dnssectool.h File Reference

#include <isc/log.h>
#include <isc/stdtime.h>
#include <dns/rdatastruct.h>
#include <dst/dst.h>

Go to the source code of this file.


#define DNSSECTOOL_H   1
#define check_dns_dbiterator_current(result)
#define TYPE_FORMATSIZE   20


typedef void( fatalcallback_t )(void)


ISC_PLATFORM_NORETURN_PRE void fatal (const char *format,...) ISC_FORMAT_PRINTF(1
void setfatalcallback (fatalcallback_t *callback)
void check_result (isc_result_t result, const char *message)
void vbprintf (int level, const char *fmt,...) ISC_FORMAT_PRINTF(2
void void version (const char *program)
void type_format (const dns_rdatatype_t type, char *cp, unsigned int size)
void sig_format (dns_rdata_rrsig_t *sig, char *cp, unsigned int size)
void setup_logging (isc_mem_t *mctx, isc_log_t **logp)
void cleanup_logging (isc_log_t **logp)
void setup_entropy (isc_mem_t *mctx, const char *randomfile, isc_entropy_t **ectx)
void cleanup_entropy (isc_entropy_t **ectx)
dns_ttl_t strtottl (const char *str)
isc_stdtime_t strtotime (const char *str, isc_int64_t now, isc_int64_t base, isc_boolean_t *setp)
dns_rdataclass_t strtoclass (const char *str)
isc_result_t try_dir (const char *dirname)
void check_keyversion (dst_key_t *key, char *keystr)
void set_keyversion (dst_key_t *key)
isc_boolean_t key_collision (dst_key_t *key, dns_name_t *name, const char *dir, isc_mem_t *mctx, isc_boolean_t *exact)
isc_boolean_t is_delegation (dns_db_t *db, dns_dbversion_t *ver, dns_name_t *origin, dns_name_t *name, dns_dbnode_t *node, isc_uint32_t *ttlp)
void verifyzone (dns_db_t *db, dns_dbversion_t *ver, dns_name_t *origin, isc_mem_t *mctx, isc_boolean_t ignore_kskflag, isc_boolean_t keyset_kskonly)
 Verify that certain things are sane:.



Define Documentation

#define DNSSECTOOL_H   1

Definition at line 21 of file dnssectool.h.

#define check_dns_dbiterator_current ( result   ) 


check_result((result == DNS_R_NEWORIGIN) ? ISC_R_SUCCESS : result, \

Definition at line 28 of file dnssectool.h.

Referenced by assignwork(), cleanup_zone(), nsec3ify(), nsecify(), signapex(), and verifyzone().

#define TYPE_FORMATSIZE   20

Definition at line 53 of file dnssectool.h.

Referenced by rrset_cleanup(), and signset().


Definition at line 57 of file dnssectool.h.

Referenced by signset().

Typedef Documentation

typedef void( fatalcallback_t)(void)

Definition at line 33 of file dnssectool.h.

Function Documentation

ISC_PLATFORM_NORETURN_PRE void fatal ( const char *  format,

void setfatalcallback ( fatalcallback_t callback  ) 

Definition at line 101 of file dnssectool.c.

Referenced by main().

void check_result ( isc_result_t  result,
const char *  message 

Definition at line 574 of file dighost.c.

References fatal(), ISC_R_SUCCESS, and isc_result_totext().

Referenced by active_node(), add_ds(), add_opt(), add_question(), addnowildcardhash(), addnsec3(), addnsec3param(), bringup_timer(), build_final_keylist(), chase_cnamechain(), check_for_more_data(), check_no_rrsig(), check_tsig_error(), cleannode(), cleanup_zone(), destroy_libs(), dumpnode(), fetch_callback(), followup_lookup(), get_soa_ttls(), goodsig(), innsec3params(), insert_soa(), is_empty(), isoptout(), launch_next_query(), loadds(), loadkeyset(), loadzone(), main(), make_prereq(), match_nsec3(), nsec3clean(), nsec3ify(), nsecify(), opendb(), parse_name(), parse_rdata(), presign(), printa(), printmessage(), printrdata(), printsoa(), record_found(), recv_done(), recvsoa(), remove_records(), remove_sigs(), reset_system(), rrset_cleanup(), save_opt(), say_message(), send_tcp_connect(), send_udp(), send_update(), sendrequest(), set_nsec3params(), setsoaserial(), setup_keystr(), setup_libs(), setup_logging(), setup_lookup(), setup_system(), setup_text_key(), setzone(), short_answer(), show_message(), show_settings(), signapex(), signname(), signset(), signwithkey(), start_lookup(), start_update(), tcp_length_done(), type_format(), update_addordelete(), update_completed(), verifynode(), verifynsec(), verifynsec3(), verifyset(), verifyzone(), warnifallksk(), and writeset().

void vbprintf ( int  level,
const char *  fmt,

void void version ( const char *  program  ) 

Definition at line 123 of file dnssectool.c.

References VERSION.

void type_format ( const dns_rdatatype_t  type,
char *  cp,
unsigned int  size 

Definition at line 129 of file dnssectool.c.

References isc_region::base, check_result(), dns_rdatatype_totext(), isc_buffer_init, isc_buffer_usedregion, isc_region::length, and r.

Referenced by check_no_rrsig(), rrset_cleanup(), signset(), and verifyset().

void sig_format ( dns_rdata_rrsig_t *  sig,
char *  cp,
unsigned int  size 

Definition at line 142 of file dnssectool.c.

References dns_name_format(), DNS_NAME_FORMATSIZE, and dns_secalg_format().

Referenced by signset().

void setup_logging ( isc_mem_t mctx,
isc_log_t **  logp 

Definition at line 152 of file dnssectool.c.

References check_result(), dns_log_init(), dns_log_setcontext(), isc_logdestination::file, isc_log_create(), isc_log_createchannel(), ISC_LOG_DEBUG, ISC_LOG_INFO, ISC_LOG_PRINTLEVEL, ISC_LOG_PRINTTAG, ISC_LOG_ROLLNEVER, isc_log_setcontext(), isc_log_settag(), ISC_LOG_TOFILEDESC, isc_log_usechannel(), ISC_LOG_WARNING, ISC_R_SUCCESS, isc_logfile::maximum_size, isc_logfile::name, program, RUNTIME_CHECK, isc_logfile::stream, verbose, and isc_logfile::versions.

void cleanup_logging ( isc_log_t **  logp  ) 

Definition at line 208 of file dnssectool.c.

References dns_log_setcontext(), isc_log_destroy(), isc_log_setcontext(), and REQUIRE.

Referenced by main().

void setup_entropy ( isc_mem_t mctx,
const char *  randomfile,
isc_entropy_t **  ectx 

Definition at line 223 of file dnssectool.c.

References fatal(), isc_entropy_create(), ISC_ENTROPY_KEYBOARDMAYBE, ISC_ENTROPY_KEYBOARDYES, isc_entropy_usebestsource(), ISC_LINK_INIT, ISC_LIST_APPEND, ISC_LIST_INIT, isc_mem_get, ISC_R_SUCCESS, isc_result_totext(), entropysource::mctx, REQUIRE, entropysource::source, and sources.

Referenced by main(), parse_args(), and setup_system().

void cleanup_entropy ( isc_entropy_t **  ectx  ) 

Definition at line 262 of file dnssectool.c.

References isc_entropy_destroysource(), isc_entropy_detach(), ISC_LIST_EMPTY, ISC_LIST_HEAD, ISC_LIST_UNLINK, isc_mem_put, entropysource::mctx, entropysource::source, and sources.

Referenced by doshutdown(), and main().

dns_ttl_t strtottl ( const char *  str  ) 

Definition at line 314 of file dnssectool.c.

References fatal(), isnone(), time_units(), and ttl.

Referenced by main().

isc_stdtime_t strtotime ( const char *  str,
isc_int64_t  now,
isc_int64_t  base,
isc_boolean_t setp 

Definition at line 330 of file dnssectool.c.

References dns_time64_fromtext(), fatal(), ISC_FALSE, ISC_R_SUCCESS, isc_result_totext(), ISC_TRUE, isnone(), and time_units().

Referenced by main().

dns_rdataclass_t strtoclass ( const char *  str  ) 

Definition at line 396 of file dnssectool.c.

References isc_textregion::base, DE_CONST, dns_rdataclass_fromtext(), fatal(), ISC_R_SUCCESS, isc_textregion::length, r, and rdclass.

Referenced by main().

isc_result_t try_dir ( const char *  dirname  ) 

Definition at line 412 of file dnssectool.c.

References isc_dir_close(), isc_dir_init(), isc_dir_open(), and ISC_R_SUCCESS.

Referenced by main().

void check_keyversion ( dst_key_t key,
char *  keystr 

Definition at line 428 of file dnssectool.c.

References dst_key_getprivateformat(), DST_MAJOR_VERSION, DST_MINOR_VERSION, fatal(), and INSIST.

Referenced by main().

void set_keyversion ( dst_key_t key  ) 

Definition at line 444 of file dnssectool.c.

References dst_key_getprivateformat(), dst_key_setprivateformat(), dst_key_settime(), DST_MAJOR_VERSION, DST_MINOR_VERSION, DST_TIME_CREATED, INSIST, isc_stdtime_get(), and now.

Referenced by main().

isc_boolean_t key_collision ( dst_key_t key,
dns_name_t name,
const char *  dir,
isc_mem_t mctx,
isc_boolean_t exact 

Definition at line 465 of file dnssectool.c.

References dns_dnssec_findmatchingkeys(), dns_dnsseckey_destroy(), dst_key_alg(), dst_key_id(), dst_key_rid(), ISC_FALSE, ISC_LIST_EMPTY, ISC_LIST_HEAD, ISC_LIST_INIT, ISC_LIST_UNLINK, ISC_R_NOTFOUND, ISC_TRUE, dns_dnsseckey::key, key, and verbose.

Referenced by main().

isc_boolean_t is_delegation ( dns_db_t db,
dns_dbversion_t ver,
dns_name_t origin,
dns_name_t name,
dns_dbnode_t node,
isc_uint32_t ttlp 

Definition at line 528 of file dnssectool.c.

References dns_db_findrdataset(), dns_name_equal(), dns_rdataset_disassociate(), dns_rdataset_init(), dns_rdataset_isassociated(), ISC_FALSE, ISC_R_SUCCESS, ISC_TF, and dns_rdataset::ttl.

Referenced by assignwork(), nsec3ify(), nsecify(), signname(), and verifyzone().

void verifyzone ( dns_db_t db,
dns_dbversion_t ver,
dns_name_t origin,
isc_mem_t mctx,
isc_boolean_t  ignore_kskflag,
isc_boolean_t  keyset_kskonly 

Verify that certain things are sane:.

The apex has a DNSKEY record with at least one KSK, and at least one ZSK if the -x flag was not used.

The DNSKEY record was signed with at least one of the KSKs in this set.

The rest of the zone was signed with at least one of the ZSKs present in the DNSKEY RRSET.

Definition at line 1453 of file dnssectool.c.

References buffer, chain_compare(), check_dns_dbiterator_current, check_no_nsec(), check_result(), dns_db_createiterator(), dns_db_detachnode(), dns_db_findnode(), dns_db_findrdataset(), DNS_DB_NONSEC3, DNS_DB_NSEC3ONLY, dns_dbiterator_current(), dns_dbiterator_destroy(), dns_dbiterator_first(), dns_dbiterator_next(), dns_dnssec_selfsigns(), dns_dnssec_signs(), dns_fixedname_init, dns_fixedname_name, DNS_KEYFLAG_KSK, DNS_KEYFLAG_REVOKE, DNS_KEYOWNER_ZONE, dns_name_copy(), dns_name_format(), DNS_NAME_FORMATSIZE, dns_name_issubdomain(), dns_rdata_freestruct(), DNS_RDATA_INIT, dns_rdata_reset(), dns_rdata_tostruct(), dns_rdata_totext(), dns_rdataset_current(), dns_rdataset_disassociate(), dns_rdataset_first(), dns_rdataset_init(), dns_rdataset_isassociated(), dns_rdataset_next(), dns_result_totext(), dns_secalg_format(), fatal(), is_delegation(), is_empty(), isc_buffer_init, isc_buffer_usedlength, ISC_FALSE, isc_heap_create(), isc_heap_destroy(), ISC_R_NOMORE, ISC_R_NOTFOUND, ISC_R_SUCCESS, ISC_R_UNSET, isc_result_totext(), ISC_TRUE, isdelegation(), name, namebuf, record_found(), verify_nsec3_chains(), verifyemptynodes(), and verifynode().

Referenced by main().

Variable Documentation


Definition at line 37 of file dnssectool.h.

Generated on Tue Apr 28 17:41:06 2015 by Doxygen 1.5.4 for BIND9 Internals 9.11.0pre-alpha