OpenDNSSEC-signer  1.4.8.2
zone.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2009 NLNet Labs. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  * notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  * notice, this list of conditions and the following disclaimer in the
11  * documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
15  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
17  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
19  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
21  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
22  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
23  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24  *
25  */
26 
32 #include "adapter/adapter.h"
33 #include "shared/allocator.h"
34 #include "shared/file.h"
35 #include "shared/hsm.h"
36 #include "shared/locks.h"
37 #include "shared/log.h"
38 #include "shared/status.h"
39 #include "shared/util.h"
40 #include "signer/backup.h"
41 #include "signer/zone.h"
42 #include "wire/netio.h"
43 
44 #include <ldns/ldns.h>
45 
46 static const char* zone_str = "zone";
47 
48 
53 zone_type*
54 zone_create(char* name, ldns_rr_class klass)
55 {
56  allocator_type* allocator = NULL;
57  zone_type* zone = NULL;
58 
59  if (!name || !klass) {
60  return NULL;
61  }
62  allocator = allocator_create(malloc, free);
63  if (!allocator) {
64  ods_log_error("[%s] unable to create zone %s: allocator_create() "
65  "failed", zone_str, name);
66  return NULL;
67  }
68  zone = (zone_type*) allocator_alloc(allocator, sizeof(zone_type));
69  if (!zone) {
70  ods_log_error("[%s] unable to create zone %s: allocator_alloc()",
71  "failed", zone_str, name);
72  allocator_cleanup(allocator);
73  return NULL;
74  }
75  zone->allocator = allocator;
76  /* [start] PS 9218653: Drop trailing dot in domain name */
77  if (strlen(name) > 1 && name[strlen(name)-1] == '.') {
78  name[strlen(name)-1] = '\0';
79  }
80  /* [end] PS 9218653 */
81  zone->name = allocator_strdup(allocator, name);
82  if (!zone->name) {
83  ods_log_error("[%s] unable to create zone %s: allocator_strdup() "
84  "failed", zone_str, name);
85  zone_cleanup(zone);
86  return NULL;
87  }
88  zone->klass = klass;
89  zone->default_ttl = 3600; /* TODO: configure --default-ttl option? */
90  zone->apex = ldns_dname_new_frm_str(name);
91  /* check zone->apex? */
92  zone->notify_command = NULL;
93  zone->notify_ns = NULL;
94  zone->notify_args = NULL;
95  zone->policy_name = NULL;
96  zone->signconf_filename = NULL;
97  zone->adinbound = NULL;
98  zone->adoutbound = NULL;
99  zone->zl_status = ZONE_ZL_OK;
100  zone->task = NULL;
101  zone->xfrd = NULL;
102  zone->notify = NULL;
103  zone->db = namedb_create((void*)zone);
104  if (!zone->db) {
105  ods_log_error("[%s] unable to create zone %s: namedb_create() "
106  "failed", zone_str, name);
107  zone_cleanup(zone);
108  return NULL;
109  }
110  zone->ixfr = ixfr_create((void*)zone);
111  if (!zone->ixfr) {
112  ods_log_error("[%s] unable to create zone %s: ixfr_create() "
113  "failed", zone_str, name);
114  zone_cleanup(zone);
115  return NULL;
116  }
117  zone->signconf = signconf_create();
118  if (!zone->signconf) {
119  ods_log_error("[%s] unable to create zone %s: signconf_create() "
120  "failed", zone_str, name);
121  zone_cleanup(zone);
122  return NULL;
123  }
124  zone->stats = stats_create();
125  lock_basic_init(&zone->zone_lock);
126  lock_basic_init(&zone->xfr_lock);
127  return zone;
128 }
129 
130 
137 {
138  ods_status status = ODS_STATUS_OK;
139  signconf_type* signconf = NULL;
140  char* datestamp = NULL;
141 
142  if (!zone || !zone->name || !zone->signconf) {
143  return ODS_STATUS_ASSERT_ERR;
144  }
145  if (!zone->signconf_filename) {
146  ods_log_warning("[%s] zone %s has no signconf filename, treat as "
147  "insecure?", zone_str, zone->name);
148  return ODS_STATUS_INSECURE;
149  }
150  status = signconf_update(&signconf, zone->signconf_filename,
151  zone->signconf->last_modified);
152  if (status == ODS_STATUS_OK) {
153  if (!signconf) {
154  /* this is unexpected */
155  ods_log_alert("[%s] unable to load signconf for zone %s: signconf "
156  "status ok but no signconf stored", zone_str, zone->name);
157  return ODS_STATUS_ASSERT_ERR;
158  }
159  (void)time_datestamp(signconf->last_modified, "%Y-%m-%d %T",
160  &datestamp);
161  ods_log_debug("[%s] zone %s signconf file %s is modified since %s",
162  zone_str, zone->name, zone->signconf_filename,
163  datestamp?datestamp:"Unknown");
164  free((void*)datestamp);
165  *new_signconf = signconf;
166  } else if (status == ODS_STATUS_UNCHANGED) {
168  "%Y-%m-%d %T", &datestamp);
169  ods_log_verbose("[%s] zone %s signconf file %s is unchanged since "
170  "%s", zone_str, zone->name, zone->signconf_filename,
171  datestamp?datestamp:"Unknown");
172  free((void*)datestamp);
173  } else {
174  ods_log_error("[%s] unable to load signconf for zone %s: signconf %s "
175  "%s", zone_str, zone->name, zone->signconf_filename,
176  ods_status2str(status));
177  }
178  return status;
179 }
180 
181 
188 {
189  task_type* task = NULL;
190  ods_status status = ODS_STATUS_OK;
191 
192  ods_log_assert(taskq);
193  ods_log_assert(zone);
194  ods_log_assert(zone->name);
195  ods_log_assert(zone->task);
196  ods_log_debug("[%s] reschedule task for zone %s", zone_str, zone->name);
198  task = unschedule_task(taskq, (task_type*) zone->task);
199  if (task != NULL) {
200  if (task->what != what) {
201  task->halted = task->what;
202  task->halted_when = task->when;
203  task->interrupt = what;
204  }
206  if (task->what > what) {
207  task->what = what;
208  }
209  task->when = time_now();
210  status = schedule_task(taskq, task, 0);
211  } else {
212  /* task not queued, being worked on? */
213  ods_log_verbose("[%s] unable to reschedule task for zone %s now: "
214  "task is not queued (task will be rescheduled when it is put "
215  "back on the queue)", zone_str, zone->name);
216  task = (task_type*) zone->task;
217  task->interrupt = what;
218  /* task->halted(_when) set by worker */
219  }
221  zone->task = task;
222  return status;
223 }
224 
225 
232 {
233  hsm_ctx_t* ctx = NULL;
234  uint32_t ttl = 0;
235  uint16_t i = 0;
236  ods_status status = ODS_STATUS_OK;
237  rrset_type* rrset = NULL;
238  rr_type* dnskey = NULL;
239 
240  if (!zone || !zone->db || !zone->signconf || !zone->signconf->keys) {
241  return ODS_STATUS_ASSERT_ERR;
242  }
243  ods_log_assert(zone->name);
244 
245  /* hsm access */
246  ctx = hsm_create_context();
247  if (ctx == NULL) {
248  ods_log_error("[%s] unable to publish keys for zone %s: "
249  "error creating libhsm context", zone_str, zone->name);
250  return ODS_STATUS_HSM_ERR;
251  }
252  /* dnskey ttl */
253  ttl = zone->default_ttl;
254  if (zone->signconf->dnskey_ttl) {
255  ttl = (uint32_t) duration2time(zone->signconf->dnskey_ttl);
256  }
257  /* publish keys */
258  for (i=0; i < zone->signconf->keys->count; i++) {
259  if (!zone->signconf->keys->keys[i].publish) {
260  continue;
261  }
262  if (!zone->signconf->keys->keys[i].dnskey) {
263  /* get dnskey */
264  status = lhsm_get_key(ctx, zone->apex,
265  &zone->signconf->keys->keys[i]);
266  if (status != ODS_STATUS_OK) {
267  ods_log_error("[%s] unable to publish dnskeys for zone %s: "
268  "error creating dnskey", zone_str, zone->name);
269  break;
270  }
271  }
272  ods_log_assert(zone->signconf->keys->keys[i].dnskey);
273  ldns_rr_set_ttl(zone->signconf->keys->keys[i].dnskey, ttl);
274  ldns_rr_set_class(zone->signconf->keys->keys[i].dnskey, zone->klass);
275  status = zone_add_rr(zone, zone->signconf->keys->keys[i].dnskey, 0);
276  if (status == ODS_STATUS_UNCHANGED) {
277  /* rr already exists, adjust pointer */
278  rrset = zone_lookup_rrset(zone, zone->apex, LDNS_RR_TYPE_DNSKEY);
279  ods_log_assert(rrset);
280  dnskey = rrset_lookup_rr(rrset,
281  zone->signconf->keys->keys[i].dnskey);
282  ods_log_assert(dnskey);
283  if (dnskey->rr != zone->signconf->keys->keys[i].dnskey) {
284  ldns_rr_free(zone->signconf->keys->keys[i].dnskey);
285  }
286  zone->signconf->keys->keys[i].dnskey = dnskey->rr;
287  status = ODS_STATUS_OK;
288  } else if (status != ODS_STATUS_OK) {
289  ods_log_error("[%s] unable to publish dnskeys for zone %s: "
290  "error adding dnskey", zone_str, zone->name);
291  break;
292  }
293  }
294  /* done */
295  hsm_destroy_context(ctx);
296  return status;
297 }
298 
299 
304 void
306 {
307  uint16_t i = 0;
308  rrset_type* rrset = NULL;
309  rr_type* dnskey = NULL;
310  if (!zone || !zone->signconf || !zone->signconf->keys) {
311  return;
312  }
313  rrset = zone_lookup_rrset(zone, zone->apex, LDNS_RR_TYPE_DNSKEY);
314  /* unlink dnskey rrs */
315  for (i=0; i < zone->signconf->keys->count; i++) {
316  if (rrset && zone->signconf->keys->keys[i].dnskey) {
317  dnskey = rrset_lookup_rr(rrset,
318  zone->signconf->keys->keys[i].dnskey);
319  if (dnskey && !dnskey->exists &&
320  dnskey->rr == zone->signconf->keys->keys[i].dnskey) {
321  zone->signconf->keys->keys[i].dnskey = NULL;
322  }
323  }
324  }
325  /* done */
326  return;
327 }
328 
329 
336 {
337  rrset_type* rrset = NULL;
338  rr_type* n3prr = NULL;
339  ldns_rr* rr = NULL;
340  ods_status status = ODS_STATUS_OK;
341 
342  if (!zone || !zone->name || !zone->db || !zone->signconf) {
343  return ODS_STATUS_ASSERT_ERR;
344  }
345  if (!zone->signconf->nsec3params) {
346  /* NSEC */
347  ods_log_assert(zone->signconf->nsec_type == LDNS_RR_TYPE_NSEC);
348  return ODS_STATUS_OK;
349  }
350 
351  if (!zone->signconf->nsec3params->rr) {
352  uint32_t paramttl =
353  (uint32_t) duration2time(zone->signconf->nsec3param_ttl);
354  rr = ldns_rr_new_frm_type(LDNS_RR_TYPE_NSEC3PARAMS);
355  if (!rr) {
356  ods_log_error("[%s] unable to publish nsec3params for zone %s: "
357  "error creating rr (%s)", zone_str, zone->name,
358  ods_status2str(status));
359  return ODS_STATUS_MALLOC_ERR;
360  }
361  ldns_rr_set_class(rr, zone->klass);
362  ldns_rr_set_ttl(rr, paramttl);
363  ldns_rr_set_owner(rr, ldns_rdf_clone(zone->apex));
364  ldns_nsec3_add_param_rdfs(rr,
365  zone->signconf->nsec3params->algorithm, 0,
367  zone->signconf->nsec3params->salt_len,
368  zone->signconf->nsec3params->salt_data);
373  ldns_set_bit(ldns_rdf_data(ldns_rr_rdf(rr, 1)), 7, 0);
374  zone->signconf->nsec3params->rr = rr;
375  }
377  status = zone_add_rr(zone, zone->signconf->nsec3params->rr, 0);
378  if (status == ODS_STATUS_UNCHANGED) {
379  /* rr already exists, adjust pointer */
380  rrset = zone_lookup_rrset(zone, zone->apex, LDNS_RR_TYPE_NSEC3PARAMS);
381  ods_log_assert(rrset);
382  n3prr = rrset_lookup_rr(rrset, zone->signconf->nsec3params->rr);
383  ods_log_assert(n3prr);
384  if (n3prr->rr != zone->signconf->nsec3params->rr) {
385  ldns_rr_free(zone->signconf->nsec3params->rr);
386  }
387  zone->signconf->nsec3params->rr = n3prr->rr;
388  status = ODS_STATUS_OK;
389  } else if (status != ODS_STATUS_OK) {
390  ods_log_error("[%s] unable to publish nsec3params for zone %s: "
391  "error adding nsec3params (%s)", zone_str,
392  zone->name, ods_status2str(status));
393  }
394  return status;
395 }
396 
397 
402 void
404 {
405  rrset_type* rrset = NULL;
406  rr_type* n3prr = NULL;
407 
408  if (!zone || !zone->signconf || !zone->signconf->nsec3params) {
409  return;
410  }
411  rrset = zone_lookup_rrset(zone, zone->apex, LDNS_RR_TYPE_NSEC3PARAMS);
412  if (rrset && zone->signconf->nsec3params->rr) {
413  n3prr = rrset_lookup_rr(rrset, zone->signconf->nsec3params->rr);
414  if (n3prr && !n3prr->exists &&
415  n3prr->rr == zone->signconf->nsec3params->rr) {
416  zone->signconf->nsec3params->rr = NULL;
417  }
418  }
419  return;
420 }
421 
422 
429 {
430  hsm_ctx_t* ctx = NULL;
431  uint16_t i = 0;
432  ods_status status = ODS_STATUS_OK;
433 
434  if (!zone || !zone->db || !zone->signconf || !zone->signconf->keys) {
435  return ODS_STATUS_ASSERT_ERR;
436  }
437  ods_log_assert(zone->name);
438  /* hsm access */
439  ctx = hsm_create_context();
440  if (ctx == NULL) {
441  ods_log_error("[%s] unable to prepare signing keys for zone %s: "
442  "error creating libhsm context", zone_str, zone->name);
443  return ODS_STATUS_HSM_ERR;
444  }
445  /* prepare keys */
446  for (i=0; i < zone->signconf->keys->count; i++) {
447  /* get dnskey */
448  status = lhsm_get_key(ctx, zone->apex, &zone->signconf->keys->keys[i]);
449  if (status != ODS_STATUS_OK) {
450  ods_log_error("[%s] unable to prepare signing keys for zone %s: "
451  "error getting dnskey", zone_str, zone->name);
452  break;
453  }
454  ods_log_assert(zone->signconf->keys->keys[i].dnskey);
455  ods_log_assert(zone->signconf->keys->keys[i].hsmkey);
456  ods_log_assert(zone->signconf->keys->keys[i].params);
457  }
458  /* done */
459  hsm_destroy_context(ctx);
460  return status;
461 }
462 
463 
470 {
471  ods_status status = ODS_STATUS_OK;
472  rrset_type* rrset = NULL;
473  rr_type* soa = NULL;
474  ldns_rr* rr = NULL;
475  ldns_rdf* soa_rdata = NULL;
476 
477  ods_log_assert(zone);
478  ods_log_assert(zone->apex);
479  ods_log_assert(zone->name);
480  ods_log_assert(zone->db);
481  ods_log_assert(zone->signconf);
482 
483  if (zone->db->serial_updated) {
484  /* already done, unmark and return ok */
485  ods_log_debug("[%s] zone %s soa serial already up to date",
486  zone_str, zone->name);
487  zone->db->serial_updated = 0;
488  return ODS_STATUS_OK;
489  }
490  rrset = zone_lookup_rrset(zone, zone->apex, LDNS_RR_TYPE_SOA);
491  if (!rrset || !rrset->rrs || !rrset->rrs[0].rr) {
492  ods_log_error("[%s] unable to update zone %s soa serial: failed to "
493  "find soa rrset", zone_str, zone->name);
494  return ODS_STATUS_ERR;
495  }
496  ods_log_assert(rrset);
497  ods_log_assert(rrset->rrs);
498  ods_log_assert(rrset->rrs[0].rr);
499  rr = ldns_rr_clone(rrset->rrs[0].rr);
500  if (!rr) {
501  ods_log_error("[%s] unable to update zone %s soa serial: failed to "
502  "clone soa rr", zone_str, zone->name);
503  return ODS_STATUS_ERR;
504  }
505  status = namedb_update_serial(zone->db, zone->name,
506  zone->signconf->soa_serial, zone->db->inbserial);
507  if (status != ODS_STATUS_OK) {
508  ods_log_error("[%s] unable to update zone %s soa serial: %s",
509  zone_str, zone->name, ods_status2str(status));
510  if (status == ODS_STATUS_CONFLICT_ERR) {
511  ods_log_error("[%s] If this is the result of a key rollover, "
512  "please increment the serial in the unsigned zone %s",
513  zone_str, zone->name);
514  }
515  ldns_rr_free(rr);
516  return status;
517  }
518  ods_log_verbose("[%s] zone %s set soa serial to %u", zone_str,
519  zone->name, zone->db->intserial);
520  soa_rdata = ldns_rr_set_rdf(rr,
521  ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32,
522  zone->db->intserial), SE_SOA_RDATA_SERIAL);
523  if (soa_rdata) {
524  ldns_rdf_deep_free(soa_rdata);
525  soa_rdata = NULL;
526  } else {
527  ods_log_error("[%s] unable to update zone %s soa serial: failed to "
528  "replace soa serial rdata", zone_str, zone->name);
529  ldns_rr_free(rr);
530  return ODS_STATUS_ERR;
531  }
532  soa = rrset_add_rr(rrset, rr);
533  ods_log_assert(soa);
534  rrset_diff(rrset, 0, 0);
535  zone->db->serial_updated = 0;
536  return ODS_STATUS_OK;
537 }
538 
539 
544 rrset_type*
545 zone_lookup_rrset(zone_type* zone, ldns_rdf* owner, ldns_rr_type type)
546 {
547  domain_type* domain = NULL;
548  if (!zone || !owner || !type) {
549  return NULL;
550  }
551  domain = namedb_lookup_domain(zone->db, owner);
552  if (!domain) {
553  return NULL;
554  }
555  return domain_lookup_rrset(domain, type);
556 }
557 
558 
564 zone_add_rr(zone_type* zone, ldns_rr* rr, int do_stats)
565 {
566  domain_type* domain = NULL;
567  rrset_type* rrset = NULL;
568  rr_type* record = NULL;
569  ods_status status = ODS_STATUS_OK;
570 
571  ods_log_assert(rr);
572  ods_log_assert(zone);
573  ods_log_assert(zone->name);
574  ods_log_assert(zone->db);
575  ods_log_assert(zone->signconf);
576  /* If we already have this RR, return ODS_STATUS_UNCHANGED */
577  domain = namedb_lookup_domain(zone->db, ldns_rr_owner(rr));
578  if (!domain) {
579  domain = namedb_add_domain(zone->db, ldns_rr_owner(rr));
580  if (!domain) {
581  ods_log_error("[%s] unable to add RR to zone %s: "
582  "failed to add domain", zone_str, zone->name);
583  return ODS_STATUS_ERR;
584  }
585  if (ldns_dname_compare(domain->dname, zone->apex) == 0) {
586  domain->is_apex = 1;
587  } else {
588  status = namedb_domain_entize(zone->db, domain, zone->apex);
589  if (status != ODS_STATUS_OK) {
590  ods_log_error("[%s] unable to add RR to zone %s: "
591  "failed to entize domain", zone_str, zone->name);
592  return ODS_STATUS_ERR;
593  }
594  }
595  }
596  rrset = domain_lookup_rrset(domain, ldns_rr_get_type(rr));
597  if (!rrset) {
598  rrset = rrset_create(domain->zone, ldns_rr_get_type(rr));
599  if (!rrset) {
600  ods_log_error("[%s] unable to add RR to zone %s: "
601  "failed to add RRset", zone_str, zone->name);
602  return ODS_STATUS_ERR;
603  }
604  domain_add_rrset(domain, rrset);
605  }
606  record = rrset_lookup_rr(rrset, rr);
607  if (record) {
608  record->is_added = 1; /* already exists, just mark added */
609  record->is_removed = 0; /* unset is_removed */
610  if (ldns_rr_ttl(rr) != ldns_rr_ttl(record->rr)) {
611  ldns_rr_set_ttl(record->rr, ldns_rr_ttl(rr));
612  rrset->needs_signing = 1;
613  }
614  return ODS_STATUS_UNCHANGED;
615  } else {
616  record = rrset_add_rr(rrset, rr);
617  ods_log_assert(record);
618  ods_log_assert(record->rr);
619  ods_log_assert(record->is_added);
620  }
621  /* update stats */
622  if (do_stats && zone->stats) {
623  zone->stats->sort_count += 1;
624  }
625  return ODS_STATUS_OK;
626 }
627 
628 
634 zone_del_rr(zone_type* zone, ldns_rr* rr, int do_stats)
635 {
636  domain_type* domain = NULL;
637  rrset_type* rrset = NULL;
638  rr_type* record = NULL;
639  ods_log_assert(rr);
640  ods_log_assert(zone);
641  ods_log_assert(zone->name);
642  ods_log_assert(zone->db);
643  ods_log_assert(zone->signconf);
644  domain = namedb_lookup_domain(zone->db, ldns_rr_owner(rr));
645  if (!domain) {
646  ods_log_warning("[%s] unable to delete RR from zone %s: "
647  "domain not found", zone_str, zone->name);
648  return ODS_STATUS_UNCHANGED;
649  }
650  rrset = domain_lookup_rrset(domain, ldns_rr_get_type(rr));
651  if (!rrset) {
652  ods_log_warning("[%s] unable to delete RR from zone %s: "
653  "RRset not found", zone_str, zone->name);
654  return ODS_STATUS_UNCHANGED;
655  }
656  record = rrset_lookup_rr(rrset, rr);
657  if (!record) {
658  ods_log_error("[%s] unable to delete RR from zone %s: "
659  "RR not found", zone_str, zone->name);
660  return ODS_STATUS_UNCHANGED;
661  }
662 
663  record->is_removed = 1;
664  record->is_added = 0; /* unset is_added */
665  /* update stats */
666  if (do_stats && zone->stats) {
667  zone->stats->sort_count -= 1;
668  }
669  return ODS_STATUS_OK;
670 }
671 
672 
677 void
679 {
680  const char* str;
681  adapter_type* adtmp = NULL;
682 
683  if (!z1 || !z2) {
684  return;
685  }
686  /* policy name */
687  if (ods_strcmp(z2->policy_name, z1->policy_name) != 0) {
688  if (z2->policy_name) {
689  str = strdup(z2->policy_name);
690  if (!str) {
691  ods_log_error("[%s] failed to merge policy %s name to zone "
692  "%s", zone_str, z2->policy_name, z1->name);
693  } else {
694  free((void*)z1->policy_name);
695  z1->policy_name = str;
697  }
698  } else {
699  free((void*)z1->policy_name);
700  z1->policy_name = NULL;
702  }
703  }
704  /* signconf filename */
705  if (ods_strcmp(z2->signconf_filename, z1->signconf_filename) != 0) {
706  if (z2->signconf_filename) {
707  str = strdup(z2->signconf_filename);
708  if (!str) {
709  ods_log_error("[%s] failed to merge signconf filename %s to "
710  "zone %s", zone_str, z2->policy_name, z1->name);
711  } else {
712  free((void*)z1->signconf_filename);
713  z1->signconf_filename = str;
715  }
716  } else {
717  free((void*)z1->signconf_filename);
718  z1->signconf_filename = NULL;
720  }
721  }
722  /* adapters */
723  if (adapter_compare(z2->adinbound, z1->adinbound) != 0) {
724  adtmp = z2->adinbound;
725  z2->adinbound = z1->adinbound;
726  z1->adinbound = adtmp;
727  adtmp = NULL;
728  }
729  if (adapter_compare(z2->adoutbound, z1->adoutbound) != 0) {
730  adtmp = z2->adoutbound;
731  z2->adoutbound = z1->adoutbound;
732  z1->adoutbound = adtmp;
733  adtmp = NULL;
734  }
735  return;
736 }
737 
738 
743 void
745 {
746  allocator_type* allocator;
747  lock_basic_type zone_lock;
748  lock_basic_type xfr_lock;
749  if (!zone) {
750  return;
751  }
752  allocator = zone->allocator;
753  zone_lock = zone->zone_lock;
754  xfr_lock = zone->xfr_lock;
755  ldns_rdf_deep_free(zone->apex);
756  adapter_cleanup(zone->adinbound);
758  namedb_cleanup(zone->db);
759  ixfr_cleanup(zone->ixfr);
760  xfrd_cleanup(zone->xfrd, 1);
761  notify_cleanup(zone->notify);
762  signconf_cleanup(zone->signconf);
763  stats_cleanup(zone->stats);
764  allocator_deallocate(allocator, (void*) zone->notify_command);
765  allocator_deallocate(allocator, (void*) zone->notify_args);
766  allocator_deallocate(allocator, (void*) zone->policy_name);
767  allocator_deallocate(allocator, (void*) zone->signconf_filename);
768  allocator_deallocate(allocator, (void*) zone->name);
769  allocator_deallocate(allocator, (void*) zone);
770  allocator_cleanup(allocator);
771  lock_basic_destroy(&xfr_lock);
772  lock_basic_destroy(&zone_lock);
773  return;
774 }
775 
776 
783 {
784  char* filename = NULL;
785  FILE* fd = NULL;
786  const char* token = NULL;
787  time_t when = 0;
788  task_type* task = NULL;
789  ods_status status = ODS_STATUS_OK;
790  /* zone part */
791  int klass = 0;
792  uint32_t inbound = 0, internal = 0, outbound = 0;
793  /* signconf part */
794  time_t lastmod = 0;
795  /* nsec3params part */
796  const char* salt = NULL;
797 
798  ods_log_assert(zone);
799  ods_log_assert(zone->name);
800  ods_log_assert(zone->signconf);
801  ods_log_assert(zone->db);
802 
803  filename = ods_build_path(zone->name, ".backup2", 0, 1);
804  if (!filename) {
805  return ODS_STATUS_MALLOC_ERR;
806  }
807  fd = ods_fopen(filename, NULL, "r");
808  if (fd) {
809  /* start recovery */
810  if (!backup_read_check_str(fd, ODS_SE_FILE_MAGIC_V3)) {
811  ods_log_error("[%s] corrupted backup file zone %s: read magic "
812  "error", zone_str, zone->name);
813  goto recover_error2;
814  }
815  if (!backup_read_check_str(fd, ";;Time:") |
816  !backup_read_time_t(fd, &when)) {
817  ods_log_error("[%s] corrupted backup file zone %s: read time "
818  "error", zone_str, zone->name);
819  goto recover_error2;
820  }
821  /* zone stuff */
822  if (!backup_read_check_str(fd, ";;Zone:") |
823  !backup_read_check_str(fd, "name") |
824  !backup_read_check_str(fd, zone->name)) {
825  ods_log_error("[%s] corrupted backup file zone %s: read name "
826  "error", zone_str, zone->name);
827  goto recover_error2;
828  }
829  if (!backup_read_check_str(fd, "class") |
830  !backup_read_int(fd, &klass)) {
831  ods_log_error("[%s] corrupted backup file zone %s: read class "
832  "error", zone_str, zone->name);
833  goto recover_error2;
834  }
835  if (!backup_read_check_str(fd, "inbound") |
836  !backup_read_uint32_t(fd, &inbound) |
837  !backup_read_check_str(fd, "internal") |
838  !backup_read_uint32_t(fd, &internal) |
839  !backup_read_check_str(fd, "outbound") |
840  !backup_read_uint32_t(fd, &outbound)) {
841  ods_log_error("[%s] corrupted backup file zone %s: read serial "
842  "error", zone_str, zone->name);
843  goto recover_error2;
844  }
845  zone->klass = (ldns_rr_class) klass;
846  zone->db->inbserial = inbound;
847  zone->db->intserial = internal;
848  zone->db->outserial = outbound;
849  /* signconf part */
850  if (!backup_read_check_str(fd, ";;Signconf:") |
851  !backup_read_check_str(fd, "lastmod") |
852  !backup_read_time_t(fd, &lastmod) |
853  !backup_read_check_str(fd, "maxzonettl") |
854  !backup_read_check_str(fd, "0") |
855  !backup_read_check_str(fd, "resign") |
857  !backup_read_check_str(fd, "refresh") |
859  !backup_read_check_str(fd, "valid") |
861  !backup_read_check_str(fd, "denial") |
863  !backup_read_check_str(fd, "jitter") |
865  !backup_read_check_str(fd, "offset") |
867  !backup_read_check_str(fd, "nsec") |
868  !backup_read_rr_type(fd, &zone->signconf->nsec_type) |
869  !backup_read_check_str(fd, "dnskeyttl") |
871  !backup_read_check_str(fd, "soattl") |
872  !backup_read_duration(fd, &zone->signconf->soa_ttl) |
873  !backup_read_check_str(fd, "soamin") |
874  !backup_read_duration(fd, &zone->signconf->soa_min) |
875  !backup_read_check_str(fd, "serial") |
876  !backup_read_str(fd, &zone->signconf->soa_serial)) {
877  ods_log_error("[%s] corrupted backup file zone %s: read signconf "
878  "error", zone_str, zone->name);
879  goto recover_error2;
880  }
881  /* nsec3params part */
882  if (zone->signconf->nsec_type == LDNS_RR_TYPE_NSEC3) {
883  if (!backup_read_check_str(fd, ";;Nsec3parameters:") |
884  !backup_read_check_str(fd, "salt") |
885  !backup_read_str(fd, &salt) |
886  !backup_read_check_str(fd, "algorithm") |
888  !backup_read_check_str(fd, "optout") |
889  !backup_read_int(fd, &zone->signconf->nsec3_optout) |
890  !backup_read_check_str(fd, "iterations") |
892  ods_log_error("[%s] corrupted backup file zone %s: read "
893  "nsec3parameters error", zone_str, zone->name);
894  goto recover_error2;
895  }
897  zone->signconf->allocator, salt);
898  free((void*) salt);
899  salt = NULL;
901  (void*) zone->signconf,
902  (uint8_t) zone->signconf->nsec3_algo,
903  (uint8_t) zone->signconf->nsec3_optout,
904  (uint16_t) zone->signconf->nsec3_iterations,
905  zone->signconf->nsec3_salt);
906  if (!zone->signconf->nsec3params) {
907  ods_log_error("[%s] corrupted backup file zone %s: unable to "
908  "create nsec3param", zone_str, zone->name);
909  goto recover_error2;
910  }
911  }
912  zone->signconf->last_modified = lastmod;
913  zone->default_ttl = (uint32_t) duration2time(zone->signconf->soa_min);
914  /* keys part */
915  zone->signconf->keys = keylist_create((void*) zone->signconf);
916  while (backup_read_str(fd, &token)) {
917  if (ods_strcmp(token, ";;Key:") == 0) {
918  if (!key_recover2(fd, zone->signconf->keys)) {
919  ods_log_error("[%s] corrupted backup file zone %s: read "
920  "key error", zone_str, zone->name);
921  goto recover_error2;
922  }
923  } else if (ods_strcmp(token, ";;") == 0) {
924  /* keylist done */
925  free((void*) token);
926  token = NULL;
927  break;
928  } else {
929  /* keylist corrupted */
930  goto recover_error2;
931  }
932  free((void*) token);
933  token = NULL;
934  }
935  /* publish dnskeys */
936  status = zone_publish_dnskeys(zone);
937  if (status != ODS_STATUS_OK) {
938  ods_log_error("[%s] corrupted backup file zone %s: unable to "
939  "publish dnskeys (%s)", zone_str, zone->name,
940  ods_status2str(status));
941  goto recover_error2;
942  }
943  /* publish nsec3param */
944  status = zone_publish_nsec3param(zone);
945  if (status != ODS_STATUS_OK) {
946  ods_log_error("[%s] corrupted backup file zone %s: unable to "
947  "publish nsec3param (%s)", zone_str, zone->name,
948  ods_status2str(status));
949  goto recover_error2;
950  }
951  /* publish other records */
952  status = backup_read_namedb(fd, zone);
953  if (status != ODS_STATUS_OK) {
954  ods_log_error("[%s] corrupted backup file zone %s: unable to "
955  "read resource records (%s)", zone_str, zone->name,
956  ods_status2str(status));
957  goto recover_error2;
958  }
959  /* task */
960  task = task_create(TASK_SIGN, when, (void*) zone);
961  if (!task) {
962  ods_log_error("[%s] failed to restore zone %s: unable to "
963  "create task", zone_str, zone->name);
964  goto recover_error2;
965  }
966  zone->task = (void*) task;
967  free((void*)filename);
968  ods_fclose(fd);
969  zone->db->is_initialized = 1;
970  zone->db->have_serial = 1;
971  /* journal */
972  filename = ods_build_path(zone->name, ".ixfr", 0, 1);
973  if (filename) {
974  fd = ods_fopen(filename, NULL, "r");
975  }
976  if (fd) {
977  status = backup_read_ixfr(fd, zone);
978  if (status != ODS_STATUS_OK) {
979  ods_log_warning("[%s] corrupted journal file zone %s, "
980  "skipping (%s)", zone_str, zone->name,
981  ods_status2str(status));
982  (void)unlink(filename);
983  ixfr_cleanup(zone->ixfr);
984  zone->ixfr = ixfr_create((void*)zone);
985  }
986  }
987  lock_basic_lock(&zone->ixfr->ixfr_lock);
988  ixfr_purge(zone->ixfr);
990 
991  /* all ok */
992  free((void*)filename);
993  if (fd) {
994  ods_fclose(fd);
995  }
996  if (zone->stats) {
998  stats_clear(zone->stats);
1000  }
1001  return ODS_STATUS_OK;
1002  }
1003  return ODS_STATUS_UNCHANGED;
1004 
1005 recover_error2:
1006  free((void*)filename);
1007  ods_fclose(fd);
1008  /* signconf cleanup */
1009  free((void*)salt);
1010  salt = NULL;
1011  signconf_cleanup(zone->signconf);
1012  zone->signconf = signconf_create();
1013  ods_log_assert(zone->signconf);
1014  /* namedb cleanup */
1015  namedb_cleanup(zone->db);
1016  zone->db = namedb_create((void*)zone);
1017  ods_log_assert(zone->db);
1018  /* stats reset */
1019  if (zone->stats) {
1020  lock_basic_lock(&zone->stats->stats_lock);
1021  stats_clear(zone->stats);
1023  }
1024  return ODS_STATUS_ERR;
1025 }
1026 
1027 
1032 ods_status
1034 {
1035  char* filename = NULL;
1036  char* tmpfile = NULL;
1037  FILE* fd = NULL;
1038  task_type* task = NULL;
1039  int ret = 0;
1040  ods_status status = ODS_STATUS_OK;
1041 
1042  ods_log_assert(zone);
1043  ods_log_assert(zone->name);
1044  ods_log_assert(zone->db);
1045  ods_log_assert(zone->signconf);
1046  ods_log_assert(zone->task);
1047 
1048  tmpfile = ods_build_path(zone->name, ".backup2.tmp", 0, 1);
1049  filename = ods_build_path(zone->name, ".backup2", 0, 1);
1050  if (!tmpfile || !filename) {
1051  free(tmpfile);
1052  free(filename);
1053  return ODS_STATUS_MALLOC_ERR;
1054  }
1055  fd = ods_fopen(tmpfile, NULL, "w");
1056  if (fd) {
1057  fprintf(fd, "%s\n", ODS_SE_FILE_MAGIC_V3);
1058  task = (task_type*) zone->task;
1059  fprintf(fd, ";;Time: %u\n", (unsigned) task->when);
1061  fprintf(fd, ";;Zone: name %s class %i inbound %u internal %u "
1062  "outbound %u\n", zone->name, (int) zone->klass,
1063  (unsigned) zone->db->inbserial,
1064  (unsigned) zone->db->intserial,
1065  (unsigned) zone->db->outserial);
1067  signconf_backup(fd, zone->signconf, ODS_SE_FILE_MAGIC_V3);
1069  if (zone->signconf->nsec3params) {
1070  nsec3params_backup(fd,
1071  zone->signconf->nsec3_algo,
1072  zone->signconf->nsec3_optout,
1073  zone->signconf->nsec3_iterations,
1074  zone->signconf->nsec3_salt,
1075  zone->signconf->nsec3params->rr,
1076  ODS_SE_FILE_MAGIC_V3);
1077  }
1079  keylist_backup(fd, zone->signconf->keys, ODS_SE_FILE_MAGIC_V3);
1080  fprintf(fd, ";;\n");
1082  namedb_backup2(fd, zone->db);
1084  fprintf(fd, "%s\n", ODS_SE_FILE_MAGIC_V3);
1085  ods_fclose(fd);
1086  ret = rename(tmpfile, filename);
1087  if (ret != 0) {
1088  ods_log_error("[%s] unable to rename zone %s backup %s to %s: %s",
1089  zone_str, zone->name, tmpfile, filename, strerror(errno));
1090  status = ODS_STATUS_RENAME_ERR;
1091  }
1092  } else {
1093  status = ODS_STATUS_FOPEN_ERR;
1094  }
1095 
1096  free((void*) tmpfile);
1097  free((void*) filename);
1098  return status;
1099 }
void ods_log_alert(const char *format,...)
Definition: log.c:366
signconf_type * signconf_create(void)
Definition: signconf.c:47
void ixfr_cleanup(ixfr_type *ixfr)
Definition: ixfr.c:309
rr_type * rrset_lookup_rr(rrset_type *rrset, ldns_rr *rr)
Definition: rrset.c:219
uint32_t default_ttl
Definition: zone.h:70
int backup_read_str(FILE *in, const char **str)
Definition: backup.c:97
uint32_t nsec3_iterations
Definition: signconf.h:66
uint32_t intserial
Definition: namedb.h:52
void zone_cleanup(zone_type *zone)
Definition: zone.c:744
duration_type * sig_inception_offset
Definition: signconf.h:60
int publish
Definition: keys.h:61
void signconf_backup(FILE *fd, signconf_type *sc, const char *version)
Definition: signconf.c:222
int adapter_compare(adapter_type *a1, adapter_type *a2)
Definition: adapter.c:231
void domain_add_rrset(domain_type *domain, rrset_type *rrset)
Definition: domain.c:189
rrset_type * domain_lookup_rrset(domain_type *domain, ldns_rr_type rrtype)
Definition: domain.c:170
void ods_log_debug(const char *format,...)
Definition: log.c:270
time_t when
Definition: task.h:59
duration_type * soa_min
Definition: signconf.h:74
uint32_t time_datestamp(time_t tt, const char *format, char **str)
Definition: duration.c:531
int backup_read_duration(FILE *in, duration_type **v)
Definition: backup.c:131
void zone_merge(zone_type *z1, zone_type *z2)
Definition: zone.c:678
stats_type * stats_create(void)
Definition: stats.c:40
ldns_rr * dnskey
Definition: keys.h:55
#define lock_basic_destroy(lock)
Definition: locks.h:93
const char * nsec3_salt
Definition: signconf.h:67
const char * soa_serial
Definition: signconf.h:75
task_id interrupt
Definition: task.h:57
keylist_type * keys
Definition: signconf.h:71
duration_type * soa_ttl
Definition: signconf.h:73
void * allocator_alloc(allocator_type *allocator, size_t size)
Definition: allocator.c:66
duration_type * sig_validity_default
Definition: signconf.h:57
char * notify_command
Definition: zone.h:72
uint16_t iterations
Definition: nsec3params.h:57
void signconf_cleanup(signconf_type *sc)
Definition: signconf.c:564
void namedb_cleanup(namedb_type *db)
Definition: namedb.c:1154
rrset_type * rrset_create(void *zoneptr, ldns_rr_type type)
Definition: rrset.c:187
int backup_read_rr_type(FILE *in, ldns_rr_type *v)
Definition: backup.c:148
unsigned have_serial
Definition: namedb.h:59
duration_type * sig_validity_denial
Definition: signconf.h:58
duration_type * nsec3param_ttl
Definition: signconf.h:62
ods_status zone_recover2(zone_type *zone)
Definition: zone.c:782
ods_status schedule_task(schedule_type *schedule, task_type *task, int log)
Definition: schedule.c:146
int backup_read_time_t(FILE *in, time_t *v)
Definition: backup.c:114
enum ods_enum_status ods_status
Definition: status.h:90
lock_basic_type zone_lock
Definition: zone.h:95
rr_type * rrset_add_rr(rrset_type *rrset, ldns_rr *rr)
Definition: rrset.c:269
void ods_log_error(const char *format,...)
Definition: log.c:334
uint32_t outserial
Definition: namedb.h:53
lock_basic_type stats_lock
Definition: stats.h:67
int32_t sort_count
Definition: stats.h:55
const char * ods_status2str(ods_status status)
Definition: status.c:111
#define SE_SOA_RDATA_SERIAL
Definition: util.h:47
ods_status namedb_update_serial(namedb_type *db, const char *zone_name, const char *format, uint32_t inbound_serial)
Definition: namedb.c:198
zone_zl_status zl_status
Definition: zone.h:79
Definition: task.h:45
int ods_strcmp(const char *s1, const char *s2)
Definition: file.c:320
int backup_read_int(FILE *in, int *v)
Definition: backup.c:165
zone_type * zone_create(char *name, ldns_rr_class klass)
Definition: zone.c:54
ods_status backup_read_ixfr(FILE *in, void *zone)
Definition: backup.c:520
ldns_rr_type nsec_type
Definition: signconf.h:63
void namedb_backup2(FILE *fd, namedb_type *db)
Definition: namedb.c:1176
void notify_cleanup(notify_type *notify)
Definition: notify.c:590
void nsec3params_backup(FILE *fd, uint8_t algo, uint8_t flags, uint16_t iter, const char *salt, ldns_rr *rr, const char *version)
Definition: nsec3params.c:143
enum task_id_enum task_id
Definition: task.h:48
adapter_type * adoutbound
Definition: zone.h:82
FILE * ods_fopen(const char *file, const char *dir, const char *mode)
Definition: file.c:190
nsec3params_type * nsec3params_create(void *sc, uint8_t algo, uint8_t flags, uint16_t iter, const char *salt)
Definition: nsec3params.c:103
unsigned exists
Definition: rrset.h:62
ods_status backup_read_namedb(FILE *in, void *zone)
Definition: backup.c:328
ods_status zone_publish_nsec3param(zone_type *zone)
Definition: zone.c:335
duration_type * sig_refresh_interval
Definition: signconf.h:56
#define lock_basic_lock(lock)
Definition: locks.h:94
uint8_t * salt_data
Definition: nsec3params.h:59
namedb_type * db
Definition: zone.h:86
unsigned is_removed
Definition: rrset.h:64
ixfr_type * ixfr
Definition: zone.h:87
uint32_t inbserial
Definition: namedb.h:51
allocator_type * allocator_create(void *(*allocator)(size_t size), void(*deallocator)(void *))
Definition: allocator.c:47
time_t halted_when
Definition: task.h:60
unsigned needs_signing
Definition: rrset.h:81
ods_status lhsm_get_key(hsm_ctx_t *ctx, ldns_rdf *owner, key_type *key_id)
Definition: hsm.c:134
unsigned serial_updated
Definition: namedb.h:57
unsigned is_initialized
Definition: namedb.h:55
key_type * keys
Definition: keys.h:74
int lock_basic_type
Definition: locks.h:91
ods_status namedb_domain_entize(namedb_type *db, domain_type *domain, ldns_rdf *apex)
Definition: namedb.c:286
signconf_type * signconf
Definition: zone.h:84
ods_status zone_backup2(zone_type *zone)
Definition: zone.c:1033
ods_status zone_update_serial(zone_type *zone)
Definition: zone.c:469
adapter_type * adinbound
Definition: zone.h:81
task_id halted
Definition: task.h:58
char * allocator_strdup(allocator_type *allocator, const char *string)
Definition: allocator.c:121
ods_status zone_add_rr(zone_type *zone, ldns_rr *rr, int do_stats)
Definition: zone.c:564
void xfrd_cleanup(xfrd_type *xfrd, int backup)
Definition: xfrd.c:2159
domain_type * namedb_lookup_domain(namedb_type *db, ldns_rdf *dname)
Definition: namedb.c:343
unsigned is_apex
Definition: domain.h:62
char ** notify_args
Definition: zone.h:74
void stats_cleanup(stats_type *stats)
Definition: stats.c:107
task_type * unschedule_task(schedule_type *schedule, task_type *task)
Definition: schedule.c:191
const char * signconf_filename
Definition: zone.h:78
void zone_rollback_dnskeys(zone_type *zone)
Definition: zone.c:305
ods_status zone_publish_dnskeys(zone_type *zone)
Definition: zone.c:231
allocator_type * allocator
Definition: zone.h:67
ods_status zone_reschedule_task(zone_type *zone, schedule_type *taskq, task_id what)
Definition: zone.c:187
namedb_type * namedb_create(void *zone)
Definition: namedb.c:124
char * ods_build_path(const char *file, const char *suffix, int dir, int no_slash)
Definition: file.c:125
const char * notify_ns
Definition: zone.h:73
time_t duration2time(duration_type *duration)
Definition: duration.c:371
ods_status zone_del_rr(zone_type *zone, ldns_rr *rr, int do_stats)
Definition: zone.c:634
void zone_rollback_nsec3param(zone_type *zone)
Definition: zone.c:403
ldns_rr * rr
Definition: rrset.h:60
void ods_log_verbose(const char *format,...)
Definition: log.c:286
keylist_type * keylist_create(void *sc)
Definition: keys.c:47
time_t last_modified
Definition: signconf.h:78
lock_basic_type ixfr_lock
Definition: ixfr.h:62
ldns_rr_class klass
Definition: zone.h:69
rrset_type * zone_lookup_rrset(zone_type *zone, ldns_rdf *owner, ldns_rr_type type)
Definition: zone.c:545
uint32_t nsec3_algo
Definition: signconf.h:65
nsec3params_type * nsec3params
Definition: signconf.h:68
task_id what
Definition: task.h:56
#define lock_basic_init(lock)
Definition: locks.h:92
size_t count
Definition: keys.h:75
void ods_fclose(FILE *fd)
Definition: file.c:250
allocator_type * allocator
Definition: signconf.h:53
domain_type * namedb_add_domain(namedb_type *db, ldns_rdf *dname)
Definition: namedb.c:357
void allocator_cleanup(allocator_type *allocator)
Definition: allocator.c:151
duration_type * dnskey_ttl
Definition: signconf.h:70
const char * name
Definition: zone.h:76
ods_status zone_prepare_keys(zone_type *zone)
Definition: zone.c:428
int backup_read_check_str(FILE *in, const char *str)
Definition: backup.c:77
duration_type * sig_jitter
Definition: signconf.h:59
hsm_sign_params_t * params
Definition: keys.h:57
duration_type * sig_resign_interval
Definition: signconf.h:55
void ixfr_purge(ixfr_type *ixfr)
Definition: ixfr.c:275
void allocator_deallocate(allocator_type *allocator, void *data)
Definition: allocator.c:135
lock_basic_type schedule_lock
Definition: schedule.h:63
void rrset_diff(rrset_type *rrset, unsigned is_ixfr, unsigned more_coming)
Definition: rrset.c:344
notify_type * notify
Definition: zone.h:90
void * task
Definition: zone.h:92
const char * policy_name
Definition: zone.h:77
#define ods_log_assert(x)
Definition: log.h:154
ods_status zone_load_signconf(zone_type *zone, signconf_type **new_signconf)
Definition: zone.c:136
void adapter_cleanup(adapter_type *adapter)
Definition: adapter.c:253
xfrd_type * xfrd
Definition: zone.h:89
ixfr_type * ixfr_create(void *zone)
Definition: ixfr.c:100
unsigned is_added
Definition: rrset.h:63
#define lock_basic_unlock(lock)
Definition: locks.h:95
void ods_log_warning(const char *format,...)
Definition: log.c:318
key_type * key_recover2(FILE *fd, keylist_type *kl)
Definition: keys.c:310
void keylist_backup(FILE *fd, keylist_type *kl, const char *version)
Definition: keys.c:353
ldns_rdf * apex
Definition: zone.h:68
task_type * task_create(task_id what, time_t when, void *zone)
Definition: task.c:48
time_t time_now(void)
Definition: duration.c:513
hsm_key_t * hsmkey
Definition: keys.h:56
ods_status signconf_update(signconf_type **signconf, const char *scfile, time_t last_modified)
Definition: signconf.c:161
ldns_rdf * dname
Definition: domain.h:58
stats_type * stats
Definition: zone.h:94
int backup_read_uint32_t(FILE *in, uint32_t *v)
Definition: backup.c:233
void * zone
Definition: domain.h:55
rr_type * rrs
Definition: rrset.h:77
void stats_clear(stats_type *stats)
Definition: stats.c:54
int nsec3_optout
Definition: signconf.h:64
lock_basic_type xfr_lock
Definition: zone.h:96