mirror of
https://github.com/fergalmoran/DnsServer.git
synced 2026-02-08 17:04:01 +00:00
2055 lines
76 KiB
C#
2055 lines
76 KiB
C#
/*
|
|
Technitium DNS Server
|
|
Copyright (C) 2024 Shreyas Zare (shreyas@technitium.com)
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
*/
|
|
|
|
using DnsServerCore.Dns.Dnssec;
|
|
using DnsServerCore.Dns.ResourceRecords;
|
|
using System;
|
|
using System.Collections.Generic;
|
|
using System.IO;
|
|
using System.Net;
|
|
using System.Net.Sockets;
|
|
using TechnitiumLibrary.IO;
|
|
using TechnitiumLibrary.Net;
|
|
using TechnitiumLibrary.Net.Dns;
|
|
using TechnitiumLibrary.Net.Dns.ResourceRecords;
|
|
|
|
namespace DnsServerCore.Dns.Zones
|
|
{
|
|
public enum AuthZoneType : byte
|
|
{
|
|
Unknown = 0,
|
|
Primary = 1,
|
|
Secondary = 2,
|
|
Stub = 3,
|
|
Forwarder = 4,
|
|
SecondaryForwarder = 5,
|
|
Catalog = 6,
|
|
SecondaryCatalog = 7
|
|
}
|
|
|
|
public sealed class AuthZoneInfo : IComparable<AuthZoneInfo>
|
|
{
|
|
#region variables
|
|
|
|
readonly ApexZone _apexZone;
|
|
|
|
readonly string _name;
|
|
readonly AuthZoneType _type;
|
|
readonly DateTime _lastModified;
|
|
readonly bool _disabled;
|
|
|
|
readonly string _catalogZoneName;
|
|
readonly bool _overrideCatalogQueryAccess;
|
|
readonly bool _overrideCatalogZoneTransfer;
|
|
readonly bool _overrideCatalogNotify;
|
|
readonly bool _overrideCatalogPrimaryNameServers; //only for secondary zones
|
|
|
|
readonly AuthZoneQueryAccess _queryAccess;
|
|
readonly IReadOnlyCollection<NetworkAccessControl> _queryAccessNetworkACL;
|
|
|
|
readonly AuthZoneTransfer _zoneTransfer;
|
|
readonly IReadOnlyCollection<NetworkAccessControl> _zoneTransferNetworkACL;
|
|
readonly IReadOnlyDictionary<string, object> _zoneTransferTsigKeyNames;
|
|
readonly IReadOnlyList<DnsResourceRecord> _zoneHistory; //for IXFR support
|
|
|
|
readonly AuthZoneNotify _notify;
|
|
readonly IReadOnlyCollection<IPAddress> _notifyNameServers;
|
|
readonly IReadOnlyCollection<IPAddress> _notifySecondaryCatalogNameServers;
|
|
|
|
readonly AuthZoneUpdate _update;
|
|
readonly IReadOnlyCollection<NetworkAccessControl> _updateNetworkACL;
|
|
readonly IReadOnlyDictionary<string, IReadOnlyDictionary<string, IReadOnlyList<DnsResourceRecordType>>> _updateSecurityPolicies;
|
|
|
|
readonly IReadOnlyCollection<DnssecPrivateKey> _dnssecPrivateKeys; //only for primary zones
|
|
|
|
readonly IReadOnlyList<NameServerAddress> _primaryNameServerAddresses; //only for secondary and stub zones
|
|
readonly DnsTransportProtocol _primaryZoneTransferProtocol; //only for secondary zones
|
|
readonly string _primaryZoneTransferTsigKeyName; //only for secondary zones
|
|
|
|
readonly DateTime _expiry; //only for secondary and stub zones
|
|
|
|
readonly bool _validateZone; //only for secondary zones
|
|
readonly bool _validationFailed; //only for secondary zones
|
|
|
|
#endregion
|
|
|
|
#region constructor
|
|
|
|
public AuthZoneInfo(string name, AuthZoneType type, bool disabled)
|
|
{
|
|
_name = name;
|
|
_type = type;
|
|
_lastModified = DateTime.UtcNow;
|
|
_disabled = disabled;
|
|
_queryAccess = AuthZoneQueryAccess.Allow;
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Primary:
|
|
_zoneTransfer = AuthZoneTransfer.AllowOnlyZoneNameServers;
|
|
_notify = AuthZoneNotify.ZoneNameServers;
|
|
_update = AuthZoneUpdate.Deny;
|
|
break;
|
|
|
|
default:
|
|
_zoneTransfer = AuthZoneTransfer.Deny;
|
|
_notify = AuthZoneNotify.None;
|
|
_update = AuthZoneUpdate.Deny;
|
|
break;
|
|
}
|
|
}
|
|
|
|
public AuthZoneInfo(BinaryReader bR, DateTime lastModified)
|
|
{
|
|
byte version = bR.ReadByte();
|
|
switch (version)
|
|
{
|
|
case 1:
|
|
case 2:
|
|
case 3:
|
|
case 4:
|
|
case 5:
|
|
case 6:
|
|
case 7:
|
|
case 8:
|
|
case 9:
|
|
case 10:
|
|
case 11:
|
|
{
|
|
_name = bR.ReadShortString();
|
|
_type = (AuthZoneType)bR.ReadByte();
|
|
_disabled = bR.ReadBoolean();
|
|
|
|
_queryAccess = AuthZoneQueryAccess.Allow;
|
|
|
|
if (version >= 2)
|
|
{
|
|
{
|
|
_zoneTransfer = (AuthZoneTransfer)bR.ReadByte();
|
|
|
|
int count = bR.ReadByte();
|
|
if (count > 0)
|
|
{
|
|
NetworkAddress[] networks = new NetworkAddress[count];
|
|
|
|
if (version >= 9)
|
|
{
|
|
for (int i = 0; i < count; i++)
|
|
networks[i] = NetworkAddress.ReadFrom(bR);
|
|
}
|
|
else
|
|
{
|
|
for (int i = 0; i < count; i++)
|
|
{
|
|
IPAddress address = IPAddressExtensions.ReadFrom(bR);
|
|
|
|
switch (address.AddressFamily)
|
|
{
|
|
case AddressFamily.InterNetwork:
|
|
networks[i] = new NetworkAddress(address, 32);
|
|
break;
|
|
|
|
case AddressFamily.InterNetworkV6:
|
|
networks[i] = new NetworkAddress(address, 128);
|
|
break;
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
}
|
|
|
|
_zoneTransferNetworkACL = ConvertDenyAllowToACL(null, networks);
|
|
}
|
|
}
|
|
|
|
{
|
|
_notify = (AuthZoneNotify)bR.ReadByte();
|
|
|
|
int count = bR.ReadByte();
|
|
if (count > 0)
|
|
{
|
|
IPAddress[] nameServers = new IPAddress[count];
|
|
|
|
for (int i = 0; i < count; i++)
|
|
nameServers[i] = IPAddressExtensions.ReadFrom(bR);
|
|
|
|
_notifyNameServers = nameServers;
|
|
}
|
|
}
|
|
|
|
if (version >= 6)
|
|
{
|
|
_update = (AuthZoneUpdate)bR.ReadByte();
|
|
|
|
int count = bR.ReadByte();
|
|
if (count > 0)
|
|
{
|
|
NetworkAddress[] networks = new NetworkAddress[count];
|
|
|
|
if (version >= 9)
|
|
{
|
|
for (int i = 0; i < count; i++)
|
|
networks[i] = NetworkAddress.ReadFrom(bR);
|
|
}
|
|
else
|
|
{
|
|
for (int i = 0; i < count; i++)
|
|
{
|
|
IPAddress address = IPAddressExtensions.ReadFrom(bR);
|
|
|
|
switch (address.AddressFamily)
|
|
{
|
|
case AddressFamily.InterNetwork:
|
|
networks[i] = new NetworkAddress(address, 32);
|
|
break;
|
|
|
|
case AddressFamily.InterNetworkV6:
|
|
networks[i] = new NetworkAddress(address, 128);
|
|
break;
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
}
|
|
|
|
_updateNetworkACL = ConvertDenyAllowToACL(null, networks);
|
|
}
|
|
}
|
|
}
|
|
else
|
|
{
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Primary:
|
|
_zoneTransfer = AuthZoneTransfer.AllowOnlyZoneNameServers;
|
|
_notify = AuthZoneNotify.ZoneNameServers;
|
|
_update = AuthZoneUpdate.Deny;
|
|
break;
|
|
|
|
default:
|
|
_zoneTransfer = AuthZoneTransfer.Deny;
|
|
_notify = AuthZoneNotify.None;
|
|
_update = AuthZoneUpdate.Deny;
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (version >= 8)
|
|
_lastModified = bR.ReadDateTime();
|
|
else
|
|
_lastModified = lastModified;
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Primary:
|
|
{
|
|
if (version >= 3)
|
|
{
|
|
int count = bR.ReadInt32();
|
|
DnsResourceRecord[] zoneHistory = new DnsResourceRecord[count];
|
|
|
|
if (version >= 11)
|
|
{
|
|
for (int i = 0; i < count; i++)
|
|
{
|
|
zoneHistory[i] = new DnsResourceRecord(bR.BaseStream);
|
|
|
|
if (bR.ReadBoolean())
|
|
zoneHistory[i].Tag = new HistoryRecordInfo(bR);
|
|
}
|
|
}
|
|
else
|
|
{
|
|
for (int i = 0; i < count; i++)
|
|
{
|
|
zoneHistory[i] = new DnsResourceRecord(bR.BaseStream);
|
|
zoneHistory[i].Tag = new HistoryRecordInfo(bR);
|
|
}
|
|
}
|
|
|
|
_zoneHistory = zoneHistory;
|
|
}
|
|
|
|
if (version >= 4)
|
|
{
|
|
int count = bR.ReadByte();
|
|
Dictionary<string, object> tsigKeyNames = new Dictionary<string, object>(count);
|
|
|
|
for (int i = 0; i < count; i++)
|
|
tsigKeyNames.Add(bR.ReadShortString(), null);
|
|
|
|
_zoneTransferTsigKeyNames = tsigKeyNames;
|
|
}
|
|
|
|
if (version >= 7)
|
|
{
|
|
int count = bR.ReadByte();
|
|
Dictionary<string, IReadOnlyDictionary<string, IReadOnlyList<DnsResourceRecordType>>> updateSecurityPolicies = new Dictionary<string, IReadOnlyDictionary<string, IReadOnlyList<DnsResourceRecordType>>>(count);
|
|
|
|
for (int i = 0; i < count; i++)
|
|
{
|
|
string tsigKeyName = bR.ReadShortString().ToLowerInvariant();
|
|
|
|
if (!updateSecurityPolicies.TryGetValue(tsigKeyName, out IReadOnlyDictionary<string, IReadOnlyList<DnsResourceRecordType>> policyMap))
|
|
{
|
|
policyMap = new Dictionary<string, IReadOnlyList<DnsResourceRecordType>>();
|
|
updateSecurityPolicies.Add(tsigKeyName, policyMap);
|
|
}
|
|
|
|
int policyCount = bR.ReadByte();
|
|
|
|
for (int j = 0; j < policyCount; j++)
|
|
{
|
|
string domain = bR.ReadShortString().ToLowerInvariant();
|
|
|
|
if (!policyMap.TryGetValue(domain, out IReadOnlyList<DnsResourceRecordType> types))
|
|
{
|
|
types = new List<DnsResourceRecordType>();
|
|
(policyMap as Dictionary<string, IReadOnlyList<DnsResourceRecordType>>).Add(domain, types);
|
|
}
|
|
|
|
int typeCount = bR.ReadByte();
|
|
|
|
for (int k = 0; k < typeCount; k++)
|
|
(types as List<DnsResourceRecordType>).Add((DnsResourceRecordType)bR.ReadUInt16());
|
|
}
|
|
}
|
|
|
|
_updateSecurityPolicies = updateSecurityPolicies;
|
|
}
|
|
else if (version >= 6)
|
|
{
|
|
int count = bR.ReadByte();
|
|
Dictionary<string, IReadOnlyDictionary<string, IReadOnlyList<DnsResourceRecordType>>> updateSecurityPolicies = new Dictionary<string, IReadOnlyDictionary<string, IReadOnlyList<DnsResourceRecordType>>>(count);
|
|
|
|
Dictionary<string, IReadOnlyList<DnsResourceRecordType>> defaultAllowPolicy = new Dictionary<string, IReadOnlyList<DnsResourceRecordType>>(1);
|
|
defaultAllowPolicy.Add(_name, new List<DnsResourceRecordType>() { DnsResourceRecordType.ANY });
|
|
defaultAllowPolicy.Add("*." + _name, new List<DnsResourceRecordType>() { DnsResourceRecordType.ANY });
|
|
|
|
for (int i = 0; i < count; i++)
|
|
updateSecurityPolicies.Add(bR.ReadShortString().ToLowerInvariant(), defaultAllowPolicy);
|
|
|
|
_updateSecurityPolicies = updateSecurityPolicies;
|
|
}
|
|
|
|
if (version >= 5)
|
|
{
|
|
int count = bR.ReadByte();
|
|
if (count > 0)
|
|
{
|
|
List<DnssecPrivateKey> dnssecPrivateKeys = new List<DnssecPrivateKey>(count);
|
|
|
|
for (int i = 0; i < count; i++)
|
|
dnssecPrivateKeys.Add(DnssecPrivateKey.ReadFrom(bR));
|
|
|
|
_dnssecPrivateKeys = dnssecPrivateKeys;
|
|
}
|
|
}
|
|
}
|
|
break;
|
|
|
|
case AuthZoneType.Secondary:
|
|
{
|
|
_expiry = bR.ReadDateTime();
|
|
|
|
if (version >= 4)
|
|
{
|
|
int count = bR.ReadInt32();
|
|
DnsResourceRecord[] zoneHistory = new DnsResourceRecord[count];
|
|
|
|
if (version >= 11)
|
|
{
|
|
for (int i = 0; i < count; i++)
|
|
{
|
|
zoneHistory[i] = new DnsResourceRecord(bR.BaseStream);
|
|
|
|
if (bR.ReadBoolean())
|
|
zoneHistory[i].Tag = new HistoryRecordInfo(bR);
|
|
}
|
|
}
|
|
else
|
|
{
|
|
for (int i = 0; i < count; i++)
|
|
{
|
|
zoneHistory[i] = new DnsResourceRecord(bR.BaseStream);
|
|
zoneHistory[i].Tag = new HistoryRecordInfo(bR);
|
|
}
|
|
}
|
|
|
|
_zoneHistory = zoneHistory;
|
|
}
|
|
|
|
if (version >= 4)
|
|
{
|
|
int count = bR.ReadByte();
|
|
Dictionary<string, object> tsigKeyNames = new Dictionary<string, object>(count);
|
|
|
|
for (int i = 0; i < count; i++)
|
|
tsigKeyNames.Add(bR.ReadShortString(), null);
|
|
|
|
_zoneTransferTsigKeyNames = tsigKeyNames;
|
|
}
|
|
|
|
if (version == 6)
|
|
{
|
|
//MUST skip old version data
|
|
int count = bR.ReadByte();
|
|
Dictionary<string, object> tsigKeyNames = new Dictionary<string, object>(count);
|
|
|
|
for (int i = 0; i < count; i++)
|
|
tsigKeyNames.Add(bR.ReadShortString(), null);
|
|
}
|
|
}
|
|
break;
|
|
|
|
case AuthZoneType.Stub:
|
|
{
|
|
_expiry = bR.ReadDateTime();
|
|
}
|
|
break;
|
|
|
|
case AuthZoneType.Forwarder:
|
|
{
|
|
if (version >= 10)
|
|
{
|
|
int count = bR.ReadByte();
|
|
Dictionary<string, IReadOnlyDictionary<string, IReadOnlyList<DnsResourceRecordType>>> updateSecurityPolicies = new Dictionary<string, IReadOnlyDictionary<string, IReadOnlyList<DnsResourceRecordType>>>(count);
|
|
|
|
for (int i = 0; i < count; i++)
|
|
{
|
|
string tsigKeyName = bR.ReadShortString().ToLowerInvariant();
|
|
|
|
if (!updateSecurityPolicies.TryGetValue(tsigKeyName, out IReadOnlyDictionary<string, IReadOnlyList<DnsResourceRecordType>> policyMap))
|
|
{
|
|
policyMap = new Dictionary<string, IReadOnlyList<DnsResourceRecordType>>();
|
|
updateSecurityPolicies.Add(tsigKeyName, policyMap);
|
|
}
|
|
|
|
int policyCount = bR.ReadByte();
|
|
|
|
for (int j = 0; j < policyCount; j++)
|
|
{
|
|
string domain = bR.ReadShortString().ToLowerInvariant();
|
|
|
|
if (!policyMap.TryGetValue(domain, out IReadOnlyList<DnsResourceRecordType> types))
|
|
{
|
|
types = new List<DnsResourceRecordType>();
|
|
(policyMap as Dictionary<string, IReadOnlyList<DnsResourceRecordType>>).Add(domain, types);
|
|
}
|
|
|
|
int typeCount = bR.ReadByte();
|
|
|
|
for (int k = 0; k < typeCount; k++)
|
|
(types as List<DnsResourceRecordType>).Add((DnsResourceRecordType)bR.ReadUInt16());
|
|
}
|
|
}
|
|
|
|
_updateSecurityPolicies = updateSecurityPolicies;
|
|
}
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
break;
|
|
|
|
case 12:
|
|
case 13:
|
|
{
|
|
_name = bR.ReadShortString();
|
|
_type = (AuthZoneType)bR.ReadByte();
|
|
_lastModified = bR.ReadDateTime();
|
|
_disabled = bR.ReadBoolean();
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Primary:
|
|
_catalogZoneName = bR.ReadShortString();
|
|
if (_catalogZoneName.Length == 0)
|
|
_catalogZoneName = null;
|
|
|
|
_overrideCatalogQueryAccess = bR.ReadBoolean();
|
|
_overrideCatalogZoneTransfer = bR.ReadBoolean();
|
|
_overrideCatalogNotify = bR.ReadBoolean();
|
|
|
|
_queryAccess = (AuthZoneQueryAccess)bR.ReadByte();
|
|
_queryAccessNetworkACL = ReadNetworkACLFrom(bR);
|
|
|
|
_zoneTransfer = (AuthZoneTransfer)bR.ReadByte();
|
|
_zoneTransferNetworkACL = ReadNetworkACLFrom(bR);
|
|
_zoneTransferTsigKeyNames = ReadZoneTransferTsigKeyNamesFrom(bR);
|
|
_zoneHistory = ReadZoneHistoryFrom(bR);
|
|
|
|
_notify = (AuthZoneNotify)bR.ReadByte();
|
|
_notifyNameServers = ReadIPAddressesFrom(bR);
|
|
|
|
_update = (AuthZoneUpdate)bR.ReadByte();
|
|
_updateNetworkACL = ReadNetworkACLFrom(bR);
|
|
_updateSecurityPolicies = ReadUpdateSecurityPoliciesFrom(bR);
|
|
|
|
_dnssecPrivateKeys = ReadDnssecPrivateKeysFrom(bR);
|
|
break;
|
|
|
|
case AuthZoneType.Secondary:
|
|
_catalogZoneName = bR.ReadShortString();
|
|
if (_catalogZoneName.Length == 0)
|
|
_catalogZoneName = null;
|
|
|
|
_overrideCatalogQueryAccess = bR.ReadBoolean();
|
|
_overrideCatalogZoneTransfer = bR.ReadBoolean();
|
|
_overrideCatalogPrimaryNameServers = bR.ReadBoolean();
|
|
|
|
_queryAccess = (AuthZoneQueryAccess)bR.ReadByte();
|
|
_queryAccessNetworkACL = ReadNetworkACLFrom(bR);
|
|
|
|
_zoneTransfer = (AuthZoneTransfer)bR.ReadByte();
|
|
_zoneTransferNetworkACL = ReadNetworkACLFrom(bR);
|
|
_zoneTransferTsigKeyNames = ReadZoneTransferTsigKeyNamesFrom(bR);
|
|
_zoneHistory = ReadZoneHistoryFrom(bR);
|
|
|
|
_notify = (AuthZoneNotify)bR.ReadByte();
|
|
_notifyNameServers = ReadIPAddressesFrom(bR);
|
|
|
|
_update = (AuthZoneUpdate)bR.ReadByte();
|
|
_updateNetworkACL = ReadNetworkACLFrom(bR);
|
|
|
|
_primaryNameServerAddresses = ReadNameServerAddressesFrom(bR);
|
|
_primaryZoneTransferProtocol = (DnsTransportProtocol)bR.ReadByte();
|
|
_primaryZoneTransferTsigKeyName = bR.ReadShortString();
|
|
if (_primaryZoneTransferTsigKeyName.Length == 0)
|
|
_primaryZoneTransferTsigKeyName = null;
|
|
|
|
_expiry = bR.ReadDateTime();
|
|
_validateZone = bR.ReadBoolean();
|
|
_validationFailed = bR.ReadBoolean();
|
|
break;
|
|
|
|
case AuthZoneType.Stub:
|
|
_catalogZoneName = bR.ReadShortString();
|
|
if (_catalogZoneName.Length == 0)
|
|
_catalogZoneName = null;
|
|
|
|
_overrideCatalogQueryAccess = bR.ReadBoolean();
|
|
|
|
_queryAccess = (AuthZoneQueryAccess)bR.ReadByte();
|
|
_queryAccessNetworkACL = ReadNetworkACLFrom(bR);
|
|
|
|
_primaryNameServerAddresses = ReadNameServerAddressesFrom(bR);
|
|
|
|
_expiry = bR.ReadDateTime();
|
|
break;
|
|
|
|
case AuthZoneType.Forwarder:
|
|
_catalogZoneName = bR.ReadShortString();
|
|
if (_catalogZoneName.Length == 0)
|
|
_catalogZoneName = null;
|
|
|
|
_overrideCatalogQueryAccess = bR.ReadBoolean();
|
|
_overrideCatalogZoneTransfer = bR.ReadBoolean();
|
|
_overrideCatalogNotify = bR.ReadBoolean();
|
|
|
|
_queryAccess = (AuthZoneQueryAccess)bR.ReadByte();
|
|
_queryAccessNetworkACL = ReadNetworkACLFrom(bR);
|
|
|
|
_zoneTransfer = (AuthZoneTransfer)bR.ReadByte();
|
|
_zoneTransferNetworkACL = ReadNetworkACLFrom(bR);
|
|
_zoneTransferTsigKeyNames = ReadZoneTransferTsigKeyNamesFrom(bR);
|
|
_zoneHistory = ReadZoneHistoryFrom(bR);
|
|
|
|
_notify = (AuthZoneNotify)bR.ReadByte();
|
|
_notifyNameServers = ReadIPAddressesFrom(bR);
|
|
|
|
_update = (AuthZoneUpdate)bR.ReadByte();
|
|
_updateNetworkACL = ReadNetworkACLFrom(bR);
|
|
_updateSecurityPolicies = ReadUpdateSecurityPoliciesFrom(bR);
|
|
break;
|
|
|
|
case AuthZoneType.SecondaryForwarder:
|
|
_catalogZoneName = bR.ReadShortString();
|
|
if (_catalogZoneName.Length == 0)
|
|
_catalogZoneName = null;
|
|
|
|
_overrideCatalogQueryAccess = bR.ReadBoolean();
|
|
|
|
_queryAccess = (AuthZoneQueryAccess)bR.ReadByte();
|
|
_queryAccessNetworkACL = ReadNetworkACLFrom(bR);
|
|
|
|
_update = (AuthZoneUpdate)bR.ReadByte();
|
|
_updateNetworkACL = ReadNetworkACLFrom(bR);
|
|
|
|
_primaryNameServerAddresses = ReadNameServerAddressesFrom(bR);
|
|
_primaryZoneTransferProtocol = (DnsTransportProtocol)bR.ReadByte();
|
|
_primaryZoneTransferTsigKeyName = bR.ReadShortString();
|
|
if (_primaryZoneTransferTsigKeyName.Length == 0)
|
|
_primaryZoneTransferTsigKeyName = null;
|
|
|
|
_expiry = bR.ReadDateTime();
|
|
break;
|
|
|
|
case AuthZoneType.Catalog:
|
|
_queryAccess = (AuthZoneQueryAccess)bR.ReadByte();
|
|
_queryAccessNetworkACL = ReadNetworkACLFrom(bR);
|
|
|
|
_zoneTransfer = (AuthZoneTransfer)bR.ReadByte();
|
|
_zoneTransferNetworkACL = ReadNetworkACLFrom(bR);
|
|
_zoneTransferTsigKeyNames = ReadZoneTransferTsigKeyNamesFrom(bR);
|
|
_zoneHistory = ReadZoneHistoryFrom(bR);
|
|
|
|
_notify = (AuthZoneNotify)bR.ReadByte();
|
|
_notifyNameServers = ReadIPAddressesFrom(bR);
|
|
|
|
if (version >= 13)
|
|
_notifySecondaryCatalogNameServers = ReadIPAddressesFrom(bR);
|
|
|
|
break;
|
|
|
|
case AuthZoneType.SecondaryCatalog:
|
|
_queryAccess = (AuthZoneQueryAccess)bR.ReadByte();
|
|
_queryAccessNetworkACL = ReadNetworkACLFrom(bR);
|
|
|
|
_zoneTransfer = (AuthZoneTransfer)bR.ReadByte();
|
|
_zoneTransferNetworkACL = ReadNetworkACLFrom(bR);
|
|
_zoneTransferTsigKeyNames = ReadZoneTransferTsigKeyNamesFrom(bR);
|
|
|
|
_primaryNameServerAddresses = ReadNameServerAddressesFrom(bR);
|
|
_primaryZoneTransferProtocol = (DnsTransportProtocol)bR.ReadByte();
|
|
_primaryZoneTransferTsigKeyName = bR.ReadShortString();
|
|
if (_primaryZoneTransferTsigKeyName.Length == 0)
|
|
_primaryZoneTransferTsigKeyName = null;
|
|
|
|
_expiry = bR.ReadDateTime();
|
|
break;
|
|
}
|
|
}
|
|
break;
|
|
|
|
default:
|
|
throw new InvalidDataException("AuthZoneInfo format version not supported.");
|
|
}
|
|
}
|
|
|
|
internal AuthZoneInfo(ApexZone apexZone, bool loadHistory = false)
|
|
{
|
|
_apexZone = apexZone;
|
|
_name = _apexZone.Name;
|
|
_lastModified = _apexZone.LastModified;
|
|
_disabled = _apexZone.Disabled;
|
|
|
|
if (_apexZone is PrimaryZone primaryZone)
|
|
{
|
|
_type = AuthZoneType.Primary;
|
|
|
|
_catalogZoneName = _apexZone.CatalogZoneName;
|
|
_overrideCatalogQueryAccess = _apexZone.OverrideCatalogQueryAccess;
|
|
_overrideCatalogZoneTransfer = _apexZone.OverrideCatalogZoneTransfer;
|
|
_overrideCatalogNotify = _apexZone.OverrideCatalogNotify;
|
|
|
|
_queryAccess = _apexZone.QueryAccess;
|
|
_queryAccessNetworkACL = _apexZone.QueryAccessNetworkACL;
|
|
|
|
_zoneTransfer = _apexZone.ZoneTransfer;
|
|
_zoneTransferNetworkACL = _apexZone.ZoneTransferNetworkACL;
|
|
_zoneTransferTsigKeyNames = _apexZone.ZoneTransferTsigKeyNames;
|
|
|
|
if (loadHistory)
|
|
_zoneHistory = _apexZone.GetZoneHistory();
|
|
|
|
_notify = _apexZone.Notify;
|
|
_notifyNameServers = _apexZone.NotifyNameServers;
|
|
|
|
_update = _apexZone.Update;
|
|
_updateNetworkACL = _apexZone.UpdateNetworkACL;
|
|
_updateSecurityPolicies = _apexZone.UpdateSecurityPolicies;
|
|
|
|
_dnssecPrivateKeys = primaryZone.DnssecPrivateKeys;
|
|
}
|
|
else if (_apexZone is SecondaryCatalogZone secondaryCatalogZone)
|
|
{
|
|
_type = AuthZoneType.SecondaryCatalog;
|
|
|
|
_queryAccess = _apexZone.QueryAccess;
|
|
_queryAccessNetworkACL = _apexZone.QueryAccessNetworkACL;
|
|
|
|
_zoneTransfer = _apexZone.ZoneTransfer;
|
|
_zoneTransferNetworkACL = _apexZone.ZoneTransferNetworkACL;
|
|
_zoneTransferTsigKeyNames = _apexZone.ZoneTransferTsigKeyNames;
|
|
|
|
_primaryNameServerAddresses = secondaryCatalogZone.PrimaryNameServerAddresses;
|
|
_primaryZoneTransferProtocol = secondaryCatalogZone.PrimaryZoneTransferProtocol;
|
|
_primaryZoneTransferTsigKeyName = secondaryCatalogZone.PrimaryZoneTransferTsigKeyName;
|
|
|
|
_expiry = secondaryCatalogZone.Expiry;
|
|
}
|
|
else if (_apexZone is SecondaryForwarderZone secondaryForwarderZone)
|
|
{
|
|
_type = AuthZoneType.SecondaryForwarder;
|
|
|
|
_catalogZoneName = _apexZone.CatalogZoneName;
|
|
_overrideCatalogQueryAccess = _apexZone.OverrideCatalogQueryAccess;
|
|
|
|
_queryAccess = _apexZone.QueryAccess;
|
|
_queryAccessNetworkACL = _apexZone.QueryAccessNetworkACL;
|
|
|
|
_update = _apexZone.Update;
|
|
_updateNetworkACL = _apexZone.UpdateNetworkACL;
|
|
|
|
_primaryNameServerAddresses = secondaryForwarderZone.PrimaryNameServerAddresses;
|
|
_primaryZoneTransferProtocol = secondaryForwarderZone.PrimaryZoneTransferProtocol;
|
|
_primaryZoneTransferTsigKeyName = secondaryForwarderZone.PrimaryZoneTransferTsigKeyName;
|
|
|
|
_expiry = secondaryForwarderZone.Expiry;
|
|
}
|
|
else if (_apexZone is SecondaryZone secondaryZone)
|
|
{
|
|
_type = AuthZoneType.Secondary;
|
|
|
|
_catalogZoneName = _apexZone.CatalogZoneName;
|
|
_overrideCatalogQueryAccess = _apexZone.OverrideCatalogQueryAccess;
|
|
_overrideCatalogZoneTransfer = _apexZone.OverrideCatalogZoneTransfer;
|
|
_overrideCatalogPrimaryNameServers = secondaryZone.OverrideCatalogPrimaryNameServers;
|
|
|
|
_queryAccess = _apexZone.QueryAccess;
|
|
_queryAccessNetworkACL = _apexZone.QueryAccessNetworkACL;
|
|
|
|
_zoneTransfer = _apexZone.ZoneTransfer;
|
|
_zoneTransferNetworkACL = _apexZone.ZoneTransferNetworkACL;
|
|
_zoneTransferTsigKeyNames = _apexZone.ZoneTransferTsigKeyNames;
|
|
|
|
if (loadHistory)
|
|
_zoneHistory = _apexZone.GetZoneHistory();
|
|
|
|
_notify = _apexZone.Notify;
|
|
_notifyNameServers = _apexZone.NotifyNameServers;
|
|
|
|
_update = _apexZone.Update;
|
|
_updateNetworkACL = _apexZone.UpdateNetworkACL;
|
|
|
|
_primaryNameServerAddresses = secondaryZone.PrimaryNameServerAddresses;
|
|
_primaryZoneTransferProtocol = secondaryZone.PrimaryZoneTransferProtocol;
|
|
_primaryZoneTransferTsigKeyName = secondaryZone.PrimaryZoneTransferTsigKeyName;
|
|
|
|
_expiry = secondaryZone.Expiry;
|
|
_validateZone = secondaryZone.ValidateZone;
|
|
_validationFailed = secondaryZone.ValidationFailed;
|
|
}
|
|
else if (_apexZone is StubZone stubZone)
|
|
{
|
|
_type = AuthZoneType.Stub;
|
|
|
|
_catalogZoneName = _apexZone.CatalogZoneName;
|
|
_overrideCatalogQueryAccess = _apexZone.OverrideCatalogQueryAccess;
|
|
|
|
_queryAccess = _apexZone.QueryAccess;
|
|
_queryAccessNetworkACL = _apexZone.QueryAccessNetworkACL;
|
|
|
|
_primaryNameServerAddresses = stubZone.PrimaryNameServerAddresses;
|
|
|
|
_expiry = stubZone.Expiry;
|
|
}
|
|
else if (_apexZone is CatalogZone)
|
|
{
|
|
_type = AuthZoneType.Catalog;
|
|
|
|
_queryAccess = _apexZone.QueryAccess;
|
|
_queryAccessNetworkACL = _apexZone.QueryAccessNetworkACL;
|
|
|
|
_zoneTransfer = _apexZone.ZoneTransfer;
|
|
_zoneTransferNetworkACL = _apexZone.ZoneTransferNetworkACL;
|
|
_zoneTransferTsigKeyNames = _apexZone.ZoneTransferTsigKeyNames;
|
|
|
|
if (loadHistory)
|
|
_zoneHistory = _apexZone.GetZoneHistory();
|
|
|
|
_notify = _apexZone.Notify;
|
|
_notifyNameServers = _apexZone.NotifyNameServers;
|
|
_notifySecondaryCatalogNameServers = _apexZone.NotifySecondaryCatalogNameServers;
|
|
}
|
|
else if (_apexZone is ForwarderZone)
|
|
{
|
|
_type = AuthZoneType.Forwarder;
|
|
|
|
_catalogZoneName = _apexZone.CatalogZoneName;
|
|
_overrideCatalogQueryAccess = _apexZone.OverrideCatalogQueryAccess;
|
|
_overrideCatalogZoneTransfer = _apexZone.OverrideCatalogZoneTransfer;
|
|
_overrideCatalogNotify = _apexZone.OverrideCatalogNotify;
|
|
|
|
_queryAccess = _apexZone.QueryAccess;
|
|
_queryAccessNetworkACL = _apexZone.QueryAccessNetworkACL;
|
|
|
|
_zoneTransfer = _apexZone.ZoneTransfer;
|
|
_zoneTransferNetworkACL = _apexZone.ZoneTransferNetworkACL;
|
|
_zoneTransferTsigKeyNames = _apexZone.ZoneTransferTsigKeyNames;
|
|
|
|
if (loadHistory)
|
|
_zoneHistory = _apexZone.GetZoneHistory();
|
|
|
|
_notify = _apexZone.Notify;
|
|
_notifyNameServers = _apexZone.NotifyNameServers;
|
|
|
|
_update = _apexZone.Update;
|
|
_updateNetworkACL = _apexZone.UpdateNetworkACL;
|
|
_updateSecurityPolicies = _apexZone.UpdateSecurityPolicies;
|
|
}
|
|
else
|
|
{
|
|
_type = AuthZoneType.Unknown;
|
|
}
|
|
}
|
|
|
|
#endregion
|
|
|
|
#region static
|
|
|
|
public static string GetZoneTypeName(AuthZoneType type)
|
|
{
|
|
switch (type)
|
|
{
|
|
case AuthZoneType.SecondaryForwarder:
|
|
return "Secondary Forwarder";
|
|
|
|
case AuthZoneType.SecondaryCatalog:
|
|
return "Secondary Catalog";
|
|
|
|
default:
|
|
return type.ToString();
|
|
}
|
|
}
|
|
|
|
internal static NameServerAddress[] ReadNameServerAddressesFrom(BinaryReader bR)
|
|
{
|
|
int count = bR.ReadByte();
|
|
if (count < 1)
|
|
return null;
|
|
|
|
NameServerAddress[] nameServerAddresses = new NameServerAddress[count];
|
|
|
|
for (int i = 0; i < count; i++)
|
|
nameServerAddresses[i] = new NameServerAddress(bR);
|
|
|
|
return nameServerAddresses;
|
|
}
|
|
|
|
internal static void WriteNameServerAddressesTo(IReadOnlyCollection<NameServerAddress> nameServerAddresses, BinaryWriter bW)
|
|
{
|
|
if (nameServerAddresses is null)
|
|
{
|
|
bW.Write((byte)0);
|
|
}
|
|
else
|
|
{
|
|
bW.Write(Convert.ToByte(nameServerAddresses.Count));
|
|
|
|
foreach (NameServerAddress network in nameServerAddresses)
|
|
network.WriteTo(bW);
|
|
}
|
|
}
|
|
|
|
internal static NetworkAccessControl[] ReadNetworkACLFrom(BinaryReader bR)
|
|
{
|
|
int count = bR.ReadByte();
|
|
if (count < 1)
|
|
return null;
|
|
|
|
NetworkAccessControl[] acl = new NetworkAccessControl[count];
|
|
|
|
for (int i = 0; i < count; i++)
|
|
acl[i] = NetworkAccessControl.ReadFrom(bR);
|
|
|
|
return acl;
|
|
}
|
|
|
|
internal static void WriteNetworkACLTo(IReadOnlyCollection<NetworkAccessControl> acl, BinaryWriter bW)
|
|
{
|
|
if (acl is null)
|
|
{
|
|
bW.Write((byte)0);
|
|
}
|
|
else
|
|
{
|
|
bW.Write(Convert.ToByte(acl.Count));
|
|
|
|
foreach (NetworkAccessControl nac in acl)
|
|
nac.WriteTo(bW);
|
|
}
|
|
}
|
|
|
|
internal static NetworkAddress[] ReadNetworkAddressesFrom(BinaryReader bR)
|
|
{
|
|
int count = bR.ReadByte();
|
|
if (count < 1)
|
|
return null;
|
|
|
|
NetworkAddress[] networks = new NetworkAddress[count];
|
|
|
|
for (int i = 0; i < count; i++)
|
|
networks[i] = NetworkAddress.ReadFrom(bR);
|
|
|
|
return networks;
|
|
}
|
|
|
|
internal static void WriteNetworkAddressesTo(IReadOnlyCollection<NetworkAddress> networkAddresses, BinaryWriter bW)
|
|
{
|
|
if (networkAddresses is null)
|
|
{
|
|
bW.Write((byte)0);
|
|
}
|
|
else
|
|
{
|
|
bW.Write(Convert.ToByte(networkAddresses.Count));
|
|
|
|
foreach (NetworkAddress network in networkAddresses)
|
|
network.WriteTo(bW);
|
|
}
|
|
}
|
|
|
|
internal static IPAddress[] ReadIPAddressesFrom(BinaryReader bR)
|
|
{
|
|
int count = bR.ReadByte();
|
|
if (count < 1)
|
|
return null;
|
|
|
|
IPAddress[] ipAddresses = new IPAddress[count];
|
|
|
|
for (int i = 0; i < count; i++)
|
|
ipAddresses[i] = IPAddressExtensions.ReadFrom(bR);
|
|
|
|
return ipAddresses;
|
|
}
|
|
|
|
internal static void WriteIPAddressesTo(IReadOnlyCollection<IPAddress> ipAddresses, BinaryWriter bW)
|
|
{
|
|
if (ipAddresses is null)
|
|
{
|
|
bW.Write((byte)0);
|
|
}
|
|
else
|
|
{
|
|
bW.Write(Convert.ToByte(ipAddresses.Count));
|
|
|
|
foreach (IPAddress ipAddress in ipAddresses)
|
|
ipAddress.WriteTo(bW);
|
|
}
|
|
}
|
|
|
|
internal static List<NetworkAccessControl> ConvertDenyAllowToACL(NetworkAddress[] deniedNetworks, NetworkAddress[] allowedNetworks)
|
|
{
|
|
List<NetworkAccessControl> acl = new List<NetworkAccessControl>();
|
|
|
|
if (deniedNetworks is not null)
|
|
{
|
|
foreach (NetworkAddress network in deniedNetworks)
|
|
acl.Add(new NetworkAccessControl(network, true));
|
|
}
|
|
|
|
if (allowedNetworks is not null)
|
|
{
|
|
foreach (NetworkAddress network in allowedNetworks)
|
|
acl.Add(new NetworkAccessControl(network));
|
|
}
|
|
|
|
if (acl.Count > 0)
|
|
return acl;
|
|
|
|
return null;
|
|
}
|
|
|
|
#endregion
|
|
|
|
#region private
|
|
|
|
private static Dictionary<string, object> ReadZoneTransferTsigKeyNamesFrom(BinaryReader bR)
|
|
{
|
|
int count = bR.ReadByte();
|
|
Dictionary<string, object> zoneTransferTsigKeyNames = new Dictionary<string, object>(count);
|
|
|
|
for (int i = 0; i < count; i++)
|
|
zoneTransferTsigKeyNames.Add(bR.ReadShortString(), null);
|
|
|
|
return zoneTransferTsigKeyNames;
|
|
}
|
|
|
|
private void WriteZoneTransferTsigKeyNamesTo(BinaryWriter bW)
|
|
{
|
|
if (_zoneTransferTsigKeyNames is null)
|
|
{
|
|
bW.Write((byte)0);
|
|
}
|
|
else
|
|
{
|
|
bW.Write(Convert.ToByte(_zoneTransferTsigKeyNames.Count));
|
|
|
|
foreach (KeyValuePair<string, object> tsigKeyName in _zoneTransferTsigKeyNames)
|
|
bW.WriteShortString(tsigKeyName.Key);
|
|
}
|
|
}
|
|
|
|
private static DnsResourceRecord[] ReadZoneHistoryFrom(BinaryReader bR)
|
|
{
|
|
int count = bR.ReadInt32();
|
|
DnsResourceRecord[] zoneHistory = new DnsResourceRecord[count];
|
|
|
|
for (int i = 0; i < count; i++)
|
|
{
|
|
zoneHistory[i] = new DnsResourceRecord(bR.BaseStream);
|
|
|
|
if (bR.ReadBoolean())
|
|
zoneHistory[i].Tag = new HistoryRecordInfo(bR);
|
|
}
|
|
|
|
return zoneHistory;
|
|
}
|
|
|
|
private void WriteZoneHistoryTo(BinaryWriter bW)
|
|
{
|
|
if (_zoneHistory is null)
|
|
{
|
|
bW.Write(0);
|
|
}
|
|
else
|
|
{
|
|
bW.Write(_zoneHistory.Count);
|
|
|
|
foreach (DnsResourceRecord record in _zoneHistory)
|
|
{
|
|
record.WriteTo(bW.BaseStream);
|
|
|
|
if (record.Tag is HistoryRecordInfo rrInfo)
|
|
{
|
|
bW.Write(true);
|
|
rrInfo.WriteTo(bW);
|
|
}
|
|
else
|
|
{
|
|
bW.Write(false);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
private static Dictionary<string, IReadOnlyDictionary<string, IReadOnlyList<DnsResourceRecordType>>> ReadUpdateSecurityPoliciesFrom(BinaryReader bR)
|
|
{
|
|
int count = bR.ReadInt32();
|
|
Dictionary<string, IReadOnlyDictionary<string, IReadOnlyList<DnsResourceRecordType>>> updateSecurityPolicies = new Dictionary<string, IReadOnlyDictionary<string, IReadOnlyList<DnsResourceRecordType>>>(count);
|
|
|
|
for (int i = 0; i < count; i++)
|
|
{
|
|
string tsigKeyName = bR.ReadShortString().ToLowerInvariant();
|
|
|
|
if (!updateSecurityPolicies.TryGetValue(tsigKeyName, out IReadOnlyDictionary<string, IReadOnlyList<DnsResourceRecordType>> policyMap))
|
|
{
|
|
policyMap = new Dictionary<string, IReadOnlyList<DnsResourceRecordType>>();
|
|
updateSecurityPolicies.Add(tsigKeyName, policyMap);
|
|
}
|
|
|
|
int policyCount = bR.ReadByte();
|
|
|
|
for (int j = 0; j < policyCount; j++)
|
|
{
|
|
string domain = bR.ReadShortString().ToLowerInvariant();
|
|
|
|
if (!policyMap.TryGetValue(domain, out IReadOnlyList<DnsResourceRecordType> types))
|
|
{
|
|
types = new List<DnsResourceRecordType>();
|
|
(policyMap as Dictionary<string, IReadOnlyList<DnsResourceRecordType>>).Add(domain, types);
|
|
}
|
|
|
|
int typeCount = bR.ReadByte();
|
|
|
|
for (int k = 0; k < typeCount; k++)
|
|
(types as List<DnsResourceRecordType>).Add((DnsResourceRecordType)bR.ReadUInt16());
|
|
}
|
|
}
|
|
|
|
return updateSecurityPolicies;
|
|
}
|
|
|
|
private void WriteUpdateSecurityPoliciesTo(BinaryWriter bW)
|
|
{
|
|
if (_updateSecurityPolicies is null)
|
|
{
|
|
bW.Write(0);
|
|
}
|
|
else
|
|
{
|
|
bW.Write(_updateSecurityPolicies.Count);
|
|
|
|
foreach (KeyValuePair<string, IReadOnlyDictionary<string, IReadOnlyList<DnsResourceRecordType>>> updateSecurityPolicy in _updateSecurityPolicies)
|
|
{
|
|
bW.WriteShortString(updateSecurityPolicy.Key);
|
|
bW.Write(Convert.ToByte(updateSecurityPolicy.Value.Count));
|
|
|
|
foreach (KeyValuePair<string, IReadOnlyList<DnsResourceRecordType>> policyMap in updateSecurityPolicy.Value)
|
|
{
|
|
bW.WriteShortString(policyMap.Key);
|
|
bW.Write(Convert.ToByte(policyMap.Value.Count));
|
|
|
|
foreach (DnsResourceRecordType type in policyMap.Value)
|
|
bW.Write((ushort)type);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
private static DnssecPrivateKey[] ReadDnssecPrivateKeysFrom(BinaryReader bR)
|
|
{
|
|
int count = bR.ReadByte();
|
|
if (count < 1)
|
|
return null;
|
|
|
|
DnssecPrivateKey[] dnssecPrivateKeys = new DnssecPrivateKey[count];
|
|
|
|
for (int i = 0; i < count; i++)
|
|
dnssecPrivateKeys[i] = DnssecPrivateKey.ReadFrom(bR);
|
|
|
|
return dnssecPrivateKeys;
|
|
}
|
|
|
|
private void WriteDnssecPrivateKeysTo(BinaryWriter bW)
|
|
{
|
|
if (_dnssecPrivateKeys is null)
|
|
{
|
|
bW.Write((byte)0);
|
|
}
|
|
else
|
|
{
|
|
bW.Write(Convert.ToByte(_dnssecPrivateKeys.Count));
|
|
|
|
foreach (DnssecPrivateKey dnssecPrivateKey in _dnssecPrivateKeys)
|
|
dnssecPrivateKey.WriteTo(bW);
|
|
}
|
|
}
|
|
|
|
#endregion
|
|
|
|
#region public
|
|
|
|
public void TriggerRefresh()
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Secondary:
|
|
case AuthZoneType.SecondaryForwarder:
|
|
case AuthZoneType.SecondaryCatalog:
|
|
(_apexZone as SecondaryZone).TriggerRefresh();
|
|
break;
|
|
|
|
case AuthZoneType.Stub:
|
|
(_apexZone as StubZone).TriggerRefresh();
|
|
break;
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
|
|
public void TriggerResync()
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Secondary:
|
|
case AuthZoneType.SecondaryForwarder:
|
|
case AuthZoneType.SecondaryCatalog:
|
|
(_apexZone as SecondaryZone).TriggerResync();
|
|
break;
|
|
|
|
case AuthZoneType.Stub:
|
|
(_apexZone as StubZone).TriggerResync();
|
|
break;
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
|
|
public void WriteTo(BinaryWriter bW)
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
bW.Write((byte)13); //version
|
|
|
|
bW.WriteShortString(_name);
|
|
bW.Write((byte)_type);
|
|
bW.Write(_lastModified);
|
|
bW.Write(_disabled);
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Primary:
|
|
bW.Write(_catalogZoneName ?? "");
|
|
bW.Write(_overrideCatalogQueryAccess);
|
|
bW.Write(_overrideCatalogZoneTransfer);
|
|
bW.Write(_overrideCatalogNotify);
|
|
|
|
bW.Write((byte)_queryAccess);
|
|
WriteNetworkACLTo(_queryAccessNetworkACL, bW);
|
|
|
|
bW.Write((byte)_zoneTransfer);
|
|
WriteNetworkACLTo(_zoneTransferNetworkACL, bW);
|
|
WriteZoneTransferTsigKeyNamesTo(bW);
|
|
WriteZoneHistoryTo(bW);
|
|
|
|
bW.Write((byte)_notify);
|
|
WriteIPAddressesTo(_notifyNameServers, bW);
|
|
|
|
bW.Write((byte)_update);
|
|
WriteNetworkACLTo(_updateNetworkACL, bW);
|
|
WriteUpdateSecurityPoliciesTo(bW);
|
|
|
|
WriteDnssecPrivateKeysTo(bW);
|
|
break;
|
|
|
|
case AuthZoneType.Secondary:
|
|
bW.Write(_catalogZoneName ?? "");
|
|
bW.Write(_overrideCatalogQueryAccess);
|
|
bW.Write(_overrideCatalogZoneTransfer);
|
|
bW.Write(_overrideCatalogPrimaryNameServers);
|
|
|
|
bW.Write((byte)_queryAccess);
|
|
WriteNetworkACLTo(_queryAccessNetworkACL, bW);
|
|
|
|
bW.Write((byte)_zoneTransfer);
|
|
WriteNetworkACLTo(_zoneTransferNetworkACL, bW);
|
|
WriteZoneTransferTsigKeyNamesTo(bW);
|
|
WriteZoneHistoryTo(bW);
|
|
|
|
bW.Write((byte)_notify);
|
|
WriteIPAddressesTo(_notifyNameServers, bW);
|
|
|
|
bW.Write((byte)_update);
|
|
WriteNetworkACLTo(_updateNetworkACL, bW);
|
|
|
|
WriteNameServerAddressesTo(_primaryNameServerAddresses, bW);
|
|
bW.Write((byte)_primaryZoneTransferProtocol);
|
|
bW.Write(_primaryZoneTransferTsigKeyName ?? "");
|
|
|
|
bW.Write(_expiry);
|
|
bW.Write(_validateZone);
|
|
bW.Write(_validationFailed);
|
|
break;
|
|
|
|
case AuthZoneType.Stub:
|
|
bW.Write(_catalogZoneName ?? "");
|
|
bW.Write(_overrideCatalogQueryAccess);
|
|
|
|
bW.Write((byte)_queryAccess);
|
|
WriteNetworkACLTo(_queryAccessNetworkACL, bW);
|
|
|
|
WriteNameServerAddressesTo(_primaryNameServerAddresses, bW);
|
|
|
|
bW.Write(_expiry);
|
|
break;
|
|
|
|
case AuthZoneType.Forwarder:
|
|
bW.Write(_catalogZoneName ?? "");
|
|
bW.Write(_overrideCatalogQueryAccess);
|
|
bW.Write(_overrideCatalogZoneTransfer);
|
|
bW.Write(_overrideCatalogNotify);
|
|
|
|
bW.Write((byte)_queryAccess);
|
|
WriteNetworkACLTo(_queryAccessNetworkACL, bW);
|
|
|
|
bW.Write((byte)_zoneTransfer);
|
|
WriteNetworkACLTo(_zoneTransferNetworkACL, bW);
|
|
WriteZoneTransferTsigKeyNamesTo(bW);
|
|
WriteZoneHistoryTo(bW);
|
|
|
|
bW.Write((byte)_notify);
|
|
WriteIPAddressesTo(_notifyNameServers, bW);
|
|
|
|
bW.Write((byte)_update);
|
|
WriteNetworkACLTo(_updateNetworkACL, bW);
|
|
WriteUpdateSecurityPoliciesTo(bW);
|
|
break;
|
|
|
|
case AuthZoneType.SecondaryForwarder:
|
|
bW.Write(_catalogZoneName ?? "");
|
|
bW.Write(_overrideCatalogQueryAccess);
|
|
|
|
bW.Write((byte)_queryAccess);
|
|
WriteNetworkACLTo(_queryAccessNetworkACL, bW);
|
|
|
|
bW.Write((byte)_update);
|
|
WriteNetworkACLTo(_updateNetworkACL, bW);
|
|
|
|
WriteNameServerAddressesTo(_primaryNameServerAddresses, bW);
|
|
bW.Write((byte)_primaryZoneTransferProtocol);
|
|
bW.Write(_primaryZoneTransferTsigKeyName ?? "");
|
|
|
|
bW.Write(_expiry);
|
|
break;
|
|
|
|
case AuthZoneType.Catalog:
|
|
bW.Write((byte)_queryAccess);
|
|
WriteNetworkACLTo(_queryAccessNetworkACL, bW);
|
|
|
|
bW.Write((byte)_zoneTransfer);
|
|
WriteNetworkACLTo(_zoneTransferNetworkACL, bW);
|
|
WriteZoneTransferTsigKeyNamesTo(bW);
|
|
WriteZoneHistoryTo(bW);
|
|
|
|
bW.Write((byte)_notify);
|
|
WriteIPAddressesTo(_notifyNameServers, bW);
|
|
WriteIPAddressesTo(_notifySecondaryCatalogNameServers, bW);
|
|
break;
|
|
|
|
case AuthZoneType.SecondaryCatalog:
|
|
bW.Write((byte)_queryAccess);
|
|
WriteNetworkACLTo(_queryAccessNetworkACL, bW);
|
|
|
|
bW.Write((byte)_zoneTransfer);
|
|
WriteNetworkACLTo(_zoneTransferNetworkACL, bW);
|
|
WriteZoneTransferTsigKeyNamesTo(bW);
|
|
|
|
WriteNameServerAddressesTo(_primaryNameServerAddresses, bW);
|
|
bW.Write((byte)_primaryZoneTransferProtocol);
|
|
bW.Write(_primaryZoneTransferTsigKeyName ?? "");
|
|
|
|
bW.Write(_expiry);
|
|
break;
|
|
}
|
|
}
|
|
|
|
public int CompareTo(AuthZoneInfo other)
|
|
{
|
|
return _name.CompareTo(other._name);
|
|
}
|
|
|
|
public override bool Equals(object obj)
|
|
{
|
|
if (ReferenceEquals(this, obj))
|
|
return true;
|
|
|
|
if (obj is not AuthZoneInfo other)
|
|
return false;
|
|
|
|
return _name.Equals(other._name, StringComparison.OrdinalIgnoreCase);
|
|
}
|
|
|
|
public override int GetHashCode()
|
|
{
|
|
return HashCode.Combine(_name);
|
|
}
|
|
|
|
public override string ToString()
|
|
{
|
|
return _name.Length == 0 ? "<root>" : _name; ;
|
|
}
|
|
|
|
#endregion
|
|
|
|
#region properties
|
|
|
|
internal ApexZone ApexZone
|
|
{ get { return _apexZone; } }
|
|
|
|
public string Name
|
|
{ get { return _name; } }
|
|
|
|
public string DisplayName
|
|
{ get { return _name.Length == 0 ? "<root>" : _name; } }
|
|
|
|
public AuthZoneType Type
|
|
{ get { return _type; } }
|
|
|
|
public string TypeName
|
|
{ get { return GetZoneTypeName(_type); } }
|
|
|
|
public DateTime LastModified
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _lastModified;
|
|
|
|
return _apexZone.LastModified;
|
|
}
|
|
}
|
|
|
|
public bool Disabled
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _disabled;
|
|
|
|
return _apexZone.Disabled;
|
|
}
|
|
set
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
_apexZone.Disabled = value;
|
|
}
|
|
}
|
|
|
|
public string CatalogZoneName
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _catalogZoneName;
|
|
|
|
return _apexZone.CatalogZoneName;
|
|
}
|
|
}
|
|
|
|
public bool OverrideCatalogQueryAccess
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _overrideCatalogQueryAccess;
|
|
|
|
return _apexZone.OverrideCatalogQueryAccess;
|
|
}
|
|
set
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
_apexZone.OverrideCatalogQueryAccess = value;
|
|
}
|
|
}
|
|
|
|
public bool OverrideCatalogZoneTransfer
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _overrideCatalogZoneTransfer;
|
|
|
|
return _apexZone.OverrideCatalogZoneTransfer;
|
|
}
|
|
set
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
_apexZone.OverrideCatalogZoneTransfer = value;
|
|
}
|
|
}
|
|
|
|
public bool OverrideCatalogNotify
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _overrideCatalogNotify;
|
|
|
|
return _apexZone.OverrideCatalogNotify;
|
|
}
|
|
set
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
_apexZone.OverrideCatalogNotify = value;
|
|
}
|
|
}
|
|
|
|
public bool OverrideCatalogPrimaryNameServers
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _overrideCatalogPrimaryNameServers;
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Secondary:
|
|
return (_apexZone as SecondaryZone).OverrideCatalogPrimaryNameServers;
|
|
|
|
case AuthZoneType.SecondaryForwarder:
|
|
case AuthZoneType.SecondaryCatalog:
|
|
return false;
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
set
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Secondary:
|
|
(_apexZone as SecondaryZone).OverrideCatalogPrimaryNameServers = value;
|
|
break;
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
}
|
|
|
|
public AuthZoneQueryAccess QueryAccess
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _queryAccess;
|
|
|
|
return _apexZone.QueryAccess;
|
|
}
|
|
set
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
_apexZone.QueryAccess = value;
|
|
}
|
|
}
|
|
|
|
public IReadOnlyCollection<NetworkAccessControl> QueryAccessNetworkACL
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _queryAccessNetworkACL;
|
|
|
|
return _apexZone.QueryAccessNetworkACL;
|
|
}
|
|
set
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
_apexZone.QueryAccessNetworkACL = value;
|
|
}
|
|
}
|
|
|
|
public AuthZoneTransfer ZoneTransfer
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _zoneTransfer;
|
|
|
|
return _apexZone.ZoneTransfer;
|
|
}
|
|
set
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
_apexZone.ZoneTransfer = value;
|
|
}
|
|
}
|
|
|
|
public IReadOnlyCollection<NetworkAccessControl> ZoneTransferNetworkACL
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _zoneTransferNetworkACL;
|
|
|
|
return _apexZone.ZoneTransferNetworkACL;
|
|
}
|
|
set
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
_apexZone.ZoneTransferNetworkACL = value;
|
|
}
|
|
}
|
|
|
|
public IReadOnlyDictionary<string, object> ZoneTransferTsigKeyNames
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _zoneTransferTsigKeyNames;
|
|
|
|
return _apexZone.ZoneTransferTsigKeyNames;
|
|
}
|
|
set
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Primary:
|
|
case AuthZoneType.Secondary:
|
|
case AuthZoneType.Forwarder:
|
|
case AuthZoneType.Catalog:
|
|
_apexZone.ZoneTransferTsigKeyNames = value;
|
|
break;
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
}
|
|
|
|
public IReadOnlyList<DnsResourceRecord> ZoneHistory
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _zoneHistory;
|
|
|
|
return _apexZone.GetZoneHistory();
|
|
}
|
|
}
|
|
|
|
public AuthZoneNotify Notify
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _notify;
|
|
|
|
return _apexZone.Notify;
|
|
}
|
|
set
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
_apexZone.Notify = value;
|
|
}
|
|
}
|
|
|
|
public IReadOnlyCollection<IPAddress> NotifyNameServers
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _notifyNameServers;
|
|
|
|
return _apexZone.NotifyNameServers;
|
|
}
|
|
set
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
_apexZone.NotifyNameServers = value;
|
|
}
|
|
}
|
|
|
|
public IReadOnlyCollection<IPAddress> NotifySecondaryCatalogNameServers
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _notifySecondaryCatalogNameServers;
|
|
|
|
return _apexZone.NotifySecondaryCatalogNameServers;
|
|
}
|
|
set
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
_apexZone.NotifySecondaryCatalogNameServers = value;
|
|
}
|
|
}
|
|
|
|
public AuthZoneUpdate Update
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _update;
|
|
|
|
return _apexZone.Update;
|
|
}
|
|
set
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
_apexZone.Update = value;
|
|
}
|
|
}
|
|
|
|
public IReadOnlyCollection<NetworkAccessControl> UpdateNetworkACL
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _updateNetworkACL;
|
|
|
|
return _apexZone.UpdateNetworkACL;
|
|
}
|
|
set
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
_apexZone.UpdateNetworkACL = value;
|
|
}
|
|
}
|
|
|
|
public IReadOnlyDictionary<string, IReadOnlyDictionary<string, IReadOnlyList<DnsResourceRecordType>>> UpdateSecurityPolicies
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _updateSecurityPolicies;
|
|
|
|
return _apexZone.UpdateSecurityPolicies;
|
|
}
|
|
set
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Primary:
|
|
case AuthZoneType.Forwarder:
|
|
_apexZone.UpdateSecurityPolicies = value;
|
|
break;
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
}
|
|
|
|
public IReadOnlyCollection<DnssecPrivateKey> DnssecPrivateKeys
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _dnssecPrivateKeys;
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Primary:
|
|
return (_apexZone as PrimaryZone).DnssecPrivateKeys;
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
}
|
|
|
|
public IReadOnlyList<NameServerAddress> PrimaryNameServerAddresses
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _primaryNameServerAddresses;
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Secondary:
|
|
case AuthZoneType.SecondaryForwarder:
|
|
case AuthZoneType.SecondaryCatalog:
|
|
return (_apexZone as SecondaryZone).PrimaryNameServerAddresses;
|
|
|
|
case AuthZoneType.Stub:
|
|
return (_apexZone as StubZone).PrimaryNameServerAddresses;
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
set
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Secondary:
|
|
case AuthZoneType.SecondaryForwarder:
|
|
case AuthZoneType.SecondaryCatalog:
|
|
(_apexZone as SecondaryZone).PrimaryNameServerAddresses = value;
|
|
break;
|
|
|
|
case AuthZoneType.Stub:
|
|
(_apexZone as StubZone).PrimaryNameServerAddresses = value;
|
|
break;
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
}
|
|
|
|
public DnsTransportProtocol PrimaryZoneTransferProtocol
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _primaryZoneTransferProtocol;
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Secondary:
|
|
case AuthZoneType.SecondaryForwarder:
|
|
case AuthZoneType.SecondaryCatalog:
|
|
return (_apexZone as SecondaryZone).PrimaryZoneTransferProtocol;
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
set
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Secondary:
|
|
case AuthZoneType.SecondaryForwarder:
|
|
case AuthZoneType.SecondaryCatalog:
|
|
(_apexZone as SecondaryZone).PrimaryZoneTransferProtocol = value;
|
|
break;
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
}
|
|
|
|
public string PrimaryZoneTransferTsigKeyName
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _primaryZoneTransferTsigKeyName;
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Secondary:
|
|
case AuthZoneType.SecondaryForwarder:
|
|
case AuthZoneType.SecondaryCatalog:
|
|
return (_apexZone as SecondaryZone).PrimaryZoneTransferTsigKeyName;
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
set
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Secondary:
|
|
case AuthZoneType.SecondaryForwarder:
|
|
case AuthZoneType.SecondaryCatalog:
|
|
(_apexZone as SecondaryZone).PrimaryZoneTransferTsigKeyName = value;
|
|
break;
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
}
|
|
|
|
public DateTime Expiry
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _expiry;
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Secondary:
|
|
case AuthZoneType.SecondaryForwarder:
|
|
case AuthZoneType.SecondaryCatalog:
|
|
return (_apexZone as SecondaryZone).Expiry;
|
|
|
|
case AuthZoneType.Stub:
|
|
return (_apexZone as StubZone).Expiry;
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
}
|
|
|
|
public bool ValidateZone
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _validateZone;
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Secondary:
|
|
return (_apexZone as SecondaryZone).ValidateZone;
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
set
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Secondary:
|
|
(_apexZone as SecondaryZone).ValidateZone = value;
|
|
break;
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
}
|
|
|
|
public bool ValidationFailed
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
return _validationFailed;
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Secondary:
|
|
return (_apexZone as SecondaryZone).ValidationFailed;
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
}
|
|
|
|
public uint DnsKeyTtl
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Primary:
|
|
return (_apexZone as PrimaryZone).GetDnsKeyTtl();
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
}
|
|
|
|
public bool Internal
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Primary:
|
|
return (_apexZone as PrimaryZone).Internal;
|
|
|
|
default:
|
|
return false;
|
|
}
|
|
}
|
|
}
|
|
|
|
public bool IsExpired
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Secondary:
|
|
case AuthZoneType.SecondaryForwarder:
|
|
case AuthZoneType.SecondaryCatalog:
|
|
return (_apexZone as SecondaryZone).IsExpired;
|
|
|
|
case AuthZoneType.Stub:
|
|
return (_apexZone as StubZone).IsExpired;
|
|
|
|
default:
|
|
return false;
|
|
}
|
|
}
|
|
}
|
|
|
|
public string[] NotifyFailed
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Primary:
|
|
case AuthZoneType.Secondary:
|
|
case AuthZoneType.Forwarder:
|
|
case AuthZoneType.Catalog:
|
|
return _apexZone.NotifyFailed;
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
}
|
|
|
|
public bool SyncFailed
|
|
{
|
|
get
|
|
{
|
|
if (_apexZone is null)
|
|
throw new InvalidOperationException();
|
|
|
|
switch (_type)
|
|
{
|
|
case AuthZoneType.Secondary:
|
|
case AuthZoneType.SecondaryForwarder:
|
|
case AuthZoneType.SecondaryCatalog:
|
|
case AuthZoneType.Stub:
|
|
return _apexZone.SyncFailed;
|
|
|
|
default:
|
|
throw new InvalidOperationException();
|
|
}
|
|
}
|
|
}
|
|
|
|
#endregion
|
|
}
|
|
}
|