. Any ANY query will not match unless at least one rdataset at + * the node expires after 'now'. If 'now' is zero, then the current time + * will be used. + * + * Requires: + * + * 'db' is a valid database. + * + * 'node' is a valid node. + * + * iteratorp != NULL && *iteratorp == NULL + * + * Ensures: + * + * On success, '*iteratorp' is a valid rdataset iterator. + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOTFOUND + * + * Other results are possible, depending upon the database + * implementation used. + */ + +isc_result_t +dns_db_addrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, + isc_stdtime_t now, dns_rdataset_t *rdataset, + unsigned int options, dns_rdataset_t *addedrdataset); +/* + * Add 'rdataset' to 'node' in version 'version' of 'db'. + * + * Notes: + * + * If the database has zone semantics, the DNS_DBADD_MERGE option is set, + * and an rdataset of the same type as 'rdataset' already exists at + * 'node' then the contents of 'rdataset' will be merged with the existing + * rdataset. If the option is not set, then rdataset will replace any + * existing rdataset of the same type. If not merging and the + * DNS_DBADD_FORCE option is set, then the data will update the database + * without regard to trust levels. If not forcing the data, then the + * rdataset will only be added if its trust level is >= the trust level of + * any existing rdataset. Forcing is only meaningful for cache databases. + * If DNS_DBADD_EXACT is set then there must be no rdata in common between + * the old and new rdata sets. If DNS_DBADD_EXACTTTL is set then both + * the old and new rdata sets must have the same ttl. + * + * The 'now' field is ignored if 'db' is a zone database. If 'db' is + * a cache database, then the added rdataset will expire no later than + * now + rdataset->ttl. + * + * If 'addedrdataset' is not NULL, then it will be attached to the + * resulting new rdataset in the database, or to the existing data if + * the existing data was better. + * + * Requires: + * + * 'db' is a valid database. + * + * 'node' is a valid node. + * + * 'rdataset' is a valid, associated rdataset with the same class + * as 'db'. + * + * 'addedrdataset' is NULL, or a valid, unassociated rdataset. + * + * The database has zone semantics and 'version' is a valid + * read-write version, or the database has cache semantics + * and version is NULL. + * + * If the database has cache semantics, the DNS_DBADD_MERGE option must + * not be set. + * + * Returns: + * + * ISC_R_SUCCESS + * DNS_R_UNCHANGED The operation did not change anything. + * ISC_R_NOMEMORY + * DNS_R_NOTEXACT + * + * Other results are possible, depending upon the database + * implementation used. + */ + +isc_result_t +dns_db_subtractrdataset(dns_db_t *db, dns_dbnode_t *node, + dns_dbversion_t *version, dns_rdataset_t *rdataset, + unsigned int options, dns_rdataset_t *newrdataset); +/* + * Remove any rdata in 'rdataset' from 'node' in version 'version' of + * 'db'. + * + * Notes: + * + * If 'newrdataset' is not NULL, then it will be attached to the + * resulting new rdataset in the database, unless the rdataset has + * become nonexistent. If DNS_DBSUB_EXACT is set then all elements + * of 'rdataset' must exist at 'node'. + * + * Requires: + * + * 'db' is a valid database. + * + * 'node' is a valid node. + * + * 'rdataset' is a valid, associated rdataset with the same class + * as 'db'. + * + * 'newrdataset' is NULL, or a valid, unassociated rdataset. + * + * The database has zone semantics and 'version' is a valid + * read-write version. + * + * Returns: + * + * ISC_R_SUCCESS + * DNS_R_UNCHANGED The operation did not change anything. + * DNS_R_NXRRSET All rdata of the same type as those + * in 'rdataset' have been deleted. + * DNS_R_NOTEXACT Some part of 'rdataset' did not + * exist and DNS_DBSUB_EXACT was set. + * + * Other results are possible, depending upon the database + * implementation used. + */ + +isc_result_t +dns_db_deleterdataset(dns_db_t *db, dns_dbnode_t *node, + dns_dbversion_t *version, dns_rdatatype_t type, + dns_rdatatype_t covers); +/* + * Make it so that no rdataset of type 'type' exists at 'node' in version + * version 'version' of 'db'. + * + * Notes: + * + * If 'type' is dns_rdatatype_any, then no rdatasets will exist in + * 'version' (provided that the dns_db_deleterdataset() isn't followed + * by one or more dns_db_addrdataset() calls). + * + * Requires: + * + * 'db' is a valid database. + * + * 'node' is a valid node. + * + * The database has zone semantics and 'version' is a valid + * read-write version, or the database has cache semantics + * and version is NULL. + * + * 'type' is not a meta-RR type, except for dns_rdatatype_any, which is + * allowed. + * + * If 'covers' != 0, 'type' must be SIG. + * + * Returns: + * + * ISC_R_SUCCESS + * DNS_R_UNCHANGED No rdatasets of 'type' existed before + * the operation was attempted. + * + * Other results are possible, depending upon the database + * implementation used. + */ + +isc_result_t +dns_db_getsoaserial(dns_db_t *db, dns_dbversion_t *ver, isc_uint32_t *serialp); +/* + * Get the current SOA serial number from a zone database. + * + * Requires: + * 'db' is a valid database with zone semantics. + * 'ver' is a valid version. + */ + +void +dns_db_overmem(dns_db_t *db, isc_boolean_t overmem); +/* + * Enable / disable agressive cache cleaning. + */ + +unsigned int +dns_db_nodecount(dns_db_t *db); +/* + * Count the number of nodes in 'db'. + * + * Requires: + * + * 'db' is a valid database. + * + * Returns: + * The number of nodes in the database + */ + +void +dns_db_settask(dns_db_t *db, isc_task_t *task); +/* + * If task is set then the final detach maybe performed asynchronously. + * + * Requires: + * 'db' is a valid database. + * 'task' to be valid or NULL. + */ + +isc_boolean_t +dns_db_ispersistent(dns_db_t *db); +/* + * Is 'db' persistent? A persistent database does not need to be loaded + * from disk or written to disk. + * + * Requires: + * + * 'db' is a valid database. + * + * Returns: + * ISC_TRUE 'db' is persistent. + * ISC_FALSE 'db' is not persistent. + */ + +isc_result_t +dns_db_register(const char *name, dns_dbcreatefunc_t create, void *driverarg, + isc_mem_t *mctx, dns_dbimplementation_t **dbimp); + +/* + * Register a new database implementation and add it to the list of + * supported implementations. + * + * Requires: + * + * 'name' is not NULL + * 'order' is a valid function pointer + * 'mctx' is a valid memory context + * dbimp != NULL && *dbimp == NULL + * + * Returns: + * ISC_R_SUCCESS The registration succeeded + * ISC_R_NOMEMORY Out of memory + * ISC_R_EXISTS A database implementation with the same name exists + * + * Ensures: + * + * *dbimp points to an opaque structure which must be passed to + * dns_db_unregister(). + */ + +void +dns_db_unregister(dns_dbimplementation_t **dbimp); +/* + * Remove a database implementation from the the list of supported + * implementations. No databases of this type can be active when this + * is called. + * + * Requires: + * dbimp != NULL && *dbimp == NULL + * + * Ensures: + * + * Any memory allocated in *dbimp will be freed. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_DB_H */ diff --git a/contrib/bind9/lib/dns/include/dns/dbiterator.h b/contrib/bind9/lib/dns/include/dns/dbiterator.h new file mode 100644 index 0000000..8b8cb1b --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/dbiterator.h @@ -0,0 +1,298 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: dbiterator.h,v 1.18.206.1 2004/03/06 08:13:54 marka Exp $ */ + +#ifndef DNS_DBITERATOR_H +#define DNS_DBITERATOR_H 1 + +/***** + ***** Module Info + *****/ + +/* + * DNS DB Iterator + * + * The DNS DB Iterator interface allows iteration of all of the nodes in a + * database. + * + * The dns_dbiterator_t type is like a "virtual class". To actually use + * it, an implementation of the class is required. This implementation is + * supplied by the database. + * + * It is the client's responsibility to call dns_db_detachnode() on all + * nodes returned. + * + * XXX <more> XXX + * + * MP: + * The iterator itself is not locked. The caller must ensure + * synchronization. + * + * The iterator methods ensure appropriate database locking. + * + * Reliability: + * No anticipated impact. + * + * Resources: + * <TBS> + * + * Security: + * No anticipated impact. + * + * Standards: + * None. + */ + +/***** + ***** Imports + *****/ + +#include <isc/lang.h> +#include <isc/magic.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +/***** + ***** Types + *****/ + +typedef struct dns_dbiteratormethods { + void (*destroy)(dns_dbiterator_t **iteratorp); + isc_result_t (*first)(dns_dbiterator_t *iterator); + isc_result_t (*last)(dns_dbiterator_t *iterator); + isc_result_t (*seek)(dns_dbiterator_t *iterator, dns_name_t *name); + isc_result_t (*prev)(dns_dbiterator_t *iterator); + isc_result_t (*next)(dns_dbiterator_t *iterator); + isc_result_t (*current)(dns_dbiterator_t *iterator, + dns_dbnode_t **nodep, dns_name_t *name); + isc_result_t (*pause)(dns_dbiterator_t *iterator); + isc_result_t (*origin)(dns_dbiterator_t *iterator, + dns_name_t *name); +} dns_dbiteratormethods_t; + +#define DNS_DBITERATOR_MAGIC ISC_MAGIC('D','N','S','I') +#define DNS_DBITERATOR_VALID(dbi) ISC_MAGIC_VALID(dbi, DNS_DBITERATOR_MAGIC) +/* + * This structure is actually just the common prefix of a DNS db + * implementation's version of a dns_dbiterator_t. + * + * Clients may use the 'db' field of this structure. Except for that field, + * direct use of this structure by clients is forbidden. DB implementations + * may change the structure. 'magic' must be DNS_DBITERATOR_MAGIC for any of + * the dns_dbiterator routines to work. DB iterator implementations must + * maintain all DB iterator invariants. + */ +struct dns_dbiterator { + /* Unlocked. */ + unsigned int magic; + dns_dbiteratormethods_t * methods; + dns_db_t * db; + isc_boolean_t relative_names; + isc_boolean_t cleaning; +}; + +void +dns_dbiterator_destroy(dns_dbiterator_t **iteratorp); +/* + * Destroy '*iteratorp'. + * + * Requires: + * + * '*iteratorp' is a valid iterator. + * + * Ensures: + * + * All resources used by the iterator are freed. + * + * *iteratorp == NULL. + */ + +isc_result_t +dns_dbiterator_first(dns_dbiterator_t *iterator); +/* + * Move the node cursor to the first node in the database (if any). + * + * Requires: + * 'iterator' is a valid iterator. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMORE There are no nodes in the database. + * + * Other results are possible, depending on the DB implementation. + */ + +isc_result_t +dns_dbiterator_last(dns_dbiterator_t *iterator); +/* + * Move the node cursor to the last node in the database (if any). + * + * Requires: + * 'iterator' is a valid iterator. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMORE There are no nodes in the database. + * + * Other results are possible, depending on the DB implementation. + */ + +isc_result_t +dns_dbiterator_seek(dns_dbiterator_t *iterator, dns_name_t *name); +/* + * Move the node cursor to the node with name 'name'. + * + * Requires: + * 'iterator' is a valid iterator. + * + * 'name' is a valid name. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOTFOUND + * + * Other results are possible, depending on the DB implementation. + */ + +isc_result_t +dns_dbiterator_prev(dns_dbiterator_t *iterator); +/* + * Move the node cursor to the previous node in the database (if any). + * + * Requires: + * 'iterator' is a valid iterator. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMORE There are no more nodes in the + * database. + * + * Other results are possible, depending on the DB implementation. + */ + +isc_result_t +dns_dbiterator_next(dns_dbiterator_t *iterator); +/* + * Move the node cursor to the next node in the database (if any). + * + * Requires: + * 'iterator' is a valid iterator. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMORE There are no more nodes in the + * database. + * + * Other results are possible, depending on the DB implementation. + */ + +isc_result_t +dns_dbiterator_current(dns_dbiterator_t *iterator, dns_dbnode_t **nodep, + dns_name_t *name); +/* + * Return the current node. + * + * Notes: + * If 'name' is not NULL, it will be set to the name of the node. + * + * Requires: + * 'iterator' is a valid iterator. + * + * nodep != NULL && *nodep == NULL + * + * The node cursor of 'iterator' is at a valid location (i.e. the + * result of last call to a cursor movement command was ISC_R_SUCCESS). + * + * 'name' is NULL, or is a valid name with a dedicated buffer. + * + * Returns: + * + * ISC_R_SUCCESS + * DNS_R_NEWORIGIN If this iterator was created with + * 'relative_names' set to ISC_TRUE, + * then DNS_R_NEWORIGIN will be returned + * when the origin the names are + * relative to changes. This result + * can occur only when 'name' is not + * NULL. This is also a successful + * result. + * + * Other results are possible, depending on the DB implementation. + */ + +isc_result_t +dns_dbiterator_pause(dns_dbiterator_t *iterator); +/* + * Pause iteration. + * + * Calling a cursor movement method or dns_dbiterator_current() may cause + * database locks to be acquired. Rather than reacquire these locks every + * time one of these routines is called, the locks may simply be held. + * Calling dns_dbiterator_pause() releases any such locks. Iterator clients + * should call this routine any time they are not going to execute another + * iterator method in the immediate future. + * + * Requires: + * 'iterator' is a valid iterator. + * + * Ensures: + * Any database locks being held for efficiency of iterator access are + * released. + * + * Returns: + * ISC_R_SUCCESS + * + * Other results are possible, depending on the DB implementation. + */ + +isc_result_t +dns_dbiterator_origin(dns_dbiterator_t *iterator, dns_name_t *name); +/* + * Return the origin to which returned node names are relative. + * + * Requires: + * + * 'iterator' is a valid relative_names iterator. + * + * 'name' is a valid name with a dedicated buffer. + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOSPACE + * + * Other results are possible, depending on the DB implementation. + */ + +void +dns_dbiterator_setcleanmode(dns_dbiterator_t *iterator, isc_boolean_t mode); +/* + * Indicate that the given iterator is/is not cleaning the DB. + * + * Notes: + * When 'mode' is ISC_TRUE, + * + * Requires: + * 'iterator' is a valid iterator. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_DBITERATOR_H */ diff --git a/contrib/bind9/lib/dns/include/dns/dbtable.h b/contrib/bind9/lib/dns/include/dns/dbtable.h new file mode 100644 index 0000000..3874b46 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/dbtable.h @@ -0,0 +1,164 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: dbtable.h,v 1.16.206.1 2004/03/06 08:13:55 marka Exp $ */ + +#ifndef DNS_DBTABLE_H +#define DNS_DBTABLE_H 1 + +/***** + ***** Module Info + *****/ + +/* + * DNS DB Tables + * + * XXX <TBS> XXX + * + * MP: + * The module ensures appropriate synchronization of data structures it + * creates and manipulates. + * + * Reliability: + * No anticipated impact. + * + * Resources: + * None. + * + * Security: + * No anticipated impact. + * + * Standards: + * None. + */ + +#include <isc/lang.h> + +#include <dns/types.h> + +#define DNS_DBTABLEFIND_NOEXACT 0x01 + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_dbtable_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, + dns_dbtable_t **dbtablep); +/* + * Make a new dbtable of class 'rdclass' + * + * Requires: + * mctx != NULL + * dbtablep != NULL && *dptablep == NULL + * 'rdclass' is a valid class + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * ISC_R_UNEXPECTED + */ + +void +dns_dbtable_attach(dns_dbtable_t *source, dns_dbtable_t **targetp); +/* + * Attach '*targetp' to 'source'. + * + * Requires: + * + * 'source' is a valid dbtable. + * + * 'targetp' points to a NULL dns_dbtable_t *. + * + * Ensures: + * + * *targetp is attached to source. + */ + +void +dns_dbtable_detach(dns_dbtable_t **dbtablep); +/* + * Detach *dbtablep from its dbtable. + * + * Requires: + * + * '*dbtablep' points to a valid dbtable. + * + * Ensures: + * + * *dbtablep is NULL. + * + * If '*dbtablep' is the last reference to the dbtable, + * + * All resources used by the dbtable will be freed + */ + +isc_result_t +dns_dbtable_add(dns_dbtable_t *dbtable, dns_db_t *db); +/* + * Add 'db' to 'dbtable'. + * + * Requires: + * 'dbtable' is a valid dbtable. + * + * 'db' is a valid database with the same class as 'dbtable' + */ + +void +dns_dbtable_remove(dns_dbtable_t *dbtable, dns_db_t *db); +/* + * Remove 'db' from 'dbtable'. + * + * Requires: + * 'db' was previously added to 'dbtable'. + */ + +void +dns_dbtable_adddefault(dns_dbtable_t *dbtable, dns_db_t *db); +/* + * Use 'db' as the result of a dns_dbtable_find() if no better match is + * available. + */ + +void +dns_dbtable_getdefault(dns_dbtable_t *dbtable, dns_db_t **db); +/* + * Get the 'db' used as the result of a dns_dbtable_find() + * if no better match is available. + */ + +void +dns_dbtable_removedefault(dns_dbtable_t *dbtable); +/* + * Remove the default db from 'dbtable'. + */ + +isc_result_t +dns_dbtable_find(dns_dbtable_t *dbtable, dns_name_t *name, + unsigned int options, dns_db_t **dbp); +/* + * Find the deepest match to 'name' in the dbtable, and return it + * + * Notes: + * If the DNS_DBTABLEFIND_NOEXACT option is set, the best partial + * match (if any) to 'name' will be returned. + * + * Returns: ISC_R_SUCCESS on success + * <something else> no default and match + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_DBTABLE_H */ diff --git a/contrib/bind9/lib/dns/include/dns/diff.h b/contrib/bind9/lib/dns/include/dns/diff.h new file mode 100644 index 0000000..604f702 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/diff.h @@ -0,0 +1,279 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2000, 2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: diff.h,v 1.4.12.3 2004/03/08 09:04:35 marka Exp $ */ + +#ifndef DNS_DIFF_H +#define DNS_DIFF_H 1 + +/***** + ***** Module Info + *****/ + +/* + * A diff is a convenience type representing a list of changes to be + * made to a database. + */ + +/*** + *** Imports + ***/ + +#include <isc/lang.h> +#include <isc/magic.h> + +#include <dns/name.h> +#include <dns/rdata.h> +#include <dns/types.h> + +/*** + *** Types + ***/ + +/* + * A dns_difftuple_t represents a single RR being added or deleted. + * The RR type and class are in the 'rdata' member; the class is always + * the real one, not a DynDNS meta-class, so that the rdatas can be + * compared using dns_rdata_compare(). The TTL is significant + * even for deletions, because a deletion/addition pair cannot + * be canceled out if the TTL differs (it might be an explicit + * TTL update). + * + * Tuples are also used to represent complete RRs with owner + * names for a couple of other purposes, such as the + * individual RRs of a "RRset exists (value dependent)" + * prerequisite set. In this case, op==DNS_DIFFOP_EXISTS, + * and the TTL is ignored. + */ + +typedef enum { + DNS_DIFFOP_ADD, /* Add an RR. */ + DNS_DIFFOP_DEL, /* Delete an RR. */ + DNS_DIFFOP_EXISTS /* Assert RR existence. */ +} dns_diffop_t; + +typedef struct dns_difftuple dns_difftuple_t; + +#define DNS_DIFFTUPLE_MAGIC ISC_MAGIC('D','I','F','T') +#define DNS_DIFFTUPLE_VALID(t) ISC_MAGIC_VALID(t, DNS_DIFFTUPLE_MAGIC) + +struct dns_difftuple { + unsigned int magic; + isc_mem_t *mctx; + dns_diffop_t op; + dns_name_t name; + dns_ttl_t ttl; + dns_rdata_t rdata; + ISC_LINK(dns_difftuple_t) link; + /* Variable-size name data and rdata follows. */ +}; + +/* + * A dns_diff_t represents a set of changes being applied to + * a zone. Diffs are also used to represent "RRset exists + * (value dependent)" prerequisites. + */ +typedef struct dns_diff dns_diff_t; + +#define DNS_DIFF_MAGIC ISC_MAGIC('D','I','F','F') +#define DNS_DIFF_VALID(t) ISC_MAGIC_VALID(t, DNS_DIFF_MAGIC) + +struct dns_diff { + unsigned int magic; + isc_mem_t * mctx; + ISC_LIST(dns_difftuple_t) tuples; +}; + +/* Type of comparision function for sorting diffs. */ +typedef int dns_diff_compare_func(const void *, const void *); + +/*** + *** Functions + ***/ + +ISC_LANG_BEGINDECLS + +/**************************************************************************/ +/* + * Maniuplation of diffs and tuples. + */ + +isc_result_t +dns_difftuple_create(isc_mem_t *mctx, + dns_diffop_t op, dns_name_t *name, dns_ttl_t ttl, + dns_rdata_t *rdata, dns_difftuple_t **tp); +/* + * Create a tuple. Deep copies are made of the name and rdata, so + * they need not remain valid after the call. + * + * Requires: + * *tp != NULL && *tp == NULL. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + +void +dns_difftuple_free(dns_difftuple_t **tp); +/* + * Free a tuple. + * + * Requires: + * **tp is a valid tuple. + * + * Ensures: + * *tp == NULL + * All memory used by the tuple is freed. + */ + +isc_result_t +dns_difftuple_copy(dns_difftuple_t *orig, dns_difftuple_t **copyp); +/* + * Copy a tuple. + * + * Requires: + * 'orig' points to a valid tuple + * copyp != NULL && *copyp == NULL + */ + +void +dns_diff_init(isc_mem_t *mctx, dns_diff_t *diff); +/* + * Initialize a diff. + * + * Requires: + * 'diff' points to an uninitialized dns_diff_t + * allocated by the caller. + * + * Ensures: + * '*diff' is a valid, empty diff. + */ + +void +dns_diff_clear(dns_diff_t *diff); +/* + * Clear a diff, destroying all its tuples. + * + * Requires: + * 'diff' points to a valid dns_diff_t. + * + * Ensures: + * Any tuples in the diff are destroyed. + * The diff now empty, but it is still valid + * and may be reused without calling dns_diff_init + * again. The only memory used is that of the + * dns_diff_t structure itself. + * + * Notes: + * Managing the memory of the dns_diff_t structure itself + * is the caller's responsibility. + */ + +void +dns_diff_append(dns_diff_t *diff, dns_difftuple_t **tuple); +/* + * Append a single tuple to a diff. + * + * 'diff' is a valid diff. + * '*tuple' is a valid tuple. + * + * Ensures: + * *tuple is NULL. + * The tuple has been freed, or will be freed when the diff is cleared. + */ + +void +dns_diff_appendminimal(dns_diff_t *diff, dns_difftuple_t **tuple); +/* + * Append 'tuple' to 'diff', removing any duplicate + * or conflicting updates as needed to create a minimal diff. + * + * Requires: + * 'diff' is a minimal diff. + * + * Ensures: + * 'diff' is still a minimal diff. + * *tuple is NULL. + * The tuple has been freed, or will be freed when the diff is cleared. + * + */ + +isc_result_t +dns_diff_sort(dns_diff_t *diff, dns_diff_compare_func *compare); +/* + * Sort 'diff' in-place according to the comparison function 'compare'. + */ + +isc_result_t +dns_diff_apply(dns_diff_t *diff, dns_db_t *db, dns_dbversion_t *ver); +isc_result_t +dns_diff_applysilently(dns_diff_t *diff, dns_db_t *db, dns_dbversion_t *ver); +/* + * Apply 'diff' to the database 'db'. + * + * dns_diff_apply() logs warnings about updates with no effect or + * with inconsistent TTLs; dns_diff_applysilently() does not. + * + * For efficiency, the diff should be sorted by owner name. + * If it is not sorted, operation will still be correct, + * but less efficient. + * + * Requires: + * *diff is a valid diff (possibly empty), containing + * tuples of type DNS_DIFFOP_ADD and/or + * For DNS_DIFFOP_DEL tuples, the TTL is ignored. + * + */ + +isc_result_t +dns_diff_load(dns_diff_t *diff, dns_addrdatasetfunc_t addfunc, + void *add_private); +/* + * Like dns_diff_apply, but for use when loading a new database + * instead of modifying an existing one. This bypasses the + * database transaction mechanisms. + * + * Requires: + * 'addfunc' is a valid dns_addradatasetfunc_t obtained from + * dns_db_beginload() + * + * 'add_private' points to a corresponding dns_dbload_t * + * (XXX why is it a void pointer, then?) + */ + +isc_result_t +dns_diff_print(dns_diff_t *diff, FILE *file); + +/* + * Print the differences to 'file' or if 'file' is NULL via the + * logging system. + * + * Require: + * 'diff' to be valid. + * 'file' to refer to a open file or NULL. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * ISC_R_UNEXPECTED + * any error from dns_rdataset_totext() + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_DIFF_H */ diff --git a/contrib/bind9/lib/dns/include/dns/dispatch.h b/contrib/bind9/lib/dns/include/dns/dispatch.h new file mode 100644 index 0000000..201a65a --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/dispatch.h @@ -0,0 +1,442 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: dispatch.h,v 1.45.2.2.4.2 2004/03/06 08:13:55 marka Exp $ */ + +#ifndef DNS_DISPATCH_H +#define DNS_DISPATCH_H 1 + +/***** + ***** Module Info + *****/ + +/* + * DNS Dispatch Management + * + * Shared UDP and single-use TCP dispatches for queries and responses. + * + * MP: + * + * All locking is performed internally to each dispatch. + * Restrictions apply to dns_dispatch_removeresponse(). + * + * Reliability: + * + * Resources: + * + * Security: + * + * Depends on the isc_socket_t and dns_message_t for prevention of + * buffer overruns. + * + * Standards: + * + * None. + */ + +/*** + *** Imports + ***/ + +#include <isc/buffer.h> +#include <isc/lang.h> +#include <isc/socket.h> +#include <dns/types.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +/* + * This event is sent to a task when a response comes in. + * No part of this structure should ever be modified by the caller, + * other than parts of the buffer. The holy parts of the buffer are + * the base and size of the buffer. All other parts of the buffer may + * be used. On event delivery the used region contains the packet. + * + * "id" is the received message id, + * + * "addr" is the host that sent it to us, + * + * "buffer" holds state on the received data. + * + * The "free" routine for this event will clean up itself as well as + * any buffer space allocated from common pools. + */ + +struct dns_dispatchevent { + ISC_EVENT_COMMON(dns_dispatchevent_t); /* standard event common */ + isc_result_t result; /* result code */ + isc_int32_t id; /* message id */ + isc_sockaddr_t addr; /* address recv'd from */ + struct in6_pktinfo pktinfo; /* reply info for v6 */ + isc_buffer_t buffer; /* data buffer */ + isc_uint32_t attributes; /* mirrored from socket.h */ +}; + +/* + * Attributes for added dispatchers. + * + * Values with the mask 0xffff0000 are application defined. + * Values with the mask 0x0000ffff are library defined. + * + * Insane values (like setting both TCP and UDP) are not caught. Don't + * do that. + * + * _PRIVATE + * The dispatcher cannot be shared. + * + * _TCP, _UDP + * The dispatcher is a TCP or UDP socket. + * + * _IPV4, _IPV6 + * The dispatcher uses an ipv4 or ipv6 socket. + * + * _NOLISTEN + * The dispatcher should not listen on the socket. + * + * _MAKEQUERY + * The dispatcher can be used to issue queries to other servers, and + * accept replies from them. + */ +#define DNS_DISPATCHATTR_PRIVATE 0x00000001U +#define DNS_DISPATCHATTR_TCP 0x00000002U +#define DNS_DISPATCHATTR_UDP 0x00000004U +#define DNS_DISPATCHATTR_IPV4 0x00000008U +#define DNS_DISPATCHATTR_IPV6 0x00000010U +#define DNS_DISPATCHATTR_NOLISTEN 0x00000020U +#define DNS_DISPATCHATTR_MAKEQUERY 0x00000040U +#define DNS_DISPATCHATTR_CONNECTED 0x00000080U + +isc_result_t +dns_dispatchmgr_create(isc_mem_t *mctx, isc_entropy_t *entropy, + dns_dispatchmgr_t **mgrp); +/* + * Creates a new dispatchmgr object. + * + * Requires: + * "mctx" be a valid memory context. + * + * mgrp != NULL && *mgrp == NULL + * + * "entropy" may be NULL, in which case an insecure random generator + * will be used. If it is non-NULL, it must be a valid entropy + * source. + * + * Returns: + * ISC_R_SUCCESS -- all ok + * + * anything else -- failure + */ + + +void +dns_dispatchmgr_destroy(dns_dispatchmgr_t **mgrp); +/* + * Destroys the dispatchmgr when it becomes empty. This could be + * immediately. + * + * Requires: + * mgrp != NULL && *mgrp is a valid dispatchmgr. + */ + + +void +dns_dispatchmgr_setblackhole(dns_dispatchmgr_t *mgr, dns_acl_t *blackhole); +/* + * Sets the dispatcher's "blackhole list," a list of addresses that will + * be ignored by all dispatchers created by the dispatchmgr. + * + * Requires: + * mgrp is a valid dispatchmgr + * blackhole is a valid acl + */ + + +dns_acl_t * +dns_dispatchmgr_getblackhole(dns_dispatchmgr_t *mgr); +/* + * Gets a pointer to the dispatcher's current blackhole list, + * without incrementing its reference count. + * + * Requires: + * mgr is a valid dispatchmgr + * Returns: + * A pointer to the current blackhole list, or NULL. + */ + +void +dns_dispatchmgr_setblackportlist(dns_dispatchmgr_t *mgr, + dns_portlist_t *portlist); +/* + * Sets a list of UDP ports that won't be used when creating a udp + * dispatch with a wildcard port. + * + * Requires: + * mgr is a valid dispatchmgr + * portlist to be NULL or a valid port list. + */ + +dns_portlist_t * +dns_dispatchmgr_getblackportlist(dns_dispatchmgr_t *mgr); +/* + * Return the current port list. + * + * Requires: + * mgr is a valid dispatchmgr + */ + + + +isc_result_t +dns_dispatch_getudp(dns_dispatchmgr_t *mgr, isc_socketmgr_t *sockmgr, + isc_taskmgr_t *taskmgr, isc_sockaddr_t *localaddr, + unsigned int buffersize, + unsigned int maxbuffers, unsigned int maxrequests, + unsigned int buckets, unsigned int increment, + unsigned int attributes, unsigned int mask, + dns_dispatch_t **dispp); +/* + * Attach to existing dns_dispatch_t if one is found with dns_dispatchmgr_find, + * otherwise create a new UDP dispatch. + * + * Requires: + * All pointer parameters be valid for their respective types. + * + * dispp != NULL && *disp == NULL + * + * 512 <= buffersize <= 64k + * + * maxbuffers > 0 + * + * buckets < 2097169 + * + * increment > buckets + * + * (attributes & DNS_DISPATCHATTR_TCP) == 0 + * + * Returns: + * ISC_R_SUCCESS -- success. + * + * Anything else -- failure. + */ + +isc_result_t +dns_dispatch_createtcp(dns_dispatchmgr_t *mgr, isc_socket_t *sock, + isc_taskmgr_t *taskmgr, unsigned int buffersize, + unsigned int maxbuffers, unsigned int maxrequests, + unsigned int buckets, unsigned int increment, + unsigned int attributes, dns_dispatch_t **dispp); +/* + * Create a new dns_dispatch and attach it to the provided isc_socket_t. + * + * For all dispatches, "buffersize" is the maximum packet size we will + * accept. + * + * "maxbuffers" and "maxrequests" control the number of buffers in the + * overall system and the number of buffers which can be allocated to + * requests. + * + * "buckets" is the number of buckets to use, and should be prime. + * + * "increment" is used in a collision avoidance function, and needs to be + * a prime > buckets, and not 2. + * + * Requires: + * + * mgr is a valid dispatch manager. + * + * sock is a valid. + * + * task is a valid task that can be used internally to this dispatcher. + * + * 512 <= buffersize <= 64k + * + * maxbuffers > 0. + * + * maxrequests <= maxbuffers. + * + * buckets < 2097169 (the next prime after 65536 * 32) + * + * increment > buckets (and prime). + * + * attributes includes DNS_DISPATCHATTR_TCP and does not include + * DNS_DISPATCHATTR_UDP. + * + * Returns: + * ISC_R_SUCCESS -- success. + * + * Anything else -- failure. + */ + +void +dns_dispatch_attach(dns_dispatch_t *disp, dns_dispatch_t **dispp); +/* + * Attach to a dispatch handle. + * + * Requires: + * disp is valid. + * + * dispp != NULL && *dispp == NULL + */ + +void +dns_dispatch_detach(dns_dispatch_t **dispp); +/* + * Detaches from the dispatch. + * + * Requires: + * dispp != NULL and *dispp be a valid dispatch. + */ + +void +dns_dispatch_starttcp(dns_dispatch_t *disp); +/* + * Start processing of a TCP dispatch once the socket connects. + * + * Requires: + * 'disp' is valid. + */ + +isc_result_t +dns_dispatch_addresponse(dns_dispatch_t *disp, isc_sockaddr_t *dest, + isc_task_t *task, isc_taskaction_t action, void *arg, + isc_uint16_t *idp, dns_dispentry_t **resp); +/* + * Add a response entry for this dispatch. + * + * "*idp" is filled in with the assigned message ID, and *resp is filled in + * to contain the magic token used to request event flow stop. + * + * Arranges for the given task to get a callback for response packets. When + * the event is delivered, it must be returned using dns_dispatch_freeevent() + * or through dns_dispatch_removeresponse() for another to be delivered. + * + * Requires: + * "idp" be non-NULL. + * + * "task" "action" and "arg" be set as appropriate. + * + * "dest" be non-NULL and valid. + * + * "resp" be non-NULL and *resp be NULL + * + * Ensures: + * + * <id, dest> is a unique tuple. That means incoming messages + * are identifiable. + * + * Returns: + * + * ISC_R_SUCCESS -- all is well. + * ISC_R_NOMEMORY -- memory could not be allocated. + * ISC_R_NOMORE -- no more message ids can be allocated + * for this destination. + */ + + +void +dns_dispatch_removeresponse(dns_dispentry_t **resp, + dns_dispatchevent_t **sockevent); +/* + * Stops the flow of responses for the provided id and destination. + * If "sockevent" is non-NULL, the dispatch event and associated buffer is + * also returned to the system. + * + * Requires: + * "resp" != NULL and "*resp" contain a value previously allocated + * by dns_dispatch_addresponse(); + * + * May only be called from within the task given as the 'task' + * argument to dns_dispatch_addresponse() when allocating '*resp'. + */ + + +isc_socket_t * +dns_dispatch_getsocket(dns_dispatch_t *disp); +/* + * Return the socket associated with this dispatcher. + * + * Requires: + * disp is valid. + * + * Returns: + * The socket the dispatcher is using. + */ + +isc_result_t +dns_dispatch_getlocaladdress(dns_dispatch_t *disp, isc_sockaddr_t *addrp); +/* + * Return the local address for this dispatch. + * This currently only works for dispatches using UDP sockets. + * + * Requires: + * disp is valid. + * addrp to be non null. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOTIMPLEMENTED + */ + +void +dns_dispatch_cancel(dns_dispatch_t *disp); +/* + * cancel outstanding clients + * + * Requires: + * disp is valid. + */ + +void +dns_dispatch_changeattributes(dns_dispatch_t *disp, + unsigned int attributes, unsigned int mask); +/* + * Set the bits described by "mask" to the corresponding values in + * "attributes". + * + * That is: + * + * new = (old & ~mask) | (attributes & mask) + * + * This function has a side effect when DNS_DISPATCHATTR_NOLISTEN changes. + * When the flag becomes off, the dispatch will start receiving on the + * corresponding socket. When the flag becomes on, receive events on the + * corresponding socket will be canceled. + * + * Requires: + * disp is valid. + * + * attributes are reasonable for the dispatch. That is, setting the UDP + * attribute on a TCP socket isn't reasonable. + */ + +void +dns_dispatch_importrecv(dns_dispatch_t *disp, isc_event_t *event); +/* + * Inform the dispatcher of a socket receive. This is used for sockets + * shared between dispatchers and clients. If the dispatcher fails to copy + * or send the event, nothing happens. + * + * Requires: + * disp is valid, and the attribute DNS_DISPATCHATTR_NOLISTEN is set. + * event != NULL + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_DISPATCH_H */ diff --git a/contrib/bind9/lib/dns/include/dns/dnssec.h b/contrib/bind9/lib/dns/include/dns/dnssec.h new file mode 100644 index 0000000..5f86178 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/dnssec.h @@ -0,0 +1,179 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2002 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: dnssec.h,v 1.21.12.5 2004/03/08 09:04:35 marka Exp $ */ + +#ifndef DNS_DNSSEC_H +#define DNS_DNSSEC_H 1 + +#include <isc/lang.h> +#include <isc/stdtime.h> + +#include <dns/types.h> + +#include <dst/dst.h> + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_dnssec_keyfromrdata(dns_name_t *name, dns_rdata_t *rdata, isc_mem_t *mctx, + dst_key_t **key); +/* + * Creates a DST key from a DNS record. Basically a wrapper around + * dst_key_fromdns(). + * + * Requires: + * 'name' is not NULL + * 'rdata' is not NULL + * 'mctx' is not NULL + * 'key' is not NULL + * '*key' is NULL + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * DST_R_INVALIDPUBLICKEY + * various errors from dns_name_totext + */ + +isc_result_t +dns_dnssec_sign(dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, + isc_stdtime_t *inception, isc_stdtime_t *expire, + isc_mem_t *mctx, isc_buffer_t *buffer, dns_rdata_t *sigrdata); +/* + * Generates a SIG record covering this rdataset. This has no effect + * on existing SIG records. + * + * Requires: + * 'name' (the owner name of the record) is a valid name + * 'set' is a valid rdataset + * 'key' is a valid key + * 'inception' is not NULL + * 'expire' is not NULL + * 'mctx' is not NULL + * 'buffer' is not NULL + * 'sigrdata' is not NULL + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * ISC_R_NOSPACE + * DNS_R_INVALIDTIME - the expiration is before the inception + * DNS_R_KEYUNAUTHORIZED - the key cannot sign this data (either + * it is not a zone key or its flags prevent + * authentication) + * DST_R_* + */ + +isc_result_t +dns_dnssec_verify(dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, + isc_boolean_t ignoretime, isc_mem_t *mctx, + dns_rdata_t *sigrdata); + +isc_result_t +dns_dnssec_verify2(dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, + isc_boolean_t ignoretime, isc_mem_t *mctx, + dns_rdata_t *sigrdata, dns_name_t *wild); +/* + * Verifies the SIG record covering this rdataset signed by a specific + * key. This does not determine if the key's owner is authorized to + * sign this record, as this requires a resolver or database. + * If 'ignoretime' is ISC_TRUE, temporal validity will not be checked. + * + * Requires: + * 'name' (the owner name of the record) is a valid name + * 'set' is a valid rdataset + * 'key' is a valid key + * 'mctx' is not NULL + * 'sigrdata' is a valid rdata containing a SIG record + * 'wild' if non-NULL then is a valid and has a buffer. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * DNS_R_FROMWILDCARD - the signature is valid and is from + * a wildcard expansion. dns_dnssec_verify2() only. + * 'wild' contains the name of the wildcard if non-NULL. + * DNS_R_SIGINVALID - the signature fails to verify + * DNS_R_SIGEXPIRED - the signature has expired + * DNS_R_SIGFUTURE - the signature's validity period has not begun + * DNS_R_KEYUNAUTHORIZED - the key cannot sign this data (either + * it is not a zone key or its flags prevent + * authentication) + * DST_R_* + */ + +isc_result_t +dns_dnssec_findzonekeys(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, + dns_name_t *name, isc_mem_t *mctx, + unsigned int maxkeys, dst_key_t **keys, + unsigned int *nkeys); +isc_result_t +dns_dnssec_findzonekeys2(dns_db_t *db, dns_dbversion_t *ver, + dns_dbnode_t *node, dns_name_t *name, + const char *directory, isc_mem_t *mctx, + unsigned int maxkeys, dst_key_t **keys, + unsigned int *nkeys); +/* + * Finds a set of zone keys. + * XXX temporary - this should be handled in dns_zone_t. + */ + +isc_result_t +dns_dnssec_signmessage(dns_message_t *msg, dst_key_t *key); +/* + * Signs a message with a SIG(0) record. This is implicitly called by + * dns_message_renderend() if msg->sig0key is not NULL. + * + * Requires: + * 'msg' is a valid message + * 'key' is a valid key that can be used for signing + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * DST_R_* + */ + +isc_result_t +dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, + dst_key_t *key); +/* + * Verifies a message signed by a SIG(0) record. This is not + * called implicitly by dns_message_parse(). If dns_message_signer() + * is called before dns_dnssec_verifymessage(), it will return + * DNS_R_NOTVERIFIEDYET. dns_dnssec_verifymessage() will set + * the verified_sig0 flag in msg if the verify succeeds, and + * the sig0status field otherwise. + * + * Requires: + * 'source' is a valid buffer containing the unparsed message + * 'msg' is a valid message + * 'key' is a valid key + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * ISC_R_NOTFOUND - no SIG(0) was found + * DNS_R_SIGINVALID - the SIG record is not well-formed or + * was not generated by the key. + * DST_R_* + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_DNSSEC_H */ diff --git a/contrib/bind9/lib/dns/include/dns/ds.h b/contrib/bind9/lib/dns/include/dns/ds.h new file mode 100644 index 0000000..979ac9f --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/ds.h @@ -0,0 +1,56 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2002 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: ds.h,v 1.3.2.1 2004/03/08 02:08:00 marka Exp $ */ + +#ifndef DNS_DS_H +#define DNS_DS_H 1 + +#include <isc/lang.h> + +#include <dns/types.h> + +#define DNS_DSDIGEST_SHA1 (1) + +/* + * Assuming SHA-1 digest type. + */ +#define DNS_DS_BUFFERSIZE (24) + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key, + unsigned int digest_type, unsigned char *buffer, + dns_rdata_t *rdata); +/* + * Build the rdata of a DS record. + * + * Requires: + * key Points to a valid DNS KEY record. + * buffer Points to a temporary buffer of at least + * DNS_DS_BUFFERSIZE bytes. + * rdata Points to an initialized dns_rdata_t. + * + * Ensures: + * *rdata Contains a valid DS rdata. The 'data' member refers + * to 'buffer'. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_DS_H */ diff --git a/contrib/bind9/lib/dns/include/dns/events.h b/contrib/bind9/lib/dns/include/dns/events.h new file mode 100644 index 0000000..1e66139 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/events.h @@ -0,0 +1,70 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2002 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: events.h,v 1.37.2.1.4.4 2004/03/08 09:04:36 marka Exp $ */ + +#ifndef DNS_EVENTS_H +#define DNS_EVENTS_H 1 + +#include <isc/eventclass.h> + +/* + * Registry of DNS event numbers. + */ + +#define DNS_EVENT_FETCHCONTROL (ISC_EVENTCLASS_DNS + 0) +#define DNS_EVENT_FETCHDONE (ISC_EVENTCLASS_DNS + 1) +#define DNS_EVENT_VIEWRESSHUTDOWN (ISC_EVENTCLASS_DNS + 2) +#define DNS_EVENT_VIEWADBSHUTDOWN (ISC_EVENTCLASS_DNS + 3) +#define DNS_EVENT_UPDATE (ISC_EVENTCLASS_DNS + 4) +#define DNS_EVENT_UPDATEDONE (ISC_EVENTCLASS_DNS + 5) +#define DNS_EVENT_DISPATCH (ISC_EVENTCLASS_DNS + 6) +#define DNS_EVENT_TCPMSG (ISC_EVENTCLASS_DNS + 7) +#define DNS_EVENT_ADBMOREADDRESSES (ISC_EVENTCLASS_DNS + 8) +#define DNS_EVENT_ADBNOMOREADDRESSES (ISC_EVENTCLASS_DNS + 9) +#define DNS_EVENT_ADBCANCELED (ISC_EVENTCLASS_DNS + 10) +#define DNS_EVENT_ADBNAMEDELETED (ISC_EVENTCLASS_DNS + 11) +#define DNS_EVENT_ADBSHUTDOWN (ISC_EVENTCLASS_DNS + 12) +#define DNS_EVENT_ADBEXPIRED (ISC_EVENTCLASS_DNS + 13) +#define DNS_EVENT_ADBCONTROL (ISC_EVENTCLASS_DNS + 14) +#define DNS_EVENT_CACHECLEAN (ISC_EVENTCLASS_DNS + 15) +#define DNS_EVENT_BYADDRDONE (ISC_EVENTCLASS_DNS + 16) +#define DNS_EVENT_ZONECONTROL (ISC_EVENTCLASS_DNS + 17) +#define DNS_EVENT_DBDESTROYED (ISC_EVENTCLASS_DNS + 18) +#define DNS_EVENT_VALIDATORDONE (ISC_EVENTCLASS_DNS + 19) +#define DNS_EVENT_REQUESTDONE (ISC_EVENTCLASS_DNS + 20) +#define DNS_EVENT_VALIDATORSTART (ISC_EVENTCLASS_DNS + 21) +#define DNS_EVENT_VIEWREQSHUTDOWN (ISC_EVENTCLASS_DNS + 22) +#define DNS_EVENT_NOTIFYSENDTOADDR (ISC_EVENTCLASS_DNS + 23) +#define DNS_EVENT_ZONE (ISC_EVENTCLASS_DNS + 24) +#define DNS_EVENT_ZONESTARTXFRIN (ISC_EVENTCLASS_DNS + 25) +#define DNS_EVENT_MASTERQUANTUM (ISC_EVENTCLASS_DNS + 26) +#define DNS_EVENT_CACHEOVERMEM (ISC_EVENTCLASS_DNS + 27) +#define DNS_EVENT_MASTERNEXTZONE (ISC_EVENTCLASS_DNS + 28) +#define DNS_EVENT_IOREADY (ISC_EVENTCLASS_DNS + 29) +#define DNS_EVENT_LOOKUPDONE (ISC_EVENTCLASS_DNS + 30) +/* #define DNS_EVENT_unused (ISC_EVENTCLASS_DNS + 31) */ +#define DNS_EVENT_DISPATCHCONTROL (ISC_EVENTCLASS_DNS + 32) +#define DNS_EVENT_REQUESTCONTROL (ISC_EVENTCLASS_DNS + 33) +#define DNS_EVENT_DUMPQUANTUM (ISC_EVENTCLASS_DNS + 34) +#define DNS_EVENT_IMPORTRECVDONE (ISC_EVENTCLASS_DNS + 35) +#define DNS_EVENT_FREESTORAGE (ISC_EVENTCLASS_DNS + 36) + +#define DNS_EVENT_FIRSTEVENT (ISC_EVENTCLASS_DNS + 0) +#define DNS_EVENT_LASTEVENT (ISC_EVENTCLASS_DNS + 65535) + +#endif /* DNS_EVENTS_H */ diff --git a/contrib/bind9/lib/dns/include/dns/fixedname.h b/contrib/bind9/lib/dns/include/dns/fixedname.h new file mode 100644 index 0000000..3ee306f --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/fixedname.h @@ -0,0 +1,83 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: fixedname.h,v 1.12.206.1 2004/03/06 08:13:55 marka Exp $ */ + +#ifndef DNS_FIXEDNAME_H +#define DNS_FIXEDNAME_H 1 + +/***** + ***** Module Info + *****/ + +/* + * Fixed-size Names + * + * dns_fixedname_t is a convenience type containing a name, an offsets table, + * and a dedicated buffer big enough for the longest possible name. + * + * MP: + * The caller must ensure any required synchronization. + * + * Reliability: + * No anticipated impact. + * + * Resources: + * Per dns_fixedname_t: + * sizeof(dns_name_t) + sizeof(dns_offsets_t) + + * sizeof(isc_buffer_t) + 255 bytes + structure padding + * + * Security: + * No anticipated impact. + * + * Standards: + * None. + */ + +/***** + ***** Imports + *****/ + +#include <isc/buffer.h> + +#include <dns/name.h> + +/***** + ***** Types + *****/ + +struct dns_fixedname { + dns_name_t name; + dns_offsets_t offsets; + isc_buffer_t buffer; + unsigned char data[DNS_NAME_MAXWIRE]; +}; + +#define dns_fixedname_init(fn) \ + do { \ + dns_name_init(&((fn)->name), (fn)->offsets); \ + isc_buffer_init(&((fn)->buffer), (fn)->data, \ + DNS_NAME_MAXWIRE); \ + dns_name_setbuffer(&((fn)->name), &((fn)->buffer)); \ + } while (0) + +#define dns_fixedname_invalidate(fn) \ + dns_name_invalidate(&((fn)->name)) + +#define dns_fixedname_name(fn) (&((fn)->name)) + +#endif /* DNS_FIXEDNAME_H */ diff --git a/contrib/bind9/lib/dns/include/dns/forward.h b/contrib/bind9/lib/dns/include/dns/forward.h new file mode 100644 index 0000000..f1bf5ab --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/forward.h @@ -0,0 +1,98 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2000, 2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: forward.h,v 1.2.206.1 2004/03/06 08:13:56 marka Exp $ */ + +#ifndef DNS_FORWARD_H +#define DNS_FORWARD_H 1 + +#include <isc/lang.h> +#include <isc/result.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +struct dns_forwarders { + isc_sockaddrlist_t addrs; + dns_fwdpolicy_t fwdpolicy; +}; + +isc_result_t +dns_fwdtable_create(isc_mem_t *mctx, dns_fwdtable_t **fwdtablep); +/* + * Creates a new forwarding table. + * + * Requires: + * mctx is a valid memory context. + * fwdtablep != NULL && *fwdtablep == NULL + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + +isc_result_t +dns_fwdtable_add(dns_fwdtable_t *fwdtable, dns_name_t *name, + isc_sockaddrlist_t *addrs, dns_fwdpolicy_t policy); +/* + * Adds an entry to the forwarding table. The entry associates + * a domain with a list of forwarders and a forwarding policy. The + * addrs list is copied if not empty, so the caller should free its copy. + * + * Requires: + * fwdtable is a valid forwarding table. + * name is a valid name + * addrs is a valid list of sockaddrs, which may be empty. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + +isc_result_t +dns_fwdtable_find(dns_fwdtable_t *fwdtable, dns_name_t *name, + dns_forwarders_t **forwardersp); +/* + * Finds a domain in the forwarding table. The closest matching parent + * domain is returned. + * + * Requires: + * fwdtable is a valid forwarding table. + * name is a valid name + * forwardersp != NULL && *forwardersp == NULL + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOTFOUND + */ + +void +dns_fwdtable_destroy(dns_fwdtable_t **fwdtablep); +/* + * Destroys a forwarding table. + * + * Requires: + * fwtablep != NULL && *fwtablep != NULL + * + * Ensures: + * all memory associated with the forwarding table is freed. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_FORWARD_H */ diff --git a/contrib/bind9/lib/dns/include/dns/journal.h b/contrib/bind9/lib/dns/include/dns/journal.h new file mode 100644 index 0000000..fdf6094 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/journal.h @@ -0,0 +1,271 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: journal.h,v 1.23.12.3 2004/03/08 09:04:36 marka Exp $ */ + +#ifndef DNS_JOURNAL_H +#define DNS_JOURNAL_H 1 + +/***** + ***** Module Info + *****/ + +/* + * Database journalling. + */ + +/*** + *** Imports + ***/ + +#include <isc/lang.h> +#include <isc/magic.h> + +#include <dns/name.h> +#include <dns/diff.h> +#include <dns/rdata.h> +#include <dns/types.h> + +/*** + *** Types + ***/ + +/* + * A dns_journal_t represents an open journal file. This is an opaque type. + * + * A particular dns_journal_t object may be opened for writing, in which case + * it can be used for writing transactions to a journal file, or it can be + * opened for reading, in which case it can be used for reading transactions + * from (iterating over) a journal file. A single dns_journal_t object may + * not be used for both purposes. + */ +typedef struct dns_journal dns_journal_t; + + +/*** + *** Functions + ***/ + +ISC_LANG_BEGINDECLS + +/**************************************************************************/ + +isc_result_t +dns_db_createsoatuple(dns_db_t *db, dns_dbversion_t *ver, isc_mem_t *mctx, + dns_diffop_t op, dns_difftuple_t **tp); +/* + * Create a diff tuple for the current database SOA. + * XXX this probably belongs somewhere else. + */ + + +#define DNS_SERIAL_GT(a, b) ((int)(((a) - (b)) & 0xFFFFFFFF) > 0) +#define DNS_SERIAL_GE(a, b) ((int)(((a) - (b)) & 0xFFFFFFFF) >= 0) +/* + * Compare SOA serial numbers. DNS_SERIAL_GT(a, b) returns true iff + * a is "greater than" b where "greater than" is as defined in RFC1982. + * DNS_SERIAL_GE(a, b) returns true iff a is "greater than or equal to" b. + */ + +/**************************************************************************/ +/* + * Journal object creation and destruction. + */ + +isc_result_t +dns_journal_open(isc_mem_t *mctx, const char *filename, isc_boolean_t write, + dns_journal_t **journalp); +/* + * Open the journal file 'filename' and create a dns_journal_t object for it. + * + * If 'write' is ISC_TRUE, the journal is open for writing. If it does + * not exist, it is created. + * + * If 'write' is ISC_FALSE, the journal is open for reading. If it does + * not exist, ISC_R_NOTFOUND is returned. + */ + +void +dns_journal_destroy(dns_journal_t **journalp); +/* + * Destroy a dns_journal_t, closing any open files and freeing its memory. + */ + +/**************************************************************************/ +/* + * Writing transactions to journals. + */ + +isc_result_t +dns_journal_begin_transaction(dns_journal_t *j); +/* + * Prepare to write a new transaction to the open journal file 'j'. + * + * Requires: + * 'j' is open for writing. + */ + +isc_result_t +dns_journal_writediff(dns_journal_t *j, dns_diff_t *diff); +/* + * Write 'diff' to the current transaction of journal file 'j'. + * + * Requires: + * 'j' is open for writing and dns_journal_begin_transaction() + * has been called. + * + * 'diff' is a full or partial, correctly ordered IXFR + * difference sequence. + */ + +isc_result_t +dns_journal_commit(dns_journal_t *j); +/* + * Commit the current transaction of journal file 'j'. + * + * Requires: + * 'j' is open for writing and dns_journal_begin_transaction() + * has been called. + * + * dns_journal_writediff() has been called one or more times + * to form a complete, correctly ordered IXFR difference + * sequence. + */ + +isc_result_t +dns_journal_write_transaction(dns_journal_t *j, dns_diff_t *diff); +/* + * Write a complete transaction at once to a journal file, + * sorting it if necessary, and commit it. Equivalent to calling + * dns_diff_sort(), dns_journal_begin_transaction(), + * dns_journal_writediff(), and dns_journal_commit(). + * + * Requires: + * 'j' is open for writing. + * + * 'diff' contains exactly one SOA deletion, one SOA addition + * with a greater serial number, and possibly other changes, + * in arbitrary order. + */ + +/**************************************************************************/ +/* + * Reading transactions from journals. + */ + +isc_uint32_t +dns_journal_first_serial(dns_journal_t *j); +isc_uint32_t +dns_journal_last_serial(dns_journal_t *j); +/* + * Get the first and last addressable serial number in the journal. + */ + +isc_result_t +dns_journal_iter_init(dns_journal_t *j, + isc_uint32_t begin_serial, isc_uint32_t end_serial); +/* + * Prepare to iterate over the transactions that will bring the database + * from SOA serial number 'begin_serial' to 'end_serial'. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_RANGE begin_serial is outside the addressable range. + * ISC_R_NOTFOUND begin_serial is within the range of adressable + * serial numbers covered by the journal, but + * this particular serial number does not exist. + */ + +isc_result_t +dns_journal_first_rr(dns_journal_t *j); +isc_result_t +dns_journal_next_rr(dns_journal_t *j); +/* + * Position the iterator at the first/next RR in a journal + * transaction sequence established using dns_journal_iter_init(). + * + * Requires: + * dns_journal_iter_init() has been called. + * + */ + +void +dns_journal_current_rr(dns_journal_t *j, dns_name_t **name, isc_uint32_t *ttl, + dns_rdata_t **rdata); +/* + * Get the name, ttl, and rdata of the current journal RR. + * + * Requires: + * The last call to dns_journal_first_rr() or dns_journal_next_rr() + * returned ISC_R_SUCCESS. + */ + +/**************************************************************************/ +/* + * Database roll-forward. + */ + +isc_result_t +dns_journal_rollforward(isc_mem_t *mctx, dns_db_t *db, const char *filename); +/* + * Roll forward (play back) the journal file "filename" into the + * database "db". This should be called when the server starts + * after a shutdown or crash. + * + * Requires: + * 'mctx' is a valid memory context. + * 'db' is a valid database which does not have a version + * open for writing. + * 'filename' is the name of the journal file belonging to 'db'. + * + * Returns: + * DNS_R_NOJOURNAL when journal does not exist. + * ISC_R_NOTFOUND when current serial in not in journal. + * ISC_R_RANGE when current serial in not in journals range. + * ISC_R_SUCCESS journal has been applied successfully to database. + * others + */ + +isc_result_t +dns_journal_print(isc_mem_t *mctx, const char *filename, FILE *file); +/* For debugging not general use */ + +isc_result_t +dns_db_diff(isc_mem_t *mctx, + dns_db_t *dba, dns_dbversion_t *dbvera, + dns_db_t *dbb, dns_dbversion_t *dbverb, + const char *journal_filename); +/* + * Compare the databases 'dba' and 'dbb' and generate a journal + * entry containing the changes to make 'dba' from 'dbb' (note + * the order). This journal entry will consist of a single, + * possibly very large transaction. Append the journal + * entry to the journal file specified by 'journal_filename'. + */ + +isc_result_t +dns_journal_compact(isc_mem_t *mctx, char *filename, isc_uint32_t serial, + isc_uint32_t target_size); +/* + * Attempt to compact the journal if it is greater that 'target_size'. + * Changes from 'serial' onwards will be preserved. If the journal + * exists and is non-empty 'serial' must exist in the journal. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_JOURNAL_H */ diff --git a/contrib/bind9/lib/dns/include/dns/keyflags.h b/contrib/bind9/lib/dns/include/dns/keyflags.h new file mode 100644 index 0000000..025b137 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/keyflags.h @@ -0,0 +1,52 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: keyflags.h,v 1.9.206.1 2004/03/06 08:13:56 marka Exp $ */ + +#ifndef DNS_KEYFLAGS_H +#define DNS_KEYFLAGS_H 1 + +#include <isc/lang.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_keyflags_fromtext(dns_keyflags_t *flagsp, isc_textregion_t *source); +/* + * Convert the text 'source' refers to into a DNSSEC KEY flags value. + * The text may contain either a set of flag mnemonics separated by + * vertical bars or a decimal flags value. For compatibility with + * older versions of BIND and the DNSSEC signer, octal values + * prefixed with a zero and hexadecimal values prefixed with "0x" + * are also accepted. + * + * Requires: + * 'flagsp' is a valid pointer. + * + * 'source' is a valid text region. + * + * Returns: + * ISC_R_SUCCESS on success + * ISC_R_RANGE numeric flag value is out of range + * DNS_R_UNKNOWN mnemonic flag is unknown + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_KEYFLAGS_H */ diff --git a/contrib/bind9/lib/dns/include/dns/keytable.h b/contrib/bind9/lib/dns/include/dns/keytable.h new file mode 100644 index 0000000..a07c052 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/keytable.h @@ -0,0 +1,255 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2000, 2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: keytable.h,v 1.10.206.1 2004/03/06 08:13:56 marka Exp $ */ + +#ifndef DNS_KEYTABLE_H +#define DNS_KEYTABLE_H 1 + +/***** + ***** Module Info + *****/ + +/* + * Key Tables + * + * The keytable module provides services for storing and retrieving DNSSEC + * trusted keys, as well as the ability to find the deepest matching key + * for a given domain name. + * + * MP: + * The module ensures appropriate synchronization of data structures it + * creates and manipulates. + * + * Resources: + * <TBS> + * + * Security: + * No anticipated impact. + */ + +#include <isc/lang.h> + +#include <dns/types.h> + +#include <dst/dst.h> + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_keytable_create(isc_mem_t *mctx, dns_keytable_t **keytablep); +/* + * Create a keytable. + * + * Requires: + * + * 'mctx' is a valid memory context. + * + * keytablep != NULL && *keytablep == NULL + * + * Ensures: + * + * On success, *keytablep is a valid, empty key table. + * + * Returns: + * + * ISC_R_SUCCESS + * + * Any other result indicates failure. + */ + + +void +dns_keytable_attach(dns_keytable_t *source, dns_keytable_t **targetp); +/* + * Attach *targetp to source. + * + * Requires: + * + * 'source' is a valid keytable. + * + * 'targetp' points to a NULL dns_keytable_t *. + * + * Ensures: + * + * *targetp is attached to source. + */ + +void +dns_keytable_detach(dns_keytable_t **keytablep); +/* + * Detach *keytablep from its keytable. + * + * Requires: + * + * 'keytablep' points to a valid keytable. + * + * Ensures: + * + * *keytablep is NULL. + * + * If '*keytablep' is the last reference to the keytable, + * + * All resources used by the keytable will be freed + */ + +isc_result_t +dns_keytable_add(dns_keytable_t *keytable, dst_key_t **keyp); +/* + * Add '*keyp' to 'keytable'. + * + * Notes: + * + * Ownership of *keyp is transferred to the keytable. + * + * Requires: + * + * keyp != NULL && *keyp is a valid dst_key_t *. + * + * Ensures: + * + * On success, *keyp == NULL + * + * Returns: + * + * ISC_R_SUCCESS + * + * Any other result indicates failure. + */ + +isc_result_t +dns_keytable_findkeynode(dns_keytable_t *keytable, dns_name_t *name, + dns_secalg_t algorithm, dns_keytag_t tag, + dns_keynode_t **keynodep); +/* + * Search for a key named 'name', matching 'algorithm' and 'tag' in + * 'keytable'. + * + * Requires: + * + * 'keytable' is a valid keytable. + * + * 'name' is a valid absolute name. + * + * keynodep != NULL && *keynodep == NULL + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOTFOUND + * + * Any other result indicates an error. + */ + +isc_result_t +dns_keytable_findnextkeynode(dns_keytable_t *keytable, dns_keynode_t *keynode, + dns_keynode_t **nextnodep); +/* + * Search for the next key with the same properties as 'keynode' in + * 'keytable'. + * + * Requires: + * + * 'keytable' is a valid keytable. + * + * 'keynode' is a valid keynode. + * + * nextnodep != NULL && *nextnodep == NULL + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOTFOUND + * + * Any other result indicates an error. + */ + +isc_result_t +dns_keytable_finddeepestmatch(dns_keytable_t *keytable, dns_name_t *name, + dns_name_t *foundname); +/* + * Search for the deepest match of 'name' in 'keytable'. + * + * Requires: + * + * 'keytable' is a valid keytable. + * + * 'name' is a valid absolute name. + * + * 'foundname' is a name with a dedicated buffer. + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOTFOUND + * + * Any other result indicates an error. + */ + +void +dns_keytable_detachkeynode(dns_keytable_t *keytable, + dns_keynode_t **keynodep); +/* + * Give back a keynode found via dns_keytable_findkeynode(). + * + * Requires: + * + * 'keytable' is a valid keytable. + * + * *keynodep is a valid keynode returned by a call to + * dns_keytable_findkeynode(). + * + * Ensures: + * + * *keynodep == NULL + */ + +isc_result_t +dns_keytable_issecuredomain(dns_keytable_t *keytable, dns_name_t *name, + isc_boolean_t *wantdnssecp); +/* + * Is 'name' at or beneath a trusted key? + * + * Requires: + * + * 'keytable' is a valid keytable. + * + * 'name' is a valid absolute name. + * + * '*wantsdnssecp' is a valid isc_boolean_t. + * + * Ensures: + * + * On success, *wantsdnssecp will be ISC_TRUE if and only if 'name' + * is at or beneath a trusted key. + * + * Returns: + * + * ISC_R_SUCCESS + * + * Any other result is an error. + */ + +dst_key_t * +dns_keynode_key(dns_keynode_t *keynode); +/* + * Get the DST key associated with keynode. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_KEYTABLE_H */ diff --git a/contrib/bind9/lib/dns/include/dns/keyvalues.h b/contrib/bind9/lib/dns/include/dns/keyvalues.h new file mode 100644 index 0000000..ef9e821 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/keyvalues.h @@ -0,0 +1,96 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001, 2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: keyvalues.h,v 1.11.12.3 2004/03/06 08:13:56 marka Exp $ */ + +#ifndef DNS_KEYVALUES_H +#define DNS_KEYVALUES_H 1 + +/* + * Flags field of the KEY RR rdata + */ +#define DNS_KEYFLAG_TYPEMASK 0xC000 /* Mask for "type" bits */ +#define DNS_KEYTYPE_AUTHCONF 0x0000 /* Key usable for both */ +#define DNS_KEYTYPE_CONFONLY 0x8000 /* Key usable for confidentiality */ +#define DNS_KEYTYPE_AUTHONLY 0x4000 /* Key usable for authentication */ +#define DNS_KEYTYPE_NOKEY 0xC000 /* No key usable for either; no key */ +#define DNS_KEYTYPE_NOAUTH DNS_KEYTYPE_CONFONLY +#define DNS_KEYTYPE_NOCONF DNS_KEYTYPE_AUTHONLY + +#define DNS_KEYFLAG_RESERVED2 0x2000 /* reserved - must be zero */ +#define DNS_KEYFLAG_EXTENDED 0x1000 /* key has extended flags */ +#define DNS_KEYFLAG_RESERVED4 0x0800 /* reserved - must be zero */ +#define DNS_KEYFLAG_RESERVED5 0x0400 /* reserved - must be zero */ +#define DNS_KEYFLAG_OWNERMASK 0x0300 /* these bits determine the type */ +#define DNS_KEYOWNER_USER 0x0000 /* key is assoc. with user */ +#define DNS_KEYOWNER_ENTITY 0x0200 /* key is assoc. with entity eg host */ +#define DNS_KEYOWNER_ZONE 0x0100 /* key is zone key */ +#define DNS_KEYOWNER_RESERVED 0x0300 /* reserved meaning */ +#define DNS_KEYFLAG_RESERVED8 0x0080 /* reserved - must be zero */ +#define DNS_KEYFLAG_RESERVED9 0x0040 /* reserved - must be zero */ +#define DNS_KEYFLAG_RESERVED10 0x0020 /* reserved - must be zero */ +#define DNS_KEYFLAG_RESERVED11 0x0010 /* reserved - must be zero */ +#define DNS_KEYFLAG_SIGNATORYMASK 0x000F /* key can sign RR's of same name */ + +#define DNS_KEYFLAG_RESERVEDMASK (DNS_KEYFLAG_RESERVED2 | \ + DNS_KEYFLAG_RESERVED4 | \ + DNS_KEYFLAG_RESERVED5 | \ + DNS_KEYFLAG_RESERVED8 | \ + DNS_KEYFLAG_RESERVED9 | \ + DNS_KEYFLAG_RESERVED10 | \ + DNS_KEYFLAG_RESERVED11 ) +#define DNS_KEYFLAG_KSK 0x0001 /* key signing key */ + +#define DNS_KEYFLAG_RESERVEDMASK2 0xFFFF /* no bits defined here */ + +/* The Algorithm field of the KEY and SIG RR's is an integer, {1..254} */ +#define DNS_KEYALG_RSAMD5 1 /* RSA with MD5 */ +#define DNS_KEYALG_RSA DNS_KEYALG_RSAMD5 +#define DNS_KEYALG_DH 2 /* Diffie Hellman KEY */ +#define DNS_KEYALG_DSA 3 /* DSA KEY */ +#define DNS_KEYALG_DSS NS_ALG_DSA +#define DNS_KEYALG_ECC 4 +#define DNS_KEYALG_RSASHA1 5 +#define DNS_KEYALG_INDIRECT 252 +#define DNS_KEYALG_PRIVATEDNS 253 +#define DNS_KEYALG_PRIVATEOID 254 /* Key begins with OID giving alg */ + +/* Protocol values */ +#define DNS_KEYPROTO_RESERVED 0 +#define DNS_KEYPROTO_TLS 1 +#define DNS_KEYPROTO_EMAIL 2 +#define DNS_KEYPROTO_DNSSEC 3 +#define DNS_KEYPROTO_IPSEC 4 +#define DNS_KEYPROTO_ANY 255 + +/* Signatures */ +#define DNS_SIG_RSAMINBITS 512 /* Size of a mod or exp in bits */ +#define DNS_SIG_RSAMAXBITS 2552 + /* Total of binary mod and exp */ +#define DNS_SIG_RSAMAXBYTES ((DNS_SIG_RSAMAXBITS+7/8)*2+3) + /* Max length of text sig block */ +#define DNS_SIG_RSAMAXBASE64 (((DNS_SIG_RSAMAXBYTES+2)/3)*4) +#define DNS_SIG_RSAMINSIZE ((DNS_SIG_RSAMINBITS+7)/8) +#define DNS_SIG_RSAMAXSIZE ((DNS_SIG_RSAMAXBITS+7)/8) + +#define DNS_SIG_DSASIGSIZE 41 +#define DNS_SIG_DSAMINBITS 512 +#define DNS_SIG_DSAMAXBITS 1024 +#define DNS_SIG_DSAMINBYTES 213 +#define DNS_SIG_DSAMAXBYTES 405 + +#endif /* DNS_KEYVALUES_H */ diff --git a/contrib/bind9/lib/dns/include/dns/lib.h b/contrib/bind9/lib/dns/include/dns/lib.h new file mode 100644 index 0000000..e53dd2b --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/lib.h @@ -0,0 +1,39 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: lib.h,v 1.6.12.3 2004/03/08 09:04:36 marka Exp $ */ + +#ifndef DNS_LIB_H +#define DNS_LIB_H 1 + +#include <isc/types.h> +#include <isc/lang.h> + +ISC_LANG_BEGINDECLS + +LIBDNS_EXTERNAL_DATA extern isc_msgcat_t *dns_msgcat; + +void +dns_lib_initmsgcat(void); +/* + * Initialize the DNS library's message catalog, dns_msgcat, if it + * has not already been initialized. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_LIB_H */ diff --git a/contrib/bind9/lib/dns/include/dns/log.h b/contrib/bind9/lib/dns/include/dns/log.h new file mode 100644 index 0000000..9901fc9 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/log.h @@ -0,0 +1,103 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001, 2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: log.h,v 1.30.2.1.10.2 2004/03/06 08:13:57 marka Exp $ */ + +/* Principal Authors: DCL */ + +#ifndef DNS_LOG_H +#define DNS_LOG_H 1 + +#include <isc/lang.h> +#include <isc/log.h> + +LIBDNS_EXTERNAL_DATA extern isc_log_t *dns_lctx; +LIBDNS_EXTERNAL_DATA extern isc_logcategory_t dns_categories[]; +LIBDNS_EXTERNAL_DATA extern isc_logmodule_t dns_modules[]; + +#define DNS_LOGCATEGORY_NOTIFY (&dns_categories[0]) +#define DNS_LOGCATEGORY_DATABASE (&dns_categories[1]) +#define DNS_LOGCATEGORY_SECURITY (&dns_categories[2]) +/* DNS_LOGCATEGORY_CONFIG superseded by CFG_LOGCATEGORY_CONFIG */ +#define DNS_LOGCATEGORY_DNSSEC (&dns_categories[4]) +#define DNS_LOGCATEGORY_RESOLVER (&dns_categories[5]) +#define DNS_LOGCATEGORY_XFER_IN (&dns_categories[6]) +#define DNS_LOGCATEGORY_XFER_OUT (&dns_categories[7]) +#define DNS_LOGCATEGORY_DISPATCH (&dns_categories[8]) +#define DNS_LOGCATEGORY_LAME_SERVERS (&dns_categories[9]) +#define DNS_LOGCATEGORY_DELEGATION_ONLY (&dns_categories[10]) + +/* Backwards compatibility. */ +#define DNS_LOGCATEGORY_GENERAL ISC_LOGCATEGORY_GENERAL + +#define DNS_LOGMODULE_DB (&dns_modules[0]) +#define DNS_LOGMODULE_RBTDB (&dns_modules[1]) +#define DNS_LOGMODULE_RBTDB64 (&dns_modules[2]) +#define DNS_LOGMODULE_RBT (&dns_modules[3]) +#define DNS_LOGMODULE_RDATA (&dns_modules[4]) +#define DNS_LOGMODULE_MASTER (&dns_modules[5]) +#define DNS_LOGMODULE_MESSAGE (&dns_modules[6]) +#define DNS_LOGMODULE_CACHE (&dns_modules[7]) +#define DNS_LOGMODULE_CONFIG (&dns_modules[8]) +#define DNS_LOGMODULE_RESOLVER (&dns_modules[9]) +#define DNS_LOGMODULE_ZONE (&dns_modules[10]) +#define DNS_LOGMODULE_JOURNAL (&dns_modules[11]) +#define DNS_LOGMODULE_ADB (&dns_modules[12]) +#define DNS_LOGMODULE_XFER_IN (&dns_modules[13]) +#define DNS_LOGMODULE_XFER_OUT (&dns_modules[14]) +#define DNS_LOGMODULE_ACL (&dns_modules[15]) +#define DNS_LOGMODULE_VALIDATOR (&dns_modules[16]) +#define DNS_LOGMODULE_DISPATCH (&dns_modules[17]) +#define DNS_LOGMODULE_REQUEST (&dns_modules[18]) +#define DNS_LOGMODULE_MASTERDUMP (&dns_modules[19]) +#define DNS_LOGMODULE_TSIG (&dns_modules[20]) +#define DNS_LOGMODULE_TKEY (&dns_modules[21]) +#define DNS_LOGMODULE_SDB (&dns_modules[22]) +#define DNS_LOGMODULE_DIFF (&dns_modules[23]) +#define DNS_LOGMODULE_HINTS (&dns_modules[24]) + +ISC_LANG_BEGINDECLS + +void +dns_log_init(isc_log_t *lctx); +/* + * Make the libdns categories and modules available for use with the + * ISC logging library. + * + * Requires: + * lctx is a valid logging context. + * + * dns_log_init() is called only once. + * + * Ensures: + * The catgories and modules defined above are available for + * use by isc_log_usechannnel() and isc_log_write(). + */ + +void +dns_log_setcontext(isc_log_t *lctx); +/* + * Make the libdns library use the provided context for logging internal + * messages. + * + * Requires: + * lctx is a valid logging context. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_LOG_H */ diff --git a/contrib/bind9/lib/dns/include/dns/lookup.h b/contrib/bind9/lib/dns/include/dns/lookup.h new file mode 100644 index 0000000..2be254c --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/lookup.h @@ -0,0 +1,138 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2000, 2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: lookup.h,v 1.5.206.1 2004/03/06 08:13:57 marka Exp $ */ + +#ifndef DNS_LOOKUP_H +#define DNS_LOOKUP_H 1 + +/***** + ***** Module Info + *****/ + +/* + * DNS Lookup + * + * The lookup module performs simple DNS lookups. It implements + * the full resolver algorithm, both looking for local data and + * resoving external names as necessary. + * + * MP: + * The module ensures appropriate synchronization of data structures it + * creates and manipulates. + * + * Reliability: + * No anticipated impact. + * + * Resources: + * <TBS> + * + * Security: + * No anticipated impact. + * + * Standards: + * RFCs: 1034, 1035, 2181, <TBS> + * Drafts: <TBS> + */ + +#include <isc/lang.h> +#include <isc/event.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +/* + * A 'dns_lookupevent_t' is returned when a lookup completes. + * The sender field will be set to the lookup that completed. If 'result' + * is ISC_R_SUCCESS, then 'names' will contain a list of names associated + * with the address. The recipient of the event must not change the list + * and must not refer to any of the name data after the event is freed. + */ +typedef struct dns_lookupevent { + ISC_EVENT_COMMON(struct dns_lookupevent); + isc_result_t result; + dns_name_t *name; + dns_rdataset_t *rdataset; + dns_rdataset_t *sigrdataset; + dns_db_t *db; + dns_dbnode_t *node; +} dns_lookupevent_t; + +isc_result_t +dns_lookup_create(isc_mem_t *mctx, dns_name_t *name, dns_rdatatype_t type, + dns_view_t *view, unsigned int options, isc_task_t *task, + isc_taskaction_t action, void *arg, dns_lookup_t **lookupp); +/* + * Finds the rrsets matching 'name' and 'type'. + * + * Requires: + * + * 'mctx' is a valid mctx. + * + * 'name' is a valid name. + * + * 'view' is a valid view which has a resolver. + * + * 'task' is a valid task. + * + * lookupp != NULL && *lookupp == NULL + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * + * Any resolver-related error (e.g. ISC_R_SHUTTINGDOWN) may also be + * returned. + */ + +void +dns_lookup_cancel(dns_lookup_t *lookup); +/* + * Cancel 'lookup'. + * + * Notes: + * + * If 'lookup' has not completed, post its LOOKUPDONE event with a + * result code of ISC_R_CANCELED. + * + * Requires: + * + * 'lookup' is a valid lookup. + */ + +void +dns_lookup_destroy(dns_lookup_t **lookupp); +/* + * Destroy 'lookup'. + * + * Requires: + * + * '*lookupp' is a valid lookup. + * + * The caller has received the LOOKUPDONE event (either because the + * lookup completed or because dns_lookup_cancel() was called). + * + * Ensures: + * + * *lookupp == NULL. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_LOOKUP_H */ diff --git a/contrib/bind9/lib/dns/include/dns/master.h b/contrib/bind9/lib/dns/include/dns/master.h new file mode 100644 index 0000000..0b861c6 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/master.h @@ -0,0 +1,214 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2002 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: master.h,v 1.31.2.3.2.7 2004/03/08 09:04:36 marka Exp $ */ + +#ifndef DNS_MASTER_H +#define DNS_MASTER_H 1 + +/*** + *** Imports + ***/ + +#include <stdio.h> + +#include <isc/lang.h> + +#include <dns/types.h> + +/* + * Flags to be passed in the 'options' argument in the functions below. + */ +#define DNS_MASTER_AGETTL 0x00000001 /* Age the ttl based on $DATE. */ +#define DNS_MASTER_MANYERRORS 0x00000002 /* Continue processing on errors. */ +#define DNS_MASTER_NOINCLUDE 0x00000004 /* Disallow $INCLUDE directives. */ +#define DNS_MASTER_ZONE 0x00000008 /* Loading a zone master file. */ +#define DNS_MASTER_HINT 0x00000010 /* Loading a hint master file. */ +#define DNS_MASTER_SLAVE 0x00000020 /* Loading a slave master file. */ +#define DNS_MASTER_CHECKNS 0x00000040 /* Check NS records to see if + * they are an address */ +#define DNS_MASTER_FATALNS 0x00000080 /* Treat DNS_MASTER_CHECKNS + * matches as fatal */ +#define DNS_MASTER_CHECKNAMES 0x00000100 +#define DNS_MASTER_CHECKNAMESFAIL 0x00000200 + +ISC_LANG_BEGINDECLS + +/*** + *** Function + ***/ + +isc_result_t +dns_master_loadfile(const char *master_file, + dns_name_t *top, + dns_name_t *origin, + dns_rdataclass_t zclass, + unsigned int options, + dns_rdatacallbacks_t *callbacks, + isc_mem_t *mctx); + +isc_result_t +dns_master_loadstream(FILE *stream, + dns_name_t *top, + dns_name_t *origin, + dns_rdataclass_t zclass, + unsigned int options, + dns_rdatacallbacks_t *callbacks, + isc_mem_t *mctx); + +isc_result_t +dns_master_loadbuffer(isc_buffer_t *buffer, + dns_name_t *top, + dns_name_t *origin, + dns_rdataclass_t zclass, + unsigned int options, + dns_rdatacallbacks_t *callbacks, + isc_mem_t *mctx); + +isc_result_t +dns_master_loadlexer(isc_lex_t *lex, + dns_name_t *top, + dns_name_t *origin, + dns_rdataclass_t zclass, + unsigned int options, + dns_rdatacallbacks_t *callbacks, + isc_mem_t *mctx); + +isc_result_t +dns_master_loadfileinc(const char *master_file, + dns_name_t *top, + dns_name_t *origin, + dns_rdataclass_t zclass, + unsigned int options, + dns_rdatacallbacks_t *callbacks, + isc_task_t *task, + dns_loaddonefunc_t done, void *done_arg, + dns_loadctx_t **ctxp, isc_mem_t *mctx); + +isc_result_t +dns_master_loadstreaminc(FILE *stream, + dns_name_t *top, + dns_name_t *origin, + dns_rdataclass_t zclass, + unsigned int options, + dns_rdatacallbacks_t *callbacks, + isc_task_t *task, + dns_loaddonefunc_t done, void *done_arg, + dns_loadctx_t **ctxp, isc_mem_t *mctx); + +isc_result_t +dns_master_loadbufferinc(isc_buffer_t *buffer, + dns_name_t *top, + dns_name_t *origin, + dns_rdataclass_t zclass, + unsigned int options, + dns_rdatacallbacks_t *callbacks, + isc_task_t *task, + dns_loaddonefunc_t done, void *done_arg, + dns_loadctx_t **ctxp, isc_mem_t *mctx); + +isc_result_t +dns_master_loadlexerinc(isc_lex_t *lex, + dns_name_t *top, + dns_name_t *origin, + dns_rdataclass_t zclass, + unsigned int options, + dns_rdatacallbacks_t *callbacks, + isc_task_t *task, + dns_loaddonefunc_t done, void *done_arg, + dns_loadctx_t **ctxp, isc_mem_t *mctx); + +/* + * Loads a RFC 1305 master file from a file, stream, buffer, or existing + * lexer into rdatasets and then calls 'callbacks->commit' to commit the + * rdatasets. Rdata memory belongs to dns_master_load and will be + * reused / released when the callback completes. dns_load_master will + * abort if callbacks->commit returns any value other than ISC_R_SUCCESS. + * + * If 'DNS_MASTER_AGETTL' is set and the master file contains one or more + * $DATE directives, the TTLs of the data will be aged accordingly. + * + * 'callbacks->commit' is assumed to call 'callbacks->error' or + * 'callbacks->warn' to generate any error messages required. + * + * 'done' is called with 'done_arg' and a result code when the loading + * is completed or has failed. If the initial setup fails 'done' is + * not called. + * + * Requires: + * 'master_file' points to a valid string. + * 'lexer' points to a valid lexer. + * 'top' points to a valid name. + * 'origin' points to a valid name. + * 'callbacks->commit' points to a valid function. + * 'callbacks->error' points to a valid function. + * 'callbacks->warn' points to a valid function. + * 'mctx' points to a valid memory context. + * 'task' and 'done' to be valid. + * 'lmgr' to be valid. + * 'ctxp != NULL && ctxp == NULL'. + * + * Returns: + * ISC_R_SUCCESS upon successfully loading the master file. + * ISC_R_SEENINCLUDE upon successfully loading the master file with + * a $INCLUDE statement. + * ISC_R_NOMEMORY out of memory. + * ISC_R_UNEXPECTEDEND expected to be able to read a input token and + * there was not one. + * ISC_R_UNEXPECTED + * DNS_R_NOOWNER failed to specify a ownername. + * DNS_R_NOTTL failed to specify a ttl. + * DNS_R_BADCLASS record class did not match zone class. + * DNS_R_CONTINUE load still in progress (dns_master_load*inc() only). + * Any dns_rdata_fromtext() error code. + * Any error code from callbacks->commit(). + */ + +void +dns_loadctx_detach(dns_loadctx_t **ctxp); +/* + * Detach from the load context. + * + * Requires: + * '*ctxp' to be valid. + * + * Ensures: + * '*ctxp == NULL' + */ + +void +dns_loadctx_attach(dns_loadctx_t *source, dns_loadctx_t **target); +/* + * Attach to the load context. + * + * Requires: + * 'source' to be valid. + * 'target != NULL && *target == NULL'. + */ + +void +dns_loadctx_cancel(dns_loadctx_t *ctx); +/* + * Cancel loading the zone file associated with this load context. + * + * Requires: + * 'ctx' to be valid + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_MASTER_H */ diff --git a/contrib/bind9/lib/dns/include/dns/masterdump.h b/contrib/bind9/lib/dns/include/dns/masterdump.h new file mode 100644 index 0000000..5058945 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/masterdump.h @@ -0,0 +1,303 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2002 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: masterdump.h,v 1.22.12.8 2004/03/19 05:00:49 marka Exp $ */ + +#ifndef DNS_MASTERDUMP_H +#define DNS_MASTERDUMP_H 1 + +/*** + *** Imports + ***/ + +#include <stdio.h> + +#include <isc/lang.h> + +#include <dns/types.h> + +/*** + *** Types + ***/ + +typedef struct dns_master_style dns_master_style_t; + +/*** + *** Definitions + ***/ + +/* + * Flags affecting master file formatting. Flags 0x0000FFFF + * define the formatting of the rdata part and are defined in + * rdata.h. + */ + +/* Omit the owner name when possible. */ +#define DNS_STYLEFLAG_OMIT_OWNER 0x00010000U + +/* + * Omit the TTL when possible. If DNS_STYLEFLAG_TTL is + * also set, this means no TTLs are ever printed + * because $TTL directives are generated before every + * change in the TTL. In this case, no columns need to + * be reserved for the TTL. Master files generated with + * these options will be rejected by BIND 4.x because it + * does not recognize the $TTL directive. + * + * If DNS_STYLEFLAG_TTL is not also set, the TTL will be + * omitted when it is equal to the previous TTL. + * This is correct according to RFC1035, but the + * TTLs may be silently misinterpreted by older + * versions of BIND which use the SOA MINTTL as a + * default TTL value. + */ +#define DNS_STYLEFLAG_OMIT_TTL 0x00020000U + +/* Omit the class when possible. */ +#define DNS_STYLEFLAG_OMIT_CLASS 0x00040000U + +/* Output $TTL directives. */ +#define DNS_STYLEFLAG_TTL 0x00080000U + +/* + * Output $ORIGIN directives and print owner names relative to + * the origin when possible. + */ +#define DNS_STYLEFLAG_REL_OWNER 0x00100000U + +/* Print domain names in RR data in relative form when possible. + For this to take effect, DNS_STYLEFLAG_REL_OWNER must also be set. */ +#define DNS_STYLEFLAG_REL_DATA 0x00200000U + +/* Print the trust level of each rdataset. */ +#define DNS_STYLEFLAG_TRUST 0x00400000U + +/* Print negative caching entries. */ +#define DNS_STYLEFLAG_NCACHE 0x00800000U + +/* Never print the TTL */ +#define DNS_STYLEFLAG_NO_TTL 0x01000000U + +/* Never print the CLASS */ +#define DNS_STYLEFLAG_NO_CLASS 0x02000000U + +ISC_LANG_BEGINDECLS + +/*** + *** Constants + ***/ + +/* + * The default master file style. + * + * This uses $TTL directives to avoid the need to dedicate a + * tab stop for the TTL. The class is only printed for the first + * rrset in the file and shares a tab stop with the RR type. + */ +LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_default; + +/* + * A master file style that dumps zones to a very generic format easily + * imported/checked with external tools. + */ +LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_full; + +/* + * A master file style that prints explicit TTL values on each + * record line, never using $TTL statements. The TTL has a tab + * stop of its own, but the class and type share one. + */ +LIBDNS_EXTERNAL_DATA extern const dns_master_style_t + dns_master_style_explicitttl; + +/* + * A master style format designed for cache files. It prints explicit TTL + * values on each record line and never uses $ORIGIN or relative names. + */ +LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_cache; + +/* + * A master style that prints name, ttl, class, type, and value on + * every line. Similar to explicitttl above, but more verbose. + * Intended for generating master files which can be easily parsed + * by perl scripts and similar applications. + */ +LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_simple; + +/* + * The style used for debugging, "dig" output, etc. + */ +LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_debug; + +/*** + *** Functions + ***/ + +void +dns_dumpctx_attach(dns_dumpctx_t *source, dns_dumpctx_t **target); +/* + * Attach to a dump context. + * + * Require: + * 'source' to be valid. + * 'target' to be non NULL and '*target' to be NULL. + */ + +void +dns_dumpctx_detach(dns_dumpctx_t **dctxp); +/* + * Detach from a dump context. + * + * Require: + * 'dctxp' to point to a valid dump context. + * + * Ensures: + * '*dctxp' is NULL. + */ + +void +dns_dumpctx_cancel(dns_dumpctx_t *dctx); +/* + * Cancel a in progress dump. + * + * Require: + * 'dctx' to be valid. + */ + +dns_dbversion_t * +dns_dumpctx_version(dns_dumpctx_t *dctx); +/* + * Return the version handle (if any) of the database being dumped. + * + * Require: + * 'dctx' to be valid. + */ + +dns_db_t * +dns_dumpctx_db(dns_dumpctx_t *dctx); +/* + * Return the database being dumped. + * + * Require: + * 'dctx' to be valid. + */ + + +isc_result_t +dns_master_dumptostreaminc(isc_mem_t *mctx, dns_db_t *db, + dns_dbversion_t *version, + const dns_master_style_t *style, FILE *f, + isc_task_t *task, dns_dumpdonefunc_t done, + void *done_arg, dns_dumpctx_t **dctxp); + +isc_result_t +dns_master_dumptostream(isc_mem_t *mctx, dns_db_t *db, + dns_dbversion_t *version, + const dns_master_style_t *style, FILE *f); +/* + * Dump the database 'db' to the steam 'f' in RFC1035 master + * file format, in the style defined by 'style' + * (e.g., &dns_default_master_style_default) + * + * Temporary dynamic memory may be allocated from 'mctx'. + * + * Require: + * 'task' to be valid. + * 'done' to be non NULL. + * 'dctxp' to be non NULL && '*dctxp' to be NULL. + * + * Returns: + * ISC_R_SUCCESS + * DNS_R_CONTINUE dns_master_dumptostreaminc() only. + * ISC_R_NOMEMORY + * Any database or rrset iterator error. + * Any dns_rdata_totext() error code. + */ + +isc_result_t +dns_master_dumpinc(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *version, + const dns_master_style_t *style, const char *filename, + isc_task_t *task, dns_dumpdonefunc_t done, void *done_arg, + dns_dumpctx_t **dctxp); + +isc_result_t +dns_master_dump(isc_mem_t *mctx, dns_db_t *db, + dns_dbversion_t *version, + const dns_master_style_t *style, const char *filename); +/* + * Dump the database 'db' to the file 'filename' in RFC1035 master + * file format, in the style defined by 'style' + * (e.g., &dns_default_master_style_default) + * + * Temporary dynamic memory may be allocated from 'mctx'. + * + * Returns: + * ISC_R_SUCCESS + * DNS_R_CONTINUE dns_master_dumpinc() only. + * ISC_R_NOMEMORY + * Any database or rrset iterator error. + * Any dns_rdata_totext() error code. + */ + +isc_result_t +dns_master_rdatasettotext(dns_name_t *owner_name, + dns_rdataset_t *rdataset, + const dns_master_style_t *style, + isc_buffer_t *target); +/* + * Convert 'rdataset' to text format, storing the result in 'target'. + * + * Notes: + * The rdata cursor position will be changed. + * + * Requires: + * 'rdataset' is a valid non-question rdataset. + * + * 'rdataset' is not empty. + */ + +isc_result_t +dns_master_questiontotext(dns_name_t *owner_name, + dns_rdataset_t *rdataset, + const dns_master_style_t *style, + isc_buffer_t *target); + +isc_result_t +dns_master_dumpnodetostream(isc_mem_t *mctx, dns_db_t *db, + dns_dbversion_t *version, + dns_dbnode_t *node, dns_name_t *name, + const dns_master_style_t *style, + FILE *f); + +isc_result_t +dns_master_dumpnode(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *version, + dns_dbnode_t *node, dns_name_t *name, + const dns_master_style_t *style, const char *filename); + +isc_result_t +dns_master_stylecreate(dns_master_style_t **style, unsigned int flags, + unsigned int ttl_column, unsigned int class_column, + unsigned int type_column, unsigned int rdata_column, + unsigned int line_length, unsigned int tab_width, + isc_mem_t *mctx); + +void +dns_master_styledestroy(dns_master_style_t **style, isc_mem_t *mctx); + +ISC_LANG_ENDDECLS + +#endif /* DNS_MASTERDUMP_H */ diff --git a/contrib/bind9/lib/dns/include/dns/message.h b/contrib/bind9/lib/dns/include/dns/message.h new file mode 100644 index 0000000..c827322 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/message.h @@ -0,0 +1,1297 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: message.h,v 1.100.2.3.8.7 2004/03/08 02:08:00 marka Exp $ */ + +#ifndef DNS_MESSAGE_H +#define DNS_MESSAGE_H 1 + +/*** + *** Imports + ***/ + +#include <isc/lang.h> +#include <isc/magic.h> + +#include <dns/compress.h> +#include <dns/masterdump.h> +#include <dns/types.h> + +#include <dst/dst.h> + +/* + * How this beast works: + * + * When a dns message is received in a buffer, dns_message_fromwire() is called + * on the memory region. Various items are checked including the format + * of the message (if counts are right, if counts consume the entire sections, + * and if sections consume the entire message) and known pseudo-RRs in the + * additional data section are analyzed and removed. + * + * TSIG checking is also done at this layer, and any DNSSEC transaction + * signatures should also be checked here. + * + * Notes on using the gettemp*() and puttemp*() functions: + * + * These functions return items (names, rdatasets, etc) allocated from some + * internal state of the dns_message_t. + * + * Names and rdatasets must be put back into the dns_message_t in + * one of two ways. Assume a name was allocated via + * dns_message_gettempname(): + * + * (1) insert it into a section, using dns_message_addname(). + * + * (2) return it to the message using dns_message_puttempname(). + * + * The same applies to rdatasets. + * + * On the other hand, offsets, rdatalists and rdatas allocated using + * dns_message_gettemp*() will always be freed automatically + * when the message is reset or destroyed; calling dns_message_puttemp*() + * on rdatalists and rdatas is optional and serves only to enable the item + * to be reused multiple times during the lifetime of the message; offsets + * cannot be reused. + * + * Buffers allocated using isc_buffer_allocate() can be automatically freed + * as well by giving the buffer to the message using dns_message_takebuffer(). + * Doing this will cause the buffer to be freed using isc_buffer_free() + * when the section lists are cleared, such as in a reset or in a destroy. + * Since the buffer itself exists until the message is destroyed, this sort + * of code can be written: + * + * buffer = isc_buffer_allocate(mctx, 512); + * name = NULL; + * name = dns_message_gettempname(message, &name); + * dns_name_init(name, NULL); + * result = dns_name_fromtext(name, &source, dns_rootname, ISC_FALSE, + * buffer); + * dns_message_takebuffer(message, &buffer); + * + * + * TODO: + * + * XXX Needed: ways to set and retrieve EDNS information, add rdata to a + * section, move rdata from one section to another, remove rdata, etc. + */ + +#define DNS_MESSAGEFLAG_QR 0x8000U +#define DNS_MESSAGEFLAG_AA 0x0400U +#define DNS_MESSAGEFLAG_TC 0x0200U +#define DNS_MESSAGEFLAG_RD 0x0100U +#define DNS_MESSAGEFLAG_RA 0x0080U +#define DNS_MESSAGEFLAG_AD 0x0020U +#define DNS_MESSAGEFLAG_CD 0x0010U + +#define DNS_MESSAGEEXTFLAG_DO 0x8000U + +#define DNS_MESSAGE_REPLYPRESERVE (DNS_MESSAGEFLAG_RD|DNS_MESSAGEFLAG_CD) +#define DNS_MESSAGEEXTFLAG_REPLYPRESERVE (DNS_MESSAGEEXTFLAG_DO) + +#define DNS_MESSAGE_HEADERLEN 12 /* 6 isc_uint16_t's */ + +#define DNS_MESSAGE_MAGIC ISC_MAGIC('M','S','G','@') +#define DNS_MESSAGE_VALID(msg) ISC_MAGIC_VALID(msg, DNS_MESSAGE_MAGIC) + +/* + * Ordering here matters. DNS_SECTION_ANY must be the lowest and negative, + * and DNS_SECTION_MAX must be one greater than the last used section. + */ +typedef int dns_section_t; +#define DNS_SECTION_ANY (-1) +#define DNS_SECTION_QUESTION 0 +#define DNS_SECTION_ANSWER 1 +#define DNS_SECTION_AUTHORITY 2 +#define DNS_SECTION_ADDITIONAL 3 +#define DNS_SECTION_MAX 4 + +typedef int dns_pseudosection_t; +#define DNS_PSEUDOSECTION_ANY (-1) +#define DNS_PSEUDOSECTION_OPT 0 +#define DNS_PSEUDOSECTION_TSIG 1 +#define DNS_PSEUDOSECTION_SIG0 2 +#define DNS_PSEUDOSECTION_MAX 3 + +typedef int dns_messagetextflag_t; +#define DNS_MESSAGETEXTFLAG_NOCOMMENTS 0x0001 +#define DNS_MESSAGETEXTFLAG_NOHEADERS 0x0002 + +/* + * Dynamic update names for these sections. + */ +#define DNS_SECTION_ZONE DNS_SECTION_QUESTION +#define DNS_SECTION_PREREQUISITE DNS_SECTION_ANSWER +#define DNS_SECTION_UPDATE DNS_SECTION_AUTHORITY + +/* + * These tell the message library how the created dns_message_t will be used. + */ +#define DNS_MESSAGE_INTENTUNKNOWN 0 /* internal use only */ +#define DNS_MESSAGE_INTENTPARSE 1 /* parsing messages */ +#define DNS_MESSAGE_INTENTRENDER 2 /* rendering */ + +/* + * Control behavior of parsing + */ +#define DNS_MESSAGEPARSE_PRESERVEORDER 0x0001 /* preserve rdata order */ +#define DNS_MESSAGEPARSE_BESTEFFORT 0x0002 /* return a message if a + recoverable parse error + occurs */ +#define DNS_MESSAGEPARSE_CLONEBUFFER 0x0004 /* save a copy of the + source buffer */ +#define DNS_MESSAGEPARSE_IGNORETRUNCATION 0x0008 /* trucation errors are + * not fatal. */ + +/* + * Control behavior of rendering + */ +#define DNS_MESSAGERENDER_ORDERED 0x0001 /* don't change order */ +#define DNS_MESSAGERENDER_PARTIAL 0x0002 /* allow a partial rdataset */ +#define DNS_MESSAGERENDER_OMITDNSSEC 0x0004 /* omit DNSSEC records */ +#define DNS_MESSAGERENDER_PREFER_A 0x0008 /* prefer A records in + * additional section. */ +#define DNS_MESSAGERENDER_PREFER_AAAA 0x0010 /* prefer AAAA records in + * additional section. */ + +typedef struct dns_msgblock dns_msgblock_t; + +struct dns_message { + /* public from here down */ + unsigned int magic; + + dns_messageid_t id; + unsigned int flags; + dns_rcode_t rcode; + unsigned int opcode; + dns_rdataclass_t rdclass; + + /* 4 real, 1 pseudo */ + unsigned int counts[DNS_SECTION_MAX]; + + /* private from here down */ + dns_namelist_t sections[DNS_SECTION_MAX]; + dns_name_t *cursors[DNS_SECTION_MAX]; + dns_rdataset_t *opt; + dns_rdataset_t *sig0; + dns_rdataset_t *tsig; + + int state; + unsigned int from_to_wire : 2; + unsigned int header_ok : 1; + unsigned int question_ok : 1; + unsigned int tcp_continuation : 1; + unsigned int verified_sig : 1; + unsigned int verify_attempted : 1; + unsigned int free_query : 1; + unsigned int free_saved : 1; + + unsigned int opt_reserved; + unsigned int sig_reserved; + unsigned int reserved; /* reserved space (render) */ + + isc_buffer_t *buffer; + dns_compress_t *cctx; + + isc_mem_t *mctx; + isc_mempool_t *namepool; + isc_mempool_t *rdspool; + + isc_bufferlist_t scratchpad; + isc_bufferlist_t cleanup; + + ISC_LIST(dns_msgblock_t) rdatas; + ISC_LIST(dns_msgblock_t) rdatalists; + ISC_LIST(dns_msgblock_t) offsets; + + ISC_LIST(dns_rdata_t) freerdata; + ISC_LIST(dns_rdatalist_t) freerdatalist; + + dns_rcode_t tsigstatus; + dns_rcode_t querytsigstatus; + dns_name_t *tsigname; /* Owner name of TSIG, if any */ + dns_rdataset_t *querytsig; + dns_tsigkey_t *tsigkey; + dst_context_t *tsigctx; + int sigstart; + int timeadjust; + + dns_name_t *sig0name; /* Owner name of SIG0, if any */ + dst_key_t *sig0key; + dns_rcode_t sig0status; + isc_region_t query; + isc_region_t saved; + + dns_rdatasetorderfunc_t order; + void * order_arg; +}; + +/*** + *** Functions + ***/ + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_message_create(isc_mem_t *mctx, unsigned int intent, dns_message_t **msgp); + +/* + * Create msg structure. + * + * This function will allocate some internal blocks of memory that are + * expected to be needed for parsing or rendering nearly any type of message. + * + * Requires: + * 'mctx' be a valid memory context. + * + * 'msgp' be non-null and '*msg' be NULL. + * + * 'intent' must be one of DNS_MESSAGE_INTENTPARSE or + * DNS_MESSAGE_INTENTRENDER. + * + * Ensures: + * The data in "*msg" is set to indicate an unused and empty msg + * structure. + * + * Returns: + * ISC_R_NOMEMORY -- out of memory + * ISC_R_SUCCESS -- success + */ + +void +dns_message_reset(dns_message_t *msg, unsigned int intent); +/* + * Reset a message structure to default state. All internal lists are freed + * or reset to a default state as well. This is simply a more efficient + * way to call dns_message_destroy() followed by dns_message_allocate(), + * since it avoid many memory allocations. + * + * If any data loanouts (buffers, names, rdatas, etc) were requested, + * the caller must no longer use them after this call. + * + * The intended next use of the message will be 'intent'. + * + * Requires: + * + * 'msg' be valid. + * + * 'intent' is DNS_MESSAGE_INTENTPARSE or DNS_MESSAGE_INTENTRENDER + */ + +void +dns_message_destroy(dns_message_t **msgp); +/* + * Destroy all state in the message. + * + * Requires: + * + * 'msgp' be valid. + * + * Ensures: + * '*msgp' == NULL + */ + +isc_result_t +dns_message_sectiontotext(dns_message_t *msg, dns_section_t section, + const dns_master_style_t *style, + dns_messagetextflag_t flags, + isc_buffer_t *target); + +isc_result_t +dns_message_pseudosectiontotext(dns_message_t *msg, + dns_pseudosection_t section, + const dns_master_style_t *style, + dns_messagetextflag_t flags, + isc_buffer_t *target); +/* + * Convert section 'section' or 'pseudosection' of message 'msg' to + * a cleartext representation + * + * Notes: + * See dns_message_totext for meanings of flags. + * + * Requires: + * + * 'msg' is a valid message. + * + * 'style' is a valid master dump style. + * + * 'target' is a valid buffer. + * + * 'section' is a valid section label. + * + * Ensures: + * + * If the result is success: + * + * The used space in 'target' is updated. + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOSPACE + * ISC_R_NOMORE + * + * Note: On error return, *target may be partially filled with data. +*/ + +isc_result_t +dns_message_totext(dns_message_t *msg, const dns_master_style_t *style, + dns_messagetextflag_t flags, isc_buffer_t *target); +/* + * Convert all sections of message 'msg' to a cleartext representation + * + * Notes: + * In flags, If DNS_MESSAGETEXTFLAG_OMITDOT is set, then the + * final '.' in absolute names will not be emitted. If + * DNS_MESSAGETEXTFLAG_NOCOMMENTS is cleared, lines beginning + * with ";;" will be emitted indicating section name. If + * DNS_MESSAGETEXTFLAG_NOHEADERS is cleared, header lines will + * be emitted. + * + * Requires: + * + * 'msg' is a valid message. + * + * 'style' is a valid master dump style. + * + * 'target' is a valid buffer. + * + * Ensures: + * + * If the result is success: + * + * The used space in 'target' is updated. + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOSPACE + * ISC_R_NOMORE + * + * Note: On error return, *target may be partially filled with data. + */ + +isc_result_t +dns_message_parse(dns_message_t *msg, isc_buffer_t *source, + unsigned int options); +/* + * Parse raw wire data in 'source' as a DNS message. + * + * OPT records are detected and stored in the pseudo-section "opt". + * TSIGs are detected and stored in the pseudo-section "tsig". + * + * If DNS_MESSAGEPARSE_PRESERVEORDER is set, or if the opcode of the message + * is UPDATE, a separate dns_name_t object will be created for each RR in the + * message. Each such dns_name_t will have a single rdataset containing the + * single RR, and the order of the RRs in the message is preserved. + * Otherwise, only one dns_name_t object will be created for each unique + * owner name in the section, and each such dns_name_t will have a list + * of rdatasets. To access the names and their data, use + * dns_message_firstname() and dns_message_nextname(). + * + * If DNS_MESSAGEPARSE_BESTEFFORT is set, errors in message content will + * not be considered FORMERRs. If the entire message can be parsed, it + * will be returned and DNS_R_RECOVERABLE will be returned. + * + * If DNS_MESSAGEPARSE_IGNORETRUNCATION is set then return as many complete + * RR's as possible, DNS_R_RECOVERABLE will be returned. + * + * OPT and TSIG records are always handled specially, regardless of the + * 'preserve_order' setting. + * + * Requires: + * "msg" be valid. + * + * "buffer" be a wire format buffer. + * + * Ensures: + * The buffer's data format is correct. + * + * The buffer's contents verify as correct regarding header bits, buffer + * and rdata sizes, etc. + * + * Returns: + * ISC_R_SUCCESS -- all is well + * ISC_R_NOMEMORY -- no memory + * DNS_R_RECOVERABLE -- the message parsed properly, but contained + * errors. + * Many other errors possible XXXMLG + */ + +isc_result_t +dns_message_renderbegin(dns_message_t *msg, dns_compress_t *cctx, + isc_buffer_t *buffer); +/* + * Begin rendering on a message. Only one call can be made to this function + * per message. + * + * The compression context is "owned" by the message library until + * dns_message_renderend() is called. It must be invalidated by the caller. + * + * The buffer is "owned" by the message library until dns_message_renderend() + * is called. + * + * Requires: + * + * 'msg' be valid. + * + * 'cctx' be valid. + * + * 'buffer' is a valid buffer. + * + * Side Effects: + * + * The buffer is cleared before it is used. + * + * Returns: + * ISC_R_SUCCESS -- all is well + * ISC_R_NOSPACE -- output buffer is too small + */ + +isc_result_t +dns_message_renderchangebuffer(dns_message_t *msg, isc_buffer_t *buffer); +/* + * Reset the buffer. This can be used after growing the old buffer + * on a ISC_R_NOSPACE return from most of the render functions. + * + * On successful completion, the old buffer is no longer used by the + * library. The new buffer is owned by the library until + * dns_message_renderend() is called. + * + * Requires: + * + * 'msg' be valid. + * + * dns_message_renderbegin() was called. + * + * buffer != NULL. + * + * Returns: + * ISC_R_NOSPACE -- new buffer is too small + * ISC_R_SUCCESS -- all is well. + */ + +isc_result_t +dns_message_renderreserve(dns_message_t *msg, unsigned int space); +/* + * XXXMLG should use size_t rather than unsigned int once the buffer + * API is cleaned up + * + * Reserve "space" bytes in the given buffer. + * + * Requires: + * + * 'msg' be valid. + * + * dns_message_renderbegin() was called. + * + * Returns: + * ISC_R_SUCCESS -- all is well. + * ISC_R_NOSPACE -- not enough free space in the buffer. + */ + +void +dns_message_renderrelease(dns_message_t *msg, unsigned int space); +/* + * XXXMLG should use size_t rather than unsigned int once the buffer + * API is cleaned up + * + * Release "space" bytes in the given buffer that was previously reserved. + * + * Requires: + * + * 'msg' be valid. + * + * 'space' is less than or equal to the total amount of space reserved + * via prior calls to dns_message_renderreserve(). + * + * dns_message_renderbegin() was called. + */ + +isc_result_t +dns_message_rendersection(dns_message_t *msg, dns_section_t section, + unsigned int options); +/* + * Render all names, rdatalists, etc from the given section at the + * specified priority or higher. + * + * Requires: + * 'msg' be valid. + * + * 'section' be a valid section. + * + * dns_message_renderbegin() was called. + * + * Returns: + * ISC_R_SUCCESS -- all records were written, and there are + * no more records for this section. + * ISC_R_NOSPACE -- Not enough room in the buffer to write + * all records requested. + * DNS_R_MOREDATA -- All requested records written, and there + * are records remaining for this section. + */ + +void +dns_message_renderheader(dns_message_t *msg, isc_buffer_t *target); +/* + * Render the message header. This is implicitly called by + * dns_message_renderend(). + * + * Requires: + * + * 'msg' be a valid message. + * + * dns_message_renderbegin() was called. + * + * 'target' is a valid buffer with enough space to hold a message header + */ + +isc_result_t +dns_message_renderend(dns_message_t *msg); +/* + * Finish rendering to the buffer. Note that more data can be in the + * 'msg' structure. Destroying the structure will free this, or in a multi- + * part EDNS1 message this data can be rendered to another buffer later. + * + * Requires: + * + * 'msg' be a valid message. + * + * dns_message_renderbegin() was called. + * + * Returns: + * ISC_R_SUCCESS -- all is well. + */ + +void +dns_message_renderreset(dns_message_t *msg); +/* + * Reset the message so that it may be rendered again. + * + * Notes: + * + * If dns_message_renderbegin() has been called, dns_message_renderend() + * must be called before calling this function. + * + * Requires: + * + * 'msg' be a valid message with rendering intent. + */ + +isc_result_t +dns_message_firstname(dns_message_t *msg, dns_section_t section); +/* + * Set internal per-section name pointer to the beginning of the section. + * + * The functions dns_message_firstname() and dns_message_nextname() may + * be used for iterating over the owner names in a section. + * + * Requires: + * + * 'msg' be valid. + * + * 'section' be a valid section. + * + * Returns: + * ISC_R_SUCCESS -- All is well. + * ISC_R_NOMORE -- No names on given section. + */ + +isc_result_t +dns_message_nextname(dns_message_t *msg, dns_section_t section); +/* + * Sets the internal per-section name pointer to point to the next name + * in that section. + * + * Requires: + * + * 'msg' be valid. + * + * 'section' be a valid section. + * + * dns_message_firstname() must have been called on this section, + * and the result was ISC_R_SUCCESS. + * + * Returns: + * ISC_R_SUCCESS -- All is well. + * ISC_R_NOMORE -- No more names in given section. + */ + +void +dns_message_currentname(dns_message_t *msg, dns_section_t section, + dns_name_t **name); +/* + * Sets 'name' to point to the name where the per-section internal name + * pointer is currently set. + * + * This function returns the name in the database, so any data associated + * with it (via the name's "list" member) contains the actual rdatasets. + * + * Requires: + * + * 'msg' be valid. + * + * 'name' be non-NULL, and *name be NULL. + * + * 'section' be a valid section. + * + * dns_message_firstname() must have been called on this section, + * and the result of it and any dns_message_nextname() calls was + * ISC_R_SUCCESS. + */ + +isc_result_t +dns_message_findname(dns_message_t *msg, dns_section_t section, + dns_name_t *target, dns_rdatatype_t type, + dns_rdatatype_t covers, dns_name_t **foundname, + dns_rdataset_t **rdataset); +/* + * Search for a name in the specified section. If it is found, *name is + * set to point to the name, and *rdataset is set to point to the found + * rdataset (if type is specified as other than dns_rdatatype_any). + * + * Requires: + * 'msg' be valid. + * + * 'section' be a valid section. + * + * If a pointer to the name is desired, 'foundname' should be non-NULL. + * If it is non-NULL, '*foundname' MUST be NULL. + * + * If a type other than dns_datatype_any is searched for, 'rdataset' + * may be non-NULL, '*rdataset' be NULL, and will point at the found + * rdataset. If the type is dns_datatype_any, 'rdataset' must be NULL. + * + * 'target' be a valid name. + * + * 'type' be a valid type. + * + * If 'type' is dns_rdatatype_rrsig, 'covers' must be a valid type. + * Otherwise it should be 0. + * + * Returns: + * ISC_R_SUCCESS -- all is well. + * DNS_R_NXDOMAIN -- name does not exist in that section. + * DNS_R_NXRRSET -- The name does exist, but the desired + * type does not. + */ + +isc_result_t +dns_message_findtype(dns_name_t *name, dns_rdatatype_t type, + dns_rdatatype_t covers, dns_rdataset_t **rdataset); +/* + * Search the name for the specified type. If it is found, *rdataset is + * filled in with a pointer to that rdataset. + * + * Requires: + * if '**rdataset' is non-NULL, *rdataset needs to be NULL. + * + * 'type' be a valid type, and NOT dns_rdatatype_any. + * + * If 'type' is dns_rdatatype_rrsig, 'covers' must be a valid type. + * Otherwise it should be 0. + * + * Returns: + * ISC_R_SUCCESS -- all is well. + * ISC_R_NOTFOUND -- the desired type does not exist. + */ + +void +dns_message_movename(dns_message_t *msg, dns_name_t *name, + dns_section_t fromsection, + dns_section_t tosection); +/* + * Move a name from one section to another. + * + * Requires: + * + * 'msg' be valid. + * + * 'name' must be a name already in 'fromsection'. + * + * 'fromsection' must be a valid section. + * + * 'tosection' must be a valid section. + */ + +void +dns_message_addname(dns_message_t *msg, dns_name_t *name, + dns_section_t section); +/* + * Adds the name to the given section. + * + * It is the caller's responsibility to enforce any unique name requirements + * in a section. + * + * Requires: + * + * 'msg' be valid, and be a renderable message. + * + * 'name' be a valid absolute name. + * + * 'section' be a named section. + */ + +/* + * LOANOUT FUNCTIONS + * + * Each of these functions loan a particular type of data to the caller. + * The storage for these will vanish when the message is destroyed or + * reset, and must NOT be used after these operations. + */ + +isc_result_t +dns_message_gettempname(dns_message_t *msg, dns_name_t **item); +/* + * Return a name that can be used for any temporary purpose, including + * inserting into the message's linked lists. The name must be returned + * to the message code using dns_message_puttempname() or inserted into + * one of the message's sections before the message is destroyed. + * + * It is the caller's responsibility to initialize this name. + * + * Requires: + * msg be a valid message + * + * item != NULL && *item == NULL + * + * Returns: + * ISC_R_SUCCESS -- All is well. + * ISC_R_NOMEMORY -- No item can be allocated. + */ + +isc_result_t +dns_message_gettempoffsets(dns_message_t *msg, dns_offsets_t **item); +/* + * Return an offsets array that can be used for any temporary purpose, + * such as attaching to a temporary name. The offsets will be freed + * when the message is destroyed or reset. + * + * Requires: + * msg be a valid message + * + * item != NULL && *item == NULL + * + * Returns: + * ISC_R_SUCCESS -- All is well. + * ISC_R_NOMEMORY -- No item can be allocated. + */ + +isc_result_t +dns_message_gettemprdata(dns_message_t *msg, dns_rdata_t **item); +/* + * Return a rdata that can be used for any temporary purpose, including + * inserting into the message's linked lists. The rdata will be freed + * when the message is destroyed or reset. + * + * Requires: + * msg be a valid message + * + * item != NULL && *item == NULL + * + * Returns: + * ISC_R_SUCCESS -- All is well. + * ISC_R_NOMEMORY -- No item can be allocated. + */ + +isc_result_t +dns_message_gettemprdataset(dns_message_t *msg, dns_rdataset_t **item); +/* + * Return a rdataset that can be used for any temporary purpose, including + * inserting into the message's linked lists. The name must be returned + * to the message code using dns_message_puttempname() or inserted into + * one of the message's sections before the message is destroyed. + * + * Requires: + * msg be a valid message + * + * item != NULL && *item == NULL + * + * Returns: + * ISC_R_SUCCESS -- All is well. + * ISC_R_NOMEMORY -- No item can be allocated. + */ + +isc_result_t +dns_message_gettemprdatalist(dns_message_t *msg, dns_rdatalist_t **item); +/* + * Return a rdatalist that can be used for any temporary purpose, including + * inserting into the message's linked lists. The rdatalist will be + * destroyed when the message is destroyed or reset. + * + * Requires: + * msg be a valid message + * + * item != NULL && *item == NULL + * + * Returns: + * ISC_R_SUCCESS -- All is well. + * ISC_R_NOMEMORY -- No item can be allocated. + */ + +void +dns_message_puttempname(dns_message_t *msg, dns_name_t **item); +/* + * Return a borrowed name to the message's name free list. + * + * Requires: + * msg be a valid message + * + * item != NULL && *item point to a name returned by + * dns_message_gettempname() + * + * Ensures: + * *item == NULL + */ + +void +dns_message_puttemprdata(dns_message_t *msg, dns_rdata_t **item); +/* + * Return a borrowed rdata to the message's rdata free list. + * + * Requires: + * msg be a valid message + * + * item != NULL && *item point to a rdata returned by + * dns_message_gettemprdata() + * + * Ensures: + * *item == NULL + */ + +void +dns_message_puttemprdataset(dns_message_t *msg, dns_rdataset_t **item); +/* + * Return a borrowed rdataset to the message's rdataset free list. + * + * Requires: + * msg be a valid message + * + * item != NULL && *item point to a rdataset returned by + * dns_message_gettemprdataset() + * + * Ensures: + * *item == NULL + */ + +void +dns_message_puttemprdatalist(dns_message_t *msg, dns_rdatalist_t **item); +/* + * Return a borrowed rdatalist to the message's rdatalist free list. + * + * Requires: + * msg be a valid message + * + * item != NULL && *item point to a rdatalist returned by + * dns_message_gettemprdatalist() + * + * Ensures: + * *item == NULL + */ + +isc_result_t +dns_message_peekheader(isc_buffer_t *source, dns_messageid_t *idp, + unsigned int *flagsp); +/* + * Assume the remaining region of "source" is a DNS message. Peek into + * it and fill in "*idp" with the message id, and "*flagsp" with the flags. + * + * Requires: + * + * source != NULL + * + * Ensures: + * + * if (idp != NULL) *idp == message id. + * + * if (flagsp != NULL) *flagsp == message flags. + * + * Returns: + * + * ISC_R_SUCCESS -- all is well. + * + * ISC_R_UNEXPECTEDEND -- buffer doesn't contain enough for a header. + */ + +isc_result_t +dns_message_reply(dns_message_t *msg, isc_boolean_t want_question_section); +/* + * Start formatting a reply to the query in 'msg'. + * + * Requires: + * + * 'msg' is a valid message with parsing intent, and contains a query. + * + * Ensures: + * + * The message will have a rendering intent. If 'want_question_section' + * is true, the message opcode is query or notify, and the question + * section is present and properly formatted, then the question section + * will be included in the reply. All other sections will be cleared. + * The QR flag will be set, the RD flag will be preserved, and all other + * flags will be cleared. + * + * Returns: + * + * ISC_R_SUCCESS -- all is well. + * + * DNS_R_FORMERR -- the header or question section of the + * message is invalid, replying is impossible. + * If DNS_R_FORMERR is returned when + * want_question_section is ISC_FALSE, then + * it's the header section that's bad; + * otherwise either of the header or question + * sections may be bad. + */ + +dns_rdataset_t * +dns_message_getopt(dns_message_t *msg); +/* + * Get the OPT record for 'msg'. + * + * Requires: + * + * 'msg' is a valid message. + * + * Returns: + * + * The OPT rdataset of 'msg', or NULL if there isn't one. + */ + +isc_result_t +dns_message_setopt(dns_message_t *msg, dns_rdataset_t *opt); +/* + * Set the OPT record for 'msg'. + * + * Requires: + * + * 'msg' is a valid message with rendering intent + * and no sections have been rendered. + * + * 'opt' is a valid OPT record. + * + * Ensures: + * + * The OPT record has either been freed or ownership of it has + * been transferred to the message. + * + * If ISC_R_SUCCESS was returned, the OPT record will be rendered + * when dns_message_renderend() is called. + * + * Returns: + * + * ISC_R_SUCCESS -- all is well. + * + * ISC_R_NOSPACE -- there is no space for the OPT record. + */ + +dns_rdataset_t * +dns_message_gettsig(dns_message_t *msg, dns_name_t **owner); +/* + * Get the TSIG record and owner for 'msg'. + * + * Requires: + * + * 'msg' is a valid message. + * 'owner' is NULL or *owner is NULL. + * + * Returns: + * + * The TSIG rdataset of 'msg', or NULL if there isn't one. + * + * Ensures: + * + * If 'owner' is not NULL, it will point to the owner name. + */ + +isc_result_t +dns_message_settsigkey(dns_message_t *msg, dns_tsigkey_t *key); +/* + * Set the tsig key for 'msg'. This is only necessary for when rendering a + * query or parsing a response. The key (if non-NULL) is attached to, and + * will be detached when the message is destroyed. + * + * Requires: + * + * 'msg' is a valid message with rendering intent, + * dns_message_renderbegin() has been called, and no sections have been + * rendered. + * 'key' is a valid tsig key or NULL. + * + * Returns: + * + * ISC_R_SUCCESS -- all is well. + * + * ISC_R_NOSPACE -- there is no space for the TSIG record. + */ + +dns_tsigkey_t * +dns_message_gettsigkey(dns_message_t *msg); +/* + * Gets the tsig key for 'msg'. + * + * Requires: + * + * 'msg' is a valid message + */ + +isc_result_t +dns_message_setquerytsig(dns_message_t *msg, isc_buffer_t *querytsig); +/* + * Indicates that 'querytsig' is the TSIG from the signed query for which + * 'msg' is the response. This is also used for chained TSIGs in TCP + * responses. + * + * Requires: + * + * 'querytsig' is a valid buffer as returned by dns_message_getquerytsig() + * or NULL + * + * 'msg' is a valid message + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + +isc_result_t +dns_message_getquerytsig(dns_message_t *msg, isc_mem_t *mctx, + isc_buffer_t **querytsig); +/* + * Gets the tsig from the TSIG from the signed query 'msg'. This is also used + * for chained TSIGs in TCP responses. Unlike dns_message_gettsig, this makes + * a copy of the data, so can be used if the message is destroyed. + * + * Requires: + * + * 'msg' is a valid signed message + * 'mctx' is a valid memory context + * querytsig != NULL && *querytsig == NULL + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * + * Ensures: + * 'tsig' points to NULL or an allocated buffer which must be freed + * by the caller. + */ + +dns_rdataset_t * +dns_message_getsig0(dns_message_t *msg, dns_name_t **owner); +/* + * Get the SIG(0) record and owner for 'msg'. + * + * Requires: + * + * 'msg' is a valid message. + * 'owner' is NULL or *owner is NULL. + * + * Returns: + * + * The SIG(0) rdataset of 'msg', or NULL if there isn't one. + * + * Ensures: + * + * If 'owner' is not NULL, it will point to the owner name. + */ + +isc_result_t +dns_message_setsig0key(dns_message_t *msg, dst_key_t *key); +/* + * Set the SIG(0) key for 'msg'. + * + * Requires: + * + * 'msg' is a valid message with rendering intent, + * dns_message_renderbegin() has been called, and no sections have been + * rendered. + * 'key' is a valid sig key or NULL. + * + * Returns: + * + * ISC_R_SUCCESS -- all is well. + * + * ISC_R_NOSPACE -- there is no space for the SIG(0) record. + */ + +dst_key_t * +dns_message_getsig0key(dns_message_t *msg); +/* + * Gets the SIG(0) key for 'msg'. + * + * Requires: + * + * 'msg' is a valid message + */ + +void +dns_message_takebuffer(dns_message_t *msg, isc_buffer_t **buffer); +/* + * Give the *buffer to the message code to clean up when it is no + * longer needed. This is usually when the message is reset or + * destroyed. + * + * Requires: + * + * msg be a valid message. + * + * buffer != NULL && *buffer is a valid isc_buffer_t, which was + * dynamincally allocated via isc_buffer_allocate(). + */ + +isc_result_t +dns_message_signer(dns_message_t *msg, dns_name_t *signer); +/* + * If this message was signed, return the identity of the signer. + * Unless ISC_R_NOTFOUND is returned, signer will reflect the name of the + * key that signed the message. + * + * Requires: + * + * msg is a valid parsed message. + * signer is a valid name + * + * Returns: + * + * ISC_R_SUCCESS - the message was signed, and *signer + * contains the signing identity + * + * ISC_R_NOTFOUND - no TSIG or SIG(0) record is present in the + * message + * + * DNS_R_TSIGVERIFYFAILURE - the message was signed by a TSIG, but the + * signature failed to verify + * + * DNS_R_TSIGERRORSET - the message was signed by a TSIG and + * verified, but the query was rejected by + * the server + * + * DNS_R_NOIDENTITY - the message was signed by a TSIG and + * verified, but the key has no identity since + * it was generated by an unsigned TKEY process + * + * DNS_R_SIGINVALID - the message was signed by a SIG(0), but + * the signature failed to verify + * + * DNS_R_NOTVERIFIEDYET - the message was signed by a TSIG or SIG(0), + * but the signature has not been verified yet + */ + +isc_result_t +dns_message_checksig(dns_message_t *msg, dns_view_t *view); +/* + * If this message was signed, verify the signature. + * + * Requires: + * + * msg is a valid parsed message. + * view is a valid view or NULL + * + * Returns: + * + * ISC_R_SUCCESS - the message was unsigned, or the message + * was signed correctly. + * + * DNS_R_EXPECTEDTSIG - A TSIG was expected, but not seen + * DNS_R_UNEXPECTEDTSIG - A TSIG was seen but not expected + * DNS_R_TSIGVERIFYFAILURE - The TSIG failed to verify + */ + +isc_result_t +dns_message_rechecksig(dns_message_t *msg, dns_view_t *view); +/* + * Reset the signature state and then if the message was signed, + * verify the message. + * + * Requires: + * + * msg is a valid parsed message. + * view is a valid view or NULL + * + * Returns: + * + * ISC_R_SUCCESS - the message was unsigned, or the message + * was signed correctly. + * + * DNS_R_EXPECTEDTSIG - A TSIG was expected, but not seen + * DNS_R_UNEXPECTEDTSIG - A TSIG was seen but not expected + * DNS_R_TSIGVERIFYFAILURE - The TSIG failed to verify + */ + +void +dns_message_resetsig(dns_message_t *msg); +/* + * Reset the signature state. + * + * Requires: + * 'msg' is a valid parsed message. + */ + +isc_region_t * +dns_message_getrawmessage(dns_message_t *msg); +/* + * Retrieve the raw message in compressed wire format. The message must + * have been successfully parsed for it to have been saved. + * + * Requires: + * msg is a valid parsed message. + * + * Returns: + * NULL if there is no saved message. + * a pointer to a region which refers the dns message. + */ + +void +dns_message_setsortorder(dns_message_t *msg, dns_rdatasetorderfunc_t order, + void *order_arg); +/* + * Define the order in which RR sets get rendered by + * dns_message_rendersection() to be the ascending order + * defined by the integer value returned by 'order' when + * given each RR and 'arg' as arguments. If 'order' and + * 'order_arg' are NULL, a default order is used. + * + * Requires: + * msg be a valid message. + * order_arg is NULL if and only if order is NULL. + */ + +void +dns_message_settimeadjust(dns_message_t *msg, int timeadjust); +/* + * Adjust the time used to sign/verify a message by timeadjust. + * Currently only TSIG. + * + * Requires: + * msg be a valid message. + */ + +int +dns_message_gettimeadjust(dns_message_t *msg); +/* + * Return the current time adjustment. + * + * Requires: + * msg be a valid message. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_MESSAGE_H */ diff --git a/contrib/bind9/lib/dns/include/dns/name.h b/contrib/bind9/lib/dns/include/dns/name.h new file mode 100644 index 0000000..dd6a123 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/name.h @@ -0,0 +1,1246 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1998-2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: name.h,v 1.95.2.3.2.11 2004/09/01 05:19:59 marka Exp $ */ + +#ifndef DNS_NAME_H +#define DNS_NAME_H 1 + +/***** + ***** Module Info + *****/ + +/* + * DNS Names and Labels + * + * Provides facilities for manipulating DNS names and labels, including + * conversions to and from wire format and text format. + * + * Given the large number of names possible in a nameserver, and because + * names occur in rdata, it was important to come up with a very efficient + * way of storing name data, but at the same time allow names to be + * manipulated. The decision was to store names in uncompressed wire format, + * and not to make them fully abstracted objects; i.e. certain parts of the + * server know names are stored that way. This saves a lot of memory, and + * makes adding names to messages easy. Having much of the server know + * the representation would be perilous, and we certainly don't want each + * user of names to be manipulating such a low-level structure. This is + * where the Names and Labels module comes in. The module allows name or + * label handles to be created and attached to uncompressed wire format + * regions. All name operations and conversions are done through these + * handles. + * + * MP: + * Clients of this module must impose any required synchronization. + * + * Reliability: + * This module deals with low-level byte streams. Errors in any of + * the functions are likely to crash the server or corrupt memory. + * + * Resources: + * None. + * + * Security: + * + * *** WARNING *** + * + * dns_name_fromwire() deals with raw network data. An error in + * this routine could result in the failure or hijacking of the server. + * + * Standards: + * RFC 1035 + * Draft EDNS0 (0) + * Draft Binary Labels (2) + * + */ + +/*** + *** Imports + ***/ + +#include <stdio.h> + +#include <isc/boolean.h> +#include <isc/lang.h> +#include <isc/magic.h> +#include <isc/region.h> /* Required for storage size of dns_label_t. */ + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +/***** + ***** Labels + ***** + ***** A 'label' is basically a region. It contains one DNS wire format + ***** label of type 00 (ordinary). + *****/ + +/***** + ***** Names + ***** + ***** A 'name' is a handle to a binary region. It contains a sequence of one + ***** or more DNS wire format labels of type 00 (ordinary). + ***** Note that all names are not required to end with the root label, + ***** as they are in the actual DNS wire protocol. + *****/ + +/*** + *** Compression pointer chaining limit + ***/ + +#define DNS_POINTER_MAXHOPS 16 + +/*** + *** Types + ***/ + +/* + * Clients are strongly discouraged from using this type directly, with + * the exception of the 'link' and 'list' fields which may be used directly + * for whatever purpose the client desires. + */ +struct dns_name { + unsigned int magic; + unsigned char * ndata; + unsigned int length; + unsigned int labels; + unsigned int attributes; + unsigned char * offsets; + isc_buffer_t * buffer; + ISC_LINK(dns_name_t) link; + ISC_LIST(dns_rdataset_t) list; +}; + +#define DNS_NAME_MAGIC ISC_MAGIC('D','N','S','n') + +#define DNS_NAMEATTR_ABSOLUTE 0x0001 +#define DNS_NAMEATTR_READONLY 0x0002 +#define DNS_NAMEATTR_DYNAMIC 0x0004 +#define DNS_NAMEATTR_DYNOFFSETS 0x0008 +/* + * Attributes below 0x0100 reserved for name.c usage. + */ +#define DNS_NAMEATTR_CACHE 0x0100 /* Used by resolver. */ +#define DNS_NAMEATTR_ANSWER 0x0200 /* Used by resolver. */ +#define DNS_NAMEATTR_NCACHE 0x0400 /* Used by resolver. */ +#define DNS_NAMEATTR_CHAINING 0x0800 /* Used by resolver. */ +#define DNS_NAMEATTR_CHASE 0x1000 /* Used by resolver. */ +#define DNS_NAMEATTR_WILDCARD 0x2000 /* Used by server. */ + +#define DNS_NAME_DOWNCASE 0x0001 +#define DNS_NAME_CHECKNAMES 0x0002 /* Used by rdata. */ +#define DNS_NAME_CHECKNAMESFAIL 0x0004 /* Used by rdata. */ +#define DNS_NAME_CHECKREVERSE 0x0008 /* Used by rdata. */ + +LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_rootname; +LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_wildcardname; + +/* + * Standard size of a wire format name + */ +#define DNS_NAME_MAXWIRE 255 + +/*** + *** Initialization + ***/ + +void +dns_name_init(dns_name_t *name, unsigned char *offsets); +/* + * Initialize 'name'. + * + * Notes: + * 'offsets' is never required to be non-NULL, but specifying a + * dns_offsets_t for 'offsets' will improve the performance of most + * name operations if the name is used more than once. + * + * Requires: + * 'name' is not NULL and points to a struct dns_name. + * + * offsets == NULL or offsets is a dns_offsets_t. + * + * Ensures: + * 'name' is a valid name. + * dns_name_countlabels(name) == 0 + * dns_name_isabsolute(name) == ISC_FALSE + */ + +void +dns_name_reset(dns_name_t *name); +/* + * Reinitialize 'name'. + * + * Notes: + * This function distinguishes itself from dns_name_init() in two + * key ways: + * + * + If any buffer is associated with 'name' (via dns_name_setbuffer() + * or by being part of a dns_fixedname_t) the link to the buffer + * is retained but the buffer itself is cleared. + * + * + Of the attributes associated with 'name', all are retained except + * DNS_NAMEATTR_ABSOLUTE. + * + * Requires: + * 'name' is a valid name. + * + * Ensures: + * 'name' is a valid name. + * dns_name_countlabels(name) == 0 + * dns_name_isabsolute(name) == ISC_FALSE + */ + +void +dns_name_invalidate(dns_name_t *name); +/* + * Make 'name' invalid. + * + * Requires: + * 'name' is a valid name. + * + * Ensures: + * If assertion checking is enabled, future attempts to use 'name' + * without initializing it will cause an assertion failure. + * + * If the name had a dedicated buffer, that association is ended. + */ + + +/*** + *** Dedicated Buffers + ***/ + +void +dns_name_setbuffer(dns_name_t *name, isc_buffer_t *buffer); +/* + * Dedicate a buffer for use with 'name'. + * + * Notes: + * Specification of a target buffer in dns_name_fromwire(), + * dns_name_fromtext(), and dns_name_concatentate() is optional if + * 'name' has a dedicated buffer. + * + * The caller must not write to buffer until the name has been + * invalidated or is otherwise known not to be in use. + * + * If buffer is NULL and the name previously had a dedicated buffer, + * than that buffer is no longer dedicated to use with this name. + * The caller is responsible for ensuring that the storage used by + * the name remains valid. + * + * Requires: + * 'name' is a valid name. + * + * 'buffer' is a valid binary buffer and 'name' doesn't have a + * dedicated buffer already, or 'buffer' is NULL. + */ + +isc_boolean_t +dns_name_hasbuffer(const dns_name_t *name); +/* + * Does 'name' have a dedicated buffer? + * + * Requires: + * 'name' is a valid name. + * + * Returns: + * ISC_TRUE 'name' has a dedicated buffer. + * ISC_FALSE 'name' does not have a dedicated buffer. + */ + + +/*** + *** Properties + ***/ + +isc_boolean_t +dns_name_isabsolute(const dns_name_t *name); +/* + * Does 'name' end in the root label? + * + * Requires: + * 'name' is a valid name + * + * Returns: + * TRUE The last label in 'name' is the root label. + * FALSE The last label in 'name' is not the root label. + */ + +isc_boolean_t +dns_name_iswildcard(const dns_name_t *name); +/* + * Is 'name' a wildcard name? + * + * Requires: + * 'name' is a valid name + * + * dns_name_countlabels(name) > 0 + * + * Returns: + * TRUE The least significant label of 'name' is '*'. + * FALSE The least significant label of 'name' is not '*'. + */ + +unsigned int +dns_name_hash(dns_name_t *name, isc_boolean_t case_sensitive); +/* + * Provide a hash value for 'name'. + * + * Note: if 'case_sensitive' is ISC_FALSE, then names which differ only in + * case will have the same hash value. + * + * Requires: + * 'name' is a valid name + * + * Returns: + * A hash value + */ + +unsigned int +dns_name_fullhash(dns_name_t *name, isc_boolean_t case_sensitive); +/* + * Provide a hash value for 'name'. Unlike dns_name_hash(), this function + * always takes into account of the entire name to calculate the hash value. + * + * Note: if 'case_sensitive' is ISC_FALSE, then names which differ only in + * case will have the same hash value. + * + * Requires: + * 'name' is a valid name + * + * Returns: + * A hash value + */ + +unsigned int +dns_name_hashbylabel(dns_name_t *name, isc_boolean_t case_sensitive); +/* + * Provide a hash value for 'name', where the hash value is the sum + * of the hash values of each label. + * + * Note: if 'case_sensitive' is ISC_FALSE, then names which differ only in + * case will have the same hash value. + * + * Requires: + * 'name' is a valid name + * + * Returns: + * A hash value + */ + +/*** + *** Comparisons + ***/ + +dns_namereln_t +dns_name_fullcompare(const dns_name_t *name1, const dns_name_t *name2, + int *orderp, unsigned int *nlabelsp); +/* + * Determine the relative ordering under the DNSSEC order relation of + * 'name1' and 'name2', and also determine the hierarchical + * relationship of the names. + * + * Note: It makes no sense for one of the names to be relative and the + * other absolute. If both names are relative, then to be meaningfully + * compared the caller must ensure that they are both relative to the + * same domain. + * + * Requires: + * 'name1' is a valid name + * + * dns_name_countlabels(name1) > 0 + * + * 'name2' is a valid name + * + * dns_name_countlabels(name2) > 0 + * + * orderp and nlabelsp are valid pointers. + * + * Either name1 is absolute and name2 is absolute, or neither is. + * + * Ensures: + * + * *orderp is < 0 if name1 < name2, 0 if name1 = name2, > 0 if + * name1 > name2. + * + * *nlabelsp is the number of common significant labels. + * + * Returns: + * dns_namereln_none There's no hierarchical relationship + * between name1 and name2. + * dns_namereln_contains name1 properly contains name2; i.e. + * name2 is a proper subdomain of name1. + * dns_namereln_subdomain name1 is a proper subdomain of name2. + * dns_namereln_equal name1 and name2 are equal. + * dns_namereln_commonancestor name1 and name2 share a common + * ancestor. + */ + +int +dns_name_compare(const dns_name_t *name1, const dns_name_t *name2); +/* + * Determine the relative ordering under the DNSSEC order relation of + * 'name1' and 'name2'. + * + * Note: It makes no sense for one of the names to be relative and the + * other absolute. If both names are relative, then to be meaningfully + * compared the caller must ensure that they are both relative to the + * same domain. + * + * Requires: + * 'name1' is a valid name + * + * 'name2' is a valid name + * + * Either name1 is absolute and name2 is absolute, or neither is. + * + * Returns: + * < 0 'name1' is less than 'name2' + * 0 'name1' is equal to 'name2' + * > 0 'name1' is greater than 'name2' + */ + +isc_boolean_t +dns_name_equal(const dns_name_t *name1, const dns_name_t *name2); +/* + * Are 'name1' and 'name2' equal? + * + * Notes: + * Because it only needs to test for equality, dns_name_equal() can be + * significantly faster than dns_name_fullcompare() or dns_name_compare(). + * + * Offsets tables are not used in the comparision. + * + * It makes no sense for one of the names to be relative and the + * other absolute. If both names are relative, then to be meaningfully + * compared the caller must ensure that they are both relative to the + * same domain. + * + * Requires: + * 'name1' is a valid name + * + * 'name2' is a valid name + * + * Either name1 is absolute and name2 is absolute, or neither is. + * + * Returns: + * ISC_TRUE 'name1' and 'name2' are equal + * ISC_FALSE 'name1' and 'name2' are not equal + */ + +int +dns_name_rdatacompare(const dns_name_t *name1, const dns_name_t *name2); +/* + * Compare two names as if they are part of rdata in DNSSEC canonical + * form. + * + * Requires: + * 'name1' is a valid absolute name + * + * dns_name_countlabels(name1) > 0 + * + * 'name2' is a valid absolute name + * + * dns_name_countlabels(name2) > 0 + * + * Returns: + * < 0 'name1' is less than 'name2' + * 0 'name1' is equal to 'name2' + * > 0 'name1' is greater than 'name2' + */ + +isc_boolean_t +dns_name_issubdomain(const dns_name_t *name1, const dns_name_t *name2); +/* + * Is 'name1' a subdomain of 'name2'? + * + * Notes: + * name1 is a subdomain of name2 if name1 is contained in name2, or + * name1 equals name2. + * + * It makes no sense for one of the names to be relative and the + * other absolute. If both names are relative, then to be meaningfully + * compared the caller must ensure that they are both relative to the + * same domain. + * + * Requires: + * 'name1' is a valid name + * + * 'name2' is a valid name + * + * Either name1 is absolute and name2 is absolute, or neither is. + * + * Returns: + * TRUE 'name1' is a subdomain of 'name2' + * FALSE 'name1' is not a subdomain of 'name2' + */ + +isc_boolean_t +dns_name_matcheswildcard(const dns_name_t *name, const dns_name_t *wname); +/* + * Does 'name' match the wildcard specified in 'wname'? + * + * Notes: + * name matches the wildcard specified in wname if all labels + * following the wildcard in wname are identical to the same number + * of labels at the end of name. + * + * It makes no sense for one of the names to be relative and the + * other absolute. If both names are relative, then to be meaningfully + * compared the caller must ensure that they are both relative to the + * same domain. + * + * Requires: + * 'name' is a valid name + * + * dns_name_countlabels(name) > 0 + * + * 'wname' is a valid name + * + * dns_name_countlabels(wname) > 0 + * + * dns_name_iswildcard(wname) is true + * + * Either name is absolute and wname is absolute, or neither is. + * + * Returns: + * TRUE 'name' matches the wildcard specified in 'wname' + * FALSE 'name' does not match the wildcard specified in 'wname' + */ + +/*** + *** Labels + ***/ + +unsigned int +dns_name_countlabels(const dns_name_t *name); +/* + * How many labels does 'name' have? + * + * Notes: + * In this case, as in other places, a 'label' is an ordinary label. + * + * Requires: + * 'name' is a valid name + * + * Ensures: + * The result is <= 128. + * + * Returns: + * The number of labels in 'name'. + */ + +void +dns_name_getlabel(const dns_name_t *name, unsigned int n, dns_label_t *label); +/* + * Make 'label' refer to the 'n'th least significant label of 'name'. + * + * Notes: + * Numbering starts at 0. + * + * Given "rc.vix.com.", the label 0 is "rc", and label 3 is the + * root label. + * + * 'label' refers to the same memory as 'name', so 'name' must not + * be changed while 'label' is still in use. + * + * Requires: + * n < dns_label_countlabels(name) + */ + +void +dns_name_getlabelsequence(const dns_name_t *source, unsigned int first, + unsigned int n, dns_name_t *target); +/* + * Make 'target' refer to the 'n' labels including and following 'first' + * in 'source'. + * + * Notes: + * Numbering starts at 0. + * + * Given "rc.vix.com.", the label 0 is "rc", and label 3 is the + * root label. + * + * 'target' refers to the same memory as 'source', so 'source' + * must not be changed while 'target' is still in use. + * + * Requires: + * 'source' and 'target' are valid names. + * + * first < dns_label_countlabels(name) + * + * first + n <= dns_label_countlabels(name) + */ + + +void +dns_name_clone(dns_name_t *source, dns_name_t *target); +/* + * Make 'target' refer to the same name as 'source'. + * + * Notes: + * + * 'target' refers to the same memory as 'source', so 'source' + * must not be changed while 'target' is still in use. + * + * This call is functionally equivalent to: + * + * dns_name_getlabelsequence(source, 0, + * dns_label_countlabels(source), + * target); + * + * but is more efficient. Also, dns_name_clone() works even if 'source' + * is empty. + * + * Requires: + * + * 'source' is a valid name. + * + * 'target' is a valid name that is not read-only. + */ + +/*** + *** Conversions + ***/ + +void +dns_name_fromregion(dns_name_t *name, const isc_region_t *r); +/* + * Make 'name' refer to region 'r'. + * + * Note: + * If the conversion encounters a root label before the end of the + * region the conversion stops and the length is set to the length + * so far converted. A maximum of 255 bytes is converted. + * + * Requires: + * The data in 'r' is a sequence of one or more type 00 or type 01000001 + * labels. + */ + +void +dns_name_toregion(dns_name_t *name, isc_region_t *r); +/* + * Make 'r' refer to 'name'. + * + * Requires: + * + * 'name' is a valid name. + * + * 'r' is a valid region. + */ + +isc_result_t +dns_name_fromwire(dns_name_t *name, isc_buffer_t *source, + dns_decompress_t *dctx, unsigned int options, + isc_buffer_t *target); +/* + * Copy the possibly-compressed name at source (active region) into target, + * decompressing it. + * + * Notes: + * Decompression policy is controlled by 'dctx'. + * + * If DNS_NAME_DOWNCASE is set, any uppercase letters in 'source' will be + * downcased when they are copied into 'target'. + * + * Security: + * + * *** WARNING *** + * + * This routine will often be used when 'source' contains raw network + * data. A programming error in this routine could result in a denial + * of service, or in the hijacking of the server. + * + * Requires: + * + * 'name' is a valid name. + * + * 'source' is a valid buffer and the first byte of the active + * region should be the first byte of a DNS wire format domain name. + * + * 'target' is a valid buffer or 'target' is NULL and 'name' has + * a dedicated buffer. + * + * 'dctx' is a valid decompression context. + * + * Ensures: + * + * If result is success: + * If 'target' is not NULL, 'name' is attached to it. + * + * Uppercase letters are downcased in the copy iff + * DNS_NAME_DOWNCASE is set in options. + * + * The current location in source is advanced, and the used space + * in target is updated. + * + * Result: + * Success + * Bad Form: Label Length + * Bad Form: Unknown Label Type + * Bad Form: Name Length + * Bad Form: Compression type not allowed + * Bad Form: Bad compression pointer + * Bad Form: Input too short + * Resource Limit: Too many compression pointers + * Resource Limit: Not enough space in buffer + */ + +isc_result_t +dns_name_towire(dns_name_t *name, dns_compress_t *cctx, isc_buffer_t *target); +/* + * Convert 'name' into wire format, compressing it as specified by the + * compression context 'cctx', and storing the result in 'target'. + * + * Notes: + * If the compression context allows global compression, then the + * global compression table may be updated. + * + * Requires: + * 'name' is a valid name + * + * dns_name_countlabels(name) > 0 + * + * dns_name_isabsolute(name) == TRUE + * + * target is a valid buffer. + * + * Any offsets specified in a global compression table are valid + * for buffer. + * + * Ensures: + * + * If the result is success: + * + * The used space in target is updated. + * + * Returns: + * Success + * Resource Limit: Not enough space in buffer + */ + +isc_result_t +dns_name_fromtext(dns_name_t *name, isc_buffer_t *source, + dns_name_t *origin, unsigned int options, + isc_buffer_t *target); +/* + * Convert the textual representation of a DNS name at source + * into uncompressed wire form stored in target. + * + * Notes: + * Relative domain names will have 'origin' appended to them + * unless 'origin' is NULL, in which case relative domain names + * will remain relative. + * + * If DNS_NAME_DOWNCASE is set in 'options', any uppercase letters + * in 'source' will be downcased when they are copied into 'target'. + * + * Requires: + * + * 'name' is a valid name. + * + * 'source' is a valid buffer. + * + * 'target' is a valid buffer or 'target' is NULL and 'name' has + * a dedicated buffer. + * + * Ensures: + * + * If result is success: + * If 'target' is not NULL, 'name' is attached to it. + * + * Uppercase letters are downcased in the copy iff + * DNS_NAME_DOWNCASE is set in 'options'. + * + * The current location in source is advanced, and the used space + * in target is updated. + * + * Result: + * ISC_R_SUCCESS + * DNS_R_EMPTYLABEL + * DNS_R_LABELTOOLONG + * DNS_R_BADESCAPE + * (DNS_R_BADBITSTRING: should not be returned) + * (DNS_R_BITSTRINGTOOLONG: should not be returned) + * DNS_R_BADDOTTEDQUAD + * ISC_R_NOSPACE + * ISC_R_UNEXPECTEDEND + */ + +isc_result_t +dns_name_totext(dns_name_t *name, isc_boolean_t omit_final_dot, + isc_buffer_t *target); +/* + * Convert 'name' into text format, storing the result in 'target'. + * + * Notes: + * If 'omit_final_dot' is true, then the final '.' in absolute + * names other than the root name will be omitted. + * + * If dns_name_countlabels == 0, the name will be "@", representing the + * current origin as described by RFC 1035. + * + * The name is not NUL terminated. + * + * Requires: + * + * 'name' is a valid name + * + * 'target' is a valid buffer. + * + * if dns_name_isabsolute == FALSE, then omit_final_dot == FALSE + * + * Ensures: + * + * If the result is success: + * + * The used space in target is updated. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOSPACE + */ + +#define DNS_NAME_MAXTEXT 1023 +/* + * The maximum length of the text representation of a domain + * name as generated by dns_name_totext(). This does not + * include space for a terminating NULL. + * + * This definition is conservative - the actual maximum + * is 1004, derived as follows: + * + * A backslash-decimal escaped character takes 4 bytes. + * A wire-encoded name can be up to 255 bytes and each + * label is one length byte + at most 63 bytes of data. + * Maximizing the label lengths gives us a name of + * three 63-octet labels, one 61-octet label, and the + * root label: + * + * 1 + 63 + 1 + 63 + 1 + 63 + 1 + 61 + 1 = 255 + * + * When printed, this is (3 * 63 + 61) * 4 + * bytes for the escaped label data + 4 bytes for the + * dot terminating each label = 1004 bytes total. + */ + +isc_result_t +dns_name_tofilenametext(dns_name_t *name, isc_boolean_t omit_final_dot, + isc_buffer_t *target); +/* + * Convert 'name' into an alternate text format appropriate for filenames, + * storing the result in 'target'. The name data is downcased, guaranteeing + * that the filename does not depend on the case of the converted name. + * + * Notes: + * If 'omit_final_dot' is true, then the final '.' in absolute + * names other than the root name will be omitted. + * + * The name is not NUL terminated. + * + * Requires: + * + * 'name' is a valid absolute name + * + * 'target' is a valid buffer. + * + * Ensures: + * + * If the result is success: + * + * The used space in target is updated. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOSPACE + */ + +isc_result_t +dns_name_downcase(dns_name_t *source, dns_name_t *name, + isc_buffer_t *target); +/* + * Downcase 'source'. + * + * Requires: + * + * 'source' and 'name' are valid names. + * + * If source == name, then + * + * 'source' must not be read-only + * + * Otherwise, + * + * 'target' is a valid buffer or 'target' is NULL and + * 'name' has a dedicated buffer. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOSPACE + * + * Note: if source == name, then the result will always be ISC_R_SUCCESS. + */ + +isc_result_t +dns_name_concatenate(dns_name_t *prefix, dns_name_t *suffix, + dns_name_t *name, isc_buffer_t *target); +/* + * Concatenate 'prefix' and 'suffix'. + * + * Requires: + * + * 'prefix' is a valid name or NULL. + * + * 'suffix' is a valid name or NULL. + * + * 'name' is a valid name or NULL. + * + * 'target' is a valid buffer or 'target' is NULL and 'name' has + * a dedicated buffer. + * + * If 'prefix' is absolute, 'suffix' must be NULL or the empty name. + * + * Ensures: + * + * On success, + * If 'target' is not NULL and 'name' is not NULL, then 'name' + * is attached to it. + * + * The used space in target is updated. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOSPACE + * DNS_R_NAMETOOLONG + */ + +void +dns_name_split(dns_name_t *name, unsigned int suffixlabels, + dns_name_t *prefix, dns_name_t *suffix); +/* + * + * Split 'name' into two pieces on a label boundary. + * + * Notes: + * 'name' is split such that 'suffix' holds the most significant + * 'suffixlabels' labels. All other labels are stored in 'prefix'. + * + * Copying name data is avoided as much as possible, so 'prefix' + * and 'suffix' will end up pointing at the data for 'name'. + * + * It is legitimate to pass a 'prefix' or 'suffix' that has + * its name data stored someplace other than the dedicated buffer. + * This is useful to avoid name copying in the calling function. + * + * It is also legitimate to pass a 'prefix' or 'suffix' that is + * the same dns_name_t as 'name'. + * + * Requires: + * 'name' is a valid name. + * + * 'suffixlabels' cannot exceed the number of labels in 'name'. + * + * 'prefix' is a valid name or NULL, and cannot be read-only. + * + * 'suffix' is a valid name or NULL, and cannot be read-only. + * + * If non-NULL, 'prefix' and 'suffix' must have dedicated buffers. + * + * 'prefix' and 'suffix' cannot point to the same buffer. + * + * Ensures: + * + * On success: + * If 'prefix' is not NULL it will contain the least significant + * labels. + * + * If 'suffix' is not NULL it will contain the most significant + * labels. dns_name_countlabels(suffix) will be equal to + * suffixlabels. + * + * On failure: + * Either 'prefix' or 'suffix' is invalidated (depending + * on which one the problem was encountered with). + * + * Returns: + * ISC_R_SUCCESS No worries. (This function should always success). + */ + +isc_result_t +dns_name_dup(dns_name_t *source, isc_mem_t *mctx, dns_name_t *target); +/* + * Make 'target' a dynamically allocated copy of 'source'. + * + * Requires: + * + * 'source' is a valid non-empty name. + * + * 'target' is a valid name that is not read-only. + * + * 'mctx' is a valid memory context. + */ + +isc_result_t +dns_name_dupwithoffsets(dns_name_t *source, isc_mem_t *mctx, + dns_name_t *target); +/* + * Make 'target' a read-only dynamically allocated copy of 'source'. + * 'target' will also have a dynamically allocated offsets table. + * + * Requires: + * + * 'source' is a valid non-empty name. + * + * 'target' is a valid name that is not read-only. + * + * 'target' has no offsets table. + * + * 'mctx' is a valid memory context. + */ + +void +dns_name_free(dns_name_t *name, isc_mem_t *mctx); +/* + * Free 'name'. + * + * Requires: + * + * 'name' is a valid name created previously in 'mctx' by dns_name_dup(). + * + * 'mctx' is a valid memory context. + * + * Ensures: + * + * All dynamic resources used by 'name' are freed and the name is + * invalidated. + */ + +isc_result_t +dns_name_digest(dns_name_t *name, dns_digestfunc_t digest, void *arg); +/* + * Send 'name' in DNSSEC canonical form to 'digest'. + * + * Requires: + * + * 'name' is a valid name. + * + * 'digest' is a valid dns_digestfunc_t. + * + * Ensures: + * + * If successful, the DNSSEC canonical form of 'name' will have been + * sent to 'digest'. + * + * If digest() returns something other than ISC_R_SUCCESS, that result + * will be returned as the result of dns_name_digest(). + * + * Returns: + * + * ISC_R_SUCCESS + * + * Many other results are possible if not successful. + * + */ + +isc_boolean_t +dns_name_dynamic(dns_name_t *name); +/* + * Returns whether there is dynamic memory associated with this name. + * + * Requires: + * + * 'name' is a valid name. + * + * Returns: + * + * 'ISC_TRUE' if the name is dynamic othewise 'ISC_FALSE'. + */ + +isc_result_t +dns_name_print(dns_name_t *name, FILE *stream); +/* + * Print 'name' on 'stream'. + * + * Requires: + * + * 'name' is a valid name. + * + * 'stream' is a valid stream. + * + * Returns: + * + * ISC_R_SUCCESS + * + * Any error that dns_name_totext() can return. + */ + +void +dns_name_format(dns_name_t *name, char *cp, unsigned int size); +/* + * Format 'name' as text appropriate for use in log messages. + * + * Store the formatted name at 'cp', writing no more than + * 'size' bytes. The resulting string is guaranteed to be + * null terminated. + * + * The formatted name will have a terminating dot only if it is + * the root. + * + * This function cannot fail, instead any errors are indicated + * in the returned text. + * + * Requires: + * + * 'name' is a valid name. + * + * 'cp' points a valid character array of size 'size'. + * + * 'size' > 0. + * + */ + +#define DNS_NAME_FORMATSIZE (DNS_NAME_MAXTEXT + 1) +/* + * Suggested size of buffer passed to dns_name_format(). + * Includes space for the terminating NULL. + */ + +isc_result_t +dns_name_copy(dns_name_t *source, dns_name_t *dest, isc_buffer_t *target); +/* + * Makes 'dest' refer to a copy of the name in 'source'. The data are + * either copied to 'target' or the dedicated buffer in 'dest'. + * + * Requires: + * 'source' is a valid name. + * + * 'dest' is an initialized name with a dedicated buffer. + * + * 'target' is NULL or an initialized buffer. + * + * Either dest has a dedicated buffer or target != NULL. + * + * Ensures: + * + * On success, the used space in target is updated. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOSPACE + */ + +isc_boolean_t +dns_name_ishostname(const dns_name_t *name, isc_boolean_t wildcard); +/* + * Return if 'name' is a valid hostname. RFC 952 / RFC 1123. + * If 'wildcard' is ISC_TRUE then allow the first label of name to + * be a wildcard. + * The root is also accepted. + * + * Requires: + * 'name' to be valid. + */ + + +isc_boolean_t +dns_name_ismailbox(const dns_name_t *name); +/* + * Return if 'name' is a valid mailbox. RFC 821. + * + * Requires: + * 'name' to be valid. + */ + +ISC_LANG_ENDDECLS + +/*** + *** High Peformance Macros + ***/ + +/* + * WARNING: Use of these macros by applications may require recompilation + * of the application in some situations where calling the function + * would not. + * + * WARNING: No assertion checking is done for these macros. + */ + +#define DNS_NAME_INIT(n, o) \ +do { \ + (n)->magic = DNS_NAME_MAGIC; \ + (n)->ndata = NULL; \ + (n)->length = 0; \ + (n)->labels = 0; \ + (n)->attributes = 0; \ + (n)->offsets = (o); \ + (n)->buffer = NULL; \ + ISC_LINK_INIT((n), link); \ + ISC_LIST_INIT((n)->list); \ +} while (0) + +#define DNS_NAME_RESET(n) \ +do { \ + (n)->ndata = NULL; \ + (n)->length = 0; \ + (n)->labels = 0; \ + (n)->attributes &= ~DNS_NAMEATTR_ABSOLUTE; \ + if ((n)->buffer != NULL) \ + isc_buffer_clear((n)->buffer); \ +} while (0) + +#define DNS_NAME_SETBUFFER(n, b) \ + (n)->buffer = (b) + +#define DNS_NAME_ISABSOLUTE(n) \ + (((n)->attributes & DNS_NAMEATTR_ABSOLUTE) != 0 ? ISC_TRUE : ISC_FALSE) + +#define DNS_NAME_COUNTLABELS(n) \ + ((n)->labels) + +#define DNS_NAME_TOREGION(n, r) \ +do { \ + (r)->base = (n)->ndata; \ + (r)->length = (n)->length; \ +} while (0) + +#define DNS_NAME_SPLIT(n, l, p, s) \ +do { \ + dns_name_t *_n = (n); \ + dns_name_t *_p = (p); \ + dns_name_t *_s = (s); \ + unsigned int _l = (l); \ + if (_p != NULL) \ + dns_name_getlabelsequence(_n, 0, _n->labels - _l, _p); \ + if (_s != NULL) \ + dns_name_getlabelsequence(_n, _n->labels - _l, _l, _s); \ +} while (0) + +#ifdef DNS_NAME_USEINLINE + +#define dns_name_init(n, o) DNS_NAME_INIT(n, o) +#define dns_name_reset(n) DNS_NAME_RESET(n) +#define dns_name_setbuffer(n, b) DNS_NAME_SETBUFFER(n, b) +#define dns_name_countlabels(n) DNS_NAME_COUNTLABELS(n) +#define dns_name_isabsolute(n) DNS_NAME_ISABSOLUTE(n) +#define dns_name_toregion(n, r) DNS_NAME_TOREGION(n, r) +#define dns_name_split(n, l, p, s) DNS_NAME_SPLIT(n, l, p, s) + +#endif /* DNS_NAME_USEINLINE */ + +#endif /* DNS_NAME_H */ diff --git a/contrib/bind9/lib/dns/include/dns/ncache.h b/contrib/bind9/lib/dns/include/dns/ncache.h new file mode 100644 index 0000000..6bf6003 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/ncache.h @@ -0,0 +1,158 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2002 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: ncache.h,v 1.12.12.5 2004/03/08 09:04:37 marka Exp $ */ + +#ifndef DNS_NCACHE_H +#define DNS_NCACHE_H 1 + +/***** + ***** Module Info + *****/ + +/* + * DNS Ncache + * + * XXX <TBS> XXX + * + * MP: + * The caller must ensure any required synchronization. + * + * Reliability: + * No anticipated impact. + * + * Resources: + * <TBS> + * + * Security: + * No anticipated impact. + * + * Standards: + * RFC 2308 + */ + +#include <isc/lang.h> +#include <isc/stdtime.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +/* + * _OMITDNSSEC: + * Omit DNSSEC records when rendering. + */ +#define DNS_NCACHETOWIRE_OMITDNSSEC 0x0001 + +isc_result_t +dns_ncache_add(dns_message_t *message, dns_db_t *cache, dns_dbnode_t *node, + dns_rdatatype_t covers, isc_stdtime_t now, dns_ttl_t maxttl, + dns_rdataset_t *addedrdataset); +/* + * Convert the authority data from 'message' into a negative cache + * rdataset, and store it in 'cache' at 'node' with a TTL limited to + * 'maxttl'. + * + * The 'covers' argument is the RR type whose nonexistence we are caching, + * or dns_rdatatype_any when caching a NXDOMAIN response. + * + * Note: + * If 'addedrdataset' is not NULL, then it will be attached to the added + * rdataset. See dns_db_addrdataset() for more details. + * + * Requires: + * 'message' is a valid message with a properly formatting negative cache + * authority section. + * + * The requirements of dns_db_addrdataset() apply to 'cache', 'node', + * 'now', and 'addedrdataset'. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOSPACE + * + * Any result code of dns_db_addrdataset() is a possible result code + * of dns_ncache_add(). + */ + +isc_result_t +dns_ncache_towire(dns_rdataset_t *rdataset, dns_compress_t *cctx, + isc_buffer_t *target, unsigned int options, + unsigned int *countp); +/* + * Convert the negative caching rdataset 'rdataset' to wire format, + * compressing names as specified in 'cctx', and storing the result in + * 'target'. If 'omit_dnssec' is set, DNSSEC records will not + * be added to 'target'. + * + * Notes: + * The number of RRs added to target will be added to *countp. + * + * Requires: + * 'rdataset' is a valid negative caching rdataset. + * + * 'rdataset' is not empty. + * + * 'countp' is a valid pointer. + * + * Ensures: + * On a return of ISC_R_SUCCESS, 'target' contains a wire format + * for the data contained in 'rdataset'. Any error return leaves + * the buffer unchanged. + * + * *countp has been incremented by the number of RRs added to + * target. + * + * Returns: + * ISC_R_SUCCESS - all ok + * ISC_R_NOSPACE - 'target' doesn't have enough room + * + * Any error returned by dns_rdata_towire(), dns_rdataset_next(), + * dns_name_towire(). + */ + +isc_result_t +dns_ncache_getrdataset(dns_rdataset_t *ncacherdataset, dns_name_t *name, + dns_rdatatype_t type, dns_rdataset_t *rdataset); +/* + * Search the negative caching rdataset for an rdataset with the + * specified name and type. + * + * Requires: + * 'ncacherdataset' is a valid negative caching rdataset. + * + * 'ncacherdataset' is not empty. + * + * 'name' is a valid name. + * + * 'type' is not SIG, or a meta-RR type. + * + * 'rdataset' is a valid disassociated rdataset. + * + * Ensures: + * On a return of ISC_R_SUCCESS, 'rdataset' is bound to the found + * rdataset. + * + * Returns: + * ISC_R_SUCCESS - the rdataset was found. + * ISC_R_NOTFOUND - the rdataset was not found. + * + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_NCACHE_H */ diff --git a/contrib/bind9/lib/dns/include/dns/nsec.h b/contrib/bind9/lib/dns/include/dns/nsec.h new file mode 100644 index 0000000..68a5833 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/nsec.h @@ -0,0 +1,67 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001, 2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: nsec.h,v 1.4.2.1 2004/03/08 02:08:00 marka Exp $ */ + +#ifndef DNS_NSEC_H +#define DNS_NSEC_H 1 + +#include <isc/lang.h> + +#include <dns/types.h> +#include <dns/name.h> + +#define DNS_NSEC_BUFFERSIZE (DNS_NAME_MAXWIRE + 8192 + 512) + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_nsec_buildrdata(dns_db_t *db, dns_dbversion_t *version, + dns_dbnode_t *node, dns_name_t *target, + unsigned char *buffer, dns_rdata_t *rdata); +/* + * Build the rdata of a NSEC record. + * + * Requires: + * buffer Points to a temporary buffer of at least + * DNS_NSEC_BUFFERSIZE bytes. + * rdata Points to an initialized dns_rdata_t. + * + * Ensures: + * *rdata Contains a valid NSEC rdata. The 'data' member refers + * to 'buffer'. + */ + +isc_result_t +dns_nsec_build(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, + dns_name_t *target, dns_ttl_t ttl); +/* + * Build a NSEC record and add it to a database. + */ + +isc_boolean_t +dns_nsec_typepresent(dns_rdata_t *nsec, dns_rdatatype_t type); +/* + * Determine if a type is marked as present in an NSEC record. + * + * Requires: + * 'nsec' points to a valid rdataset of type NSEC + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_NSEC_H */ diff --git a/contrib/bind9/lib/dns/include/dns/opcode.h b/contrib/bind9/lib/dns/include/dns/opcode.h new file mode 100644 index 0000000..4d656b8 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/opcode.h @@ -0,0 +1,49 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2002 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: opcode.h,v 1.1.200.3 2004/03/08 09:04:37 marka Exp $ */ + +#ifndef DNS_OPCODE_H +#define DNS_OPCODE_H 1 + +#include <isc/lang.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +isc_result_t dns_opcode_totext(dns_opcode_t opcode, isc_buffer_t *target); +/* + * Put a textual representation of error 'opcode' into 'target'. + * + * Requires: + * 'opcode' is a valid opcode. + * + * 'target' is a valid text buffer. + * + * Ensures: + * If the result is success: + * The used space in 'target' is updated. + * + * Returns: + * ISC_R_SUCCESS on success + * ISC_R_NOSPACE target buffer is too small + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_OPCODE_H */ diff --git a/contrib/bind9/lib/dns/include/dns/order.h b/contrib/bind9/lib/dns/include/dns/order.h new file mode 100644 index 0000000..e28e3ca --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/order.h @@ -0,0 +1,97 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2002 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: order.h,v 1.2.202.3 2004/03/08 09:04:37 marka Exp $ */ + +#ifndef DNS_ORDER_H +#define DNS_ORDER_H 1 + +#include <isc/lang.h> +#include <isc/types.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_order_create(isc_mem_t *mctx, dns_order_t **orderp); +/* + * Create a order object. + * + * Requires: + * 'orderp' to be non NULL and '*orderp == NULL'. + * 'mctx' to be valid. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + +isc_result_t +dns_order_add(dns_order_t *order, dns_name_t *name, + dns_rdatatype_t rdtype, dns_rdataclass_t rdclass, + unsigned int mode); +/* + * Add a entry to the end of the order list. + * + * Requires: + * 'order' to be valid. + * 'name' to be valid. + * 'mode' to be one of DNS_RDATASERATTR_RANDOMIZE, + * DNS_RDATASERATTR_RANDOMIZE or zero (DNS_RDATASERATTR_CYCLIC). + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + +unsigned int +dns_order_find(dns_order_t *order, dns_name_t *name, + dns_rdatatype_t rdtype, dns_rdataclass_t rdclass); +/* + * Find the first matching entry on the list. + * + * Requires: + * 'order' to be valid. + * 'name' to be valid. + * + * Returns the mode set by dns_order_add() or zero. + */ + +void +dns_order_attach(dns_order_t *source, dns_order_t **target); +/* + * Attach to the 'source' object. + * + * Requires: + * 'source' to be valid. + * 'target' to be non NULL and '*target == NULL'. + */ + +void +dns_order_detach(dns_order_t **orderp); +/* + * Detach from the object. Clean up if last this was the last + * reference. + * + * Requires: + * '*orderp' to be valid. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_ORDER_H */ diff --git a/contrib/bind9/lib/dns/include/dns/peer.h b/contrib/bind9/lib/dns/include/dns/peer.h new file mode 100644 index 0000000..03f720a --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/peer.h @@ -0,0 +1,177 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2000, 2001, 2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: peer.h,v 1.16.2.1.10.3 2004/03/06 08:13:58 marka Exp $ */ + +#ifndef DNS_PEER_H +#define DNS_PEER_H 1 + +/***** + ***** Module Info + *****/ + +/* + * Data structures for peers (e.g. a 'server' config file statement) + */ + +/*** + *** Imports + ***/ + +#include <isc/lang.h> +#include <isc/magic.h> +#include <isc/netaddr.h> + +#include <dns/types.h> + +#define DNS_PEERLIST_MAGIC ISC_MAGIC('s','e','R','L') +#define DNS_PEER_MAGIC ISC_MAGIC('S','E','r','v') + +#define DNS_PEERLIST_VALID(ptr) ISC_MAGIC_VALID(ptr, DNS_PEERLIST_MAGIC) +#define DNS_PEER_VALID(ptr) ISC_MAGIC_VALID(ptr, DNS_PEER_MAGIC) + +/*** + *** Types + ***/ + +struct dns_peerlist { + unsigned int magic; + isc_uint32_t refs; + + isc_mem_t *mem; + + ISC_LIST(dns_peer_t) elements; +}; + +struct dns_peer { + unsigned int magic; + isc_uint32_t refs; + + isc_mem_t *mem; + + isc_netaddr_t address; + isc_boolean_t bogus; + dns_transfer_format_t transfer_format; + isc_uint32_t transfers; + isc_boolean_t support_ixfr; + isc_boolean_t provide_ixfr; + isc_boolean_t request_ixfr; + isc_boolean_t support_edns; + dns_name_t *key; + isc_sockaddr_t *transfer_source; + + isc_uint32_t bitflags; + + ISC_LINK(dns_peer_t) next; +}; + +/*** + *** Functions + ***/ + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_peerlist_new(isc_mem_t *mem, dns_peerlist_t **list); + +void +dns_peerlist_attach(dns_peerlist_t *source, dns_peerlist_t **target); + +void +dns_peerlist_detach(dns_peerlist_t **list); + +/* + * After return caller still holds a reference to peer. + */ +void +dns_peerlist_addpeer(dns_peerlist_t *peers, dns_peer_t *peer); + +/* + * Ditto. */ +isc_result_t +dns_peerlist_peerbyaddr(dns_peerlist_t *peers, isc_netaddr_t *addr, + dns_peer_t **retval); + +/* + * What he said. + */ +isc_result_t +dns_peerlist_currpeer(dns_peerlist_t *peers, dns_peer_t **retval); + +isc_result_t +dns_peer_new(isc_mem_t *mem, isc_netaddr_t *ipaddr, dns_peer_t **peer); + +void +dns_peer_attach(dns_peer_t *source, dns_peer_t **target); + +void +dns_peer_detach(dns_peer_t **list); + +isc_result_t +dns_peer_setbogus(dns_peer_t *peer, isc_boolean_t newval); + +isc_result_t +dns_peer_getbogus(dns_peer_t *peer, isc_boolean_t *retval); + +isc_result_t +dns_peer_setrequestixfr(dns_peer_t *peer, isc_boolean_t newval); + +isc_result_t +dns_peer_getrequestixfr(dns_peer_t *peer, isc_boolean_t *retval); + +isc_result_t +dns_peer_setprovideixfr(dns_peer_t *peer, isc_boolean_t newval); + +isc_result_t +dns_peer_getprovideixfr(dns_peer_t *peer, isc_boolean_t *retval); + +isc_result_t +dns_peer_setsupportedns(dns_peer_t *peer, isc_boolean_t newval); + +isc_result_t +dns_peer_getsupportedns(dns_peer_t *peer, isc_boolean_t *retval); + +isc_result_t +dns_peer_settransfers(dns_peer_t *peer, isc_uint32_t newval); + +isc_result_t +dns_peer_gettransfers(dns_peer_t *peer, isc_uint32_t *retval); + +isc_result_t +dns_peer_settransferformat(dns_peer_t *peer, dns_transfer_format_t newval); + +isc_result_t +dns_peer_gettransferformat(dns_peer_t *peer, dns_transfer_format_t *retval); + +isc_result_t +dns_peer_setkeybycharp(dns_peer_t *peer, const char *keyval); + +isc_result_t +dns_peer_getkey(dns_peer_t *peer, dns_name_t **retval); + +isc_result_t +dns_peer_setkey(dns_peer_t *peer, dns_name_t **keyval); + +isc_result_t +dns_peer_settransfersource(dns_peer_t *peer, isc_sockaddr_t *transfer_source); + +isc_result_t +dns_peer_gettransfersource(dns_peer_t *peer, isc_sockaddr_t *transfer_source); + +ISC_LANG_ENDDECLS + +#endif /* DNS_PEER_H */ diff --git a/contrib/bind9/lib/dns/include/dns/portlist.h b/contrib/bind9/lib/dns/include/dns/portlist.h new file mode 100644 index 0000000..ea672a9 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/portlist.h @@ -0,0 +1,99 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: portlist.h,v 1.2.84.2 2004/03/06 08:13:58 marka Exp $ */ + +#include <isc/lang.h> +#include <isc/net.h> +#include <isc/types.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_portlist_create(isc_mem_t *mctx, dns_portlist_t **portlistp); +/* + * Create a port list. + * + * Requires: + * 'mctx' to be valid. + * 'portlistp' to be non NULL and '*portlistp' to be NULL; + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * ISC_R_UNEXPECTED + */ + +isc_result_t +dns_portlist_add(dns_portlist_t *portlist, int af, in_port_t port); +/* + * Add the given <port,af> tuple to the portlist. + * + * Requires: + * 'portlist' to be valid. + * 'af' to be AF_INET or AF_INET6 + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + +void +dns_portlist_remove(dns_portlist_t *portlist, int af, in_port_t port); +/* + * Remove the given <port,af> tuple to the portlist. + * + * Requires: + * 'portlist' to be valid. + * 'af' to be AF_INET or AF_INET6 + */ + +isc_boolean_t +dns_portlist_match(dns_portlist_t *portlist, int af, in_port_t port); +/* + * Find the given <port,af> tuple to the portlist. + * + * Requires: + * 'portlist' to be valid. + * 'af' to be AF_INET or AF_INET6 + * + * Returns + * ISC_TRUE if the tuple is found, ISC_FALSE otherwise. + */ + +void +dns_portlist_attach(dns_portlist_t *portlist, dns_portlist_t **portlistp); +/* + * Attach to a port list. + * + * Requires: + * 'portlist' to be valid. + * 'portlistp' to be non NULL and '*portlistp' to be NULL; + */ + +void +dns_portlist_detach(dns_portlist_t **portlistp); +/* + * Detach from a port list. + * + * Requires: + * '*portlistp' to be valid. + */ + +ISC_LANG_ENDDECLS diff --git a/contrib/bind9/lib/dns/include/dns/rbt.h b/contrib/bind9/lib/dns/include/dns/rbt.h new file mode 100644 index 0000000..de2d309 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/rbt.h @@ -0,0 +1,835 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2002 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: rbt.h,v 1.55.12.5 2004/03/08 09:04:38 marka Exp $ */ + +#ifndef DNS_RBT_H +#define DNS_RBT_H 1 + +#include <isc/lang.h> +#include <isc/magic.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +#define DNS_RBT_USEHASH 1 + +/* + * Option values for dns_rbt_findnode() and dns_rbt_findname(). + * These are used to form a bitmask. + */ +#define DNS_RBTFIND_NOOPTIONS 0x00 +#define DNS_RBTFIND_EMPTYDATA 0x01 +#define DNS_RBTFIND_NOEXACT 0x02 +#define DNS_RBTFIND_NOPREDECESSOR 0x04 + +/* + * These should add up to 30. + */ +#define DNS_RBT_LOCKLENGTH 10 +#define DNS_RBT_REFLENGTH 20 + +#define DNS_RBTNODE_MAGIC ISC_MAGIC('R','B','N','O') +#if DNS_RBT_USEMAGIC +#define DNS_RBTNODE_VALID(n) ISC_MAGIC_VALID(n, DNS_RBTNODE_MAGIC) +#else +#define DNS_RBTNODE_VALID(n) ISC_TRUE +#endif + +/* + * This is the structure that is used for each node in the red/black + * tree of trees. NOTE WELL: the implementation manages this as a variable + * length structure, with the actual wire-format name and other data + * appended to this structure. Allocating a contiguous block of memory for + * multiple dns_rbtnode structures will not work. + */ +typedef struct dns_rbtnode { +#if DNS_RBT_USEMAGIC + unsigned int magic; +#endif + struct dns_rbtnode *parent; + struct dns_rbtnode *left; + struct dns_rbtnode *right; + struct dns_rbtnode *down; +#ifdef DNS_RBT_USEHASH + struct dns_rbtnode *hashnext; +#endif + /* + * The following bitfields add up to a total bitwidth of 32. + * The range of values necessary for each item is indicated, + * but in the case of "attributes" the field is wider to accomodate + * possible future expansion. "offsetlen" could be one bit + * narrower by always adjusting its value by 1 to find the real + * offsetlen, but doing so does not gain anything (except perhaps + * another bit for "attributes", which doesn't yet need any more). + * + * In each case below the "range" indicated is what's _necessary_ for + * the bitfield to hold, not what it actually _can_ hold. + */ + unsigned int is_root : 1; /* range is 0..1 */ + unsigned int color : 1; /* range is 0..1 */ + unsigned int find_callback : 1; /* range is 0..1 */ + unsigned int attributes : 4; /* range is 0..2 */ + unsigned int namelen : 8; /* range is 1..255 */ + unsigned int offsetlen : 8; /* range is 1..128 */ + unsigned int padbytes : 9; /* range is 0..380 */ + +#ifdef DNS_RBT_USEHASH + unsigned int hashval; +#endif + + /* + * These values are used in the RBT DB implementation. The appropriate + * node lock must be held before accessing them. + */ + void *data; + unsigned int dirty:1; + unsigned int wild:1; + unsigned int locknum:DNS_RBT_LOCKLENGTH; + unsigned int references:DNS_RBT_REFLENGTH; +} dns_rbtnode_t; + +typedef isc_result_t (*dns_rbtfindcallback_t)(dns_rbtnode_t *node, + dns_name_t *name, + void *callback_arg); + +/***** + ***** Chain Info + *****/ + +/* + * A chain is used to keep track of the sequence of nodes to reach any given + * node from the root of the tree. Originally nodes did not have parent + * pointers in them (for memory usage reasons) so there was no way to find + * the path back to the root from any given node. Now that nodes have parent + * pointers, chains might be going away in a future release, though the + * movement functionality would remain. + * + * In any event, parent information, whether via parent pointers or chains, is + * necessary information for iterating through the tree or for basic internal + * tree maintenance issues (ie, the rotations that are done to rebalance the + * tree when a node is added). The obvious implication of this is that for a + * chain to remain valid, the tree has to be locked down against writes for the + * duration of the useful life of the chain, because additions or removals can + * change the path from the root to the node the chain has targetted. + * + * The dns_rbtnodechain_ functions _first, _last, _prev and _next all take + * dns_name_t parameters for the name and the origin, which can be NULL. If + * non-NULL, 'name' will end up pointing to the name data and offsets that are + * stored at the node (and thus it will be read-only), so it should be a + * regular dns_name_t that has been initialized with dns_name_init. When + * 'origin' is non-NULL, it will get the name of the origin stored in it, so it + * needs to have its own buffer space and offsets, which is most easily + * accomplished with a dns_fixedname_t. It is _not_ necessary to reinitialize + * either 'name' or 'origin' between calls to the chain functions. + * + * NOTE WELL: even though the name data at the root of the tree of trees will + * be absolute (typically just "."), it will will be made into a relative name + * with an origin of "." -- an empty name when the node is ".". This is + * because a common on operation on 'name' and 'origin' is to use + * dns_name_concatenate() on them to generate the complete name. An empty name + * can be detected when dns_name_countlabels == 0, and is printed by + * dns_name_totext()/dns_name_format() as "@", consistent with RFC1035's + * definition of "@" as the current origin. + * + * dns_rbtnodechain_current is similar to the _first, _last, _prev and _next + * functions but additionally can provide the node to which the chain points. + */ + +/* + * The number of level blocks to allocate at a time. Currently the maximum + * number of levels is allocated directly in the structure, but future + * revisions of this code might have a static initial block with dynamic + * growth. Allocating space for 256 levels when the tree is almost never that + * deep is wasteful, but it's not clear that it matters, since the waste is + * only 2MB for 1000 concurrently active chains on a system with 64-bit + * pointers. + */ +#define DNS_RBT_LEVELBLOCK 254 + +typedef struct dns_rbtnodechain { + unsigned int magic; + isc_mem_t * mctx; + /* + * The terminal node of the chain. It is not in levels[]. + * This is ostensibly private ... but in a pinch it could be + * used tell that the chain points nowhere without needing to + * call dns_rbtnodechain_current(). + */ + dns_rbtnode_t * end; + /* + * The maximum number of labels in a name is 128; bitstrings mean + * a conceptually very large number (which I have not bothered to + * compute) of logical levels because splitting can potentially occur + * at each bit. However, DNSSEC restricts the number of "logical" + * labels in a name to 255, meaning only 254 pointers are needed + * in the worst case. + */ + dns_rbtnode_t * levels[DNS_RBT_LEVELBLOCK]; + /* + * level_count indicates how deep the chain points into the + * tree of trees, and is the index into the levels[] array. + * Thus, levels[level_count - 1] is the last level node stored. + * A chain that points to the top level of the tree of trees has + * a level_count of 0, the first level has a level_count of 1, and + * so on. + */ + unsigned int level_count; + /* + * level_matches tells how many levels matched above the node + * returned by dns_rbt_findnode(). A match (partial or exact) found + * in the first level thus results in level_matches being set to 1. + * This is used by the rbtdb to set the start point for a recursive + * search of superdomains until the RR it is looking for is found. + */ + unsigned int level_matches; +} dns_rbtnodechain_t; + +/***** + ***** Public interfaces. + *****/ + +isc_result_t +dns_rbt_create(isc_mem_t *mctx, void (*deleter)(void *, void *), + void *deleter_arg, dns_rbt_t **rbtp); +/* + * Initialize a red-black tree of trees. + * + * Notes: + * The deleter argument, if non-null, points to a function that is + * responsible for cleaning up any memory associated with the data + * pointer of a node when the node is deleted. It is passed the + * deleted node's data pointer as its first argument and deleter_arg + * as its second argument. + * + * Requires: + * mctx is a pointer to a valid memory context. + * rbtp != NULL && *rbtp == NULL + * arg == NULL iff deleter == NULL + * + * Ensures: + * If result is ISC_R_SUCCESS: + * *rbtp points to a valid red-black tree manager + * + * If result is failure: + * *rbtp does not point to a valid red-black tree manager. + * + * Returns: + * ISC_R_SUCCESS Success + * ISC_R_NOMEMORY Resource limit: Out of Memory + */ + +isc_result_t +dns_rbt_addname(dns_rbt_t *rbt, dns_name_t *name, void *data); +/* + * Add 'name' to the tree of trees, associated with 'data'. + * + * Notes: + * 'data' is never required to be non-NULL, but specifying it + * when the name is added is faster than searching for 'name' + * again and then setting the data pointer. The lack of a data pointer + * for a node also has other ramifications regarding whether + * dns_rbt_findname considers a node to exist, or dns_rbt_deletename + * joins nodes. + * + * Requires: + * rbt is a valid rbt manager. + * dns_name_isabsolute(name) == TRUE + * + * Ensures: + * 'name' is not altered in any way. + * + * Any external references to nodes in the tree are unaffected by + * node splits that are necessary to insert the new name. + * + * If result is ISC_R_SUCCESS: + * 'name' is findable in the red/black tree of trees in O(log N). + * + * The data pointer of the node for 'name' is set to 'data'. + * + * If result is ISC_R_EXISTS or ISC_R_NOSPACE: + * The tree of trees is unaltered. + * + * If result is ISC_R_NOMEMORY: + * No guarantees. + * + * Returns: + * ISC_R_SUCCESS Success + * ISC_R_EXISTS The name already exists with associated data. + * ISC_R_NOSPACE The name had more logical labels than are allowed. + * ISC_R_NOMEMORY Resource Limit: Out of Memory + */ + +isc_result_t +dns_rbt_addnode(dns_rbt_t *rbt, dns_name_t *name, dns_rbtnode_t **nodep); + +/* + * Just like dns_rbt_addname, but returns the address of the node. + * + * Requires: + * rbt is a valid rbt structure. + * dns_name_isabsolute(name) == TRUE + * nodep != NULL && *nodep == NULL + * + * Ensures: + * 'name' is not altered in any way. + * + * Any external references to nodes in the tree are unaffected by + * node splits that are necessary to insert the new name. + * + * If result is ISC_R_SUCCESS: + * 'name' is findable in the red/black tree of trees in O(log N). + * + * *nodep is the node that was added for 'name'. + * + * If result is ISC_R_EXISTS: + * The tree of trees is unaltered. + * + * *nodep is the existing node for 'name'. + * + * If result is ISC_R_NOMEMORY: + * No guarantees. + * + * Returns: + * ISC_R_SUCCESS Success + * ISC_R_EXISTS The name already exists, possibly without data. + * ISC_R_NOMEMORY Resource Limit: Out of Memory + */ + +isc_result_t +dns_rbt_findname(dns_rbt_t *rbt, dns_name_t *name, unsigned int options, + dns_name_t *foundname, void **data); +/* + * Get the data pointer associated with 'name'. + * + * Notes: + * When DNS_RBTFIND_NOEXACT is set, the closest matching superdomain is + * returned (also subject to DNS_RBTFIND_EMPTYDATA), even when there is + * an exact match in the tree. + * + * A node that has no data is considered not to exist for this function, + * unless the DNS_RBTFIND_EMPTYDATA option is set. + * + * Requires: + * rbt is a valid rbt manager. + * dns_name_isabsolute(name) == TRUE + * data != NULL && *data == NULL + * + * Ensures: + * 'name' and the tree are not altered in any way. + * + * If result is ISC_R_SUCCESS: + * *data is the data associated with 'name'. + * + * If result is DNS_R_PARTIALMATCH: + * *data is the data associated with the deepest superdomain + * of 'name' which has data. + * + * If result is ISC_R_NOTFOUND: + * Neither the name nor a superdomain was found with data. + * + * Returns: + * ISC_R_SUCCESS Success + * DNS_R_PARTIALMATCH Superdomain found with data + * ISC_R_NOTFOUND No match + * ISC_R_NOSPACE Concatenating nodes to form foundname failed + */ + +isc_result_t +dns_rbt_findnode(dns_rbt_t *rbt, dns_name_t *name, dns_name_t *foundname, + dns_rbtnode_t **node, dns_rbtnodechain_t *chain, + unsigned int options, dns_rbtfindcallback_t callback, + void *callback_arg); +/* + * Find the node for 'name'. + * + * Notes: + * A node that has no data is considered not to exist for this function, + * unless the DNS_RBTFIND_EMPTYDATA option is set. This applies to both + * exact matches and partial matches. + * + * If the chain parameter is non-NULL, then the path through the tree + * to the DNSSEC predecessor of the searched for name is maintained, + * unless the DNS_RBTFIND_NOPREDECESSOR or DNS_RBTFIND_NOEXACT option + * is used. (For more details on those options, see below.) + * + * If there is no predecessor, then the chain will point to nowhere, as + * indicated by chain->end being NULL or dns_rbtnodechain_current + * returning ISC_R_NOTFOUND. Note that in a normal Internet DNS RBT + * there will always be a predecessor for all names except the root + * name, because '.' will exist and '.' is the predecessor of + * everything. But you can certainly construct a trivial tree and a + * search for it that has no predecessor. + * + * Within the chain structure, the 'levels' member of the structure holds + * the root node of each level except the first. + * + * The 'level_count' of the chain indicates how deep the chain to the + * predecessor name is, as an index into the 'levels[]' array. It does + * not count name elements, per se, but only levels of the tree of trees, + * the distinction arrising because multiple labels from a name can be + * stored on only one level. It is also does not include the level + * that has the node, since that level is not stored in levels[]. + * + * The chain's 'level_matches' is not directly related to the predecessor. + * It is the number of levels above the level of the found 'node', + * regardless of whether it was a partial match or exact match. When + * the node is found in the top level tree, or no node is found at all, + * level_matches is 0. + * + * When DNS_RBTFIND_NOEXACT is set, the closest matching superdomain is + * returned (also subject to DNS_RBTFIND_EMPTYDATA), even when + * there is an exact match in the tree. In this case, the chain + * will not point to the DNSSEC predecessor, but will instead point + * to the exact match, if there was any. Thus the preceding paragraphs + * should have "exact match" substituted for "predecessor" to describe + * how the various elements of the chain are set. This was done to + * ensure that the chain's state was sane, and to prevent problems that + * occurred when running the predecessor location code under conditions + * it was not designed for. It is not clear *where* the chain should + * point when DNS_RBTFIND_NOEXACT is set, so if you end up using a chain + * with this option because you want a particular node, let us know + * where you want the chain pointed, so this can be made more firm. + * + * Requires: + * rbt is a valid rbt manager. + * dns_name_isabsolute(name) == TRUE. + * node != NULL && *node == NULL. + * DNS_RBTFIND_NOEXACT and DNS_RBTFIND_NOPREDECESSOR are mutally + * exclusive. + * + * Ensures: + * 'name' and the tree are not altered in any way. + * + * If result is ISC_R_SUCCESS: + * *node is the terminal node for 'name'. + * + * 'foundname' and 'name' represent the same name (though not + * the same memory). + * + * 'chain' points to the DNSSEC predecessor, if any, of 'name'. + * + * chain->level_matches and chain->level_count are equal. + * + * If result is DNS_R_PARTIALMATCH: + * *node is the data associated with the deepest superdomain + * of 'name' which has data. + * + * 'foundname' is the name of deepest superdomain (which has + * data, unless the DNS_RBTFIND_EMPTYDATA option is set). + * + * 'chain' points to the DNSSEC predecessor, if any, of 'name'. + * + * If result is ISC_R_NOTFOUND: + * Neither the name nor a superdomain was found. *node is NULL. + * + * 'chain' points to the DNSSEC predecessor, if any, of 'name'. + * + * chain->level_matches is 0. + * + * Returns: + * ISC_R_SUCCESS Success + * DNS_R_PARTIALMATCH Superdomain found with data + * ISC_R_NOTFOUND No match, or superdomain with no data + * ISC_R_NOSPACE Concatenating nodes to form foundname failed + */ + +isc_result_t +dns_rbt_deletename(dns_rbt_t *rbt, dns_name_t *name, isc_boolean_t recurse); +/* + * Delete 'name' from the tree of trees. + * + * Notes: + * When 'name' is removed, if recurse is ISC_TRUE then all of its + * subnames are removed too. + * + * Requires: + * rbt is a valid rbt manager. + * dns_name_isabsolute(name) == TRUE + * + * Ensures: + * 'name' is not altered in any way. + * + * Does NOT ensure that any external references to nodes in the tree + * are unaffected by node joins. + * + * If result is ISC_R_SUCCESS: + * 'name' does not appear in the tree with data; however, + * the node for the name might still exist which can be + * found with dns_rbt_findnode (but not dns_rbt_findname). + * + * If result is ISC_R_NOTFOUND: + * 'name' does not appear in the tree with data, because + * it did not appear in the tree before the function was called. + * + * If result is something else: + * See result codes for dns_rbt_findnode (if it fails, the + * node is not deleted) or dns_rbt_deletenode (if it fails, + * the node is deleted, but the tree is not optimized when + * it could have been). + * + * Returns: + * ISC_R_SUCCESS Success + * ISC_R_NOTFOUND No match + * something_else Any return code from dns_rbt_findnode except + * DNS_R_PARTIALMATCH (which causes ISC_R_NOTFOUND + * to be returned instead), and any code from + * dns_rbt_deletenode. + */ + +isc_result_t +dns_rbt_deletenode(dns_rbt_t *rbt, dns_rbtnode_t *node, isc_boolean_t recurse); +/* + * Delete 'node' from the tree of trees. + * + * Notes: + * When 'node' is removed, if recurse is ISC_TRUE then all nodes + * in levels down from it are removed too. + * + * Requires: + * rbt is a valid rbt manager. + * node != NULL. + * + * Ensures: + * Does NOT ensure that any external references to nodes in the tree + * are unaffected by node joins. + * + * If result is ISC_R_SUCCESS: + * 'node' does not appear in the tree with data; however, + * the node might still exist if it serves as a pointer to + * a lower tree level as long as 'recurse' was false, hence + * the node could can be found with dns_rbt_findnode whem + * that function's empty_data_ok parameter is true. + * + * If result is ISC_R_NOMEMORY or ISC_R_NOSPACE: + * The node was deleted, but the tree structure was not + * optimized. + * + * Returns: + * ISC_R_SUCCESS Success + * ISC_R_NOMEMORY Resource Limit: Out of Memory when joining nodes. + * ISC_R_NOSPACE dns_name_concatenate failed when joining nodes. + */ + +void +dns_rbt_namefromnode(dns_rbtnode_t *node, dns_name_t *name); +/* + * Convert the sequence of labels stored at 'node' into a 'name'. + * + * Notes: + * This function does not return the full name, from the root, but + * just the labels at the indicated node. + * + * The name data pointed to by 'name' is the information stored + * in the node, not a copy. Altering the data at this pointer + * will likely cause grief. + * + * Requires: + * name->offsets == NULL + * + * Ensures: + * 'name' is DNS_NAMEATTR_READONLY. + * + * 'name' will point directly to the labels stored after the + * dns_rbtnode_t struct. + * + * 'name' will have offsets that also point to the information stored + * as part of the node. + */ + +isc_result_t +dns_rbt_fullnamefromnode(dns_rbtnode_t *node, dns_name_t *name); +/* + * Like dns_rbt_namefromnode, but returns the full name from the root. + * + * Notes: + * Unlike dns_rbt_namefromnode, the name will not point directly + * to node data. Rather, dns_name_concatenate will be used to copy + * the name data from each node into the 'name' argument. + * + * Requires: + * name != NULL + * name has a dedicated buffer. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOSPACE (possible via dns_name_concatenate) + * DNS_R_NAMETOOLONG (possible via dns_name_concatenate) + */ + +char * +dns_rbt_formatnodename(dns_rbtnode_t *node, char *printname, + unsigned int size); +/* + * Format the full name of a node for printing, using dns_name_format(). + * + * Notes: + * 'size' is the length of the printname buffer. This should be + * DNS_NAME_FORMATSIZE or larger. + * + * Requires: + * node and printname are not NULL. + * + * Returns: + * The 'printname' pointer. + */ + +unsigned int +dns_rbt_nodecount(dns_rbt_t *rbt); +/* + * Obtain the number of nodes in the tree of trees. + * + * Requires: + * rbt is a valid rbt manager. + */ + +void +dns_rbt_destroy(dns_rbt_t **rbtp); +isc_result_t +dns_rbt_destroy2(dns_rbt_t **rbtp, unsigned int quantum); +/* + * Stop working with a red-black tree of trees. Once dns_rbt_destroy2() + * has been called on a 'rbt' only dns_rbt_destroy() or dns_rbt_destroy2() + * may be used on the tree. If 'quantum' is zero then the entire tree will + * be destroyed. + * + * Requires: + * *rbt is a valid rbt manager. + * + * Ensures: + * All space allocated by the RBT library has been returned. + * + * *rbt is invalidated as an rbt manager. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_QUOTA if 'quantum' nodes have been destroyed. + */ + +void +dns_rbt_printall(dns_rbt_t *rbt); +/* + * Print an ASCII representation of the internal structure of the red-black + * tree of trees. + * + * Notes: + * The name stored at each node, along with the node's color, is printed. + * Then the down pointer, left and right pointers are displayed + * recursively in turn. NULL down pointers are silently omitted; + * NULL left and right pointers are printed. + */ + +/***** + ***** Chain Functions + *****/ + +void +dns_rbtnodechain_init(dns_rbtnodechain_t *chain, isc_mem_t *mctx); +/* + * Initialize 'chain'. + * + * Requires: + * 'chain' is a valid pointer. + * + * 'mctx' is a valid memory context. + * + * Ensures: + * 'chain' is suitable for use. + */ + +void +dns_rbtnodechain_reset(dns_rbtnodechain_t *chain); +/* + * Free any dynamic storage associated with 'chain', and then reinitialize + * 'chain'. + * + * Requires: + * 'chain' is a valid pointer. + * + * Ensures: + * 'chain' is suitable for use, and uses no dynamic storage. + */ + +void +dns_rbtnodechain_invalidate(dns_rbtnodechain_t *chain); +/* + * Free any dynamic storage associated with 'chain', and then invalidates it. + * + * Notes: + * Future calls to any dns_rbtnodechain_ function will need to call + * dns_rbtnodechain_init on the chain first (except, of course, + * dns_rbtnodechain_init itself). + * + * Requires: + * 'chain' is a valid chain. + * + * Ensures: + * 'chain' is no longer suitable for use, and uses no dynamic storage. + */ + +isc_result_t +dns_rbtnodechain_current(dns_rbtnodechain_t *chain, dns_name_t *name, + dns_name_t *origin, dns_rbtnode_t **node); +/* + * Provide the name, origin and node to which the chain is currently pointed. + * + * Notes: + * The tree need not have be locked against additions for the chain + * to remain valid, however there are no guarantees if any deletion + * has been made since the chain was established. + * + * Requires: + * 'chain' is a valid chain. + * + * Ensures: + * 'node', if non-NULL, is the node to which the chain was pointed + * by dns_rbt_findnode, dns_rbtnodechain_first or dns_rbtnodechain_last. + * If none were called for the chain since it was initialized or reset, + * or if the was no predecessor to the name searched for with + * dns_rbt_findnode, then '*node' is NULL and ISC_R_NOTFOUND is returned. + * + * 'name', if non-NULL, is the name stored at the terminal level of + * the chain. This is typically a single label, like the "www" of + * "www.isc.org", but need not be so. At the root of the tree of trees, + * if the node is "." then 'name' is ".", otherwise it is relative to ".". + * (Minimalist and atypical case: if the tree has just the name + * "isc.org." then the root node's stored name is "isc.org." but 'name' + * will be "isc.org".) + * + * 'origin', if non-NULL, is the sequence of labels in the levels + * above the terminal level, such as "isc.org." in the above example. + * 'origin' is always "." for the root node. + * + * + * Returns: + * ISC_R_SUCCESS name, origin & node were successfully set. + * ISC_R_NOTFOUND The chain does not point to any node. + * <something_else> Any error return from dns_name_concatenate. + */ + +isc_result_t +dns_rbtnodechain_first(dns_rbtnodechain_t *chain, dns_rbt_t *rbt, + dns_name_t *name, dns_name_t *origin); +/* + * Set the chain to the lexically first node in the tree of trees. + * + * Notes: + * By the definition of ordering for DNS names, the root of the tree of + * trees is the very first node, since everything else in the megatree + * uses it as a common suffix. + * + * Requires: + * 'chain' is a valid chain. + * 'rbt' is a valid rbt manager. + * + * Ensures: + * The chain points to the very first node of the tree. + * + * 'name' and 'origin', if non-NULL, are set as described for + * dns_rbtnodechain_current. Thus 'origin' will always be ".". + * + * Returns: + * DNS_R_NEWORIGIN The name & origin were successfully set. + * <something_else> Any error result from dns_rbtnodechain_current. + */ + +isc_result_t +dns_rbtnodechain_last(dns_rbtnodechain_t *chain, dns_rbt_t *rbt, + dns_name_t *name, dns_name_t *origin); +/* + * Set the chain to the lexically last node in the tree of trees. + * + * Requires: + * 'chain' is a valid chain. + * 'rbt' is a valid rbt manager. + * + * Ensures: + * The chain points to the very last node of the tree. + * + * 'name' and 'origin', if non-NULL, are set as described for + * dns_rbtnodechain_current. + * + * Returns: + * DNS_R_NEWORIGIN The name & origin were successfully set. + * ISC_R_NOMEMORY Resource Limit: Out of Memory building chain. + * <something_else> Any error result from dns_name_concatenate. + */ + +isc_result_t +dns_rbtnodechain_prev(dns_rbtnodechain_t *chain, dns_name_t *name, + dns_name_t *origin); +/* + * Adjusts chain to point the DNSSEC predecessor of the name to which it + * is currently pointed. + * + * Requires: + * 'chain' is a valid chain. + * 'chain' has been pointed somewhere in the tree with dns_rbt_findnode, + * dns_rbtnodechain_first or dns_rbtnodechain_last -- and remember that + * dns_rbt_findnode is not guaranteed to point the chain somewhere, + * since there may have been no predecessor to the searched for name. + * + * Ensures: + * The chain is pointed to the predecessor of its current target. + * + * 'name' and 'origin', if non-NULL, are set as described for + * dns_rbtnodechain_current. + * + * 'origin' is only if a new origin was found. + * + * Returns: + * ISC_R_SUCCESS The predecessor was found and 'name' was set. + * DNS_R_NEWORIGIN The predecessor was found with a different + * origin and 'name' and 'origin' were set. + * ISC_R_NOMORE There was no predecessor. + * <something_else> Any error result from dns_rbtnodechain_current. + */ + +isc_result_t +dns_rbtnodechain_next(dns_rbtnodechain_t *chain, dns_name_t *name, + dns_name_t *origin); +/* + * Adjusts chain to point the DNSSEC successor of the name to which it + * is currently pointed. + * + * Requires: + * 'chain' is a valid chain. + * 'chain' has been pointed somewhere in the tree with dns_rbt_findnode, + * dns_rbtnodechain_first or dns_rbtnodechain_last -- and remember that + * dns_rbt_findnode is not guaranteed to point the chain somewhere, + * since there may have been no predecessor to the searched for name. + * + * Ensures: + * The chain is pointed to the successor of its current target. + * + * 'name' and 'origin', if non-NULL, are set as described for + * dns_rbtnodechain_current. + * + * 'origin' is only if a new origin was found. + * + * Returns: + * ISC_R_SUCCESS The successor was found and 'name' was set. + * DNS_R_NEWORIGIN The successor was found with a different + * origin and 'name' and 'origin' were set. + * ISC_R_NOMORE There was no successor. + * <something_else> Any error result from dns_name_concatenate. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_RBT_H */ diff --git a/contrib/bind9/lib/dns/include/dns/rcode.h b/contrib/bind9/lib/dns/include/dns/rcode.h new file mode 100644 index 0000000..b2494f7 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/rcode.h @@ -0,0 +1,96 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: rcode.h,v 1.12.206.1 2004/03/06 08:13:59 marka Exp $ */ + +#ifndef DNS_RCODE_H +#define DNS_RCODE_H 1 + +#include <isc/lang.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +isc_result_t dns_rcode_fromtext(dns_rcode_t *rcodep, isc_textregion_t *source); +/* + * Convert the text 'source' refers to into a DNS error value. + * + * Requires: + * 'rcodep' is a valid pointer. + * + * 'source' is a valid text region. + * + * Returns: + * ISC_R_SUCCESS on success + * DNS_R_UNKNOWN type is unknown + */ + +isc_result_t dns_rcode_totext(dns_rcode_t rcode, isc_buffer_t *target); +/* + * Put a textual representation of error 'rcode' into 'target'. + * + * Requires: + * 'rcode' is a valid rcode. + * + * 'target' is a valid text buffer. + * + * Ensures: + * If the result is success: + * The used space in 'target' is updated. + * + * Returns: + * ISC_R_SUCCESS on success + * ISC_R_NOSPACE target buffer is too small + */ + +isc_result_t dns_tsigrcode_fromtext(dns_rcode_t *rcodep, + isc_textregion_t *source); +/* + * Convert the text 'source' refers to into a TSIG/TKEY error value. + * + * Requires: + * 'rcodep' is a valid pointer. + * + * 'source' is a valid text region. + * + * Returns: + * ISC_R_SUCCESS on success + * DNS_R_UNKNOWN type is unknown + */ + +isc_result_t dns_tsigrcode_totext(dns_rcode_t rcode, isc_buffer_t *target); +/* + * Put a textual representation of TSIG/TKEY error 'rcode' into 'target'. + * + * Requires: + * 'rcode' is a valid TSIG/TKEY error code. + * + * 'target' is a valid text buffer. + * + * Ensures: + * If the result is success: + * The used space in 'target' is updated. + * + * Returns: + * ISC_R_SUCCESS on success + * ISC_R_NOSPACE target buffer is too small + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_RCODE_H */ diff --git a/contrib/bind9/lib/dns/include/dns/rdata.h b/contrib/bind9/lib/dns/include/dns/rdata.h new file mode 100644 index 0000000..b006b17 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/rdata.h @@ -0,0 +1,706 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1998-2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: rdata.h,v 1.51.2.3.2.4 2004/03/08 02:08:01 marka Exp $ */ + +#ifndef DNS_RDATA_H +#define DNS_RDATA_H 1 + +/***** + ***** Module Info + *****/ + +/* + * DNS Rdata + * + * Provides facilities for manipulating DNS rdata, including conversions to + * and from wire format and text format. + * + * Given the large amount of rdata possible in a nameserver, it was important + * to come up with a very efficient way of storing rdata, but at the same + * time allow it to be manipulated. + * + * The decision was to store rdata in uncompressed wire format, + * and not to make it a fully abstracted object; i.e. certain parts of the + * server know rdata is stored that way. This saves a lot of memory, and + * makes adding rdata to messages easy. Having much of the server know + * the representation would be perilous, and we certainly don't want each + * user of rdata to be manipulating such a low-level structure. This is + * where the rdata module comes in. The module allows rdata handles to be + * created and attached to uncompressed wire format regions. All rdata + * operations and conversions are done through these handles. + * + * Implementation Notes: + * + * The routines in this module are expected to be synthesized by the + * build process from a set of source files, one per rdata type. For + * portability, it's probably best that the building be done by a C + * program. Adding a new rdata type will be a simple matter of adding + * a file to a directory and rebuilding the server. *All* knowlege of + * the format of a particular rdata type is in this file. + * + * MP: + * Clients of this module must impose any required synchronization. + * + * Reliability: + * This module deals with low-level byte streams. Errors in any of + * the functions are likely to crash the server or corrupt memory. + * + * Rdata is typed, and the caller must know what type of rdata it has. + * A caller that gets this wrong could crash the server. + * + * The fromstruct() and tostruct() routines use a void * pointer to + * represent the structure. The caller must ensure that it passes a + * pointer to the appropriate type, or the server could crash or memory + * could be corrupted. + * + * Resources: + * None. + * + * Security: + * + * *** WARNING *** + * + * dns_rdata_fromwire() deals with raw network data. An error in + * this routine could result in the failure or hijacking of the server. + * + * Standards: + * RFC 1035 + * Draft EDNS0 (0) + * Draft EDNS1 (0) + * Draft Binary Labels (2) + * Draft Local Compression (1) + * <Various RFCs for particular types; these will be documented in the + * sources files of the types.> + * + */ + +/*** + *** Imports + ***/ + +#include <isc/lang.h> + +#include <dns/types.h> +#include <dns/name.h> + +ISC_LANG_BEGINDECLS + +/***** + ***** RData + ***** + ***** An 'rdata' is a handle to a binary region. The handle has an RR + ***** class and type, and the data in the binary region is in the format + ***** of the given class and type. + *****/ + +/*** + *** Types + ***/ + +/* + * Clients are strongly discouraged from using this type directly, with + * the exception of the 'link' field which may be used directly for whatever + * purpose the client desires. + */ +struct dns_rdata { + unsigned char * data; + unsigned int length; + dns_rdataclass_t rdclass; + dns_rdatatype_t type; + unsigned int flags; + ISC_LINK(dns_rdata_t) link; +}; + +#define DNS_RDATA_INIT { NULL, 0, 0, 0, 0, {(void*)(-1), (void *)(-1)}} + +#define DNS_RDATA_UPDATE 0x0001 /* update pseudo record */ + +/* + * Flags affecting rdata formatting style. Flags 0xFFFF0000 + * are used by masterfile-level formatting and defined elsewhere. + * See additional comments at dns_rdata_tofmttext(). + */ + +/* Split the rdata into multiple lines to try to keep it + within the "width". */ +#define DNS_STYLEFLAG_MULTILINE 0x00000001U + +/* Output explanatory comments. */ +#define DNS_STYLEFLAG_COMMENT 0x00000002U + +#define DNS_RDATA_DOWNCASE DNS_NAME_DOWNCASE +#define DNS_RDATA_CHECKNAMES DNS_NAME_CHECKNAMES +#define DNS_RDATA_CHECKNAMESFAIL DNS_NAME_CHECKNAMESFAIL +#define DNS_RDATA_CHECKREVERSE DNS_NAME_CHECKREVERSE + +/*** + *** Initialization + ***/ + +void +dns_rdata_init(dns_rdata_t *rdata); +/* + * Make 'rdata' empty. + * + * Requires: + * 'rdata' is a valid rdata (i.e. not NULL, points to a struct dns_rdata) + */ + +void +dns_rdata_reset(dns_rdata_t *rdata); +/* + * Make 'rdata' empty. + * + * Requires: + * 'rdata' is a previously initialized rdata and is not linked. + */ + +void +dns_rdata_clone(const dns_rdata_t *src, dns_rdata_t *target); +/* + * Clone 'target' from 'src'. + * + * Requires: + * 'src' to be initialized. + * 'target' to be initialized. + */ + +/*** + *** Comparisons + ***/ + +int +dns_rdata_compare(const dns_rdata_t *rdata1, const dns_rdata_t *rdata2); +/* + * Determine the relative ordering under the DNSSEC order relation of + * 'rdata1' and 'rdata2'. + * + * Requires: + * + * 'rdata1' is a valid, non-empty rdata + * + * 'rdata2' is a valid, non-empty rdata + * + * Returns: + * < 0 'rdata1' is less than 'rdata2' + * 0 'rdata1' is equal to 'rdata2' + * > 0 'rdata1' is greater than 'rdata2' + */ + +/*** + *** Conversions + ***/ + +void +dns_rdata_fromregion(dns_rdata_t *rdata, dns_rdataclass_t rdclass, + dns_rdatatype_t type, isc_region_t *r); +/* + * Make 'rdata' refer to region 'r'. + * + * Requires: + * + * The data in 'r' is properly formatted for whatever type it is. + */ + +void +dns_rdata_toregion(const dns_rdata_t *rdata, isc_region_t *r); +/* + * Make 'r' refer to 'rdata'. + */ + +isc_result_t +dns_rdata_fromwire(dns_rdata_t *rdata, dns_rdataclass_t rdclass, + dns_rdatatype_t type, isc_buffer_t *source, + dns_decompress_t *dctx, unsigned int options, + isc_buffer_t *target); +/* + * Copy the possibly-compressed rdata at source into the target region. + * + * Notes: + * Name decompression policy is controlled by 'dctx'. + * + * 'options' + * DNS_RDATA_DOWNCASE downcase domain names when they are copied + * into target. + * + * Requires: + * + * 'rdclass' and 'type' are valid. + * + * 'source' is a valid buffer, and the active region of 'source' + * references the rdata to be processed. + * + * 'target' is a valid buffer. + * + * 'dctx' is a valid decompression context. + * + * Ensures: + * + * If result is success: + * If 'rdata' is not NULL, it is attached to the target. + * + * The conditions dns_name_fromwire() ensures for names hold + * for all names in the rdata. + * + * The current location in source is advanced, and the used space + * in target is updated. + * + * Result: + * Success + * <Any non-success status from dns_name_fromwire()> + * <Various 'Bad Form' class failures depending on class and type> + * Bad Form: Input too short + * Resource Limit: Not enough space + */ + +isc_result_t +dns_rdata_towire(dns_rdata_t *rdata, dns_compress_t *cctx, + isc_buffer_t *target); +/* + * Convert 'rdata' into wire format, compressing it as specified by the + * compression context 'cctx', and storing the result in 'target'. + * + * Notes: + * If the compression context allows global compression, then the + * global compression table may be updated. + * + * Requires: + * 'rdata' is a valid, non-empty rdata + * + * target is a valid buffer + * + * Any offsets specified in a global compression table are valid + * for target. + * + * Ensures: + * If the result is success: + * The used space in target is updated. + * + * Returns: + * Success + * <Any non-success status from dns_name_towire()> + * Resource Limit: Not enough space + */ + +isc_result_t +dns_rdata_fromtext(dns_rdata_t *rdata, dns_rdataclass_t rdclass, + dns_rdatatype_t type, isc_lex_t *lexer, dns_name_t *origin, + unsigned int options, isc_mem_t *mctx, + isc_buffer_t *target, dns_rdatacallbacks_t *callbacks); +/* + * Convert the textual representation of a DNS rdata into uncompressed wire + * form stored in the target region. Tokens constituting the text of the rdata + * are taken from 'lexer'. + * + * Notes: + * Relative domain names in the rdata will have 'origin' appended to them. + * A NULL origin implies "origin == dns_rootname". + * + * + * 'options' + * DNS_RDATA_DOWNCASE downcase domain names when they are copied + * into target. + * DNS_RDATA_CHECKNAMES perform checknames checks. + * DNS_RDATA_CHECKNAMESFAIL fail if the checknames check fail. If + * not set a warning will be issued. + * DNS_RDATA_CHECKREVERSE this should set if the owner name ends + * in IP6.ARPA, IP6.INT or IN-ADDR.ARPA. + * + * Requires: + * + * 'rdclass' and 'type' are valid. + * + * 'lexer' is a valid isc_lex_t. + * + * 'mctx' is a valid isc_mem_t. + * + * 'target' is a valid region. + * + * 'origin' if non NULL it must be absolute. + * + * 'callbacks' to be NULL or callbacks->warn and callbacks->error be + * initialized. + * + * Ensures: + * If result is success: + * If 'rdata' is not NULL, it is attached to the target. + * + * The conditions dns_name_fromtext() ensures for names hold + * for all names in the rdata. + * + * The used space in target is updated. + * + * Result: + * Success + * <Translated result codes from isc_lex_gettoken> + * <Various 'Bad Form' class failures depending on class and type> + * Bad Form: Input too short + * Resource Limit: Not enough space + * Resource Limit: Not enough memory + */ + +isc_result_t +dns_rdata_totext(dns_rdata_t *rdata, dns_name_t *origin, isc_buffer_t *target); +/* + * Convert 'rdata' into text format, storing the result in 'target'. + * The text will consist of a single line, with fields separated by + * single spaces. + * + * Notes: + * If 'origin' is not NULL, then any names in the rdata that are + * subdomains of 'origin' will be made relative it. + * + * XXX Do we *really* want to support 'origin'? I'm inclined towards "no" + * at the moment. + * + * Requires: + * + * 'rdata' is a valid, non-empty rdata + * + * 'origin' is NULL, or is a valid name + * + * 'target' is a valid text buffer + * + * Ensures: + * If the result is success: + * + * The used space in target is updated. + * + * Returns: + * Success + * <Any non-success status from dns_name_totext()> + * Resource Limit: Not enough space + */ + +isc_result_t +dns_rdata_tofmttext(dns_rdata_t *rdata, dns_name_t *origin, unsigned int flags, + unsigned int width, char *linebreak, isc_buffer_t *target); +/* + * Like dns_rdata_totext, but do formatted output suitable for + * database dumps. This is intended for use by dns_db_dump(); + * library users are discouraged from calling it directly. + * + * If (flags & DNS_STYLEFLAG_MULTILINE) != 0, attempt to stay + * within 'width' by breaking the text into multiple lines. + * The string 'linebreak' is inserted between lines, and parentheses + * are added when necessary. Because RRs contain unbreakable elements + * such as domain names whose length is variable, unpredictable, and + * potentially large, there is no guarantee that the lines will + * not exceed 'width' anyway. + * + * If (flags & DNS_STYLEFLAG_MULTILINE) == 0, the rdata is always + * printed as a single line, and no parentheses are used. + * The 'width' and 'linebreak' arguments are ignored. + * + * If (flags & DNS_STYLEFLAG_COMMENT) != 0, output explanatory + * comments next to things like the SOA timer fields. Some + * comments (e.g., the SOA ones) are only printed when multiline + * output is selected. + */ + +isc_result_t +dns_rdata_fromstruct(dns_rdata_t *rdata, dns_rdataclass_t rdclass, + dns_rdatatype_t type, void *source, isc_buffer_t *target); +/* + * Convert the C structure representation of an rdata into uncompressed wire + * format in 'target'. + * + * XXX Should we have a 'size' parameter as a sanity check on target? + * + * Requires: + * + * 'rdclass' and 'type' are valid. + * + * 'source' points to a valid C struct for the class and type. + * + * 'target' is a valid buffer. + * + * All structure pointers to memory blocks should be NULL if their + * corresponding length values are zero. + * + * Ensures: + * If result is success: + * If 'rdata' is not NULL, it is attached to the target. + * + * The used space in 'target' is updated. + * + * Result: + * Success + * <Various 'Bad Form' class failures depending on class and type> + * Resource Limit: Not enough space + */ + +isc_result_t +dns_rdata_tostruct(dns_rdata_t *rdata, void *target, isc_mem_t *mctx); +/* + * Convert an rdata into its C structure representation. + * + * If 'mctx' is NULL then 'rdata' must persist while 'target' is being used. + * + * If 'mctx' is non NULL then memory will be allocated if required. + * + * Requires: + * + * 'rdata' is a valid, non-empty rdata. + * + * 'target' to point to a valid pointer for the type and class. + * + * Result: + * Success + * Resource Limit: Not enough memory + */ + +void +dns_rdata_freestruct(void *source); +/* + * Free dynamic memory attached to 'source' (if any). + * + * Requires: + * + * 'source' to point to the structure previously filled in by + * dns_rdata_tostruct(). + */ + +isc_boolean_t +dns_rdatatype_ismeta(dns_rdatatype_t type); +/* + * Return true iff the rdata type 'type' is a meta-type + * like ANY or AXFR. + */ + +isc_boolean_t +dns_rdatatype_issingleton(dns_rdatatype_t type); +/* + * Return true iff the rdata type 'type' is a singleton type, + * like CNAME or SOA. + * + * Requires: + * 'type' is a valid rdata type. + * + */ + +isc_boolean_t +dns_rdataclass_ismeta(dns_rdataclass_t rdclass); +/* + * Return true iff the rdata class 'rdclass' is a meta-class + * like ANY or NONE. + */ + +isc_boolean_t +dns_rdatatype_isdnssec(dns_rdatatype_t type); +/* + * Return true iff 'type' is one of the DNSSEC + * rdata types that may exist alongside a CNAME record. + * + * Requires: + * 'type' is a valid rdata type. + */ + +isc_boolean_t +dns_rdatatype_iszonecutauth(dns_rdatatype_t type); +/* + * Return true iff rdata of type 'type' is considered authoritative + * data (not glue) in the NSEC chain when it occurs in the parent zone + * at a zone cut. + * + * Requires: + * 'type' is a valid rdata type. + * + */ + +isc_boolean_t +dns_rdatatype_isknown(dns_rdatatype_t type); +/* + * Return true iff the rdata type 'type' is known. + * + * Requires: + * 'type' is a valid rdata type. + * + */ + + +isc_result_t +dns_rdata_additionaldata(dns_rdata_t *rdata, dns_additionaldatafunc_t add, + void *arg); +/* + * Call 'add' for each name and type from 'rdata' which is subject to + * additional section processing. + * + * Requires: + * + * 'rdata' is a valid, non-empty rdata. + * + * 'add' is a valid dns_additionalfunc_t. + * + * Ensures: + * + * If successful, then add() will have been called for each name + * and type subject to additional section processing. + * + * If add() returns something other than ISC_R_SUCCESS, that result + * will be returned as the result of dns_rdata_additionaldata(). + * + * Returns: + * + * ISC_R_SUCCESS + * + * Many other results are possible if not successful. + */ + +isc_result_t +dns_rdata_digest(dns_rdata_t *rdata, dns_digestfunc_t digest, void *arg); +/* + * Send 'rdata' in DNSSEC canonical form to 'digest'. + * + * Note: + * 'digest' may be called more than once by dns_rdata_digest(). The + * concatenation of all the regions, in the order they were given + * to 'digest', will be the DNSSEC canonical form of 'rdata'. + * + * Requires: + * + * 'rdata' is a valid, non-empty rdata. + * + * 'digest' is a valid dns_digestfunc_t. + * + * Ensures: + * + * If successful, then all of the rdata's data has been sent, in + * DNSSEC canonical form, to 'digest'. + * + * If digest() returns something other than ISC_R_SUCCESS, that result + * will be returned as the result of dns_rdata_digest(). + * + * Returns: + * + * ISC_R_SUCCESS + * + * Many other results are possible if not successful. + */ + +isc_boolean_t +dns_rdatatype_questiononly(dns_rdatatype_t type); +/* + * Return true iff rdata of type 'type' can only appear in the question + * section of a properly formatted message. + * + * Requires: + * 'type' is a valid rdata type. + * + */ + +isc_boolean_t +dns_rdatatype_notquestion(dns_rdatatype_t type); +/* + * Return true iff rdata of type 'type' can not appear in the question + * section of a properly formatted message. + * + * Requires: + * 'type' is a valid rdata type. + * + */ + +isc_boolean_t +dns_rdatatype_atparent(dns_rdatatype_t type); +/* + * Return true iff rdata of type 'type' should appear at the parent of + * a zone cut. + * + * Requires: + * 'type' is a valid rdata type. + * + */ + +unsigned int +dns_rdatatype_attributes(dns_rdatatype_t rdtype); +/* + * Return attributes for the given type. + * + * Requires: + * 'rdtype' are known. + * + * Returns: + * a bitmask consisting of the following flags. + */ + +/* only one may exist for a name */ +#define DNS_RDATATYPEATTR_SINGLETON 0x00000001U +/* requires no other data be present */ +#define DNS_RDATATYPEATTR_EXCLUSIVE 0x00000002U +/* Is a meta type */ +#define DNS_RDATATYPEATTR_META 0x00000004U +/* Is a DNSSEC type, like RRSIG or NSEC */ +#define DNS_RDATATYPEATTR_DNSSEC 0x00000008U +/* Is a zone cut authority type */ +#define DNS_RDATATYPEATTR_ZONECUTAUTH 0x00000010U +/* Is reserved (unusable) */ +#define DNS_RDATATYPEATTR_RESERVED 0x00000020U +/* Is an unknown type */ +#define DNS_RDATATYPEATTR_UNKNOWN 0x00000040U +/* Is META, and can only be in a question section */ +#define DNS_RDATATYPEATTR_QUESTIONONLY 0x00000080U +/* is META, and can NOT be in a question section */ +#define DNS_RDATATYPEATTR_NOTQUESTION 0x00000100U +/* Is present at zone cuts in the parent, not the child */ +#define DNS_RDATATYPEATTR_ATPARENT 0x00000200U + +dns_rdatatype_t +dns_rdata_covers(dns_rdata_t *rdata); +/* + * Return the rdatatype that this type covers. + * + * Requires: + * 'rdata' is a valid, non-empty rdata. + * + * 'rdata' is a type that covers other rdata types. + * + * Returns: + * The type covered. + */ + +isc_boolean_t +dns_rdata_checkowner(dns_name_t* name, dns_rdataclass_t rdclass, + dns_rdatatype_t type, isc_boolean_t wildcard); +/* + * Returns whether this is a valid ownername for this <type,class>. + * If wildcard is true allow the first label to be a wildcard if + * appropriate. + * + * Requires: + * 'name' is a valid name. + */ + +isc_boolean_t +dns_rdata_checknames(dns_rdata_t *rdata, dns_name_t *owner, dns_name_t *bad); +/* + * Returns whether 'rdata' contains valid domain names. The checks are + * sensitive to the owner name. + * + * If 'bad' is non-NULL and a domain name fails the check the + * the offending name will be return in 'bad' by cloning from + * the 'rdata' contents. + * + * Requires: + * 'rdata' to be valid. + * 'owner' to be valid. + * 'bad' to be NULL or valid. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_RDATA_H */ diff --git a/contrib/bind9/lib/dns/include/dns/rdataclass.h b/contrib/bind9/lib/dns/include/dns/rdataclass.h new file mode 100644 index 0000000..359a2be --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/rdataclass.h @@ -0,0 +1,79 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1998-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: rdataclass.h,v 1.17.206.1 2004/03/06 08:13:59 marka Exp $ */ + +#ifndef DNS_RDATACLASS_H +#define DNS_RDATACLASS_H 1 + +#include <isc/lang.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_rdataclass_fromtext(dns_rdataclass_t *classp, isc_textregion_t *source); +/* + * Convert the text 'source' refers to into a DNS class. + * + * Requires: + * 'classp' is a valid pointer. + * + * 'source' is a valid text region. + * + * Returns: + * ISC_R_SUCCESS on success + * DNS_R_UNKNOWN class is unknown + */ + +isc_result_t +dns_rdataclass_totext(dns_rdataclass_t rdclass, isc_buffer_t *target); +/* + * Put a textual representation of class 'rdclass' into 'target'. + * + * Requires: + * 'rdclass' is a valid class. + * + * 'target' is a valid text buffer. + * + * Ensures: + * If the result is success: + * The used space in 'target' is updated. + * + * Returns: + * ISC_R_SUCCESS on success + * ISC_R_NOSPACE target buffer is too small + */ + +void +dns_rdataclass_format(dns_rdataclass_t rdclass, + char *array, unsigned int size); +/* + * Format a human-readable representation of the class 'rdclass' + * into the character array 'array', which is of size 'size'. + * The resulting string is guaranteed to be null-terminated. + */ + +#define DNS_RDATACLASS_FORMATSIZE sizeof("CLASS65535") +/* + * Minimum size of array to pass to dns_rdataclass_format(). + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_RDATACLASS_H */ diff --git a/contrib/bind9/lib/dns/include/dns/rdatalist.h b/contrib/bind9/lib/dns/include/dns/rdatalist.h new file mode 100644 index 0000000..a846c89 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/rdatalist.h @@ -0,0 +1,104 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: rdatalist.h,v 1.13.206.1 2004/03/06 08:13:59 marka Exp $ */ + +#ifndef DNS_RDATALIST_H +#define DNS_RDATALIST_H 1 + +/***** + ***** Module Info + *****/ + +/* + * DNS Rdatalist + * + * A DNS rdatalist is a list of rdata of a common type and class. + * + * MP: + * Clients of this module must impose any required synchronization. + * + * Reliability: + * No anticipated impact. + * + * Resources: + * <TBS> + * + * Security: + * No anticipated impact. + * + * Standards: + * None. + */ + +#include <isc/lang.h> + +#include <dns/types.h> + +/* + * Clients may use this type directly. + */ +struct dns_rdatalist { + dns_rdataclass_t rdclass; + dns_rdatatype_t type; + dns_rdatatype_t covers; + dns_ttl_t ttl; + ISC_LIST(dns_rdata_t) rdata; + ISC_LINK(dns_rdatalist_t) link; +}; + +ISC_LANG_BEGINDECLS + +void +dns_rdatalist_init(dns_rdatalist_t *rdatalist); +/* + * Initialize rdatalist. + * + * Ensures: + * All fields of rdatalist have been initialized to their default + * values. + */ + +isc_result_t +dns_rdatalist_tordataset(dns_rdatalist_t *rdatalist, + dns_rdataset_t *rdataset); +/* + * Make 'rdataset' refer to the rdata in 'rdatalist'. + * + * Note: + * The caller must ensure that 'rdatalist' remains valid and unchanged + * while 'rdataset' is associated with it. + * + * Requires: + * + * 'rdatalist' is a valid rdatalist. + * + * 'rdataset' is a valid rdataset that is not currently associated with + * any rdata. + * + * Ensures: + * On success, + * + * 'rdataset' is associated with the rdata in rdatalist. + * + * Returns: + * ISC_R_SUCCESS + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_RDATALIST_H */ diff --git a/contrib/bind9/lib/dns/include/dns/rdataset.h b/contrib/bind9/lib/dns/include/dns/rdataset.h new file mode 100644 index 0000000..e2b0753 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/rdataset.h @@ -0,0 +1,468 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: rdataset.h,v 1.41.2.5.2.6 2004/03/08 02:08:01 marka Exp $ */ + +#ifndef DNS_RDATASET_H +#define DNS_RDATASET_H 1 + +/***** + ***** Module Info + *****/ + +/* + * DNS Rdataset + * + * A DNS rdataset is a handle that can be associated with a collection of + * rdata all having a common owner name, class, and type. + * + * The dns_rdataset_t type is like a "virtual class". To actually use + * rdatasets, an implementation of the method suite (e.g. "slabbed rdata") is + * required. + * + * XXX <more> XXX + * + * MP: + * Clients of this module must impose any required synchronization. + * + * Reliability: + * No anticipated impact. + * + * Resources: + * <TBS> + * + * Security: + * No anticipated impact. + * + * Standards: + * None. + */ + +#include <isc/lang.h> +#include <isc/magic.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +typedef struct dns_rdatasetmethods { + void (*disassociate)(dns_rdataset_t *rdataset); + isc_result_t (*first)(dns_rdataset_t *rdataset); + isc_result_t (*next)(dns_rdataset_t *rdataset); + void (*current)(dns_rdataset_t *rdataset, + dns_rdata_t *rdata); + void (*clone)(dns_rdataset_t *source, + dns_rdataset_t *target); + unsigned int (*count)(dns_rdataset_t *rdataset); + isc_result_t (*addnoqname)(dns_rdataset_t *rdataset, + dns_name_t *name); + isc_result_t (*getnoqname)(dns_rdataset_t *rdataset, + dns_name_t *name, + dns_rdataset_t *nsec, + dns_rdataset_t *nsecsig); +} dns_rdatasetmethods_t; + +#define DNS_RDATASET_MAGIC ISC_MAGIC('D','N','S','R') +#define DNS_RDATASET_VALID(set) ISC_MAGIC_VALID(set, DNS_RDATASET_MAGIC) + +/* + * Direct use of this structure by clients is strongly discouraged, except + * for the 'link' field which may be used however the client wishes. The + * 'private', 'current', and 'index' fields MUST NOT be changed by clients. + * rdataset implementations may change any of the fields. + */ +struct dns_rdataset { + unsigned int magic; /* XXX ? */ + dns_rdatasetmethods_t * methods; + ISC_LINK(dns_rdataset_t) link; + /* + * XXX do we need these, or should they be retrieved by methods? + * Leaning towards the latter, since they are not frequently required + * once you have the rdataset. + */ + dns_rdataclass_t rdclass; + dns_rdatatype_t type; + dns_ttl_t ttl; + dns_trust_t trust; + dns_rdatatype_t covers; + /* + * attributes + */ + unsigned int attributes; + /* + * the counter provides the starting point in the "cyclic" order. + * The value ISC_UINT32_MAX has a special meaning of "picking up a + * random value." in order to take care of databases that do not + * increment the counter. + */ + isc_uint32_t count; + /* + * These are for use by the rdataset implementation, and MUST NOT + * be changed by clients. + */ + void * private1; + void * private2; + void * private3; + unsigned int privateuint4; + void * private5; + void * private6; +}; + +/* + * _RENDERED: + * Used by message.c to indicate that the rdataset was rendered. + * + * _TTLADJUSTED: + * Used by message.c to indicate that the rdataset's rdata had differing + * TTL values, and the rdataset->ttl holds the smallest. + */ +#define DNS_RDATASETATTR_QUESTION 0x0001 +#define DNS_RDATASETATTR_RENDERED 0x0002 /* Used by message.c */ +#define DNS_RDATASETATTR_ANSWERED 0x0004 /* Used by server. */ +#define DNS_RDATASETATTR_CACHE 0x0008 /* Used by resolver. */ +#define DNS_RDATASETATTR_ANSWER 0x0010 /* Used by resolver. */ +#define DNS_RDATASETATTR_ANSWERSIG 0x0020 /* Used by resolver. */ +#define DNS_RDATASETATTR_EXTERNAL 0x0040 /* Used by resolver. */ +#define DNS_RDATASETATTR_NCACHE 0x0080 /* Used by resolver. */ +#define DNS_RDATASETATTR_CHAINING 0x0100 /* Used by resolver. */ +#define DNS_RDATASETATTR_TTLADJUSTED 0x0200 /* Used by message.c */ +#define DNS_RDATASETATTR_FIXEDORDER 0x0400 +#define DNS_RDATASETATTR_RANDOMIZE 0x0800 +#define DNS_RDATASETATTR_CHASE 0x1000 /* Used by resolver. */ +#define DNS_RDATASETATTR_NXDOMAIN 0x2000 +#define DNS_RDATASETATTR_NOQNAME 0x4000 +#define DNS_RDATASETATTR_CHECKNAMES 0x8000 /* Used by resolver. */ + +/* + * _OMITDNSSEC: + * Omit DNSSEC records when rendering ncache records. + */ +#define DNS_RDATASETTOWIRE_OMITDNSSEC 0x0001 + +void +dns_rdataset_init(dns_rdataset_t *rdataset); +/* + * Make 'rdataset' a valid, disassociated rdataset. + * + * Requires: + * 'rdataset' is not NULL. + * + * Ensures: + * 'rdataset' is a valid, disassociated rdataset. + */ + +void +dns_rdataset_invalidate(dns_rdataset_t *rdataset); +/* + * Invalidate 'rdataset'. + * + * Requires: + * 'rdataset' is a valid, disassociated rdataset. + * + * Ensures: + * If assertion checking is enabled, future attempts to use 'rdataset' + * without initializing it will cause an assertion failure. + */ + +void +dns_rdataset_disassociate(dns_rdataset_t *rdataset); +/* + * Disassociate 'rdataset' from its rdata, allowing it to be reused. + * + * Notes: + * The client must ensure it has no references to rdata in the rdataset + * before disassociating. + * + * Requires: + * 'rdataset' is a valid, associated rdataset. + * + * Ensures: + * 'rdataset' is a valid, disassociated rdataset. + */ + +isc_boolean_t +dns_rdataset_isassociated(dns_rdataset_t *rdataset); +/* + * Is 'rdataset' associated? + * + * Requires: + * 'rdataset' is a valid rdataset. + * + * Returns: + * ISC_TRUE 'rdataset' is associated. + * ISC_FALSE 'rdataset' is not associated. + */ + +void +dns_rdataset_makequestion(dns_rdataset_t *rdataset, dns_rdataclass_t rdclass, + dns_rdatatype_t type); +/* + * Make 'rdataset' a valid, associated, question rdataset, with a + * question class of 'rdclass' and type 'type'. + * + * Notes: + * Question rdatasets have a class and type, but no rdata. + * + * Requires: + * 'rdataset' is a valid, disassociated rdataset. + * + * Ensures: + * 'rdataset' is a valid, associated, question rdataset. + */ + +void +dns_rdataset_clone(dns_rdataset_t *source, dns_rdataset_t *target); +/* + * Make 'target' refer to the same rdataset as 'source'. + * + * Requires: + * 'source' is a valid, associated rdataset. + * + * 'target' is a valid, dissociated rdataset. + * + * Ensures: + * 'target' references the same rdataset as 'source'. + */ + +unsigned int +dns_rdataset_count(dns_rdataset_t *rdataset); +/* + * Return the number of records in 'rdataset'. + * + * Requires: + * 'rdataset' is a valid, associated rdataset. + * + * Returns: + * The number of records in 'rdataset'. + */ + +isc_result_t +dns_rdataset_first(dns_rdataset_t *rdataset); +/* + * Move the rdata cursor to the first rdata in the rdataset (if any). + * + * Requires: + * 'rdataset' is a valid, associated rdataset. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMORE There are no rdata in the set. + */ + +isc_result_t +dns_rdataset_next(dns_rdataset_t *rdataset); +/* + * Move the rdata cursor to the next rdata in the rdataset (if any). + * + * Requires: + * 'rdataset' is a valid, associated rdataset. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMORE There are no more rdata in the set. + */ + +void +dns_rdataset_current(dns_rdataset_t *rdataset, dns_rdata_t *rdata); +/* + * Make 'rdata' refer to the current rdata. + * + * Notes: + * + * The data returned in 'rdata' is valid for the life of the + * rdataset; in particular, subsequent changes in the cursor position + * do not invalidate 'rdata'. + * + * Requires: + * 'rdataset' is a valid, associated rdataset. + * + * The rdata cursor of 'rdataset' is at a valid location (i.e. the + * result of last call to a cursor movement command was ISC_R_SUCCESS). + * + * Ensures: + * 'rdata' refers to the rdata at the rdata cursor location of + * 'rdataset'. + */ + +isc_result_t +dns_rdataset_totext(dns_rdataset_t *rdataset, + dns_name_t *owner_name, + isc_boolean_t omit_final_dot, + isc_boolean_t question, + isc_buffer_t *target); +/* + * Convert 'rdataset' to text format, storing the result in 'target'. + * + * Notes: + * The rdata cursor position will be changed. + * + * The 'question' flag should normally be ISC_FALSE. If it is + * ISC_TRUE, the TTL and rdata fields are not printed. This is + * for use when printing an rdata representing a question section. + * + * This interface is deprecated; use dns_master_rdatasettottext() + * and/or dns_master_questiontotext() instead. + * + * Requires: + * 'rdataset' is a valid rdataset. + * + * 'rdataset' is not empty. + */ + +isc_result_t +dns_rdataset_towire(dns_rdataset_t *rdataset, + dns_name_t *owner_name, + dns_compress_t *cctx, + isc_buffer_t *target, + unsigned int options, + unsigned int *countp); +/* + * Convert 'rdataset' to wire format, compressing names as specified + * in 'cctx', and storing the result in 'target'. + * + * Notes: + * The rdata cursor position will be changed. + * + * The number of RRs added to target will be added to *countp. + * + * Requires: + * 'rdataset' is a valid rdataset. + * + * 'rdataset' is not empty. + * + * 'countp' is a valid pointer. + * + * Ensures: + * On a return of ISC_R_SUCCESS, 'target' contains a wire format + * for the data contained in 'rdataset'. Any error return leaves + * the buffer unchanged. + * + * *countp has been incremented by the number of RRs added to + * target. + * + * Returns: + * ISC_R_SUCCESS - all ok + * ISC_R_NOSPACE - 'target' doesn't have enough room + * + * Any error returned by dns_rdata_towire(), dns_rdataset_next(), + * dns_name_towire(). + */ + +isc_result_t +dns_rdataset_towiresorted(dns_rdataset_t *rdataset, + dns_name_t *owner_name, + dns_compress_t *cctx, + isc_buffer_t *target, + dns_rdatasetorderfunc_t order, + void *order_arg, + unsigned int options, + unsigned int *countp); +/* + * Like dns_rdataset_towire(), but sorting the rdatasets according to + * the integer value returned by 'order' when called witih the rdataset + * and 'order_arg' as arguments. + * + * Requires: + * All the requirements of dns_rdataset_towire(), and + * that order_arg is NULL if and only if order is NULL. + */ + +isc_result_t +dns_rdataset_towirepartial(dns_rdataset_t *rdataset, + dns_name_t *owner_name, + dns_compress_t *cctx, + isc_buffer_t *target, + dns_rdatasetorderfunc_t order, + void *order_arg, + unsigned int options, + unsigned int *countp, + void **state); +/* + * Like dns_rdataset_towiresorted() except that a partial rdataset + * may be written. + * + * Requires: + * All the requirements of dns_rdataset_towiresorted(). + * If 'state' is non NULL then the current position in the + * rdataset will be remembered if the rdataset in not + * completely written and should be passed on on subsequent + * calls (NOT CURRENTLY IMPLEMENTED). + * + * Returns: + * ISC_R_SUCCESS if all of the records were written. + * ISC_R_NOSPACE if unable to fit in all of the records. *countp + * will be updated to reflect the number of records + * written. + */ + + +isc_result_t +dns_rdataset_additionaldata(dns_rdataset_t *rdataset, + dns_additionaldatafunc_t add, void *arg); +/* + * For each rdata in rdataset, call 'add' for each name and type in the + * rdata which is subject to additional section processing. + * + * Requires: + * + * 'rdataset' is a valid, non-question rdataset. + * + * 'add' is a valid dns_additionaldatafunc_t + * + * Ensures: + * + * If successful, dns_rdata_additionaldata() will have been called for + * each rdata in 'rdataset'. + * + * If a call to dns_rdata_additionaldata() is not successful, the + * result returned will be the result of dns_rdataset_additionaldata(). + * + * Returns: + * + * ISC_R_SUCCESS + * + * Any error that dns_rdata_additionaldata() can return. + */ + +isc_result_t +dns_rdataset_getnoqname(dns_rdataset_t *rdataset, dns_name_t *name, + dns_rdataset_t *nsec, dns_rdataset_t *nsecsig); +/* + * Return the noqname proof for this record. + * + * Requires: + * 'rdataset' to be valid and DNS_RDATASETATTR_NOQNAME to be set. + * 'name' to be valid. + * 'nsec' and 'nsecsig' to be valid and not associated. + */ + +isc_result_t +dns_rdataset_addnoqname(dns_rdataset_t *rdataset, dns_name_t *name); +/* + * Associate a noqname proof with this record. + * Sets DNS_RDATASETATTR_NOQNAME if successful. + * Adjusts the 'rdataset->ttl' to minimum of the 'rdataset->ttl' and + * the 'nsec' and 'rrsig(nsec)' ttl. + * + * Requires: + * 'rdataset' to be valid and DNS_RDATASETATTR_NOQNAME to be set. + * 'name' to be valid and have NSEC and RRSIG(NSEC) rdatasets. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_RDATASET_H */ diff --git a/contrib/bind9/lib/dns/include/dns/rdatasetiter.h b/contrib/bind9/lib/dns/include/dns/rdatasetiter.h new file mode 100644 index 0000000..198aebb --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/rdatasetiter.h @@ -0,0 +1,171 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: rdatasetiter.h,v 1.14.206.1 2004/03/06 08:13:59 marka Exp $ */ + +#ifndef DNS_RDATASETITER_H +#define DNS_RDATASETITER_H 1 + +/***** + ***** Module Info + *****/ + +/* + * DNS Rdataset Iterator + * + * The DNS Rdataset Iterator interface allows iteration of all of the + * rdatasets at a node. + * + * The dns_rdatasetiter_t type is like a "virtual class". To actually use + * it, an implementation of the class is required. This implementation is + * supplied by the database. + * + * It is the client's responsibility to call dns_rdataset_disassociate() + * on all rdatasets returned. + * + * XXX <more> XXX + * + * MP: + * The iterator itself is not locked. The caller must ensure + * synchronization. + * + * The iterator methods ensure appropriate database locking. + * + * Reliability: + * No anticipated impact. + * + * Resources: + * <TBS> + * + * Security: + * No anticipated impact. + * + * Standards: + * None. + */ + +/***** + ***** Imports + *****/ + +#include <isc/lang.h> +#include <isc/magic.h> +#include <isc/stdtime.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +/***** + ***** Types + *****/ + +typedef struct dns_rdatasetitermethods { + void (*destroy)(dns_rdatasetiter_t **iteratorp); + isc_result_t (*first)(dns_rdatasetiter_t *iterator); + isc_result_t (*next)(dns_rdatasetiter_t *iterator); + void (*current)(dns_rdatasetiter_t *iterator, + dns_rdataset_t *rdataset); +} dns_rdatasetitermethods_t; + +#define DNS_RDATASETITER_MAGIC ISC_MAGIC('D','N','S','i') +#define DNS_RDATASETITER_VALID(i) ISC_MAGIC_VALID(i, DNS_RDATASETITER_MAGIC) + +/* + * This structure is actually just the common prefix of a DNS db + * implementation's version of a dns_rdatasetiter_t. + * + * Direct use of this structure by clients is forbidden. DB implementations + * may change the structure. 'magic' must be DNS_RDATASETITER_MAGIC for + * any of the dns_rdatasetiter routines to work. DB implementations must + * maintain all DB rdataset iterator invariants. + */ +struct dns_rdatasetiter { + /* Unlocked. */ + unsigned int magic; + dns_rdatasetitermethods_t * methods; + dns_db_t * db; + dns_dbnode_t * node; + dns_dbversion_t * version; + isc_stdtime_t now; +}; + +void +dns_rdatasetiter_destroy(dns_rdatasetiter_t **iteratorp); +/* + * Destroy '*iteratorp'. + * + * Requires: + * + * '*iteratorp' is a valid iterator. + * + * Ensures: + * + * All resources used by the iterator are freed. + * + * *iteratorp == NULL. + */ + +isc_result_t +dns_rdatasetiter_first(dns_rdatasetiter_t *iterator); +/* + * Move the rdataset cursor to the first rdataset at the node (if any). + * + * Requires: + * 'iterator' is a valid iterator. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMORE There are no rdatasets at the node. + * + * Other results are possible, depending on the DB implementation. + */ + +isc_result_t +dns_rdatasetiter_next(dns_rdatasetiter_t *iterator); +/* + * Move the rdataset cursor to the next rdataset at the node (if any). + * + * Requires: + * 'iterator' is a valid iterator. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMORE There are no more rdatasets at the + * node. + * + * Other results are possible, depending on the DB implementation. + */ + +void +dns_rdatasetiter_current(dns_rdatasetiter_t *iterator, + dns_rdataset_t *rdataset); +/* + * Return the current rdataset. + * + * Requires: + * 'iterator' is a valid iterator. + * + * 'rdataset' is a valid, disassociated rdataset. + * + * The rdataset cursor of 'iterator' is at a valid location (i.e. the + * result of last call to a cursor movement command was ISC_R_SUCCESS). + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_RDATASETITER_H */ diff --git a/contrib/bind9/lib/dns/include/dns/rdataslab.h b/contrib/bind9/lib/dns/include/dns/rdataslab.h new file mode 100644 index 0000000..a0912db --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/rdataslab.h @@ -0,0 +1,167 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2002 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: rdataslab.h,v 1.20.2.2.2.4 2004/03/08 09:04:39 marka Exp $ */ + +#ifndef DNS_RDATASLAB_H +#define DNS_RDATASLAB_H 1 + +/* + * DNS Rdata Slab + * + * Implements storage of rdatasets into slabs of memory. + * + * MP: + * Clients of this module must impose any required synchronization. + * + * Reliability: + * This module deals with low-level byte streams. Errors in any of + * the functions are likely to crash the server or corrupt memory. + * + * If the caller passes invalid memory references, these functions are + * likely to crash the server or corrupt memory. + * + * Resources: + * None. + * + * Security: + * None. + * + * Standards: + * None. + */ + +/*** + *** Imports + ***/ + +#include <isc/lang.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +#define DNS_RDATASLAB_FORCE 0x1 +#define DNS_RDATASLAB_EXACT 0x2 + +/*** + *** Functions + ***/ + +isc_result_t +dns_rdataslab_fromrdataset(dns_rdataset_t *rdataset, isc_mem_t *mctx, + isc_region_t *region, unsigned int reservelen); +/* + * Slabify a rdataset. The slab area will be allocated and returned + * in 'region'. + * + * Requires: + * 'rdataset' is valid. + * + * Ensures: + * 'region' will have base pointing to the start of allocated memory, + * with the slabified region beginning at region->base + reservelen. + * region->length contains the total length allocated. + * + * Returns: + * ISC_R_SUCCESS - successful completion + * ISC_R_NOMEMORY - no memory. + * <XXX others> + */ + +void +dns_rdataslab_tordataset(unsigned char *slab, unsigned int reservelen, + dns_rdataclass_t rdclass, dns_rdatatype_t rdtype, + dns_rdatatype_t covers, dns_ttl_t ttl, + dns_rdataset_t *rdataset); +/* + * Construct an rdataset from a slab. + * + * Requires: + * 'slab' points to a slab. + * 'rdataset' is disassociated. + * + * Ensures: + * 'rdataset' is associated and points to a valid rdataest. + */ + +unsigned int +dns_rdataslab_size(unsigned char *slab, unsigned int reservelen); +/* + * Return the total size of an rdataslab. + * + * Requires: + * 'slab' points to a slab. + * + * Returns: + * The number of bytes in the slab, including the reservelen. + */ + +isc_result_t +dns_rdataslab_merge(unsigned char *oslab, unsigned char *nslab, + unsigned int reservelen, isc_mem_t *mctx, + dns_rdataclass_t rdclass, dns_rdatatype_t type, + unsigned int flags, unsigned char **tslabp); +/* + * Merge 'oslab' and 'nslab'. + */ + +isc_result_t +dns_rdataslab_subtract(unsigned char *mslab, unsigned char *sslab, + unsigned int reservelen, isc_mem_t *mctx, + dns_rdataclass_t rdclass, dns_rdatatype_t type, + unsigned int flags, unsigned char **tslabp); +/* + * Subtract 'sslab' from 'mslab'. If 'exact' is true then all elements + * of 'sslab' must exist in 'mslab'. + * + * XXX + * valid flags are DNS_RDATASLAB_EXACT + */ + +isc_boolean_t +dns_rdataslab_equal(unsigned char *slab1, unsigned char *slab2, + unsigned int reservelen); + +/* + * Compare two rdataslabs for equality. This does _not_ do a full + * DNSSEC comparison. + * + * Requires: + * 'slab1' and 'slab2' point to slabs. + * + * Returns: + * ISC_TRUE if the slabs are equal, ISC_FALSE otherwise. + */ + +isc_boolean_t +dns_rdataslab_equalx(unsigned char *slab1, unsigned char *slab2, + unsigned int reservelen, dns_rdataclass_t rdclass, + dns_rdatatype_t type); +/* + * Compare two rdataslabs for DNSSEC equality. + * + * Requires: + * 'slab1' and 'slab2' point to slabs. + * + * Returns: + * ISC_TRUE if the slabs are equal, ISC_FALSE otherwise. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_RDATASLAB_H */ diff --git a/contrib/bind9/lib/dns/include/dns/rdatatype.h b/contrib/bind9/lib/dns/include/dns/rdatatype.h new file mode 100644 index 0000000..0fa865d --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/rdatatype.h @@ -0,0 +1,81 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1998-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: rdatatype.h,v 1.17.206.1 2004/03/06 08:13:59 marka Exp $ */ + +#ifndef DNS_RDATATYPE_H +#define DNS_RDATATYPE_H 1 + +#include <isc/lang.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_rdatatype_fromtext(dns_rdatatype_t *typep, isc_textregion_t *source); +/* + * Convert the text 'source' refers to into a DNS rdata type. + * + * Requires: + * 'typep' is a valid pointer. + * + * 'source' is a valid text region. + * + * Returns: + * ISC_R_SUCCESS on success + * DNS_R_UNKNOWN type is unknown + */ + +isc_result_t +dns_rdatatype_totext(dns_rdatatype_t type, isc_buffer_t *target); +/* + * Put a textual representation of type 'type' into 'target'. + * + * Requires: + * 'type' is a valid type. + * + * 'target' is a valid text buffer. + * + * Ensures: + * If the result is success: + * The used space in 'target' is updated. + * + * Returns: + * ISC_R_SUCCESS on success + * ISC_R_NOSPACE target buffer is too small + */ + +void +dns_rdatatype_format(dns_rdatatype_t rdtype, + char *array, unsigned int size); +/* + * Format a human-readable representation of the type 'rdtype' + * into the character array 'array', which is of size 'size'. + * The resulting string is guaranteed to be null-terminated. + */ + +#define DNS_RDATATYPE_FORMATSIZE sizeof("TYPE65535") +/* + * Minimum size of array to pass to dns_rdatatype_format(). + * May need to be adjusted if a new RR type with a very long + * name is defined. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_RDATATYPE_H */ diff --git a/contrib/bind9/lib/dns/include/dns/request.h b/contrib/bind9/lib/dns/include/dns/request.h new file mode 100644 index 0000000..b3e7bcd --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/request.h @@ -0,0 +1,371 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2000-2002 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: request.h,v 1.17.12.5 2004/03/08 09:04:39 marka Exp $ */ + +#ifndef DNS_REQUEST_H +#define DNS_REQUEST_H 1 + +/***** + ***** Module Info + *****/ + +/* + * DNS Request + * + * The request module provides simple request/response services useful for + * sending SOA queries, DNS Notify messages, and dynamic update requests. + * + * MP: + * The module ensures appropriate synchronization of data structures it + * creates and manipulates. + * + * Resources: + * <TBS> + * + * Security: + * No anticipated impact. + */ + +#include <isc/lang.h> +#include <isc/event.h> + +#include <dns/types.h> + +#define DNS_REQUESTOPT_TCP 0x00000001U + +typedef struct dns_requestevent { + ISC_EVENT_COMMON(struct dns_requestevent); + isc_result_t result; + dns_request_t *request; +} dns_requestevent_t; + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_requestmgr_create(isc_mem_t *mctx, isc_timermgr_t *timermgr, + isc_socketmgr_t *socketmgr, isc_taskmgr_t *taskmgr, + dns_dispatchmgr_t *dispatchmgr, + dns_dispatch_t *dispatchv4, dns_dispatch_t *dispatchv6, + dns_requestmgr_t **requestmgrp); +/* + * Create a request manager. + * + * Requires: + * + * 'mctx' is a valid memory context. + * + * 'timermgr' is a valid timer manager. + * + * 'socketmgr' is a valid socket manager. + * + * 'taskmgr' is a valid task manager. + * + * 'dispatchv4' is a valid dispatcher with an IPv4 UDP socket, or is NULL. + * + * 'dispatchv6' is a valid dispatcher with an IPv6 UDP socket, or is NULL. + * + * requestmgrp != NULL && *requestmgrp == NULL + * + * Ensures: + * + * On success, *requestmgrp is a valid request manager. + * + * Returns: + * + * ISC_R_SUCCESS + * + * Any other result indicates failure. + */ + +void +dns_requestmgr_whenshutdown(dns_requestmgr_t *requestmgr, isc_task_t *task, + isc_event_t **eventp); +/* + * Send '*eventp' to 'task' when 'requestmgr' has completed shutdown. + * + * Notes: + * + * It is not safe to detach the last reference to 'requestmgr' until + * shutdown is complete. + * + * Requires: + * + * 'requestmgr' is a valid request manager. + * + * 'task' is a valid task. + * + * *eventp is a valid event. + * + * Ensures: + * + * *eventp == NULL. + */ + +void +dns_requestmgr_shutdown(dns_requestmgr_t *requestmgr); +/* + * Start the shutdown process for 'requestmgr'. + * + * Notes: + * + * This call has no effect if the request manager is already shutting + * down. + * + * Requires: + * + * 'requestmgr' is a valid requestmgr. + */ + +void +dns_requestmgr_attach(dns_requestmgr_t *source, dns_requestmgr_t **targetp); +/* + * Attach to the request manager. dns_requestmgr_shutdown() must not + * have been called on 'source' prior to calling dns_requestmgr_attach(). + * + * Requires: + * + * 'source' is a valid requestmgr. + * + * 'targetp' to be non NULL and '*targetp' to be NULL. + */ + +void +dns_requestmgr_detach(dns_requestmgr_t **requestmgrp); +/* + * + * Detach from the given requestmgr. If this is the final detach + * requestmgr will be destroyed. dns_requestmgr_shutdown() must + * be called before the final detach. + * + * Requires: + * + * '*requestmgrp' is a valid requestmgr. + * + * Ensures: + * '*requestmgrp' is NULL. + */ + +isc_result_t +dns_request_create(dns_requestmgr_t *requestmgr, dns_message_t *message, + isc_sockaddr_t *address, unsigned int options, + dns_tsigkey_t *key, + unsigned int timeout, isc_task_t *task, + isc_taskaction_t action, void *arg, + dns_request_t **requestp); +/* + * Create and send a request. + * + * Notes: + * + * 'message' will be rendered and sent to 'address'. If the + * DNS_REQUESTOPT_TCP option is set, TCP will be used. The request + * will timeout after 'timeout' seconds. + * + * When the request completes, successfully, due to a timeout, or + * because it was canceled, a completion event will be sent to 'task'. + * + * Requires: + * + * 'message' is a valid DNS message. + * + * 'address' is a valid sockaddr. + * + * 'timeout' > 0 + * + * 'task' is a valid task. + * + * requestp != NULL && *requestp == NULL + */ + +isc_result_t +dns_request_createvia(dns_requestmgr_t *requestmgr, dns_message_t *message, + isc_sockaddr_t *srcaddr, isc_sockaddr_t *destaddr, + unsigned int options, dns_tsigkey_t *key, + unsigned int timeout, isc_task_t *task, + isc_taskaction_t action, void *arg, + dns_request_t **requestp); + +isc_result_t +dns_request_createvia2(dns_requestmgr_t *requestmgr, dns_message_t *message, + isc_sockaddr_t *srcaddr, isc_sockaddr_t *destaddr, + unsigned int options, dns_tsigkey_t *key, + unsigned int timeout, unsigned int udptimeout, + isc_task_t *task, isc_taskaction_t action, void *arg, + dns_request_t **requestp); + +isc_result_t +dns_request_createvia3(dns_requestmgr_t *requestmgr, dns_message_t *message, + isc_sockaddr_t *srcaddr, isc_sockaddr_t *destaddr, + unsigned int options, dns_tsigkey_t *key, + unsigned int timeout, unsigned int udptimeout, + unsigned int udpretries, isc_task_t *task, + isc_taskaction_t action, void *arg, + dns_request_t **requestp); +/* + * Create and send a request. + * + * Notes: + * + * 'message' will be rendered and sent to 'address'. If the + * DNS_REQUESTOPT_TCP option is set, TCP will be used. The request + * will timeout after 'timeout' seconds. UDP requests will be resent + * at 'udptimeout' intervals if non-zero or 'udpretries' is non-zero. + * + * When the request completes, successfully, due to a timeout, or + * because it was canceled, a completion event will be sent to 'task'. + * + * Requires: + * + * 'message' is a valid DNS message. + * + * 'dstaddr' is a valid sockaddr. + * + * 'srcaddr' is a valid sockaddr or NULL. + * + * 'srcaddr' and 'dstaddr' are the same protocol family. + * + * 'timeout' > 0 + * + * 'task' is a valid task. + * + * requestp != NULL && *requestp == NULL + */ + +isc_result_t +dns_request_createraw(dns_requestmgr_t *requestmgr, isc_buffer_t *msgbuf, + isc_sockaddr_t *srcaddr, isc_sockaddr_t *destaddr, + unsigned int options, unsigned int timeout, + isc_task_t *task, isc_taskaction_t action, void *arg, + dns_request_t **requestp); + +isc_result_t +dns_request_createraw2(dns_requestmgr_t *requestmgr, isc_buffer_t *msgbuf, + isc_sockaddr_t *srcaddr, isc_sockaddr_t *destaddr, + unsigned int options, unsigned int timeout, + unsigned int udptimeout, isc_task_t *task, + isc_taskaction_t action, void *arg, + dns_request_t **requestp); + +isc_result_t +dns_request_createraw3(dns_requestmgr_t *requestmgr, isc_buffer_t *msgbuf, + isc_sockaddr_t *srcaddr, isc_sockaddr_t *destaddr, + unsigned int options, unsigned int timeout, + unsigned int udptimeout, unsigned int udpretries, + isc_task_t *task, isc_taskaction_t action, void *arg, + dns_request_t **requestp); +/* + * Create and send a request. + * + * Notes: + * + * 'msgbuf' will be sent to 'destaddr' after setting the id. If the + * DNS_REQUESTOPT_TCP option is set, TCP will be used. The request + * will timeout after 'timeout' seconds. UDP requests will be resent + * at 'udptimeout' intervals if non-zero or if 'udpretries' is not zero. + * + * When the request completes, successfully, due to a timeout, or + * because it was canceled, a completion event will be sent to 'task'. + * + * Requires: + * + * 'msgbuf' is a valid DNS message in compressed wire format. + * + * 'destaddr' is a valid sockaddr. + * + * 'srcaddr' is a valid sockaddr or NULL. + * + * 'srcaddr' and 'dstaddr' are the same protocol family. + * + * 'timeout' > 0 + * + * 'task' is a valid task. + * + * requestp != NULL && *requestp == NULL + */ + +void +dns_request_cancel(dns_request_t *request); +/* + * Cancel 'request'. + * + * Requires: + * + * 'request' is a valid request. + * + * Ensures: + * + * If the completion event for 'request' has not yet been sent, it + * will be sent, and the result code will be ISC_R_CANCELED. + */ + +isc_result_t +dns_request_getresponse(dns_request_t *request, dns_message_t *message, + unsigned int options); +/* + * Get the response to 'request' by filling in 'message'. + * + * 'options' is passed to dns_message_parse(). See dns_message_parse() + * for more details. + * + * Requires: + * + * 'request' is a valid request for which the caller has received the + * completion event. + * + * The result code of the completion event was ISC_R_SUCCESS. + * + * Returns: + * + * ISC_R_SUCCESS + * + * Any result that dns_message_parse() can return. + */ + +isc_boolean_t +dns_request_usedtcp(dns_request_t *request); +/* + * Return whether this query used TCP or not. Setting DNS_REQUESTOPT_TCP + * in the call to dns_request_create() will cause the function to return + * ISC_TRUE, othewise the result is based on the query message size. + * + * Requires: + * 'request' is a valid request. + * + * Returns: + * ISC_TRUE if TCP was used. + * ISC_FALSE if UDP was used. + */ + +void +dns_request_destroy(dns_request_t **requestp); +/* + * Destroy 'request'. + * + * Requires: + * + * 'request' is a valid request for which the caller has received the + * completion event. + * + * Ensures: + * + * *requestp == NULL + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_REQUEST_H */ diff --git a/contrib/bind9/lib/dns/include/dns/resolver.h b/contrib/bind9/lib/dns/include/dns/resolver.h new file mode 100644 index 0000000..0a6080d --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/resolver.h @@ -0,0 +1,431 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001, 2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: resolver.h,v 1.34.12.7 2004/04/15 23:56:31 marka Exp $ */ + +#ifndef DNS_RESOLVER_H +#define DNS_RESOLVER_H 1 + +/***** + ***** Module Info + *****/ + +/* + * DNS Resolver + * + * This is the BIND 9 resolver, the module responsible for resolving DNS + * requests by iteratively querying authoritative servers and following + * referrals. This is a "full resolver", not to be confused with + * the stub resolvers most people associate with the word "resolver". + * The full resolver is part of the caching name server or resolver + * daemon the stub resolver talks to. + * + * MP: + * The module ensures appropriate synchronization of data structures it + * creates and manipulates. + * + * Reliability: + * No anticipated impact. + * + * Resources: + * <TBS> + * + * Security: + * No anticipated impact. + * + * Standards: + * RFCs: 1034, 1035, 2181, <TBS> + * Drafts: <TBS> + */ + +#include <isc/lang.h> +#include <isc/socket.h> + +#include <dns/types.h> +#include <dns/fixedname.h> + +ISC_LANG_BEGINDECLS + +/* + * A dns_fetchevent_t is sent when a 'fetch' completes. Any of 'db', + * 'node', 'rdataset', and 'sigrdataset' may be bound. It is the + * receiver's responsibility to detach before freeing the event. + * + * 'rdataset' and 'sigrdataset' are the values that were supplied when + * dns_resolver_createfetch() was called. They are returned to the + * caller so that they may be freed. + */ +typedef struct dns_fetchevent { + ISC_EVENT_COMMON(struct dns_fetchevent); + dns_fetch_t * fetch; + isc_result_t result; + dns_rdatatype_t qtype; + dns_db_t * db; + dns_dbnode_t * node; + dns_rdataset_t * rdataset; + dns_rdataset_t * sigrdataset; + dns_fixedname_t foundname; +} dns_fetchevent_t; + +/* + * Options that modify how a 'fetch' is done. + */ +#define DNS_FETCHOPT_TCP 0x01 /* Use TCP. */ +#define DNS_FETCHOPT_UNSHARED 0x02 /* See below. */ +#define DNS_FETCHOPT_RECURSIVE 0x04 /* Set RD? */ +#define DNS_FETCHOPT_NOEDNS0 0x08 /* Do not use EDNS. */ +#define DNS_FETCHOPT_FORWARDONLY 0x10 /* Only use forwarders. */ +#define DNS_FETCHOPT_NOVALIDATE 0x20 /* Disable validation. */ + +/* + * XXXRTH Should this API be made semi-private? (I.e. + * _dns_resolver_create()). + */ + +#define DNS_RESOLVER_CHECKNAMES 0x01 +#define DNS_RESOLVER_CHECKNAMESFAIL 0x02 + +isc_result_t +dns_resolver_create(dns_view_t *view, + isc_taskmgr_t *taskmgr, unsigned int ntasks, + isc_socketmgr_t *socketmgr, + isc_timermgr_t *timermgr, + unsigned int options, + dns_dispatchmgr_t *dispatchmgr, + dns_dispatch_t *dispatchv4, + dns_dispatch_t *dispatchv6, + dns_resolver_t **resp); + +/* + * Create a resolver. + * + * Notes: + * + * Generally, applications should not create a resolver directly, but + * should instead call dns_view_createresolver(). + * + * No options are currently defined. + * + * Requires: + * + * 'view' is a valid view. + * + * 'taskmgr' is a valid task manager. + * + * 'ntasks' > 0. + * + * 'socketmgr' is a valid socket manager. + * + * 'timermgr' is a valid timer manager. + * + * 'dispatchv4' is a valid dispatcher with an IPv4 UDP socket, or is NULL. + * + * 'dispatchv6' is a valid dispatcher with an IPv6 UDP socket, or is NULL. + * + * *resp != NULL && *resp == NULL. + * + * Returns: + * + * ISC_R_SUCCESS On success. + * + * Anything else Failure. + */ + +void +dns_resolver_freeze(dns_resolver_t *res); +/* + * Freeze resolver. + * + * Notes: + * + * Certain configuration changes cannot be made after the resolver + * is frozen. Fetches cannot be created until the resolver is frozen. + * + * Requires: + * + * 'res' is a valid, unfrozen resolver. + * + * Ensures: + * + * 'res' is frozen. + */ + +void +dns_resolver_prime(dns_resolver_t *res); +/* + * Prime resolver. + * + * Notes: + * + * Resolvers which have a forwarding policy other than dns_fwdpolicy_only + * need to be primed with the root nameservers, otherwise the root + * nameserver hints data may be used indefinitely. This function requests + * that the resolver start a priming fetch, if it isn't already priming. + * + * Requires: + * + * 'res' is a valid, frozen resolver. + */ + + +void +dns_resolver_whenshutdown(dns_resolver_t *res, isc_task_t *task, + isc_event_t **eventp); +/* + * Send '*eventp' to 'task' when 'res' has completed shutdown. + * + * Notes: + * + * It is not safe to detach the last reference to 'res' until + * shutdown is complete. + * + * Requires: + * + * 'res' is a valid resolver. + * + * 'task' is a valid task. + * + * *eventp is a valid event. + * + * Ensures: + * + * *eventp == NULL. + */ + +void +dns_resolver_shutdown(dns_resolver_t *res); +/* + * Start the shutdown process for 'res'. + * + * Notes: + * + * This call has no effect if the resolver is already shutting down. + * + * Requires: + * + * 'res' is a valid resolver. + */ + +void +dns_resolver_attach(dns_resolver_t *source, dns_resolver_t **targetp); + +void +dns_resolver_detach(dns_resolver_t **resp); + +isc_result_t +dns_resolver_createfetch(dns_resolver_t *res, dns_name_t *name, + dns_rdatatype_t type, + dns_name_t *domain, dns_rdataset_t *nameservers, + dns_forwarders_t *forwarders, + unsigned int options, isc_task_t *task, + isc_taskaction_t action, void *arg, + dns_rdataset_t *rdataset, + dns_rdataset_t *sigrdataset, + dns_fetch_t **fetchp); +/* + * Recurse to answer a question. + * + * Notes: + * + * This call starts a query for 'name', type 'type'. + * + * The 'domain' is a parent domain of 'name' for which + * a set of name servers 'nameservers' is known. If no + * such name server information is available, set + * 'domain' and 'nameservers' to NULL. + * + * 'forwarders' is unimplemented, and subject to change when + * we figure out how selective forwarding will work. + * + * When the fetch completes (successfully or otherwise), a + * DNS_EVENT_FETCHDONE event with action 'action' and arg 'arg' will be + * posted to 'task'. + * + * The values of 'rdataset' and 'sigrdataset' will be returned in + * the FETCHDONE event. + * + * Requires: + * + * 'res' is a valid resolver that has been frozen. + * + * 'name' is a valid name. + * + * 'type' is not a meta type other than ANY. + * + * 'domain' is a valid name or NULL. + * + * 'nameservers' is a valid NS rdataset (whose owner name is 'domain') + * iff. 'domain' is not NULL. + * + * 'forwarders' is NULL. + * + * 'options' contains valid options. + * + * 'rdataset' is a valid, disassociated rdataset. + * + * 'sigrdataset' is NULL, or is a valid, disassociated rdataset. + * + * fetchp != NULL && *fetchp == NULL. + * + * Returns: + * + * ISC_R_SUCCESS Success + * + * Many other values are possible, all of which indicate failure. + */ + +void +dns_resolver_cancelfetch(dns_fetch_t *fetch); +/* + * Cancel 'fetch'. + * + * Notes: + * + * If 'fetch' has not completed, post its FETCHDONE event with a + * result code of ISC_R_CANCELED. + * + * Requires: + * + * 'fetch' is a valid fetch. + */ + +void +dns_resolver_destroyfetch(dns_fetch_t **fetchp); +/* + * Destroy 'fetch'. + * + * Requires: + * + * '*fetchp' is a valid fetch. + * + * The caller has received the FETCHDONE event (either because the + * fetch completed or because dns_resolver_cancelfetch() was called). + * + * Ensures: + * + * *fetchp == NULL. + */ + +dns_dispatchmgr_t * +dns_resolver_dispatchmgr(dns_resolver_t *resolver); + +dns_dispatch_t * +dns_resolver_dispatchv4(dns_resolver_t *resolver); + +dns_dispatch_t * +dns_resolver_dispatchv6(dns_resolver_t *resolver); + +isc_socketmgr_t * +dns_resolver_socketmgr(dns_resolver_t *resolver); + +isc_taskmgr_t * +dns_resolver_taskmgr(dns_resolver_t *resolver); + +isc_uint32_t +dns_resolver_getlamettl(dns_resolver_t *resolver); +/* + * Get the resolver's lame-ttl. zero => no lame processing. + * + * Requires: + * 'resolver' to be valid. + */ + +void +dns_resolver_setlamettl(dns_resolver_t *resolver, isc_uint32_t lame_ttl); +/* + * Set the resolver's lame-ttl. zero => no lame processing. + * + * Requires: + * 'resolver' to be valid. + */ + +unsigned int +dns_resolver_nrunning(dns_resolver_t *resolver); +/* + * Return the number of currently running resolutions in this + * resolver. This is may be less than the number of outstanding + * fetches due to multiple identical fetches, or more than the + * number of of outstanding fetches due to the fact that resolution + * can continue even though a fetch has been canceled. + */ + +isc_result_t +dns_resolver_addalternate(dns_resolver_t *resolver, isc_sockaddr_t *alt, + dns_name_t *name, in_port_t port); +/* + * Add alternate addresses to be tried in the event that the nameservers + * for a zone are not available in the address families supported by the + * operating system. + * + * Require: + * only one of 'name' or 'alt' to be valid. + */ + +void +dns_resolver_setudpsize(dns_resolver_t *resolver, isc_uint16_t udpsize); +/* + * Set the EDNS UDP buffer size advertised by the server. + */ + +isc_uint16_t +dns_resolver_getudpsize(dns_resolver_t *resolver); +/* + * Get the current EDNS UDP buffer size. + */ + +void +dns_resolver_reset_algorithms(dns_resolver_t *resolver); +/* + * Clear the disabled DNSSEC algorithms. + */ + +isc_result_t +dns_resolver_disable_algorithm(dns_resolver_t *resolver, dns_name_t *name, + unsigned int alg); +/* + * Mark the give DNSSEC algorithm as disabled and below 'name'. + * Valid algorithms are less than 256. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_RANGE + * ISC_R_NOMEMORY + */ + +isc_boolean_t +dns_resolver_algorithm_supported(dns_resolver_t *resolver, dns_name_t *name, + unsigned int alg); +/* + * Check if the given algorithm is supported by this resolver. + * This checks if the algorithm has been disabled via + * dns_resolver_disable_algorithm() then the underlying + * crypto libraries if not specifically disabled. + */ + +void +dns_resolver_resetmustbesecure(dns_resolver_t *resolver); + +isc_result_t +dns_resolver_setmustbesecure(dns_resolver_t *resolver, dns_name_t *name, + isc_boolean_t value); + +isc_boolean_t +dns_resolver_getmustbesecure(dns_resolver_t *resolver, dns_name_t *name); + +ISC_LANG_ENDDECLS + +#endif /* DNS_RESOLVER_H */ diff --git a/contrib/bind9/lib/dns/include/dns/result.h b/contrib/bind9/lib/dns/include/dns/result.h new file mode 100644 index 0000000..f1a71d9 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/result.h @@ -0,0 +1,186 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1998-2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: result.h,v 1.81.2.7.2.13 2004/05/14 05:06:41 marka Exp $ */ + +#ifndef DNS_RESULT_H +#define DNS_RESULT_H 1 + +#include <isc/lang.h> +#include <isc/resultclass.h> + +#include <dns/types.h> + +/* + * Nothing in this file truly depends on <isc/result.h>, but the + * DNS result codes are considered to be publicly derived from + * the ISC result codes, so including this file buys you the ISC_R_ + * namespace too. + */ +#include <isc/result.h> /* Contractual promise. */ + +/* + * DNS library result codes + */ +#define DNS_R_LABELTOOLONG (ISC_RESULTCLASS_DNS + 0) +#define DNS_R_BADESCAPE (ISC_RESULTCLASS_DNS + 1) +/* + * Since we dropped the support of bitstring labels, deprecate the related + * result codes too. + +#define DNS_R_BADBITSTRING (ISC_RESULTCLASS_DNS + 2) +#define DNS_R_BITSTRINGTOOLONG (ISC_RESULTCLASS_DNS + 3) +*/ +#define DNS_R_EMPTYLABEL (ISC_RESULTCLASS_DNS + 4) +#define DNS_R_BADDOTTEDQUAD (ISC_RESULTCLASS_DNS + 5) +#define DNS_R_INVALIDNS (ISC_RESULTCLASS_DNS + 6) +#define DNS_R_UNKNOWN (ISC_RESULTCLASS_DNS + 7) +#define DNS_R_BADLABELTYPE (ISC_RESULTCLASS_DNS + 8) +#define DNS_R_BADPOINTER (ISC_RESULTCLASS_DNS + 9) +#define DNS_R_TOOMANYHOPS (ISC_RESULTCLASS_DNS + 10) +#define DNS_R_DISALLOWED (ISC_RESULTCLASS_DNS + 11) +#define DNS_R_EXTRATOKEN (ISC_RESULTCLASS_DNS + 12) +#define DNS_R_EXTRADATA (ISC_RESULTCLASS_DNS + 13) +#define DNS_R_TEXTTOOLONG (ISC_RESULTCLASS_DNS + 14) +#define DNS_R_NOTZONETOP (ISC_RESULTCLASS_DNS + 15) +#define DNS_R_SYNTAX (ISC_RESULTCLASS_DNS + 16) +#define DNS_R_BADCKSUM (ISC_RESULTCLASS_DNS + 17) +#define DNS_R_BADAAAA (ISC_RESULTCLASS_DNS + 18) +#define DNS_R_NOOWNER (ISC_RESULTCLASS_DNS + 19) +#define DNS_R_NOTTL (ISC_RESULTCLASS_DNS + 20) +#define DNS_R_BADCLASS (ISC_RESULTCLASS_DNS + 21) +#define DNS_R_NAMETOOLONG (ISC_RESULTCLASS_DNS + 22) +#define DNS_R_PARTIALMATCH (ISC_RESULTCLASS_DNS + 23) +#define DNS_R_NEWORIGIN (ISC_RESULTCLASS_DNS + 24) +#define DNS_R_UNCHANGED (ISC_RESULTCLASS_DNS + 25) +#define DNS_R_BADTTL (ISC_RESULTCLASS_DNS + 26) +#define DNS_R_NOREDATA (ISC_RESULTCLASS_DNS + 27) +#define DNS_R_CONTINUE (ISC_RESULTCLASS_DNS + 28) +#define DNS_R_DELEGATION (ISC_RESULTCLASS_DNS + 29) +#define DNS_R_GLUE (ISC_RESULTCLASS_DNS + 30) +#define DNS_R_DNAME (ISC_RESULTCLASS_DNS + 31) +#define DNS_R_CNAME (ISC_RESULTCLASS_DNS + 32) +#define DNS_R_BADDB (ISC_RESULTCLASS_DNS + 33) +#define DNS_R_ZONECUT (ISC_RESULTCLASS_DNS + 34) +#define DNS_R_BADZONE (ISC_RESULTCLASS_DNS + 35) +#define DNS_R_MOREDATA (ISC_RESULTCLASS_DNS + 36) +#define DNS_R_UPTODATE (ISC_RESULTCLASS_DNS + 37) +#define DNS_R_TSIGVERIFYFAILURE (ISC_RESULTCLASS_DNS + 38) +#define DNS_R_TSIGERRORSET (ISC_RESULTCLASS_DNS + 39) +#define DNS_R_SIGINVALID (ISC_RESULTCLASS_DNS + 40) +#define DNS_R_SIGEXPIRED (ISC_RESULTCLASS_DNS + 41) +#define DNS_R_SIGFUTURE (ISC_RESULTCLASS_DNS + 42) +#define DNS_R_KEYUNAUTHORIZED (ISC_RESULTCLASS_DNS + 43) +#define DNS_R_INVALIDTIME (ISC_RESULTCLASS_DNS + 44) +#define DNS_R_EXPECTEDTSIG (ISC_RESULTCLASS_DNS + 45) +#define DNS_R_UNEXPECTEDTSIG (ISC_RESULTCLASS_DNS + 46) +#define DNS_R_INVALIDTKEY (ISC_RESULTCLASS_DNS + 47) +#define DNS_R_HINT (ISC_RESULTCLASS_DNS + 48) +#define DNS_R_DROP (ISC_RESULTCLASS_DNS + 49) +#define DNS_R_NOTLOADED (ISC_RESULTCLASS_DNS + 50) +#define DNS_R_NCACHENXDOMAIN (ISC_RESULTCLASS_DNS + 51) +#define DNS_R_NCACHENXRRSET (ISC_RESULTCLASS_DNS + 52) +#define DNS_R_WAIT (ISC_RESULTCLASS_DNS + 53) +#define DNS_R_NOTVERIFIEDYET (ISC_RESULTCLASS_DNS + 54) +#define DNS_R_NOIDENTITY (ISC_RESULTCLASS_DNS + 55) +#define DNS_R_NOJOURNAL (ISC_RESULTCLASS_DNS + 56) +#define DNS_R_ALIAS (ISC_RESULTCLASS_DNS + 57) +#define DNS_R_USETCP (ISC_RESULTCLASS_DNS + 58) +#define DNS_R_NOVALIDSIG (ISC_RESULTCLASS_DNS + 59) +#define DNS_R_NOVALIDNSEC (ISC_RESULTCLASS_DNS + 60) +#define DNS_R_NOTINSECURE (ISC_RESULTCLASS_DNS + 61) +#define DNS_R_UNKNOWNSERVICE (ISC_RESULTCLASS_DNS + 62) +#define DNS_R_RECOVERABLE (ISC_RESULTCLASS_DNS + 63) +#define DNS_R_UNKNOWNOPT (ISC_RESULTCLASS_DNS + 64) +#define DNS_R_UNEXPECTEDID (ISC_RESULTCLASS_DNS + 65) +#define DNS_R_SEENINCLUDE (ISC_RESULTCLASS_DNS + 66) +#define DNS_R_NOTEXACT (ISC_RESULTCLASS_DNS + 67) +#define DNS_R_BLACKHOLED (ISC_RESULTCLASS_DNS + 68) +#define DNS_R_BADALG (ISC_RESULTCLASS_DNS + 69) +#define DNS_R_METATYPE (ISC_RESULTCLASS_DNS + 70) +#define DNS_R_CNAMEANDOTHER (ISC_RESULTCLASS_DNS + 71) +#define DNS_R_SINGLETON (ISC_RESULTCLASS_DNS + 72) +#define DNS_R_HINTNXRRSET (ISC_RESULTCLASS_DNS + 73) +#define DNS_R_NOMASTERFILE (ISC_RESULTCLASS_DNS + 74) +#define DNS_R_UNKNOWNPROTO (ISC_RESULTCLASS_DNS + 75) +#define DNS_R_CLOCKSKEW (ISC_RESULTCLASS_DNS + 76) +#define DNS_R_BADIXFR (ISC_RESULTCLASS_DNS + 77) +#define DNS_R_NOTAUTHORITATIVE (ISC_RESULTCLASS_DNS + 78) +#define DNS_R_NOVALIDKEY (ISC_RESULTCLASS_DNS + 79) +#define DNS_R_OBSOLETE (ISC_RESULTCLASS_DNS + 80) +#define DNS_R_FROZEN (ISC_RESULTCLASS_DNS + 81) +#define DNS_R_UNKNOWNFLAG (ISC_RESULTCLASS_DNS + 82) +#define DNS_R_EXPECTEDRESPONSE (ISC_RESULTCLASS_DNS + 83) +#define DNS_R_NOVALIDDS (ISC_RESULTCLASS_DNS + 84) +#define DNS_R_NSISADDRESS (ISC_RESULTCLASS_DNS + 85) +#define DNS_R_REMOTEFORMERR (ISC_RESULTCLASS_DNS + 86) +#define DNS_R_TRUNCATEDTCP (ISC_RESULTCLASS_DNS + 87) +#define DNS_R_LAME (ISC_RESULTCLASS_DNS + 88) +#define DNS_R_UNEXPECTEDRCODE (ISC_RESULTCLASS_DNS + 89) +#define DNS_R_UNEXPECTEDOPCODE (ISC_RESULTCLASS_DNS + 90) +#define DNS_R_CHASEDSSERVERS (ISC_RESULTCLASS_DNS + 91) +#define DNS_R_EMPTYNAME (ISC_RESULTCLASS_DNS + 92) +#define DNS_R_EMPTYWILD (ISC_RESULTCLASS_DNS + 93) +#define DNS_R_BADBITMAP (ISC_RESULTCLASS_DNS + 94) +#define DNS_R_FROMWILDCARD (ISC_RESULTCLASS_DNS + 95) +#define DNS_R_BADOWNERNAME (ISC_RESULTCLASS_DNS + 96) +#define DNS_R_BADNAME (ISC_RESULTCLASS_DNS + 97) +#define DNS_R_DYNAMIC (ISC_RESULTCLASS_DNS + 98) +#define DNS_R_UNKNOWNCOMMAND (ISC_RESULTCLASS_DNS + 99) +#define DNS_R_MUSTBESECURE (ISC_RESULTCLASS_DNS + 100) +#define DNS_R_COVERINGNSEC (ISC_RESULTCLASS_DNS + 101) + +#define DNS_R_NRESULTS 102 /* Number of results */ + +/* + * DNS wire format rcodes. + * + * By making these their own class we can easily convert them into the + * wire-format rcode value simply by masking off the resultclass. + */ +#define DNS_R_NOERROR (ISC_RESULTCLASS_DNSRCODE + 0) +#define DNS_R_FORMERR (ISC_RESULTCLASS_DNSRCODE + 1) +#define DNS_R_SERVFAIL (ISC_RESULTCLASS_DNSRCODE + 2) +#define DNS_R_NXDOMAIN (ISC_RESULTCLASS_DNSRCODE + 3) +#define DNS_R_NOTIMP (ISC_RESULTCLASS_DNSRCODE + 4) +#define DNS_R_REFUSED (ISC_RESULTCLASS_DNSRCODE + 5) +#define DNS_R_YXDOMAIN (ISC_RESULTCLASS_DNSRCODE + 6) +#define DNS_R_YXRRSET (ISC_RESULTCLASS_DNSRCODE + 7) +#define DNS_R_NXRRSET (ISC_RESULTCLASS_DNSRCODE + 8) +#define DNS_R_NOTAUTH (ISC_RESULTCLASS_DNSRCODE + 9) +#define DNS_R_NOTZONE (ISC_RESULTCLASS_DNSRCODE + 10) +#define DNS_R_BADVERS (ISC_RESULTCLASS_DNSRCODE + 16) + +#define DNS_R_NRCODERESULTS 17 /* Number of rcode results */ + +#define DNS_RESULT_ISRCODE(result) \ + (ISC_RESULTCLASS_INCLASS(ISC_RESULTCLASS_DNSRCODE, (result))) + +ISC_LANG_BEGINDECLS + +const char * +dns_result_totext(isc_result_t); + +void +dns_result_register(void); + +dns_rcode_t +dns_result_torcode(isc_result_t result); + +ISC_LANG_ENDDECLS + +#endif /* DNS_RESULT_H */ diff --git a/contrib/bind9/lib/dns/include/dns/rootns.h b/contrib/bind9/lib/dns/include/dns/rootns.h new file mode 100644 index 0000000..02da556 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/rootns.h @@ -0,0 +1,35 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: rootns.h,v 1.8.206.1 2004/03/06 08:14:00 marka Exp $ */ + +#ifndef DNS_ROOTNS_H +#define DNS_ROOTNS_H 1 + +#include <isc/lang.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_rootns_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, + const char *filename, dns_db_t **target); + +ISC_LANG_ENDDECLS + +#endif /* DNS_ROOTNS_H */ diff --git a/contrib/bind9/lib/dns/include/dns/sdb.h b/contrib/bind9/lib/dns/include/dns/sdb.h new file mode 100644 index 0000000..5fdeace --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/sdb.h @@ -0,0 +1,206 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2000, 2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: sdb.h,v 1.12.12.3 2004/03/08 09:04:39 marka Exp $ */ + +#ifndef DNS_SDB_H +#define DNS_SDB_H 1 + +/***** + ***** Module Info + *****/ + +/* + * Simple database API. + */ + +/*** + *** Imports + ***/ + +#include <isc/lang.h> + +#include <dns/types.h> + +/*** + *** Types + ***/ + +/* + * A simple database. This is an opaque type. + */ +typedef struct dns_sdb dns_sdb_t; + +/* + * A simple database lookup in progress. This is an opaque type. + */ +typedef struct dns_sdblookup dns_sdblookup_t; + +/* + * A simple database traversal in progress. This is an opaque type. + */ +typedef struct dns_sdballnodes dns_sdballnodes_t; + +typedef isc_result_t +(*dns_sdblookupfunc_t)(const char *zone, const char *name, void *dbdata, + dns_sdblookup_t *); + +typedef isc_result_t +(*dns_sdbauthorityfunc_t)(const char *zone, void *dbdata, dns_sdblookup_t *); + +typedef isc_result_t +(*dns_sdballnodesfunc_t)(const char *zone, void *dbdata, + dns_sdballnodes_t *allnodes); + +typedef isc_result_t +(*dns_sdbcreatefunc_t)(const char *zone, int argc, char **argv, + void *driverdata, void **dbdata); + +typedef void +(*dns_sdbdestroyfunc_t)(const char *zone, void *driverdata, void **dbdata); + + +typedef struct dns_sdbmethods { + dns_sdblookupfunc_t lookup; + dns_sdbauthorityfunc_t authority; + dns_sdballnodesfunc_t allnodes; + dns_sdbcreatefunc_t create; + dns_sdbdestroyfunc_t destroy; +} dns_sdbmethods_t; + +/*** + *** Functions + ***/ + +ISC_LANG_BEGINDECLS + +#define DNS_SDBFLAG_RELATIVEOWNER 0x00000001U +#define DNS_SDBFLAG_RELATIVERDATA 0x00000002U +#define DNS_SDBFLAG_THREADSAFE 0x00000004U + +isc_result_t +dns_sdb_register(const char *drivername, const dns_sdbmethods_t *methods, + void *driverdata, unsigned int flags, isc_mem_t *mctx, + dns_sdbimplementation_t **sdbimp); +/* + * Register a simple database driver for the database type 'drivername', + * implemented by the functions in '*methods'. + * + * sdbimp must point to a NULL dns_sdbimplementation_t pointer. That is, + * sdbimp != NULL && *sdbimp == NULL. It will be assigned a value that + * will later be used to identify the driver when deregistering it. + * + * The name server will perform lookups in the database by calling the + * function 'lookup', passing it a printable zone name 'zone', a printable + * domain name 'name', and a copy of the argument 'dbdata' that + * was potentially returned by the create function. The 'dns_sdblookup_t' + * argument to 'lookup' and 'authority' is an opaque pointer to be passed to + * ns_sdb_putrr(). + * + * The lookup function returns the lookup results to the name server + * by calling ns_sdb_putrr() once for each record found. On success, + * the return value of the lookup function should be ISC_R_SUCCESS. + * If the domain name 'name' does not exist, the lookup function should + * ISC_R_NOTFOUND. Any other return value is treated as an error. + * + * Lookups at the zone apex will cause the server to also call the + * function 'authority' (if non-NULL), which must provide an SOA record + * and NS records for the zone by calling ns_sdb_putrr() once for each of + * these records. The 'authority' function may be NULL if invoking + * the 'lookup' function on the zone apex will return SOA and NS records. + * + * The allnodes function, if non-NULL, fills in an opaque structure to be + * used by a database iterator. This allows the zone to be transferred. + * This may use a considerable amount of memory for large zones, and the + * zone transfer may not be fully RFC 1035 compliant if the zone is + * frequently changed. + * + * The create function will be called for each zone configured + * into the name server using this database type. It can be used + * to create a "database object" containg zone specific data, + * which can make use of the database arguments specified in the + * name server configuration. + * + * The destroy function will be called to free the database object + * when its zone is destroyed. + * + * The create and destroy functions may be NULL. + * + * If flags includes DNS_SDBFLAG_RELATIVEOWNER, the lookup and authority + * functions will be called with relative names rather than absolute names. + * The string "@" represents the zone apex in this case. + * + * If flags includes DNS_SDBFLAG_RELATIVERDATA, the rdata strings may + * include relative names. Otherwise, all names in the rdata string must + * be absolute. Be aware that if relative names are allowed, any + * absolute names must contain a trailing dot. + * + * If flags includes DNS_SDBFLAG_THREADSAFE, the driver must be able to + * handle multiple lookups in parallel. Otherwise, calls into the driver + * are serialized. + */ + +void +dns_sdb_unregister(dns_sdbimplementation_t **sdbimp); +/* + * Removes the simple database driver from the list of registered database + * types. There must be no active databases of this type when this function + * is called. + */ + +isc_result_t +dns_sdb_putrr(dns_sdblookup_t *lookup, const char *type, dns_ttl_t ttl, + const char *data); +isc_result_t +dns_sdb_putrdata(dns_sdblookup_t *lookup, dns_rdatatype_t type, dns_ttl_t ttl, + const unsigned char *rdata, unsigned int rdlen); +/* + * Add a single resource record to the lookup structure to be + * returned in the query response. dns_sdb_putrr() takes the + * resource record in master file text format as a null-terminated + * string, and dns_sdb_putrdata() takes the raw RDATA in + * uncompressed wire format. + */ + +isc_result_t +dns_sdb_putnamedrr(dns_sdballnodes_t *allnodes, const char *name, + const char *type, dns_ttl_t ttl, const char *data); +isc_result_t +dns_sdb_putnamedrdata(dns_sdballnodes_t *allnodes, const char *name, + dns_rdatatype_t type, dns_ttl_t ttl, + const void *rdata, unsigned int rdlen); +/* + * Add a single resource record to the allnodes structure to be + * included in a zone transfer response, in text or wire + * format as above. + */ + +isc_result_t +dns_sdb_putsoa(dns_sdblookup_t *lookup, const char *mname, const char *rname, + isc_uint32_t serial); +/* + * This function may optionally be called from the 'authority' callback + * to simplify construction of the SOA record for 'zone'. It will + * provide a SOA listing 'mname' as as the master server and 'rname' as + * the responsible person mailbox. It is the responsibility of the + * driver to increment the serial number between responses if necessary. + * All other SOA fields will have reasonable default values. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_SDB_H */ diff --git a/contrib/bind9/lib/dns/include/dns/secalg.h b/contrib/bind9/lib/dns/include/dns/secalg.h new file mode 100644 index 0000000..3f7a16f --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/secalg.h @@ -0,0 +1,69 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: secalg.h,v 1.12.206.1 2004/03/06 08:14:00 marka Exp $ */ + +#ifndef DNS_SECALG_H +#define DNS_SECALG_H 1 + +#include <isc/lang.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_secalg_fromtext(dns_secalg_t *secalgp, isc_textregion_t *source); +/* + * Convert the text 'source' refers to into a DNSSEC security algorithm value. + * The text may contain either a mnemonic algorithm name or a decimal algorithm + * number. + * + * Requires: + * 'secalgp' is a valid pointer. + * + * 'source' is a valid text region. + * + * Returns: + * ISC_R_SUCCESS on success + * ISC_R_RANGE numeric type is out of range + * DNS_R_UNKNOWN mnemonic type is unknown + */ + +isc_result_t +dns_secalg_totext(dns_secalg_t secalg, isc_buffer_t *target); +/* + * Put a textual representation of the DNSSEC security algorithm 'secalg' + * into 'target'. + * + * Requires: + * 'secalg' is a valid secalg. + * + * 'target' is a valid text buffer. + * + * Ensures: + * If the result is success: + * The used space in 'target' is updated. + * + * Returns: + * ISC_R_SUCCESS on success + * ISC_R_NOSPACE target buffer is too small + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_SECALG_H */ diff --git a/contrib/bind9/lib/dns/include/dns/secproto.h b/contrib/bind9/lib/dns/include/dns/secproto.h new file mode 100644 index 0000000..da8c1dd --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/secproto.h @@ -0,0 +1,69 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: secproto.h,v 1.9.206.1 2004/03/06 08:14:00 marka Exp $ */ + +#ifndef DNS_SECPROTO_H +#define DNS_SECPROTO_H 1 + +#include <isc/lang.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_secproto_fromtext(dns_secproto_t *secprotop, isc_textregion_t *source); +/* + * Convert the text 'source' refers to into a DNSSEC security protocol value. + * The text may contain either a mnemonic protocol name or a decimal protocol + * number. + * + * Requires: + * 'secprotop' is a valid pointer. + * + * 'source' is a valid text region. + * + * Returns: + * ISC_R_SUCCESS on success + * ISC_R_RANGE numeric type is out of range + * DNS_R_UNKNOWN mnemonic type is unknown + */ + +isc_result_t +dns_secproto_totext(dns_secproto_t secproto, isc_buffer_t *target); +/* + * Put a textual representation of the DNSSEC security protocol 'secproto' + * into 'target'. + * + * Requires: + * 'secproto' is a valid secproto. + * + * 'target' is a valid text buffer. + * + * Ensures: + * If the result is success: + * The used space in 'target' is updated. + * + * Returns: + * ISC_R_SUCCESS on success + * ISC_R_NOSPACE target buffer is too small + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_SECPROTO_H */ diff --git a/contrib/bind9/lib/dns/include/dns/soa.h b/contrib/bind9/lib/dns/include/dns/soa.h new file mode 100644 index 0000000..304ae15 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/soa.h @@ -0,0 +1,80 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2000, 2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: soa.h,v 1.2.206.1 2004/03/06 08:14:00 marka Exp $ */ + +#ifndef DNS_SOA_H +#define DNS_SOA_H 1 + +/***** + ***** Module Info + *****/ + +/* + * SOA utilities. + */ + +/*** + *** Imports + ***/ + +#include <isc/lang.h> +#include <isc/types.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +isc_uint32_t +dns_soa_getserial(dns_rdata_t *rdata); +isc_uint32_t +dns_soa_getrefresh(dns_rdata_t *rdata); +isc_uint32_t +dns_soa_getretry(dns_rdata_t *rdata); +isc_uint32_t +dns_soa_getexpire(dns_rdata_t *rdata); +isc_uint32_t +dns_soa_getminimum(dns_rdata_t *rdata); +/* + * Extract an integer field from the rdata of a SOA record. + * + * Requires: + * rdata refers to the rdata of a well-formed SOA record. + */ + +void +dns_soa_setserial(isc_uint32_t val, dns_rdata_t *rdata); +void +dns_soa_setrefresh(isc_uint32_t val, dns_rdata_t *rdata); +void +dns_soa_setretry(isc_uint32_t val, dns_rdata_t *rdata); +void +dns_soa_setexpire(isc_uint32_t val, dns_rdata_t *rdata); +void +dns_soa_setminimum(isc_uint32_t val, dns_rdata_t *rdata); +/* + * Change an integer field of a SOA record by modifying the + * rdata in-place. + * + * Requires: + * rdata refers to the rdata of a well-formed SOA record. + */ + + +ISC_LANG_ENDDECLS + +#endif /* DNS_SOA_H */ diff --git a/contrib/bind9/lib/dns/include/dns/ssu.h b/contrib/bind9/lib/dns/include/dns/ssu.h new file mode 100644 index 0000000..f26a039 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/ssu.h @@ -0,0 +1,157 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2000, 2001, 2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: ssu.h,v 1.11.206.3 2004/03/08 09:04:39 marka Exp $ */ + +#ifndef DNS_SSU_H +#define DNS_SSU_H 1 + +#include <isc/lang.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +#define DNS_SSUMATCHTYPE_NAME 0 +#define DNS_SSUMATCHTYPE_SUBDOMAIN 1 +#define DNS_SSUMATCHTYPE_WILDCARD 2 +#define DNS_SSUMATCHTYPE_SELF 3 + +isc_result_t +dns_ssutable_create(isc_mem_t *mctx, dns_ssutable_t **table); +/* + * Creates a table that will be used to store simple-secure-update rules. + * Note: all locking must be provided by the client. + * + * Requires: + * 'mctx' is a valid memory context + * 'table' is not NULL, and '*table' is NULL + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + +void +dns_ssutable_attach(dns_ssutable_t *source, dns_ssutable_t **targetp); +/* + * Attach '*targetp' to 'source'. + * + * Requires: + * 'source' is a valid SSU table + * 'targetp' points to a NULL dns_ssutable_t *. + * + * Ensures: + * *targetp is attached to source. + */ + +void +dns_ssutable_detach(dns_ssutable_t **tablep); +/* + * Detach '*tablep' from its simple-secure-update rule table. + * + * Requires: + * 'tablep' points to a valid dns_ssutable_t + * + * Ensures: + * *tablep is NULL + * If '*tablep' is the last reference to the SSU table, all + * resources used by the table will be freed. + */ + +isc_result_t +dns_ssutable_addrule(dns_ssutable_t *table, isc_boolean_t grant, + dns_name_t *identity, unsigned int matchtype, + dns_name_t *name, unsigned int ntypes, + dns_rdatatype_t *types); +/* + * Adds a new rule to a simple-secure-update rule table. The rule + * either grants or denies update privileges of an identity (or set of + * identities) to modify a name (or set of names) or certain types present + * at that name. + * + * Notes: + * If 'matchtype' is SELF, this rule only matches if the name + * to be updated matches the signing identity. + * + * If 'ntypes' is 0, this rule applies to all types except + * NS, SOA, RRSIG, and NSEC. + * + * If 'types' includes ANY, this rule applies to all types + * except NSEC. + * + * Requires: + * 'table' is a valid SSU table + * 'identity' is a valid absolute name + * 'matchtype' must be one of the defined constants. + * 'name' is a valid absolute name + * If 'ntypes' > 0, 'types' must not be NULL + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + +isc_boolean_t +dns_ssutable_checkrules(dns_ssutable_t *table, dns_name_t *signer, + dns_name_t *name, dns_rdatatype_t type); +/* + * Checks that the attempted update of (name, type) is allowed according + * to the rules specified in the simple-secure-update rule table. If + * no rules are matched, access is denied. If signer is NULL, access + * is denied. + * + * Requires: + * 'table' is a valid SSU table + * 'signer' is NULL or a valid absolute name + * 'name' is a valid absolute name + */ + + +isc_boolean_t dns_ssurule_isgrant(const dns_ssurule_t *rule); +dns_name_t * dns_ssurule_identity(const dns_ssurule_t *rule); +unsigned int dns_ssurule_matchtype(const dns_ssurule_t *rule); +dns_name_t * dns_ssurule_name(const dns_ssurule_t *rule); +unsigned int dns_ssurule_types(const dns_ssurule_t *rule, + dns_rdatatype_t **types); +/* + * Accessor functions to extract rule components + */ + +isc_result_t dns_ssutable_firstrule(const dns_ssutable_t *table, + dns_ssurule_t **rule); +/* + * Initiates a rule iterator. There is no need to maintain any state. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMORE + */ + +isc_result_t dns_ssutable_nextrule(dns_ssurule_t *rule, + dns_ssurule_t **nextrule); +/* + * Returns the next rule in the table. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMORE + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_SSU_H */ diff --git a/contrib/bind9/lib/dns/include/dns/stats.h b/contrib/bind9/lib/dns/include/dns/stats.h new file mode 100644 index 0000000..db94b52 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/stats.h @@ -0,0 +1,57 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2000, 2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: stats.h,v 1.4.206.1 2004/03/06 08:14:00 marka Exp $ */ + +#ifndef DNS_STATS_H +#define DNS_STATS_H 1 + +#include <dns/types.h> + +/* + * Query statistics counter types. + */ +typedef enum { + dns_statscounter_success = 0, /* Successful lookup */ + dns_statscounter_referral = 1, /* Referral result */ + dns_statscounter_nxrrset = 2, /* NXRRSET result */ + dns_statscounter_nxdomain = 3, /* NXDOMAIN result */ + dns_statscounter_recursion = 4, /* Recursion was used */ + dns_statscounter_failure = 5 /* Some other failure */ +} dns_statscounter_t; + +#define DNS_STATS_NCOUNTERS 6 + +LIBDNS_EXTERNAL_DATA extern const char *dns_statscounter_names[]; + +isc_result_t +dns_stats_alloccounters(isc_mem_t *mctx, isc_uint64_t **ctrp); +/* + * Allocate an array of query statistics counters from the memory + * context 'mctx'. + */ + +void +dns_stats_freecounters(isc_mem_t *mctx, isc_uint64_t **ctrp); +/* + * Free an array of query statistics counters allocated from the memory + * context 'mctx'. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_STATS_H */ diff --git a/contrib/bind9/lib/dns/include/dns/tcpmsg.h b/contrib/bind9/lib/dns/include/dns/tcpmsg.h new file mode 100644 index 0000000..ae1d704 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/tcpmsg.h @@ -0,0 +1,145 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: tcpmsg.h,v 1.15.206.1 2004/03/06 08:14:00 marka Exp $ */ + +#ifndef DNS_TCPMSG_H +#define DNS_TCPMSG_H 1 + +#include <isc/buffer.h> +#include <isc/lang.h> +#include <isc/socket.h> + +typedef struct dns_tcpmsg { + /* private (don't touch!) */ + unsigned int magic; + isc_uint16_t size; + isc_buffer_t buffer; + unsigned int maxsize; + isc_mem_t *mctx; + isc_socket_t *sock; + isc_task_t *task; + isc_taskaction_t action; + void *arg; + isc_event_t event; + /* public (read-only) */ + isc_result_t result; + isc_sockaddr_t address; +} dns_tcpmsg_t; + +ISC_LANG_BEGINDECLS + +void +dns_tcpmsg_init(isc_mem_t *mctx, isc_socket_t *sock, dns_tcpmsg_t *tcpmsg); +/* + * Associate a tcp message state with a given memory context and + * TCP socket. + * + * Requires: + * + * "mctx" and "sock" be non-NULL and valid types. + * + * "sock" be a read/write TCP socket. + * + * "tcpmsg" be non-NULL and an uninitialized or invalidated structure. + * + * Ensures: + * + * "tcpmsg" is a valid structure. + */ + +void +dns_tcpmsg_setmaxsize(dns_tcpmsg_t *tcpmsg, unsigned int maxsize); +/* + * Set the maximum packet size to "maxsize" + * + * Requires: + * + * "tcpmsg" be valid. + * + * 512 <= "maxsize" <= 65536 + */ + +isc_result_t +dns_tcpmsg_readmessage(dns_tcpmsg_t *tcpmsg, + isc_task_t *task, isc_taskaction_t action, void *arg); +/* + * Schedule an event to be delivered when a DNS message is readable, or + * when an error occurs on the socket. + * + * Requires: + * + * "tcpmsg" be valid. + * + * "task", "taskaction", and "arg" be valid. + * + * Returns: + * + * ISC_R_SUCCESS -- no error + * Anything that the isc_socket_recv() call can return. XXXMLG + * + * Notes: + * + * The event delivered is a fully generic event. It will contain no + * actual data. The sender will be a pointer to the dns_tcpmsg_t. + * The result code inside that structure should be checked to see + * what the final result was. + */ + +void +dns_tcpmsg_cancelread(dns_tcpmsg_t *tcpmsg); +/* + * Cancel a readmessage() call. The event will still be posted with a + * CANCELED result code. + * + * Requires: + * + * "tcpmsg" be valid. + */ + +void +dns_tcpmsg_keepbuffer(dns_tcpmsg_t *tcpmsg, isc_buffer_t *buffer); +/* + * If a dns buffer is to be kept between calls, this function marks the + * internal state-machine buffer as invalid, and copies all the contents + * of the state into "buffer". + * + * Requires: + * + * "tcpmsg" be valid. + * + * "buffer" be non-NULL. + */ + +void +dns_tcpmsg_invalidate(dns_tcpmsg_t *tcpmsg); +/* + * Clean up all allocated state, and invalidate the structure. + * + * Requires: + * + * "tcpmsg" be valid. + * + * Ensures: + * + * "tcpmsg" is invalidated and disassociated with all memory contexts, + * sockets, etc. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_TCPMSG_H */ diff --git a/contrib/bind9/lib/dns/include/dns/time.h b/contrib/bind9/lib/dns/include/dns/time.h new file mode 100644 index 0000000..0b82443 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/time.h @@ -0,0 +1,70 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: time.h,v 1.9.12.3 2004/03/08 09:04:39 marka Exp $ */ + +#ifndef DNS_TIME_H +#define DNS_TIME_H 1 + +/*** + *** Imports + ***/ + +#include <isc/buffer.h> +#include <isc/lang.h> + +ISC_LANG_BEGINDECLS + +/*** + *** Functions + ***/ + +isc_result_t +dns_time64_fromtext(const char *source, isc_int64_t *target); +/* + * Convert a date and time in YYYYMMDDHHMMSS text format at 'source' + * into to a 64-bit count of seconds since Jan 1 1970 0:00 GMT. + * Store the count at 'target'. + */ + +isc_result_t +dns_time32_fromtext(const char *source, isc_uint32_t *target); +/* + * Like dns_time64_fromtext, but returns the second count modulo 2^32 + * as per RFC2535. + */ + + +isc_result_t +dns_time64_totext(isc_int64_t value, isc_buffer_t *target); +/* + * Convert a 64-bit count of seconds since Jan 1 1970 0:00 GMT into + * a YYYYMMDDHHMMSS text representation and append it to 'target'. + */ + +isc_result_t +dns_time32_totext(isc_uint32_t value, isc_buffer_t *target); +/* + * Like dns_time64_totext, but for a 32-bit cyclic time value. + * Of those dates whose counts of seconds since Jan 1 1970 0:00 GMT + * are congruent with 'value' modulo 2^32, the one closest to the + * current date is chosen. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_TIME_H */ diff --git a/contrib/bind9/lib/dns/include/dns/timer.h b/contrib/bind9/lib/dns/include/dns/timer.h new file mode 100644 index 0000000..36e2ac3 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/timer.h @@ -0,0 +1,50 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2000, 2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: timer.h,v 1.2.206.1 2004/03/06 08:14:00 marka Exp $ */ + +#ifndef DNS_TIMER_H +#define DNS_TIMER_H 1 + +/*** + *** Imports + ***/ + +#include <isc/buffer.h> +#include <isc/lang.h> + +ISC_LANG_BEGINDECLS + +/*** + *** Functions + ***/ + +isc_result_t +dns_timer_setidle(isc_timer_t *timer, unsigned int maxtime, + unsigned int idletime, isc_boolean_t purge); +/* + * Convenience function for setting up simple, one-second-granularity + * idle timers as used by zone transfers. + * + * Set the timer 'timer' to go off after 'idletime' seconds of inactivity, + * or after 'maxtime' at the very latest. Events are purged iff + * 'purge' is ISC_TRUE. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_TIMER_H */ diff --git a/contrib/bind9/lib/dns/include/dns/tkey.h b/contrib/bind9/lib/dns/include/dns/tkey.h new file mode 100644 index 0000000..e5ca3b3 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/tkey.h @@ -0,0 +1,196 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: tkey.h,v 1.18.206.1 2004/03/06 08:14:00 marka Exp $ */ + +#ifndef DNS_TKEY_H +#define DNS_TKEY_H 1 + +#include <isc/lang.h> + +#include <dns/types.h> + +#include <dst/dst.h> + +ISC_LANG_BEGINDECLS + +/* Key agreement modes */ +#define DNS_TKEYMODE_SERVERASSIGNED 1 +#define DNS_TKEYMODE_DIFFIEHELLMAN 2 +#define DNS_TKEYMODE_GSSAPI 3 +#define DNS_TKEYMODE_RESOLVERASSIGNED 4 +#define DNS_TKEYMODE_DELETE 5 + +struct dns_tkeyctx { + dst_key_t *dhkey; + dns_name_t *domain; + void *gsscred; + isc_mem_t *mctx; + isc_entropy_t *ectx; +}; + +isc_result_t +dns_tkeyctx_create(isc_mem_t *mctx, isc_entropy_t *ectx, dns_tkeyctx_t **tctxp); +/* + * Create an empty TKEY context. + * + * Requires: + * 'mctx' is not NULL + * 'tctx' is not NULL + * '*tctx' is NULL + * + * Returns + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * return codes from dns_name_fromtext() + */ + +void +dns_tkeyctx_destroy(dns_tkeyctx_t **tctxp); +/* + * Frees all data associated with the TKEY context + * + * Requires: + * 'tctx' is not NULL + * '*tctx' is not NULL + */ + +isc_result_t +dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, + dns_tsig_keyring_t *ring); +/* + * Processes a query containing a TKEY record, adding or deleting TSIG + * keys if necessary, and modifies the message to contain the response. + * + * Requires: + * 'msg' is a valid message + * 'tctx' is a valid TKEY context + * 'ring' is a valid TSIG keyring + * + * Returns + * ISC_R_SUCCESS msg was updated (the TKEY operation succeeded, + * or msg now includes a TKEY with an error set) + * DNS_R_FORMERR the packet was malformed (missing a TKEY + * or KEY). + * other An error occurred while processing the message + */ + +isc_result_t +dns_tkey_builddhquery(dns_message_t *msg, dst_key_t *key, dns_name_t *name, + dns_name_t *algorithm, isc_buffer_t *nonce, + isc_uint32_t lifetime); +/* + * Builds a query containing a TKEY that will generate a shared + * secret using a Diffie-Hellman key exchange. The shared key + * will be of the specified algorithm (only DNS_TSIG_HMACMD5_NAME + * is supported), and will be named either 'name', + * 'name' + server chosen domain, or random data + server chosen domain + * if 'name' == dns_rootname. If nonce is not NULL, it supplies + * random data used in the shared secret computation. The key is + * requested to have the specified lifetime (in seconds) + * + * + * Requires: + * 'msg' is a valid message + * 'key' is a valid Diffie Hellman dst key + * 'name' is a valid name + * 'algorithm' is a valid name + * + * Returns: + * ISC_R_SUCCESS msg was successfully updated to include the + * query to be sent + * other an error occurred while building the message + */ + +isc_result_t +dns_tkey_buildgssquery(dns_message_t *msg, dns_name_t *name, + dns_name_t *gname, void *cred, + isc_uint32_t lifetime, void **context); +/* + * XXX + */ + +isc_result_t +dns_tkey_builddeletequery(dns_message_t *msg, dns_tsigkey_t *key); +/* + * Builds a query containing a TKEY record that will delete the + * specified shared secret from the server. + * + * Requires: + * 'msg' is a valid message + * 'key' is a valid TSIG key + * + * Returns: + * ISC_R_SUCCESS msg was successfully updated to include the + * query to be sent + * other an error occurred while building the message + */ + +isc_result_t +dns_tkey_processdhresponse(dns_message_t *qmsg, dns_message_t *rmsg, + dst_key_t *key, isc_buffer_t *nonce, + dns_tsigkey_t **outkey, dns_tsig_keyring_t *ring); +/* + * Processes a response to a query containing a TKEY that was + * designed to generate a shared secret using a Diffie-Hellman key + * exchange. If the query was successful, a new shared key + * is created and added to the list of shared keys. + * + * Requires: + * 'qmsg' is a valid message (the query) + * 'rmsg' is a valid message (the response) + * 'key' is a valid Diffie Hellman dst key + * 'outkey' is either NULL or a pointer to NULL + * 'ring' is a valid keyring or NULL + * + * Returns: + * ISC_R_SUCCESS the shared key was successfully added + * ISC_R_NOTFOUND an error occurred while looking for a + * component of the query or response + */ + +isc_result_t +dns_tkey_processgssresponse(dns_message_t *qmsg, dns_message_t *rmsg, + dns_name_t *gname, void *cred, void **context, + dns_tsigkey_t **outkey, dns_tsig_keyring_t *ring); +/* + * XXX + */ + +isc_result_t +dns_tkey_processdeleteresponse(dns_message_t *qmsg, dns_message_t *rmsg, + dns_tsig_keyring_t *ring); +/* + * Processes a response to a query containing a TKEY that was + * designed to delete a shared secret. If the query was successful, + * the shared key is deleted from the list of shared keys. + * + * Requires: + * 'qmsg' is a valid message (the query) + * 'rmsg' is a valid message (the response) + * 'ring' is not NULL + * + * Returns: + * ISC_R_SUCCESS the shared key was successfully deleted + * ISC_R_NOTFOUND an error occurred while looking for a + * component of the query or response + */ + + +ISC_LANG_ENDDECLS + +#endif /* DNS_TKEY_H */ diff --git a/contrib/bind9/lib/dns/include/dns/tsig.h b/contrib/bind9/lib/dns/include/dns/tsig.h new file mode 100644 index 0000000..7b5b458 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/tsig.h @@ -0,0 +1,242 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2002 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: tsig.h,v 1.40.2.2.8.3 2004/03/08 09:04:39 marka Exp $ */ + +#ifndef DNS_TSIG_H +#define DNS_TSIG_H 1 + +#include <isc/lang.h> +#include <isc/refcount.h> +#include <isc/rwlock.h> +#include <isc/stdtime.h> + +#include <dns/types.h> +#include <dns/name.h> + +#include <dst/dst.h> + +/* + * Algorithms. + */ +LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_hmacmd5_name; +#define DNS_TSIG_HMACMD5_NAME dns_tsig_hmacmd5_name +LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_gssapi_name; +#define DNS_TSIG_GSSAPI_NAME dns_tsig_gssapi_name +LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_gssapims_name; +#define DNS_TSIG_GSSAPIMS_NAME dns_tsig_gssapims_name + +/* + * Default fudge value. + */ +#define DNS_TSIG_FUDGE 300 + +struct dns_tsig_keyring { + dns_rbt_t *keys; + isc_rwlock_t lock; + isc_mem_t *mctx; +}; + +struct dns_tsigkey { + /* Unlocked */ + unsigned int magic; /* Magic number. */ + isc_mem_t *mctx; + dst_key_t *key; /* Key */ + dns_name_t name; /* Key name */ + dns_name_t *algorithm; /* Algorithm name */ + dns_name_t *creator; /* name that created secret */ + isc_boolean_t generated; /* was this generated? */ + isc_stdtime_t inception; /* start of validity period */ + isc_stdtime_t expire; /* end of validity period */ + dns_tsig_keyring_t *ring; /* the enclosing keyring */ + isc_refcount_t refs; /* reference counter */ +}; + +#define dns_tsigkey_identity(tsigkey) \ + ((tsigkey)->generated ? ((tsigkey)->creator) : (&((tsigkey)->name))) + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_tsigkey_create(dns_name_t *name, dns_name_t *algorithm, + unsigned char *secret, int length, isc_boolean_t generated, + dns_name_t *creator, isc_stdtime_t inception, + isc_stdtime_t expire, isc_mem_t *mctx, + dns_tsig_keyring_t *ring, dns_tsigkey_t **key); + +isc_result_t +dns_tsigkey_createfromkey(dns_name_t *name, dns_name_t *algorithm, + dst_key_t *dstkey, isc_boolean_t generated, + dns_name_t *creator, isc_stdtime_t inception, + isc_stdtime_t expire, isc_mem_t *mctx, + dns_tsig_keyring_t *ring, dns_tsigkey_t **key); +/* + * Creates a tsig key structure and saves it in the keyring. If key is + * not NULL, *key will contain a copy of the key. The keys validity + * period is specified by (inception, expire), and will not expire if + * inception == expire. If the key was generated, the creating identity, + * if there is one, should be in the creator parameter. Specifying an + * unimplemented algorithm will cause failure only if dstkey != NULL; this + * allows a transient key with an invalid algorithm to exist long enough + * to generate a BADKEY response. + * + * Requires: + * 'name' is a valid dns_name_t + * 'algorithm' is a valid dns_name_t + * 'secret' is a valid pointer + * 'length' is an integer >= 0 + * 'key' is a valid dst key or NULL + * 'creator' points to a valid dns_name_t or is NULL + * 'mctx' is a valid memory context + * 'ring' is a valid TSIG keyring or NULL + * 'key' or '*key' must be NULL + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_EXISTS - a key with this name already exists + * ISC_R_NOTIMPLEMENTED - algorithm is not implemented + * ISC_R_NOMEMORY + */ + +void +dns_tsigkey_attach(dns_tsigkey_t *source, dns_tsigkey_t **targetp); +/* + * Attach '*targetp' to 'source'. + * + * Requires: + * 'key' is a valid TSIG key + * + * Ensures: + * *targetp is attached to source. + */ + +void +dns_tsigkey_detach(dns_tsigkey_t **keyp); +/* + * Detaches from the tsig key structure pointed to by '*key'. + * + * Requires: + * 'keyp' is not NULL and '*keyp' is a valid TSIG key + * + * Ensures: + * 'keyp' points to NULL + */ + +void +dns_tsigkey_setdeleted(dns_tsigkey_t *key); +/* + * Prevents this key from being used again. It will be deleted when + * no references exist. + * + * Requires: + * 'key' is a valid TSIG key on a keyring + */ + +isc_result_t +dns_tsig_sign(dns_message_t *msg); +/* + * Generates a TSIG record for this message + * + * Requires: + * 'msg' is a valid message + * 'msg->tsigkey' is a valid TSIG key + * 'msg->tsig' is NULL + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * ISC_R_NOSPACE + * DNS_R_EXPECTEDTSIG + * - this is a response & msg->querytsig is NULL + */ + +isc_result_t +dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg, + dns_tsig_keyring_t *ring1, dns_tsig_keyring_t *ring2); +/* + * Verifies the TSIG record in this message + * + * Requires: + * 'source' is a valid buffer containing the unparsed message + * 'msg' is a valid message + * 'msg->tsigkey' is a valid TSIG key if this is a response + * 'msg->tsig' is NULL + * 'msg->querytsig' is not NULL if this is a response + * 'ring1' and 'ring2' are each either a valid keyring or NULL + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * DNS_R_EXPECTEDTSIG - A TSIG was expected but not seen + * DNS_R_UNEXPECTEDTSIG - A TSIG was seen but not expected + * DNS_R_TSIGERRORSET - the TSIG verified but ->error was set + * and this is a query + * DNS_R_CLOCKSKEW - the TSIG failed to verify because of + * the time was out of the allowed range. + * DNS_R_TSIGVERIFYFAILURE - the TSIG failed to verify + * DNS_R_EXPECTEDRESPONSE - the message was set over TCP and + * should have been a response, + * but was not. + */ + +isc_result_t +dns_tsigkey_find(dns_tsigkey_t **tsigkey, dns_name_t *name, + dns_name_t *algorithm, dns_tsig_keyring_t *ring); +/* + * Returns the TSIG key corresponding to this name and (possibly) + * algorithm. Also increments the key's reference counter. + * + * Requires: + * 'tsigkey' is not NULL + * '*tsigkey' is NULL + * 'name' is a valid dns_name_t + * 'algorithm' is a valid dns_name_t or NULL + * 'ring' is a valid keyring + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOTFOUND + */ + + +isc_result_t +dns_tsigkeyring_create(isc_mem_t *mctx, dns_tsig_keyring_t **ringp); +/* + * Create an empty TSIG key ring. + * + * Requires: + * 'mctx' is not NULL + * 'ringp' is not NULL, and '*ringp' is NULL + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + + +void +dns_tsigkeyring_destroy(dns_tsig_keyring_t **ringp); +/* + * Destroy a TSIG key ring. + * + * Requires: + * 'ringp' is not NULL + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_TSIG_H */ diff --git a/contrib/bind9/lib/dns/include/dns/ttl.h b/contrib/bind9/lib/dns/include/dns/ttl.h new file mode 100644 index 0000000..dc7167d --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/ttl.h @@ -0,0 +1,76 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: ttl.h,v 1.12.206.1 2004/03/06 08:14:01 marka Exp $ */ + +#ifndef DNS_TTL_H +#define DNS_TTL_H 1 + +/*** + *** Imports + ***/ + +#include <isc/lang.h> +#include <isc/types.h> + +ISC_LANG_BEGINDECLS + +/*** + *** Functions + ***/ + +isc_result_t +dns_ttl_totext(isc_uint32_t src, isc_boolean_t verbose, + isc_buffer_t *target); +/* + * Output a TTL or other time interval in a human-readable form. + * The time interval is given as a count of seconds in 'src'. + * The text representation is appended to 'target'. + * + * If 'verbose' is ISC_FALSE, use the terse BIND 8 style, like "1w2d3h4m5s". + * + * If 'verbose' is ISC_TRUE, use a verbose style like the SOA comments + * in "dig", like "1 week 2 days 3 hours 4 minutes 5 seconds". + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOSPACE + */ + +isc_result_t +dns_counter_fromtext(isc_textregion_t *source, isc_uint32_t *ttl); +/* + * Converts a counter from either a plain number or a BIND 8 style value. + * + * Returns: + * ISC_R_SUCCESS + * DNS_R_SYNTAX + */ + +isc_result_t +dns_ttl_fromtext(isc_textregion_t *source, isc_uint32_t *ttl); +/* + * Converts a ttl from either a plain number or a BIND 8 style value. + * + * Returns: + * ISC_R_SUCCESS + * DNS_R_BADTTL + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_TTL_H */ diff --git a/contrib/bind9/lib/dns/include/dns/types.h b/contrib/bind9/lib/dns/include/dns/types.h new file mode 100644 index 0000000..2bad7ea --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/types.h @@ -0,0 +1,299 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1998-2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: types.h,v 1.103.12.7 2004/03/08 09:04:39 marka Exp $ */ + +#ifndef DNS_TYPES_H +#define DNS_TYPES_H 1 + +/* + * Including this file gives you type declarations suitable for use in + * .h files, which lets us avoid circular type reference problems. + * + * To actually use a type or get declarations of its methods, you must + * include the appropriate .h file too. + */ + +#include <isc/types.h> + +typedef struct dns_acl dns_acl_t; +typedef struct dns_aclelement dns_aclelement_t; +typedef struct dns_aclenv dns_aclenv_t; +typedef struct dns_adb dns_adb_t; +typedef struct dns_adbaddrinfo dns_adbaddrinfo_t; +typedef ISC_LIST(dns_adbaddrinfo_t) dns_adbaddrinfolist_t; +typedef struct dns_adbentry dns_adbentry_t; +typedef struct dns_adbfind dns_adbfind_t; +typedef ISC_LIST(dns_adbfind_t) dns_adbfindlist_t; +typedef struct dns_byaddr dns_byaddr_t; +typedef struct dns_cache dns_cache_t; +typedef isc_uint16_t dns_cert_t; +typedef struct dns_compress dns_compress_t; +typedef struct dns_db dns_db_t; +typedef struct dns_dbimplementation dns_dbimplementation_t; +typedef struct dns_dbiterator dns_dbiterator_t; +typedef void dns_dbload_t; +typedef void dns_dbnode_t; +typedef struct dns_dbtable dns_dbtable_t; +typedef void dns_dbversion_t; +typedef struct dns_decompress dns_decompress_t; +typedef struct dns_dispatch dns_dispatch_t; +typedef struct dns_dispatchevent dns_dispatchevent_t; +typedef struct dns_dispatchlist dns_dispatchlist_t; +typedef struct dns_dispatchmgr dns_dispatchmgr_t; +typedef struct dns_dispentry dns_dispentry_t; +typedef struct dns_dumpctx dns_dumpctx_t; +typedef struct dns_fetch dns_fetch_t; +typedef struct dns_fixedname dns_fixedname_t; +typedef struct dns_forwarders dns_forwarders_t; +typedef struct dns_fwdtable dns_fwdtable_t; +typedef isc_uint16_t dns_keyflags_t; +typedef struct dns_keynode dns_keynode_t; +typedef struct dns_keytable dns_keytable_t; +typedef isc_uint16_t dns_keytag_t; +typedef struct dns_loadctx dns_loadctx_t; +typedef struct dns_loadmgr dns_loadmgr_t; +typedef struct dns_message dns_message_t; +typedef isc_uint16_t dns_messageid_t; +typedef isc_region_t dns_label_t; +typedef struct dns_lookup dns_lookup_t; +typedef struct dns_name dns_name_t; +typedef ISC_LIST(dns_name_t) dns_namelist_t; +typedef isc_uint16_t dns_opcode_t; +typedef unsigned char dns_offsets_t[128]; +typedef struct dns_order dns_order_t; +typedef struct dns_peer dns_peer_t; +typedef struct dns_peerlist dns_peerlist_t; +typedef struct dns_portlist dns_portlist_t; +typedef struct dns_rbt dns_rbt_t; +typedef isc_uint16_t dns_rcode_t; +typedef struct dns_rdata dns_rdata_t; +typedef struct dns_rdatacallbacks dns_rdatacallbacks_t; +typedef isc_uint16_t dns_rdataclass_t; +typedef struct dns_rdatalist dns_rdatalist_t; +typedef struct dns_rdataset dns_rdataset_t; +typedef ISC_LIST(dns_rdataset_t) dns_rdatasetlist_t; +typedef struct dns_rdatasetiter dns_rdatasetiter_t; +typedef isc_uint16_t dns_rdatatype_t; +typedef struct dns_request dns_request_t; +typedef struct dns_requestmgr dns_requestmgr_t; +typedef struct dns_resolver dns_resolver_t; +typedef struct dns_sdbimplementation dns_sdbimplementation_t; +typedef isc_uint8_t dns_secalg_t; +typedef isc_uint8_t dns_secproto_t; +typedef struct dns_signature dns_signature_t; +typedef struct dns_ssurule dns_ssurule_t; +typedef struct dns_ssutable dns_ssutable_t; +typedef struct dns_tkeyctx dns_tkeyctx_t; +typedef isc_uint16_t dns_trust_t; +typedef struct dns_tsig_keyring dns_tsig_keyring_t; +typedef struct dns_tsigkey dns_tsigkey_t; +typedef isc_uint32_t dns_ttl_t; +typedef struct dns_validator dns_validator_t; +typedef struct dns_view dns_view_t; +typedef ISC_LIST(dns_view_t) dns_viewlist_t; +typedef struct dns_zone dns_zone_t; +typedef ISC_LIST(dns_zone_t) dns_zonelist_t; +typedef struct dns_zonemgr dns_zonemgr_t; +typedef struct dns_zt dns_zt_t; + +typedef enum { + dns_fwdpolicy_none = 0, + dns_fwdpolicy_first = 1, + dns_fwdpolicy_only = 2 +} dns_fwdpolicy_t; + +typedef enum { + dns_namereln_none = 0, + dns_namereln_contains = 1, + dns_namereln_subdomain = 2, + dns_namereln_equal = 3, + dns_namereln_commonancestor = 4 +} dns_namereln_t; + +typedef enum { + dns_one_answer, dns_many_answers +} dns_transfer_format_t; + +typedef enum { + dns_dbtype_zone = 0, dns_dbtype_cache = 1, dns_dbtype_stub = 3 +} dns_dbtype_t; + +typedef enum { + dns_notifytype_no = 0, + dns_notifytype_yes = 1, + dns_notifytype_explicit = 2 +} dns_notifytype_t; + +typedef enum { + dns_dialuptype_no = 0, + dns_dialuptype_yes = 1, + dns_dialuptype_notify = 2, + dns_dialuptype_notifypassive = 3, + dns_dialuptype_refresh = 4, + dns_dialuptype_passive = 5 +} dns_dialuptype_t; + +/* + * These are generated by gen.c. + */ +#include <dns/enumtype.h> /* Provides dns_rdatatype_t. */ +#include <dns/enumclass.h> /* Provides dns_rdataclass_t. */ + +/* + * rcodes. + */ +enum { + /* + * Standard rcodes. + */ + dns_rcode_noerror = 0, +#define dns_rcode_noerror ((dns_rcode_t)dns_rcode_noerror) + dns_rcode_formerr = 1, +#define dns_rcode_formerr ((dns_rcode_t)dns_rcode_formerr) + dns_rcode_servfail = 2, +#define dns_rcode_servfail ((dns_rcode_t)dns_rcode_servfail) + dns_rcode_nxdomain = 3, +#define dns_rcode_nxdomain ((dns_rcode_t)dns_rcode_nxdomain) + dns_rcode_notimp = 4, +#define dns_rcode_notimp ((dns_rcode_t)dns_rcode_notimp) + dns_rcode_refused = 5, +#define dns_rcode_refused ((dns_rcode_t)dns_rcode_refused) + dns_rcode_yxdomain = 6, +#define dns_rcode_yxdomain ((dns_rcode_t)dns_rcode_yxdomain) + dns_rcode_yxrrset = 7, +#define dns_rcode_yxrrset ((dns_rcode_t)dns_rcode_yxrrset) + dns_rcode_nxrrset = 8, +#define dns_rcode_nxrrset ((dns_rcode_t)dns_rcode_nxrrset) + dns_rcode_notauth = 9, +#define dns_rcode_notauth ((dns_rcode_t)dns_rcode_notauth) + dns_rcode_notzone = 10, +#define dns_rcode_notzone ((dns_rcode_t)dns_rcode_notzone) + /* + * Extended rcodes. + */ + dns_rcode_badvers = 16 +#define dns_rcode_badvers ((dns_rcode_t)dns_rcode_badvers) +}; + +/* + * TSIG errors. + */ +enum { + dns_tsigerror_badsig = 16, + dns_tsigerror_badkey = 17, + dns_tsigerror_badtime = 18, + dns_tsigerror_badmode = 19, + dns_tsigerror_badname = 20, + dns_tsigerror_badalg = 21 +}; + +/* + * Opcodes. + */ +enum { + dns_opcode_query = 0, +#define dns_opcode_query ((dns_opcode_t)dns_opcode_query) + dns_opcode_iquery = 1, +#define dns_opcode_iquery ((dns_opcode_t)dns_opcode_iquery) + dns_opcode_status = 2, +#define dns_opcode_status ((dns_opcode_t)dns_opcode_status) + dns_opcode_notify = 4, +#define dns_opcode_notify ((dns_opcode_t)dns_opcode_notify) + dns_opcode_update = 5 /* dynamic update */ +#define dns_opcode_update ((dns_opcode_t)dns_opcode_update) +}; + +/* + * Trust levels. Must be kept in sync with trustnames[] in masterdump.c. + */ +enum { + /* Sentinel value; no data should have this trust level. */ + dns_trust_none = 0, +#define dns_trust_none ((dns_trust_t)dns_trust_none) + + /* Subject to DNSSEC validation but has not yet been validated */ + dns_trust_pending = 1, +#define dns_trust_pending ((dns_trust_t)dns_trust_pending) + + /* Received in the additional section of a response. */ + dns_trust_additional = 2, +#define dns_trust_additional ((dns_trust_t)dns_trust_additional) + + /* Received in a referral response. */ + dns_trust_glue = 3, +#define dns_trust_glue ((dns_trust_t)dns_trust_glue) + + /* Answser from a non-authoritative server */ + dns_trust_answer = 4, +#define dns_trust_answer ((dns_trust_t)dns_trust_answer) + + /* Received in the authority section as part of an + authoritative response */ + dns_trust_authauthority = 5, +#define dns_trust_authauthority ((dns_trust_t)dns_trust_authauthority) + + /* Answser from an authoritative server */ + dns_trust_authanswer = 6, +#define dns_trust_authanswer ((dns_trust_t)dns_trust_authanswer) + + /* Successfully DNSSEC validated */ + dns_trust_secure = 7, +#define dns_trust_secure ((dns_trust_t)dns_trust_secure) + + /* This server is authoritative */ + dns_trust_ultimate = 8 +#define dns_trust_ultimate ((dns_trust_t)dns_trust_ultimate) +}; + +/* + * Name checking severites. + */ +typedef enum { + dns_severity_ignore, + dns_severity_warn, + dns_severity_fail +} dns_severity_t; + +/* + * Functions. + */ +typedef void +(*dns_dumpdonefunc_t)(void *, isc_result_t); + +typedef void +(*dns_loaddonefunc_t)(void *, isc_result_t); + +typedef isc_result_t +(*dns_addrdatasetfunc_t)(void *, dns_name_t *, dns_rdataset_t *); + +typedef isc_result_t +(*dns_additionaldatafunc_t)(void *, dns_name_t *, dns_rdatatype_t); + +typedef isc_result_t +(*dns_digestfunc_t)(void *, isc_region_t *); + +typedef void +(*dns_xfrindone_t)(dns_zone_t *, isc_result_t); + +typedef void +(*dns_updatecallback_t)(void *, isc_result_t, dns_message_t *); + +typedef int +(*dns_rdatasetorderfunc_t)(dns_rdata_t *rdata, void *arg); + +#endif /* DNS_TYPES_H */ diff --git a/contrib/bind9/lib/dns/include/dns/validator.h b/contrib/bind9/lib/dns/include/dns/validator.h new file mode 100644 index 0000000..c405fbb --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/validator.h @@ -0,0 +1,201 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2000-2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: validator.h,v 1.18.12.7 2004/05/14 05:06:41 marka Exp $ */ + +#ifndef DNS_VALIDATOR_H +#define DNS_VALIDATOR_H 1 + +/***** + ***** Module Info + *****/ + +/* + * DNS Validator + * + * XXX <TBS> XXX + * + * MP: + * The module ensures appropriate synchronization of data structures it + * creates and manipulates. + * + * Reliability: + * No anticipated impact. + * + * Resources: + * <TBS> + * + * Security: + * No anticipated impact. + * + * Standards: + * RFCs: 1034, 1035, 2181, 2535, <TBS> + * Drafts: <TBS> + */ + +#include <isc/lang.h> +#include <isc/event.h> +#include <isc/mutex.h> + +#include <dns/fixedname.h> +#include <dns/types.h> +#include <dns/rdataset.h> +#include <dns/rdatastruct.h> /* for dns_rdata_rrsig_t */ + +#include <dst/dst.h> + +/* + * A dns_validatorevent_t is sent when a 'validation' completes. + * + * 'name', 'rdataset', 'sigrdataset', and 'message' are the values that were + * supplied when dns_validator_create() was called. They are returned to the + * caller so that they may be freed. + */ +typedef struct dns_validatorevent { + ISC_EVENT_COMMON(struct dns_validatorevent); + dns_validator_t * validator; + isc_result_t result; + dns_name_t * name; + dns_rdatatype_t type; + dns_rdataset_t * rdataset; + dns_rdataset_t * sigrdataset; + dns_message_t * message; + dns_name_t * proofs[3]; +} dns_validatorevent_t; + +#define DNS_VALIDATOR_NOQNAMEPROOF 0 +#define DNS_VALIDATOR_NODATAPROOF 1 +#define DNS_VALIDATOR_NOWILDCARDPROOF 2 + +/* + * A validator object represents a validation in procgress. + * + * Clients are strongly discouraged from using this type directly, with + * the exception of the 'link' field, which may be used directly for + * whatever purpose the client desires. + */ +struct dns_validator { + /* Unlocked. */ + unsigned int magic; + isc_mutex_t lock; + dns_view_t * view; + /* Locked by lock. */ + unsigned int options; + unsigned int attributes; + dns_validatorevent_t * event; + dns_fetch_t * fetch; + dns_validator_t * subvalidator; + dns_validator_t * parent; + dns_keytable_t * keytable; + dns_keynode_t * keynode; + dst_key_t * key; + dns_rdata_rrsig_t * siginfo; + isc_task_t * task; + isc_taskaction_t action; + void * arg; + unsigned int labels; + dns_rdataset_t * currentset; + isc_boolean_t seensig; + dns_rdataset_t * keyset; + dns_rdataset_t * dsset; + dns_rdataset_t * soaset; + dns_rdataset_t * nsecset; + dns_name_t * soaname; + dns_rdataset_t frdataset; + dns_rdataset_t fsigrdataset; + dns_fixedname_t fname; + dns_fixedname_t wild; + ISC_LINK(dns_validator_t) link; + dns_rdataset_t * dlv; + dns_fixedname_t dlvsep; + isc_boolean_t havedlvsep; + isc_boolean_t mustbesecure; +}; + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_validator_create(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type, + dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset, + dns_message_t *message, unsigned int options, + isc_task_t *task, isc_taskaction_t action, void *arg, + dns_validator_t **validatorp); +/* + * Start a DNSSEC validation. + * + * This validates a response to the question given by + * 'name' and 'type'. + * + * To validate a positive response, the response data is + * given by 'rdataset' and 'sigrdataset'. If 'sigrdataset' + * is NULL, the data is presumed insecure and an attempt + * is made to prove its insecurity by finding the appropriate + * null key. + * + * The complete response message may be given in 'message', + * to make available any authority section NSECs that may be + * needed for validation of a response resulting from a + * wildcard expansion (though no such wildcard validation + * is implemented yet). If the complete response message + * is not available, 'message' is NULL. + * + * To validate a negative response, the complete negative response + * message is given in 'message'. The 'rdataset', and + * 'sigrdataset' arguments must be NULL, but the 'name' and 'type' + * arguments must be provided. + * + * The validation is performed in the context of 'view'. + * 'options' must be zero. + * + * When the validation finishes, a dns_validatorevent_t with + * the given 'action' and 'arg' are sent to 'task'. + * Its 'result' field will be ISC_R_SUCCESS iff the + * response was successfully proven to be either secure or + * part of a known insecure domain. + */ + +void +dns_validator_cancel(dns_validator_t *validator); +/* + * Cancel a DNSSEC validation in progress. + * + * Requires: + * 'validator' points to a valid DNSSEC validator, which + * may or may not already have completed. + * + * Ensures: + * It the validator has not already sent its completion + * event, it will send it with result code ISC_R_CANCELED. + */ + +void +dns_validator_destroy(dns_validator_t **validatorp); +/* + * Destroy a DNSSEC validator. + * + * Requires: + * '*validatorp' points to a valid DNSSEC validator. + * The validator must have completed and sent its completion + * event. + * + * Ensures: + * All resources used by the validator are freed. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_VALIDATOR_H */ diff --git a/contrib/bind9/lib/dns/include/dns/version.h b/contrib/bind9/lib/dns/include/dns/version.h new file mode 100644 index 0000000..28c83be --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/version.h @@ -0,0 +1,26 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: version.h,v 1.2.224.3 2004/03/08 09:04:40 marka Exp $ */ + +#include <isc/platform.h> + +LIBDNS_EXTERNAL_DATA extern const char dns_version[]; + +LIBDNS_EXTERNAL_DATA extern const unsigned int dns_libinterface; +LIBDNS_EXTERNAL_DATA extern const unsigned int dns_librevision; +LIBDNS_EXTERNAL_DATA extern const unsigned int dns_libage; diff --git a/contrib/bind9/lib/dns/include/dns/view.h b/contrib/bind9/lib/dns/include/dns/view.h new file mode 100644 index 0000000..a3cd935 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/view.h @@ -0,0 +1,789 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: view.h,v 1.73.2.4.2.12 2004/03/10 02:55:58 marka Exp $ */ + +#ifndef DNS_VIEW_H +#define DNS_VIEW_H 1 + +/***** + ***** Module Info + *****/ + +/* + * DNS View + * + * A "view" is a DNS namespace, together with an optional resolver and a + * forwarding policy. A "DNS namespace" is a (possibly empty) set of + * authoritative zones together with an optional cache and optional + * "hints" information. + * + * Views start out "unfrozen". In this state, core attributes like + * the cache, set of zones, and forwarding policy may be set. While + * "unfrozen", the caller (e.g. nameserver configuration loading + * code), must ensure exclusive access to the view. When the view is + * "frozen", the core attributes become immutable, and the view module + * will ensure synchronization. Freezing allows the view's core attributes + * to be accessed without locking. + * + * MP: + * Before the view is frozen, the caller must ensure synchronization. + * + * After the view is frozen, the module guarantees appropriate + * synchronization of any data structures it creates and manipulates. + * + * Reliability: + * No anticipated impact. + * + * Resources: + * <TBS> + * + * Security: + * No anticipated impact. + * + * Standards: + * None. + */ + +#include <stdio.h> + +#include <isc/lang.h> +#include <isc/magic.h> +#include <isc/event.h> +#include <isc/mutex.h> +#include <isc/net.h> +#include <isc/refcount.h> +#include <isc/rwlock.h> +#include <isc/stdtime.h> + +#include <dns/acl.h> +#include <dns/fixedname.h> +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +struct dns_view { + /* Unlocked. */ + unsigned int magic; + isc_mem_t * mctx; + dns_rdataclass_t rdclass; + char * name; + dns_zt_t * zonetable; + dns_resolver_t * resolver; + dns_adb_t * adb; + dns_requestmgr_t * requestmgr; + dns_cache_t * cache; + dns_db_t * cachedb; + dns_db_t * hints; + dns_keytable_t * secroots; + dns_keytable_t * trustedkeys; + isc_mutex_t lock; + isc_boolean_t frozen; + isc_task_t * task; + isc_event_t resevent; + isc_event_t adbevent; + isc_event_t reqevent; + /* Configurable data. */ + dns_tsig_keyring_t * statickeys; + dns_tsig_keyring_t * dynamickeys; + dns_peerlist_t * peers; + dns_order_t * order; + dns_fwdtable_t * fwdtable; + isc_boolean_t recursion; + isc_boolean_t auth_nxdomain; + isc_boolean_t additionalfromcache; + isc_boolean_t additionalfromauth; + isc_boolean_t minimalresponses; + isc_boolean_t enablednssec; + dns_transfer_format_t transfer_format; + dns_acl_t * queryacl; + dns_acl_t * recursionacl; + dns_acl_t * sortlist; + isc_boolean_t requestixfr; + isc_boolean_t provideixfr; + dns_ttl_t maxcachettl; + dns_ttl_t maxncachettl; + in_port_t dstport; + dns_aclenv_t aclenv; + dns_rdatatype_t preferred_glue; + isc_boolean_t flush; + dns_namelist_t * delonly; + isc_boolean_t rootdelonly; + dns_namelist_t * rootexclude; + isc_boolean_t checknames; + dns_name_t * dlv; + dns_fixedname_t dlv_fixed; + + /* + * Configurable data for server use only, + * locked by server configuration lock. + */ + dns_acl_t * matchclients; + dns_acl_t * matchdestinations; + isc_boolean_t matchrecursiveonly; + + /* Locked by themselves. */ + isc_refcount_t references; + + /* Locked by lock. */ + unsigned int weakrefs; + unsigned int attributes; + /* Under owner's locking control. */ + ISC_LINK(struct dns_view) link; +}; + +#define DNS_VIEW_MAGIC ISC_MAGIC('V','i','e','w') +#define DNS_VIEW_VALID(view) ISC_MAGIC_VALID(view, DNS_VIEW_MAGIC) + +#define DNS_VIEWATTR_RESSHUTDOWN 0x01 +#define DNS_VIEWATTR_ADBSHUTDOWN 0x02 +#define DNS_VIEWATTR_REQSHUTDOWN 0x04 + +isc_result_t +dns_view_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, + const char *name, dns_view_t **viewp); +/* + * Create a view. + * + * Notes: + * + * The newly created view has no cache, no resolver, and an empty + * zone table. The view is not frozen. + * + * Requires: + * + * 'mctx' is a valid memory context. + * + * 'rdclass' is a valid class. + * + * 'name' is a valid C string. + * + * viewp != NULL && *viewp == NULL + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * + * Other errors are possible. + */ + +void +dns_view_attach(dns_view_t *source, dns_view_t **targetp); +/* + * Attach '*targetp' to 'source'. + * + * Requires: + * + * 'source' is a valid, frozen view. + * + * 'targetp' points to a NULL dns_view_t *. + * + * Ensures: + * + * *targetp is attached to source. + * + * While *targetp is attached, the view will not shut down. + */ + +void +dns_view_detach(dns_view_t **viewp); +/* + * Detach '*viewp' from its view. + * + * Requires: + * + * 'viewp' points to a valid dns_view_t * + * + * Ensures: + * + * *viewp is NULL. + */ + +void +dns_view_flushanddetach(dns_view_t **viewp); +/* + * Detach '*viewp' from its view. If this was the last reference + * uncommited changed in zones will be flushed to disk. + * + * Requires: + * + * 'viewp' points to a valid dns_view_t * + * + * Ensures: + * + * *viewp is NULL. + */ + +void +dns_view_weakattach(dns_view_t *source, dns_view_t **targetp); +/* + * Weakly attach '*targetp' to 'source'. + * + * Requires: + * + * 'source' is a valid, frozen view. + * + * 'targetp' points to a NULL dns_view_t *. + * + * Ensures: + * + * *targetp is attached to source. + * + * While *targetp is attached, the view will not be freed. + */ + +void +dns_view_weakdetach(dns_view_t **targetp); +/* + * Detach '*viewp' from its view. + * + * Requires: + * + * 'viewp' points to a valid dns_view_t *. + * + * Ensures: + * + * *viewp is NULL. + */ + +isc_result_t +dns_view_createresolver(dns_view_t *view, + isc_taskmgr_t *taskmgr, unsigned int ntasks, + isc_socketmgr_t *socketmgr, + isc_timermgr_t *timermgr, + unsigned int options, + dns_dispatchmgr_t *dispatchmgr, + dns_dispatch_t *dispatchv4, + dns_dispatch_t *dispatchv6); +/* + * Create a resolver and address database for the view. + * + * Requires: + * + * 'view' is a valid, unfrozen view. + * + * 'view' does not have a resolver already. + * + * The requirements of dns_resolver_create() apply to 'taskmgr', + * 'ntasks', 'socketmgr', 'timermgr', 'options', 'dispatchv4', and + * 'dispatchv6'. + * + * Returns: + * + * ISC_R_SUCCESS + * + * Any error that dns_resolver_create() can return. + */ + +void +dns_view_setcache(dns_view_t *view, dns_cache_t *cache); +/* + * Set the view's cache database. + * + * Requires: + * + * 'view' is a valid, unfrozen view. + * + * 'cache' is a valid cache. + * + * Ensures: + * + * The cache of 'view' is 'cached. + * + * If this is not the first call to dns_view_setcache() for this + * view, then previously set cache is detached. + */ + +void +dns_view_sethints(dns_view_t *view, dns_db_t *hints); +/* + * Set the view's hints database. + * + * Requires: + * + * 'view' is a valid, unfrozen view, whose hints database has not been + * set. + * + * 'hints' is a valid zone database. + * + * Ensures: + * + * The hints database of 'view' is 'hints'. + */ + +void +dns_view_setkeyring(dns_view_t *view, dns_tsig_keyring_t *ring); +/* + * Set the view's static TSIG keys + * + * Requires: + * + * 'view' is a valid, unfrozen view, whose static TSIG keyring has not + * been set. + * + * 'ring' is a valid TSIG keyring + * + * Ensures: + * + * The static TSIG keyring of 'view' is 'ring'. + */ + +void +dns_view_setdstport(dns_view_t *view, in_port_t dstport); +/* + * Set the view's destination port. This is the port to + * which outgoing queries are sent. The default is 53, + * the standard DNS port. + * + * Requires: + * + * 'view' is a valid view. + * + * 'dstport' is a valid TCP/UDP port number. + * + * Ensures: + * External name servers will be assumed to be listning + * on 'dstport'. For servers whose address has already + * obtained obtained at the time of the call, the view may + * continue to use the previously set port until the address + * times out from the view's address database. + */ + + +isc_result_t +dns_view_addzone(dns_view_t *view, dns_zone_t *zone); +/* + * Add zone 'zone' to 'view'. + * + * Requires: + * + * 'view' is a valid, unfrozen view. + * + * 'zone' is a valid zone. + */ + +void +dns_view_freeze(dns_view_t *view); +/* + * Freeze view. + * + * Requires: + * + * 'view' is a valid, unfrozen view. + * + * Ensures: + * + * 'view' is frozen. + */ + +isc_result_t +dns_view_find(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type, + isc_stdtime_t now, unsigned int options, isc_boolean_t use_hints, + dns_db_t **dbp, dns_dbnode_t **nodep, dns_name_t *foundname, + dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset); +/* + * Find an rdataset whose owner name is 'name', and whose type is + * 'type'. + * + * Notes: + * + * See the description of dns_db_find() for information about 'options'. + * If the caller sets DNS_DBFIND_GLUEOK, it must ensure that 'name' + * and 'type' are appropriate for glue retrieval. + * + * If 'now' is zero, then the current time will be used. + * + * If 'use_hints' is ISC_TRUE, and the view has a hints database, then + * it will be searched last. If the answer is found in the hints + * database, the result code will be DNS_R_HINT. If the name is found + * in the hints database but not the type, the result code will be + * DNS_R_HINTNXRRSET. + * + * 'foundname' must meet the requirements of dns_db_find(). + * + * If 'sigrdataset' is not NULL, and there is a SIG rdataset which + * covers 'type', then 'sigrdataset' will be bound to it. + * + * Requires: + * + * 'view' is a valid, frozen view. + * + * 'name' is valid name. + * + * 'type' is a valid dns_rdatatype_t, and is not a meta query type + * except dns_rdatatype_any. + * + * dbp == NULL || *dbp == NULL + * + * nodep == NULL || *nodep == NULL. If nodep != NULL, dbp != NULL. + * + * 'foundname' is a valid name with a dedicated buffer or NULL. + * + * 'rdataset' is a valid, disassociated rdataset. + * + * 'sigrdataset' is NULL, or is a valid, disassociated rdataset. + * + * Ensures: + * + * In successful cases, 'rdataset', and possibly 'sigrdataset', are + * bound to the found data. + * + * If dbp != NULL, it points to the database containing the data. + * + * If nodep != NULL, it points to the database node containing the data. + * + * If foundname != NULL, it contains the full name of the found data. + * + * Returns: + * + * Any result that dns_db_find() can return, with the exception of + * DNS_R_DELEGATION. + */ + +isc_result_t +dns_view_simplefind(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type, + isc_stdtime_t now, unsigned int options, + isc_boolean_t use_hints, + dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset); +/* + * Find an rdataset whose owner name is 'name', and whose type is + * 'type'. + * + * Notes: + * + * This routine is appropriate for simple, exact-match queries of the + * view. 'name' must be a canonical name; there is no DNAME or CNAME + * processing. + * + * See the description of dns_db_find() for information about 'options'. + * If the caller sets DNS_DBFIND_GLUEOK, it must ensure that 'name' + * and 'type' are appropriate for glue retrieval. + * + * If 'now' is zero, then the current time will be used. + * + * If 'use_hints' is ISC_TRUE, and the view has a hints database, then + * it will be searched last. If the answer is found in the hints + * database, the result code will be DNS_R_HINT. If the name is found + * in the hints database but not the type, the result code will be + * DNS_R_HINTNXRRSET. + * + * If 'sigrdataset' is not NULL, and there is a SIG rdataset which + * covers 'type', then 'sigrdataset' will be bound to it. + * + * Requires: + * + * 'view' is a valid, frozen view. + * + * 'name' is valid name. + * + * 'type' is a valid dns_rdatatype_t, and is not a meta query type + * (e.g. dns_rdatatype_any), or dns_rdatatype_rrsig. + * + * 'rdataset' is a valid, disassociated rdataset. + * + * 'sigrdataset' is NULL, or is a valid, disassociated rdataset. + * + * Ensures: + * + * In successful cases, 'rdataset', and possibly 'sigrdataset', are + * bound to the found data. + * + * Returns: + * + * ISC_R_SUCCESS Success; result is desired type. + * DNS_R_GLUE Success; result is glue. + * DNS_R_HINT Success; result is a hint. + * DNS_R_NCACHENXDOMAIN Success; result is a ncache entry. + * DNS_R_NCACHENXRRSET Success; result is a ncache entry. + * DNS_R_NXDOMAIN The name does not exist. + * DNS_R_NXRRSET The rrset does not exist. + * ISC_R_NOTFOUND No matching data found, + * or an error occurred. + */ + +isc_result_t +dns_view_findzonecut(dns_view_t *view, dns_name_t *name, dns_name_t *fname, + isc_stdtime_t now, unsigned int options, + isc_boolean_t use_hints, + dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset); + +isc_result_t +dns_view_findzonecut2(dns_view_t *view, dns_name_t *name, dns_name_t *fname, + isc_stdtime_t now, unsigned int options, + isc_boolean_t use_hints, isc_boolean_t use_cache, + dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset); +/* + * Find the best known zonecut containing 'name'. + * + * This uses local authority, cache, and optionally hints data. + * No external queries are performed. + * + * Notes: + * + * If 'now' is zero, then the current time will be used. + * + * If 'use_hints' is ISC_TRUE, and the view has a hints database, then + * it will be searched last. + * + * If 'use_cache' is ISC_TRUE, and the view has a cache, then it will be + * searched. + * + * If 'sigrdataset' is not NULL, and there is a SIG rdataset which + * covers 'type', then 'sigrdataset' will be bound to it. + * + * If the DNS_DBFIND_NOEXACT option is set, then the zonecut returned + * (if any) will be the deepest known ancestor of 'name'. + * + * Requires: + * + * 'view' is a valid, frozen view. + * + * 'name' is valid name. + * + * 'rdataset' is a valid, disassociated rdataset. + * + * 'sigrdataset' is NULL, or is a valid, disassociated rdataset. + * + * Returns: + * + * ISC_R_SUCCESS Success. + * + * Many other results are possible. + */ + +isc_result_t +dns_viewlist_find(dns_viewlist_t *list, const char *name, + dns_rdataclass_t rdclass, dns_view_t **viewp); +/* + * Search for a view with name 'name' and class 'rdclass' in 'list'. + * If found, '*viewp' is (strongly) attached to it. + * + * Requires: + * + * 'viewp' points to a NULL dns_view_t *. + * + * Returns: + * + * ISC_R_SUCCESS A matching view was found. + * ISC_R_NOTFOUND No matching view was found. + */ + +isc_result_t +dns_view_findzone(dns_view_t *view, dns_name_t *name, dns_zone_t **zonep); +/* + * Search for the zone 'name' in the zone table of 'view'. + * If found, 'zonep' is (strongly) attached to it. There + * are no partial matches. + * + * Requires: + * + * 'zonep' points to a NULL dns_zone_t *. + * + * Returns: + * ISC_R_SUCCESS A matching zone was found. + * ISC_R_NOTFOUND No matching zone was found. + * others An error occurred. + */ + +isc_result_t +dns_view_load(dns_view_t *view, isc_boolean_t stop); + +isc_result_t +dns_view_loadnew(dns_view_t *view, isc_boolean_t stop); +/* + * Load zones attached to this view. dns_view_load() loads + * all zones whose master file has changed since the last + * load; dns_view_loadnew() loads only zones that have never + * been loaded. + * + * If 'stop' is ISC_TRUE, stop on the first error and return it. + * If 'stop' is ISC_FALSE, ignore errors. + * + * Requires: + * + * 'view' is valid. + */ + +isc_result_t +dns_view_gettsig(dns_view_t *view, dns_name_t *keyname, + dns_tsigkey_t **keyp); +/* + * Find the TSIG key configured in 'view' with name 'keyname', + * if any. + * + * Reqires: + * keyp points to a NULL dns_tsigkey_t *. + * + * Returns: + * ISC_R_SUCCESS A key was found and '*keyp' now points to it. + * ISC_R_NOTFOUND No key was found. + * others An error occurred. + */ + +isc_result_t +dns_view_getpeertsig(dns_view_t *view, isc_netaddr_t *peeraddr, + dns_tsigkey_t **keyp); +/* + * Find the TSIG key configured in 'view' for the server whose + * address is 'peeraddr', if any. + * + * Reqires: + * keyp points to a NULL dns_tsigkey_t *. + * + * Returns: + * ISC_R_SUCCESS A key was found and '*keyp' now points to it. + * ISC_R_NOTFOUND No key was found. + * others An error occurred. + */ + +isc_result_t +dns_view_checksig(dns_view_t *view, isc_buffer_t *source, dns_message_t *msg); +/* + * Verifies the signature of a message. + * + * Requires: + * + * 'view' is a valid view. + * 'source' is a valid buffer containing the message + * 'msg' is a valid message + * + * Returns: + * see dns_tsig_verify() + */ + +void +dns_view_dialup(dns_view_t *view); +/* + * Perform dialup-time maintenance on the zones of 'view'. + */ + +isc_result_t +dns_view_dumpdbtostream(dns_view_t *view, FILE *fp); +/* + * Dump the current state of the view 'view' to the stream 'fp' + * for purposes of analysis or debugging. + * + * Currently the dumped state includes the view's cache; in the future + * it may also include other state such as the address database. + * It will not not include authoritative data since it is voluminous and + * easily obtainable by other means. + * + * Requires: + * + * 'view' is valid. + * + * 'fp' refers to a file open for writing. + * + * Returns: + * ISC_R_SUCCESS The cache was successfully dumped. + * others An error occurred (see dns_master_dump) + */ + +isc_result_t +dns_view_flushcache(dns_view_t *view); +/* + * Flush the view's cache (and ADB). + * + * Requires: + * 'view' is valid. + * + * No other tasks are executing. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + +isc_result_t +dns_view_flushname(dns_view_t *view, dns_name_t *); +/* + * Flush the given name from the view's cache (and ADB). + * + * Requires: + * 'view' is valid. + * 'name' is valid. + * + * Returns: + * ISC_R_SUCCESS + * other returns are failures. + */ + +isc_result_t +dns_view_adddelegationonly(dns_view_t *view, dns_name_t *name); +/* + * Add the given name to the delegation only table. + * + * + * Requires: + * 'view' is valid. + * 'name' is valid. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + +isc_result_t +dns_view_excludedelegationonly(dns_view_t *view, dns_name_t *name); +/* + * Add the given name to be excluded from the root-delegation-only. + * + * + * Requires: + * 'view' is valid. + * 'name' is valid. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + +isc_boolean_t +dns_view_isdelegationonly(dns_view_t *view, dns_name_t *name); +/* + * Check if 'name' is in the delegation only table or if + * rootdelonly is set that name is not being excluded. + * + * Requires: + * 'view' is valid. + * 'name' is valid. + * + * Returns: + * ISC_TRUE if the name is is the table. + * ISC_FALSE othewise. + */ + +void +dns_view_setrootdelonly(dns_view_t *view, isc_boolean_t value); +/* + * Set the root delegation only flag. + * + * Requires: + * 'view' is valid. + */ + +isc_boolean_t +dns_view_getrootdelonly(dns_view_t *view); +/* + * Get the root delegation only flag. + * + * Requires: + * 'view' is valid. + */ + +#endif /* DNS_VIEW_H */ diff --git a/contrib/bind9/lib/dns/include/dns/xfrin.h b/contrib/bind9/lib/dns/include/dns/xfrin.h new file mode 100644 index 0000000..0050238 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/xfrin.h @@ -0,0 +1,107 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001, 2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: xfrin.h,v 1.18.136.2 2004/03/06 08:14:01 marka Exp $ */ + +#ifndef DNS_XFRIN_H +#define DNS_XFRIN_H 1 + +/***** + ***** Module Info + *****/ + +/* + * Incoming zone transfers (AXFR + IXFR). + */ + +/*** + *** Imports + ***/ + +#include <isc/lang.h> + +#include <dns/types.h> + +/*** + *** Types + ***/ + +/* + * A transfer in progress. This is an opaque type. + */ +typedef struct dns_xfrin_ctx dns_xfrin_ctx_t; + +/*** + *** Functions + ***/ + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_xfrin_create(dns_zone_t *zone, dns_rdatatype_t xfrtype, + isc_sockaddr_t *masteraddr, dns_tsigkey_t *tsigkey, + isc_mem_t *mctx, isc_timermgr_t *timermgr, + isc_socketmgr_t *socketmgr, isc_task_t *task, + dns_xfrindone_t done, dns_xfrin_ctx_t **xfrp); + +isc_result_t +dns_xfrin_create2(dns_zone_t *zone, dns_rdatatype_t xfrtype, + isc_sockaddr_t *masteraddr, isc_sockaddr_t *sourceaddr, + dns_tsigkey_t *tsigkey, isc_mem_t *mctx, + isc_timermgr_t *timermgr, isc_socketmgr_t *socketmgr, + isc_task_t *task, dns_xfrindone_t done, + dns_xfrin_ctx_t **xfrp); +/* + * Attempt to start an incoming zone transfer of 'zone' + * from 'masteraddr', creating a dns_xfrin_ctx_t object to + * manage it. Attach '*xfrp' to the newly created object. + * + * Iff ISC_R_SUCCESS is returned, '*done' is guaranteed to be + * called in the context of 'task', with 'zone' and a result + * code as arguments when the transfer finishes. + * + * Requires: + * 'xfrtype' is dns_rdatatype_axfr or dns_rdatatype_ixfr. + * + * If 'xfrtype' is dns_rdatatype_ixfr, the zone has a + * database. + */ + +void +dns_xfrin_shutdown(dns_xfrin_ctx_t *xfr); +/* + * If the zone transfer 'xfr' has already finished, + * do nothing. Otherwise, abort it and cause it to call + * its done callback with a status of ISC_R_CANCELLED. + */ + +void +dns_xfrin_detach(dns_xfrin_ctx_t **xfrp); +/* + * Detach a reference to a zone transfer object. + * Caller to maintain external locking if required. + */ + +void +dns_xfrin_attach(dns_xfrin_ctx_t *source, dns_xfrin_ctx_t **target); +/* + * Caller to maintain external locking if required. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_XFRIN_H */ diff --git a/contrib/bind9/lib/dns/include/dns/zone.h b/contrib/bind9/lib/dns/include/dns/zone.h new file mode 100644 index 0000000..ebd8d8c --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/zone.h @@ -0,0 +1,1430 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2003 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: zone.h,v 1.106.2.7.4.14 2004/03/06 08:14:01 marka Exp $ */ + +#ifndef DNS_ZONE_H +#define DNS_ZONE_H 1 + +/*** + *** Imports + ***/ + +#include <stdio.h> + +#include <isc/formatcheck.h> +#include <isc/lang.h> +#include <isc/rwlock.h> + +#include <dns/types.h> + +typedef enum { + dns_zone_none, + dns_zone_master, + dns_zone_slave, + dns_zone_stub +} dns_zonetype_t; + +#define DNS_ZONEOPT_SERVERS 0x00000001U /* perform server checks */ +#define DNS_ZONEOPT_PARENTS 0x00000002U /* perform parent checks */ +#define DNS_ZONEOPT_CHILDREN 0x00000004U /* perform child checks */ +#define DNS_ZONEOPT_NOTIFY 0x00000008U /* perform NOTIFY */ +#define DNS_ZONEOPT_MANYERRORS 0x00000010U /* return many errors on load */ +#define DNS_ZONEOPT_IXFRFROMDIFFS 0x00000020U /* calculate differences */ +#define DNS_ZONEOPT_NOMERGE 0x00000040U /* don't merge journal */ +#define DNS_ZONEOPT_CHECKNS 0x00000080U /* check if NS's are addresses */ +#define DNS_ZONEOPT_FATALNS 0x00000100U /* DNS_ZONEOPT_CHECKNS is fatal */ +#define DNS_ZONEOPT_MULTIMASTER 0x00000200U /* this zone has multiple masters */ +#define DNS_ZONEOPT_USEALTXFRSRC 0x00000400U /* use alternate transfer sources */ +#define DNS_ZONEOPT_CHECKNAMES 0x00000800U /* check-names */ +#define DNS_ZONEOPT_CHECKNAMESFAIL 0x00001000U /* fatal check-name failures */ + +#ifndef NOMINUM_PUBLIC +/* + * Nominum specific options build down. + */ +#define DNS_ZONEOPT_NOTIFYFORWARD 0x80000000U /* forward notify to master */ +#endif /* NOMINUM_PUBLIC */ + +#ifndef DNS_ZONE_MINREFRESH +#define DNS_ZONE_MINREFRESH 300 /* 5 minutes */ +#endif +#ifndef DNS_ZONE_MAXREFRESH +#define DNS_ZONE_MAXREFRESH 2419200 /* 4 weeks */ +#endif +#ifndef DNS_ZONE_DEFAULTREFRESH +#define DNS_ZONE_DEFAULTREFRESH 3600 /* 1 hour */ +#endif +#ifndef DNS_ZONE_MINRETRY +#define DNS_ZONE_MINRETRY 300 /* 5 minutes */ +#endif +#ifndef DNS_ZONE_MAXRETRY +#define DNS_ZONE_MAXRETRY 1209600 /* 2 weeks */ +#endif +#ifndef DNS_ZONE_DEFAULTRETRY +#define DNS_ZONE_DEFAULTRETRY 60 /* 1 minute, subject to + exponential backoff */ +#endif + +#define DNS_ZONESTATE_XFERRUNNING 1 +#define DNS_ZONESTATE_XFERDEFERRED 2 +#define DNS_ZONESTATE_SOAQUERY 3 +#define DNS_ZONESTATE_ANY 4 + +ISC_LANG_BEGINDECLS + +/*** + *** Functions + ***/ + +isc_result_t +dns_zone_create(dns_zone_t **zonep, isc_mem_t *mctx); +/* + * Creates a new empty zone and attach '*zonep' to it. + * + * Requires: + * 'zonep' to point to a NULL pointer. + * 'mctx' to be a valid memory context. + * + * Ensures: + * '*zonep' refers to a valid zone. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * ISC_R_UNEXPECTED + */ + +void +dns_zone_setclass(dns_zone_t *zone, dns_rdataclass_t rdclass); +/* + * Sets the class of a zone. This operation can only be performed + * once on a zone. + * + * Require: + * 'zone' to be a valid zone. + * dns_zone_setclass() not to have been called since the zone was + * created. + * 'rdclass' != dns_rdataclass_none. + */ + +dns_rdataclass_t +dns_zone_getclass(dns_zone_t *zone); +/* + * Returns the current zone class. + * + * Requires: + * 'zone' to be a valid zone. + */ + +void +dns_zone_settype(dns_zone_t *zone, dns_zonetype_t type); +/* + * Sets the zone type. This operation can only be performed once on + * a zone. + * + * Requires: + * 'zone' to be a valid zone. + * dns_zone_settype() not to have been called since the zone was + * created. + * 'type' != dns_zone_none + */ + +void +dns_zone_setview(dns_zone_t *zone, dns_view_t *view); +/* + * Associate the zone with a view. + * + * Require: + * 'zone' to be a valid zone. + */ + +dns_view_t * +dns_zone_getview(dns_zone_t *zone); +/* + * Returns the zone's associated view. + * + * Requires: + * 'zone' to be a valid zone. + */ + +isc_result_t +dns_zone_setorigin(dns_zone_t *zone, dns_name_t *origin); +/* + * Sets the zones origin to 'origin'. + * + * Require: + * 'zone' to be a valid zone. + * 'origin' to be non NULL. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + +dns_name_t * +dns_zone_getorigin(dns_zone_t *zone); +/* + * Returns the value of the origin. + * + * Require: + * 'zone' to be a valid zone. + */ + +isc_result_t +dns_zone_setfile(dns_zone_t *zone, const char *file); +/* + * Sets the name of the master file from which the zone + * loads its database to 'file'. For zones that have + * no associated master file, 'file' will be NULL. + * + * For zones with persistent databases, the file name + * setting is ignored. + * + * Require: + * 'zone' to be a valid zone. + * + * Returns: + * ISC_R_NOMEMORY + * ISC_R_SUCCESS + */ + +const char * +dns_zone_getfile(dns_zone_t *zone); +/* + * Gets the name of the zone's master file, if any. + * + * Requires: + * 'zone' to be valid initialised zone. + * + * Returns: + * Pointer to null-terminated file name, or NULL. + */ + +isc_result_t +dns_zone_load(dns_zone_t *zone); + +isc_result_t +dns_zone_loadnew(dns_zone_t *zone); +/* + * Cause the database to be loaded from its backing store. + * Confirm that the minimum requirements for the zone type are + * met, otherwise DNS_R_BADZONE is returned. + * + * dns_zone_loadnew() only loads zones that are not yet loaded. + * dns_zone_load() also loads zones that are already loaded and + * and whose master file has changed since the last load. + * + * Require: + * 'zone' to be a valid zone. + * + * Returns: + * ISC_R_UNEXPECTED + * ISC_R_SUCCESS + * DNS_R_CONTINUE Incremental load has been queued. + * DNS_R_UPTODATE The zone has already been loaded based on + * file system timestamps. + * DNS_R_BADZONE + * Any result value from dns_db_load(). + */ + +void +dns_zone_attach(dns_zone_t *source, dns_zone_t **target); +/* + * Attach '*target' to 'source' incrementing its external + * reference count. + * + * Require: + * 'zone' to be a valid zone. + * 'target' to be non NULL and '*target' to be NULL. + */ + +void +dns_zone_detach(dns_zone_t **zonep); +/* + * Detach from a zone decrementing its external reference count. + * If this was the last external reference to the zone it will be + * shut down and eventually freed. + * + * Require: + * 'zonep' to point to a valid zone. + */ + +void +dns_zone_iattach(dns_zone_t *source, dns_zone_t **target); +/* + * Attach '*target' to 'source' incrementing its internal + * reference count. This is intended for use by operations + * such as zone transfers that need to prevent the zone + * object from being freed but not from shutting down. + * + * Require: + * The caller is running in the context of the zone's task. + * 'zone' to be a valid zone. + * 'target' to be non NULL and '*target' to be NULL. + */ + +void +dns_zone_idetach(dns_zone_t **zonep); +/* + * Detach from a zone decrementing its internal reference count. + * If there are no more internal or external references to the + * zone, it will be freed. + * + * Require: + * The caller is running in the context of the zone's task. + * 'zonep' to point to a valid zone. + */ + +void +dns_zone_setflag(dns_zone_t *zone, unsigned int flags, isc_boolean_t value); +/* + * Sets ('value' == 'ISC_TRUE') / clears ('value' == 'IS_FALSE') + * zone flags. Valid flag bits are DNS_ZONE_F_*. + * + * Requires + * 'zone' to be a valid zone. + */ + +isc_result_t +dns_zone_getdb(dns_zone_t *zone, dns_db_t **dbp); +/* + * Attach '*dbp' to the database to if it exists otherwise + * return DNS_R_NOTLOADED. + * + * Require: + * 'zone' to be a valid zone. + * 'dbp' to be != NULL && '*dbp' == NULL. + * + * Returns: + * ISC_R_SUCCESS + * DNS_R_NOTLOADED + */ + +isc_result_t +dns_zone_setdbtype(dns_zone_t *zone, + unsigned int dbargc, const char * const *dbargv); +/* + * Sets the database type to dbargv[0] and database arguments + * to subsequent dbargv elements. + * 'db_type' is not checked to see if it is a valid database type. + * + * Require: + * 'zone' to be a valid zone. + * 'database' to be non NULL. + * 'dbargc' to be >= 1 + * 'dbargv' to point to dbargc NULL-terminated strings + * + * Returns: + * ISC_R_NOMEMORY + * ISC_R_SUCCESS + */ + +void +dns_zone_markdirty(dns_zone_t *zone); +/* + * Mark a zone as 'dirty'. + * + * Require: + * 'zone' to be a valid zone. + */ + +void +dns_zone_expire(dns_zone_t *zone); +/* + * Mark the zone as expired. If the zone requires dumping cause it to + * be initiated. Set the refresh and retry intervals to there default + * values and unload the zone. + * + * Require + * 'zone' to be a valid zone. + */ + +void +dns_zone_refresh(dns_zone_t *zone); +/* + * Initiate zone up to date checks. The zone must already be being + * managed. + * + * Require + * 'zone' to be a valid zone. + */ + +isc_result_t +dns_zone_flush(dns_zone_t *zone); +/* + * Write the zone to database if there are uncommited changes. + * + * Require: + * 'zone' to be a valid zone. + */ + +isc_result_t +dns_zone_dump(dns_zone_t *zone); +/* + * Write the zone to database. + * + * Require: + * 'zone' to be a valid zone. + */ + +isc_result_t +dns_zone_dumptostream(dns_zone_t *zone, FILE *fd); +/* + * Write the zone to stream 'fd'. + * + * Require: + * 'zone' to be a valid zone. + * 'fd' to be a stream open for writing. + */ + +isc_result_t +dns_zone_fulldumptostream(dns_zone_t *zone, FILE *fd); +/* + * The same as dns_zone_dumptostream, but dumps the zone with + * different dump settings (dns_master_style_full). + * + * Require: + * 'zone' to be a valid zone. + * 'fd' to be a stream open for writing. + */ + +void +dns_zone_maintenance(dns_zone_t *zone); +/* + * Perform regular maintenace on the zone. This is called as a + * result of a zone being managed. + * + * Require + * 'zone' to be a valid zone. + */ + +isc_result_t +dns_zone_setmasters(dns_zone_t *zone, isc_sockaddr_t *masters, + isc_uint32_t count); +isc_result_t +dns_zone_setmasterswithkeys(dns_zone_t *zone, isc_sockaddr_t *masters, + dns_name_t **keynames, isc_uint32_t count); +/* + * Set the list of master servers for the zone. + * + * Require: + * 'zone' to be a valid zone. + * 'masters' array of isc_sockaddr_t with port set or NULL. + * 'count' the number of masters. + * 'keynames' array of dns_name_t's for tsig keys or NULL. + * + * dns_zone_setmasters() is just a wrapper to setmasterswithkeys(), + * passing NULL in the keynames field. + * + * If 'masters' is NULL then 'count' must be zero. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * Any result dns_name_dup() can return, if keynames!=NULL + */ + +isc_result_t +dns_zone_setalsonotify(dns_zone_t *zone, isc_sockaddr_t *notify, + isc_uint32_t count); +/* + * Set the list of additional servers to be notified when + * a zone changes. To clear the list use 'count = 0'. + * + * Require: + * 'zone' to be a valid zone. + * 'notify' to be non-NULL if count != 0. + * 'count' to be the number of notifyees. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + +void +dns_zone_unload(dns_zone_t *zone); +/* + * detach the database from the zone structure. + * + * Require: + * 'zone' to be a valid zone. + */ + +void +dns_zone_setoption(dns_zone_t *zone, unsigned int option, isc_boolean_t value); +/* + * Set given options on ('value' == ISC_TRUE) or off ('value' == + * ISC_FALSE). + * + * Require: + * 'zone' to be a valid zone. + */ + +unsigned int +dns_zone_getoptions(dns_zone_t *zone); +/* + * Returns the current zone options. + * + * Require: + * 'zone' to be a valid zone. + */ + +void +dns_zone_setminrefreshtime(dns_zone_t *zone, isc_uint32_t val); +/* + * Set the minimum refresh time. + * + * Requires: + * 'zone' is valid. + * val > 0. + */ + +void +dns_zone_setmaxrefreshtime(dns_zone_t *zone, isc_uint32_t val); +/* + * Set the maximum refresh time. + * + * Requires: + * 'zone' is valid. + * val > 0. + */ + +void +dns_zone_setminretrytime(dns_zone_t *zone, isc_uint32_t val); +/* + * Set the minimum retry time. + * + * Requires: + * 'zone' is valid. + * val > 0. + */ + +void +dns_zone_setmaxretrytime(dns_zone_t *zone, isc_uint32_t val); +/* + * Set the maximum retry time. + * + * Requires: + * 'zone' is valid. + * val > 0. + */ + +isc_result_t +dns_zone_setxfrsource4(dns_zone_t *zone, isc_sockaddr_t *xfrsource); +isc_result_t +dns_zone_setaltxfrsource4(dns_zone_t *zone, isc_sockaddr_t *xfrsource); +/* + * Set the source address to be used in IPv4 zone transfers. + * + * Require: + * 'zone' to be a valid zone. + * 'xfrsource' to contain the address. + * + * Returns: + * ISC_R_SUCCESS + */ + +isc_sockaddr_t * +dns_zone_getxfrsource4(dns_zone_t *zone); +isc_sockaddr_t * +dns_zone_getaltxfrsource4(dns_zone_t *zone); +/* + * Returns the source address set by a previous dns_zone_setxfrsource4 + * call, or the default of inaddr_any, port 0. + * + * Require: + * 'zone' to be a valid zone. + */ + +isc_result_t +dns_zone_setxfrsource6(dns_zone_t *zone, isc_sockaddr_t *xfrsource); +isc_result_t +dns_zone_setaltxfrsource6(dns_zone_t *zone, isc_sockaddr_t *xfrsource); +/* + * Set the source address to be used in IPv6 zone transfers. + * + * Require: + * 'zone' to be a valid zone. + * 'xfrsource' to contain the address. + * + * Returns: + * ISC_R_SUCCESS + */ + +isc_sockaddr_t * +dns_zone_getxfrsource6(dns_zone_t *zone); +isc_sockaddr_t * +dns_zone_getaltxfrsource6(dns_zone_t *zone); +/* + * Returns the source address set by a previous dns_zone_setxfrsource6 + * call, or the default of in6addr_any, port 0. + * + * Require: + * 'zone' to be a valid zone. + */ + +isc_result_t +dns_zone_setnotifysrc4(dns_zone_t *zone, isc_sockaddr_t *notifysrc); +/* + * Set the source address to be used with IPv4 NOTIFY messages. + * + * Require: + * 'zone' to be a valid zone. + * 'notifysrc' to contain the address. + * + * Returns: + * ISC_R_SUCCESS + */ + +isc_sockaddr_t * +dns_zone_getnotifysrc4(dns_zone_t *zone); +/* + * Returns the source address set by a previous dns_zone_setnotifysrc4 + * call, or the default of inaddr_any, port 0. + * + * Require: + * 'zone' to be a valid zone. + */ + +isc_result_t +dns_zone_setnotifysrc6(dns_zone_t *zone, isc_sockaddr_t *notifysrc); +/* + * Set the source address to be used with IPv6 NOTIFY messages. + * + * Require: + * 'zone' to be a valid zone. + * 'notifysrc' to contain the address. + * + * Returns: + * ISC_R_SUCCESS + */ + +isc_sockaddr_t * +dns_zone_getnotifysrc6(dns_zone_t *zone); +/* + * Returns the source address set by a previous dns_zone_setnotifysrc6 + * call, or the default of in6addr_any, port 0. + * + * Require: + * 'zone' to be a valid zone. + */ + +void +dns_zone_setnotifyacl(dns_zone_t *zone, dns_acl_t *acl); +/* + * Sets the notify acl list for the zone. + * + * Require: + * 'zone' to be a valid zone. + * 'acl' to be a valid acl. + */ + +void +dns_zone_setqueryacl(dns_zone_t *zone, dns_acl_t *acl); +/* + * Sets the query acl list for the zone. + * + * Require: + * 'zone' to be a valid zone. + * 'acl' to be a valid acl. + */ + +void +dns_zone_setupdateacl(dns_zone_t *zone, dns_acl_t *acl); +/* + * Sets the update acl list for the zone. + * + * Require: + * 'zone' to be a valid zone. + * 'acl' to be valid acl. + */ + +void +dns_zone_setforwardacl(dns_zone_t *zone, dns_acl_t *acl); +/* + * Sets the forward unsigned updates acl list for the zone. + * + * Require: + * 'zone' to be a valid zone. + * 'acl' to be valid acl. + */ + +void +dns_zone_setxfracl(dns_zone_t *zone, dns_acl_t *acl); +/* + * Sets the transfer acl list for the zone. + * + * Require: + * 'zone' to be a valid zone. + * 'acl' to be valid acl. + */ + +dns_acl_t * +dns_zone_getnotifyacl(dns_zone_t *zone); +/* + * Returns the current notify acl or NULL. + * + * Require: + * 'zone' to be a valid zone. + * + * Returns: + * acl a pointer to the acl. + * NULL + */ + +dns_acl_t * +dns_zone_getqueryacl(dns_zone_t *zone); +/* + * Returns the current query acl or NULL. + * + * Require: + * 'zone' to be a valid zone. + * + * Returns: + * acl a pointer to the acl. + * NULL + */ + +dns_acl_t * +dns_zone_getupdateacl(dns_zone_t *zone); +/* + * Returns the current update acl or NULL. + * + * Require: + * 'zone' to be a valid zone. + * + * Returns: + * acl a pointer to the acl. + * NULL + */ + +dns_acl_t * +dns_zone_getforwardacl(dns_zone_t *zone); +/* + * Returns the current forward unsigned updates acl or NULL. + * + * Require: + * 'zone' to be a valid zone. + * + * Returns: + * acl a pointer to the acl. + * NULL + */ + +dns_acl_t * +dns_zone_getxfracl(dns_zone_t *zone); +/* + * Returns the current transfer acl or NULL. + * + * Require: + * 'zone' to be a valid zone. + * + * Returns: + * acl a pointer to the acl. + * NULL + */ + +void +dns_zone_clearupdateacl(dns_zone_t *zone); +/* + * Clear the current update acl. + * + * Require: + * 'zone' to be a valid zone. + */ + +void +dns_zone_clearforwardacl(dns_zone_t *zone); +/* + * Clear the current forward unsigned updates acl. + * + * Require: + * 'zone' to be a valid zone. + */ + +void +dns_zone_clearnotifyacl(dns_zone_t *zone); +/* + * Clear the current notify acl. + * + * Require: + * 'zone' to be a valid zone. + */ + +void +dns_zone_clearqueryacl(dns_zone_t *zone); +/* + * Clear the current query acl. + * + * Require: + * 'zone' to be a valid zone. + */ + +void +dns_zone_clearxfracl(dns_zone_t *zone); +/* + * Clear the current transfer acl. + * + * Require: + * 'zone' to be a valid zone. + */ + +isc_boolean_t +dns_zone_getupdatedisabled(dns_zone_t *zone); + +void +dns_zone_setupdatedisabled(dns_zone_t *zone, isc_boolean_t state); + +void +dns_zone_setchecknames(dns_zone_t *zone, dns_severity_t severity); +/* + * Set the severity of name checking when loading a zone. + * + * Require: + * 'zone' to be a valid zone. + */ + +dns_severity_t +dns_zone_getchecknames(dns_zone_t *zone); +/* + * Return the current severity of name checking. + * + * Require: + * 'zone' to be a valid zone. + */ + +void +dns_zone_setjournalsize(dns_zone_t *zone, isc_int32_t size); +/* + * Sets the journal size for the zone. + * + * Requires: + * 'zone' to be a valid zone. + */ + +isc_int32_t +dns_zone_getjournalsize(dns_zone_t *zone); +/* + * Return the journal size as set with a previous call to + * dns_zone_setjournalsize(). + * + * Requires: + * 'zone' to be a valid zone. + */ + +isc_result_t +dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from, + dns_message_t *msg); +/* + * Tell the zone that it has recieved a NOTIFY message from another + * server. This may cause some zone maintainence activity to occur. + * + * Requires: + * 'zone' to be a valid zone. + * '*from' to contain the address of the server from which 'msg' + * was recieved. + * 'msg' a message with opcode NOTIFY and qr clear. + * + * Returns: + * DNS_R_REFUSED + * DNS_R_NOTIMP + * DNS_R_FORMERR + * DNS_R_SUCCESS + */ + +void +dns_zone_setmaxxfrin(dns_zone_t *zone, isc_uint32_t maxxfrin); +/* + * Set the maximum time (in seconds) that a zone transfer in (AXFR/IXFR) + * of this zone will use before being aborted. + * + * Requires: + * 'zone' to be valid initialised zone. + */ + +isc_uint32_t +dns_zone_getmaxxfrin(dns_zone_t *zone); +/* + * Returns the maximum transfer time for this zone. This will be + * either the value set by the last call to dns_zone_setmaxxfrin() or + * the default value of 1 hour. + * + * Requires: + * 'zone' to be valid initialised zone. + */ + +void +dns_zone_setmaxxfrout(dns_zone_t *zone, isc_uint32_t maxxfrout); +/* + * Set the maximum time (in seconds) that a zone transfer out (AXFR/IXFR) + * of this zone will use before being aborted. + * + * Requires: + * 'zone' to be valid initialised zone. + */ + +isc_uint32_t +dns_zone_getmaxxfrout(dns_zone_t *zone); +/* + * Returns the maximum transfer time for this zone. This will be + * either the value set by the last call to dns_zone_setmaxxfrout() or + * the default value of 1 hour. + * + * Requires: + * 'zone' to be valid initialised zone. + */ + +isc_result_t +dns_zone_setjournal(dns_zone_t *zone, const char *journal); +/* + * Sets the filename used for journaling updates / IXFR transfers. + * The default journal name is set by dns_zone_setfile() to be + * "file.jnl". If 'journal' is NULL, the zone will have no + * journal name. + * + * Requires: + * 'zone' to be a valid zone. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + +char * +dns_zone_getjournal(dns_zone_t *zone); +/* + * Returns the journal name associated with this zone. + * If no journal has been set this will be NULL. + * + * Requires: + * 'zone' to be valid initialised zone. + */ + +dns_zonetype_t +dns_zone_gettype(dns_zone_t *zone); +/* + * Returns the type of the zone (master/slave/etc.) + * + * Requires: + * 'zone' to be valid initialised zone. + */ + +void +dns_zone_settask(dns_zone_t *zone, isc_task_t *task); +/* + * Give a zone a task to work with. Any current task will be detached. + * + * Requires: + * 'zone' to be valid. + * 'task' to be valid. + */ + +void +dns_zone_gettask(dns_zone_t *zone, isc_task_t **target); +/* + * Attach '*target' to the zone's task. + * + * Requires: + * 'zone' to be valid initialised zone. + * 'zone' to have a task. + * 'target' to be != NULL && '*target' == NULL. + */ + +void +dns_zone_notify(dns_zone_t *zone); +/* + * Generate notify events for this zone. + * + * Requires: + * 'zone' to be a valid zone. + */ + +isc_result_t +dns_zone_replacedb(dns_zone_t *zone, dns_db_t *db, isc_boolean_t dump); +/* + * Replace the database of "zone" with a new database "db". + * + * If "dump" is ISC_TRUE, then the new zone contents are dumped + * into to the zone's master file for persistence. When replacing + * a zone database by one just loaded from a master file, set + * "dump" to ISC_FALSE to avoid a redunant redump of the data just + * loaded. Otherwise, it should be set to ISC_TRUE. + * + * If the "diff-on-reload" option is enabled in the configuration file, + * the differences between the old and the new database are added to the + * journal file, and the master file dump is postponed. + * + * Requires: + * 'zone' to be a valid zone. + */ + +isc_uint32_t +dns_zone_getidlein(dns_zone_t *zone); +/* + * Requires: + * 'zone' to be a valid zone. + * + * Returns: + * number of seconds of idle time before we abort the transfer in. + */ + +void +dns_zone_setidlein(dns_zone_t *zone, isc_uint32_t idlein); +/* + * Set the idle timeout for transfer the. + * Zero set the default value, 1 hour. + * + * Requires: + * 'zone' to be a valid zone. + */ + +isc_uint32_t +dns_zone_getidleout(dns_zone_t *zone); +/* + * + * Requires: + * 'zone' to be a valid zone. + * + * Returns: + * number of seconds of idle time before we abort a transfer out. + */ + +void +dns_zone_setidleout(dns_zone_t *zone, isc_uint32_t idleout); +/* + * Set the idle timeout for transfers out. + * Zero set the default value, 1 hour. + * + * Requires: + * 'zone' to be a valid zone. + */ + +void +dns_zone_getssutable(dns_zone_t *zone, dns_ssutable_t **table); +/* + * Get the simple-secure-update policy table. + * + * Requires: + * 'zone' to be a valid zone. + */ + +void +dns_zone_setssutable(dns_zone_t *zone, dns_ssutable_t *table); +/* + * Set / clear the simple-secure-update policy table. + * + * Requires: + * 'zone' to be a valid zone. + */ + +isc_mem_t * +dns_zone_getmctx(dns_zone_t *zone); +/* + * Get the memory context of a zone. + * + * Requires: + * 'zone' to be a valid zone. + */ + +dns_zonemgr_t * +dns_zone_getmgr(dns_zone_t *zone); +/* + * If 'zone' is managed return the zone manager otherwise NULL. + * + * Requires: + * 'zone' to be a valid zone. + */ + +void +dns_zone_setsigvalidityinterval(dns_zone_t *zone, isc_uint32_t interval); +/* + * Set the zone's SIG validity interval. This is the length of time + * for which DNSSEC signatures created as a result of dynamic updates + * to secure zones will remain valid, in seconds. + * + * Requires: + * 'zone' to be a valid zone. + */ + +isc_uint32_t +dns_zone_getsigvalidityinterval(dns_zone_t *zone); +/* + * Get the zone's SIG validity interval. + * + * Requires: + * 'zone' to be a valid zone. + */ + +void +dns_zone_setnotifytype(dns_zone_t *zone, dns_notifytype_t notifytype); +/* + * Sets zone notify method to "notifytype" + */ + +isc_result_t +dns_zone_forwardupdate(dns_zone_t *zone, dns_message_t *msg, + dns_updatecallback_t callback, void *callback_arg); +/* + * Forward 'msg' to each master in turn until we get an answer or we + * have exausted the list of masters. 'callback' will be called with + * ISC_R_SUCCESS if we get an answer and the returned message will be + * passed as 'answer_message', otherwise a non ISC_R_SUCCESS result code + * will be passed and answer_message will be NULL. The callback function + * is responsible for destroying 'answer_message'. + * (callback)(callback_arg, result, answer_message); + * + * Require: + * 'zone' to be valid + * 'msg' to be valid. + * 'callback' to be non NULL. + * Returns: + * ISC_R_SUCCESS if the message has been forwarded, + * ISC_R_NOMEMORY + * Others + */ + +isc_result_t +dns_zone_next(dns_zone_t *zone, dns_zone_t **next); +/* + * Find the next zone in the list of managed zones. + * + * Requires: + * 'zone' to be valid + * The zone manager for the indicated zone MUST be locked + * by the caller. This is not checked. + * 'next' be non-NULL, and '*next' be NULL. + * + * Ensures: + * 'next' points to a valid zone (result ISC_R_SUCCESS) or to NULL + * (result ISC_R_NOMORE). + */ + +isc_result_t +dns_zone_first(dns_zonemgr_t *zmgr, dns_zone_t **first); +/* + * Find the first zone in the list of managed zones. + * + * Requires: + * 'zonemgr' to be valid + * The zone manager for the indicated zone MUST be locked + * by the caller. This is not checked. + * 'first' be non-NULL, and '*first' be NULL + * + * Ensures: + * 'first' points to a valid zone (result ISC_R_SUCCESS) or to NULL + * (result ISC_R_NOMORE). + */ + +isc_result_t +dns_zone_setkeydirectory(dns_zone_t *zone, const char *directory); +/* + * Sets the name of the directory where private keys used for + * online signing of dynamic zones are found. + * + * Require: + * 'zone' to be a valid zone. + * + * Returns: + * ISC_R_NOMEMORY + * ISC_R_SUCCESS + */ + +const char * +dns_zone_getkeydirectory(dns_zone_t *zone); +/* + * Gets the name of the directory where private keys used for + * online signing of dynamic zones are found. + * + * Requires: + * 'zone' to be valid initialised zone. + * + * Returns: + * Pointer to null-terminated file name, or NULL. + */ + + +isc_result_t +dns_zonemgr_create(isc_mem_t *mctx, isc_taskmgr_t *taskmgr, + isc_timermgr_t *timermgr, isc_socketmgr_t *socketmgr, + dns_zonemgr_t **zmgrp); +/* + * Create a zone manager. + * + * Requires: + * 'mctx' to be a valid memory context. + * 'taskmgr' to be a valid task manager. + * 'timermgr' to be a valid timer manager. + * 'zmgrp' to point to a NULL pointer. + */ + +isc_result_t +dns_zonemgr_managezone(dns_zonemgr_t *zmgr, dns_zone_t *zone); +/* + * Bring the zone under control of a zone manager. + * + * Require: + * 'zmgr' to be a valid zone manager. + * 'zone' to be a valid zone. + */ + +isc_result_t +dns_zonemgr_forcemaint(dns_zonemgr_t *zmgr); +/* + * Force zone maintenance of all zones managed by 'zmgr' at its + * earliest conveniene. + */ + +void +dns_zonemgr_resumexfrs(dns_zonemgr_t *zmgr); +/* + * Attempt to start any stalled zone transfers. + */ + +void +dns_zonemgr_shutdown(dns_zonemgr_t *zmgr); +/* + * Shut down the zone manager. + * + * Requires: + * 'zmgr' to be a valid zone manager. + */ + +void +dns_zonemgr_attach(dns_zonemgr_t *source, dns_zonemgr_t **target); +/* + * Attach '*target' to 'source' incrementing its external + * reference count. + * + * Require: + * 'zone' to be a valid zone. + * 'target' to be non NULL and '*target' to be NULL. + */ + +void +dns_zonemgr_detach(dns_zonemgr_t **zmgrp); +/* + * Detach from a zone manager. + * + * Requires: + * '*zmgrp' is a valid, non-NULL zone manager pointer. + * + * Ensures: + * '*zmgrp' is NULL. + */ + +void +dns_zonemgr_releasezone(dns_zonemgr_t *zmgr, dns_zone_t *zone); +/* + * Release 'zone' from the managed by 'zmgr'. 'zmgr' is implicitly + * detached from 'zone'. + * + * Requires: + * 'zmgr' to be a valid zone manager. + * 'zone' to be a valid zone. + * 'zmgr' == 'zone->zmgr' + * + * Ensures: + * 'zone->zmgr' == NULL; + */ + +void +dns_zonemgr_settransfersin(dns_zonemgr_t *zmgr, isc_uint32_t value); +/* + * Set the maximum number of simultanious transfers in allowed by + * the zone manager. + * + * Requires: + * 'zmgr' to be a valid zone manager. + */ + +isc_uint32_t +dns_zonemgr_getttransfersin(dns_zonemgr_t *zmgr); +/* + * Return the the maximum number of simultanious transfers in allowed. + * + * Requires: + * 'zmgr' to be a valid zone manager. + */ + +void +dns_zonemgr_settransfersperns(dns_zonemgr_t *zmgr, isc_uint32_t value); +/* + * Set the number of zone transfers allowed per nameserver. + * + * Requires: + * 'zmgr' to be a valid zone manager + */ + +isc_uint32_t +dns_zonemgr_getttransfersperns(dns_zonemgr_t *zmgr); +/* + * Return the number of transfers allowed per nameserver. + * + * Requires: + * 'zmgr' to be a valid zone manager. + */ + +void +dns_zonemgr_setiolimit(dns_zonemgr_t *zmgr, isc_uint32_t iolimit); +/* + * Set the number of simultaneous file descriptors available for + * reading and writing masterfiles. + * + * Requires: + * 'zmgr' to be a valid zone manager. + * 'iolimit' to be positive. + */ + +isc_uint32_t +dns_zonemgr_getiolimit(dns_zonemgr_t *zmgr); +/* + * Get the number of simultaneous file descriptors available for + * reading and writing masterfiles. + * + * Requires: + * 'zmgr' to be a valid zone manager. + */ + +void +dns_zonemgr_setserialqueryrate(dns_zonemgr_t *zmgr, unsigned int value); +/* + * Set the number of SOA queries sent per second. + * + * Requires: + * 'zmgr' to be a valid zone manager + */ + +unsigned int +dns_zonemgr_getserialqueryrate(dns_zonemgr_t *zmgr); +/* + * Return the number of SOA queries sent per second. + * + * Requires: + * 'zmgr' to be a valid zone manager. + */ + +unsigned int +dns_zonemgr_getcount(dns_zonemgr_t *zmgr, int state); +/* + * Returns the number of zones in the specified state. + * + * Requires: + * 'zmgr' to be a valid zone manager. + * 'state' to be a valid DNS_ZONESTATE_ constant. + */ + +void +dns_zone_forcereload(dns_zone_t *zone); +/* + * Force a reload of specified zone. + * + * Requires: + * 'zone' to be a valid zone. + */ + +isc_boolean_t +dns_zone_isforced(dns_zone_t *zone); +/* + * Check if the zone is waiting a forced reload. + * + * Requires: + * 'zone' to be a valid zone. + */ + +isc_result_t +dns_zone_setstatistics(dns_zone_t *zone, isc_boolean_t on); +/* + * Make the zone keep or not keep an array of statistics + * counter. + * + * Requires: + * zone be a valid zone. + */ + +isc_uint64_t * +dns_zone_getstatscounters(dns_zone_t *zone); +/* + * Requires: + * zone be a valid zone. + * + * Returns: + * A pointer to the zone's array of statistics counters, + * or NULL if it has none. + */ + +void +dns_zone_dialup(dns_zone_t *zone); +/* + * Perform dialup-time maintenance on 'zone'. + */ + +void +dns_zone_setdialup(dns_zone_t *zone, dns_dialuptype_t dialup); +/* + * Set the dialup type of 'zone' to 'dialup'. + * + * Requires: + * 'zone' to be valid initialised zone. + * 'dialup' to be a valid dialup type. + */ + +void +dns_zone_log(dns_zone_t *zone, int level, const char *msg, ...) + ISC_FORMAT_PRINTF(3, 4); +/* + * Log the message 'msg...' at 'level', including text that identifies + * the message as applying to 'zone'. + */ + +void +dns_zone_logc(dns_zone_t *zone, isc_logcategory_t *category, int level, + const char *msg, ...) ISC_FORMAT_PRINTF(4, 5); +/* + * Log the message 'msg...' at 'level', including text that identifies + * the message as applying to 'zone'. + */ + +void +dns_zone_name(dns_zone_t *zone, char *buf, size_t len); +/* + * Return the name of the zone with class and view. + * + * Requires: + * 'zone' to be valid. + * 'buf' to be non NULL. + */ + +isc_result_t +dns_zone_checknames(dns_zone_t *zone, dns_name_t *name, dns_rdata_t *rdata); +/* + * Check if this record meets the check-names policy. + * + * Requires: + * 'zone' to be valid. + * 'name' to be valid. + * 'rdata' to be valid. + * + * Returns: + * DNS_R_SUCCESS passed checks. + * DNS_R_BADOWNERNAME failed ownername checks. + * DNS_R_BADNAME failed rdata checks. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_ZONE_H */ diff --git a/contrib/bind9/lib/dns/include/dns/zonekey.h b/contrib/bind9/lib/dns/include/dns/zonekey.h new file mode 100644 index 0000000..1ac9066 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/zonekey.h @@ -0,0 +1,40 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: zonekey.h,v 1.3.206.1 2004/03/06 08:14:01 marka Exp $ */ + +#ifndef DNS_ZONEKEY_H +#define DNS_ZONEKEY_H 1 + +#include <isc/lang.h> + +#include <dns/types.h> + +ISC_LANG_BEGINDECLS + +isc_boolean_t +dns_zonekey_iszonekey(dns_rdata_t *keyrdata); +/* + * Determines if the key record contained in the rdata is a zone key. + * + * Requires: + * 'keyrdata' is not NULL. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_ZONEKEY_H */ diff --git a/contrib/bind9/lib/dns/include/dns/zt.h b/contrib/bind9/lib/dns/include/dns/zt.h new file mode 100644 index 0000000..fb43590 --- /dev/null +++ b/contrib/bind9/lib/dns/include/dns/zt.h @@ -0,0 +1,167 @@ +/* + * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2002 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: zt.h,v 1.27.2.2.8.1 2004/03/06 08:14:01 marka Exp $ */ + +#ifndef DNS_ZT_H +#define DNS_ZT_H 1 + +#include <isc/lang.h> + +#include <dns/types.h> + +#define DNS_ZTFIND_NOEXACT 0x01 + +ISC_LANG_BEGINDECLS + +isc_result_t +dns_zt_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, dns_zt_t **zt); +/* + * Creates a new zone table. + * + * Requires: + * 'mctx' to be initialized. + * + * Returns: + * ISC_R_SUCCESS on success. + * ISC_R_NOMEMORY + */ + +isc_result_t +dns_zt_mount(dns_zt_t *zt, dns_zone_t *zone); +/* + * Mounts the zone on the zone table. + * + * Requires: + * 'zt' to be valid + * 'zone' to be valid + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_EXISTS + * ISC_R_NOSPACE + * ISC_R_NOMEMORY + */ + +isc_result_t +dns_zt_unmount(dns_zt_t *zt, dns_zone_t *zone); +/* + * Unmount the given zone from the table. + * + * Requires: + * 'zt' to be valid + * 'zone' to be valid + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOTFOUND + * ISC_R_NOMEMORY + */ + +isc_result_t +dns_zt_find(dns_zt_t *zt, dns_name_t *name, unsigned int options, + dns_name_t *foundname, dns_zone_t **zone); +/* + * Find the best match for 'name' in 'zt'. If foundname is non NULL + * then the name of the zone found is returned. + * + * Notes: + * If the DNS_ZTFIND_NOEXACT is set, the best partial match (if any) + * to 'name' will be returned. + * + * Requires: + * 'zt' to be valid + * 'name' to be valid + * 'foundname' to be initialized and associated with a fixedname or NULL + * 'zone' to be non NULL and '*zone' to be NULL + * + * Returns: + * ISC_R_SUCCESS + * DNS_R_PARTIALMATCH + * ISC_R_NOTFOUND + * ISC_R_NOSPACE + */ + +void +dns_zt_detach(dns_zt_t **ztp); +/* + * Detach the given zonetable, if the reference count goes to zero the + * zonetable will be freed. In either case 'ztp' is set to NULL. + * + * Requires: + * '*ztp' to be valid + */ + +void +dns_zt_flushanddetach(dns_zt_t **ztp); +/* + * Detach the given zonetable, if the reference count goes to zero the + * zonetable will be flushed and then freed. In either case 'ztp' is + * set to NULL. + * + * Requires: + * '*ztp' to be valid + */ + +void +dns_zt_attach(dns_zt_t *zt, dns_zt_t **ztp); +/* + * Attach 'zt' to '*ztp'. + * + * Requires: + * 'zt' to be valid + * '*ztp' to be NULL + */ + +isc_result_t +dns_zt_load(dns_zt_t *zt, isc_boolean_t stop); + +isc_result_t +dns_zt_loadnew(dns_zt_t *zt, isc_boolean_t stop); +/* + * Load all zones in the table. If 'stop' is ISC_TRUE, + * stop on the first error and return it. If 'stop' + * is ISC_FALSE, ignore errors. + * + * dns_zt_loadnew() only loads zones that are not yet loaded. + * dns_zt_load() also loads zones that are already loaded and + * and whose master file has changed since the last load. + * + * Requires: + * 'zt' to be valid + */ + +isc_result_t +dns_zt_apply(dns_zt_t *zt, isc_boolean_t stop, + isc_result_t (*action)(dns_zone_t *, void *), void *uap); +/* + * Apply a given 'action' to all zone zones in the table. + * If 'stop' is 'ISC_TRUE' then walking the zone tree will stop if + * 'action' does not return ISC_R_SUCCESS. + * + * Requires: + * 'zt' to be valid. + * 'action' to be non NULL. + * + * Returns: + * ISC_R_SUCCESS if action was applied to all nodes. + * any error code from 'action'. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_ZT_H */ |