nsec.h File Reference

#include <isc/lang.h>
#include <dns/types.h>
#include <dns/name.h>

Go to the source code of this file.

Defines

#define DNS_NSEC_H   1
#define DNS_NSEC_BUFFERSIZE   (DNS_NAME_MAXWIRE + 8192 + 512)

Functions

ISC_LANG_BEGINDECLS isc_result_t dns_nsec_buildrdata (dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, dns_name_t *target, unsigned char *buffer, dns_rdata_t *rdata)
 Build the rdata of a NSEC record.
isc_result_t dns_nsec_build (dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, dns_name_t *target, dns_ttl_t ttl)
 Build a NSEC record and add it to a database.
isc_boolean_t dns_nsec_typepresent (dns_rdata_t *nsec, dns_rdatatype_t type)
 Determine if a type is marked as present in an NSEC record.
isc_result_t dns_nsec_nseconly (dns_db_t *db, dns_dbversion_t *version, isc_boolean_t *answer)
unsigned int dns_nsec_compressbitmap (unsigned char *map, const unsigned char *raw, unsigned int max_type)
 Convert a raw bitmap into a compressed windowed bit map. 'map' and 'raw' may overlap.
void dns_nsec_setbit (unsigned char *array, unsigned int type, unsigned int bit)
 Set type bit in raw 'array' to 'bit'.
isc_boolean_t dns_nsec_isset (const unsigned char *array, unsigned int type)
 Test if the corresponding 'type' bit is set in 'array'.
isc_result_t dns_nsec_noexistnodata (dns_rdatatype_t type, dns_name_t *name, dns_name_t *nsecname, dns_rdataset_t *nsecset, isc_boolean_t *exists, isc_boolean_t *data, dns_name_t *wild, dns_nseclog_t log, void *arg)
 Return ISC_R_SUCCESS if we can determine that the name doesn't exist or we can determine whether there is data or not at the name. If the name does not exist return the wildcard name.


Detailed Description

Definition in file nsec.h.


Define Documentation

#define DNS_NSEC_H   1

Definition at line 21 of file nsec.h.

#define DNS_NSEC_BUFFERSIZE   (DNS_NAME_MAXWIRE + 8192 + 512)

Definition at line 30 of file nsec.h.

Referenced by add_nsec(), dns_nsec_build(), dns_nsec_buildrdata(), and verifynsec().


Function Documentation

ISC_LANG_BEGINDECLS isc_result_t dns_nsec_buildrdata ( dns_db_t db,
dns_dbversion_t version,
dns_dbnode_t node,
dns_name_t target,
unsigned char *  buffer,
dns_rdata_t rdata 
)

Build the rdata of a NSEC record.

Requires:

Ensures:

Definition at line 103 of file nsec.c.

References isc_region::base, dns_db_allrdatasets(), dns_db_class(), dns_name_toregion(), DNS_NSEC_BUFFERSIZE, dns_nsec_compressbitmap(), dns_nsec_isset(), dns_nsec_setbit(), dns_rdata_fromregion(), dns_rdataset_disassociate(), dns_rdataset_init(), dns_rdatasetiter_current(), dns_rdatasetiter_destroy(), dns_rdatasetiter_first(), dns_rdatasetiter_next(), dns_rdatatype_iszonecutauth(), INSIST, ISC_R_NOMORE, ISC_R_SUCCESS, isc_region::length, r, and dns_rdataset::type.

Referenced by add_nsec(), dns_nsec_build(), and verifynsec().

isc_result_t dns_nsec_build ( dns_db_t db,
dns_dbversion_t version,
dns_dbnode_t node,
dns_name_t target,
dns_ttl_t  ttl 
)

Build a NSEC record and add it to a database.

Definition at line 178 of file nsec.c.

References dns_db_addrdataset(), dns_db_class(), DNS_NSEC_BUFFERSIZE, dns_nsec_buildrdata(), DNS_R_UNCHANGED, dns_rdata_init(), DNS_RDATA_INIT, dns_rdatalist_init(), dns_rdatalist_tordataset(), dns_rdataset_disassociate(), dns_rdataset_init(), dns_rdataset_isassociated(), ISC_LIST_APPEND, ISC_R_SUCCESS, dns_rdatalist::rdclass, RETERR, dns_rdatalist::ttl, and dns_rdatalist::type.

Referenced by nsecify().

isc_boolean_t dns_nsec_typepresent ( dns_rdata_t nsec,
dns_rdatatype_t  type 
)

Determine if a type is marked as present in an NSEC record.

Requires:

Definition at line 210 of file nsec.c.

References dns_nsec_isset(), dns_rdata_freestruct(), dns_rdata_tostruct(), INSIST, ISC_FALSE, ISC_R_SUCCESS, ISC_TF, REQUIRE, and dns_rdata::type.

Referenced by dns_nsec_noexistnodata(), isdelegation(), validate_authority(), validate_ncache(), and view_find().

isc_result_t dns_nsec_nseconly ( dns_db_t db,
dns_dbversion_t version,
isc_boolean_t answer 
)

Definition at line 245 of file nsec.c.

References dns_db_detachnode(), dns_db_findrdataset(), dns_db_getoriginnode(), DNS_RDATA_INIT, dns_rdata_tostruct(), dns_rdataset_current(), dns_rdataset_disassociate(), dns_rdataset_first(), dns_rdataset_init(), dns_rdataset_next(), DST_ALG_DSA, DST_ALG_ECC, DST_ALG_RSAMD5, DST_ALG_RSASHA1, ISC_FALSE, ISC_R_NOMORE, ISC_R_NOTFOUND, ISC_R_SUCCESS, ISC_TRUE, REQUIRE, and RUNTIME_CHECK.

Referenced by add_nsec3param_records(), check_dnssec(), dnskey_sane(), fixup_nsec3param(), main(), resume_addnsec3chain(), and zone_addnsec3chain().

unsigned int dns_nsec_compressbitmap ( unsigned char *  map,
const unsigned char *  raw,
unsigned int  max_type 
)

Convert a raw bitmap into a compressed windowed bit map. 'map' and 'raw' may overlap.

Returns the length of the compressed windowed bit map.

Definition at line 70 of file nsec.c.

References start.

Referenced by dns_nsec3_buildrdata(), dns_nsec_buildrdata(), and match_nsec3().

void dns_nsec_setbit ( unsigned char *  array,
unsigned int  type,
unsigned int  bit 
)

Set type bit in raw 'array' to 'bit'.

Definition at line 46 of file nsec.c.

Referenced by dns_nsec3_buildrdata(), dns_nsec_buildrdata(), and verifynode().

isc_boolean_t dns_nsec_isset ( const unsigned char *  array,
unsigned int  type 
)

Test if the corresponding 'type' bit is set in 'array'.

Definition at line 59 of file nsec.c.

References ISC_TF.

Referenced by dns_nsec3_buildrdata(), dns_nsec3_typepresent(), dns_nsec_buildrdata(), dns_nsec_typepresent(), and verifynsec3().

isc_result_t dns_nsec_noexistnodata ( dns_rdatatype_t  type,
dns_name_t name,
dns_name_t nsecname,
dns_rdataset_t nsecset,
isc_boolean_t exists,
isc_boolean_t data,
dns_name_t wild,
dns_nseclog_t  logit,
void *  arg 
)

Return ISC_R_SUCCESS if we can determine that the name doesn't exist or we can determine whether there is data or not at the name. If the name does not exist return the wildcard name.

Return ISC_R_IGNORE when the NSEC is not the appropriate one.

Definition at line 302 of file nsec.c.

References dns_name_concatenate(), dns_name_countlabels(), dns_name_fullcompare(), dns_name_getlabelsequence(), dns_name_init(), dns_name_issubdomain(), dns_namereln_subdomain, dns_nsec_typepresent(), dns_rdata_freestruct(), DNS_RDATA_INIT, dns_rdata_tostruct(), dns_rdataset_current(), dns_rdataset_first(), dns_rdatatype_atparent(), dns_wildcardname, ISC_FALSE, ISC_LOG_DEBUG, ISC_R_IGNORE, ISC_R_SUCCESS, ISC_TRUE, REQUIRE, and dns_rdataset::type.

Referenced by authvalidated(), checkwildcard(), and findnoqname().


Generated on Tue Apr 28 17:41:09 2015 by Doxygen 1.5.4 for BIND9 Internals 9.11.0pre-alpha