dnssec.c File Reference

Go to the source code of this file.

Functions

ldns_rrldns_dnssec_get_rrsig_for_name_and_type (const ldns_rdf *name, const ldns_rr_type type, const ldns_rr_list *rrs)
 Returns the first RRSIG rr that corresponds to the rrset with the given name and type.
ldns_rrldns_dnssec_get_dnskey_for_rrsig (const ldns_rr *rrsig, const ldns_rr_list *rrs)
 Returns the DNSKEY that corresponds to the given RRSIG rr from the list, if any.
ldns_rdfldns_nsec_get_bitmap (ldns_rr *nsec)
 Returns the rdata field that contains the bitmap of the covered types of the given NSEC record.
ldns_rdfldns_dnssec_nsec3_closest_encloser (ldns_rdf *qname, ldns_rr_type qtype, ldns_rr_list *nsec3s)
 Returns the dname of the closest (provable) encloser.
bool ldns_dnssec_pkt_has_rrsigs (const ldns_pkt *pkt)
 Checks whether the packet contains rrsigs.
ldns_rr_listldns_dnssec_pkt_get_rrsigs_for_name_and_type (const ldns_pkt *pkt, ldns_rdf *name, ldns_rr_type type)
 Returns a ldns_rr_list containing the signatures covering the given name and type.
ldns_rr_listldns_dnssec_pkt_get_rrsigs_for_type (const ldns_pkt *pkt, ldns_rr_type type)
 Returns a ldns_rr_list containing the signatures covering the given type.
uint16_t ldns_calc_keytag (const ldns_rr *key)
 calculates a keytag of a key for use in DNSSEC.
uint16_t ldns_calc_keytag_raw (uint8_t *key, size_t keysize)
 Calculates keytag of DNSSEC key, operates on wireformat rdata.
DSA * ldns_key_buf2dsa (ldns_buffer *key)
 converts a buffer holding key material to a DSA key in openssl.
DSA * ldns_key_buf2dsa_raw (unsigned char *key, size_t len)
 Like ldns_key_buf2dsa, but uses raw buffer.
RSA * ldns_key_buf2rsa (ldns_buffer *key)
 converts a buffer holding key material to a RSA key in openssl.
RSA * ldns_key_buf2rsa_raw (unsigned char *key, size_t len)
 Like ldns_key_buf2rsa, but uses raw buffer.
ldns_rrldns_key_rr2ds (const ldns_rr *key, ldns_hash h)
 returns a new DS rr that represents the given key rr.
ldns_rdfldns_dnssec_create_nsec_bitmap (ldns_rr_type rr_type_list[], size_t size, ldns_rr_type nsec_type)
 Create the type bitmap for an NSEC(3) record.
ldns_rrldns_dnssec_create_nsec (ldns_dnssec_name *from, ldns_dnssec_name *to, ldns_rr_type nsec_type)
 Creates NSEC.
ldns_rrldns_dnssec_create_nsec3 (ldns_dnssec_name *from, ldns_dnssec_name *to, ldns_rdf *zone_name, uint8_t algorithm, uint8_t flags, uint16_t iterations, uint8_t salt_length, uint8_t *salt)
 Creates NSEC3.
ldns_rrldns_create_nsec (ldns_rdf *cur_owner, ldns_rdf *next_owner, ldns_rr_list *rrs)
 Create a NSEC record.
ldns_rdfldns_nsec3_hash_name (ldns_rdf *name, uint8_t algorithm, uint16_t iterations, uint8_t salt_length, uint8_t *salt)
 Calculates the hashed name using the given parameters.
void ldns_nsec3_add_param_rdfs (ldns_rr *rr, uint8_t algorithm, uint8_t flags, uint16_t iterations, uint8_t salt_length, uint8_t *salt)
 Sets all the NSEC3 options.
ldns_rrldns_create_nsec3 (ldns_rdf *cur_owner, ldns_rdf *cur_zone, ldns_rr_list *rrs, uint8_t algorithm, uint8_t flags, uint16_t iterations, uint8_t salt_length, uint8_t *salt, bool emptynonterminal)
uint8_t ldns_nsec3_algorithm (const ldns_rr *nsec3_rr)
 Returns the hash algorithm used in the given NSEC3 RR.
uint8_t ldns_nsec3_flags (const ldns_rr *nsec3_rr)
 Returns flags field.
bool ldns_nsec3_optout (const ldns_rr *nsec3_rr)
 Returns true if the opt-out flag has been set in the given NSEC3 RR.
uint16_t ldns_nsec3_iterations (const ldns_rr *nsec3_rr)
 Returns the number of hash iterations used in the given NSEC3 RR.
ldns_rdfldns_nsec3_salt (const ldns_rr *nsec3_rr)
 Returns the salt used in the given NSEC3 RR.
uint8_t ldns_nsec3_salt_length (const ldns_rr *nsec3_rr)
 Returns the length of the salt used in the given NSEC3 RR.
uint8_t * ldns_nsec3_salt_data (const ldns_rr *nsec3_rr)
 Returns the salt bytes used in the given NSEC3 RR.
ldns_rdfldns_nsec3_next_owner (const ldns_rr *nsec3_rr)
 Returns the first label of the next ownername in the NSEC3 chain (ie.
ldns_rdfldns_nsec3_bitmap (const ldns_rr *nsec3_rr)
 Returns the bitmap specifying the covered types of the given NSEC3 RR.
ldns_rdfldns_nsec3_hash_name_frm_nsec3 (const ldns_rr *nsec, ldns_rdf *name)
 Calculates the hashed name using the parameters of the given NSEC3 RR.
bool ldns_nsec_bitmap_covers_type (const ldns_rdf *nsec_bitmap, ldns_rr_type type)
 Checks coverage of NSEC RR type bitmap.
bool ldns_nsec_covers_name (const ldns_rr *nsec, const ldns_rdf *name)
 Checks coverage of NSEC(3) RR name span Remember that nsec and name must both be in canonical form (ie use ldns_rr2canonical and ldns_dname2canonical prior to calling this function).
ldns_status ldns_pkt_verify (ldns_pkt *p, ldns_rr_type t, ldns_rdf *o, ldns_rr_list *k, ldns_rr_list *s, ldns_rr_list *good_keys)
 verify a packet
ldns_status ldns_dnssec_chain_nsec3_list (ldns_rr_list *nsec3_rrs)
 chains nsec3 list
int qsort_rr_compare_nsec3 (const void *a, const void *b)
 compare for nsec3 sort
void ldns_rr_list_sort_nsec3 (ldns_rr_list *unsorted)
 sort nsec3 list
ldns_status ldns_dnssec_zone_create_nsec3s (ldns_dnssec_zone *zone, ldns_rr_list *new_rrs, uint8_t algorithm, uint8_t flags, uint16_t iterations, uint8_t salt_length, uint8_t *salt)
 Adds NSEC3 records to the zone.
int ldns_dnssec_default_add_to_signatures (ldns_rr *sig, void *n)
 Default callback function to always leave present signatures, and add new ones.
int ldns_dnssec_default_leave_signatures (ldns_rr *sig, void *n)
 Default callback function to always leave present signatures, and add no new ones for the keys of these signatures.
int ldns_dnssec_default_delete_signatures (ldns_rr *sig, void *n)
 Default callback function to always remove present signatures, but add no new ones.
int ldns_dnssec_default_replace_signatures (ldns_rr *sig, void *n)
 Default callback function to always leave present signatures, and add new ones.


Function Documentation

ldns_rr* ldns_dnssec_get_rrsig_for_name_and_type ( const ldns_rdf name,
const ldns_rr_type  type,
const ldns_rr_list rrs 
)

Returns the first RRSIG rr that corresponds to the rrset with the given name and type.

Parameters:
[in] name The dname of the RRset covered by the RRSIG to find
[in] type The type of the RRset covered by the RRSIG to find
[in] rrs List of rrs to search in
Returns:
Pointer to the first RRsig ldns_rr found, or NULL if it is not present

Definition at line 32 of file dnssec.c.

References ldns_dname_compare(), ldns_rdf2native_int8(), ldns_rr_get_type(), ldns_rr_list_rr(), ldns_rr_list_rr_count(), ldns_rr_owner(), ldns_rr_rrsig_typecovered(), and LDNS_RR_TYPE_RRSIG.

ldns_rr* ldns_dnssec_get_dnskey_for_rrsig ( const ldns_rr rrsig,
const ldns_rr_list rrs 
)

Returns the DNSKEY that corresponds to the given RRSIG rr from the list, if any.

Parameters:
[in] rrsig The rrsig to find the DNSKEY for
[in] rrs The rr list to find the key in
Returns:
The DNSKEY that corresponds to the given RRSIG, or NULL if it was not found.

Definition at line 60 of file dnssec.c.

References ldns_calc_keytag(), ldns_dname_compare(), ldns_rdf2native_int16(), ldns_rr_get_type(), ldns_rr_list_rr(), ldns_rr_list_rr_count(), ldns_rr_owner(), ldns_rr_rrsig_keytag(), ldns_rr_rrsig_signame(), and LDNS_RR_TYPE_DNSKEY.

ldns_rdf* ldns_nsec_get_bitmap ( ldns_rr nsec  ) 

Returns the rdata field that contains the bitmap of the covered types of the given NSEC record.

Parameters:
[in] nsec The nsec to get the covered type bitmap of
Returns:
An ldns_rdf containing the bitmap, or NULL on error

Definition at line 86 of file dnssec.c.

References ldns_rr_get_type(), ldns_rr_rdf(), LDNS_RR_TYPE_NSEC, and LDNS_RR_TYPE_NSEC3.

ldns_rdf* ldns_dnssec_nsec3_closest_encloser ( ldns_rdf qname,
ldns_rr_type  qtype,
ldns_rr_list nsec3s 
)

bool ldns_dnssec_pkt_has_rrsigs ( const ldns_pkt pkt  ) 

Checks whether the packet contains rrsigs.

Definition at line 223 of file dnssec.c.

References ldns_pkt_ancount(), ldns_pkt_answer(), ldns_pkt_authority(), ldns_pkt_nscount(), ldns_rr_get_type(), ldns_rr_list_rr(), and LDNS_RR_TYPE_RRSIG.

ldns_rr_list* ldns_dnssec_pkt_get_rrsigs_for_name_and_type ( const ldns_pkt pkt,
ldns_rdf name,
ldns_rr_type  type 
)

Returns a ldns_rr_list containing the signatures covering the given name and type.

Definition at line 242 of file dnssec.c.

References ldns_pkt_rr_list_by_name_and_type(), ldns_rdf_free(), ldns_rdf_new(), LDNS_RDF_TYPE_TYPE, ldns_rr_list_deep_free(), ldns_rr_list_subtype_by_rdf(), LDNS_RR_TYPE_RRSIG, and LDNS_SECTION_ANY_NOQUESTION.

ldns_rr_list* ldns_dnssec_pkt_get_rrsigs_for_type ( const ldns_pkt pkt,
ldns_rr_type  type 
)

Returns a ldns_rr_list containing the signatures covering the given type.

Definition at line 267 of file dnssec.c.

References ldns_pkt_rr_list_by_type(), ldns_rdf_free(), ldns_rdf_new(), LDNS_RDF_TYPE_TYPE, ldns_rr_list_deep_free(), ldns_rr_list_subtype_by_rdf(), LDNS_RR_TYPE_RRSIG, and LDNS_SECTION_ANY_NOQUESTION.

uint16_t ldns_calc_keytag ( const ldns_rr key  ) 

calculates a keytag of a key for use in DNSSEC.

Parameters:
[in] key the key as an RR to use for the calc.
Returns:
the keytag

Definition at line 292 of file dnssec.c.

References ldns_buffer_free(), ldns_buffer_new(), ldns_calc_keytag_raw(), LDNS_MIN_BUFLEN, ldns_rr_get_type(), ldns_rr_rdata2buffer_wire(), LDNS_RR_TYPE_DNSKEY, and LDNS_RR_TYPE_KEY.

uint16_t ldns_calc_keytag_raw ( uint8_t *  key,
size_t  keysize 
)

Calculates keytag of DNSSEC key, operates on wireformat rdata.

Parameters:
[in] key the key as uncompressed wireformat rdata.
[in] keysize length of key data.
Returns:
the keytag

Definition at line 326 of file dnssec.c.

References LDNS_RSAMD5.

DSA* ldns_key_buf2dsa ( ldns_buffer key  ) 

converts a buffer holding key material to a DSA key in openssl.

Parameters:
[in] key the key to convert
Returns:
a DSA * structure with the key material

Definition at line 354 of file dnssec.c.

References ldns_key_buf2dsa_raw().

DSA* ldns_key_buf2dsa_raw ( unsigned char *  key,
size_t  len 
)

Like ldns_key_buf2dsa, but uses raw buffer.

Parameters:
[in] key the uncompressed wireformat of the key.
[in] len length of key data
Returns:
a DSA * structure with the key material

Definition at line 361 of file dnssec.c.

RSA* ldns_key_buf2rsa ( ldns_buffer key  ) 

converts a buffer holding key material to a RSA key in openssl.

Parameters:
[in] key the key to convert
Returns:
a RSA * structure with the key material

Definition at line 405 of file dnssec.c.

References ldns_key_buf2rsa_raw().

RSA* ldns_key_buf2rsa_raw ( unsigned char *  key,
size_t  len 
)

Like ldns_key_buf2rsa, but uses raw buffer.

Parameters:
[in] key the uncompressed wireformat of the key.
[in] len length of key data
Returns:
a RSA * structure with the key material

Definition at line 412 of file dnssec.c.

ldns_rr* ldns_key_rr2ds ( const ldns_rr key,
ldns_hash  h 
)

ldns_rdf* ldns_dnssec_create_nsec_bitmap ( ldns_rr_type  rr_type_list[],
size_t  size,
ldns_rr_type  nsec_type 
)

Create the type bitmap for an NSEC(3) record.

Definition at line 573 of file dnssec.c.

References LDNS_FREE, ldns_rdf_new_frm_data(), LDNS_RDF_TYPE_NSEC, LDNS_RR_TYPE_NSEC, LDNS_RR_TYPE_NSEC3, LDNS_RR_TYPE_RRSIG, ldns_set_bit(), LDNS_XMALLOC, and LDNS_XREALLOC.

ldns_rr* ldns_dnssec_create_nsec ( ldns_dnssec_name from,
ldns_dnssec_name to,
ldns_rr_type  nsec_type 
)

ldns_rr* ldns_dnssec_create_nsec3 ( ldns_dnssec_name from,
ldns_dnssec_name to,
ldns_rdf zone_name,
uint8_t  algorithm,
uint8_t  flags,
uint16_t  iterations,
uint8_t  salt_length,
uint8_t *  salt 
)

ldns_rr* ldns_create_nsec ( ldns_rdf cur_owner,
ldns_rdf next_owner,
ldns_rr_list rrs 
)

Create a NSEC record.

Parameters:
[in] cur_owner the current owner which should be taken as the starting point
[in] next_owner the rrlist which the nsec rr should point to
[in] rrs all rrs from the zone, to find all RR types of cur_owner in
Returns:
a ldns_rr with the nsec record in it

Definition at line 740 of file dnssec.c.

References LDNS_FREE, ldns_rdf_clone(), ldns_rdf_compare(), ldns_rdf_new_frm_data(), LDNS_RDF_TYPE_NSEC, ldns_rr_get_type(), ldns_rr_list_rr(), ldns_rr_list_rr_count(), ldns_rr_new(), ldns_rr_owner(), ldns_rr_push_rdf(), ldns_rr_set_owner(), ldns_rr_set_type(), LDNS_RR_TYPE_NSEC, LDNS_RR_TYPE_RRSIG, ldns_set_bit(), LDNS_XMALLOC, and LDNS_XREALLOC.

ldns_rdf* ldns_nsec3_hash_name ( ldns_rdf name,
uint8_t  algorithm,
uint16_t  iterations,
uint8_t  salt_length,
uint8_t *  salt 
)

Calculates the hashed name using the given parameters.

Parameters:
[in] *name The owner name to calculate the hash for
[in] algorithm The hash algorithm to use
[in] iterations The number of hash iterations to use
[in] salt_length The length of the salt in bytes
[in] salt The salt to use
Returns:
The hashed owner name rdf, without the domain name

Definition at line 851 of file dnssec.c.

References b32_ntop_extended_hex(), LDNS_FREE, ldns_rdf2str(), ldns_rdf_data(), ldns_rdf_print(), ldns_rdf_size(), LDNS_STATUS_OK, ldns_str2rdf_dname(), and LDNS_XMALLOC.

void ldns_nsec3_add_param_rdfs ( ldns_rr rr,
uint8_t  algorithm,
uint8_t  flags,
uint16_t  iterations,
uint8_t  salt_length,
uint8_t *  salt 
)

Sets all the NSEC3 options.

The rr to set them in must be initialized with _new() and type LDNS_RR_TYPE_NSEC3

Parameters:
[in] *rr The RR to set the values in
[in] algorithm The NSEC3 hash algorithm
[in] flags The flags field
[in] iterations The number of hash iterations
[in] salt_length The length of the salt in bytes
[in] salt The salt bytes

Definition at line 917 of file dnssec.c.

References LDNS_FREE, ldns_native2rdf_int16(), ldns_rdf_new_frm_data(), LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_NSEC3_SALT, ldns_rr_set_rdf(), and LDNS_XMALLOC.

ldns_rr* ldns_create_nsec3 ( ldns_rdf cur_owner,
ldns_rdf cur_zone,
ldns_rr_list rrs,
uint8_t  algorithm,
uint8_t  flags,
uint16_t  iterations,
uint8_t  salt_length,
uint8_t *  salt,
bool  emptynonterminal 
)

uint8_t ldns_nsec3_algorithm ( const ldns_rr nsec3_rr  ) 

Returns the hash algorithm used in the given NSEC3 RR.

Parameters:
[in] *nsec3_rr The RR to read from
Returns:
The algorithm identifier, or 0 on error

Definition at line 1086 of file dnssec.c.

References ldns_rdf2native_int8(), ldns_rdf_size(), ldns_rr_get_type(), ldns_rr_rdf(), and LDNS_RR_TYPE_NSEC3.

uint8_t ldns_nsec3_flags ( const ldns_rr nsec3_rr  ) 

Returns flags field.

Definition at line 1098 of file dnssec.c.

References ldns_rdf2native_int8(), ldns_rdf_size(), ldns_rr_get_type(), ldns_rr_rdf(), and LDNS_RR_TYPE_NSEC3.

bool ldns_nsec3_optout ( const ldns_rr nsec3_rr  ) 

Returns true if the opt-out flag has been set in the given NSEC3 RR.

Parameters:
[in] *nsec3_rr The RR to read from
Returns:
true if the RR has type NSEC3 and the opt-out bit has been set, false otherwise

Definition at line 1110 of file dnssec.c.

References ldns_nsec3_flags(), and LDNS_NSEC3_VARS_OPTOUT_MASK.

uint16_t ldns_nsec3_iterations ( const ldns_rr nsec3_rr  ) 

Returns the number of hash iterations used in the given NSEC3 RR.

Parameters:
[in] *nsec3_rr The RR to read from
Returns:
The number of iterations

Definition at line 1116 of file dnssec.c.

References ldns_rdf2native_int16(), ldns_rdf_size(), ldns_rr_get_type(), ldns_rr_rdf(), and LDNS_RR_TYPE_NSEC3.

ldns_rdf* ldns_nsec3_salt ( const ldns_rr nsec3_rr  ) 

Returns the salt used in the given NSEC3 RR.

Parameters:
[in] *nsec3_rr The RR to read from
Returns:
The salt rdf, or NULL on error

Definition at line 1128 of file dnssec.c.

References ldns_rr_get_type(), ldns_rr_rdf(), and LDNS_RR_TYPE_NSEC3.

uint8_t ldns_nsec3_salt_length ( const ldns_rr nsec3_rr  ) 

Returns the length of the salt used in the given NSEC3 RR.

Parameters:
[in] *nsec3_rr The RR to read from
Returns:
The length of the salt in bytes

Definition at line 1137 of file dnssec.c.

References ldns_nsec3_salt(), ldns_rdf_data(), and ldns_rdf_size().

uint8_t* ldns_nsec3_salt_data ( const ldns_rr nsec3_rr  ) 

Returns the salt bytes used in the given NSEC3 RR.

Parameters:
[in] *nsec3_rr The RR to read from
Returns:
The salt in bytes, this is alloced, so you need to free it

Definition at line 1148 of file dnssec.c.

References ldns_nsec3_salt(), ldns_rdf_data(), ldns_rdf_size(), and LDNS_XMALLOC.

ldns_rdf* ldns_nsec3_next_owner ( const ldns_rr nsec3_rr  ) 

Returns the first label of the next ownername in the NSEC3 chain (ie.

without the domain)

Parameters:
[in] nsec3_rr The RR to read from
Returns:
The first label of the next owner name in the NSEC3 chain, or NULL on error

Definition at line 1164 of file dnssec.c.

References ldns_rr_get_type(), ldns_rr_rdf(), and LDNS_RR_TYPE_NSEC3.

ldns_rdf* ldns_nsec3_bitmap ( const ldns_rr nsec3_rr  ) 

Returns the bitmap specifying the covered types of the given NSEC3 RR.

Parameters:
[in] *nsec3_rr The RR to read from
Returns:
The covered type bitmap rdf

Definition at line 1174 of file dnssec.c.

References ldns_rr_get_type(), ldns_rr_rdf(), and LDNS_RR_TYPE_NSEC3.

ldns_rdf* ldns_nsec3_hash_name_frm_nsec3 ( const ldns_rr nsec,
ldns_rdf name 
)

Calculates the hashed name using the parameters of the given NSEC3 RR.

Parameters:
[in] *nsec The RR to use the parameters from
[in] *name The owner name to calculate the hash for
Returns:
The hashed owner name rdf, without the domain name

Definition at line 1184 of file dnssec.c.

References LDNS_FREE, ldns_nsec3_algorithm(), ldns_nsec3_hash_name(), ldns_nsec3_iterations(), ldns_nsec3_salt_data(), and ldns_nsec3_salt_length().

bool ldns_nsec_bitmap_covers_type ( const ldns_rdf nsec_bitmap,
ldns_rr_type  type 
)

Checks coverage of NSEC RR type bitmap.

Parameters:
[in] nsec_bitmap The NSEC bitmap rdata field to check
[in] type The type to check
Returns:
true if the NSEC RR covers the type

Definition at line 1219 of file dnssec.c.

References ldns_get_bit(), ldns_rdf_data(), and ldns_rdf_size().

bool ldns_nsec_covers_name ( const ldns_rr nsec,
const ldns_rdf name 
)

Checks coverage of NSEC(3) RR name span Remember that nsec and name must both be in canonical form (ie use ldns_rr2canonical and ldns_dname2canonical prior to calling this function).

Parameters:
[in] nsec The NSEC RR to check
[in] name The owner dname to check, if the nsec record is a NSEC3 record, this should be the hashed name
Returns:
true if the NSEC RR covers the owner name

Definition at line 1248 of file dnssec.c.

References ldns_dname_cat(), ldns_dname_compare(), ldns_dname_left_chop(), ldns_dname_new_frm_str(), LDNS_FREE, ldns_get_errorstr_by_id(), ldns_nsec3_next_owner(), ldns_rdf2str(), ldns_rdf_clone(), ldns_rdf_deep_free(), ldns_rr_get_type(), ldns_rr_owner(), ldns_rr_rdf(), LDNS_RR_TYPE_NSEC, LDNS_RR_TYPE_NSEC3, and LDNS_STATUS_OK.

ldns_status ldns_pkt_verify ( ldns_pkt p,
ldns_rr_type  t,
ldns_rdf o,
ldns_rr_list k,
ldns_rr_list s,
ldns_rr_list good_keys 
)

verify a packet

Parameters:
[in] p the packet
[in] t the rr set type to check
[in] o the rr set name to ckeck
[in] k list of keys
[in] s list of sigs (may be null)
[out] good_keys keys which validated the packet
Returns:
status

Definition at line 1300 of file dnssec.c.

References ldns_pkt_rr_list_by_name_and_type(), ldns_rdf_new(), LDNS_RDF_TYPE_TYPE, ldns_rr_list_subtype_by_rdf(), LDNS_RR_TYPE_RRSIG, LDNS_SECTION_ANY_NOQUESTION, LDNS_STATUS_ERR, and ldns_verify().

ldns_status ldns_dnssec_chain_nsec3_list ( ldns_rr_list nsec3_rrs  ) 

int qsort_rr_compare_nsec3 ( const void *  a,
const void *  b 
)

compare for nsec3 sort

Definition at line 1475 of file dnssec.c.

References ldns_rdf_compare(), and ldns_rr_owner().

void ldns_rr_list_sort_nsec3 ( ldns_rr_list unsorted  ) 

sort nsec3 list

Definition at line 1492 of file dnssec.c.

References ldns_struct_rr_list::_rrs, ldns_rr_list_rr_count(), and qsort_rr_compare_nsec3().

ldns_status ldns_dnssec_zone_create_nsec3s ( ldns_dnssec_zone zone,
ldns_rr_list new_rrs,
uint8_t  algorithm,
uint8_t  flags,
uint16_t  iterations,
uint8_t  salt_length,
uint8_t *  salt 
)

int ldns_dnssec_default_add_to_signatures ( ldns_rr sig,
void *  n 
)

Default callback function to always leave present signatures, and add new ones.

Parameters:
[in] sig The signature to check for removal (unused)
[in] n Optional argument (unused)
Returns:
LDNS_SIGNATURE_LEAVE_ADD_NEW

Definition at line 1567 of file dnssec.c.

References LDNS_SIGNATURE_LEAVE_ADD_NEW.

int ldns_dnssec_default_leave_signatures ( ldns_rr sig,
void *  n 
)

Default callback function to always leave present signatures, and add no new ones for the keys of these signatures.

Parameters:
[in] sig The signature to check for removal (unused)
[in] n Optional argument (unused)
Returns:
LDNS_SIGNATURE_LEAVE_NO_ADD

Definition at line 1575 of file dnssec.c.

References LDNS_SIGNATURE_LEAVE_NO_ADD.

int ldns_dnssec_default_delete_signatures ( ldns_rr sig,
void *  n 
)

Default callback function to always remove present signatures, but add no new ones.

Parameters:
[in] sig The signature to check for removal (unused)
[in] n Optional argument (unused)
Returns:
LDNS_SIGNATURE_REMOVE_NO_ADD

Definition at line 1583 of file dnssec.c.

References LDNS_SIGNATURE_REMOVE_NO_ADD.

int ldns_dnssec_default_replace_signatures ( ldns_rr sig,
void *  n 
)

Default callback function to always leave present signatures, and add new ones.

Parameters:
[in] sig The signature to check for removal (unused)
[in] n Optional argument (unused)
Returns:
LDNS_SIGNATURE_REMOVE_ADD_NEW

Definition at line 1591 of file dnssec.c.

References LDNS_SIGNATURE_REMOVE_ADD_NEW.


Generated on Fri Aug 8 02:52:41 2008 for ldns by  doxygen 1.5.6