summaryrefslogtreecommitdiff
path: root/usr.sbin/bind/lib/dns/include
diff options
context:
space:
mode:
Diffstat (limited to 'usr.sbin/bind/lib/dns/include')
-rw-r--r--usr.sbin/bind/lib/dns/include/dns/acl.h38
-rw-r--r--usr.sbin/bind/lib/dns/include/dns/cache.h6
-rw-r--r--usr.sbin/bind/lib/dns/include/dns/compress.h10
-rw-r--r--usr.sbin/bind/lib/dns/include/dns/keytable.h10
-rw-r--r--usr.sbin/bind/lib/dns/include/dns/message.h29
-rw-r--r--usr.sbin/bind/lib/dns/include/dns/peer.h7
-rw-r--r--usr.sbin/bind/lib/dns/include/dns/resolver.h6
-rw-r--r--usr.sbin/bind/lib/dns/include/dns/types.h6
-rw-r--r--usr.sbin/bind/lib/dns/include/dns/validator.h69
-rw-r--r--usr.sbin/bind/lib/dns/include/dns/xfrin.h12
10 files changed, 119 insertions, 74 deletions
diff --git a/usr.sbin/bind/lib/dns/include/dns/acl.h b/usr.sbin/bind/lib/dns/include/dns/acl.h
index a39c09fa7b9..264182c98ff 100644
--- a/usr.sbin/bind/lib/dns/include/dns/acl.h
+++ b/usr.sbin/bind/lib/dns/include/dns/acl.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2002 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $ISC: acl.h,v 1.20.52.3 2004/03/08 09:04:34 marka Exp $ */
+/* $ISC: acl.h,v 1.20.52.5 2006/03/02 00:37:20 marka Exp $ */
#ifndef DNS_ACL_H
#define DNS_ACL_H 1
@@ -104,7 +104,7 @@ dns_acl_create(isc_mem_t *mctx, int n, dns_acl_t **target);
*/
isc_result_t
-dns_acl_appendelement(dns_acl_t *acl, dns_aclelement_t *elt);
+dns_acl_appendelement(dns_acl_t *acl, const dns_aclelement_t *elt);
/*
* Append an element to an existing ACL.
*/
@@ -128,13 +128,13 @@ void
dns_acl_detach(dns_acl_t **aclp);
isc_boolean_t
-dns_aclelement_equal(dns_aclelement_t *ea, dns_aclelement_t *eb);
+dns_aclelement_equal(const dns_aclelement_t *ea, const dns_aclelement_t *eb);
isc_boolean_t
-dns_acl_equal(dns_acl_t *a, dns_acl_t *b);
+dns_acl_equal(const dns_acl_t *a, const dns_acl_t *b);
isc_boolean_t
-dns_acl_isinsecure(dns_acl_t *a);
+dns_acl_isinsecure(const dns_acl_t *a);
/*
* Return ISC_TRUE iff the acl 'a' is considered insecure, that is,
* if it contains IP addresses other than those of the local host.
@@ -154,12 +154,12 @@ void
dns_aclenv_destroy(dns_aclenv_t *env);
isc_result_t
-dns_acl_match(isc_netaddr_t *reqaddr,
- dns_name_t *reqsigner,
- dns_acl_t *acl,
- dns_aclenv_t *env,
+dns_acl_match(const isc_netaddr_t *reqaddr,
+ const dns_name_t *reqsigner,
+ const dns_acl_t *acl,
+ const dns_aclenv_t *env,
int *match,
- dns_aclelement_t **matchelt);
+ const dns_aclelement_t **matchelt);
/*
* General, low-level ACL matching. This is expected to
* be useful even for weird stuff like the topology and sortlist statements.
@@ -185,11 +185,11 @@ dns_acl_match(isc_netaddr_t *reqaddr,
*/
isc_boolean_t
-dns_aclelement_match(isc_netaddr_t *reqaddr,
- dns_name_t *reqsigner,
- dns_aclelement_t *e,
- dns_aclenv_t *env,
- dns_aclelement_t **matchelt);
+dns_aclelement_match(const isc_netaddr_t *reqaddr,
+ const dns_name_t *reqsigner,
+ const dns_aclelement_t *e,
+ const dns_aclenv_t *env,
+ const dns_aclelement_t **matchelt);
/*
* Like dns_acl_match, but matches against the single ACL element 'e'
* rather than a complete list and returns ISC_TRUE iff it matched.
@@ -200,9 +200,9 @@ dns_aclelement_match(isc_netaddr_t *reqaddr,
*/
isc_result_t
-dns_acl_elementmatch(dns_acl_t *acl,
- dns_aclelement_t *elt,
- dns_aclelement_t **matchelt);
+dns_acl_elementmatch(const dns_acl_t *acl,
+ const dns_aclelement_t *elt,
+ const dns_aclelement_t **matchelt);
/*
* Search for an ACL element in 'acl' which is exactly the same as 'elt'.
* If there is one, and 'matchelt' is non NULL, then '*matchelt' will point
diff --git a/usr.sbin/bind/lib/dns/include/dns/cache.h b/usr.sbin/bind/lib/dns/include/dns/cache.h
index cc37869df77..23f0b09fec7 100644
--- a/usr.sbin/bind/lib/dns/include/dns/cache.h
+++ b/usr.sbin/bind/lib/dns/include/dns/cache.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2001 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $ISC: cache.h,v 1.17.12.3 2004/03/08 09:04:34 marka Exp $ */
+/* $ISC: cache.h,v 1.17.12.5 2006/03/02 00:37:20 marka Exp $ */
#ifndef DNS_CACHE_H
#define DNS_CACHE_H 1
@@ -151,7 +151,7 @@ dns_cache_attachdb(dns_cache_t *cache, dns_db_t **dbp);
isc_result_t
-dns_cache_setfilename(dns_cache_t *cahce, char *filename);
+dns_cache_setfilename(dns_cache_t *cahce, const char *filename);
/*
* If 'filename' is non-NULL, make the cache persistent.
* The cache's data will be stored in the given file.
diff --git a/usr.sbin/bind/lib/dns/include/dns/compress.h b/usr.sbin/bind/lib/dns/include/dns/compress.h
index 4dbe00d00b5..cc9307ed9c8 100644
--- a/usr.sbin/bind/lib/dns/include/dns/compress.h
+++ b/usr.sbin/bind/lib/dns/include/dns/compress.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2002 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $ISC: compress.h,v 1.29.2.2.8.1 2004/03/06 08:13:51 marka Exp $ */
+/* $ISC: compress.h,v 1.29.2.2.8.3 2006/03/02 00:37:20 marka Exp $ */
#ifndef DNS_COMPRESS_H
#define DNS_COMPRESS_H 1
@@ -136,7 +136,7 @@ dns_compress_getedns(dns_compress_t *cctx);
*/
isc_boolean_t
-dns_compress_findglobal(dns_compress_t *cctx, dns_name_t *name,
+dns_compress_findglobal(dns_compress_t *cctx, const dns_name_t *name,
dns_name_t *prefix, isc_uint16_t *offset);
/*
* Finds longest possible match of 'name' in the global compression table.
@@ -155,8 +155,8 @@ dns_compress_findglobal(dns_compress_t *cctx, dns_name_t *name,
*/
void
-dns_compress_add(dns_compress_t *cctx, dns_name_t *name, dns_name_t *prefix,
- isc_uint16_t offset);
+dns_compress_add(dns_compress_t *cctx, const dns_name_t *name,
+ const dns_name_t *prefix, isc_uint16_t offset);
/*
* Add compression pointers for 'name' to the compression table,
* not replacing existing pointers.
diff --git a/usr.sbin/bind/lib/dns/include/dns/keytable.h b/usr.sbin/bind/lib/dns/include/dns/keytable.h
index 0487be8590b..206e3b58ea3 100644
--- a/usr.sbin/bind/lib/dns/include/dns/keytable.h
+++ b/usr.sbin/bind/lib/dns/include/dns/keytable.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2000, 2001 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $ISC: keytable.h,v 1.10.206.1 2004/03/06 08:13:56 marka Exp $ */
+/* $ISC: keytable.h,v 1.10.206.3 2006/01/06 00:01:42 marka Exp $ */
#ifndef DNS_KEYTABLE_H
#define DNS_KEYTABLE_H 1
@@ -137,7 +137,8 @@ dns_keytable_findkeynode(dns_keytable_t *keytable, dns_name_t *name,
dns_keynode_t **keynodep);
/*
* Search for a key named 'name', matching 'algorithm' and 'tag' in
- * 'keytable'.
+ * 'keytable'. This finds the first instance which matches. Use
+ * dns_keytable_findnextkeynode() to find other instances.
*
* Requires:
*
@@ -150,6 +151,7 @@ dns_keytable_findkeynode(dns_keytable_t *keytable, dns_name_t *name,
* Returns:
*
* ISC_R_SUCCESS
+ * DNS_R_PARTIALMATCH the name existed in the keytable.
* ISC_R_NOTFOUND
*
* Any other result indicates an error.
@@ -160,7 +162,7 @@ dns_keytable_findnextkeynode(dns_keytable_t *keytable, dns_keynode_t *keynode,
dns_keynode_t **nextnodep);
/*
* Search for the next key with the same properties as 'keynode' in
- * 'keytable'.
+ * 'keytable' as found by dns_keytable_findkeynode().
*
* Requires:
*
diff --git a/usr.sbin/bind/lib/dns/include/dns/message.h b/usr.sbin/bind/lib/dns/include/dns/message.h
index f90276aa847..4099857a00a 100644
--- a/usr.sbin/bind/lib/dns/include/dns/message.h
+++ b/usr.sbin/bind/lib/dns/include/dns/message.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $ISC: message.h,v 1.100.2.3.8.7 2004/03/08 02:08:00 marka Exp $ */
+/* $ISC: message.h,v 1.100.2.3.8.10 2006/02/28 06:32:54 marka Exp $ */
#ifndef DNS_MESSAGE_H
#define DNS_MESSAGE_H 1
@@ -236,7 +236,7 @@ struct dns_message {
isc_region_t saved;
dns_rdatasetorderfunc_t order;
- void * order_arg;
+ const void * order_arg;
};
/***
@@ -710,6 +710,27 @@ dns_message_findtype(dns_name_t *name, dns_rdatatype_t type,
* ISC_R_NOTFOUND -- the desired type does not exist.
*/
+isc_result_t
+dns_message_find(dns_name_t *name, dns_rdataclass_t rdclass,
+ dns_rdatatype_t type, dns_rdatatype_t covers,
+ dns_rdataset_t **rdataset);
+/*%<
+ * Search the name for the specified rdclass and type. If it is found,
+ * *rdataset is filled in with a pointer to that rdataset.
+ *
+ * Requires:
+ *\li if '**rdataset' is non-NULL, *rdataset needs to be NULL.
+ *
+ *\li 'type' be a valid type, and NOT dns_rdatatype_any.
+ *
+ *\li If 'type' is dns_rdatatype_rrsig, 'covers' must be a valid type.
+ * Otherwise it should be 0.
+ *
+ * Returns:
+ *\li #ISC_R_SUCCESS -- all is well.
+ *\li #ISC_R_NOTFOUND -- the desired type does not exist.
+ */
+
void
dns_message_movename(dns_message_t *msg, dns_name_t *name,
dns_section_t fromsection,
@@ -1260,7 +1281,7 @@ dns_message_getrawmessage(dns_message_t *msg);
void
dns_message_setsortorder(dns_message_t *msg, dns_rdatasetorderfunc_t order,
- void *order_arg);
+ const void *order_arg);
/*
* Define the order in which RR sets get rendered by
* dns_message_rendersection() to be the ascending order
diff --git a/usr.sbin/bind/lib/dns/include/dns/peer.h b/usr.sbin/bind/lib/dns/include/dns/peer.h
index bec93880d6d..7bd6b3fff25 100644
--- a/usr.sbin/bind/lib/dns/include/dns/peer.h
+++ b/usr.sbin/bind/lib/dns/include/dns/peer.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $ISC: peer.h,v 1.16.2.1.10.3 2004/03/06 08:13:58 marka Exp $ */
+/* $ISC: peer.h,v 1.16.2.1.10.5 2006/03/02 00:37:20 marka Exp $ */
#ifndef DNS_PEER_H
#define DNS_PEER_H 1
@@ -167,7 +167,8 @@ isc_result_t
dns_peer_setkey(dns_peer_t *peer, dns_name_t **keyval);
isc_result_t
-dns_peer_settransfersource(dns_peer_t *peer, isc_sockaddr_t *transfer_source);
+dns_peer_settransfersource(dns_peer_t *peer,
+ const isc_sockaddr_t *transfer_source);
isc_result_t
dns_peer_gettransfersource(dns_peer_t *peer, isc_sockaddr_t *transfer_source);
diff --git a/usr.sbin/bind/lib/dns/include/dns/resolver.h b/usr.sbin/bind/lib/dns/include/dns/resolver.h
index c4397ab5ec2..042e833ee6b 100644
--- a/usr.sbin/bind/lib/dns/include/dns/resolver.h
+++ b/usr.sbin/bind/lib/dns/include/dns/resolver.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2001, 2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $ISC: resolver.h,v 1.34.12.7 2004/04/15 23:56:31 marka Exp $ */
+/* $ISC: resolver.h,v 1.34.12.9 2006/02/01 23:48:51 marka Exp $ */
#ifndef DNS_RESOLVER_H
#define DNS_RESOLVER_H 1
@@ -136,7 +136,7 @@ dns_resolver_create(dns_view_t *view,
*
* 'dispatchv6' is a valid dispatcher with an IPv6 UDP socket, or is NULL.
*
- * *resp != NULL && *resp == NULL.
+ * resp != NULL && *resp == NULL.
*
* Returns:
*
diff --git a/usr.sbin/bind/lib/dns/include/dns/types.h b/usr.sbin/bind/lib/dns/include/dns/types.h
index 56537df4d1e..638307e25a2 100644
--- a/usr.sbin/bind/lib/dns/include/dns/types.h
+++ b/usr.sbin/bind/lib/dns/include/dns/types.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1998-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $ISC: types.h,v 1.103.12.7 2004/03/08 09:04:39 marka Exp $ */
+/* $ISC: types.h,v 1.103.12.9 2006/03/02 00:37:20 marka Exp $ */
#ifndef DNS_TYPES_H
#define DNS_TYPES_H 1
@@ -294,6 +294,6 @@ typedef void
(*dns_updatecallback_t)(void *, isc_result_t, dns_message_t *);
typedef int
-(*dns_rdatasetorderfunc_t)(dns_rdata_t *rdata, void *arg);
+(*dns_rdatasetorderfunc_t)(const dns_rdata_t *rdata, const void *arg);
#endif /* DNS_TYPES_H */
diff --git a/usr.sbin/bind/lib/dns/include/dns/validator.h b/usr.sbin/bind/lib/dns/include/dns/validator.h
index 478564ab9ef..c1cac1bbfc1 100644
--- a/usr.sbin/bind/lib/dns/include/dns/validator.h
+++ b/usr.sbin/bind/lib/dns/include/dns/validator.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2000-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $ISC: validator.h,v 1.18.12.9 2005/09/06 02:12:41 marka Exp $ */
+/* $ISC: validator.h,v 1.18.12.11 2006/01/06 00:01:42 marka Exp $ */
#ifndef DNS_VALIDATOR_H
#define DNS_VALIDATOR_H 1
@@ -24,27 +24,35 @@
***** Module Info
*****/
-/*
+/*! \file
+ *
+ * \brief
* DNS Validator
+ * This is the BIND 9 validator, the module responsible for validating the
+ * rdatasets and negative responses (messages). It makes use of zones in
+ * the view and may fetch RRset to complete trust chains. It implements
+ * DNSSEC as specified in RFC 4033, 4034 and 4035.
*
- * XXX <TBS> XXX
+ * It can also optionally implement ISC's DNSSEC look-aside validation.
+ *
+ * Correct operation is critical to preventing spoofed answers from secure
+ * zones being accepted.
*
* MP:
- * The module ensures appropriate synchronization of data structures it
+ *\li The module ensures appropriate synchronization of data structures it
* creates and manipulates.
*
* Reliability:
- * No anticipated impact.
+ *\li No anticipated impact.
*
* Resources:
- * <TBS>
+ *\li TBS
*
* Security:
- * No anticipated impact.
+ *\li No anticipated impact.
*
* Standards:
- * RFCs: 1034, 1035, 2181, 2535, <TBS>
- * Drafts: <TBS>
+ *\li RFCs: 1034, 1035, 2181, 4033, 4034, 4035.
*/
#include <isc/lang.h>
@@ -58,12 +66,16 @@
#include <dst/dst.h>
-/*
+/*%
* A dns_validatorevent_t is sent when a 'validation' completes.
- *
+ * \brief
* 'name', 'rdataset', 'sigrdataset', and 'message' are the values that were
* supplied when dns_validator_create() was called. They are returned to the
* caller so that they may be freed.
+ *
+ * If the RESULT is ISC_R_SUCCESS and the answer is secure then
+ * proofs[] will contain the the names of the NSEC records that hold the
+ * various proofs. Note the same name may appear multiple times.
*/
typedef struct dns_validatorevent {
ISC_EVENT_COMMON(struct dns_validatorevent);
@@ -81,9 +93,9 @@ typedef struct dns_validatorevent {
#define DNS_VALIDATOR_NODATAPROOF 1
#define DNS_VALIDATOR_NOWILDCARDPROOF 2
-/*
- * A validator object represents a validation in procgress.
- *
+/*%
+ * A validator object represents a validation in progress.
+ * \brief
* Clients are strongly discouraged from using this type directly, with
* the exception of the 'link' field, which may be used directly for
* whatever purpose the client desires.
@@ -128,7 +140,10 @@ struct dns_validator {
unsigned int depth;
};
-#define DNS_VALIDATOR_DLV 1
+/*%
+ * dns_validator_create() options.
+ */
+#define DNS_VALIDATOR_DLV 1U
ISC_LANG_BEGINDECLS
@@ -138,7 +153,7 @@ dns_validator_create(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type,
dns_message_t *message, unsigned int options,
isc_task_t *task, isc_taskaction_t action, void *arg,
dns_validator_t **validatorp);
-/*
+/*%<
* Start a DNSSEC validation.
*
* This validates a response to the question given by
@@ -163,41 +178,45 @@ dns_validator_create(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type,
* arguments must be provided.
*
* The validation is performed in the context of 'view'.
- * 'options' must be zero.
*
* When the validation finishes, a dns_validatorevent_t with
* the given 'action' and 'arg' are sent to 'task'.
* Its 'result' field will be ISC_R_SUCCESS iff the
* response was successfully proven to be either secure or
* part of a known insecure domain.
+ *
+ * options:
+ * If DNS_VALIDATOR_DLV is set the caller knows there is not a
+ * trusted key and the validator should immediately attempt to validate
+ * the answer by looking for a appopriate DLV RRset.
*/
void
dns_validator_cancel(dns_validator_t *validator);
-/*
+/*%<
* Cancel a DNSSEC validation in progress.
*
* Requires:
- * 'validator' points to a valid DNSSEC validator, which
+ *\li 'validator' points to a valid DNSSEC validator, which
* may or may not already have completed.
*
* Ensures:
- * It the validator has not already sent its completion
+ *\li It the validator has not already sent its completion
* event, it will send it with result code ISC_R_CANCELED.
*/
void
dns_validator_destroy(dns_validator_t **validatorp);
-/*
+/*%<
* Destroy a DNSSEC validator.
*
* Requires:
- * '*validatorp' points to a valid DNSSEC validator.
- * The validator must have completed and sent its completion
+ *\li '*validatorp' points to a valid DNSSEC validator.
+ * \li The validator must have completed and sent its completion
* event.
*
* Ensures:
- * All resources used by the validator are freed.
+ *\li All resources used by the validator are freed.
*/
ISC_LANG_ENDDECLS
diff --git a/usr.sbin/bind/lib/dns/include/dns/xfrin.h b/usr.sbin/bind/lib/dns/include/dns/xfrin.h
index 07247adb6be..03027c03996 100644
--- a/usr.sbin/bind/lib/dns/include/dns/xfrin.h
+++ b/usr.sbin/bind/lib/dns/include/dns/xfrin.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2001, 2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $ISC: xfrin.h,v 1.18.136.2 2004/03/06 08:14:01 marka Exp $ */
+/* $ISC: xfrin.h,v 1.18.136.4 2006/07/20 01:10:29 marka Exp $ */
#ifndef DNS_XFRIN_H
#define DNS_XFRIN_H 1
@@ -75,10 +75,12 @@ dns_xfrin_create2(dns_zone_t *zone, dns_rdatatype_t xfrtype,
* code as arguments when the transfer finishes.
*
* Requires:
- * 'xfrtype' is dns_rdatatype_axfr or dns_rdatatype_ixfr.
+ * 'xfrtype' is dns_rdatatype_axfr, dns_rdatatype_ixfr
+ * or dns_rdatatype_soa (soa query followed by axfr if
+ * serial is greater than current serial).
*
- * If 'xfrtype' is dns_rdatatype_ixfr, the zone has a
- * database.
+ * If 'xfrtype' is dns_rdatatype_ixfr or dns_rdatatype_soa,
+ * the zone has a database.
*/
void
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-23 10:25:19 +0000