1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
|
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* SPDX-License-Identifier: MPL-2.0 AND ISC
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
/*
* Copyright (C) 2002 Stichting NLnet, Netherlands, stichting@nlnet.nl.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the
* above copyright notice and this permission notice appear in all
* copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND STICHTING NLNET
* DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
* STICHTING NLNET BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR
* CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS
* OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE
* USE OR PERFORMANCE OF THIS SOFTWARE.
*
* The development of Dynamically Loadable Zones (DLZ) for Bind 9 was
* conceived and contributed by Rob Butler.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the
* above copyright notice and this permission notice appear in all
* copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ROB BUTLER
* DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
* ROB BUTLER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR
* CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS
* OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE
* USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/*! \file dns/dlz.h */
#pragma once
/*****
***** Module Info
*****/
/*
* DLZ Interface
*
* The DLZ interface allows zones to be looked up using a driver instead of
* Bind's default in memory zone table.
*
*
* Reliability:
* No anticipated impact.
*
* Resources:
*
* Security:
* No anticipated impact.
*
* Standards:
* None.
*/
/*****
***** Imports
*****/
#include <stdbool.h>
#include <isc/lang.h>
#include <dns/clientinfo.h>
#include <dns/name.h>
#include <dns/types.h>
#include <dns/view.h>
#include <dst/dst.h>
ISC_LANG_BEGINDECLS
/***
*** Types
***/
#define DNS_DLZ_MAGIC ISC_MAGIC('D', 'L', 'Z', 'D')
#define DNS_DLZ_VALID(dlz) ISC_MAGIC_VALID(dlz, DNS_DLZ_MAGIC)
typedef isc_result_t (*dns_dlzallowzonexfr_t)(void *driverarg, void *dbdata,
isc_mem_t *mctx,
dns_rdataclass_t rdclass,
const dns_name_t *name,
const isc_sockaddr_t *clientaddr,
dns_db_t **dbp);
/*%<
* Method prototype. Drivers implementing the DLZ interface MUST
* supply an allow zone transfer method. This method is called when
* the DNS server is performing a zone transfer query. The driver's
* method should return ISC_R_SUCCESS and a database pointer to the
* name server if the zone is supported by the database, and zone
* transfer is allowed. If the view's transfer acl should be used,
* then the driver's method should return ISC_R_DEFAULT. Otherwise,
* it should return ISC_R_NOTFOUND if the zone is not supported by
* the database, or ISC_R_NOPERM if zone transfers are not allowed.
* If an error occurs, the result code should indicate the type of error.
*/
typedef isc_result_t (*dns_dlzcreate_t)(isc_mem_t *mctx, const char *dlzname,
unsigned int argc, char *argv[],
void *driverarg, void **dbdata);
/*%<
* Method prototype. Drivers implementing the DLZ interface MUST
* supply a create method. This method is called when the DNS server
* is starting up and creating drivers for use later.
*/
typedef void (*dns_dlzdestroy_t)(void *driverarg, void **dbdata);
/*%<
* Method prototype. Drivers implementing the DLZ interface MUST
* supply a destroy method. This method is called when the DNS server
* is shutting down and no longer needs the driver.
*/
typedef isc_result_t (*dns_dlzfindzone_t)(void *driverarg, void *dbdata,
isc_mem_t *mctx,
dns_rdataclass_t rdclass,
const dns_name_t *name,
dns_clientinfomethods_t *methods,
dns_clientinfo_t *clientinfo,
dns_db_t **dbp);
/*%<
* Method prototype. Drivers implementing the DLZ interface MUST
* supply a find zone method. This method is called when the DNS
* server is performing a query. The find zone method will be called
* with the longest possible name first, and continue to be called
* with successively shorter domain names, until any of the following
* occur:
*
* \li 1) a match is found, and the function returns (ISC_R_SUCCESS)
*
* \li 2) a problem occurs, and the functions returns anything other
* than (ISC_R_NOTFOUND)
* \li 3) we run out of domain name labels. I.E. we have tried the
* shortest domain name
* \li 4) the number of labels in the domain name is less than
* min_labels for dns_dlzfindzone
*
* The driver's find zone method should return ISC_R_SUCCESS and a
* database pointer to the name server if the zone is supported by the
* database. Otherwise it will return ISC_R_NOTFOUND, and a null
* pointer if the zone is not supported. If an error occurs it should
* return a result code indicating the type of error.
*/
typedef isc_result_t (*dns_dlzconfigure_t)(void *driverarg, void *dbdata,
dns_view_t *view,
dns_dlzdb_t *dlzdb);
/*%<
* Method prototype. Drivers implementing the DLZ interface may
* optionally supply a configure method. If supplied, this will be
* called immediately after the create method is called. The driver
* may call configuration functions during the configure call
*/
typedef bool (*dns_dlzssumatch_t)(const dns_name_t *signer,
const dns_name_t *name,
const isc_netaddr_t *tcpaddr,
dns_rdatatype_t type, const dst_key_t *key,
void *driverarg, void *dbdata);
/*%<
* Method prototype. Drivers implementing the DLZ interface may
* optionally supply a ssumatch method. If supplied, this will be
* called to authorize update requests
*/
/*% the methods supplied by a DLZ driver */
typedef struct dns_dlzmethods {
dns_dlzcreate_t create;
dns_dlzdestroy_t destroy;
dns_dlzfindzone_t findzone;
dns_dlzallowzonexfr_t allowzonexfr;
dns_dlzconfigure_t configure;
dns_dlzssumatch_t ssumatch;
} dns_dlzmethods_t;
/*% information about a DLZ driver */
struct dns_dlzimplementation {
const char *name;
const dns_dlzmethods_t *methods;
isc_mem_t *mctx;
void *driverarg;
ISC_LINK(dns_dlzimplementation_t) link;
};
typedef isc_result_t (*dlzconfigure_callback_t)(dns_view_t *, dns_dlzdb_t *,
dns_zone_t *);
/*% An instance of a DLZ driver */
struct dns_dlzdb {
unsigned int magic;
isc_mem_t *mctx;
dns_dlzimplementation_t *implementation;
void *dbdata;
dlzconfigure_callback_t configure_callback;
bool search;
char *dlzname;
ISC_LINK(dns_dlzdb_t) link;
dns_ssutable_t *ssutable;
};
/***
*** Method declarations
***/
isc_result_t
dns_dlzallowzonexfr(dns_view_t *view, const dns_name_t *name,
const isc_sockaddr_t *clientaddr, dns_db_t **dbp);
/*%<
* This method is called when the DNS server is performing a zone
* transfer query. It will call the DLZ driver's allow zone transfer
* method.
*/
isc_result_t
dns_dlzcreate(isc_mem_t *mctx, const char *dlzname, const char *drivername,
unsigned int argc, char *argv[], dns_dlzdb_t **dbp);
/*%<
* This method is called when the DNS server is starting up and
* creating drivers for use later. It will search the DLZ driver list
* for 'drivername' and return a DLZ driver via dbp if a match is
* found. If the DLZ driver supplies a create method, this function
* will call it.
*/
void
dns_dlzdestroy(dns_dlzdb_t **dbp);
/*%<
* This method is called when the DNS server is shutting down and no
* longer needs the driver. If the DLZ driver supplies a destroy
* methods, this function will call it.
*/
isc_result_t
dns_dlzregister(const char *drivername, const dns_dlzmethods_t *methods,
void *driverarg, isc_mem_t *mctx,
dns_dlzimplementation_t **dlzimp);
/*%<
* Register a dynamically loadable zones (DLZ) driver for the database
* type 'drivername', implemented by the functions in '*methods'.
*
* dlzimp must point to a NULL dlz_implementation_t pointer. That is,
* dlzimp != NULL && *dlzimp == NULL. It will be assigned a value that
* will later be used to identify the driver when deregistering it.
*/
isc_result_t
dns_dlzstrtoargv(isc_mem_t *mctx, char *s, unsigned int *argcp, char ***argvp);
/*%<
* This method is called when the name server is starting up to parse
* the DLZ driver command line from named.conf. Basically it splits
* up a string into and argc / argv. The primary difference of this
* method is items between braces { } are considered only 1 word. for
* example the command line "this is { one grouped phrase } and this
* isn't" would be parsed into:
*
* \li argv[0]: "this"
* \li argv[1]: "is"
* \li argv{2]: " one grouped phrase "
* \li argv[3]: "and"
* \li argv[4]: "this"
* \li argv{5}: "isn't"
*
* braces should NOT be nested, more than one grouping in the command
* line is allowed. Notice, argv[2] has an extra space at the
* beginning and end. Extra spaces are not stripped between a
* grouping. You can do so in your driver if needed, or be sure not
* to put extra spaces before / after the braces.
*/
void
dns_dlzunregister(dns_dlzimplementation_t **dlzimp);
/*%<
* Removes the dlz driver from the list of registered dlz drivers.
* There must be no active dlz drivers of this type when this function
* is called.
*/
typedef isc_result_t
dns_dlz_writeablezone_t(dns_view_t *view, dns_dlzdb_t *dlzdb,
const char *zone_name);
dns_dlz_writeablezone_t dns_dlz_writeablezone;
/*%<
* creates a writeable DLZ zone. Must be called from within the
* configure() method of a DLZ driver.
*/
isc_result_t
dns_dlzconfigure(dns_view_t *view, dns_dlzdb_t *dlzdb,
dlzconfigure_callback_t callback);
/*%<
* call a DLZ drivers configure method, if supplied
*/
bool
dns_dlz_ssumatch(dns_dlzdb_t *dlzdatabase, const dns_name_t *signer,
const dns_name_t *name, const isc_netaddr_t *tcpaddr,
dns_rdatatype_t type, const dst_key_t *key);
/*%<
* call a DLZ drivers ssumatch method, if supplied. Otherwise return false
*/
ISC_LANG_ENDDECLS
|
