1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
|
/*****************************************************************
**
** @(#) zconf.h
**
** Copyright (c) Jan 2005, Jeroen Masar, Holger Zuleger.
** All rights reserved.
**
** This software is open source.
**
** Redistribution and use in source and binary forms, with or without
** modification, are permitted provided that the following conditions
** are met:
**
** Redistributions of source code must retain the above copyright notice,
** this list of conditions and the following disclaimer.
**
** Redistributions in binary form must reproduce the above copyright notice,
** this list of conditions and the following disclaimer in the documentation
** and/or other materials provided with the distribution.
**
** Neither the name of Jeroen Masar and Holger Zuleger nor the
** names of its contributors may be used to endorse or promote products
** derived from this software without specific prior written permission.
**
** THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
** "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
** TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
** PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
** LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
** CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
** SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
** INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
** CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
** ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
** POSSIBILITY OF SUCH DAMAGE.
**
*****************************************************************/
#ifndef ZCONF_H
# define ZCONF_H
# define MINSEC 60
# define HOURSEC (MINSEC * 60)
# define DAYSEC (HOURSEC * 24)
# define WEEKSEC (DAYSEC * 7)
# define YEARSEC (DAYSEC * 365)
# define DAY (1)
# define WEEK (DAY * 7)
# define MONTH (DAY * 30)
# define YEAR (DAY * 365)
# define SIG_VALID_DAYS (10) /* or 3 Weeks ? */
# define SIG_VALIDITY (SIG_VALID_DAYS * DAYSEC)
# define MAX_TTL ( 8 * HOURSEC) /* default value of maximum ttl time */
# define KEY_TTL ( 4 * HOURSEC) /* default value of KEY TTL */
# define PROPTIME ( 5 * MINSEC) /* expected slave propagation time */
/* should be small if notify is used */
#if defined (DEF_TTL)
# define DEF_TTL (MAX_TTL/2) /* currently not used */
#endif
# define RESIGN_INT ((SIG_VALID_DAYS - (SIG_VALID_DAYS / 3)) * DAYSEC)
# define KSK_LIFETIME (1 * YEARSEC)
#if 0
# define ZSK_LIFETIME ((SIG_VALID_DAYS * 3) * DAYSEC) /* set to three times the sig validity */
#else
# define ZSK_LIFETIME ((MONTH * 3) * DAYSEC) /* set fixed to 3 month */
#endif
# define KSK_ALGO (DK_ALGO_RSASHA1)
# define KSK_BITS (1300)
# define KSK_RANDOM "/dev/urandom" /* was NULL before v0.94 */
# define ZSK_ALGO (DK_ALGO_RSASHA1)
# define ZSK_BITS (512)
# define ZSK_RANDOM "/dev/urandom"
# define ZONEDIR "."
# define RECURSIVE 0
# define PRINTTIME 1
# define PRINTAGE 0
# define LJUST 0
# define KEYSETDIR NULL /* keysets */
# define LOGFILE ""
# define LOGLEVEL "error"
# define SYSLOGFACILITY "none"
# define SYSLOGLEVEL "notice"
# define VERBOSELOG 0
# define ZONEFILE "zone.db"
# define DNSKEYFILE "dnskey.db"
# define LOOKASIDEDOMAIN "" /* "dlv.trusted-keys.de" */
# define SIG_RANDOM NULL /* "/dev/urandom" */
# define SIG_PSEUDO 1
# define SIG_GENDS 1
# define SIG_PARAM ""
# define DIST_CMD NULL /* default is to run "rndc reload" */
#ifndef CONFIG_PATH
# define CONFIG_PATH "/var/named/"
#endif
# define CONFIG_FILE CONFIG_PATH "dnssec.conf"
# define LOCALCONF_FILE "dnssec.conf"
/* external command execution path (should be set via config.h) */
#ifndef BIND_UTIL_PATH
# define BIND_UTIL_PATH "/usr/local/sbin/" /* beware of trailing '/' */
#endif
# define SIGNCMD BIND_UTIL_PATH "dnssec-signzone"
# define KEYGENCMD BIND_UTIL_PATH "dnssec-keygen"
# define RELOADCMD BIND_UTIL_PATH "rndc"
typedef enum {
Unixtime = 1,
Incremental
} serial_form_t;
typedef enum {
none = 0,
user,
local0, local1, local2, local3, local4, local5, local6, local7
} syslog_facility_t;
typedef struct zconf {
char *zonedir;
int recursive;
int printtime;
int printage;
int ljust;
int sigvalidity; /* should be less than expire time */
int max_ttl; /* should be set to the maximum used ttl in the zone */
int key_ttl;
int proptime; /* expected time offset for zone propagation */
#if defined (DEF_TTL)
int def_ttl; /* default ttl set in soa record */
#endif
serial_form_t serialform; /* format of serial no */
int resign; /* resign interval */
int k_life;
int k_algo;
int k_bits;
char *k_random;
int z_life;
int z_algo;
int z_bits;
char *z_random;
char *view;
// char *errlog;
char *logfile;
char *loglevel;
char *syslogfacility;
char *sysloglevel;
int verboselog;
int verbosity;
char *keyfile;
char *zonefile;
char *keysetdir;
char *lookaside;
char *sig_random;
int sig_pseudo;
int sig_gends;
char *sig_param;
char *dist_cmd; /* cmd to run instead of "rndc reload" */
} zconf_t;
extern zconf_t *loadconfig (const char *filename, zconf_t *z);
extern zconf_t *loadconfig_fromstr (const char *str, zconf_t *z);
extern zconf_t *dupconfig (const zconf_t *conf);
extern int setconfigpar (zconf_t *conf, char *entry, const void *pval);
extern int printconfig (const char *fname, const zconf_t *cp);
extern int checkconfig (const zconf_t *z);
#endif
|