2 * services/authzone.h - authoritative zone that is locally hosted.
4 * Copyright (c) 2017, NLnet Labs. All rights reserved.
6 * This software is open source.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * Redistributions of source code must retain the above copyright notice,
13 * this list of conditions and the following disclaimer.
15 * Redistributions in binary form must reproduce the above copyright notice,
16 * this list of conditions and the following disclaimer in the documentation
17 * and/or other materials provided with the distribution.
19 * Neither the name of the NLNET LABS nor the names of its contributors may
20 * be used to endorse or promote products derived from this software without
21 * specific prior written permission.
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39 * This file contains the functions for an authority zone. This zone
40 * is queried by the iterator, just like a stub or forward zone, but then
41 * the data is locally held.
44 #ifndef SERVICES_AUTHZONE_H
45 #define SERVICES_AUTHZONE_H
46 #include "util/rbtree.h"
47 #include "util/locks.h"
48 struct ub_packed_rrset_key;
55 * Authoritative zones, shared.
58 /** lock on the authzone tree */
60 /** rbtree of struct auth_zone */
65 * Auth zone. Authoritative data, that is fetched from instead of sending
66 * packets to the internet.
69 /** rbtree node, key is name and class */
72 /** zone name, in uncompressed wireformat */
74 /** length of zone name */
76 /** number of labels in zone name */
78 /** the class of this zone, in host byteorder.
79 * uses 'dclass' to not conflict with c++ keyword class. */
82 /** lock on the data in the structure
83 * For the node, parent, name, namelen, namelabs, dclass, you
84 * need to also hold the zones_tree lock to change them (or to
85 * delete this zone) */
88 /** auth data for this zone
89 * rbtree of struct auth_data */
92 /* zonefile name (or NULL for no zonefile) */
94 /* fallback to the internet on failure or ttl-expiry of auth zone */
99 * Auth data. One domain name, and the RRs to go with it.
102 /** rbtree node, key is name only */
106 /** length of name */
108 /** number of labels in name */
110 /** the data rrsets, with different types, linked list.
111 * if the list if NULL the node would be an empty non-terminal,
112 * but in this data structure such nodes that represent an empty
113 * non-terminal are not needed; they just don't exist.
115 struct auth_rrset* rrsets;
123 struct auth_rrset* next;
124 /** RR type in host byteorder */
126 /** RRset data item */
127 struct packed_rrset_data* data;
131 * Create auth zones structure
133 struct auth_zones* auth_zones_create(void);
136 * Apply configuration to auth zones. Reads zonefiles.
138 int auth_zones_apply_config(struct auth_zones* az, struct config_file* cfg);
141 * Delete auth zones structure
143 void auth_zones_delete(struct auth_zones* az);
146 * Write auth zone data to file, in zonefile format.
148 int auth_zone_write_file(struct auth_zone* z, const char* fname);
151 * Use auth zones to lookup the answer to a query.
152 * The query is from the iterator. And the auth zones attempts to provide
153 * the answer instead of going to the internet.
155 * @param az: auth zones structure.
156 * @param qinfo: query info to lookup.
157 * @param region: region to use to allocate the reply in.
158 * @param msg: reply is stored here (if one).
159 * @param fallback: if true, fallback to making a query to the internet.
160 * @param dp_nm: name of delegation point to look for. This zone is used
161 * to answer the query.
162 * If the dp_nm is not found, fallback is set to true and false returned.
163 * @param dp_nmlen: length of dp_nm.
164 * @return 0: failure (an error of some sort, like servfail).
165 * if 0 and fallback is true, fallback to the internet.
166 * if 0 and fallback is false, like getting servfail.
167 * If true, an answer is available.
169 int auth_zones_lookup(struct auth_zones* az, struct query_info* qinfo,
170 struct regional* region, struct dns_msg** msg, int* fallback,
171 uint8_t* dp_nm, size_t dp_nmlen);
174 * Find the auth zone that is above the given qname.
175 * Return NULL when there is no auth_zone above the give name, otherwise
176 * returns the closest auth_zone above the qname that pertains to it.
177 * @param az: auth zones structure.
178 * @param qinfo: query info to lookup.
179 * @return NULL or auth_zone that pertains to the query.
181 struct auth_zone* auth_zones_find_zone(struct auth_zones* az,
182 struct query_info* qinfo);
184 /** find an auth zone by name (exact match by name or NULL returned) */
185 struct auth_zone* auth_zone_find(struct auth_zones* az, uint8_t* nm,
186 size_t nmlen, uint16_t dclass);
188 /** create an auth zone. returns wrlocked zone. caller must have wrlock
189 * on az. returns NULL on malloc failure */
190 struct auth_zone* auth_zone_create(struct auth_zones* az, uint8_t* nm,
191 size_t nmlen, uint16_t dclass);
193 /** set auth zone zonefile string. caller must have lock on zone */
194 int auth_zone_set_zonefile(struct auth_zone* z, char* zonefile);
196 /** set auth zone fallback. caller must have lock on zone.
197 * fallbackstr is "yes" or "no". false on parse failure. */
198 int auth_zone_set_fallback(struct auth_zone* z, char* fallbackstr);
200 /** read auth zone from zonefile. caller must lock zone. false on failure */
201 int auth_zone_read_zonefile(struct auth_zone* z);
203 /** compare auth_zones for sorted rbtree */
204 int auth_zone_cmp(const void* z1, const void* z2);
206 /** compare auth_data for sorted rbtree */
207 int auth_data_cmp(const void* z1, const void* z2);
209 #endif /* SERVICES_AUTHZONE_H */