/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
#ifndef DNS_NTA_H
#define DNS_NTA_H 1
/*****
***** Module Info
*****/
/*! \file
* \brief
* The NTA module provides services for storing and retrieving negative
* trust anchors, and determine whether a given domain is subject to
* DNSSEC validation.
*/
#include <isc/buffer.h>
#include <isc/lang.h>
#include <isc/magic.h>
#include <isc/refcount.h>
#include <isc/rwlock.h>
#include <isc/stdtime.h>
#include <isc/task.h>
#include <isc/timer.h>
#include <dns/types.h>
#include <dns/rdataset.h>
#include <dns/resolver.h>
#include <dns/view.h>
ISC_LANG_BEGINDECLS
struct dns_ntatable {
/* Unlocked. */
unsigned int magic;
dns_view_t *view;
isc_rwlock_t rwlock;
isc_taskmgr_t *taskmgr;
isc_timermgr_t *timermgr;
isc_task_t *task;
/* Locked by rwlock. */
isc_uint32_t references;
dns_rbt_t *table;
};
#define NTATABLE_MAGIC ISC_MAGIC('N', 'T', 'A', 't')
#define VALID_NTATABLE(nt) ISC_MAGIC_VALID(nt, NTATABLE_MAGIC)
isc_result_t
dns_ntatable_create(dns_view_t *view,
isc_taskmgr_t *taskmgr, isc_timermgr_t *timermgr,
dns_ntatable_t **ntatablep);
/*%<
* Create an NTA table in view 'view'.
*
* Requires:
*
*\li 'view' is a valid view.
*
*\li 'tmgr' is a valid timer manager.
*
*\li ntatablep != NULL && *ntatablep == NULL
*
* Ensures:
*
*\li On success, *ntatablep is a valid, empty NTA table.
*
* Returns:
*
*\li ISC_R_SUCCESS
*\li Any other result indicates failure.
*/
void
dns_ntatable_attach(dns_ntatable_t *source, dns_ntatable_t **targetp);
/*%<
* Attach *targetp to source.
*
* Requires:
*
*\li 'source' is a valid ntatable.
*
*\li 'targetp' points to a NULL dns_ntatable_t *.
*
* Ensures:
*
*\li *targetp is attached to source.
*/
void
dns_ntatable_detach(dns_ntatable_t **ntatablep);
/*%<
* Detach *ntatablep from its ntatable.
*
* Requires:
*
*\li 'ntatablep' points to a valid ntatable.
*
* Ensures:
*
*\li *ntatablep is NULL.
*
*\li If '*ntatablep' is the last reference to the ntatable,
* all resources used by the ntatable will be freed
*/
isc_result_t
dns_ntatable_add(dns_ntatable_t *ntatable, dns_name_t *name,
isc_boolean_t force, isc_stdtime_t now,
isc_uint32_t lifetime);
/*%<
* Add a negative trust anchor to 'ntatable' for name 'name',
* which will expire at time 'now' + 'lifetime'. If 'force' is ISC_FALSE,
* then the name will be checked periodically to see if it's bogus;
* if not, then the NTA will be allowed to expire early.
*
* Notes:
*
*\li If an NTA already exists in the table, its expiry time
* is updated.
*
* Requires:
*
*\li 'ntatable' points to a valid ntatable.
*
*\li 'name' points to a valid name.
*
* Returns:
*
*\li ISC_R_SUCCESS
*
*\li Any other result indicates failure.
*/
isc_result_t
dns_ntatable_delete(dns_ntatable_t *ntatable, dns_name_t *keyname);
/*%<
* Delete node(s) from 'ntatable' matching name 'keyname'
*
* Requires:
*
*\li 'ntatable' points to a valid ntatable.
*
*\li 'name' is not NULL
*
* Returns:
*
*\li ISC_R_SUCCESS
*
*\li Any other result indicates failure.
*/
isc_boolean_t
dns_ntatable_covered(dns_ntatable_t *ntatable, isc_stdtime_t now,
dns_name_t *name, dns_name_t *anchor);
/*%<
* Return ISC_TRUE if 'name' is below a non-expired negative trust
* anchor which in turn is at or below 'anchor'.
*
* If 'ntatable' has not been initialized, return ISC_FALSE.
*
* Requires:
*
*\li 'ntatable' is NULL or is a valid ntatable.
*
*\li 'name' is a valid absolute name.
*/
isc_result_t
dns_ntatable_totext(dns_ntatable_t *ntatable, isc_buffer_t **buf);
/*%<
* Dump the NTA table to buffer at 'buf'
*
* Requires:
* \li "ntatable" is a valid table.
*
* \li "*buf" is a valid buffer.
*/
isc_result_t
dns_ntatable_dump(dns_ntatable_t *ntatable, FILE *fp);
/*%<
* Dump the NTA table to the file opened as 'fp'.
*/
isc_result_t
dns_ntatable_save(dns_ntatable_t *ntatable, FILE *fp);
/*%<
* Save the NTA table to the file opened as 'fp', for later loading.
*/
ISC_LANG_ENDDECLS
#endif /* DNS_NTA_H */
| Name | Type | Size | Permission | Actions |
|---|---|---|---|---|
| acache.h | File | 13.99 KB | 0644 |
|
| acl.h | File | 7.1 KB | 0644 |
|
| adb.h | File | 22.03 KB | 0644 |
|
| badcache.h | File | 3.28 KB | 0644 |
|
| bit.h | File | 856 B | 0644 |
|
| byaddr.h | File | 3.89 KB | 0644 |
|
| cache.h | File | 7.95 KB | 0644 |
|
| callbacks.h | File | 2.22 KB | 0644 |
|
| catz.h | File | 11.54 KB | 0644 |
|
| cert.h | File | 1.43 KB | 0644 |
|
| client.h | File | 21.52 KB | 0644 |
|
| clientinfo.h | File | 1.95 KB | 0644 |
|
| compress.h | File | 6.51 KB | 0644 |
|
| db.h | File | 44.68 KB | 0644 |
|
| dbiterator.h | File | 7.26 KB | 0644 |
|
| dbtable.h | File | 3.09 KB | 0644 |
|
| diff.h | File | 6.82 KB | 0644 |
|
| dispatch.h | File | 16.05 KB | 0644 |
|
| dlz.h | File | 10.38 KB | 0644 |
|
| dlz_dlopen.h | File | 4.54 KB | 0644 |
|
| dns64.h | File | 5.51 KB | 0644 |
|
| dnssec.h | File | 12 KB | 0644 |
|
| dnstap.h | File | 9.2 KB | 0644 |
|
| ds.h | File | 1.19 KB | 0644 |
|
| dsdigest.h | File | 1.68 KB | 0644 |
|
| dyndb.h | File | 4.72 KB | 0644 |
|
| ecdb.h | File | 808 B | 0644 |
|
| edns.h | File | 721 B | 0644 |
|
| enumclass.h | File | 1.19 KB | 0644 |
|
| enumtype.h | File | 7.74 KB | 0644 |
|
| events.h | File | 3.96 KB | 0644 |
|
| fixedname.h | File | 1.56 KB | 0644 |
|
| forward.h | File | 3.37 KB | 0644 |
|
| geoip.h | File | 2.34 KB | 0644 |
|
| ipkeylist.h | File | 2.12 KB | 0644 |
|
| iptable.h | File | 1.6 KB | 0644 |
|
| journal.h | File | 8.05 KB | 0644 |
|
| keydata.h | File | 1.02 KB | 0644 |
|
| keyflags.h | File | 1.25 KB | 0644 |
|
| keytable.h | File | 9.28 KB | 0644 |
|
| keyvalues.h | File | 4.06 KB | 0644 |
|
| lib.h | File | 1.16 KB | 0644 |
|
| log.h | File | 3.87 KB | 0644 |
|
| lookup.h | File | 2.85 KB | 0644 |
|
| master.h | File | 11.08 KB | 0644 |
|
| masterdump.h | File | 12.35 KB | 0644 |
|
| message.h | File | 37.27 KB | 0644 |
|
| name.h | File | 36.49 KB | 0644 |
|
| ncache.h | File | 4.8 KB | 0644 |
|
| nsec.h | File | 2.88 KB | 0644 |
|
| nsec3.h | File | 8.17 KB | 0644 |
|
| nta.h | File | 4.32 KB | 0644 |
|
| opcode.h | File | 1006 B | 0644 |
|
| order.h | File | 1.95 KB | 0644 |
|
| peer.h | File | 6.06 KB | 0644 |
|
| portlist.h | File | 2.05 KB | 0644 |
|
| private.h | File | 1.9 KB | 0644 |
|
| rbt.h | File | 39.7 KB | 0644 |
|
| rcode.h | File | 2.42 KB | 0644 |
|
| rdata.h | File | 20.92 KB | 0644 |
|
| rdataclass.h | File | 2.2 KB | 0644 |
|
| rdatalist.h | File | 2.51 KB | 0644 |
|
| rdataset.h | File | 20.47 KB | 0644 |
|
| rdatasetiter.h | File | 3.83 KB | 0644 |
|
| rdataslab.h | File | 4.29 KB | 0644 |
|
| rdatastruct.h | File | 57.57 KB | 0644 |
|
| rdatatype.h | File | 2.24 KB | 0644 |
|
| request.h | File | 10.89 KB | 0644 |
|
| resolver.h | File | 18.63 KB | 0644 |
|
| result.h | File | 8.57 KB | 0644 |
|
| rootns.h | File | 891 B | 0644 |
|
| rpz.h | File | 10.09 KB | 0644 |
|
| rriterator.h | File | 4.17 KB | 0644 |
|
| rrl.h | File | 6.49 KB | 0644 |
|
| sdb.h | File | 7.04 KB | 0644 |
|
| sdlz.h | File | 13.87 KB | 0644 |
|
| secalg.h | File | 1.67 KB | 0644 |
|
| secproto.h | File | 1.52 KB | 0644 |
|
| soa.h | File | 2.17 KB | 0644 |
|
| ssu.h | File | 8.09 KB | 0644 |
|
| stats.h | File | 13.15 KB | 0644 |
|
| tcpmsg.h | File | 3.05 KB | 0644 |
|
| time.h | File | 1.66 KB | 0644 |
|
| timer.h | File | 1.02 KB | 0644 |
|
| tkey.h | File | 7.43 KB | 0644 |
|
| tsec.h | File | 2.88 KB | 0644 |
|
| tsig.h | File | 8.06 KB | 0644 |
|
| ttl.h | File | 1.93 KB | 0644 |
|
| types.h | File | 13.65 KB | 0644 |
|
| update.h | File | 1.61 KB | 0644 |
|
| validator.h | File | 7.02 KB | 0644 |
|
| version.h | File | 867 B | 0644 |
|
| view.h | File | 34.69 KB | 0644 |
|
| xfrin.h | File | 2.85 KB | 0644 |
|
| zone.h | File | 59.8 KB | 0644 |
|
| zonekey.h | File | 763 B | 0644 |
|
| zt.h | File | 5.31 KB | 0644 |
|