#include <isc/lang.h>#include <isc/iterated_hash.h>#include <dns/db.h>#include <dns/diff.h>#include <dns/name.h>#include <dns/rdatastruct.h>#include <dns/types.h>Go to the source code of this file.
Defines | |
| #define | DNS_NSEC3_H 1 |
| #define | DNS_NSEC3_SALTSIZE 255 |
| #define | DNS_NSEC3_BUFFERSIZE (6 + 255 + 255 + 8192 + 512) |
| #define | DNS_NSEC3PARAM_BUFFERSIZE (5 + 255) |
| #define | DNS_NSEC3_UNKNOWNALG ((dns_hash_t)245U) |
Functions | |
| ISC_LANG_BEGINDECLS isc_result_t | dns_nsec3_buildrdata (dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, unsigned int hashalg, unsigned int optin, unsigned int iterations, const unsigned char *salt, size_t salt_length, const unsigned char *nexthash, size_t hash_length, unsigned char *buffer, dns_rdata_t *rdata) |
| Build the rdata of a NSEC3 record for the data at 'node'. Note: 'node' is not the node where the NSEC3 record will be stored. | |
| isc_boolean_t | dns_nsec3_typepresent (dns_rdata_t *nsec, dns_rdatatype_t type) |
| Determine if a type is marked as present in an NSEC3 record. | |
| isc_result_t | dns_nsec3_hashname (dns_fixedname_t *result, unsigned char rethash[NSEC3_MAX_HASH_LENGTH], size_t *hash_length, dns_name_t *name, dns_name_t *origin, dns_hash_t hashalg, unsigned int iterations, const unsigned char *salt, size_t saltlength) |
| Make a hashed domain name from an unhashed one. If rethash is not NULL the raw hash is stored there. | |
| unsigned int | dns_nsec3_hashlength (dns_hash_t hash) |
| Return the length of the hash produced by the specified algorithm or zero when unknown. | |
| isc_boolean_t | dns_nsec3_supportedhash (dns_hash_t hash) |
| Return whether we support this hash algorithm or not. | |
| isc_result_t | dns_nsec3_addnsec3 (dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, const dns_rdata_nsec3param_t *nsec3param, dns_ttl_t nsecttl, isc_boolean_t unsecure, dns_diff_t *diff) |
| isc_result_t | dns_nsec3_addnsec3s (dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, dns_ttl_t nsecttl, isc_boolean_t unsecure, dns_diff_t *diff) |
| Add NSEC3 records for "name", recording the change in "diff". The existing NSEC3 records are removed. | |
| isc_result_t | dns_nsec3_addnsec3sx (dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, dns_ttl_t nsecttl, isc_boolean_t unsecure, dns_rdatatype_t private, dns_diff_t *diff) |
| Add NSEC3 records for 'name', recording the change in 'diff'. Adjust previous NSEC3 records, if any, to reflect the addition. The existing NSEC3 records are removed. | |
| isc_result_t | dns_nsec3_delnsec3 (dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, const dns_rdata_nsec3param_t *nsec3param, dns_diff_t *diff) |
| isc_result_t | dns_nsec3_delnsec3s (dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, dns_diff_t *diff) |
| isc_result_t | dns_nsec3_delnsec3sx (dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, dns_rdatatype_t private, dns_diff_t *diff) |
| Remove NSEC3 records for 'name', recording the change in 'diff'. Adjust previous NSEC3 records, if any, to reflect the removal. | |
| isc_result_t | dns_nsec3_active (dns_db_t *db, dns_dbversion_t *version, isc_boolean_t complete, isc_boolean_t *answer) |
| isc_result_t | dns_nsec3_activex (dns_db_t *db, dns_dbversion_t *version, isc_boolean_t complete, dns_rdatatype_t private, isc_boolean_t *answer) |
| Check if there are any complete/to be built NSEC3 chains. If 'complete' is ISC_TRUE only complete chains will be recognized. | |
| isc_result_t | dns_nsec3_maxiterations (dns_db_t *db, dns_dbversion_t *version, isc_mem_t *mctx, unsigned int *iterationsp) |
| Find the maximum permissible number of iterations allowed based on the key strength. | |
| isc_boolean_t | dns_nsec3param_fromprivate (dns_rdata_t *src, dns_rdata_t *target, unsigned char *buf, size_t buflen) |
| Convert a private rdata to a nsec3param rdata. | |
| void | dns_nsec3param_toprivate (dns_rdata_t *src, dns_rdata_t *target, dns_rdatatype_t privatetype, unsigned char *buf, size_t buflen) |
| Convert a nsec3param rdata to a private rdata. | |
| isc_result_t | dns_nsec3param_deletechains (dns_db_t *db, dns_dbversion_t *ver, dns_zone_t *zone, isc_boolean_t nonsec, dns_diff_t *diff) |
| Mark NSEC3PARAM for deletion. | |
| isc_result_t | dns_nsec3_noexistnodata (dns_rdatatype_t type, dns_name_t *name, dns_name_t *nsec3name, dns_rdataset_t *nsec3set, dns_name_t *zonename, isc_boolean_t *exists, isc_boolean_t *data, isc_boolean_t *optout, isc_boolean_t *unknown, isc_boolean_t *setclosest, isc_boolean_t *setnearest, dns_name_t *closest, dns_name_t *nearest, dns_nseclog_t logit, void *arg) |
| #define DNS_NSEC3_SALTSIZE 255 |
| #define DNS_NSEC3_BUFFERSIZE (6 + 255 + 255 + 8192 + 512) |
Definition at line 37 of file nsec3.h.
Referenced by addnsec3(), dns_nsec3_addnsec3(), dns_nsec3_buildrdata(), and dns_nsec3_delnsec3().
| #define DNS_NSEC3PARAM_BUFFERSIZE (5 + 255) |
Definition at line 41 of file nsec3.h.
Referenced by add_nsec3param_records(), ATF_TC_BODY(), better_param(), dns_nsec3_activex(), dns_nsec3_addnsec3sx(), dns_nsec3_delnsec3sx(), dns_nsec3param_deletechains(), dns_private_chains(), dns_private_totext(), fixup_nsec3param(), get_iterations(), ignore(), make_nsec3(), resume_addnsec3chain(), save_nsec3param(), and update_action().
| #define DNS_NSEC3_UNKNOWNALG ((dns_hash_t)245U) |
Definition at line 46 of file nsec3.h.
Referenced by addnsec3(), addnsec3param(), check_nsec3param(), query_findclosestnsec3(), and setnsec3parameters().
| ISC_LANG_BEGINDECLS isc_result_t dns_nsec3_buildrdata | ( | dns_db_t * | db, | |
| dns_dbversion_t * | version, | |||
| dns_dbnode_t * | node, | |||
| unsigned int | hashalg, | |||
| unsigned int | optin, | |||
| unsigned int | iterations, | |||
| const unsigned char * | salt, | |||
| size_t | salt_length, | |||
| const unsigned char * | nexthash, | |||
| size_t | hash_length, | |||
| unsigned char * | buffer, | |||
| dns_rdata_t * | rdata | |||
| ) |
Build the rdata of a NSEC3 record for the data at 'node'. Note: 'node' is not the node where the NSEC3 record will be stored.
Requires: buffer Points to a temporary buffer of at least DNS_NSEC_BUFFERSIZE bytes. rdata Points to an initialized dns_rdata_t.
Ensures: *rdata Contains a valid NSEC3 rdata. The 'data' member refers to 'buffer'.
Definition at line 58 of file nsec3.c.
References isc_region::base, dns_db_allrdatasets(), dns_db_class(), dns_hash_sha1, DNS_NSEC3_BUFFERSIZE, dns_nsec_compressbitmap(), dns_nsec_isset(), dns_nsec_setbit(), dns_rdata_fromregion(), dns_rdataset_disassociate(), dns_rdataset_init(), dns_rdatasetiter_current(), dns_rdatasetiter_destroy(), dns_rdatasetiter_first(), dns_rdatasetiter_next(), dns_rdatatype_iszonecutauth(), INSIST, ISC_FALSE, ISC_R_NOMORE, ISC_R_SUCCESS, ISC_SHA1_DIGESTLENGTH, ISC_TRUE, isc_region::length, r, REQUIRE, and dns_rdataset::type.
Referenced by addnsec3(), and dns_nsec3_addnsec3().
| isc_boolean_t dns_nsec3_typepresent | ( | dns_rdata_t * | nsec, | |
| dns_rdatatype_t | type | |||
| ) |
Determine if a type is marked as present in an NSEC3 record.
Requires: 'nsec' points to a valid rdataset of type NSEC3
Definition at line 188 of file nsec3.c.
References dns_nsec_isset(), dns_rdata_freestruct(), dns_rdata_tostruct(), INSIST, ISC_FALSE, ISC_R_SUCCESS, ISC_TF, REQUIRE, and dns_rdata::type.
Referenced by dns_nsec3_noexistnodata(), and isdelegation().
| isc_result_t dns_nsec3_hashname | ( | dns_fixedname_t * | result, | |
| unsigned char | rethash[NSEC3_MAX_HASH_LENGTH], | |||
| size_t * | hash_length, | |||
| dns_name_t * | name, | |||
| dns_name_t * | origin, | |||
| dns_hash_t | hashalg, | |||
| unsigned int | iterations, | |||
| const unsigned char * | salt, | |||
| size_t | saltlength | |||
| ) |
Make a hashed domain name from an unhashed one. If rethash is not NULL the raw hash is stored there.
Definition at line 223 of file nsec3.c.
References isc_region::base, dns_fixedname_init, dns_fixedname_name, dns_name_downcase(), DNS_NAME_FORMATSIZE, dns_name_fromtext(), DNS_R_BADALG, fixed, hash, isc_base32hexnp_totext(), isc_buffer_init, isc_iterated_hash(), isc_region::length, dns_name::length, and dns_name::ndata.
Referenced by addnsec3(), dns_nsec3_addnsec3(), dns_nsec3_delnsec3(), isoptout(), query_findclosestnsec3(), set_nsec3params(), and verifynsec3().
| unsigned int dns_nsec3_hashlength | ( | dns_hash_t | hash | ) |
Return the length of the hash produced by the specified algorithm or zero when unknown.
Definition at line 269 of file nsec3.c.
References dns_hash_sha1, and ISC_SHA1_DIGESTLENGTH.
Referenced by main().
| isc_boolean_t dns_nsec3_supportedhash | ( | dns_hash_t | hash | ) |
Return whether we support this hash algorithm or not.
Definition at line 279 of file nsec3.c.
References dns_hash_sha1, ISC_FALSE, and ISC_TRUE.
Referenced by check_nsec3param(), dns_nsec3_noexistnodata(), setnsec3parameters(), and verifynsec3().
| isc_result_t dns_nsec3_addnsec3 | ( | dns_db_t * | db, | |
| dns_dbversion_t * | version, | |||
| dns_name_t * | name, | |||
| const dns_rdata_nsec3param_t * | nsec3param, | |||
| dns_ttl_t | nsecttl, | |||
| isc_boolean_t | unsecure, | |||
| dns_diff_t * | diff | |||
| ) |
Definition at line 506 of file nsec3.c.
References addnsec3(), buffer, CHECK, CREATE, dns_db_createiterator(), dns_db_detachnode(), dns_db_findnode(), dns_db_findnsec3node(), dns_db_findrdataset(), DNS_DB_NSEC3ONLY, dns_db_origin(), dns_dbiterator_current(), dns_dbiterator_destroy(), dns_dbiterator_last(), dns_dbiterator_pause(), dns_dbiterator_prev(), dns_dbiterator_seek(), DNS_DIFFOP_ADD, dns_difftuple_create(), dns_fixedname_init, dns_fixedname_name, dns_name_clone(), dns_name_countlabels(), dns_name_getlabelsequence(), dns_name_init(), DNS_NSEC3_BUFFERSIZE, dns_nsec3_buildrdata(), dns_nsec3_delnsec3(), dns_nsec3_hashname(), dns_rdata_fromstruct(), DNS_RDATA_INIT, dns_rdata_reset(), dns_rdataset_disassociate(), dns_rdataset_init(), dns_rdataset_isassociated(), do_one_tuple(), find_nsec3(), fixed, hash, INSIST, isc_buffer_init, ISC_FALSE, ISC_R_NOMORE, ISC_R_SUCCESS, ISC_TRUE, dns_diff::mctx, name_exists(), NSEC3_MAX_HASH_LENGTH, OPTOUT, origin, dns_rdataset::rdclass, salt_length, and dns_rdataset::ttl.
Referenced by dns_nsec3_addnsec3s(), dns_nsec3_addnsec3sx(), and zone_nsec3chain().
| isc_result_t dns_nsec3_addnsec3s | ( | dns_db_t * | db, | |
| dns_dbversion_t * | version, | |||
| dns_name_t * | name, | |||
| dns_ttl_t | nsecttl, | |||
| isc_boolean_t | unsecure, | |||
| dns_diff_t * | diff | |||
| ) |
Add NSEC3 records for "name", recording the change in "diff". The existing NSEC3 records are removed.
Definition at line 868 of file nsec3.c.
References CHECK, dns_db_detachnode(), dns_db_findrdataset(), dns_db_getoriginnode(), dns_nsec3_addnsec3(), DNS_RDATA_INIT, dns_rdata_tostruct(), dns_rdataset_current(), dns_rdataset_disassociate(), dns_rdataset_first(), dns_rdataset_init(), dns_rdataset_isassociated(), dns_rdataset_next(), ISC_R_NOMORE, ISC_R_NOTFOUND, and ISC_R_SUCCESS.
Referenced by sign_a_node(), updatesignwithkey(), and zone_nsec3chain().
| isc_result_t dns_nsec3_addnsec3sx | ( | dns_db_t * | db, | |
| dns_dbversion_t * | version, | |||
| dns_name_t * | name, | |||
| dns_ttl_t | nsecttl, | |||
| isc_boolean_t | unsecure, | |||
| dns_rdatatype_t | private, | |||
| dns_diff_t * | diff | |||
| ) |
Add NSEC3 records for 'name', recording the change in 'diff'. Adjust previous NSEC3 records, if any, to reflect the addition. The existing NSEC3 records are removed.
dns_nsec3_addnsec3() will only add records to the chain identified by 'nsec3param'.
'unsecure' should be set to reflect if this is a potentially unsecure delegation (no DS record).
dns_nsec3_addnsec3s() will examine the NSEC3PARAM RRset to determine which chains to be updated. NSEC3PARAM records with the DNS_NSEC3FLAG_CREATE will be preferentially chosen over NSEC3PARAM records without DNS_NSEC3FLAG_CREATE set. NSEC3PARAM records with DNS_NSEC3FLAG_REMOVE set will be ignored by dns_nsec3_addnsec3s(). If DNS_NSEC3FLAG_CREATE is set then the new NSEC3 will have OPTOUT set to match the that in the NSEC3PARAM record otherwise OPTOUT will be inherited from the previous record in the chain.
dns_nsec3_addnsec3sx() is similar to dns_nsec3_addnsec3s() but 'private' specifies the type of the private rdataset to be checked in addition to the nsec3param rdataset at the zone apex.
Requires: 'db' to be valid. 'version' to be valid or NULL. 'name' to be valid. 'nsec3param' to be valid. 'diff' to be valid.
Definition at line 1143 of file nsec3.c.
References better_param(), CHECK, dns_db_detachnode(), dns_db_findrdataset(), dns_db_getoriginnode(), dns_nsec3_addnsec3(), DNS_NSEC3PARAM_BUFFERSIZE, dns_nsec3param_fromprivate(), DNS_RDATA_INIT, dns_rdata_tostruct(), dns_rdataset_current(), dns_rdataset_disassociate(), dns_rdataset_first(), dns_rdataset_init(), dns_rdataset_isassociated(), dns_rdataset_next(), ISC_R_NOMORE, ISC_R_NOTFOUND, and ISC_R_SUCCESS.
Referenced by dns_update_signaturesinc().
| isc_result_t dns_nsec3_delnsec3 | ( | dns_db_t * | db, | |
| dns_dbversion_t * | version, | |||
| dns_name_t * | name, | |||
| const dns_rdata_nsec3param_t * | nsec3param, | |||
| dns_diff_t * | diff | |||
| ) |
Definition at line 1283 of file nsec3.c.
References buffer, CHECK, CREATE, deleteit(), dns_db_createiterator(), dns_db_detachnode(), dns_db_findrdataset(), DNS_DB_NSEC3ONLY, dns_db_origin(), dns_dbiterator_current(), dns_dbiterator_destroy(), dns_dbiterator_last(), dns_dbiterator_pause(), dns_dbiterator_prev(), dns_dbiterator_seek(), DNS_DIFFOP_ADD, dns_difftuple_create(), dns_fixedname_init, dns_fixedname_name, dns_name_clone(), dns_name_countlabels(), dns_name_getlabelsequence(), dns_name_init(), DNS_NSEC3_BUFFERSIZE, dns_nsec3_hashname(), dns_rdata_fromstruct(), DNS_RDATA_INIT, dns_rdata_reset(), dns_rdataset_disassociate(), dns_rdataset_init(), dns_rdataset_isassociated(), do_one_tuple(), find_nsec3(), fixed, hash, INSIST, isc_buffer_init, ISC_R_NOMORE, ISC_R_NOTFOUND, ISC_R_SUCCESS, dns_diff::mctx, NSEC3_MAX_HASH_LENGTH, origin, dns_rdataset::rdclass, salt_length, and dns_rdataset::ttl.
Referenced by dns_nsec3_addnsec3(), and dns_nsec3_delnsec3sx().
| isc_result_t dns_nsec3_delnsec3s | ( | dns_db_t * | db, | |
| dns_dbversion_t * | version, | |||
| dns_name_t * | name, | |||
| dns_diff_t * | diff | |||
| ) |
| isc_result_t dns_nsec3_delnsec3sx | ( | dns_db_t * | db, | |
| dns_dbversion_t * | version, | |||
| dns_name_t * | name, | |||
| dns_rdatatype_t | private, | |||
| dns_diff_t * | diff | |||
| ) |
Remove NSEC3 records for 'name', recording the change in 'diff'. Adjust previous NSEC3 records, if any, to reflect the removal.
dns_nsec3_delnsec3() performs the above for the chain identified by 'nsec3param'.
dns_nsec3_delnsec3s() examines the NSEC3PARAM RRset in a similar manner to dns_nsec3_addnsec3s(). Unlike dns_nsec3_addnsec3s() updated NSEC3 records have the OPTOUT flag preserved.
dns_nsec3_delnsec3sx() is similar to dns_nsec3_delnsec3s() but 'private' specifies the type of the private rdataset to be checked in addition to the nsec3param rdataset at the zone apex.
Requires: 'db' to be valid. 'version' to be valid or NULL. 'name' to be valid. 'nsec3param' to be valid. 'diff' to be valid.
Definition at line 1551 of file nsec3.c.
References better_param(), CHECK, dns_db_detachnode(), dns_db_findrdataset(), dns_db_getoriginnode(), dns_nsec3_delnsec3(), DNS_NSEC3PARAM_BUFFERSIZE, dns_nsec3param_fromprivate(), DNS_RDATA_INIT, dns_rdata_tostruct(), dns_rdataset_current(), dns_rdataset_disassociate(), dns_rdataset_first(), dns_rdataset_init(), dns_rdataset_isassociated(), dns_rdataset_next(), ISC_R_NOMORE, ISC_R_NOTFOUND, and ISC_R_SUCCESS.
Referenced by dns_nsec3_delnsec3s(), and dns_update_signaturesinc().
| isc_result_t dns_nsec3_active | ( | dns_db_t * | db, | |
| dns_dbversion_t * | version, | |||
| isc_boolean_t | complete, | |||
| isc_boolean_t * | answer | |||
| ) |
| isc_result_t dns_nsec3_activex | ( | dns_db_t * | db, | |
| dns_dbversion_t * | version, | |||
| isc_boolean_t | complete, | |||
| dns_rdatatype_t | private, | |||
| isc_boolean_t * | answer | |||
| ) |
Check if there are any complete/to be built NSEC3 chains. If 'complete' is ISC_TRUE only complete chains will be recognized.
dns_nsec3_activex() is similar to dns_nsec3_active() but 'private' specifies the type of the private rdataset to be checked in addition to the nsec3param rdataset at the zone apex.
Requires: 'db' to be valid. 'version' to be valid or NULL. 'answer' to be non NULL.
Definition at line 1653 of file nsec3.c.
References CREATE, dns_db_detachnode(), dns_db_findrdataset(), dns_db_getoriginnode(), DNS_NSEC3PARAM_BUFFERSIZE, dns_nsec3param_fromprivate(), DNS_RDATA_INIT, dns_rdata_tostruct(), dns_rdataset_current(), dns_rdataset_disassociate(), dns_rdataset_first(), dns_rdataset_init(), dns_rdataset_next(), ISC_FALSE, ISC_R_NOMORE, ISC_R_NOTFOUND, ISC_R_SUCCESS, ISC_TRUE, REQUIRE, and RUNTIME_CHECK.
Referenced by check_dnssec(), dns_nsec3_active(), and dnskey_sane().
| isc_result_t dns_nsec3_maxiterations | ( | dns_db_t * | db, | |
| dns_dbversion_t * | version, | |||
| isc_mem_t * | mctx, | |||
| unsigned int * | iterationsp | |||
| ) |
Find the maximum permissible number of iterations allowed based on the key strength.
Requires: 'db' to be valid. 'version' to be valid or NULL. 'mctx' to be valid. 'iterationsp' to be non NULL.
Definition at line 1749 of file nsec3.c.
References buffer, CHECK, dns_rdata::data, dns_db_detachnode(), dns_db_findrdataset(), dns_db_getoriginnode(), dns_db_origin(), DNS_RDATA_INIT, dns_rdataset_current(), dns_rdataset_disassociate(), dns_rdataset_first(), dns_rdataset_init(), dns_rdataset_isassociated(), dns_rdataset_next(), dst_key_free(), dst_key_fromdns(), dst_key_size(), isc_buffer_add, isc_buffer_init, ISC_R_NOMORE, ISC_R_NOTFOUND, ISC_R_SUCCESS, key, dns_rdata::length, and dns_rdataset::rdclass.
Referenced by check_dnssec(), and main().
| isc_boolean_t dns_nsec3param_fromprivate | ( | dns_rdata_t * | src, | |
| dns_rdata_t * | target, | |||
| unsigned char * | buf, | |||
| size_t | buflen | |||
| ) |
Convert a private rdata to a nsec3param rdata.
Return ISC_TRUE if 'src' could be successfully converted.
'buf' should be at least DNS_NSEC3PARAM_BUFFERSIZE in size.
Definition at line 927 of file nsec3.c.
References dns_rdata::data, dns_decompress_init(), dns_decompress_invalidate(), DNS_DECOMPRESS_NONE, dns_rdata_fromwire(), isc_buffer_add, isc_buffer_init, isc_buffer_setactive, ISC_FALSE, ISC_R_SUCCESS, ISC_TF, dns_rdata::length, and dns_rdata::rdclass.
Referenced by better_param(), dns_nsec3_activex(), dns_nsec3_addnsec3sx(), dns_nsec3_delnsec3sx(), dns_private_chains(), dns_private_totext(), fixup_nsec3param(), get_iterations(), ignore(), resume_addnsec3chain(), save_nsec3param(), and update_action().
| void dns_nsec3param_toprivate | ( | dns_rdata_t * | src, | |
| dns_rdata_t * | target, | |||
| dns_rdatatype_t | privatetype, | |||
| unsigned char * | buf, | |||
| size_t | buflen | |||
| ) |
Convert a nsec3param rdata to a private rdata.
'buf' should be at least src->length + 1 in size.
Definition at line 956 of file nsec3.c.
References dns_rdata::data, DNS_RDATA_INITIALIZED, dns_rdata::flags, ISC_LINK_INIT, dns_rdata::length, dns_rdata::rdclass, REQUIRE, and dns_rdata::type.
Referenced by add_nsec3param_records(), dns_nsec3param_deletechains(), make_nsec3(), and save_nsec3param().
| isc_result_t dns_nsec3param_deletechains | ( | dns_db_t * | db, | |
| dns_dbversion_t * | ver, | |||
| dns_zone_t * | zone, | |||
| isc_boolean_t | nonsec, | |||
| dns_diff_t * | diff | |||
| ) |
Mark NSEC3PARAM for deletion.
Definition at line 1018 of file nsec3.c.
References CHECK, dns_rdata::data, dns_db_detachnode(), dns_db_findrdataset(), dns_db_getoriginnode(), DNS_DIFFOP_ADD, DNS_DIFFOP_DEL, dns_difftuple_create(), dns_name_init(), DNS_NSEC3PARAM_BUFFERSIZE, dns_nsec3param_toprivate(), DNS_RDATA_INIT, dns_rdata_reset(), dns_rdataset_current(), dns_rdataset_disassociate(), dns_rdataset_first(), dns_rdataset_init(), dns_rdataset_isassociated(), dns_rdataset_next(), dns_zone_getorigin(), dns_zone_getprivatetype(), do_one_tuple(), INSIST, ISC_R_NOMORE, ISC_R_NOTFOUND, ISC_R_SUCCESS, dns_rdata::length, dns_diff::mctx, origin, privatetype, rr_exists(), and dns_rdataset::ttl.
Referenced by update_action().
| isc_result_t dns_nsec3_noexistnodata | ( | dns_rdatatype_t | type, | |
| dns_name_t * | name, | |||
| dns_name_t * | nsec3name, | |||
| dns_rdataset_t * | nsec3set, | |||
| dns_name_t * | zonename, | |||
| isc_boolean_t * | exists, | |||
| isc_boolean_t * | data, | |||
| isc_boolean_t * | optout, | |||
| isc_boolean_t * | unknown, | |||
| isc_boolean_t * | setclosest, | |||
| isc_boolean_t * | setnearest, | |||
| dns_name_t * | closest, | |||
| dns_name_t * | nearest, | |||
| dns_nseclog_t | logit, | |||
| void * | arg | |||
| ) |
Definition at line 1807 of file nsec3.c.
References answer, buffer, dns_fixedname_init, dns_fixedname_name, dns_name_copy(), dns_name_countlabels(), dns_name_downcase(), dns_name_equal(), dns_name_format(), DNS_NAME_FORMATSIZE, dns_name_getlabel(), dns_name_issubdomain(), dns_name_split(), dns_nsec3_supportedhash(), dns_nsec3_typepresent(), DNS_RDATA_INIT, dns_rdata_tostruct(), dns_rdataset_current(), dns_rdataset_first(), dns_rdatatype_atparent(), hash, isc_base32hex_decoderegion(), isc_buffer_init, isc_buffer_usedlength, ISC_FALSE, isc_iterated_hash(), ISC_LOG_DEBUG, ISC_R_IGNORE, ISC_R_SUCCESS, isc_region_consume, ISC_TF, ISC_TRUE, dns_name::length, namebuf, dns_name::ndata, NSEC3_MAX_HASH_LENGTH, REQUIRE, dns_rdataset::type, and zone.
Referenced by checkwildcard(), findnoqname(), and findnsec3proofs().