00001 /* 00002 * Copyright (C) 2004-2008, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") 00003 * Copyright (C) 1999-2001, 2003 Internet Software Consortium. 00004 * 00005 * Permission to use, copy, modify, and/or distribute this software for any 00006 * purpose with or without fee is hereby granted, provided that the above 00007 * copyright notice and this permission notice appear in all copies. 00008 * 00009 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 00010 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 00011 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 00012 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 00013 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 00014 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 00015 * PERFORMANCE OF THIS SOFTWARE. 00016 */ 00017 00018 /* $Id: nsec.h,v 1.14 2011/06/10 23:47:32 tbox Exp $ */ 00019 00020 #ifndef DNS_NSEC_H 00021 #define DNS_NSEC_H 1 00022 00023 /*! \file dns/nsec.h */ 00024 00025 #include <isc/lang.h> 00026 00027 #include <dns/types.h> 00028 #include <dns/name.h> 00029 00030 #define DNS_NSEC_BUFFERSIZE (DNS_NAME_MAXWIRE + 8192 + 512) 00031 00032 ISC_LANG_BEGINDECLS 00033 00034 isc_result_t 00035 dns_nsec_buildrdata(dns_db_t *db, dns_dbversion_t *version, 00036 dns_dbnode_t *node, dns_name_t *target, 00037 unsigned char *buffer, dns_rdata_t *rdata); 00038 /*%< 00039 * Build the rdata of a NSEC record. 00040 * 00041 * Requires: 00042 *\li buffer Points to a temporary buffer of at least 00043 * DNS_NSEC_BUFFERSIZE bytes. 00044 *\li rdata Points to an initialized dns_rdata_t. 00045 * 00046 * Ensures: 00047 * \li *rdata Contains a valid NSEC rdata. The 'data' member refers 00048 * to 'buffer'. 00049 */ 00050 00051 isc_result_t 00052 dns_nsec_build(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, 00053 dns_name_t *target, dns_ttl_t ttl); 00054 /*%< 00055 * Build a NSEC record and add it to a database. 00056 */ 00057 00058 isc_boolean_t 00059 dns_nsec_typepresent(dns_rdata_t *nsec, dns_rdatatype_t type); 00060 /*%< 00061 * Determine if a type is marked as present in an NSEC record. 00062 * 00063 * Requires: 00064 *\li 'nsec' points to a valid rdataset of type NSEC 00065 */ 00066 00067 isc_result_t 00068 dns_nsec_nseconly(dns_db_t *db, dns_dbversion_t *version, 00069 isc_boolean_t *answer); 00070 /* 00071 * Report whether the DNSKEY RRset has a NSEC only algorithm. Unknown 00072 * algorithms are assumed to support NSEC3. If DNSKEY is not found, 00073 * *answer is set to ISC_FALSE, and ISC_R_NOTFOUND is returned. 00074 * 00075 * Requires: 00076 * 'answer' to be non NULL. 00077 */ 00078 00079 unsigned int 00080 dns_nsec_compressbitmap(unsigned char *map, const unsigned char *raw, 00081 unsigned int max_type); 00082 /*%< 00083 * Convert a raw bitmap into a compressed windowed bit map. 'map' and 'raw' 00084 * may overlap. 00085 * 00086 * Returns the length of the compressed windowed bit map. 00087 */ 00088 00089 void 00090 dns_nsec_setbit(unsigned char *array, unsigned int type, unsigned int bit); 00091 /*%< 00092 * Set type bit in raw 'array' to 'bit'. 00093 */ 00094 00095 isc_boolean_t 00096 dns_nsec_isset(const unsigned char *array, unsigned int type); 00097 /*%< 00098 * Test if the corresponding 'type' bit is set in 'array'. 00099 */ 00100 00101 isc_result_t 00102 dns_nsec_noexistnodata(dns_rdatatype_t type, dns_name_t *name, 00103 dns_name_t *nsecname, dns_rdataset_t *nsecset, 00104 isc_boolean_t *exists, isc_boolean_t *data, 00105 dns_name_t *wild, dns_nseclog_t log, void *arg); 00106 /*% 00107 * Return ISC_R_SUCCESS if we can determine that the name doesn't exist 00108 * or we can determine whether there is data or not at the name. 00109 * If the name does not exist return the wildcard name. 00110 * 00111 * Return ISC_R_IGNORE when the NSEC is not the appropriate one. 00112 */ 00113 00114 ISC_LANG_ENDDECLS 00115 00116 #endif /* DNS_NSEC_H */