OpenDNSSEC-enforcer 2.1.13
policy.h
Go to the documentation of this file.
1/*
2 * Copyright (c) 2014 Jerry Lundström <lundstrom.jerry@gmail.com>
3 * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation).
4 * Copyright (c) 2014 OpenDNSSEC AB (svb)
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
22 * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
24 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
25 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
26 * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 *
28 */
29
30#ifndef __policy_h
31#define __policy_h
32
33#include "db_object.h"
34
35struct policy;
36struct policy_list;
37typedef struct policy policy_t;
39
40typedef enum policy_denial_type {
46
54
55#include "policy_ext.h"
56
60struct policy {
64 char* name;
65 /* if passthrough set, no modifications to the zonefile should
66 * be made. I.e. No signatures added or removed */
67 unsigned int passthrough;
69 unsigned int signatures_resign;
70 unsigned int signatures_refresh;
71 unsigned int signatures_jitter;
78 unsigned int denial_optout;
79 unsigned int denial_ttl;
80 unsigned int denial_resalt;
81 unsigned int denial_algorithm;
82 unsigned int denial_iterations;
83 unsigned int denial_salt_length;
86 unsigned int keys_ttl;
87 unsigned int keys_retire_safety;
88 unsigned int keys_publish_safety;
89 unsigned int keys_shared;
90 unsigned int keys_purge_after;
92 unsigned int zone_soa_ttl;
93 unsigned int zone_soa_minimum;
97 unsigned int parent_ds_ttl;
98 unsigned int parent_soa_ttl;
99 unsigned int parent_soa_minimum;
103};
104
110extern policy_t* policy_new(const db_connection_t* connection);
111
118
123extern void policy_free(policy_t* policy);
124
131extern int policy_copy(policy_t* policy, const policy_t* policy_copy);
132
139extern int policy_from_result(policy_t* policy, const db_result_t* result);
140
146extern const db_value_t* policy_id(const policy_t* policy);
147
153extern const char* policy_name(const policy_t* policy);
154
160extern unsigned int policy_passthrough(const policy_t* policy);
161
167extern const char* policy_description(const policy_t* policy);
168
174extern unsigned int policy_signatures_resign(const policy_t* policy);
175
181extern unsigned int policy_signatures_refresh(const policy_t* policy);
182
188extern unsigned int policy_signatures_jitter(const policy_t* policy);
189
195extern unsigned int policy_signatures_inception_offset(const policy_t* policy);
196
202extern unsigned int policy_signatures_validity_default(const policy_t* policy);
203
209extern unsigned int policy_signatures_validity_denial(const policy_t* policy);
210
216extern unsigned int policy_signatures_validity_keyset(const policy_t* policy);
217
223extern unsigned int policy_signatures_max_zone_ttl(const policy_t* policy);
224
231
237extern unsigned int policy_denial_optout(const policy_t* policy);
238
244extern unsigned int policy_denial_ttl(const policy_t* policy);
245
251extern unsigned int policy_denial_resalt(const policy_t* policy);
252
258extern unsigned int policy_denial_algorithm(const policy_t* policy);
259
265extern unsigned int policy_denial_iterations(const policy_t* policy);
266
272extern unsigned int policy_denial_salt_length(const policy_t* policy);
273
279extern const char* policy_denial_salt(const policy_t* policy);
280
286extern unsigned int policy_denial_salt_last_change(const policy_t* policy);
287
293extern unsigned int policy_keys_ttl(const policy_t* policy);
294
300extern unsigned int policy_keys_retire_safety(const policy_t* policy);
301
307extern unsigned int policy_keys_publish_safety(const policy_t* policy);
308
314extern unsigned int policy_keys_shared(const policy_t* policy);
315
321extern unsigned int policy_keys_purge_after(const policy_t* policy);
322
328extern unsigned int policy_zone_propagation_delay(const policy_t* policy);
329
335extern unsigned int policy_zone_soa_ttl(const policy_t* policy);
336
342extern unsigned int policy_zone_soa_minimum(const policy_t* policy);
343
349extern const char* policy_zone_soa_serial_text(const policy_t* policy);
350
356extern unsigned int policy_parent_registration_delay(const policy_t* policy);
357
363extern unsigned int policy_parent_propagation_delay(const policy_t* policy);
364
370extern unsigned int policy_parent_ds_ttl(const policy_t* policy);
371
377extern unsigned int policy_parent_soa_ttl(const policy_t* policy);
378
384extern unsigned int policy_parent_soa_minimum(const policy_t* policy);
385
392
401
408extern int policy_set_name(policy_t* policy, const char* name_text);
409
416extern int policy_set_passthrough(policy_t* policy, unsigned int passthrough);
417
424extern int policy_set_description(policy_t* policy, const char* description_text);
425
432extern int policy_set_signatures_resign(policy_t* policy, unsigned int signatures_resign);
433
440extern int policy_set_signatures_refresh(policy_t* policy, unsigned int signatures_refresh);
441
448extern int policy_set_signatures_jitter(policy_t* policy, unsigned int signatures_jitter);
449
456extern int policy_set_signatures_inception_offset(policy_t* policy, unsigned int signatures_inception_offset);
457
464extern int policy_set_signatures_validity_default(policy_t* policy, unsigned int signatures_validity_default);
465
472extern int policy_set_signatures_validity_denial(policy_t* policy, unsigned int signatures_validity_denial);
473
480extern int policy_set_signatures_validity_keyset(policy_t* policy, unsigned int signatures_validity_keyset);
481
488extern int policy_set_signatures_max_zone_ttl(policy_t* policy, unsigned int signatures_max_zone_ttl);
489
497
504extern int policy_set_denial_optout(policy_t* policy, unsigned int denial_optout);
505
512extern int policy_set_denial_ttl(policy_t* policy, unsigned int denial_ttl);
513
520extern int policy_set_denial_resalt(policy_t* policy, unsigned int denial_resalt);
521
528extern int policy_set_denial_algorithm(policy_t* policy, unsigned int denial_algorithm);
529
536extern int policy_set_denial_iterations(policy_t* policy, unsigned int denial_iterations);
537
544extern int policy_set_denial_salt_length(policy_t* policy, unsigned int denial_salt_length);
545
552extern int policy_set_denial_salt(policy_t* policy, const char* denial_salt_text);
553
560extern int policy_set_denial_salt_last_change(policy_t* policy, unsigned int denial_salt_last_change);
561
568extern int policy_set_keys_ttl(policy_t* policy, unsigned int keys_ttl);
569
576extern int policy_set_keys_retire_safety(policy_t* policy, unsigned int keys_retire_safety);
577
584extern int policy_set_keys_publish_safety(policy_t* policy, unsigned int keys_publish_safety);
585
592extern int policy_set_keys_shared(policy_t* policy, unsigned int keys_shared);
593
600extern int policy_set_keys_purge_after(policy_t* policy, unsigned int keys_purge_after);
601
608extern int policy_set_zone_propagation_delay(policy_t* policy, unsigned int zone_propagation_delay);
609
616extern int policy_set_zone_soa_ttl(policy_t* policy, unsigned int zone_soa_ttl);
617
624extern int policy_set_zone_soa_minimum(policy_t* policy, unsigned int zone_soa_minimum);
625
632extern int policy_set_zone_soa_serial_text(policy_t* policy, const char* zone_soa_serial);
633
640extern int policy_set_parent_registration_delay(policy_t* policy, unsigned int parent_registration_delay);
641
648extern int policy_set_parent_propagation_delay(policy_t* policy, unsigned int parent_propagation_delay);
649
656extern int policy_set_parent_ds_ttl(policy_t* policy, unsigned int parent_ds_ttl);
657
664extern int policy_set_parent_soa_ttl(policy_t* policy, unsigned int parent_soa_ttl);
665
672extern int policy_set_parent_soa_minimum(policy_t* policy, unsigned int parent_soa_minimum);
673
684
690extern int policy_create(policy_t* policy);
691
698extern int policy_get_by_id(policy_t* policy, const db_value_t* id);
699
706extern int policy_get_by_name(policy_t* policy, const char* name);
707
714extern policy_t* policy_new_get_by_name(const db_connection_t* connection, const char* name);
715
721extern int policy_update(policy_t* policy);
722
728extern int policy_delete(policy_t* policy);
729
744};
745
751extern policy_list_t* policy_list_new(const db_connection_t* connection);
752
759
767
773
780extern int policy_list_copy(policy_list_t* policy_list, const policy_list_t* from_policy_list);
781
788
794extern policy_list_t* policy_list_new_get(const db_connection_t* connection);
795
803
810extern policy_list_t* policy_list_new_get_by_clauses(const db_connection_t* connection, const db_clause_list_t* clause_list);
811
820
830
840
841#endif
unsigned int policy_denial_salt_length(const policy_t *policy)
Definition: policy.c:941
int policy_set_name(policy_t *policy, const char *name_text)
Definition: policy.c:1142
unsigned int policy_zone_propagation_delay(const policy_t *policy)
Definition: policy.c:1005
unsigned int policy_denial_iterations(const policy_t *policy)
Definition: policy.c:933
int policy_set_parent_ds_ttl(policy_t *policy, unsigned int parent_ds_ttl)
Definition: policy.c:1500
int policy_set_denial_type(policy_t *policy, policy_denial_type_t denial_type)
Definition: policy.c:1266
int policy_set_denial_ttl(policy_t *policy, unsigned int denial_ttl)
Definition: policy.c:1289
unsigned int policy_denial_optout(const policy_t *policy)
Definition: policy.c:901
unsigned int policy_parent_soa_minimum(const policy_t *policy)
Definition: policy.c:1077
int policy_set_signatures_resign(policy_t *policy, unsigned int signatures_resign)
Definition: policy.c:1186
unsigned int policy_signatures_validity_denial(const policy_t *policy)
Definition: policy.c:869
policy_zone_soa_serial
Definition: policy.h:47
@ POLICY_ZONE_SOA_SERIAL_COUNTER
Definition: policy.h:49
@ POLICY_ZONE_SOA_SERIAL_KEEP
Definition: policy.h:52
@ POLICY_ZONE_SOA_SERIAL_UNIXTIME
Definition: policy.h:51
@ POLICY_ZONE_SOA_SERIAL_INVALID
Definition: policy.h:48
@ POLICY_ZONE_SOA_SERIAL_DATECOUNTER
Definition: policy.h:50
enum policy_zone_soa_serial policy_zone_soa_serial_t
unsigned int policy_keys_purge_after(const policy_t *policy)
Definition: policy.c:997
policy_t * policy_new(const db_connection_t *connection)
Definition: policy.c:479
int policy_set_denial_iterations(policy_t *policy, unsigned int denial_iterations)
Definition: policy.c:1323
unsigned int policy_parent_ds_ttl(const policy_t *policy)
Definition: policy.c:1061
unsigned int policy_signatures_resign(const policy_t *policy)
Definition: policy.c:829
int policy_set_parent_soa_minimum(policy_t *policy, unsigned int parent_soa_minimum)
Definition: policy.c:1520
zone_list_db_t * policy_zone_list(policy_t *policy)
Definition: policy.c:1093
void policy_list_free(policy_list_t *policy_list)
Definition: policy.c:2664
const policy_t * policy_list_begin(policy_list_t *policy_list)
Definition: policy.c:3158
int policy_set_signatures_inception_offset(policy_t *policy, unsigned int signatures_inception_offset)
Definition: policy.c:1216
db_clause_t * policy_denial_type_clause(db_clause_list_t *clause_list, policy_denial_type_t denial_type)
Definition: policy.c:1540
int policy_set_zone_propagation_delay(policy_t *policy, unsigned int zone_propagation_delay)
Definition: policy.c:1433
unsigned int policy_keys_ttl(const policy_t *policy)
Definition: policy.c:965
const policy_t * policy_list_next(policy_list_t *policy_list)
Definition: policy.c:3214
policy_list_t * policy_list_new_get_by_clauses(const db_connection_t *connection, const db_clause_list_t *clause_list)
Definition: policy.c:3138
unsigned int policy_parent_propagation_delay(const policy_t *policy)
Definition: policy.c:1053
int policy_set_keys_purge_after(policy_t *policy, unsigned int keys_purge_after)
Definition: policy.c:1423
unsigned int policy_zone_soa_ttl(const policy_t *policy)
Definition: policy.c:1013
policy_list_t * policy_list_new_get(const db_connection_t *connection)
Definition: policy.c:3079
unsigned int policy_denial_salt_last_change(const policy_t *policy)
Definition: policy.c:957
unsigned int policy_zone_soa_minimum(const policy_t *policy)
Definition: policy.c:1021
unsigned int policy_passthrough(const policy_t *policy)
Definition: policy.c:1085
policy_list_t * policy_list_new_copy(const policy_list_t *policy_copy)
Definition: policy.c:2635
policy_t * policy_new_get_by_name(const db_connection_t *connection, const char *name)
Definition: policy.c:2090
const char * policy_denial_salt(const policy_t *policy)
Definition: policy.c:949
unsigned int policy_signatures_refresh(const policy_t *policy)
Definition: policy.c:837
unsigned int policy_denial_ttl(const policy_t *policy)
Definition: policy.c:909
unsigned int policy_signatures_max_zone_ttl(const policy_t *policy)
Definition: policy.c:885
int policy_get_by_name(policy_t *policy, const char *name)
Definition: policy.c:2040
policy_t * policy_new_copy(const policy_t *policy)
Definition: policy.c:499
int policy_set_parent_soa_ttl(policy_t *policy, unsigned int parent_soa_ttl)
Definition: policy.c:1510
const char * policy_name(const policy_t *policy)
Definition: policy.c:813
int policy_set_denial_resalt(policy_t *policy, unsigned int denial_resalt)
Definition: policy.c:1299
int policy_retrieve_zone_list(policy_t *policy)
Definition: policy.c:1111
unsigned int policy_keys_shared(const policy_t *policy)
Definition: policy.c:989
int policy_create(policy_t *policy)
Definition: policy.c:1561
int policy_set_denial_salt_last_change(policy_t *policy, unsigned int denial_salt_last_change)
Definition: policy.c:1373
int policy_list_copy(policy_list_t *policy_list, const policy_list_t *from_policy_list)
Definition: policy.c:2689
int policy_copy(policy_t *policy, const policy_t *policy_copy)
Definition: policy.c:547
int policy_set_denial_algorithm(policy_t *policy, unsigned int denial_algorithm)
Definition: policy.c:1309
int policy_set_parent_registration_delay(policy_t *policy, unsigned int parent_registration_delay)
Definition: policy.c:1480
int policy_set_zone_soa_serial_text(policy_t *policy, const char *zone_soa_serial)
Definition: policy.c:1463
int policy_from_result(policy_t *policy, const db_result_t *result)
Definition: policy.c:707
const db_value_t * policy_id(const policy_t *policy)
Definition: policy.c:805
unsigned int policy_signatures_jitter(const policy_t *policy)
Definition: policy.c:845
policy_list_t * policy_list_new(const db_connection_t *connection)
Definition: policy.c:2621
int policy_list_object_store(policy_list_t *policy_list)
Definition: policy.c:2654
unsigned int policy_parent_registration_delay(const policy_t *policy)
Definition: policy.c:1045
int policy_set_denial_salt(policy_t *policy, const char *denial_salt_text)
Definition: policy.c:1351
int policy_list_get_by_clauses(policy_list_t *policy_list, const db_clause_list_t *clause_list)
Definition: policy.c:3096
int policy_set_parent_propagation_delay(policy_t *policy, unsigned int parent_propagation_delay)
Definition: policy.c:1490
int policy_set_denial_optout(policy_t *policy, unsigned int denial_optout)
Definition: policy.c:1279
policy_t * policy_list_get_next(policy_list_t *policy_list)
Definition: policy.c:3280
unsigned int policy_signatures_inception_offset(const policy_t *policy)
Definition: policy.c:853
int policy_set_signatures_max_zone_ttl(policy_t *policy, unsigned int signatures_max_zone_ttl)
Definition: policy.c:1256
int policy_set_signatures_jitter(policy_t *policy, unsigned int signatures_jitter)
Definition: policy.c:1206
int policy_set_description(policy_t *policy, const char *description_text)
Definition: policy.c:1164
int policy_set_keys_shared(policy_t *policy, unsigned int keys_shared)
Definition: policy.c:1413
policy_denial_type
Definition: policy.h:40
@ POLICY_DENIAL_TYPE_INVALID
Definition: policy.h:41
@ POLICY_DENIAL_TYPE_NSEC
Definition: policy.h:42
@ POLICY_DENIAL_TYPE_NSEC3
Definition: policy.h:43
unsigned int policy_parent_soa_ttl(const policy_t *policy)
Definition: policy.c:1069
int policy_get_by_id(policy_t *policy, const db_value_t *id)
Definition: policy.c:1987
int policy_list_get(policy_list_t *policy_list)
Definition: policy.c:3040
int policy_set_denial_salt_length(policy_t *policy, unsigned int denial_salt_length)
Definition: policy.c:1337
const char * policy_zone_soa_serial_text(const policy_t *policy)
Definition: policy.c:1029
int policy_set_signatures_validity_keyset(policy_t *policy, unsigned int signatures_validity_keyset)
Definition: policy.c:1246
int policy_set_signatures_validity_default(policy_t *policy, unsigned int signatures_validity_default)
Definition: policy.c:1226
int policy_delete(policy_t *policy)
Definition: policy.c:2571
unsigned int policy_denial_algorithm(const policy_t *policy)
Definition: policy.c:925
unsigned int policy_signatures_validity_default(const policy_t *policy)
Definition: policy.c:861
int policy_set_signatures_refresh(policy_t *policy, unsigned int signatures_refresh)
Definition: policy.c:1196
void policy_free(policy_t *policy)
Definition: policy.c:518
int policy_set_keys_ttl(policy_t *policy, unsigned int keys_ttl)
Definition: policy.c:1383
enum policy_denial_type policy_denial_type_t
const char * policy_description(const policy_t *policy)
Definition: policy.c:821
const db_enum_t policy_enum_set_denial_type[]
Definition: policy.c:36
int policy_set_signatures_validity_denial(policy_t *policy, unsigned int signatures_validity_denial)
Definition: policy.c:1236
int policy_set_passthrough(policy_t *policy, unsigned int passthrough)
Definition: policy.c:1530
unsigned int policy_denial_resalt(const policy_t *policy)
Definition: policy.c:917
unsigned int policy_keys_publish_safety(const policy_t *policy)
Definition: policy.c:981
int policy_set_zone_soa_minimum(policy_t *policy, unsigned int zone_soa_minimum)
Definition: policy.c:1453
int policy_set_keys_publish_safety(policy_t *policy, unsigned int keys_publish_safety)
Definition: policy.c:1403
unsigned int policy_keys_retire_safety(const policy_t *policy)
Definition: policy.c:973
int policy_set_keys_retire_safety(policy_t *policy, unsigned int keys_retire_safety)
Definition: policy.c:1393
int policy_update(policy_t *policy)
Definition: policy.c:2110
unsigned int policy_signatures_validity_keyset(const policy_t *policy)
Definition: policy.c:877
int policy_set_zone_soa_ttl(policy_t *policy, unsigned int zone_soa_ttl)
Definition: policy.c:1443
db_result_list_t * result_list
Definition: policy.h:735
policy_t ** object_list
Definition: policy.h:739
int object_store
Definition: policy.h:738
db_object_t * dbo
Definition: policy.h:734
int associated_fetch
Definition: policy.h:743
const db_result_t * result
Definition: policy.h:736
size_t object_list_position
Definition: policy.h:741
size_t object_list_size
Definition: policy.h:740
policy_t * policy
Definition: policy.h:737
int object_list_first
Definition: policy.h:742
Definition: policy.h:60
unsigned int parent_ds_ttl
Definition: policy.h:97
unsigned int keys_purge_after
Definition: policy.h:90
unsigned int parent_registration_delay
Definition: policy.h:95
unsigned int signatures_resign
Definition: policy.h:69
unsigned int keys_publish_safety
Definition: policy.h:88
unsigned int zone_soa_minimum
Definition: policy.h:93
hsm_key_list_t * hsm_key_list
Definition: policy.h:102
char * name
Definition: policy.h:64
unsigned int parent_soa_ttl
Definition: policy.h:98
char * description
Definition: policy.h:68
unsigned int denial_iterations
Definition: policy.h:82
unsigned int parent_propagation_delay
Definition: policy.h:96
unsigned int keys_shared
Definition: policy.h:89
unsigned int zone_propagation_delay
Definition: policy.h:91
unsigned int zone_soa_ttl
Definition: policy.h:92
unsigned int denial_algorithm
Definition: policy.h:81
unsigned int denial_optout
Definition: policy.h:78
policy_denial_type_t denial_type
Definition: policy.h:77
unsigned int denial_resalt
Definition: policy.h:80
unsigned int signatures_validity_default
Definition: policy.h:73
unsigned int denial_salt_length
Definition: policy.h:83
unsigned int signatures_jitter
Definition: policy.h:71
unsigned int signatures_validity_denial
Definition: policy.h:74
unsigned int passthrough
Definition: policy.h:67
policy_key_list_t * policy_key_list
Definition: policy.h:100
zone_list_db_t * zone_list
Definition: policy.h:101
db_value_t id
Definition: policy.h:62
db_object_t * dbo
Definition: policy.h:61
unsigned int signatures_inception_offset
Definition: policy.h:72
char * denial_salt
Definition: policy.h:84
policy_zone_soa_serial_t zone_soa_serial
Definition: policy.h:94
unsigned int denial_salt_last_change
Definition: policy.h:85
unsigned int denial_ttl
Definition: policy.h:79
unsigned int keys_retire_safety
Definition: policy.h:87
unsigned int signatures_refresh
Definition: policy.h:70
db_value_t rev
Definition: policy.h:63
unsigned int parent_soa_minimum
Definition: policy.h:99
unsigned int signatures_max_zone_ttl
Definition: policy.h:76
unsigned int keys_ttl
Definition: policy.h:86
unsigned int signatures_validity_keyset
Definition: policy.h:75