OpenDNSSEC-enforcer  2.1.10
policy.h
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2014 Jerry Lundström <lundstrom.jerry@gmail.com>
3  * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation).
4  * Copyright (c) 2014 OpenDNSSEC AB (svb)
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  * notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  * notice, this list of conditions and the following disclaimer in the
14  * documentation and/or other materials provided with the distribution.
15  *
16  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
20  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
22  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
24  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
25  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
26  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27  *
28  */
29 
30 #ifndef __policy_h
31 #define __policy_h
32 
33 #include "db_object.h"
34 
35 struct policy;
36 struct policy_list;
37 typedef struct policy policy_t;
38 typedef struct policy_list policy_list_t;
39 
40 typedef enum policy_denial_type {
46 
47 typedef enum policy_zone_soa_serial {
54 
55 #include "policy_ext.h"
56 
60 struct policy {
64  char* name;
65  /* if passthrough set, no modifications to the zonefile should
66  * be made. I.e. No signatures added or removed */
67  unsigned int passthrough;
68  char* description;
69  unsigned int signatures_resign;
70  unsigned int signatures_refresh;
71  unsigned int signatures_jitter;
78  unsigned int denial_optout;
79  unsigned int denial_ttl;
80  unsigned int denial_resalt;
81  unsigned int denial_algorithm;
82  unsigned int denial_iterations;
83  unsigned int denial_salt_length;
84  char* denial_salt;
86  unsigned int keys_ttl;
87  unsigned int keys_retire_safety;
88  unsigned int keys_publish_safety;
89  unsigned int keys_shared;
90  unsigned int keys_purge_after;
91  unsigned int zone_propagation_delay;
92  unsigned int zone_soa_ttl;
93  unsigned int zone_soa_minimum;
97  unsigned int parent_ds_ttl;
98  unsigned int parent_soa_ttl;
99  unsigned int parent_soa_minimum;
103 };
104 
110 extern policy_t* policy_new(const db_connection_t* connection);
111 
117 extern policy_t* policy_new_copy(const policy_t* policy);
118 
123 extern void policy_free(policy_t* policy);
124 
131 extern int policy_copy(policy_t* policy, const policy_t* policy_copy);
132 
139 extern int policy_from_result(policy_t* policy, const db_result_t* result);
140 
146 extern const db_value_t* policy_id(const policy_t* policy);
147 
153 extern const char* policy_name(const policy_t* policy);
154 
160 extern unsigned int policy_passthrough(const policy_t* policy);
161 
167 extern const char* policy_description(const policy_t* policy);
168 
174 extern unsigned int policy_signatures_resign(const policy_t* policy);
175 
181 extern unsigned int policy_signatures_refresh(const policy_t* policy);
182 
188 extern unsigned int policy_signatures_jitter(const policy_t* policy);
189 
195 extern unsigned int policy_signatures_inception_offset(const policy_t* policy);
196 
202 extern unsigned int policy_signatures_validity_default(const policy_t* policy);
203 
209 extern unsigned int policy_signatures_validity_denial(const policy_t* policy);
210 
216 extern unsigned int policy_signatures_validity_keyset(const policy_t* policy);
217 
223 extern unsigned int policy_signatures_max_zone_ttl(const policy_t* policy);
224 
231 
237 extern unsigned int policy_denial_optout(const policy_t* policy);
238 
244 extern unsigned int policy_denial_ttl(const policy_t* policy);
245 
251 extern unsigned int policy_denial_resalt(const policy_t* policy);
252 
258 extern unsigned int policy_denial_algorithm(const policy_t* policy);
259 
265 extern unsigned int policy_denial_iterations(const policy_t* policy);
266 
272 extern unsigned int policy_denial_salt_length(const policy_t* policy);
273 
279 extern const char* policy_denial_salt(const policy_t* policy);
280 
286 extern unsigned int policy_denial_salt_last_change(const policy_t* policy);
287 
293 extern unsigned int policy_keys_ttl(const policy_t* policy);
294 
300 extern unsigned int policy_keys_retire_safety(const policy_t* policy);
301 
307 extern unsigned int policy_keys_publish_safety(const policy_t* policy);
308 
314 extern unsigned int policy_keys_shared(const policy_t* policy);
315 
321 extern unsigned int policy_keys_purge_after(const policy_t* policy);
322 
328 extern unsigned int policy_zone_propagation_delay(const policy_t* policy);
329 
335 extern unsigned int policy_zone_soa_ttl(const policy_t* policy);
336 
342 extern unsigned int policy_zone_soa_minimum(const policy_t* policy);
343 
349 extern const char* policy_zone_soa_serial_text(const policy_t* policy);
350 
356 extern unsigned int policy_parent_registration_delay(const policy_t* policy);
357 
363 extern unsigned int policy_parent_propagation_delay(const policy_t* policy);
364 
370 extern unsigned int policy_parent_ds_ttl(const policy_t* policy);
371 
377 extern unsigned int policy_parent_soa_ttl(const policy_t* policy);
378 
384 extern unsigned int policy_parent_soa_minimum(const policy_t* policy);
385 
392 
401 
408 extern int policy_set_name(policy_t* policy, const char* name_text);
409 
416 extern int policy_set_passthrough(policy_t* policy, unsigned int passthrough);
417 
424 extern int policy_set_description(policy_t* policy, const char* description_text);
425 
432 extern int policy_set_signatures_resign(policy_t* policy, unsigned int signatures_resign);
433 
440 extern int policy_set_signatures_refresh(policy_t* policy, unsigned int signatures_refresh);
441 
448 extern int policy_set_signatures_jitter(policy_t* policy, unsigned int signatures_jitter);
449 
456 extern int policy_set_signatures_inception_offset(policy_t* policy, unsigned int signatures_inception_offset);
457 
464 extern int policy_set_signatures_validity_default(policy_t* policy, unsigned int signatures_validity_default);
465 
472 extern int policy_set_signatures_validity_denial(policy_t* policy, unsigned int signatures_validity_denial);
473 
480 extern int policy_set_signatures_validity_keyset(policy_t* policy, unsigned int signatures_validity_keyset);
481 
488 extern int policy_set_signatures_max_zone_ttl(policy_t* policy, unsigned int signatures_max_zone_ttl);
489 
497 
504 extern int policy_set_denial_optout(policy_t* policy, unsigned int denial_optout);
505 
512 extern int policy_set_denial_ttl(policy_t* policy, unsigned int denial_ttl);
513 
520 extern int policy_set_denial_resalt(policy_t* policy, unsigned int denial_resalt);
521 
528 extern int policy_set_denial_algorithm(policy_t* policy, unsigned int denial_algorithm);
529 
536 extern int policy_set_denial_iterations(policy_t* policy, unsigned int denial_iterations);
537 
544 extern int policy_set_denial_salt_length(policy_t* policy, unsigned int denial_salt_length);
545 
552 extern int policy_set_denial_salt(policy_t* policy, const char* denial_salt_text);
553 
560 extern int policy_set_denial_salt_last_change(policy_t* policy, unsigned int denial_salt_last_change);
561 
568 extern int policy_set_keys_ttl(policy_t* policy, unsigned int keys_ttl);
569 
576 extern int policy_set_keys_retire_safety(policy_t* policy, unsigned int keys_retire_safety);
577 
584 extern int policy_set_keys_publish_safety(policy_t* policy, unsigned int keys_publish_safety);
585 
592 extern int policy_set_keys_shared(policy_t* policy, unsigned int keys_shared);
593 
600 extern int policy_set_keys_purge_after(policy_t* policy, unsigned int keys_purge_after);
601 
608 extern int policy_set_zone_propagation_delay(policy_t* policy, unsigned int zone_propagation_delay);
609 
616 extern int policy_set_zone_soa_ttl(policy_t* policy, unsigned int zone_soa_ttl);
617 
624 extern int policy_set_zone_soa_minimum(policy_t* policy, unsigned int zone_soa_minimum);
625 
632 extern int policy_set_zone_soa_serial_text(policy_t* policy, const char* zone_soa_serial);
633 
640 extern int policy_set_parent_registration_delay(policy_t* policy, unsigned int parent_registration_delay);
641 
648 extern int policy_set_parent_propagation_delay(policy_t* policy, unsigned int parent_propagation_delay);
649 
656 extern int policy_set_parent_ds_ttl(policy_t* policy, unsigned int parent_ds_ttl);
657 
664 extern int policy_set_parent_soa_ttl(policy_t* policy, unsigned int parent_soa_ttl);
665 
672 extern int policy_set_parent_soa_minimum(policy_t* policy, unsigned int parent_soa_minimum);
673 
684 
690 extern int policy_create(policy_t* policy);
691 
698 extern int policy_get_by_id(policy_t* policy, const db_value_t* id);
699 
706 extern int policy_get_by_name(policy_t* policy, const char* name);
707 
714 extern policy_t* policy_new_get_by_name(const db_connection_t* connection, const char* name);
715 
721 extern int policy_update(policy_t* policy);
722 
728 extern int policy_delete(policy_t* policy);
729 
733 struct policy_list {
744 };
745 
751 extern policy_list_t* policy_list_new(const db_connection_t* connection);
752 
759 
767 
773 
780 extern int policy_list_copy(policy_list_t* policy_list, const policy_list_t* from_policy_list);
781 
788 
794 extern policy_list_t* policy_list_new_get(const db_connection_t* connection);
795 
803 
810 extern policy_list_t* policy_list_new_get_by_clauses(const db_connection_t* connection, const db_clause_list_t* clause_list);
811 
820 
830 
840 
841 #endif
const char * policy_name(const policy_t *policy)
Definition: policy.c:813
unsigned int policy_denial_salt_length(const policy_t *policy)
Definition: policy.c:941
int policy_set_name(policy_t *policy, const char *name_text)
Definition: policy.c:1142
unsigned int policy_zone_propagation_delay(const policy_t *policy)
Definition: policy.c:1005
policy_t * policy_list_get_next(policy_list_t *policy_list)
Definition: policy.c:3280
unsigned int policy_denial_iterations(const policy_t *policy)
Definition: policy.c:933
int policy_set_parent_ds_ttl(policy_t *policy, unsigned int parent_ds_ttl)
Definition: policy.c:1500
int policy_set_denial_type(policy_t *policy, policy_denial_type_t denial_type)
Definition: policy.c:1266
int policy_set_denial_ttl(policy_t *policy, unsigned int denial_ttl)
Definition: policy.c:1289
unsigned int policy_denial_optout(const policy_t *policy)
Definition: policy.c:901
unsigned int policy_parent_soa_minimum(const policy_t *policy)
Definition: policy.c:1077
int policy_set_signatures_resign(policy_t *policy, unsigned int signatures_resign)
Definition: policy.c:1186
unsigned int policy_signatures_validity_denial(const policy_t *policy)
Definition: policy.c:869
policy_list_t * policy_list_new_copy(const policy_list_t *policy_copy)
Definition: policy.c:2635
policy_zone_soa_serial
Definition: policy.h:47
@ POLICY_ZONE_SOA_SERIAL_COUNTER
Definition: policy.h:49
@ POLICY_ZONE_SOA_SERIAL_KEEP
Definition: policy.h:52
@ POLICY_ZONE_SOA_SERIAL_UNIXTIME
Definition: policy.h:51
@ POLICY_ZONE_SOA_SERIAL_INVALID
Definition: policy.h:48
@ POLICY_ZONE_SOA_SERIAL_DATECOUNTER
Definition: policy.h:50
enum policy_zone_soa_serial policy_zone_soa_serial_t
unsigned int policy_keys_purge_after(const policy_t *policy)
Definition: policy.c:997
db_clause_t * policy_denial_type_clause(db_clause_list_t *clause_list, policy_denial_type_t denial_type)
Definition: policy.c:1540
const policy_t * policy_list_next(policy_list_t *policy_list)
Definition: policy.c:3214
int policy_set_denial_iterations(policy_t *policy, unsigned int denial_iterations)
Definition: policy.c:1323
unsigned int policy_parent_ds_ttl(const policy_t *policy)
Definition: policy.c:1061
unsigned int policy_signatures_resign(const policy_t *policy)
Definition: policy.c:829
int policy_set_parent_soa_minimum(policy_t *policy, unsigned int parent_soa_minimum)
Definition: policy.c:1520
void policy_list_free(policy_list_t *policy_list)
Definition: policy.c:2664
int policy_set_signatures_inception_offset(policy_t *policy, unsigned int signatures_inception_offset)
Definition: policy.c:1216
int policy_set_zone_propagation_delay(policy_t *policy, unsigned int zone_propagation_delay)
Definition: policy.c:1433
unsigned int policy_keys_ttl(const policy_t *policy)
Definition: policy.c:965
unsigned int policy_parent_propagation_delay(const policy_t *policy)
Definition: policy.c:1053
int policy_set_keys_purge_after(policy_t *policy, unsigned int keys_purge_after)
Definition: policy.c:1423
policy_list_t * policy_list_new_get(const db_connection_t *connection)
Definition: policy.c:3079
unsigned int policy_zone_soa_ttl(const policy_t *policy)
Definition: policy.c:1013
unsigned int policy_denial_salt_last_change(const policy_t *policy)
Definition: policy.c:957
unsigned int policy_zone_soa_minimum(const policy_t *policy)
Definition: policy.c:1021
unsigned int policy_passthrough(const policy_t *policy)
Definition: policy.c:1085
const db_value_t * policy_id(const policy_t *policy)
Definition: policy.c:805
unsigned int policy_signatures_refresh(const policy_t *policy)
Definition: policy.c:837
unsigned int policy_denial_ttl(const policy_t *policy)
Definition: policy.c:909
unsigned int policy_signatures_max_zone_ttl(const policy_t *policy)
Definition: policy.c:885
int policy_get_by_name(policy_t *policy, const char *name)
Definition: policy.c:2040
int policy_set_parent_soa_ttl(policy_t *policy, unsigned int parent_soa_ttl)
Definition: policy.c:1510
int policy_set_denial_resalt(policy_t *policy, unsigned int denial_resalt)
Definition: policy.c:1299
int policy_retrieve_zone_list(policy_t *policy)
Definition: policy.c:1111
policy_list_t * policy_list_new_get_by_clauses(const db_connection_t *connection, const db_clause_list_t *clause_list)
Definition: policy.c:3138
unsigned int policy_keys_shared(const policy_t *policy)
Definition: policy.c:989
int policy_create(policy_t *policy)
Definition: policy.c:1561
int policy_set_denial_salt_last_change(policy_t *policy, unsigned int denial_salt_last_change)
Definition: policy.c:1373
int policy_list_copy(policy_list_t *policy_list, const policy_list_t *from_policy_list)
Definition: policy.c:2689
int policy_copy(policy_t *policy, const policy_t *policy_copy)
Definition: policy.c:547
int policy_set_denial_algorithm(policy_t *policy, unsigned int denial_algorithm)
Definition: policy.c:1309
int policy_set_parent_registration_delay(policy_t *policy, unsigned int parent_registration_delay)
Definition: policy.c:1480
int policy_set_zone_soa_serial_text(policy_t *policy, const char *zone_soa_serial)
Definition: policy.c:1463
int policy_from_result(policy_t *policy, const db_result_t *result)
Definition: policy.c:707
zone_list_db_t * policy_zone_list(policy_t *policy)
Definition: policy.c:1093
unsigned int policy_signatures_jitter(const policy_t *policy)
Definition: policy.c:845
int policy_list_object_store(policy_list_t *policy_list)
Definition: policy.c:2654
unsigned int policy_parent_registration_delay(const policy_t *policy)
Definition: policy.c:1045
policy_t * policy_new_copy(const policy_t *policy)
Definition: policy.c:499
int policy_set_denial_salt(policy_t *policy, const char *denial_salt_text)
Definition: policy.c:1351
const char * policy_description(const policy_t *policy)
Definition: policy.c:821
int policy_list_get_by_clauses(policy_list_t *policy_list, const db_clause_list_t *clause_list)
Definition: policy.c:3096
int policy_set_parent_propagation_delay(policy_t *policy, unsigned int parent_propagation_delay)
Definition: policy.c:1490
policy_list_t * policy_list_new(const db_connection_t *connection)
Definition: policy.c:2621
int policy_set_denial_optout(policy_t *policy, unsigned int denial_optout)
Definition: policy.c:1279
unsigned int policy_signatures_inception_offset(const policy_t *policy)
Definition: policy.c:853
int policy_set_signatures_max_zone_ttl(policy_t *policy, unsigned int signatures_max_zone_ttl)
Definition: policy.c:1256
int policy_set_signatures_jitter(policy_t *policy, unsigned int signatures_jitter)
Definition: policy.c:1206
const char * policy_denial_salt(const policy_t *policy)
Definition: policy.c:949
int policy_set_description(policy_t *policy, const char *description_text)
Definition: policy.c:1164
int policy_set_keys_shared(policy_t *policy, unsigned int keys_shared)
Definition: policy.c:1413
policy_denial_type
Definition: policy.h:40
@ POLICY_DENIAL_TYPE_INVALID
Definition: policy.h:41
@ POLICY_DENIAL_TYPE_NSEC
Definition: policy.h:42
@ POLICY_DENIAL_TYPE_NSEC3
Definition: policy.h:43
unsigned int policy_parent_soa_ttl(const policy_t *policy)
Definition: policy.c:1069
int policy_get_by_id(policy_t *policy, const db_value_t *id)
Definition: policy.c:1987
int policy_list_get(policy_list_t *policy_list)
Definition: policy.c:3040
int policy_set_denial_salt_length(policy_t *policy, unsigned int denial_salt_length)
Definition: policy.c:1337
const policy_t * policy_list_begin(policy_list_t *policy_list)
Definition: policy.c:3158
int policy_set_signatures_validity_keyset(policy_t *policy, unsigned int signatures_validity_keyset)
Definition: policy.c:1246
int policy_set_signatures_validity_default(policy_t *policy, unsigned int signatures_validity_default)
Definition: policy.c:1226
int policy_delete(policy_t *policy)
Definition: policy.c:2571
unsigned int policy_denial_algorithm(const policy_t *policy)
Definition: policy.c:925
unsigned int policy_signatures_validity_default(const policy_t *policy)
Definition: policy.c:861
int policy_set_signatures_refresh(policy_t *policy, unsigned int signatures_refresh)
Definition: policy.c:1196
void policy_free(policy_t *policy)
Definition: policy.c:518
int policy_set_keys_ttl(policy_t *policy, unsigned int keys_ttl)
Definition: policy.c:1383
enum policy_denial_type policy_denial_type_t
const char * policy_zone_soa_serial_text(const policy_t *policy)
Definition: policy.c:1029
const db_enum_t policy_enum_set_denial_type[]
Definition: policy.c:36
int policy_set_signatures_validity_denial(policy_t *policy, unsigned int signatures_validity_denial)
Definition: policy.c:1236
int policy_set_passthrough(policy_t *policy, unsigned int passthrough)
Definition: policy.c:1530
unsigned int policy_denial_resalt(const policy_t *policy)
Definition: policy.c:917
unsigned int policy_keys_publish_safety(const policy_t *policy)
Definition: policy.c:981
int policy_set_zone_soa_minimum(policy_t *policy, unsigned int zone_soa_minimum)
Definition: policy.c:1453
int policy_set_keys_publish_safety(policy_t *policy, unsigned int keys_publish_safety)
Definition: policy.c:1403
unsigned int policy_keys_retire_safety(const policy_t *policy)
Definition: policy.c:973
policy_t * policy_new_get_by_name(const db_connection_t *connection, const char *name)
Definition: policy.c:2090
int policy_set_keys_retire_safety(policy_t *policy, unsigned int keys_retire_safety)
Definition: policy.c:1393
int policy_update(policy_t *policy)
Definition: policy.c:2110
policy_t * policy_new(const db_connection_t *connection)
Definition: policy.c:479
unsigned int policy_signatures_validity_keyset(const policy_t *policy)
Definition: policy.c:877
int policy_set_zone_soa_ttl(policy_t *policy, unsigned int zone_soa_ttl)
Definition: policy.c:1443
db_result_list_t * result_list
Definition: policy.h:735
policy_t ** object_list
Definition: policy.h:739
int object_store
Definition: policy.h:738
db_object_t * dbo
Definition: policy.h:734
int associated_fetch
Definition: policy.h:743
const db_result_t * result
Definition: policy.h:736
size_t object_list_position
Definition: policy.h:741
size_t object_list_size
Definition: policy.h:740
policy_t * policy
Definition: policy.h:737
int object_list_first
Definition: policy.h:742
Definition: policy.h:60
unsigned int parent_ds_ttl
Definition: policy.h:97
unsigned int keys_purge_after
Definition: policy.h:90
unsigned int parent_registration_delay
Definition: policy.h:95
unsigned int signatures_resign
Definition: policy.h:69
unsigned int keys_publish_safety
Definition: policy.h:88
unsigned int zone_soa_minimum
Definition: policy.h:93
hsm_key_list_t * hsm_key_list
Definition: policy.h:102
char * name
Definition: policy.h:64
unsigned int parent_soa_ttl
Definition: policy.h:98
char * description
Definition: policy.h:68
unsigned int denial_iterations
Definition: policy.h:82
unsigned int parent_propagation_delay
Definition: policy.h:96
unsigned int keys_shared
Definition: policy.h:89
unsigned int zone_propagation_delay
Definition: policy.h:91
unsigned int zone_soa_ttl
Definition: policy.h:92
unsigned int denial_algorithm
Definition: policy.h:81
unsigned int denial_optout
Definition: policy.h:78
policy_denial_type_t denial_type
Definition: policy.h:77
unsigned int denial_resalt
Definition: policy.h:80
unsigned int signatures_validity_default
Definition: policy.h:73
unsigned int denial_salt_length
Definition: policy.h:83
unsigned int signatures_jitter
Definition: policy.h:71
unsigned int signatures_validity_denial
Definition: policy.h:74
unsigned int passthrough
Definition: policy.h:67
policy_key_list_t * policy_key_list
Definition: policy.h:100
zone_list_db_t * zone_list
Definition: policy.h:101
db_value_t id
Definition: policy.h:62
db_object_t * dbo
Definition: policy.h:61
unsigned int signatures_inception_offset
Definition: policy.h:72
char * denial_salt
Definition: policy.h:84
policy_zone_soa_serial_t zone_soa_serial
Definition: policy.h:94
unsigned int denial_salt_last_change
Definition: policy.h:85
unsigned int denial_ttl
Definition: policy.h:79
unsigned int keys_retire_safety
Definition: policy.h:87
unsigned int signatures_refresh
Definition: policy.h:70
db_value_t rev
Definition: policy.h:63
unsigned int parent_soa_minimum
Definition: policy.h:99
unsigned int signatures_max_zone_ttl
Definition: policy.h:76
unsigned int keys_ttl
Definition: policy.h:86
unsigned int signatures_validity_keyset
Definition: policy.h:75