46 #include <ldns/ldns.h>
48 static const char* zone_str =
"zone";
61 if (!name || !klass) {
66 ods_log_error(
"[%s] unable to create zone %s: allocator_create() "
67 "failed", zone_str, name);
72 ods_log_error(
"[%s] unable to create zone %s: allocator_alloc()",
73 "failed", zone_str, name);
79 if (strlen(name) > 1 && name[strlen(name)-1] ==
'.') {
80 name[strlen(name)-1] =
'\0';
85 ods_log_error(
"[%s] unable to create zone %s: allocator_strdup() "
86 "failed", zone_str, name);
92 zone->
apex = ldns_dname_new_frm_str(name);
107 ods_log_error(
"[%s] unable to create zone %s: namedb_create() "
108 "failed", zone_str, name);
114 ods_log_error(
"[%s] unable to create zone %s: ixfr_create() "
115 "failed", zone_str, name);
121 ods_log_error(
"[%s] unable to create zone %s: signconf_create() "
122 "failed", zone_str, name);
142 char* datestamp = NULL;
149 "insecure?", zone_str, zone->
name);
157 ods_log_alert(
"[%s] unable to load signconf for zone %s: signconf "
158 "status ok but no signconf stored", zone_str, zone->
name);
163 ods_log_debug(
"[%s] zone %s signconf file %s is modified since %s",
165 datestamp?datestamp:
"Unknown");
166 free((
void*)datestamp);
167 *new_signconf = signconf;
170 "%Y-%m-%d %T", &datestamp);
173 datestamp?datestamp:
"Unknown");
174 free((
void*)datestamp);
176 ods_log_error(
"[%s] unable to load signconf for zone %s: signconf %s "
202 if (task->
what != what) {
208 if (task->
what > what) {
216 "task is not queued (task will be rescheduled when it is put "
217 "back on the queue)", zone_str, zone->
name);
235 hsm_ctx_t* ctx = NULL;
248 ctx = hsm_create_context();
251 "error creating libhsm context", zone_str, zone->
name);
270 "error creating dnskey", zone_str, zone->
name);
292 "error adding dnskey", zone_str, zone->
name);
297 hsm_destroy_context(ctx);
321 if (dnskey && !dnskey->
exists &&
356 rr = ldns_rr_new_frm_type(LDNS_RR_TYPE_NSEC3PARAMS);
358 ods_log_error(
"[%s] unable to publish nsec3params for zone %s: "
359 "error creating rr (%s)", zone_str, zone->
name,
363 ldns_rr_set_class(rr, zone->
klass);
364 ldns_rr_set_ttl(rr, paramttl);
365 ldns_rr_set_owner(rr, ldns_rdf_clone(zone->
apex));
366 ldns_nsec3_add_param_rdfs(rr,
375 ldns_set_bit(ldns_rdf_data(ldns_rr_rdf(rr, 1)), 7, 0);
392 ods_log_error(
"[%s] unable to publish nsec3params for zone %s: "
393 "error adding nsec3params (%s)", zone_str,
416 if (n3prr && !n3prr->
exists &&
432 hsm_ctx_t* ctx = NULL;
441 ctx = hsm_create_context();
443 ods_log_error(
"[%s] unable to prepare signing keys for zone %s: "
444 "error creating libhsm context", zone_str, zone->
name);
452 ods_log_error(
"[%s] unable to prepare signing keys for zone %s: "
453 "error getting dnskey", zone_str, zone->
name);
461 hsm_destroy_context(ctx);
477 ldns_rdf* soa_rdata = NULL;
488 zone_str, zone->
name);
496 rr = ldns_rr_clone(rrset->
rrs[0].
rr);
498 ods_log_error(
"[%s] unable to update zone %s soa serial: failed to "
499 "clone soa rr", zone_str, zone->
name);
505 ods_log_error(
"[%s] unable to update zone %s soa serial: %s",
508 ods_log_error(
"[%s] If this is the result of a key rollover, "
509 "please increment the serial in the unsigned zone %s",
510 zone_str, zone->
name);
517 soa_rdata = ldns_rr_set_rdf(rr,
518 ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32,
521 ldns_rdf_deep_free(soa_rdata);
524 ods_log_error(
"[%s] unable to update zone %s soa serial: failed to "
525 "replace soa serial rdata", zone_str, zone->
name);
545 if (!zone || !owner || !type) {
579 "failed to add domain", zone_str, zone->
name);
582 if (ldns_dname_compare(domain->
dname, zone->
apex) == 0) {
588 "failed to entize domain", zone_str, zone->
name);
598 "failed to add RRset", zone_str, zone->
name);
607 if (ldns_rr_ttl(rr) != ldns_rr_ttl(record->
rr)) {
608 ldns_rr_set_ttl(record->
rr, ldns_rr_ttl(rr));
619 if (do_stats && zone->
stats) {
644 "domain not found", zone_str, zone->
name);
650 "RRset not found", zone_str, zone->
name);
656 "RR not found", zone_str, zone->
name);
663 if (do_stats && zone->
stats) {
706 ods_log_error(
"[%s] failed to merge signconf filename %s to "
752 ldns_rdf_deep_free(zone->
apex);
781 char* filename = NULL;
783 const char* token = NULL;
789 uint32_t inbound = 0,
internal = 0, outbound = 0;
793 const char* salt = NULL;
808 ods_log_error(
"[%s] corrupted backup file zone %s: read magic "
809 "error", zone_str, zone->
name);
814 ods_log_error(
"[%s] corrupted backup file zone %s: read time "
815 "error", zone_str, zone->
name);
822 ods_log_error(
"[%s] corrupted backup file zone %s: read name "
823 "error", zone_str, zone->
name);
828 ods_log_error(
"[%s] corrupted backup file zone %s: read class "
829 "error", zone_str, zone->
name);
838 ods_log_error(
"[%s] corrupted backup file zone %s: read serial "
839 "error", zone_str, zone->
name);
842 zone->
klass = (ldns_rr_class) klass;
874 ods_log_error(
"[%s] corrupted backup file zone %s: read signconf "
875 "error", zone_str, zone->
name);
890 "nsec3parameters error", zone_str, zone->
name);
904 ods_log_error(
"[%s] corrupted backup file zone %s: unable to "
905 "create nsec3param", zone_str, zone->
name);
917 "key error", zone_str, zone->
name);
935 ods_log_error(
"[%s] corrupted backup file zone %s: unable to "
936 "publish dnskeys (%s)", zone_str, zone->
name,
943 ods_log_error(
"[%s] corrupted backup file zone %s: unable to "
944 "publish nsec3param (%s)", zone_str, zone->
name,
951 ods_log_error(
"[%s] corrupted backup file zone %s: unable to "
952 "read resource records (%s)", zone_str, zone->
name,
960 "create task", zone_str, zone->
name);
963 zone->
task = (
void*) task;
964 free((
void*)filename);
977 "skipping (%s)", zone_str, zone->
name,
979 (void)unlink(filename);
989 free((
void*)filename);
1001 free((
void*)filename);
1030 char* filename = NULL;
1031 char* tmpfile = NULL;
1045 if (!tmpfile || !filename) {
1050 fprintf(fd,
"%s\n", ODS_SE_FILE_MAGIC_V3);
1052 fprintf(fd,
";;Time: %u\n", (
unsigned) task->
when);
1054 fprintf(fd,
";;Zone: name %s class %i inbound %u internal %u "
1055 "outbound %u\n", zone->
name, (
int) zone->
klass,
1069 ODS_SE_FILE_MAGIC_V3);
1073 fprintf(fd,
";;\n");
1077 fprintf(fd,
"%s\n", ODS_SE_FILE_MAGIC_V3);
1079 ret = rename(tmpfile, filename);
1081 ods_log_error(
"[%s] unable to rename zone %s backup %s to %s: %s",
1082 zone_str, zone->
name, tmpfile, filename, strerror(errno));
1089 free((
void*) tmpfile);
1090 free((
void*) filename);
void ods_log_alert(const char *format,...)
signconf_type * signconf_create(void)
void ixfr_cleanup(ixfr_type *ixfr)
rr_type * rrset_lookup_rr(rrset_type *rrset, ldns_rr *rr)
int backup_read_str(FILE *in, const char **str)
uint32_t nsec3_iterations
void zone_cleanup(zone_type *zone)
duration_type * sig_inception_offset
void signconf_backup(FILE *fd, signconf_type *sc, const char *version)
int adapter_compare(adapter_type *a1, adapter_type *a2)
void domain_add_rrset(domain_type *domain, rrset_type *rrset)
rrset_type * domain_lookup_rrset(domain_type *domain, ldns_rr_type rrtype)
void ods_log_debug(const char *format,...)
uint32_t time_datestamp(time_t tt, const char *format, char **str)
int backup_read_duration(FILE *in, duration_type **v)
void zone_merge(zone_type *z1, zone_type *z2)
stats_type * stats_create(void)
#define lock_basic_destroy(lock)
void * allocator_alloc(allocator_type *allocator, size_t size)
duration_type * sig_validity_default
void signconf_cleanup(signconf_type *sc)
void namedb_cleanup(namedb_type *db)
rrset_type * rrset_create(void *zoneptr, ldns_rr_type type)
int backup_read_rr_type(FILE *in, ldns_rr_type *v)
duration_type * sig_validity_denial
duration_type * nsec3param_ttl
ods_status zone_recover2(zone_type *zone)
ods_status schedule_task(schedule_type *schedule, task_type *task, int log)
int backup_read_time_t(FILE *in, time_t *v)
enum ods_enum_status ods_status
lock_basic_type zone_lock
rr_type * rrset_add_rr(rrset_type *rrset, ldns_rr *rr)
void ods_log_error(const char *format,...)
lock_basic_type stats_lock
const char * ods_status2str(ods_status status)
#define SE_SOA_RDATA_SERIAL
ods_status namedb_update_serial(namedb_type *db, const char *zone_name, const char *format, uint32_t inbound_serial)
int ods_strcmp(const char *s1, const char *s2)
int backup_read_int(FILE *in, int *v)
zone_type * zone_create(char *name, ldns_rr_class klass)
ods_status backup_read_ixfr(FILE *in, void *zone)
void namedb_backup2(FILE *fd, namedb_type *db)
void notify_cleanup(notify_type *notify)
void nsec3params_backup(FILE *fd, uint8_t algo, uint8_t flags, uint16_t iter, const char *salt, ldns_rr *rr, const char *version)
enum task_id_enum task_id
adapter_type * adoutbound
FILE * ods_fopen(const char *file, const char *dir, const char *mode)
nsec3params_type * nsec3params_create(void *sc, uint8_t algo, uint8_t flags, uint16_t iter, const char *salt)
ods_status backup_read_namedb(FILE *in, void *zone)
ods_status zone_publish_nsec3param(zone_type *zone)
duration_type * sig_refresh_interval
#define lock_basic_lock(lock)
allocator_type * allocator_create(void *(*allocator)(size_t size), void(*deallocator)(void *))
ods_status lhsm_get_key(hsm_ctx_t *ctx, ldns_rdf *owner, key_type *key_id)
ods_status namedb_domain_entize(namedb_type *db, domain_type *domain, ldns_rdf *apex)
ods_status zone_backup2(zone_type *zone)
ods_status zone_update_serial(zone_type *zone)
char * allocator_strdup(allocator_type *allocator, const char *string)
ods_status zone_add_rr(zone_type *zone, ldns_rr *rr, int do_stats)
domain_type * namedb_lookup_domain(namedb_type *db, ldns_rdf *dname)
void stats_cleanup(stats_type *stats)
task_type * unschedule_task(schedule_type *schedule, task_type *task)
const char * signconf_filename
void zone_rollback_dnskeys(zone_type *zone)
ods_status zone_publish_dnskeys(zone_type *zone)
allocator_type * allocator
void xfrd_cleanup(xfrd_type *xfrd)
ods_status zone_reschedule_task(zone_type *zone, schedule_type *taskq, task_id what)
namedb_type * namedb_create(void *zone)
char * ods_build_path(const char *file, const char *suffix, int dir, int no_slash)
time_t duration2time(duration_type *duration)
ods_status zone_del_rr(zone_type *zone, ldns_rr *rr, int do_stats)
void zone_rollback_nsec3param(zone_type *zone)
void ods_log_verbose(const char *format,...)
keylist_type * keylist_create(void *sc)
lock_basic_type ixfr_lock
rrset_type * zone_lookup_rrset(zone_type *zone, ldns_rdf *owner, ldns_rr_type type)
nsec3params_type * nsec3params
#define lock_basic_init(lock)
void ods_fclose(FILE *fd)
allocator_type * allocator
domain_type * namedb_add_domain(namedb_type *db, ldns_rdf *dname)
void allocator_cleanup(allocator_type *allocator)
duration_type * dnskey_ttl
ods_status zone_prepare_keys(zone_type *zone)
int backup_read_check_str(FILE *in, const char *str)
duration_type * sig_jitter
hsm_sign_params_t * params
duration_type * sig_resign_interval
void ixfr_purge(ixfr_type *ixfr)
void allocator_deallocate(allocator_type *allocator, void *data)
lock_basic_type schedule_lock
void rrset_diff(rrset_type *rrset, unsigned is_ixfr, unsigned more_coming)
#define ods_log_assert(x)
ods_status zone_load_signconf(zone_type *zone, signconf_type **new_signconf)
void adapter_cleanup(adapter_type *adapter)
ixfr_type * ixfr_create(void *zone)
#define lock_basic_unlock(lock)
void ods_log_warning(const char *format,...)
key_type * key_recover2(FILE *fd, keylist_type *kl)
void keylist_backup(FILE *fd, keylist_type *kl, const char *version)
task_type * task_create(task_id what, time_t when, void *zone)
ods_status signconf_update(signconf_type **signconf, const char *scfile, time_t last_modified)
int backup_read_uint32_t(FILE *in, uint32_t *v)
void stats_clear(stats_type *stats)