"Fossies" - the Fresh Open Source Software Archive

Member "nsd-4.3.6/options.h" (6 Apr 2021, 15611 Bytes) of package /linux/misc/dns/nsd-4.3.6.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "options.h" see the Fossies "Dox" file reference documentation and the latest Fossies "Diffs" side-by-side code changes report: 4.3.5_vs_4.3.6.

    1 /*
    2  * options.h -- nsd.conf options definitions and prototypes
    3  *
    4  * Copyright (c) 2001-2006, NLnet Labs. All rights reserved.
    5  *
    6  * See LICENSE for the license.
    7  *
    8  */
    9 
   10 #ifndef OPTIONS_H
   11 #define OPTIONS_H
   12 
   13 #include <stdarg.h>
   14 #include "region-allocator.h"
   15 #include "rbtree.h"
   16 struct query;
   17 struct dname;
   18 struct tsig_key;
   19 struct buffer;
   20 struct nsd;
   21 
   22 typedef struct nsd_options nsd_options_type;
   23 typedef struct pattern_options pattern_options_type;
   24 typedef struct zone_options zone_options_type;
   25 typedef struct range_option range_option_type;
   26 typedef struct ip_address_option ip_address_option_type;
   27 typedef struct cpu_option cpu_option_type;
   28 typedef struct cpu_map_option cpu_map_option_type;
   29 typedef struct acl_options acl_options_type;
   30 typedef struct key_options key_options_type;
   31 typedef struct config_parser_state config_parser_state_type;
   32 
   33 /*
   34  * Options global for nsd.
   35  */
   36 struct nsd_options {
   37     /* config file name */
   38     char* configfile;
   39     /* options for zones, by apex, contains zone_options */
   40     rbtree_type* zone_options;
   41     /* patterns, by name, contains pattern_options */
   42     rbtree_type* patterns;
   43 
   44     /* free space in zonelist file, contains zonelist_bucket */
   45     rbtree_type* zonefree;
   46     /* number of free space lines in zonelist file */
   47     size_t zonefree_number;
   48     /* zonelist file if open */
   49     FILE* zonelist;
   50     /* last offset in file (or 0 if none) */
   51     off_t zonelist_off;
   52 
   53     /* tree of zonestat names and their id values, entries are struct
   54      * zonestatname with malloced key=stringname. The number of items
   55      * is the max statnameid, no items are freed from this. 
   56      * kept correct in the xfrd process, and on startup. */
   57     rbtree_type* zonestatnames;
   58 
   59     /* rbtree of keys defined, by name */
   60     rbtree_type* keys;
   61 
   62     /* list of ip addresses to bind to (or NULL for all) */
   63     struct ip_address_option* ip_addresses;
   64 
   65     int ip_transparent;
   66     int ip_freebind;
   67     int send_buffer_size;
   68     int receive_buffer_size;
   69     int debug_mode;
   70     int verbosity;
   71     int hide_version;
   72     int hide_identity;
   73     int drop_updates;
   74     int do_ip4;
   75     int do_ip6;
   76     const char* database;
   77     const char* identity;
   78     const char* version;
   79     const char* logfile;
   80     int log_only_syslog;
   81     int server_count;
   82     struct cpu_option* cpu_affinity;
   83     struct cpu_map_option* service_cpu_affinity;
   84     int tcp_count;
   85     int tcp_reject_overflow;
   86     int confine_to_zone;
   87     int tcp_query_count;
   88     int tcp_timeout;
   89     int tcp_mss;
   90     int outgoing_tcp_mss;
   91     size_t ipv4_edns_size;
   92     size_t ipv6_edns_size;
   93     const char* pidfile;
   94     const char* port;
   95     int statistics;
   96     const char* chroot;
   97     const char* username;
   98     const char* zonesdir;
   99     const char* xfrdfile;
  100     const char* xfrdir;
  101     const char* zonelistfile;
  102     const char* nsid;
  103     int xfrd_reload_timeout;
  104     int zonefiles_check;
  105     int zonefiles_write;
  106     int log_time_ascii;
  107     int round_robin;
  108     int minimal_responses;
  109     int refuse_any;
  110     int reuseport;
  111 
  112     /* private key file for TLS */
  113     char* tls_service_key;
  114     /* ocsp stapling file for TLS */
  115     char* tls_service_ocsp;
  116     /* certificate file for TLS */
  117     char* tls_service_pem;
  118     /* TLS dedicated port */
  119     const char* tls_port;
  120 
  121     /** remote control section. enable toggle. */
  122     int control_enable;
  123     /** the interfaces the remote control should listen on */
  124     struct ip_address_option* control_interface;
  125     /** port number for the control port */
  126     int control_port;
  127     /** private key file for server */
  128     char* server_key_file;
  129     /** certificate file for server */
  130     char* server_cert_file;
  131     /** private key file for nsd-control */
  132     char* control_key_file;
  133     /** certificate file for nsd-control */
  134     char* control_cert_file;
  135 
  136 #ifdef RATELIMIT
  137     /** number of buckets in rrl hashtable */
  138     size_t rrl_size;
  139     /** max qps for queries, 0 is nolimit */
  140     size_t rrl_ratelimit;
  141     /** ratio of slipped responses, 0 is noslip */
  142     size_t rrl_slip;
  143     /** ip prefix length */
  144     size_t rrl_ipv4_prefix_length;
  145     size_t rrl_ipv6_prefix_length;
  146     /** max qps for whitelisted queries, 0 is nolimit */
  147     size_t rrl_whitelist_ratelimit;
  148 #endif
  149     /** if dnstap is enabled */
  150     int dnstap_enable;
  151     /** dnstap socket path */
  152     char* dnstap_socket_path;
  153     /** true to send "identity" via dnstap */
  154     int dnstap_send_identity;
  155     /** true to send "version" via dnstap */
  156     int dnstap_send_version;
  157     /** dnstap "identity", hostname is used if "". */
  158     char* dnstap_identity;
  159     /** dnstap "version", package version is used if "". */
  160     char* dnstap_version;
  161     /** true to log dnstap AUTH_QUERY message events */
  162     int dnstap_log_auth_query_messages;
  163     /** true to log dnstap AUTH_RESPONSE message events */
  164     int dnstap_log_auth_response_messages;
  165 
  166     region_type* region;
  167 };
  168 
  169 struct range_option {
  170     struct range_option* next;
  171     int first;
  172     int last;
  173 };
  174 
  175 struct ip_address_option {
  176     struct ip_address_option* next;
  177     char* address;
  178     struct range_option* servers;
  179     int dev;
  180     int fib;
  181 };
  182 
  183 struct cpu_option {
  184     struct cpu_option* next;
  185     int cpu;
  186 };
  187 
  188 struct cpu_map_option {
  189     struct cpu_map_option* next;
  190     int service;
  191     int cpu;
  192 };
  193 
  194 /*
  195  * Defines for min_expire_time_expr value
  196  */
  197 #define EXPIRE_TIME_HAS_VALUE     0
  198 #define EXPIRE_TIME_IS_DEFAULT    1
  199 #define REFRESHPLUSRETRYPLUS1     2
  200 #define REFRESHPLUSRETRYPLUS1_STR "refresh+retry+1"
  201 #define expire_time_is_default(x) (!(  (x) == REFRESHPLUSRETRYPLUS1 \
  202                                     || (x) == EXPIRE_TIME_HAS_VALUE ))
  203 
  204 
  205 /*
  206  * Pattern of zone options, used to contain options for zone(s).
  207  */
  208 struct pattern_options {
  209     rbnode_type node;
  210     const char* pname; /* name of the pattern, key of rbtree */
  211     const char* zonefile;
  212     struct acl_options* allow_notify;
  213     struct acl_options* request_xfr;
  214     struct acl_options* notify;
  215     struct acl_options* provide_xfr;
  216     struct acl_options* allow_query;
  217     struct acl_options* outgoing_interface;
  218     const char* zonestats;
  219 #ifdef RATELIMIT
  220     uint16_t rrl_whitelist; /* bitmap with rrl types */
  221 #endif
  222     uint8_t allow_axfr_fallback;
  223     uint8_t allow_axfr_fallback_is_default;
  224     uint8_t notify_retry;
  225     uint8_t notify_retry_is_default;
  226     uint8_t implicit; /* pattern is implicit, part_of_config zone used */
  227     uint8_t xfrd_flags;
  228     uint32_t max_refresh_time;
  229     uint8_t max_refresh_time_is_default;
  230     uint32_t min_refresh_time;
  231     uint8_t min_refresh_time_is_default;
  232     uint32_t max_retry_time;
  233     uint8_t max_retry_time_is_default;
  234     uint32_t min_retry_time;
  235     uint8_t min_retry_time_is_default;
  236     uint32_t min_expire_time;
  237     /* min_expir_time_expr is either a known value (REFRESHPLUSRETRYPLUS1
  238      * or EXPIRE_EXPR_HAS_VALUE) or else min_expire_time is the default.
  239      * This can be tested with expire_time_is_default(x) define.
  240      */
  241     uint8_t min_expire_time_expr;
  242     uint64_t size_limit_xfr;
  243     uint8_t multi_master_check;
  244 } ATTR_PACKED;
  245 
  246 #define PATTERN_IMPLICIT_MARKER "_implicit_"
  247 
  248 /*
  249  * Options for a zone
  250  */
  251 struct zone_options {
  252     /* key is dname of apex */
  253     rbnode_type node;
  254 
  255     /* is apex of the zone */
  256     const char* name;
  257     /* if not part of config, the offset and linesize of zonelist entry */
  258     off_t off;
  259     int linesize;
  260     /* pattern for the zone options, if zone is part_of_config, this is
  261      * a anonymous pattern created in-place */
  262     struct pattern_options* pattern;
  263     /* zone is fixed into the main config, not in zonelist, cannot delete */
  264     uint8_t part_of_config;
  265 } ATTR_PACKED;
  266 
  267 union acl_addr_storage {
  268 #ifdef INET6
  269     struct in_addr addr;
  270     struct in6_addr addr6;
  271 #else
  272     struct in_addr addr;
  273 #endif
  274 };
  275 
  276 /*
  277  * Access control list element
  278  */
  279 struct acl_options {
  280     struct acl_options* next;
  281 
  282     /* options */
  283     time_t ixfr_disabled;
  284     int bad_xfr_count;
  285     uint8_t use_axfr_only;
  286     uint8_t allow_udp;
  287 
  288     /* ip address range */
  289     const char* ip_address_spec;
  290     uint8_t is_ipv6;
  291     unsigned int port;  /* is 0(no port) or suffix @port value */
  292     union acl_addr_storage addr;
  293     union acl_addr_storage range_mask;
  294     enum {
  295         acl_range_single = 0,   /* single address */
  296         acl_range_mask = 1, /* 10.20.30.40&255.255.255.0 */
  297         acl_range_subnet = 2,   /* 10.20.30.40/28 */
  298         acl_range_minmax = 3    /* 10.20.30.40-10.20.30.60 (mask=max) */
  299     } rangetype;
  300 
  301     /* key */
  302     uint8_t nokey;
  303     uint8_t blocked;
  304     const char* key_name;
  305     struct key_options* key_options;
  306 } ATTR_PACKED;
  307 
  308 /*
  309  * Key definition
  310  */
  311 struct key_options {
  312     rbnode_type node; /* key of tree is name */
  313     char* name;
  314     char* algorithm;
  315     char* secret;
  316     struct tsig_key* tsig_key;
  317 } ATTR_PACKED;
  318 
  319 /** zone list free space */
  320 struct zonelist_free {
  321     struct zonelist_free* next;
  322     off_t off;
  323 };
  324 /** zonelist free bucket for a particular line length */
  325 struct zonelist_bucket {
  326     rbnode_type node; /* key is ptr to linesize */
  327     int linesize;
  328     struct zonelist_free* list;
  329 };
  330 
  331 /* default zonefile write interval if database is "", in seconds */
  332 #define ZONEFILES_WRITE_INTERVAL 3600
  333 
  334 struct zonestatname {
  335     rbnode_type node; /* key is malloced string with cooked zonestat name */
  336     unsigned id; /* index in nsd.zonestat array */
  337 };
  338 
  339 /*
  340  * Used during options parsing
  341  */
  342 struct config_parser_state {
  343     char* filename;
  344     const char* chroot;
  345     int line;
  346     int errors;
  347     struct nsd_options* opt;
  348     struct pattern_options *pattern;
  349     struct zone_options *zone;
  350     struct key_options *key;
  351     struct ip_address_option *ip;
  352     void (*err)(void*,const char*);
  353     void* err_arg;
  354 };
  355 
  356 extern config_parser_state_type* cfg_parser;
  357 
  358 /* region will be put in nsd_options struct. Returns empty options struct. */
  359 struct nsd_options* nsd_options_create(region_type* region);
  360 /* the number of zones that are configured */
  361 static inline size_t nsd_options_num_zones(struct nsd_options* opt)
  362 { return opt->zone_options->count; }
  363 /* insert a zone into the main options tree, returns 0 on error */
  364 int nsd_options_insert_zone(struct nsd_options* opt, struct zone_options* zone);
  365 /* insert a pattern into the main options tree, returns 0 on error */
  366 int nsd_options_insert_pattern(struct nsd_options* opt,
  367     struct pattern_options* pat);
  368 
  369 /* parses options file. Returns false on failure. callback, if nonNULL,
  370  * gets called with error strings, default prints. */
  371 int parse_options_file(struct nsd_options* opt, const char* file,
  372     void (*err)(void*,const char*), void* err_arg);
  373 struct zone_options* zone_options_create(region_type* region);
  374 void zone_options_delete(struct nsd_options* opt, struct zone_options* zone);
  375 /* find a zone by apex domain name, or NULL if not found. */
  376 struct zone_options* zone_options_find(struct nsd_options* opt,
  377     const struct dname* apex);
  378 struct pattern_options* pattern_options_create(region_type* region);
  379 struct pattern_options* pattern_options_find(struct nsd_options* opt, const char* name);
  380 int pattern_options_equal(struct pattern_options* p, struct pattern_options* q);
  381 void pattern_options_remove(struct nsd_options* opt, const char* name);
  382 void pattern_options_add_modify(struct nsd_options* opt,
  383     struct pattern_options* p);
  384 void pattern_options_marshal(struct buffer* buffer, struct pattern_options* p);
  385 struct pattern_options* pattern_options_unmarshal(region_type* r,
  386     struct buffer* b);
  387 struct key_options* key_options_create(region_type* region);
  388 void key_options_insert(struct nsd_options* opt, struct key_options* key);
  389 struct key_options* key_options_find(struct nsd_options* opt, const char* name);
  390 void key_options_remove(struct nsd_options* opt, const char* name);
  391 int key_options_equal(struct key_options* p, struct key_options* q);
  392 void key_options_add_modify(struct nsd_options* opt, struct key_options* key);
  393 void key_options_setup(region_type* region, struct key_options* key);
  394 void key_options_desetup(region_type* region, struct key_options* key);
  395 /* read in zone list file. Returns false on failure */
  396 int parse_zone_list_file(struct nsd_options* opt);
  397 /* create zone entry and add to the zonelist file */
  398 struct zone_options* zone_list_add(struct nsd_options* opt, const char* zname,
  399     const char* pname);
  400 /* create zonelist entry, do not insert in file (called by _add) */
  401 struct zone_options* zone_list_zone_insert(struct nsd_options* opt,
  402     const char* nm, const char* patnm, int linesize, off_t off);
  403 void zone_list_del(struct nsd_options* opt, struct zone_options* zone);
  404 void zone_list_compact(struct nsd_options* opt);
  405 void zone_list_close(struct nsd_options* opt);
  406 
  407 /* create zonestat name tree , for initially created zones */
  408 void options_zonestatnames_create(struct nsd_options* opt);
  409 /* Get zonestat id for zone options, add new entry if necessary.
  410  * instantiates the pattern's zonestat string */
  411 unsigned getzonestatid(struct nsd_options* opt, struct zone_options* zopt);
  412 /* create string, same options as zonefile but no chroot changes */
  413 const char* config_cook_string(struct zone_options* zone, const char* input);
  414 
  415 /** check if config for remote control turns on IP-address interface
  416  * with certificates or a named pipe without certificates. */
  417 int options_remote_is_address(struct nsd_options* cfg);
  418 
  419 #if defined(HAVE_SSL)
  420 /* tsig must be inited, adds all keys in options to tsig. */
  421 void key_options_tsig_add(struct nsd_options* opt);
  422 #endif
  423 
  424 /* check acl list, acl number that matches if passed(0..),
  425  * or failure (-1) if dropped */
  426 /* the reason why (the acl) is returned too (or NULL) */
  427 int acl_check_incoming(struct acl_options* acl, struct query* q,
  428     struct acl_options** reason);
  429 int acl_addr_matches_host(struct acl_options* acl, struct acl_options* host);
  430 int acl_addr_matches(struct acl_options* acl, struct query* q);
  431 int acl_key_matches(struct acl_options* acl, struct query* q);
  432 int acl_addr_match_mask(uint32_t* a, uint32_t* b, uint32_t* mask, size_t sz);
  433 int acl_addr_match_range_v6(uint32_t* minval, uint32_t* x, uint32_t* maxval, size_t sz);
  434 int acl_addr_match_range_v4(uint32_t* minval, uint32_t* x, uint32_t* maxval, size_t sz);
  435 
  436 /* returns true if acls are both from the same host */
  437 int acl_same_host(struct acl_options* a, struct acl_options* b);
  438 /* find acl by number in the list */
  439 struct acl_options* acl_find_num(struct acl_options* acl, int num);
  440 
  441 /* see if two acl lists are the same (same elements in same order, or empty) */
  442 int acl_list_equal(struct acl_options* p, struct acl_options* q);
  443 /* see if two acl are the same */
  444 int acl_equal(struct acl_options* p, struct acl_options* q);
  445 
  446 /* see if a zone is a slave or a master zone */
  447 int zone_is_slave(struct zone_options* opt);
  448 /* create zonefile name, returns static pointer (perhaps to options data) */
  449 const char* config_make_zonefile(struct zone_options* zone, struct nsd* nsd);
  450 
  451 #define ZONEC_PCT_TIME 5 /* seconds, then it starts to print pcts */
  452 #define ZONEC_PCT_COUNT 100000 /* elements before pct check is done */
  453 
  454 /* parsing helpers */
  455 void c_error(const char* msg, ...) ATTR_FORMAT(printf, 1,2);
  456 int c_wrap(void);
  457 struct acl_options* parse_acl_info(region_type* region, char* ip,
  458     const char* key);
  459 /* true if ipv6 address, false if ipv4 */
  460 int parse_acl_is_ipv6(const char* p);
  461 /* returns range type. mask is the 2nd part of the range */
  462 int parse_acl_range_type(char* ip, char** mask);
  463 /* parses subnet mask, fills 0 mask as well */
  464 void parse_acl_range_subnet(char* p, void* addr, int maxbits);
  465 /* clean up options */
  466 void nsd_options_destroy(struct nsd_options* opt);
  467 /* replace occurrences of one with two in buf, pass length of buffer */
  468 void replace_str(char* buf, size_t len, const char* one, const char* two);
  469 /* apply pattern to the existing pattern in the parser */
  470 void config_apply_pattern(struct pattern_options *dest, const char* name);
  471 /* if the file is a directory, print a warning, because flex just exit()s
  472  * when a fileread fails because it is a directory, helps the user figure
  473  * out what just happened */
  474 void warn_if_directory(const char* filetype, FILE* f, const char* fname);
  475 /* resolve interface names in the options "ip-address:" (or "interface:")
  476  * and "control-interface:" into the ip-addresses associated with those
  477  * names. */
  478 void resolve_interface_names(struct nsd_options* options);
  479 
  480 #endif /* OPTIONS_H */