2 * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC")
3 * Copyright (C) 1999-2003 Internet Software Consortium.
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15 * PERFORMANCE OF THIS SOFTWARE.
18 /* $Id: db.h,v 1.93.50.5 2009/11/25 23:48:42 tbox Exp $ */
29 * The DNS DB interface allows named rdatasets to be stored and retrieved.
31 * The dns_db_t type is like a "virtual class". To actually use
32 * DBs, an implementation of the class is required.
37 * \li The module ensures appropriate synchronization of data structures it
38 * creates and manipulates.
41 * \li No anticipated impact.
47 * \li No anticipated impact.
58 #include <isc/magic.h>
59 #include <isc/ondestroy.h>
60 #include <isc/stdtime.h>
63 #include <dns/types.h>
71 typedef struct dns_dbmethods {
72 void (*attach)(dns_db_t *source, dns_db_t **targetp);
73 void (*detach)(dns_db_t **dbp);
74 isc_result_t (*beginload)(dns_db_t *db, dns_addrdatasetfunc_t *addp,
75 dns_dbload_t **dbloadp);
76 isc_result_t (*endload)(dns_db_t *db, dns_dbload_t **dbloadp);
77 isc_result_t (*dump)(dns_db_t *db, dns_dbversion_t *version,
79 dns_masterformat_t masterformat);
80 void (*currentversion)(dns_db_t *db,
81 dns_dbversion_t **versionp);
82 isc_result_t (*newversion)(dns_db_t *db,
83 dns_dbversion_t **versionp);
84 void (*attachversion)(dns_db_t *db, dns_dbversion_t *source,
85 dns_dbversion_t **targetp);
86 void (*closeversion)(dns_db_t *db,
87 dns_dbversion_t **versionp,
88 isc_boolean_t commit);
89 isc_result_t (*findnode)(dns_db_t *db, dns_name_t *name,
91 dns_dbnode_t **nodep);
92 isc_result_t (*find)(dns_db_t *db, dns_name_t *name,
93 dns_dbversion_t *version,
94 dns_rdatatype_t type, unsigned int options,
96 dns_dbnode_t **nodep, dns_name_t *foundname,
97 dns_rdataset_t *rdataset,
98 dns_rdataset_t *sigrdataset);
99 isc_result_t (*findzonecut)(dns_db_t *db, dns_name_t *name,
100 unsigned int options, isc_stdtime_t now,
101 dns_dbnode_t **nodep,
102 dns_name_t *foundname,
103 dns_rdataset_t *rdataset,
104 dns_rdataset_t *sigrdataset);
105 void (*attachnode)(dns_db_t *db,
106 dns_dbnode_t *source,
107 dns_dbnode_t **targetp);
108 void (*detachnode)(dns_db_t *db,
109 dns_dbnode_t **targetp);
110 isc_result_t (*expirenode)(dns_db_t *db, dns_dbnode_t *node,
112 void (*printnode)(dns_db_t *db, dns_dbnode_t *node,
114 isc_result_t (*createiterator)(dns_db_t *db, unsigned int options,
115 dns_dbiterator_t **iteratorp);
116 isc_result_t (*findrdataset)(dns_db_t *db, dns_dbnode_t *node,
117 dns_dbversion_t *version,
118 dns_rdatatype_t type,
119 dns_rdatatype_t covers,
121 dns_rdataset_t *rdataset,
122 dns_rdataset_t *sigrdataset);
123 isc_result_t (*allrdatasets)(dns_db_t *db, dns_dbnode_t *node,
124 dns_dbversion_t *version,
126 dns_rdatasetiter_t **iteratorp);
127 isc_result_t (*addrdataset)(dns_db_t *db, dns_dbnode_t *node,
128 dns_dbversion_t *version,
130 dns_rdataset_t *rdataset,
131 unsigned int options,
132 dns_rdataset_t *addedrdataset);
133 isc_result_t (*subtractrdataset)(dns_db_t *db, dns_dbnode_t *node,
134 dns_dbversion_t *version,
135 dns_rdataset_t *rdataset,
136 unsigned int options,
137 dns_rdataset_t *newrdataset);
138 isc_result_t (*deleterdataset)(dns_db_t *db, dns_dbnode_t *node,
139 dns_dbversion_t *version,
140 dns_rdatatype_t type,
141 dns_rdatatype_t covers);
142 isc_boolean_t (*issecure)(dns_db_t *db);
143 unsigned int (*nodecount)(dns_db_t *db);
144 isc_boolean_t (*ispersistent)(dns_db_t *db);
145 void (*overmem)(dns_db_t *db, isc_boolean_t overmem);
146 void (*settask)(dns_db_t *db, isc_task_t *);
147 isc_result_t (*getoriginnode)(dns_db_t *db, dns_dbnode_t **nodep);
148 void (*transfernode)(dns_db_t *db, dns_dbnode_t **sourcep,
149 dns_dbnode_t **targetp);
150 isc_result_t (*getnsec3parameters)(dns_db_t *db,
151 dns_dbversion_t *version,
154 isc_uint16_t *iterations,
157 isc_result_t (*findnsec3node)(dns_db_t *db, dns_name_t *name,
158 isc_boolean_t create,
159 dns_dbnode_t **nodep);
160 isc_result_t (*setsigningtime)(dns_db_t *db,
161 dns_rdataset_t *rdataset,
162 isc_stdtime_t resign);
163 isc_result_t (*getsigningtime)(dns_db_t *db,
164 dns_rdataset_t *rdataset,
166 void (*resigned)(dns_db_t *db, dns_rdataset_t *rdataset,
167 dns_dbversion_t *version);
168 isc_boolean_t (*isdnssec)(dns_db_t *db);
169 dns_stats_t *(*getrrsetstats)(dns_db_t *db);
173 (*dns_dbcreatefunc_t)(isc_mem_t *mctx, dns_name_t *name,
174 dns_dbtype_t type, dns_rdataclass_t rdclass,
175 unsigned int argc, char *argv[], void *driverarg,
178 #define DNS_DB_MAGIC ISC_MAGIC('D','N','S','D')
179 #define DNS_DB_VALID(db) ISC_MAGIC_VALID(db, DNS_DB_MAGIC)
182 * This structure is actually just the common prefix of a DNS db
183 * implementation's version of a dns_db_t.
185 * Direct use of this structure by clients is forbidden. DB implementations
186 * may change the structure. 'magic' must be DNS_DB_MAGIC for any of the
187 * dns_db_ routines to work. DB implementations must maintain all DB
192 unsigned int impmagic;
193 dns_dbmethods_t * methods;
194 isc_uint16_t attributes;
195 dns_rdataclass_t rdclass;
197 isc_ondestroy_t ondest;
201 #define DNS_DBATTR_CACHE 0x01
202 #define DNS_DBATTR_STUB 0x02
206 * Options that can be specified for dns_db_find().
208 #define DNS_DBFIND_GLUEOK 0x0001
209 #define DNS_DBFIND_VALIDATEGLUE 0x0002
210 #define DNS_DBFIND_NOWILD 0x0004
211 #define DNS_DBFIND_PENDINGOK 0x0008
212 #define DNS_DBFIND_NOEXACT 0x0010
213 #define DNS_DBFIND_FORCENSEC 0x0020
214 #define DNS_DBFIND_COVERINGNSEC 0x0040
215 #define DNS_DBFIND_FORCENSEC3 0x0080
216 #define DNS_DBFIND_ADDITIONALOK 0x0100
221 * Options that can be specified for dns_db_addrdataset().
223 #define DNS_DBADD_MERGE 0x01
224 #define DNS_DBADD_FORCE 0x02
225 #define DNS_DBADD_EXACT 0x04
226 #define DNS_DBADD_EXACTTTL 0x08
230 * Options that can be specified for dns_db_subtractrdataset().
232 #define DNS_DBSUB_EXACT 0x01
238 #define DNS_DB_RELATIVENAMES 0x1
239 #define DNS_DB_NSEC3ONLY 0x2
240 #define DNS_DB_NONSEC3 0x4
252 dns_db_create(isc_mem_t *mctx, const char *db_type, dns_name_t *origin,
253 dns_dbtype_t type, dns_rdataclass_t rdclass,
254 unsigned int argc, char *argv[], dns_db_t **dbp);
256 * Create a new database using implementation 'db_type'.
259 * \li All names in the database must be subdomains of 'origin' and in class
260 * 'rdclass'. The database makes its own copy of the origin, so the
261 * caller may do whatever they like with 'origin' and its storage once the
264 * \li DB implementation-specific parameters are passed using argc and argv.
268 * \li dbp != NULL and *dbp == NULL
270 * \li 'origin' is a valid absolute domain name.
272 * \li mctx is a valid memory context
276 * \li A copy of 'origin' has been made for the databases use, and the
277 * caller is free to do whatever they want with the name and storage
278 * associated with 'origin'.
283 * \li #ISC_R_NOMEMORY
284 * \li #ISC_R_NOTFOUND db_type not found
286 * \li Many other errors are possible, depending on what db_type was
291 dns_db_attach(dns_db_t *source, dns_db_t **targetp);
293 * Attach *targetp to source.
297 * \li 'source' is a valid database.
299 * \li 'targetp' points to a NULL dns_db_t *.
303 * \li *targetp is attached to source.
307 dns_db_detach(dns_db_t **dbp);
309 * Detach *dbp from its database.
313 * \li 'dbp' points to a valid database.
319 * \li If '*dbp' is the last reference to the database,
320 * all resources used by the database will be freed
324 dns_db_ondestroy(dns_db_t *db, isc_task_t *task, isc_event_t **eventp);
326 * Causes 'eventp' to be sent to be sent to 'task' when the database is
329 * Note; ownership of the eventp is taken from the caller (and *eventp is
330 * set to NULL). The sender field of the event is set to 'db' before it is
335 dns_db_iscache(dns_db_t *db);
337 * Does 'db' have cache semantics?
341 * \li 'db' is a valid database.
344 * \li #ISC_TRUE 'db' has cache semantics
345 * \li #ISC_FALSE otherwise
349 dns_db_iszone(dns_db_t *db);
351 * Does 'db' have zone semantics?
355 * \li 'db' is a valid database.
358 * \li #ISC_TRUE 'db' has zone semantics
359 * \li #ISC_FALSE otherwise
363 dns_db_isstub(dns_db_t *db);
365 * Does 'db' have stub semantics?
369 * \li 'db' is a valid database.
372 * \li #ISC_TRUE 'db' has zone semantics
373 * \li #ISC_FALSE otherwise
377 dns_db_issecure(dns_db_t *db);
383 * \li 'db' is a valid database with zone semantics.
386 * \li #ISC_TRUE 'db' is secure.
387 * \li #ISC_FALSE 'db' is not secure.
391 dns_db_isdnssec(dns_db_t *db);
393 * Is 'db' secure or partially secure?
397 * \li 'db' is a valid database with zone semantics.
400 * \li #ISC_TRUE 'db' is secure or is partially.
401 * \li #ISC_FALSE 'db' is not secure.
405 dns_db_origin(dns_db_t *db);
407 * The origin of the database.
409 * Note: caller must not try to change this name.
413 * \li 'db' is a valid database.
417 * \li The origin of the database.
421 dns_db_class(dns_db_t *db);
423 * The class of the database.
427 * \li 'db' is a valid database.
431 * \li The class of the database.
435 dns_db_beginload(dns_db_t *db, dns_addrdatasetfunc_t *addp,
436 dns_dbload_t **dbloadp);
438 * Begin loading 'db'.
442 * \li 'db' is a valid database.
444 * \li This is the first attempt to load 'db'.
446 * \li addp != NULL && *addp == NULL
448 * \li dbloadp != NULL && *dbloadp == NULL
452 * \li On success, *addp will be a valid dns_addrdatasetfunc_t suitable
453 * for loading 'db'. *dbloadp will be a valid DB load context which
454 * should be used as 'arg' when *addp is called.
459 * \li #ISC_R_NOMEMORY
461 * \li Other results are possible, depending upon the database
462 * implementation used, syntax errors in the master file, etc.
466 dns_db_endload(dns_db_t *db, dns_dbload_t **dbloadp);
468 * Finish loading 'db'.
472 * \li 'db' is a valid database that is being loaded.
474 * \li dbloadp != NULL and *dbloadp is a valid database load context.
478 * \li *dbloadp == NULL
483 * \li #ISC_R_NOMEMORY
485 * \li Other results are possible, depending upon the database
486 * implementation used, syntax errors in the master file, etc.
490 dns_db_load(dns_db_t *db, const char *filename);
493 dns_db_load2(dns_db_t *db, const char *filename, dns_masterformat_t format);
495 * Load master file 'filename' into 'db'.
498 * \li This routine is equivalent to calling
501 * dns_db_beginload();
502 * dns_master_loadfile();
508 * \li 'db' is a valid database.
510 * \li This is the first attempt to load 'db'.
515 * \li #ISC_R_NOMEMORY
517 * \li Other results are possible, depending upon the database
518 * implementation used, syntax errors in the master file, etc.
522 dns_db_dump(dns_db_t *db, dns_dbversion_t *version, const char *filename);
525 dns_db_dump2(dns_db_t *db, dns_dbversion_t *version, const char *filename,
526 dns_masterformat_t masterformat);
528 * Dump version 'version' of 'db' to master file 'filename'.
532 * \li 'db' is a valid database.
534 * \li 'version' is a valid version.
539 * \li #ISC_R_NOMEMORY
541 * \li Other results are possible, depending upon the database
542 * implementation used, OS file errors, etc.
550 dns_db_currentversion(dns_db_t *db, dns_dbversion_t **versionp);
552 * Open the current version for reading.
556 * \li 'db' is a valid database with zone semantics.
558 * \li versionp != NULL && *verisonp == NULL
562 * \li On success, '*versionp' is attached to the current version.
567 dns_db_newversion(dns_db_t *db, dns_dbversion_t **versionp);
569 * Open a new version for reading and writing.
573 * \li 'db' is a valid database with zone semantics.
575 * \li versionp != NULL && *verisonp == NULL
579 * \li On success, '*versionp' is attached to the current version.
584 * \li #ISC_R_NOMEMORY
586 * \li Other results are possible, depending upon the database
587 * implementation used.
591 dns_db_attachversion(dns_db_t *db, dns_dbversion_t *source,
592 dns_dbversion_t **targetp);
594 * Attach '*targetp' to 'source'.
598 * \li 'db' is a valid database with zone semantics.
600 * \li source is a valid open version
602 * \li targetp != NULL && *targetp == NULL
606 * \li '*targetp' is attached to source.
610 dns_db_closeversion(dns_db_t *db, dns_dbversion_t **versionp,
611 isc_boolean_t commit);
613 * Close version '*versionp'.
615 * Note: if '*versionp' is a read-write version and 'commit' is ISC_TRUE,
616 * then all changes made in the version will take effect, otherwise they
617 * will be rolled back. The value if 'commit' is ignored for read-only
622 * \li 'db' is a valid database with zone semantics.
624 * \li '*versionp' refers to a valid version.
626 * \li If committing a writable version, then there must be no other
627 * outstanding references to the version (e.g. an active rdataset
632 * \li *versionp == NULL
634 * \li If *versionp is a read-write version, and commit is ISC_TRUE, then
635 * the version will become the current version. If !commit, then all
636 * changes made in the version will be undone, and the version will
637 * not become the current version.
645 dns_db_findnode(dns_db_t *db, dns_name_t *name, isc_boolean_t create,
646 dns_dbnode_t **nodep);
648 * Find the node with name 'name'.
651 * \li If 'create' is ISC_TRUE and no node with name 'name' exists, then
652 * such a node will be created.
654 * \li This routine is for finding or creating a node with the specified
655 * name. There are no partial matches. It is not suitable for use
656 * in building responses to ordinary DNS queries; clients which wish
657 * to do that should use dns_db_find() instead.
661 * \li 'db' is a valid database.
663 * \li 'name' is a valid, non-empty, absolute name.
665 * \li nodep != NULL && *nodep == NULL
669 * \li On success, *nodep is attached to the node with name 'name'.
674 * \li #ISC_R_NOTFOUND If !create and name not found.
675 * \li #ISC_R_NOMEMORY Can only happen if create is ISC_TRUE.
677 * \li Other results are possible, depending upon the database
678 * implementation used.
682 dns_db_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version,
683 dns_rdatatype_t type, unsigned int options, isc_stdtime_t now,
684 dns_dbnode_t **nodep, dns_name_t *foundname,
685 dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset);
687 * Find the best match for 'name' and 'type' in version 'version' of 'db'.
691 * \li If type == dns_rdataset_any, then rdataset will not be bound.
693 * \li If 'options' does not have #DNS_DBFIND_GLUEOK set, then no glue will
694 * be returned. For zone databases, glue is as defined in RFC2181.
695 * For cache databases, glue is any rdataset with a trust of
698 * \li If 'options' does not have #DNS_DBFIND_ADDITIONALOK set, then no
699 * additional records will be returned. Only caches can have
700 * rdataset with trust dns_trust_additional.
702 * \li If 'options' does not have #DNS_DBFIND_PENDINGOK set, then no
703 * pending data will be returned. This option is only meaningful for
706 * \li If the #DNS_DBFIND_NOWILD option is set, then wildcard matching will
707 * be disabled. This option is only meaningful for zone databases.
709 * \li If the #DNS_DBFIND_FORCENSEC option is set, the database is assumed to
710 * have NSEC records, and these will be returned when appropriate. This
711 * is only necessary when querying a database that was not secure
714 * \li If the DNS_DBFIND_COVERINGNSEC option is set, then look for a
715 * NSEC record that potentially covers 'name' if a answer cannot
716 * be found. Note the returned NSEC needs to be checked to ensure
717 * that it is correct. This only affects answers returned from the
720 * \li To respond to a query for SIG records, the caller should create a
721 * rdataset iterator and extract the signatures from each rdataset.
723 * \li Making queries of type ANY with #DNS_DBFIND_GLUEOK is not recommended,
724 * because the burden of determining whether a given rdataset is valid
725 * glue or not falls upon the caller.
727 * \li The 'now' field is ignored if 'db' is a zone database. If 'db' is a
728 * cache database, an rdataset will not be found unless it expires after
729 * 'now'. Any ANY query will not match unless at least one rdataset at
730 * the node expires after 'now'. If 'now' is zero, then the current time
735 * \li 'db' is a valid database.
737 * \li 'type' is not SIG, or a meta-RR type other than 'ANY' (e.g. 'OPT').
739 * \li 'nodep' is NULL, or nodep is a valid pointer and *nodep == NULL.
741 * \li 'foundname' is a valid name with a dedicated buffer.
743 * \li 'rdataset' is NULL, or is a valid unassociated rdataset.
746 * on a non-error completion:
748 * \li If nodep != NULL, then it is bound to the found node.
750 * \li If foundname != NULL, then it contains the full name of the
753 * \li If rdataset != NULL and type != dns_rdatatype_any, then
754 * rdataset is bound to the found rdataset.
756 * Non-error results are:
758 * \li #ISC_R_SUCCESS The desired node and type were
761 * \li #DNS_R_WILDCARD The desired node and type were
762 * found after performing
763 * wildcard matching. This is
764 * only returned if the
765 * #DNS_DBFIND_INDICATEWILD
766 * option is set; otherwise
767 * #ISC_R_SUCCESS is returned.
769 * \li #DNS_R_GLUE The desired node and type were
770 * found, but are glue. This
771 * result can only occur if
772 * the DNS_DBFIND_GLUEOK option
773 * is set. This result can only
774 * occur if 'db' is a zone
775 * database. If type ==
776 * dns_rdatatype_any, then the
777 * node returned may contain, or
778 * consist entirely of invalid
779 * glue (i.e. data occluded by a
780 * zone cut). The caller must
781 * take care not to return invalid
784 * \li #DNS_R_DELEGATION The data requested is beneath
785 * a zone cut. node, foundname,
786 * and rdataset reference the
787 * NS RRset of the zone cut.
788 * If 'db' is a cache database,
789 * then this is the deepest known
792 * \li #DNS_R_ZONECUT type == dns_rdatatype_any, and
793 * the desired node is a zonecut.
794 * The caller must take care not
795 * to return inappropriate glue
796 * to a client. This result can
797 * only occur if 'db' is a zone
798 * database and DNS_DBFIND_GLUEOK
801 * \li #DNS_R_DNAME The data requested is beneath
802 * a DNAME. node, foundname,
803 * and rdataset reference the
806 * \li #DNS_R_CNAME The rdataset requested was not
807 * found, but there is a CNAME
808 * at the desired name. node,
809 * foundname, and rdataset
810 * reference the CNAME RRset.
812 * \li #DNS_R_NXDOMAIN The desired name does not
815 * \li #DNS_R_NXRRSET The desired name exists, but
816 * the desired type does not.
818 * \li #ISC_R_NOTFOUND The desired name does not
819 * exist, and no delegation could
820 * be found. This result can only
821 * occur if 'db' is a cache
822 * database. The caller should
823 * use its nameserver(s) of last
824 * resort (e.g. root hints).
826 * \li #DNS_R_NCACHENXDOMAIN The desired name does not
827 * exist. 'node' is bound to the
828 * cache node with the desired
829 * name, and 'rdataset' contains
830 * the negative caching proof.
832 * \li #DNS_R_NCACHENXRRSET The desired type does not
833 * exist. 'node' is bound to the
834 * cache node with the desired
835 * name, and 'rdataset' contains
836 * the negative caching proof.
838 * \li #DNS_R_EMPTYNAME The name exists but there is
839 * no data at the name.
841 * \li #DNS_R_COVERINGNSEC The returned data is a NSEC
842 * that potentially covers 'name'.
846 * \li #ISC_R_NOMEMORY
848 * \li #DNS_R_BADDB Data that is required to be
849 * present in the DB, e.g. an NSEC
850 * record in a secure zone, is not
853 * \li Other results are possible, and should all be treated as
858 dns_db_findzonecut(dns_db_t *db, dns_name_t *name,
859 unsigned int options, isc_stdtime_t now,
860 dns_dbnode_t **nodep, dns_name_t *foundname,
861 dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset);
863 * Find the deepest known zonecut which encloses 'name' in 'db'.
867 * \li If the #DNS_DBFIND_NOEXACT option is set, then the zonecut returned
868 * (if any) will be the deepest known ancestor of 'name'.
870 * \li If 'now' is zero, then the current time will be used.
874 * \li 'db' is a valid database with cache semantics.
876 * \li 'nodep' is NULL, or nodep is a valid pointer and *nodep == NULL.
878 * \li 'foundname' is a valid name with a dedicated buffer.
880 * \li 'rdataset' is NULL, or is a valid unassociated rdataset.
882 * Ensures, on a non-error completion:
884 * \li If nodep != NULL, then it is bound to the found node.
886 * \li If foundname != NULL, then it contains the full name of the
889 * \li If rdataset != NULL and type != dns_rdatatype_any, then
890 * rdataset is bound to the found rdataset.
892 * Non-error results are:
896 * \li #ISC_R_NOTFOUND
898 * \li Other results are possible, and should all be treated as
903 dns_db_attachnode(dns_db_t *db, dns_dbnode_t *source, dns_dbnode_t **targetp);
905 * Attach *targetp to source.
909 * \li 'db' is a valid database.
911 * \li 'source' is a valid node.
913 * \li 'targetp' points to a NULL dns_dbnode_t *.
917 * \li *targetp is attached to source.
921 dns_db_detachnode(dns_db_t *db, dns_dbnode_t **nodep);
923 * Detach *nodep from its node.
927 * \li 'db' is a valid database.
929 * \li 'nodep' points to a valid node.
933 * \li *nodep is NULL.
937 dns_db_transfernode(dns_db_t *db, dns_dbnode_t **sourcep,
938 dns_dbnode_t **targetp);
940 * Transfer a node between pointer.
942 * This is equivalent to calling dns_db_attachnode() then dns_db_detachnode().
946 * \li 'db' is a valid database.
948 * \li '*sourcep' is a valid node.
950 * \li 'targetp' points to a NULL dns_dbnode_t *.
954 * \li '*sourcep' is NULL.
958 dns_db_expirenode(dns_db_t *db, dns_dbnode_t *node, isc_stdtime_t now);
960 * Mark as stale all records at 'node' which expire at or before 'now'.
962 * Note: if 'now' is zero, then the current time will be used.
966 * \li 'db' is a valid cache database.
968 * \li 'node' is a valid node.
972 dns_db_printnode(dns_db_t *db, dns_dbnode_t *node, FILE *out);
974 * Print a textual representation of the contents of the node to
977 * Note: this function is intended for debugging, not general use.
981 * \li 'db' is a valid database.
983 * \li 'node' is a valid node.
987 *** DB Iterator Creation
991 dns_db_createiterator(dns_db_t *db, unsigned int options,
992 dns_dbiterator_t **iteratorp);
994 * Create an iterator for version 'version' of 'db'.
998 * \li One or more of the following options can be set.
999 * #DNS_DB_RELATIVENAMES
1005 * \li 'db' is a valid database.
1007 * \li iteratorp != NULL && *iteratorp == NULL
1011 * \li On success, *iteratorp will be a valid database iterator.
1015 * \li #ISC_R_SUCCESS
1016 * \li #ISC_R_NOMEMORY
1020 *** Rdataset Methods
1024 * XXXRTH Should we check for glue and pending data in dns_db_findrdataset()?
1028 dns_db_findrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version,
1029 dns_rdatatype_t type, dns_rdatatype_t covers,
1030 isc_stdtime_t now, dns_rdataset_t *rdataset,
1031 dns_rdataset_t *sigrdataset);
1033 * Search for an rdataset of type 'type' at 'node' that are in version
1034 * 'version' of 'db'. If found, make 'rdataset' refer to it.
1038 * \li If 'version' is NULL, then the current version will be used.
1040 * \li Care must be used when using this routine to build a DNS response:
1041 * 'node' should have been found with dns_db_find(), not
1042 * dns_db_findnode(). No glue checking is done. No checking for
1043 * pending data is done.
1045 * \li The 'now' field is ignored if 'db' is a zone database. If 'db' is a
1046 * cache database, an rdataset will not be found unless it expires after
1047 * 'now'. If 'now' is zero, then the current time will be used.
1051 * \li 'db' is a valid database.
1053 * \li 'node' is a valid node.
1055 * \li 'rdataset' is a valid, disassociated rdataset.
1057 * \li 'sigrdataset' is a valid, disassociated rdataset, or it is NULL.
1059 * \li If 'covers' != 0, 'type' must be SIG.
1061 * \li 'type' is not a meta-RR type such as 'ANY' or 'OPT'.
1065 * \li On success, 'rdataset' is associated with the found rdataset.
1069 * \li #ISC_R_SUCCESS
1070 * \li #ISC_R_NOTFOUND
1072 * \li Other results are possible, depending upon the database
1073 * implementation used.
1077 dns_db_allrdatasets(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version,
1078 isc_stdtime_t now, dns_rdatasetiter_t **iteratorp);
1080 * Make '*iteratorp' an rdataset iterator for all rdatasets at 'node' in
1081 * version 'version' of 'db'.
1085 * \li If 'version' is NULL, then the current version will be used.
1087 * \li The 'now' field is ignored if 'db' is a zone database. If 'db' is a
1088 * cache database, an rdataset will not be found unless it expires after
1089 * 'now'. Any ANY query will not match unless at least one rdataset at
1090 * the node expires after 'now'. If 'now' is zero, then the current time
1095 * \li 'db' is a valid database.
1097 * \li 'node' is a valid node.
1099 * \li iteratorp != NULL && *iteratorp == NULL
1103 * \li On success, '*iteratorp' is a valid rdataset iterator.
1107 * \li #ISC_R_SUCCESS
1108 * \li #ISC_R_NOTFOUND
1110 * \li Other results are possible, depending upon the database
1111 * implementation used.
1115 dns_db_addrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version,
1116 isc_stdtime_t now, dns_rdataset_t *rdataset,
1117 unsigned int options, dns_rdataset_t *addedrdataset);
1119 * Add 'rdataset' to 'node' in version 'version' of 'db'.
1123 * \li If the database has zone semantics, the #DNS_DBADD_MERGE option is set,
1124 * and an rdataset of the same type as 'rdataset' already exists at
1125 * 'node' then the contents of 'rdataset' will be merged with the existing
1126 * rdataset. If the option is not set, then rdataset will replace any
1127 * existing rdataset of the same type. If not merging and the
1128 * #DNS_DBADD_FORCE option is set, then the data will update the database
1129 * without regard to trust levels. If not forcing the data, then the
1130 * rdataset will only be added if its trust level is >= the trust level of
1131 * any existing rdataset. Forcing is only meaningful for cache databases.
1132 * If #DNS_DBADD_EXACT is set then there must be no rdata in common between
1133 * the old and new rdata sets. If #DNS_DBADD_EXACTTTL is set then both
1134 * the old and new rdata sets must have the same ttl.
1136 * \li The 'now' field is ignored if 'db' is a zone database. If 'db' is
1137 * a cache database, then the added rdataset will expire no later than
1138 * now + rdataset->ttl.
1140 * \li If 'addedrdataset' is not NULL, then it will be attached to the
1141 * resulting new rdataset in the database, or to the existing data if
1142 * the existing data was better.
1146 * \li 'db' is a valid database.
1148 * \li 'node' is a valid node.
1150 * \li 'rdataset' is a valid, associated rdataset with the same class
1153 * \li 'addedrdataset' is NULL, or a valid, unassociated rdataset.
1155 * \li The database has zone semantics and 'version' is a valid
1156 * read-write version, or the database has cache semantics
1157 * and version is NULL.
1159 * \li If the database has cache semantics, the #DNS_DBADD_MERGE option must
1164 * \li #ISC_R_SUCCESS
1165 * \li #DNS_R_UNCHANGED The operation did not change anything.
1166 * \li #ISC_R_NOMEMORY
1167 * \li #DNS_R_NOTEXACT
1169 * \li Other results are possible, depending upon the database
1170 * implementation used.
1174 dns_db_subtractrdataset(dns_db_t *db, dns_dbnode_t *node,
1175 dns_dbversion_t *version, dns_rdataset_t *rdataset,
1176 unsigned int options, dns_rdataset_t *newrdataset);
1178 * Remove any rdata in 'rdataset' from 'node' in version 'version' of
1183 * \li If 'newrdataset' is not NULL, then it will be attached to the
1184 * resulting new rdataset in the database, unless the rdataset has
1185 * become nonexistent. If DNS_DBSUB_EXACT is set then all elements
1186 * of 'rdataset' must exist at 'node'.
1190 * \li 'db' is a valid database.
1192 * \li 'node' is a valid node.
1194 * \li 'rdataset' is a valid, associated rdataset with the same class
1197 * \li 'newrdataset' is NULL, or a valid, unassociated rdataset.
1199 * \li The database has zone semantics and 'version' is a valid
1200 * read-write version.
1204 * \li #ISC_R_SUCCESS
1205 * \li #DNS_R_UNCHANGED The operation did not change anything.
1206 * \li #DNS_R_NXRRSET All rdata of the same type as those
1207 * in 'rdataset' have been deleted.
1208 * \li #DNS_R_NOTEXACT Some part of 'rdataset' did not
1209 * exist and DNS_DBSUB_EXACT was set.
1211 * \li Other results are possible, depending upon the database
1212 * implementation used.
1216 dns_db_deleterdataset(dns_db_t *db, dns_dbnode_t *node,
1217 dns_dbversion_t *version, dns_rdatatype_t type,
1218 dns_rdatatype_t covers);
1220 * Make it so that no rdataset of type 'type' exists at 'node' in version
1221 * version 'version' of 'db'.
1225 * \li If 'type' is dns_rdatatype_any, then no rdatasets will exist in
1226 * 'version' (provided that the dns_db_deleterdataset() isn't followed
1227 * by one or more dns_db_addrdataset() calls).
1231 * \li 'db' is a valid database.
1233 * \li 'node' is a valid node.
1235 * \li The database has zone semantics and 'version' is a valid
1236 * read-write version, or the database has cache semantics
1237 * and version is NULL.
1239 * \li 'type' is not a meta-RR type, except for dns_rdatatype_any, which is
1242 * \li If 'covers' != 0, 'type' must be SIG.
1246 * \li #ISC_R_SUCCESS
1247 * \li #DNS_R_UNCHANGED No rdatasets of 'type' existed before
1248 * the operation was attempted.
1250 * \li Other results are possible, depending upon the database
1251 * implementation used.
1255 dns_db_getsoaserial(dns_db_t *db, dns_dbversion_t *ver, isc_uint32_t *serialp);
1257 * Get the current SOA serial number from a zone database.
1260 * \li 'db' is a valid database with zone semantics.
1261 * \li 'ver' is a valid version.
1265 dns_db_overmem(dns_db_t *db, isc_boolean_t overmem);
1267 * Enable / disable aggressive cache cleaning.
1271 dns_db_nodecount(dns_db_t *db);
1273 * Count the number of nodes in 'db'.
1277 * \li 'db' is a valid database.
1280 * \li The number of nodes in the database
1284 dns_db_settask(dns_db_t *db, isc_task_t *task);
1286 * If task is set then the final detach maybe performed asynchronously.
1289 * \li 'db' is a valid database.
1290 * \li 'task' to be valid or NULL.
1294 dns_db_ispersistent(dns_db_t *db);
1296 * Is 'db' persistent? A persistent database does not need to be loaded
1297 * from disk or written to disk.
1301 * \li 'db' is a valid database.
1304 * \li #ISC_TRUE 'db' is persistent.
1305 * \li #ISC_FALSE 'db' is not persistent.
1309 dns_db_register(const char *name, dns_dbcreatefunc_t create, void *driverarg,
1310 isc_mem_t *mctx, dns_dbimplementation_t **dbimp);
1313 * Register a new database implementation and add it to the list of
1314 * supported implementations.
1318 * \li 'name' is not NULL
1319 * \li 'order' is a valid function pointer
1320 * \li 'mctx' is a valid memory context
1321 * \li dbimp != NULL && *dbimp == NULL
1324 * \li #ISC_R_SUCCESS The registration succeeded
1325 * \li #ISC_R_NOMEMORY Out of memory
1326 * \li #ISC_R_EXISTS A database implementation with the same name exists
1330 * \li *dbimp points to an opaque structure which must be passed to
1331 * dns_db_unregister().
1335 dns_db_unregister(dns_dbimplementation_t **dbimp);
1337 * Remove a database implementation from the list of supported
1338 * implementations. No databases of this type can be active when this
1342 * \li dbimp != NULL && *dbimp == NULL
1346 * \li Any memory allocated in *dbimp will be freed.
1350 dns_db_getoriginnode(dns_db_t *db, dns_dbnode_t **nodep);
1352 * Get the origin DB node corresponding to the DB's zone. This function
1353 * should typically succeed unless the underlying DB implementation doesn't
1354 * support the feature.
1358 * \li 'db' is a valid zone database.
1359 * \li 'nodep' != NULL && '*nodep' == NULL
1362 * \li On success, '*nodep' will point to the DB node of the zone's origin.
1365 * \li #ISC_R_SUCCESS
1366 * \li #ISC_R_NOTFOUND - the DB implementation does not support this feature.
1370 dns_db_getnsec3parameters(dns_db_t *db, dns_dbversion_t *version,
1371 dns_hash_t *hash, isc_uint8_t *flags,
1372 isc_uint16_t *interations,
1373 unsigned char *salt, size_t *salt_length);
1375 * Get the NSEC3 parameters that are associated with this zone.
1378 * \li 'db' is a valid zone database.
1381 * \li #ISC_R_SUCCESS
1382 * \li #ISC_R_NOTFOUND - the DB implementation does not support this feature
1383 * or this zone does not have NSEC3 records.
1387 dns_db_findnsec3node(dns_db_t *db, dns_name_t *name,
1388 isc_boolean_t create, dns_dbnode_t **nodep);
1390 * Find the NSEC3 node with name 'name'.
1393 * \li If 'create' is ISC_TRUE and no node with name 'name' exists, then
1394 * such a node will be created.
1398 * \li 'db' is a valid database.
1400 * \li 'name' is a valid, non-empty, absolute name.
1402 * \li nodep != NULL && *nodep == NULL
1406 * \li On success, *nodep is attached to the node with name 'name'.
1410 * \li #ISC_R_SUCCESS
1411 * \li #ISC_R_NOTFOUND If !create and name not found.
1412 * \li #ISC_R_NOMEMORY Can only happen if create is ISC_TRUE.
1414 * \li Other results are possible, depending upon the database
1415 * implementation used.
1419 dns_db_setsigningtime(dns_db_t *db, dns_rdataset_t *rdataset,
1420 isc_stdtime_t resign);
1422 * Sets the re-signing time associated with 'rdataset' to 'resign'.
1425 * \li 'db' is a valid zone database.
1426 * \li 'rdataset' to be associated with 'db'.
1429 * \li #ISC_R_SUCCESS
1430 * \li #ISC_R_NOMEMORY
1431 * \li #ISC_R_NOTIMPLEMENTED - Not supported by this DB implementation.
1435 dns_db_getsigningtime(dns_db_t *db, dns_rdataset_t *rdataset, dns_name_t *name);
1437 * Return the rdataset with the earliest signing time in the zone.
1438 * Note: the rdataset is version agnostic.
1441 * \li 'db' is a valid zone database.
1442 * \li 'rdataset' to be initialized but not associated.
1443 * \li 'name' to be NULL or have a buffer associated with it.
1446 * \li #ISC_R_SUCCESS
1447 * \li #ISC_R_NOTFOUND - No dataset exists.
1451 dns_db_resigned(dns_db_t *db, dns_rdataset_t *rdataset,
1452 dns_dbversion_t *version);
1454 * Mark 'rdataset' as not being available to be returned by
1455 * dns_db_getsigningtime(). If the changes associated with 'version'
1456 * are committed this will be permanent. If the version is not committed
1457 * this change will be rolled back when the version is closed.
1460 * \li 'db' is a valid zone database.
1461 * \li 'rdataset' to be associated with 'db'.
1462 * \li 'version' to be open for writing.
1466 dns_db_getrrsetstats(dns_db_t *db);
1468 * Get statistics information counting RRsets stored in the DB, when available.
1469 * The statistics may not be available depending on the DB implementation.
1473 * \li 'db' is a valid database (zone or cache).
1476 * \li when available, a pointer to a statistics object created by
1477 * dns_rdatasetstats_create(); otherwise NULL.
1482 #endif /* DNS_DB_H */