OpenDNSSEC-signer  1.4.3
zone.c
Go to the documentation of this file.
1 /*
2  * $Id: zone.c 7359 2013-10-11 11:55:08Z matthijs $
3  *
4  * Copyright (c) 2009 NLNet Labs. All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  * notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  * notice, this list of conditions and the following disclaimer in the
13  * documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
17  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
19  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
21  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
22  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
23  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
24  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
25  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26  *
27  */
28 
34 #include "adapter/adapter.h"
35 #include "shared/allocator.h"
36 #include "shared/file.h"
37 #include "shared/hsm.h"
38 #include "shared/locks.h"
39 #include "shared/log.h"
40 #include "shared/status.h"
41 #include "shared/util.h"
42 #include "signer/backup.h"
43 #include "signer/zone.h"
44 #include "wire/netio.h"
45 
46 #include <ldns/ldns.h>
47 
48 static const char* zone_str = "zone";
49 
50 
55 zone_type*
56 zone_create(char* name, ldns_rr_class klass)
57 {
58  allocator_type* allocator = NULL;
59  zone_type* zone = NULL;
60 
61  if (!name || !klass) {
62  return NULL;
63  }
64  allocator = allocator_create(malloc, free);
65  if (!allocator) {
66  ods_log_error("[%s] unable to create zone %s: allocator_create() "
67  "failed", zone_str, name);
68  return NULL;
69  }
70  zone = (zone_type*) allocator_alloc(allocator, sizeof(zone_type));
71  if (!zone) {
72  ods_log_error("[%s] unable to create zone %s: allocator_alloc()",
73  "failed", zone_str, name);
74  allocator_cleanup(allocator);
75  return NULL;
76  }
77  zone->allocator = allocator;
78  /* [start] PS 9218653: Drop trailing dot in domain name */
79  if (strlen(name) > 1 && name[strlen(name)-1] == '.') {
80  name[strlen(name)-1] = '\0';
81  }
82  /* [end] PS 9218653 */
83  zone->name = allocator_strdup(allocator, name);
84  if (!zone->name) {
85  ods_log_error("[%s] unable to create zone %s: allocator_strdup() "
86  "failed", zone_str, name);
87  zone_cleanup(zone);
88  return NULL;
89  }
90  zone->klass = klass;
91  zone->default_ttl = 3600; /* TODO: configure --default-ttl option? */
92  zone->apex = ldns_dname_new_frm_str(name);
93  /* check zone->apex? */
94  zone->notify_command = NULL;
95  zone->notify_ns = NULL;
96  zone->notify_args = NULL;
97  zone->policy_name = NULL;
98  zone->signconf_filename = NULL;
99  zone->adinbound = NULL;
100  zone->adoutbound = NULL;
101  zone->zl_status = ZONE_ZL_OK;
102  zone->task = NULL;
103  zone->xfrd = NULL;
104  zone->notify = NULL;
105  zone->db = namedb_create((void*)zone);
106  if (!zone->db) {
107  ods_log_error("[%s] unable to create zone %s: namedb_create() "
108  "failed", zone_str, name);
109  zone_cleanup(zone);
110  return NULL;
111  }
112  zone->ixfr = ixfr_create((void*)zone);
113  if (!zone->ixfr) {
114  ods_log_error("[%s] unable to create zone %s: ixfr_create() "
115  "failed", zone_str, name);
116  zone_cleanup(zone);
117  return NULL;
118  }
119  zone->signconf = signconf_create();
120  if (!zone->signconf) {
121  ods_log_error("[%s] unable to create zone %s: signconf_create() "
122  "failed", zone_str, name);
123  zone_cleanup(zone);
124  return NULL;
125  }
126  zone->stats = stats_create();
127  lock_basic_init(&zone->zone_lock);
128  lock_basic_init(&zone->xfr_lock);
129  return zone;
130 }
131 
132 
139 {
140  ods_status status = ODS_STATUS_OK;
141  signconf_type* signconf = NULL;
142  char* datestamp = NULL;
143 
144  if (!zone || !zone->name || !zone->signconf) {
145  return ODS_STATUS_ASSERT_ERR;
146  }
147  if (!zone->signconf_filename) {
148  ods_log_warning("[%s] zone %s has no signconf filename, treat as "
149  "insecure?", zone_str, zone->name);
150  return ODS_STATUS_INSECURE;
151  }
152  status = signconf_update(&signconf, zone->signconf_filename,
153  zone->signconf->last_modified);
154  if (status == ODS_STATUS_OK) {
155  if (!signconf) {
156  /* this is unexpected */
157  ods_log_alert("[%s] unable to load signconf for zone %s: signconf "
158  "status ok but no signconf stored", zone_str, zone->name);
159  return ODS_STATUS_ASSERT_ERR;
160  }
161  (void)time_datestamp(signconf->last_modified, "%Y-%m-%d %T",
162  &datestamp);
163  ods_log_debug("[%s] zone %s signconf file %s is modified since %s",
164  zone_str, zone->name, zone->signconf_filename,
165  datestamp?datestamp:"Unknown");
166  free((void*)datestamp);
167  *new_signconf = signconf;
168  } else if (status == ODS_STATUS_UNCHANGED) {
170  "%Y-%m-%d %T", &datestamp);
171  ods_log_verbose("[%s] zone %s signconf file %s is unchanged since "
172  "%s", zone_str, zone->name, zone->signconf_filename,
173  datestamp?datestamp:"Unknown");
174  free((void*)datestamp);
175  } else {
176  ods_log_error("[%s] unable to load signconf for zone %s: signconf %s "
177  "%s", zone_str, zone->name, zone->signconf_filename,
178  ods_status2str(status));
179  }
180  return status;
181 }
182 
183 
190 {
191  task_type* task = NULL;
192  ods_status status = ODS_STATUS_OK;
193 
194  ods_log_assert(taskq);
195  ods_log_assert(zone);
196  ods_log_assert(zone->name);
197  ods_log_assert(zone->task);
198  ods_log_debug("[%s] reschedule task for zone %s", zone_str, zone->name);
200  task = unschedule_task(taskq, (task_type*) zone->task);
201  if (task != NULL) {
202  if (task->what != what) {
203  task->halted = task->what;
204  task->halted_when = task->when;
205  task->interrupt = what;
206  }
208  if (task->what > what) {
209  task->what = what;
210  }
211  task->when = time_now();
212  status = schedule_task(taskq, task, 0);
213  } else {
214  /* task not queued, being worked on? */
215  ods_log_verbose("[%s] unable to reschedule task for zone %s now: "
216  "task is not queued (task will be rescheduled when it is put "
217  "back on the queue)", zone_str, zone->name);
218  task = (task_type*) zone->task;
219  task->interrupt = what;
220  /* task->halted(_when) set by worker */
221  }
223  zone->task = task;
224  return status;
225 }
226 
227 
234 {
235  hsm_ctx_t* ctx = NULL;
236  uint32_t ttl = 0;
237  uint16_t i = 0;
238  ods_status status = ODS_STATUS_OK;
239  rrset_type* rrset = NULL;
240  rr_type* dnskey = NULL;
241 
242  if (!zone || !zone->db || !zone->signconf || !zone->signconf->keys) {
243  return ODS_STATUS_ASSERT_ERR;
244  }
245  ods_log_assert(zone->name);
246 
247  /* hsm access */
248  ctx = hsm_create_context();
249  if (ctx == NULL) {
250  ods_log_error("[%s] unable to publish keys for zone %s: "
251  "error creating libhsm context", zone_str, zone->name);
252  return ODS_STATUS_HSM_ERR;
253  }
254  /* dnskey ttl */
255  ttl = zone->default_ttl;
256  if (zone->signconf->dnskey_ttl) {
257  ttl = (uint32_t) duration2time(zone->signconf->dnskey_ttl);
258  }
259  /* publish keys */
260  for (i=0; i < zone->signconf->keys->count; i++) {
261  if (!zone->signconf->keys->keys[i].publish) {
262  continue;
263  }
264  if (!zone->signconf->keys->keys[i].dnskey) {
265  /* get dnskey */
266  status = lhsm_get_key(ctx, zone->apex,
267  &zone->signconf->keys->keys[i]);
268  if (status != ODS_STATUS_OK) {
269  ods_log_error("[%s] unable to publish dnskeys for zone %s: "
270  "error creating dnskey", zone_str, zone->name);
271  break;
272  }
273  }
274  ods_log_assert(zone->signconf->keys->keys[i].dnskey);
275  ldns_rr_set_ttl(zone->signconf->keys->keys[i].dnskey, ttl);
276  ldns_rr_set_class(zone->signconf->keys->keys[i].dnskey, zone->klass);
277  status = zone_add_rr(zone, zone->signconf->keys->keys[i].dnskey, 0);
278  if (status == ODS_STATUS_UNCHANGED) {
279  /* rr already exists, adjust pointer */
280  rrset = zone_lookup_rrset(zone, zone->apex, LDNS_RR_TYPE_DNSKEY);
281  ods_log_assert(rrset);
282  dnskey = rrset_lookup_rr(rrset,
283  zone->signconf->keys->keys[i].dnskey);
284  ods_log_assert(dnskey);
285  if (dnskey->rr != zone->signconf->keys->keys[i].dnskey) {
286  ldns_rr_free(zone->signconf->keys->keys[i].dnskey);
287  }
288  zone->signconf->keys->keys[i].dnskey = dnskey->rr;
289  status = ODS_STATUS_OK;
290  } else if (status != ODS_STATUS_OK) {
291  ods_log_error("[%s] unable to publish dnskeys for zone %s: "
292  "error adding dnskey", zone_str, zone->name);
293  break;
294  }
295  }
296  /* done */
297  hsm_destroy_context(ctx);
298  return status;
299 }
300 
301 
306 void
308 {
309  uint16_t i = 0;
310  rrset_type* rrset = NULL;
311  rr_type* dnskey = NULL;
312  if (!zone || !zone->signconf || !zone->signconf->keys) {
313  return;
314  }
315  rrset = zone_lookup_rrset(zone, zone->apex, LDNS_RR_TYPE_DNSKEY);
316  /* unlink dnskey rrs */
317  for (i=0; i < zone->signconf->keys->count; i++) {
318  if (rrset && zone->signconf->keys->keys[i].dnskey) {
319  dnskey = rrset_lookup_rr(rrset,
320  zone->signconf->keys->keys[i].dnskey);
321  if (dnskey && !dnskey->exists &&
322  dnskey->rr == zone->signconf->keys->keys[i].dnskey) {
323  zone->signconf->keys->keys[i].dnskey = NULL;
324  }
325  }
326  }
327  /* done */
328  return;
329 }
330 
331 
338 {
339  rrset_type* rrset = NULL;
340  rr_type* n3prr = NULL;
341  ldns_rr* rr = NULL;
342  ods_status status = ODS_STATUS_OK;
343 
344  if (!zone || !zone->name || !zone->db || !zone->signconf) {
345  return ODS_STATUS_ASSERT_ERR;
346  }
347  if (!zone->signconf->nsec3params) {
348  /* NSEC */
349  ods_log_assert(zone->signconf->nsec_type == LDNS_RR_TYPE_NSEC);
350  return ODS_STATUS_OK;
351  }
352 
353  if (!zone->signconf->nsec3params->rr) {
354  uint32_t paramttl =
355  (uint32_t) duration2time(zone->signconf->nsec3param_ttl);
356  rr = ldns_rr_new_frm_type(LDNS_RR_TYPE_NSEC3PARAMS);
357  if (!rr) {
358  ods_log_error("[%s] unable to publish nsec3params for zone %s: "
359  "error creating rr (%s)", zone_str, zone->name,
360  ods_status2str(status));
361  return ODS_STATUS_MALLOC_ERR;
362  }
363  ldns_rr_set_class(rr, zone->klass);
364  ldns_rr_set_ttl(rr, paramttl);
365  ldns_rr_set_owner(rr, ldns_rdf_clone(zone->apex));
366  ldns_nsec3_add_param_rdfs(rr,
367  zone->signconf->nsec3params->algorithm, 0,
369  zone->signconf->nsec3params->salt_len,
370  zone->signconf->nsec3params->salt_data);
375  ldns_set_bit(ldns_rdf_data(ldns_rr_rdf(rr, 1)), 7, 0);
376  zone->signconf->nsec3params->rr = rr;
377  }
379  status = zone_add_rr(zone, zone->signconf->nsec3params->rr, 0);
380  if (status == ODS_STATUS_UNCHANGED) {
381  /* rr already exists, adjust pointer */
382  rrset = zone_lookup_rrset(zone, zone->apex, LDNS_RR_TYPE_NSEC3PARAMS);
383  ods_log_assert(rrset);
384  n3prr = rrset_lookup_rr(rrset, zone->signconf->nsec3params->rr);
385  ods_log_assert(n3prr);
386  if (n3prr->rr != zone->signconf->nsec3params->rr) {
387  ldns_rr_free(zone->signconf->nsec3params->rr);
388  }
389  zone->signconf->nsec3params->rr = n3prr->rr;
390  status = ODS_STATUS_OK;
391  } else if (status != ODS_STATUS_OK) {
392  ods_log_error("[%s] unable to publish nsec3params for zone %s: "
393  "error adding nsec3params (%s)", zone_str,
394  zone->name, ods_status2str(status));
395  }
396  return status;
397 }
398 
399 
404 void
406 {
407  rrset_type* rrset = NULL;
408  rr_type* n3prr = NULL;
409 
410  if (!zone || !zone->signconf || !zone->signconf->nsec3params) {
411  return;
412  }
413  rrset = zone_lookup_rrset(zone, zone->apex, LDNS_RR_TYPE_NSEC3PARAMS);
414  if (rrset && zone->signconf->nsec3params->rr) {
415  n3prr = rrset_lookup_rr(rrset, zone->signconf->nsec3params->rr);
416  if (n3prr && !n3prr->exists &&
417  n3prr->rr == zone->signconf->nsec3params->rr) {
418  zone->signconf->nsec3params->rr = NULL;
419  }
420  }
421  return;
422 }
423 
424 
431 {
432  hsm_ctx_t* ctx = NULL;
433  uint16_t i = 0;
434  ods_status status = ODS_STATUS_OK;
435 
436  if (!zone || !zone->db || !zone->signconf || !zone->signconf->keys) {
437  return ODS_STATUS_ASSERT_ERR;
438  }
439  ods_log_assert(zone->name);
440  /* hsm access */
441  ctx = hsm_create_context();
442  if (ctx == NULL) {
443  ods_log_error("[%s] unable to prepare signing keys for zone %s: "
444  "error creating libhsm context", zone_str, zone->name);
445  return ODS_STATUS_HSM_ERR;
446  }
447  /* prepare keys */
448  for (i=0; i < zone->signconf->keys->count; i++) {
449  /* get dnskey */
450  status = lhsm_get_key(ctx, zone->apex, &zone->signconf->keys->keys[i]);
451  if (status != ODS_STATUS_OK) {
452  ods_log_error("[%s] unable to prepare signing keys for zone %s: "
453  "error getting dnskey", zone_str, zone->name);
454  break;
455  }
456  ods_log_assert(zone->signconf->keys->keys[i].dnskey);
457  ods_log_assert(zone->signconf->keys->keys[i].hsmkey);
458  ods_log_assert(zone->signconf->keys->keys[i].params);
459  }
460  /* done */
461  hsm_destroy_context(ctx);
462  return status;
463 }
464 
465 
472 {
473  ods_status status = ODS_STATUS_OK;
474  rrset_type* rrset = NULL;
475  rr_type* soa = NULL;
476  ldns_rr* rr = NULL;
477  ldns_rdf* soa_rdata = NULL;
478 
479  ods_log_assert(zone);
480  ods_log_assert(zone->apex);
481  ods_log_assert(zone->name);
482  ods_log_assert(zone->db);
483  ods_log_assert(zone->signconf);
484 
485  if (zone->db->serial_updated) {
486  /* already done, unmark and return ok */
487  ods_log_debug("[%s] zone %s soa serial already up to date",
488  zone_str, zone->name);
489  zone->db->serial_updated = 0;
490  return ODS_STATUS_OK;
491  }
492  rrset = zone_lookup_rrset(zone, zone->apex, LDNS_RR_TYPE_SOA);
493  ods_log_assert(rrset);
494  ods_log_assert(rrset->rrs);
495  ods_log_assert(rrset->rrs[0].rr);
496  rr = ldns_rr_clone(rrset->rrs[0].rr);
497  if (!rr) {
498  ods_log_error("[%s] unable to update zone %s soa serial: failed to "
499  "clone soa rr", zone_str, zone->name);
500  return ODS_STATUS_ERR;
501  }
502  status = namedb_update_serial(zone->db, zone->name,
503  zone->signconf->soa_serial, zone->db->inbserial);
504  if (status != ODS_STATUS_OK) {
505  ods_log_error("[%s] unable to update zone %s soa serial: %s",
506  zone_str, zone->name, ods_status2str(status));
507  if (status == ODS_STATUS_CONFLICT_ERR) {
508  ods_log_error("[%s] If this is the result of a key rollover, "
509  "please increment the serial in the unsigned zone %s",
510  zone_str, zone->name);
511  }
512  ldns_rr_free(rr);
513  return status;
514  }
515  ods_log_verbose("[%s] zone %s set soa serial to %u", zone_str,
516  zone->name, zone->db->intserial);
517  soa_rdata = ldns_rr_set_rdf(rr,
518  ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32,
519  zone->db->intserial), SE_SOA_RDATA_SERIAL);
520  if (soa_rdata) {
521  ldns_rdf_deep_free(soa_rdata);
522  soa_rdata = NULL;
523  } else {
524  ods_log_error("[%s] unable to update zone %s soa serial: failed to "
525  "replace soa serial rdata", zone_str, zone->name);
526  ldns_rr_free(rr);
527  return ODS_STATUS_ERR;
528  }
529  soa = rrset_add_rr(rrset, rr);
530  ods_log_assert(soa);
531  rrset_diff(rrset, 0, 0);
532  zone->db->serial_updated = 0;
533  return ODS_STATUS_OK;
534 }
535 
536 
541 rrset_type*
542 zone_lookup_rrset(zone_type* zone, ldns_rdf* owner, ldns_rr_type type)
543 {
544  domain_type* domain = NULL;
545  if (!zone || !owner || !type) {
546  return NULL;
547  }
548  domain = namedb_lookup_domain(zone->db, owner);
549  if (!domain) {
550  return NULL;
551  }
552  return domain_lookup_rrset(domain, type);
553 }
554 
555 
561 zone_add_rr(zone_type* zone, ldns_rr* rr, int do_stats)
562 {
563  domain_type* domain = NULL;
564  rrset_type* rrset = NULL;
565  rr_type* record = NULL;
566  ods_status status = ODS_STATUS_OK;
567 
568  ods_log_assert(rr);
569  ods_log_assert(zone);
570  ods_log_assert(zone->name);
571  ods_log_assert(zone->db);
572  ods_log_assert(zone->signconf);
573  /* If we already have this RR, return ODS_STATUS_UNCHANGED */
574  domain = namedb_lookup_domain(zone->db, ldns_rr_owner(rr));
575  if (!domain) {
576  domain = namedb_add_domain(zone->db, ldns_rr_owner(rr));
577  if (!domain) {
578  ods_log_error("[%s] unable to add RR to zone %s: "
579  "failed to add domain", zone_str, zone->name);
580  return ODS_STATUS_ERR;
581  }
582  if (ldns_dname_compare(domain->dname, zone->apex) == 0) {
583  domain->is_apex = 1;
584  } else {
585  status = namedb_domain_entize(zone->db, domain, zone->apex);
586  if (status != ODS_STATUS_OK) {
587  ods_log_error("[%s] unable to add RR to zone %s: "
588  "failed to entize domain", zone_str, zone->name);
589  return ODS_STATUS_ERR;
590  }
591  }
592  }
593  rrset = domain_lookup_rrset(domain, ldns_rr_get_type(rr));
594  if (!rrset) {
595  rrset = rrset_create(domain->zone, ldns_rr_get_type(rr));
596  if (!rrset) {
597  ods_log_error("[%s] unable to add RR to zone %s: "
598  "failed to add RRset", zone_str, zone->name);
599  return ODS_STATUS_ERR;
600  }
601  domain_add_rrset(domain, rrset);
602  }
603  record = rrset_lookup_rr(rrset, rr);
604  if (record) {
605  record->is_added = 1; /* already exists, just mark added */
606  record->is_removed = 0; /* unset is_removed */
607  if (ldns_rr_ttl(rr) != ldns_rr_ttl(record->rr)) {
608  ldns_rr_set_ttl(record->rr, ldns_rr_ttl(rr));
609  rrset->needs_signing = 1;
610  }
611  return ODS_STATUS_UNCHANGED;
612  } else {
613  record = rrset_add_rr(rrset, rr);
614  ods_log_assert(record);
615  ods_log_assert(record->rr);
616  ods_log_assert(record->is_added);
617  }
618  /* update stats */
619  if (do_stats && zone->stats) {
620  zone->stats->sort_count += 1;
621  }
622  return ODS_STATUS_OK;
623 }
624 
625 
631 zone_del_rr(zone_type* zone, ldns_rr* rr, int do_stats)
632 {
633  domain_type* domain = NULL;
634  rrset_type* rrset = NULL;
635  rr_type* record = NULL;
636  ods_log_assert(rr);
637  ods_log_assert(zone);
638  ods_log_assert(zone->name);
639  ods_log_assert(zone->db);
640  ods_log_assert(zone->signconf);
641  domain = namedb_lookup_domain(zone->db, ldns_rr_owner(rr));
642  if (!domain) {
643  ods_log_warning("[%s] unable to delete RR from zone %s: "
644  "domain not found", zone_str, zone->name);
645  return ODS_STATUS_UNCHANGED;
646  }
647  rrset = domain_lookup_rrset(domain, ldns_rr_get_type(rr));
648  if (!rrset) {
649  ods_log_warning("[%s] unable to delete RR from zone %s: "
650  "RRset not found", zone_str, zone->name);
651  return ODS_STATUS_UNCHANGED;
652  }
653  record = rrset_lookup_rr(rrset, rr);
654  if (!record) {
655  ods_log_error("[%s] unable to delete RR from zone %s: "
656  "RR not found", zone_str, zone->name);
657  return ODS_STATUS_UNCHANGED;
658  }
659 
660  record->is_removed = 1;
661  record->is_added = 0; /* unset is_added */
662  /* update stats */
663  if (do_stats && zone->stats) {
664  zone->stats->sort_count -= 1;
665  }
666  return ODS_STATUS_OK;
667 }
668 
669 
674 void
676 {
677  const char* str;
678  adapter_type* adtmp = NULL;
679 
680  if (!z1 || !z2) {
681  return;
682  }
683  /* policy name */
684  if (ods_strcmp(z2->policy_name, z1->policy_name) != 0) {
685  if (z2->policy_name) {
686  str = strdup(z2->policy_name);
687  if (!str) {
688  ods_log_error("[%s] failed to merge policy %s name to zone "
689  "%s", zone_str, z2->policy_name, z1->name);
690  } else {
691  free((void*)z1->policy_name);
692  z1->policy_name = str;
694  }
695  } else {
696  free((void*)z1->policy_name);
697  z1->policy_name = NULL;
699  }
700  }
701  /* signconf filename */
702  if (ods_strcmp(z2->signconf_filename, z1->signconf_filename) != 0) {
703  if (z2->signconf_filename) {
704  str = strdup(z2->signconf_filename);
705  if (!str) {
706  ods_log_error("[%s] failed to merge signconf filename %s to "
707  "zone %s", zone_str, z2->policy_name, z1->name);
708  } else {
709  free((void*)z1->signconf_filename);
710  z1->signconf_filename = str;
712  }
713  } else {
714  free((void*)z1->signconf_filename);
715  z1->signconf_filename = NULL;
717  }
718  }
719  /* adapters */
720  if (adapter_compare(z2->adinbound, z1->adinbound) != 0) {
721  adtmp = z2->adinbound;
722  z2->adinbound = z1->adinbound;
723  z1->adinbound = adtmp;
724  adtmp = NULL;
725  }
726  if (adapter_compare(z2->adoutbound, z1->adoutbound) != 0) {
727  adtmp = z2->adoutbound;
728  z2->adoutbound = z1->adoutbound;
729  z1->adoutbound = adtmp;
730  adtmp = NULL;
731  }
732  return;
733 }
734 
735 
740 void
742 {
743  allocator_type* allocator;
744  lock_basic_type zone_lock;
745  lock_basic_type xfr_lock;
746  if (!zone) {
747  return;
748  }
749  allocator = zone->allocator;
750  zone_lock = zone->zone_lock;
751  xfr_lock = zone->xfr_lock;
752  ldns_rdf_deep_free(zone->apex);
753  adapter_cleanup(zone->adinbound);
755  namedb_cleanup(zone->db);
756  ixfr_cleanup(zone->ixfr);
757  xfrd_cleanup(zone->xfrd);
758  notify_cleanup(zone->notify);
759  signconf_cleanup(zone->signconf);
760  stats_cleanup(zone->stats);
761  allocator_deallocate(allocator, (void*) zone->notify_command);
762  allocator_deallocate(allocator, (void*) zone->notify_args);
763  allocator_deallocate(allocator, (void*) zone->policy_name);
764  allocator_deallocate(allocator, (void*) zone->signconf_filename);
765  allocator_deallocate(allocator, (void*) zone->name);
766  allocator_deallocate(allocator, (void*) zone);
767  allocator_cleanup(allocator);
768  lock_basic_destroy(&xfr_lock);
769  lock_basic_destroy(&zone_lock);
770  return;
771 }
772 
773 
780 {
781  char* filename = NULL;
782  FILE* fd = NULL;
783  const char* token = NULL;
784  time_t when = 0;
785  task_type* task = NULL;
786  ods_status status = ODS_STATUS_OK;
787  /* zone part */
788  int klass = 0;
789  uint32_t inbound = 0, internal = 0, outbound = 0;
790  /* signconf part */
791  time_t lastmod = 0;
792  /* nsec3params part */
793  const char* salt = NULL;
794 
795  ods_log_assert(zone);
796  ods_log_assert(zone->name);
797  ods_log_assert(zone->signconf);
798  ods_log_assert(zone->db);
799 
800  filename = ods_build_path(zone->name, ".backup2", 0, 1);
801  if (!filename) {
802  return ODS_STATUS_MALLOC_ERR;
803  }
804  fd = ods_fopen(filename, NULL, "r");
805  if (fd) {
806  /* start recovery */
807  if (!backup_read_check_str(fd, ODS_SE_FILE_MAGIC_V3)) {
808  ods_log_error("[%s] corrupted backup file zone %s: read magic "
809  "error", zone_str, zone->name);
810  goto recover_error2;
811  }
812  if (!backup_read_check_str(fd, ";;Time:") |
813  !backup_read_time_t(fd, &when)) {
814  ods_log_error("[%s] corrupted backup file zone %s: read time "
815  "error", zone_str, zone->name);
816  goto recover_error2;
817  }
818  /* zone stuff */
819  if (!backup_read_check_str(fd, ";;Zone:") |
820  !backup_read_check_str(fd, "name") |
821  !backup_read_check_str(fd, zone->name)) {
822  ods_log_error("[%s] corrupted backup file zone %s: read name "
823  "error", zone_str, zone->name);
824  goto recover_error2;
825  }
826  if (!backup_read_check_str(fd, "class") |
827  !backup_read_int(fd, &klass)) {
828  ods_log_error("[%s] corrupted backup file zone %s: read class "
829  "error", zone_str, zone->name);
830  goto recover_error2;
831  }
832  if (!backup_read_check_str(fd, "inbound") |
833  !backup_read_uint32_t(fd, &inbound) |
834  !backup_read_check_str(fd, "internal") |
835  !backup_read_uint32_t(fd, &internal) |
836  !backup_read_check_str(fd, "outbound") |
837  !backup_read_uint32_t(fd, &outbound)) {
838  ods_log_error("[%s] corrupted backup file zone %s: read serial "
839  "error", zone_str, zone->name);
840  goto recover_error2;
841  }
842  zone->klass = (ldns_rr_class) klass;
843  zone->db->inbserial = inbound;
844  zone->db->intserial = internal;
845  zone->db->outserial = outbound;
846  /* signconf part */
847  if (!backup_read_check_str(fd, ";;Signconf:") |
848  !backup_read_check_str(fd, "lastmod") |
849  !backup_read_time_t(fd, &lastmod) |
850  !backup_read_check_str(fd, "maxzonettl") |
851  !backup_read_check_str(fd, "0") |
852  !backup_read_check_str(fd, "resign") |
854  !backup_read_check_str(fd, "refresh") |
856  !backup_read_check_str(fd, "valid") |
858  !backup_read_check_str(fd, "denial") |
860  !backup_read_check_str(fd, "jitter") |
862  !backup_read_check_str(fd, "offset") |
864  !backup_read_check_str(fd, "nsec") |
865  !backup_read_rr_type(fd, &zone->signconf->nsec_type) |
866  !backup_read_check_str(fd, "dnskeyttl") |
868  !backup_read_check_str(fd, "soattl") |
869  !backup_read_duration(fd, &zone->signconf->soa_ttl) |
870  !backup_read_check_str(fd, "soamin") |
871  !backup_read_duration(fd, &zone->signconf->soa_min) |
872  !backup_read_check_str(fd, "serial") |
873  !backup_read_str(fd, &zone->signconf->soa_serial)) {
874  ods_log_error("[%s] corrupted backup file zone %s: read signconf "
875  "error", zone_str, zone->name);
876  goto recover_error2;
877  }
878  /* nsec3params part */
879  if (zone->signconf->nsec_type == LDNS_RR_TYPE_NSEC3) {
880  if (!backup_read_check_str(fd, ";;Nsec3parameters:") |
881  !backup_read_check_str(fd, "salt") |
882  !backup_read_str(fd, &salt) |
883  !backup_read_check_str(fd, "algorithm") |
885  !backup_read_check_str(fd, "optout") |
886  !backup_read_int(fd, &zone->signconf->nsec3_optout) |
887  !backup_read_check_str(fd, "iterations") |
889  ods_log_error("[%s] corrupted backup file zone %s: read "
890  "nsec3parameters error", zone_str, zone->name);
891  goto recover_error2;
892  }
894  zone->signconf->allocator, salt);
895  free((void*) salt);
896  salt = NULL;
898  (void*) zone->signconf,
899  (uint8_t) zone->signconf->nsec3_algo,
900  (uint8_t) zone->signconf->nsec3_optout,
901  (uint16_t) zone->signconf->nsec3_iterations,
902  zone->signconf->nsec3_salt);
903  if (!zone->signconf->nsec3params) {
904  ods_log_error("[%s] corrupted backup file zone %s: unable to "
905  "create nsec3param", zone_str, zone->name);
906  goto recover_error2;
907  }
908  }
909  zone->signconf->last_modified = lastmod;
910  zone->default_ttl = (uint32_t) duration2time(zone->signconf->soa_min);
911  /* keys part */
912  zone->signconf->keys = keylist_create((void*) zone->signconf);
913  while (backup_read_str(fd, &token)) {
914  if (ods_strcmp(token, ";;Key:") == 0) {
915  if (!key_recover2(fd, zone->signconf->keys)) {
916  ods_log_error("[%s] corrupted backup file zone %s: read "
917  "key error", zone_str, zone->name);
918  goto recover_error2;
919  }
920  } else if (ods_strcmp(token, ";;") == 0) {
921  /* keylist done */
922  free((void*) token);
923  token = NULL;
924  break;
925  } else {
926  /* keylist corrupted */
927  goto recover_error2;
928  }
929  free((void*) token);
930  token = NULL;
931  }
932  /* publish dnskeys */
933  status = zone_publish_dnskeys(zone);
934  if (status != ODS_STATUS_OK) {
935  ods_log_error("[%s] corrupted backup file zone %s: unable to "
936  "publish dnskeys (%s)", zone_str, zone->name,
937  ods_status2str(status));
938  goto recover_error2;
939  }
940  /* publish nsec3param */
941  status = zone_publish_nsec3param(zone);
942  if (status != ODS_STATUS_OK) {
943  ods_log_error("[%s] corrupted backup file zone %s: unable to "
944  "publish nsec3param (%s)", zone_str, zone->name,
945  ods_status2str(status));
946  goto recover_error2;
947  }
948  /* publish other records */
949  status = backup_read_namedb(fd, zone);
950  if (status != ODS_STATUS_OK) {
951  ods_log_error("[%s] corrupted backup file zone %s: unable to "
952  "read resource records (%s)", zone_str, zone->name,
953  ods_status2str(status));
954  goto recover_error2;
955  }
956  /* task */
957  task = task_create(TASK_SIGN, when, (void*) zone);
958  if (!task) {
959  ods_log_error("[%s] failed to restore zone %s: unable to "
960  "create task", zone_str, zone->name);
961  goto recover_error2;
962  }
963  zone->task = (void*) task;
964  free((void*)filename);
965  ods_fclose(fd);
966  zone->db->is_initialized = 1;
967  zone->db->have_serial = 1;
968  /* journal */
969  filename = ods_build_path(zone->name, ".ixfr", 0, 1);
970  if (filename) {
971  fd = ods_fopen(filename, NULL, "r");
972  }
973  if (fd) {
974  status = backup_read_ixfr(fd, zone);
975  if (status != ODS_STATUS_OK) {
976  ods_log_warning("[%s] corrupted journal file zone %s, "
977  "skipping (%s)", zone_str, zone->name,
978  ods_status2str(status));
979  (void)unlink(filename);
980  ixfr_cleanup(zone->ixfr);
981  zone->ixfr = ixfr_create((void*)zone);
982  }
983  }
984  lock_basic_lock(&zone->ixfr->ixfr_lock);
985  ixfr_purge(zone->ixfr);
987 
988  /* all ok */
989  free((void*)filename);
990  ods_fclose(fd);
991  if (zone->stats) {
993  stats_clear(zone->stats);
995  }
996  return ODS_STATUS_OK;
997  }
998  return ODS_STATUS_UNCHANGED;
999 
1000 recover_error2:
1001  free((void*)filename);
1002  ods_fclose(fd);
1003  /* signconf cleanup */
1004  free((void*)salt);
1005  salt = NULL;
1006  signconf_cleanup(zone->signconf);
1007  zone->signconf = signconf_create();
1008  ods_log_assert(zone->signconf);
1009  /* namedb cleanup */
1010  namedb_cleanup(zone->db);
1011  zone->db = namedb_create((void*)zone);
1012  ods_log_assert(zone->db);
1013  /* stats reset */
1014  if (zone->stats) {
1015  lock_basic_lock(&zone->stats->stats_lock);
1016  stats_clear(zone->stats);
1018  }
1019  return ODS_STATUS_ERR;
1020 }
1021 
1022 
1027 ods_status
1029 {
1030  char* filename = NULL;
1031  char* tmpfile = NULL;
1032  FILE* fd = NULL;
1033  task_type* task = NULL;
1034  int ret = 0;
1035  ods_status status = ODS_STATUS_OK;
1036 
1037  ods_log_assert(zone);
1038  ods_log_assert(zone->name);
1039  ods_log_assert(zone->db);
1040  ods_log_assert(zone->signconf);
1041  ods_log_assert(zone->task);
1042 
1043  tmpfile = ods_build_path(zone->name, ".backup2.tmp", 0, 1);
1044  filename = ods_build_path(zone->name, ".backup2", 0, 1);
1045  if (!tmpfile || !filename) {
1046  return ODS_STATUS_MALLOC_ERR;
1047  }
1048  fd = ods_fopen(tmpfile, NULL, "w");
1049  if (fd) {
1050  fprintf(fd, "%s\n", ODS_SE_FILE_MAGIC_V3);
1051  task = (task_type*) zone->task;
1052  fprintf(fd, ";;Time: %u\n", (unsigned) task->when);
1054  fprintf(fd, ";;Zone: name %s class %i inbound %u internal %u "
1055  "outbound %u\n", zone->name, (int) zone->klass,
1056  (unsigned) zone->db->inbserial,
1057  (unsigned) zone->db->intserial,
1058  (unsigned) zone->db->outserial);
1060  signconf_backup(fd, zone->signconf, ODS_SE_FILE_MAGIC_V3);
1062  if (zone->signconf->nsec3params) {
1063  nsec3params_backup(fd,
1064  zone->signconf->nsec3_algo,
1065  zone->signconf->nsec3_optout,
1066  zone->signconf->nsec3_iterations,
1067  zone->signconf->nsec3_salt,
1068  zone->signconf->nsec3params->rr,
1069  ODS_SE_FILE_MAGIC_V3);
1070  }
1072  keylist_backup(fd, zone->signconf->keys, ODS_SE_FILE_MAGIC_V3);
1073  fprintf(fd, ";;\n");
1075  namedb_backup2(fd, zone->db);
1077  fprintf(fd, "%s\n", ODS_SE_FILE_MAGIC_V3);
1078  ods_fclose(fd);
1079  ret = rename(tmpfile, filename);
1080  if (ret != 0) {
1081  ods_log_error("[%s] unable to rename zone %s backup %s to %s: %s",
1082  zone_str, zone->name, tmpfile, filename, strerror(errno));
1083  status = ODS_STATUS_RENAME_ERR;
1084  }
1085  } else {
1086  status = ODS_STATUS_FOPEN_ERR;
1087  }
1088 
1089  free((void*) tmpfile);
1090  free((void*) filename);
1091  return status;
1092 }
void ods_log_alert(const char *format,...)
Definition: log.c:368
signconf_type * signconf_create(void)
Definition: signconf.c:49
void ixfr_cleanup(ixfr_type *ixfr)
Definition: ixfr.c:311
rr_type * rrset_lookup_rr(rrset_type *rrset, ldns_rr *rr)
Definition: rrset.c:221
uint32_t default_ttl
Definition: zone.h:72
int backup_read_str(FILE *in, const char **str)
Definition: backup.c:99
uint32_t nsec3_iterations
Definition: signconf.h:68
uint32_t intserial
Definition: namedb.h:54
void zone_cleanup(zone_type *zone)
Definition: zone.c:741
duration_type * sig_inception_offset
Definition: signconf.h:62
int publish
Definition: keys.h:63
void signconf_backup(FILE *fd, signconf_type *sc, const char *version)
Definition: signconf.c:224
int adapter_compare(adapter_type *a1, adapter_type *a2)
Definition: adapter.c:239
void domain_add_rrset(domain_type *domain, rrset_type *rrset)
Definition: domain.c:191
rrset_type * domain_lookup_rrset(domain_type *domain, ldns_rr_type rrtype)
Definition: domain.c:172
void ods_log_debug(const char *format,...)
Definition: log.c:272
time_t when
Definition: task.h:61
duration_type * soa_min
Definition: signconf.h:76
uint32_t time_datestamp(time_t tt, const char *format, char **str)
Definition: duration.c:533
int backup_read_duration(FILE *in, duration_type **v)
Definition: backup.c:133
void zone_merge(zone_type *z1, zone_type *z2)
Definition: zone.c:675
stats_type * stats_create(void)
Definition: stats.c:42
ldns_rr * dnskey
Definition: keys.h:57
#define lock_basic_destroy(lock)
Definition: locks.h:92
const char * nsec3_salt
Definition: signconf.h:69
const char * soa_serial
Definition: signconf.h:77
task_id interrupt
Definition: task.h:59
keylist_type * keys
Definition: signconf.h:73
duration_type * soa_ttl
Definition: signconf.h:75
void * allocator_alloc(allocator_type *allocator, size_t size)
Definition: allocator.c:68
duration_type * sig_validity_default
Definition: signconf.h:59
char * notify_command
Definition: zone.h:74
uint16_t iterations
Definition: nsec3params.h:59
void signconf_cleanup(signconf_type *sc)
Definition: signconf.c:566
void namedb_cleanup(namedb_type *db)
Definition: namedb.c:1140
rrset_type * rrset_create(void *zoneptr, ldns_rr_type type)
Definition: rrset.c:189
int backup_read_rr_type(FILE *in, ldns_rr_type *v)
Definition: backup.c:150
unsigned have_serial
Definition: namedb.h:61
duration_type * sig_validity_denial
Definition: signconf.h:60
duration_type * nsec3param_ttl
Definition: signconf.h:64
ods_status zone_recover2(zone_type *zone)
Definition: zone.c:779
ods_status schedule_task(schedule_type *schedule, task_type *task, int log)
Definition: schedule.c:148
int backup_read_time_t(FILE *in, time_t *v)
Definition: backup.c:116
enum ods_enum_status ods_status
Definition: status.h:91
lock_basic_type zone_lock
Definition: zone.h:97
rr_type * rrset_add_rr(rrset_type *rrset, ldns_rr *rr)
Definition: rrset.c:271
void ods_log_error(const char *format,...)
Definition: log.c:336
uint32_t outserial
Definition: namedb.h:55
lock_basic_type stats_lock
Definition: stats.h:69
const char * ods_status2str(ods_status status)
Definition: status.c:112
#define SE_SOA_RDATA_SERIAL
Definition: util.h:49
ods_status namedb_update_serial(namedb_type *db, const char *zone_name, const char *format, uint32_t inbound_serial)
Definition: namedb.c:200
zone_zl_status zl_status
Definition: zone.h:81
Definition: task.h:47
int ods_strcmp(const char *s1, const char *s2)
Definition: file.c:317
int backup_read_int(FILE *in, int *v)
Definition: backup.c:167
zone_type * zone_create(char *name, ldns_rr_class klass)
Definition: zone.c:56
ods_status backup_read_ixfr(FILE *in, void *zone)
Definition: backup.c:522
ldns_rr_type nsec_type
Definition: signconf.h:65
void namedb_backup2(FILE *fd, namedb_type *db)
Definition: namedb.c:1162
void notify_cleanup(notify_type *notify)
Definition: notify.c:582
void nsec3params_backup(FILE *fd, uint8_t algo, uint8_t flags, uint16_t iter, const char *salt, ldns_rr *rr, const char *version)
Definition: nsec3params.c:145
enum task_id_enum task_id
Definition: task.h:50
adapter_type * adoutbound
Definition: zone.h:84
FILE * ods_fopen(const char *file, const char *dir, const char *mode)
Definition: file.c:187
nsec3params_type * nsec3params_create(void *sc, uint8_t algo, uint8_t flags, uint16_t iter, const char *salt)
Definition: nsec3params.c:105
unsigned exists
Definition: rrset.h:64
ods_status backup_read_namedb(FILE *in, void *zone)
Definition: backup.c:330
ods_status zone_publish_nsec3param(zone_type *zone)
Definition: zone.c:337
duration_type * sig_refresh_interval
Definition: signconf.h:58
#define lock_basic_lock(lock)
Definition: locks.h:93
uint8_t * salt_data
Definition: nsec3params.h:61
namedb_type * db
Definition: zone.h:88
unsigned is_removed
Definition: rrset.h:66
ixfr_type * ixfr
Definition: zone.h:89
uint32_t inbserial
Definition: namedb.h:53
allocator_type * allocator_create(void *(*allocator)(size_t size), void(*deallocator)(void *))
Definition: allocator.c:49
time_t halted_when
Definition: task.h:62
unsigned needs_signing
Definition: rrset.h:83
ods_status lhsm_get_key(hsm_ctx_t *ctx, ldns_rdf *owner, key_type *key_id)
Definition: hsm.c:136
unsigned serial_updated
Definition: namedb.h:59
unsigned is_initialized
Definition: namedb.h:57
key_type * keys
Definition: keys.h:75
int lock_basic_type
Definition: locks.h:90
ods_status namedb_domain_entize(namedb_type *db, domain_type *domain, ldns_rdf *apex)
Definition: namedb.c:288
signconf_type * signconf
Definition: zone.h:86
ods_status zone_backup2(zone_type *zone)
Definition: zone.c:1028
ods_status zone_update_serial(zone_type *zone)
Definition: zone.c:471
adapter_type * adinbound
Definition: zone.h:83
task_id halted
Definition: task.h:60
char * allocator_strdup(allocator_type *allocator, const char *string)
Definition: allocator.c:123
ods_status zone_add_rr(zone_type *zone, ldns_rr *rr, int do_stats)
Definition: zone.c:561
domain_type * namedb_lookup_domain(namedb_type *db, ldns_rdf *dname)
Definition: namedb.c:345
unsigned is_apex
Definition: domain.h:64
char ** notify_args
Definition: zone.h:76
void stats_cleanup(stats_type *stats)
Definition: stats.c:107
task_type * unschedule_task(schedule_type *schedule, task_type *task)
Definition: schedule.c:193
const char * signconf_filename
Definition: zone.h:80
void zone_rollback_dnskeys(zone_type *zone)
Definition: zone.c:307
ods_status zone_publish_dnskeys(zone_type *zone)
Definition: zone.c:233
allocator_type * allocator
Definition: zone.h:69
void xfrd_cleanup(xfrd_type *xfrd)
Definition: xfrd.c:1793
ods_status zone_reschedule_task(zone_type *zone, schedule_type *taskq, task_id what)
Definition: zone.c:189
namedb_type * namedb_create(void *zone)
Definition: namedb.c:126
char * ods_build_path(const char *file, const char *suffix, int dir, int no_slash)
Definition: file.c:127
const char * notify_ns
Definition: zone.h:75
time_t duration2time(duration_type *duration)
Definition: duration.c:373
ods_status zone_del_rr(zone_type *zone, ldns_rr *rr, int do_stats)
Definition: zone.c:631
void zone_rollback_nsec3param(zone_type *zone)
Definition: zone.c:405
ldns_rr * rr
Definition: rrset.h:62
void ods_log_verbose(const char *format,...)
Definition: log.c:288
keylist_type * keylist_create(void *sc)
Definition: keys.c:49
time_t last_modified
Definition: signconf.h:80
lock_basic_type ixfr_lock
Definition: ixfr.h:64
ldns_rr_class klass
Definition: zone.h:71
rrset_type * zone_lookup_rrset(zone_type *zone, ldns_rdf *owner, ldns_rr_type type)
Definition: zone.c:542
uint32_t nsec3_algo
Definition: signconf.h:67
nsec3params_type * nsec3params
Definition: signconf.h:70
task_id what
Definition: task.h:58
#define lock_basic_init(lock)
Definition: locks.h:91
size_t count
Definition: keys.h:76
void ods_fclose(FILE *fd)
Definition: file.c:247
uint32_t sort_count
Definition: stats.h:57
allocator_type * allocator
Definition: signconf.h:55
domain_type * namedb_add_domain(namedb_type *db, ldns_rdf *dname)
Definition: namedb.c:359
void allocator_cleanup(allocator_type *allocator)
Definition: allocator.c:153
duration_type * dnskey_ttl
Definition: signconf.h:72
const char * name
Definition: zone.h:78
ods_status zone_prepare_keys(zone_type *zone)
Definition: zone.c:430
int backup_read_check_str(FILE *in, const char *str)
Definition: backup.c:79
duration_type * sig_jitter
Definition: signconf.h:61
hsm_sign_params_t * params
Definition: keys.h:59
duration_type * sig_resign_interval
Definition: signconf.h:57
void ixfr_purge(ixfr_type *ixfr)
Definition: ixfr.c:277
void allocator_deallocate(allocator_type *allocator, void *data)
Definition: allocator.c:137
lock_basic_type schedule_lock
Definition: schedule.h:65
void rrset_diff(rrset_type *rrset, unsigned is_ixfr, unsigned more_coming)
Definition: rrset.c:346
notify_type * notify
Definition: zone.h:92
void * task
Definition: zone.h:94
const char * policy_name
Definition: zone.h:79
#define ods_log_assert(x)
Definition: log.h:156
ods_status zone_load_signconf(zone_type *zone, signconf_type **new_signconf)
Definition: zone.c:138
void adapter_cleanup(adapter_type *adapter)
Definition: adapter.c:261
xfrd_type * xfrd
Definition: zone.h:91
ixfr_type * ixfr_create(void *zone)
Definition: ixfr.c:102
unsigned is_added
Definition: rrset.h:65
#define lock_basic_unlock(lock)
Definition: locks.h:94
void ods_log_warning(const char *format,...)
Definition: log.c:320
key_type * key_recover2(FILE *fd, keylist_type *kl)
Definition: keys.c:307
void keylist_backup(FILE *fd, keylist_type *kl, const char *version)
Definition: keys.c:346
ldns_rdf * apex
Definition: zone.h:70
task_type * task_create(task_id what, time_t when, void *zone)
Definition: task.c:50
time_t time_now(void)
Definition: duration.c:515
hsm_key_t * hsmkey
Definition: keys.h:58
ods_status signconf_update(signconf_type **signconf, const char *scfile, time_t last_modified)
Definition: signconf.c:163
ldns_rdf * dname
Definition: domain.h:60
stats_type * stats
Definition: zone.h:96
int backup_read_uint32_t(FILE *in, uint32_t *v)
Definition: backup.c:235
void * zone
Definition: domain.h:57
rr_type * rrs
Definition: rrset.h:79
void stats_clear(stats_type *stats)
Definition: stats.c:56
int nsec3_optout
Definition: signconf.h:66
lock_basic_type xfr_lock
Definition: zone.h:98