#include <config.h>#include <stdlib.h>#include <isc/base32.h>#include <isc/buffer.h>#include <isc/dir.h>#include <isc/entropy.h>#include <isc/heap.h>#include <isc/list.h>#include <isc/mem.h>#include <isc/string.h>#include <isc/time.h>#include <isc/util.h>#include <isc/print.h>#include <dns/db.h>#include <dns/dbiterator.h>#include <dns/dnssec.h>#include <dns/fixedname.h>#include <dns/keyvalues.h>#include <dns/log.h>#include <dns/name.h>#include <dns/nsec.h>#include <dns/nsec3.h>#include <dns/rdatastruct.h>#include <dns/rdataclass.h>#include <dns/rdataset.h>#include <dns/rdatasetiter.h>#include <dns/rdatatype.h>#include <dns/result.h>#include <dns/secalg.h>#include <dns/time.h>#include "dnssectool.h"Go to the source code of this file.
Definition in file dnssectool.c.
| #define EXPECTEDANDFOUND "Expected and found NSEC3 chains not equal\n" |
| typedef struct entropysource entropysource_t |
Definition at line 75 of file dnssectool.c.
| static ISC_LIST | ( | entropysource_t | ) | [static] |
| void setfatalcallback | ( | fatalcallback_t * | callback | ) |
| void check_result | ( | isc_result_t | result, | |
| const char * | message | |||
| ) |
Definition at line 106 of file dnssectool.c.
References fatal(), ISC_R_SUCCESS, and isc_result_totext().
| void vbprintf | ( | int | level, | |
| const char * | fmt, | |||
| ... | ||||
| ) |
Definition at line 112 of file dnssectool.c.
References program, and verbose.
Referenced by loadds(), main(), rrset_cleanup(), signset(), and signwithkey().
| void version | ( | const char * | name | ) |
| void type_format | ( | const dns_rdatatype_t | type, | |
| char * | cp, | |||
| unsigned int | size | |||
| ) |
Definition at line 129 of file dnssectool.c.
References isc_region::base, check_result(), dns_rdatatype_totext(), isc_buffer_init, isc_buffer_usedregion, isc_region::length, and r.
Referenced by check_no_rrsig(), rrset_cleanup(), signset(), and verifyset().
| void sig_format | ( | dns_rdata_rrsig_t * | sig, | |
| char * | cp, | |||
| unsigned int | size | |||
| ) |
Definition at line 142 of file dnssectool.c.
References dns_name_format(), DNS_NAME_FORMATSIZE, and dns_secalg_format().
Referenced by signset().
Definition at line 152 of file dnssectool.c.
References check_result(), dns_log_init(), dns_log_setcontext(), isc_logdestination::file, isc_log_create(), isc_log_createchannel(), ISC_LOG_DEBUG, ISC_LOG_INFO, ISC_LOG_PRINTLEVEL, ISC_LOG_PRINTTAG, ISC_LOG_ROLLNEVER, isc_log_setcontext(), isc_log_settag(), ISC_LOG_TOFILEDESC, isc_log_usechannel(), ISC_LOG_WARNING, ISC_R_SUCCESS, isc_logfile::maximum_size, isc_logfile::name, program, RUNTIME_CHECK, isc_logfile::stream, verbose, and isc_logfile::versions.
| void cleanup_logging | ( | isc_log_t ** | logp | ) |
Definition at line 208 of file dnssectool.c.
References dns_log_setcontext(), isc_log_destroy(), isc_log_setcontext(), and REQUIRE.
Referenced by main().
| void setup_entropy | ( | isc_mem_t * | mctx, | |
| const char * | randomfile, | |||
| isc_entropy_t ** | ectx | |||
| ) |
Definition at line 223 of file dnssectool.c.
References fatal(), isc_entropy_create(), ISC_ENTROPY_KEYBOARDMAYBE, ISC_ENTROPY_KEYBOARDYES, isc_entropy_usebestsource(), ISC_LINK_INIT, ISC_LIST_APPEND, ISC_LIST_INIT, isc_mem_get, ISC_R_SUCCESS, isc_result_totext(), entropysource::mctx, REQUIRE, entropysource::source, and sources.
Referenced by main(), parse_args(), and setup_system().
| void cleanup_entropy | ( | isc_entropy_t ** | ectx | ) |
Definition at line 262 of file dnssectool.c.
References isc_entropy_destroysource(), isc_entropy_detach(), ISC_LIST_EMPTY, ISC_LIST_HEAD, ISC_LIST_UNLINK, isc_mem_put, entropysource::mctx, entropysource::source, and sources.
Referenced by doshutdown(), and main().
| static isc_stdtime_t time_units | ( | isc_stdtime_t | offset, | |
| char * | suffix, | |||
| const char * | str | |||
| ) | [static] |
Definition at line 274 of file dnssectool.c.
References fatal().
Referenced by strtotime(), and strtottl().
| static isc_boolean_t isnone | ( | const char * | str | ) | [inline, static] |
Definition at line 308 of file dnssectool.c.
References ISC_TF.
Referenced by strtotime(), and strtottl().
| dns_ttl_t strtottl | ( | const char * | str | ) |
Definition at line 314 of file dnssectool.c.
References fatal(), isnone(), time_units(), and ttl.
Referenced by main().
| isc_stdtime_t strtotime | ( | const char * | str, | |
| isc_int64_t | now, | |||
| isc_int64_t | base, | |||
| isc_boolean_t * | setp | |||
| ) |
Definition at line 330 of file dnssectool.c.
References dns_time64_fromtext(), fatal(), ISC_FALSE, ISC_R_SUCCESS, isc_result_totext(), ISC_TRUE, isnone(), and time_units().
Referenced by main().
| dns_rdataclass_t strtoclass | ( | const char * | str | ) |
Definition at line 396 of file dnssectool.c.
References isc_textregion::base, DE_CONST, dns_rdataclass_fromtext(), fatal(), ISC_R_SUCCESS, isc_textregion::length, r, and rdclass.
Referenced by main().
| isc_result_t try_dir | ( | const char * | dirname | ) |
Definition at line 412 of file dnssectool.c.
References isc_dir_close(), isc_dir_init(), isc_dir_open(), and ISC_R_SUCCESS.
Referenced by main().
| void check_keyversion | ( | dst_key_t * | key, | |
| char * | keystr | |||
| ) |
Definition at line 428 of file dnssectool.c.
References dst_key_getprivateformat(), DST_MAJOR_VERSION, DST_MINOR_VERSION, fatal(), and INSIST.
Referenced by main().
| void set_keyversion | ( | dst_key_t * | key | ) |
Definition at line 444 of file dnssectool.c.
References dst_key_getprivateformat(), dst_key_setprivateformat(), dst_key_settime(), DST_MAJOR_VERSION, DST_MINOR_VERSION, DST_TIME_CREATED, INSIST, isc_stdtime_get(), and now.
Referenced by main().
| isc_boolean_t key_collision | ( | dst_key_t * | dstkey, | |
| dns_name_t * | name, | |||
| const char * | dir, | |||
| isc_mem_t * | mctx, | |||
| isc_boolean_t * | exact | |||
| ) |
Definition at line 465 of file dnssectool.c.
References dns_dnssec_findmatchingkeys(), dns_dnsseckey_destroy(), dst_key_alg(), dst_key_id(), dst_key_rid(), ISC_FALSE, ISC_LIST_EMPTY, ISC_LIST_HEAD, ISC_LIST_INIT, ISC_LIST_UNLINK, ISC_R_NOTFOUND, ISC_TRUE, dns_dnsseckey::key, key, and verbose.
Referenced by main().
| isc_boolean_t is_delegation | ( | dns_db_t * | db, | |
| dns_dbversion_t * | ver, | |||
| dns_name_t * | origin, | |||
| dns_name_t * | name, | |||
| dns_dbnode_t * | node, | |||
| isc_uint32_t * | ttlp | |||
| ) |
Definition at line 528 of file dnssectool.c.
References dns_db_findrdataset(), dns_name_equal(), dns_rdataset_disassociate(), dns_rdataset_init(), dns_rdataset_isassociated(), ISC_FALSE, ISC_R_SUCCESS, ISC_TF, and dns_rdataset::ttl.
Referenced by assignwork(), nsec3ify(), nsecify(), signname(), and verifyzone().
| static isc_boolean_t goodsig | ( | dns_name_t * | origin, | |
| dns_rdata_t * | sigrdata, | |||
| dns_name_t * | name, | |||
| dns_rdataset_t * | keyrdataset, | |||
| dns_rdataset_t * | rdataset, | |||
| isc_mem_t * | mctx | |||
| ) | [static] |
Definition at line 550 of file dnssectool.c.
References check_result(), dns_dnssec_keyfromrdata(), dns_dnssec_verify(), dns_name_equal(), DNS_RDATA_INIT, dns_rdata_tostruct(), dns_rdataset_current(), dns_rdataset_first(), dns_rdataset_next(), dst_key_free(), dst_key_id(), ISC_FALSE, ISC_R_SUCCESS, ISC_TRUE, and key.
Referenced by verifyset().
| static isc_result_t verifynsec | ( | dns_db_t * | db, | |
| dns_dbversion_t * | ver, | |||
| dns_name_t * | name, | |||
| dns_dbnode_t * | node, | |||
| dns_name_t * | nextname | |||
| ) | [static] |
Definition at line 588 of file dnssectool.c.
References buffer, check_result(), dns_db_findrdataset(), dns_name_equal(), dns_name_format(), DNS_NAME_FORMATSIZE, DNS_NSEC_BUFFERSIZE, dns_nsec_buildrdata(), dns_rdata_compare(), DNS_RDATA_INIT, dns_rdata_tostruct(), dns_rdataset_current(), dns_rdataset_disassociate(), dns_rdataset_first(), dns_rdataset_init(), dns_rdataset_isassociated(), dns_rdataset_next(), ISC_R_FAILURE, ISC_R_NOMORE, ISC_R_SUCCESS, and namebuf.
Referenced by verifynode().
| static void check_no_rrsig | ( | dns_db_t * | db, | |
| dns_dbversion_t * | ver, | |||
| dns_rdataset_t * | rdataset, | |||
| dns_name_t * | name, | |||
| dns_dbnode_t * | node | |||
| ) | [static] |
Definition at line 652 of file dnssectool.c.
References check_result(), dns_rdataset::covers, dns_db_allrdatasets(), dns_name_format(), DNS_NAME_FORMATSIZE, dns_rdataset_disassociate(), dns_rdataset_init(), dns_rdataset_isassociated(), dns_rdatasetiter_current(), dns_rdatasetiter_destroy(), dns_rdatasetiter_first(), dns_rdatasetiter_next(), ISC_R_SUCCESS, namebuf, dns_rdataset::type, and type_format().
Referenced by verifynode().
| static isc_boolean_t chain_compare | ( | void * | arg1, | |
| void * | arg2 | |||
| ) | [static] |
Definition at line 685 of file dnssectool.c.
References nsec3_chain_fixed::hash, ISC_FALSE, ISC_TRUE, nsec3_chain_fixed::iterations, nsec3_chain_fixed::next_length, and nsec3_chain_fixed::salt_length.
Referenced by verify_nsec3_chains(), and verifyzone().
| static isc_boolean_t chain_equal | ( | struct nsec3_chain_fixed * | e1, | |
| struct nsec3_chain_fixed * | e2 | |||
| ) | [static] |
Definition at line 715 of file dnssectool.c.
References nsec3_chain_fixed::hash, ISC_FALSE, ISC_TRUE, nsec3_chain_fixed::iterations, nsec3_chain_fixed::next_length, and nsec3_chain_fixed::salt_length.
Referenced by verify_nsec3_chains().
| static isc_result_t record_nsec3 | ( | const unsigned char * | rawhash, | |
| const dns_rdata_nsec3_t * | nsec3, | |||
| isc_mem_t * | mctx, | |||
| isc_heap_t * | chains | |||
| ) | [static] |
Definition at line 733 of file dnssectool.c.
References nsec3_chain_fixed::hash, isc_heap_insert(), isc_mem_get, isc_mem_put, ISC_R_NOMEMORY, ISC_R_SUCCESS, isc_result_totext(), nsec3_chain_fixed::iterations, nsec3_chain_fixed::next_length, and nsec3_chain_fixed::salt_length.
Referenced by match_nsec3(), and record_found().
| static isc_result_t match_nsec3 | ( | dns_name_t * | name, | |
| isc_mem_t * | mctx, | |||
| dns_rdata_nsec3param_t * | nsec3param, | |||
| dns_rdataset_t * | rdataset, | |||
| unsigned char | types[8192], | |||
| unsigned int | maxtype, | |||
| unsigned char * | rawhash, | |||
| size_t | rhsize | |||
| ) | [static] |
Definition at line 767 of file dnssectool.c.
References check_result(), dns_name_format(), DNS_NAME_FORMATSIZE, dns_nsec_compressbitmap(), DNS_R_DUPLICATE, DNS_RDATA_INIT, dns_rdata_tostruct(), dns_rdataset_current(), dns_rdataset_first(), dns_rdataset_next(), ISC_R_FAILURE, ISC_R_NOMORE, ISC_R_SUCCESS, namebuf, and record_nsec3().
Referenced by verifynsec3().
| static isc_boolean_t innsec3params | ( | dns_rdata_nsec3_t * | nsec3, | |
| dns_rdataset_t * | nsec3paramset | |||
| ) | [static] |
Definition at line 850 of file dnssectool.c.
References check_result(), DNS_RDATA_INIT, dns_rdata_tostruct(), dns_rdataset_current(), dns_rdataset_first(), dns_rdataset_next(), ISC_FALSE, ISC_R_SUCCESS, and ISC_TRUE.
Referenced by record_found().
| static isc_result_t record_found | ( | dns_db_t * | db, | |
| dns_dbversion_t * | ver, | |||
| isc_mem_t * | mctx, | |||
| dns_name_t * | name, | |||
| dns_dbnode_t * | node, | |||
| dns_rdataset_t * | nsec3paramset | |||
| ) | [static] |
Definition at line 874 of file dnssectool.c.
References check_result(), cleanup(), dns_db_findrdataset(), dns_name_getlabel(), DNS_RDATA_INIT, dns_rdata_tostruct(), dns_rdataset_current(), dns_rdataset_disassociate(), dns_rdataset_first(), dns_rdataset_init(), dns_rdataset_isassociated(), dns_rdataset_next(), innsec3params(), isc_base32hex_decoderegion(), isc_buffer_init, isc_buffer_usedlength, ISC_R_SUCCESS, isc_region_consume, NSEC3_MAX_HASH_LENGTH, and record_nsec3().
Referenced by verifyzone().
| static isc_boolean_t isoptout | ( | dns_db_t * | db, | |
| dns_dbversion_t * | ver, | |||
| dns_name_t * | origin, | |||
| dns_rdata_t * | nsec3rdata | |||
| ) | [static] |
Definition at line 930 of file dnssectool.c.
References check_result(), dns_db_detachnode(), dns_db_findnsec3node(), dns_db_findrdataset(), dns_fixedname_init, dns_fixedname_name, dns_nsec3_hashname(), DNS_RDATA_INIT, dns_rdata_tostruct(), dns_rdataset_current(), dns_rdataset_disassociate(), dns_rdataset_first(), dns_rdataset_init(), dns_rdataset_isassociated(), fixed, ISC_FALSE, ISC_R_SUCCESS, ISC_TF, and NSEC3_MAX_HASH_LENGTH.
Referenced by verifynsec3().
| static isc_result_t verifynsec3 | ( | dns_db_t * | db, | |
| dns_dbversion_t * | ver, | |||
| dns_name_t * | origin, | |||
| isc_mem_t * | mctx, | |||
| dns_name_t * | name, | |||
| dns_rdata_t * | rdata, | |||
| isc_boolean_t | delegation, | |||
| isc_boolean_t | empty, | |||
| unsigned char | types[8192], | |||
| unsigned int | maxtype | |||
| ) | [static] |
Definition at line 983 of file dnssectool.c.
References check_result(), dns_db_detachnode(), dns_db_findnsec3node(), dns_db_findrdataset(), dns_fixedname_init, dns_fixedname_name, dns_name_format(), DNS_NAME_FORMATSIZE, dns_nsec3_hashname(), dns_nsec3_supportedhash(), dns_nsec_isset(), dns_rdata_tostruct(), dns_rdataset_disassociate(), dns_rdataset_init(), dns_rdataset_isassociated(), fixed, ISC_FALSE, ISC_R_NOTFOUND, ISC_R_SUCCESS, isoptout(), match_nsec3(), namebuf, and NSEC3_MAX_HASH_LENGTH.
Referenced by verifynsec3s().
| static isc_result_t verifynsec3s | ( | dns_db_t * | db, | |
| dns_dbversion_t * | ver, | |||
| dns_name_t * | origin, | |||
| isc_mem_t * | mctx, | |||
| dns_name_t * | name, | |||
| dns_rdataset_t * | nsec3paramset, | |||
| isc_boolean_t | delegation, | |||
| isc_boolean_t | empty, | |||
| unsigned char | types[8192], | |||
| unsigned int | maxtype | |||
| ) | [static] |
Definition at line 1055 of file dnssectool.c.
References DNS_RDATA_INIT, dns_rdataset_current(), dns_rdataset_first(), dns_rdataset_next(), ISC_R_NOMORE, ISC_R_SUCCESS, and verifynsec3().
Referenced by verifyemptynodes(), and verifynode().
| static void verifyset | ( | dns_db_t * | db, | |
| dns_dbversion_t * | ver, | |||
| dns_name_t * | origin, | |||
| isc_mem_t * | mctx, | |||
| dns_rdataset_t * | rdataset, | |||
| dns_name_t * | name, | |||
| dns_dbnode_t * | node, | |||
| dns_rdataset_t * | keyrdataset, | |||
| unsigned char * | act_algorithms, | |||
| unsigned char * | bad_algorithms | |||
| ) | [static] |
Definition at line 1079 of file dnssectool.c.
References check_result(), dns_rdataset::covers, dns_db_allrdatasets(), dns_name_format(), DNS_NAME_FORMATSIZE, DNS_RDATA_INIT, dns_rdata_tostruct(), dns_rdataset_current(), dns_rdataset_disassociate(), dns_rdataset_first(), dns_rdataset_init(), dns_rdataset_next(), dns_rdatasetiter_current(), dns_rdatasetiter_destroy(), dns_rdatasetiter_first(), dns_rdatasetiter_next(), dns_secalg_format(), goodsig(), ISC_R_SUCCESS, namebuf, dns_rdataset::ttl, dns_rdataset::type, and type_format().
Referenced by verifynode().
| static isc_result_t verifynode | ( | dns_db_t * | db, | |
| dns_dbversion_t * | ver, | |||
| dns_name_t * | origin, | |||
| isc_mem_t * | mctx, | |||
| dns_name_t * | name, | |||
| dns_dbnode_t * | node, | |||
| isc_boolean_t | delegation, | |||
| dns_rdataset_t * | keyrdataset, | |||
| unsigned char * | act_algorithms, | |||
| unsigned char * | bad_algorithms, | |||
| dns_rdataset_t * | nsecset, | |||
| dns_rdataset_t * | nsec3paramset, | |||
| dns_name_t * | nextname | |||
| ) | [static] |
Definition at line 1156 of file dnssectool.c.
References check_no_rrsig(), check_result(), dns_db_allrdatasets(), dns_nsec_setbit(), dns_rdataset_disassociate(), dns_rdataset_init(), dns_rdataset_isassociated(), dns_rdatasetiter_current(), dns_rdatasetiter_destroy(), dns_rdatasetiter_first(), dns_rdatasetiter_next(), fatal(), ISC_FALSE, ISC_R_NOMORE, ISC_R_SUCCESS, isc_result_totext(), dns_rdataset::type, verifynsec(), verifynsec3s(), and verifyset().
Referenced by verifyzone().
| static isc_boolean_t is_empty | ( | dns_db_t * | db, | |
| dns_dbversion_t * | ver, | |||
| dns_dbnode_t * | node | |||
| ) | [static] |
Definition at line 1223 of file dnssectool.c.
References check_result(), dns_db_allrdatasets(), dns_rdatasetiter_destroy(), dns_rdatasetiter_first(), ISC_FALSE, ISC_R_NOMORE, and ISC_TRUE.
Referenced by verifyzone().
| static void check_no_nsec | ( | dns_name_t * | name, | |
| dns_dbnode_t * | node, | |||
| dns_db_t * | db, | |||
| dns_dbversion_t * | ver | |||
| ) | [static] |
Definition at line 1237 of file dnssectool.c.
References dns_db_findrdataset(), dns_name_format(), DNS_NAME_FORMATSIZE, dns_rdataset_disassociate(), dns_rdataset_init(), dns_rdataset_isassociated(), fatal(), ISC_R_NOTFOUND, and namebuf.
Referenced by verifyzone().
| static isc_boolean_t newchain | ( | const struct nsec3_chain_fixed * | first, | |
| const struct nsec3_chain_fixed * | e | |||
| ) | [static] |
Definition at line 1257 of file dnssectool.c.
References nsec3_chain_fixed::hash, ISC_FALSE, ISC_TRUE, nsec3_chain_fixed::iterations, nsec3_chain_fixed::next_length, and nsec3_chain_fixed::salt_length.
Referenced by verify_nsec3_chains().
| static void free_element | ( | isc_mem_t * | mctx, | |
| struct nsec3_chain_fixed * | e | |||
| ) | [static] |
Definition at line 1270 of file dnssectool.c.
References isc_mem_put, nsec3_chain_fixed::next_length, and nsec3_chain_fixed::salt_length.
Referenced by verify_nsec3_chains().
| static isc_boolean_t checknext | ( | const struct nsec3_chain_fixed * | first, | |
| const struct nsec3_chain_fixed * | e | |||
| ) | [static] |
Definition at line 1278 of file dnssectool.c.
References isc_region::base, DE_CONST, isc_base32hex_totext(), isc_buffer_init, isc_buffer_usedlength, ISC_FALSE, ISC_TRUE, isc_region::length, nsec3_chain_fixed::next_length, and nsec3_chain_fixed::salt_length.
Referenced by verify_nsec3_chains().
| static isc_result_t verify_nsec3_chains | ( | isc_mem_t * | mctx | ) | [static] |
Definition at line 1319 of file dnssectool.c.
References chain_compare(), chain_equal(), checknext(), EXPECTEDANDFOUND, free_element(), isc_heap_delete(), isc_heap_element(), ISC_R_FAILURE, ISC_R_SUCCESS, and newchain().
Referenced by verifyzone().
| static isc_result_t verifyemptynodes | ( | dns_db_t * | db, | |
| dns_dbversion_t * | ver, | |||
| dns_name_t * | origin, | |||
| isc_mem_t * | mctx, | |||
| dns_name_t * | name, | |||
| dns_name_t * | prevname, | |||
| isc_boolean_t | isdelegation, | |||
| dns_rdataset_t * | nsec3paramset | |||
| ) | [static] |
Definition at line 1403 of file dnssectool.c.
References dns_name_countlabels(), dns_name_fullcompare(), dns_name_getlabelsequence(), dns_name_init(), dns_namereln_commonancestor, dns_namereln_contains, dns_rdataset_isassociated(), ISC_R_SUCCESS, ISC_TRUE, and verifynsec3s().
Referenced by verifyzone().
| void verifyzone | ( | dns_db_t * | db, | |
| dns_dbversion_t * | ver, | |||
| dns_name_t * | origin, | |||
| isc_mem_t * | mctx, | |||
| isc_boolean_t | ignore_kskflag, | |||
| isc_boolean_t | keyset_kskonly | |||
| ) |
Verify that certain things are sane:.
The apex has a DNSKEY record with at least one KSK, and at least one ZSK if the -x flag was not used.
The DNSKEY record was signed with at least one of the KSKs in this set.
The rest of the zone was signed with at least one of the ZSKs present in the DNSKEY RRSET.
Definition at line 1453 of file dnssectool.c.
References buffer, chain_compare(), check_dns_dbiterator_current, check_no_nsec(), check_result(), dns_db_createiterator(), dns_db_detachnode(), dns_db_findnode(), dns_db_findrdataset(), DNS_DB_NONSEC3, DNS_DB_NSEC3ONLY, dns_dbiterator_current(), dns_dbiterator_destroy(), dns_dbiterator_first(), dns_dbiterator_next(), dns_dnssec_selfsigns(), dns_dnssec_signs(), dns_fixedname_init, dns_fixedname_name, DNS_KEYFLAG_KSK, DNS_KEYFLAG_REVOKE, DNS_KEYOWNER_ZONE, dns_name_copy(), dns_name_format(), DNS_NAME_FORMATSIZE, dns_name_issubdomain(), dns_rdata_freestruct(), DNS_RDATA_INIT, dns_rdata_reset(), dns_rdata_tostruct(), dns_rdata_totext(), dns_rdataset_current(), dns_rdataset_disassociate(), dns_rdataset_first(), dns_rdataset_init(), dns_rdataset_isassociated(), dns_rdataset_next(), dns_result_totext(), dns_secalg_format(), fatal(), is_delegation(), is_empty(), isc_buffer_init, isc_buffer_usedlength, ISC_FALSE, isc_heap_create(), isc_heap_destroy(), ISC_R_NOMORE, ISC_R_NOTFOUND, ISC_R_SUCCESS, ISC_R_UNSET, isc_result_totext(), ISC_TRUE, isdelegation(), name, namebuf, record_found(), verify_nsec3_chains(), verifyemptynodes(), and verifynode().
Referenced by main().
isc_heap_t* expected_chains [static] |
isc_heap_t * found_chains [static] |
Definition at line 60 of file dnssectool.c.
| const char* program |
Definition at line 60 of file dnssec-dsfromkey.c.