OpenDNSSEC-signer 1.2.1
|
#include "config.h"
#include "signer/denial.h"
#include "signer/hsm.h"
#include "signer/nsec3params.h"
#include "signer/rrset.h"
#include "signer/signconf.h"
#include "signer/stats.h"
#include <ldns/ldns.h>
#include <time.h>
Go to the source code of this file.
#define DOMAIN_STATUS_APEX 1 |
Definition at line 49 of file domain.h.
Referenced by domain_print(), domain_sign(), domain_update_status(), zonedata_add_rr(), zonedata_nsecify(), zonedata_nsecify3(), and zonedata_recover_from_backup().
#define DOMAIN_STATUS_AUTH 2 |
Definition at line 50 of file domain.h.
Referenced by domain_update_status().
#define DOMAIN_STATUS_DS 4 |
Definition at line 52 of file domain.h.
Referenced by domain_sign(), and domain_update_status().
#define DOMAIN_STATUS_ENT_AUTH 5 |
Definition at line 53 of file domain.h.
Referenced by zonedata_update().
#define DOMAIN_STATUS_ENT_GLUE 7 |
Definition at line 55 of file domain.h.
Referenced by zonedata_entize(), zonedata_nsecify3(), and zonedata_update().
#define DOMAIN_STATUS_ENT_NS 6 |
Definition at line 54 of file domain.h.
Referenced by zonedata_nsecify3(), and zonedata_update().
#define DOMAIN_STATUS_HASH 9 |
Definition at line 57 of file domain.h.
Referenced by domain_print_nsec().
#define DOMAIN_STATUS_NONE 0 |
Domain.
Definition at line 48 of file domain.h.
Referenced by denial_recover_from_backup(), domain_create(), domain_print(), domain_recover_from_backup(), domain_sign(), zonedata_entize(), zonedata_nsecify(), and zonedata_nsecify3().
#define DOMAIN_STATUS_NS 3 |
Definition at line 51 of file domain.h.
Referenced by domain_sign(), domain_update_status(), and zonedata_nsecify3().
#define DOMAIN_STATUS_OCCLUDED 8 |
Definition at line 56 of file domain.h.
Referenced by domain_print(), domain_sign(), domain_update_status(), zonedata_entize(), zonedata_nsecify(), and zonedata_nsecify3().
typedef struct domain_struct domain_type |
int domain_add_rr | ( | domain_type * | domain, |
ldns_rr * | rr | ||
) |
Add RR to domain.
[in] | domain | domain |
[in] | rr | RR |
Add RR to domain.
Definition at line 666 of file domain.c.
References domain_add_rrset(), domain_lookup_rrset(), domain_struct::name, rrset_add_rr(), rrset_create(), domain_struct::rrsets, se_log_assert, and se_log_error().
Referenced by zonedata_add_rr().
rrset_type* domain_add_rrset | ( | domain_type * | domain, |
rrset_type * | rrset, | ||
int | recover | ||
) |
Add a RRset to the domain.
[in] | domain | domain |
[in] | rrset | RRset |
[in] | recover | if true, don't update domain status |
Add RRset to domain.
Definition at line 191 of file domain.c.
References denial_struct::bitmap_changed, domain_struct::denial, domain_struct::name, rrset_struct::rr_type, domain_struct::rrsets, se_free(), se_log_assert, and se_log_error().
Referenced by domain_add_rr(), and domain_recover_rr_from_backup().
void domain_cancel_update | ( | domain_type * | domain | ) |
Cancel update.
[in] | domain | domain |
Cancel update.
Definition at line 517 of file domain.c.
References rrset_cancel_update(), domain_struct::rrsets, and se_log_assert.
Referenced by zonedata_cancel_update().
void domain_cleanup | ( | domain_type * | domain | ) |
Clean up domain.
[in] | domain | domain to cleanup |
Clean up domain.
Definition at line 847 of file domain.c.
References domain_struct::name, domain_struct::rrsets, se_free(), and se_log_warning().
Referenced by zonedata_cleanup_domains().
int domain_count_rrset | ( | domain_type * | domain | ) |
Return the number of RRsets at this domain.
[in] | domain | domain |
Return the number of RRsets at this domain.
Definition at line 256 of file domain.c.
References domain_struct::rrsets, and se_log_assert.
Referenced by domain_examine_rrset_is_alone(), domain_update_status(), zonedata_nsecify(), and zonedata_update().
domain_type* domain_create | ( | ldns_rdf * | dname | ) |
Create empty domain.
[in] | dname | owner name |
Create empty domain.
Definition at line 65 of file domain.c.
References domain_struct::denial, domain_struct::domain_status, DOMAIN_STATUS_NONE, domain_struct::initialized, domain_struct::internal_serial, domain_struct::name, domain_struct::outbound_serial, domain_struct::parent, domain_struct::rrsets, se_log_assert, se_malloc(), domain_struct::subdomain_auth, and domain_struct::subdomain_count.
Referenced by zonedata_add_rr().
int domain_del_rr | ( | domain_type * | domain, |
ldns_rr * | rr | ||
) |
Delete RR from domain.
[in] | domain | domain |
[in] | rr | RR |
Delete RR from domain.
Definition at line 766 of file domain.c.
References domain_lookup_rrset(), domain_struct::name, rrset_del_rr(), domain_struct::rrsets, se_log_assert, and se_log_warning().
Referenced by zonedata_del_rr().
int domain_del_rrs | ( | domain_type * | domain | ) |
Delete all RRs from domain.
[in] | domain | domain |
Delete all RRs from domain.
Definition at line 792 of file domain.c.
References rrset_del_rrs(), domain_struct::rrsets, and se_log_assert.
Referenced by zonedata_del_rrs().
rrset_type* domain_del_rrset | ( | domain_type * | domain, |
rrset_type * | rrset, | ||
int | recover | ||
) |
Delete a RRset from the domain.
[in] | domain | domain |
[in] | rrset | RRset |
[in] | recover | if true, don't update domain status |
Delete RRset from domain.
Definition at line 221 of file domain.c.
References denial_struct::bitmap_changed, domain_struct::denial, domain_struct::name, rrset_struct::rr_type, rrset_cleanup(), domain_struct::rrsets, se_free(), se_log_assert, and se_log_error().
Referenced by domain_update().
int domain_examine_data_exists | ( | domain_type * | domain, |
ldns_rr_type | rrtype, | ||
int | skip_glue | ||
) |
Examine domain and verify if data exists.
[in] | domain | domain |
[in] | rrtype | RRtype look for a specific RRset |
[in] | skip_glue | skip glue records int 0 if data is alone, 1 otherwise |
Examine domain and verify if data exists.
Definition at line 271 of file domain.c.
References rrset_struct::rr_type, rrset_count_RR(), domain_struct::rrsets, and se_log_assert.
int domain_examine_ns_rdata | ( | domain_type * | domain, |
ldns_rdf * | nsdname | ||
) |
Examine domain NS RRset and verify its RDATA.
[in] | domain | domain |
[in] | nsdname | domain name that should match one of the NS RDATA |
Examine domain NS RRset and verify its RDATA.
Definition at line 308 of file domain.c.
References domain_lookup_rrset(), rrset_count_RR(), rrset_examine_ns_rdata(), and se_log_assert.
Referenced by domain_examine_valid_zonecut().
int domain_examine_rrset_is_alone | ( | domain_type * | domain, |
ldns_rr_type | rrtype | ||
) |
Examine domain and verify if there is no other data next to a RRset.
[in] | domain | domain |
[in] | rrtype | RRtype int 0 if the RRset is alone, 1 otherwise |
Examine domain and verify if there is no other data next to a RRset.
Definition at line 333 of file domain.c.
References rrset_struct::add, domain_count_rrset(), domain_lookup_rrset(), log_rr(), domain_struct::name, rrset_struct::rr_type, rrset_struct::rrs, rrset_count_RR(), domain_struct::rrsets, se_free(), se_log_assert, and se_log_error().
Referenced by zonedata_examine().
int domain_examine_rrset_is_singleton | ( | domain_type * | domain, |
ldns_rr_type | rrtype | ||
) |
Examine domain and verify if the RRset is a singleton.
[in] | domain | domain |
[in] | rrtype | RRtype int 0 if the RRset is a singleton, 1 otherwise |
Examine domain and verify if the RRset is a singleton.
Definition at line 438 of file domain.c.
References domain_lookup_rrset(), domain_struct::name, rrset_count_RR(), se_free(), se_log_assert, and se_log_error().
Referenced by zonedata_examine().
int domain_examine_valid_zonecut | ( | domain_type * | domain | ) |
Examine domain and verify if it is a valid zonecut (or no NS RRs).
[in] | domain | domain int 0 if the RRset is a valid zonecut (or no zonecut), 1 otherwise |
Examine domain and verify if there is no occluded data next to a delegation.
Definition at line 391 of file domain.c.
References domain_examine_ns_rdata(), domain_lookup_rrset(), domain_struct::name, rrset_struct::rr_type, rrset_count_RR(), domain_struct::rrsets, se_log_assert, and se_log_error().
rrset_type* domain_lookup_rrset | ( | domain_type * | domain, |
ldns_rr_type | type | ||
) |
Lookup a RRset within the domain.
[in] | domain | domain |
[in] | type | RRtype to look for |
Lookup RRset within domain.
Definition at line 171 of file domain.c.
References domain_struct::rrsets, and se_log_assert.
Referenced by domain_add_rr(), domain_del_rr(), domain_examine_ns_rdata(), domain_examine_rrset_is_alone(), domain_examine_rrset_is_singleton(), domain_examine_valid_zonecut(), domain_print(), domain_recover_rr_from_backup(), domain_recover_rrsig_from_backup(), and domain_update_status().
void domain_print | ( | FILE * | fd, |
domain_type * | domain | ||
) |
Print domain.
[in] | out | file descriptor |
[in] | domain | domain to print |
Print domain.
Definition at line 872 of file domain.c.
References domain_struct::denial, domain_lookup_rrset(), domain_struct::domain_status, DOMAIN_STATUS_APEX, DOMAIN_STATUS_NONE, DOMAIN_STATUS_OCCLUDED, domain_struct::parent, rrset_struct::rr_type, denial_struct::rrset, rrset_print(), and domain_struct::rrsets.
Referenced by zonedata_print().
void domain_print_nsec | ( | FILE * | fd, |
domain_type * | domain | ||
) |
Print NSEC(3)s at domain.
[in] | out | file descriptor |
[in] | domain | domain to print |
Print NSEC(3)s at this domain.
Definition at line 940 of file domain.c.
References denial_struct::bitmap_changed, domain_struct::denial, domain_struct::domain_status, DOMAIN_STATUS_HASH, domain_struct::internal_serial, domain_struct::name, denial_struct::nxt_changed, domain_struct::outbound_serial, denial_struct::owner, rrset_struct::rrs, denial_struct::rrset, se_free(), domain_struct::subdomain_auth, and domain_struct::subdomain_count.
Referenced by zonedata_print_nsec().
void domain_print_rrsig | ( | FILE * | fd, |
domain_type * | domain | ||
) |
Print RRSIGs at domain.
[in] | out | file descriptor |
[in] | domain | domain to print |
Print RRSIGs at this domain.
Definition at line 989 of file domain.c.
References domain_struct::denial, denial_struct::rrset, rrset_print_rrsig(), and domain_struct::rrsets.
Referenced by zonedata_print_rrsig().
domain_type* domain_recover_from_backup | ( | FILE * | fd, |
int * | curnxt, | ||
int * | curbm | ||
) |
Recover domain from backup.
[in] | fd | backup file descriptor |
[out] | curnxt | if denial nxt changed |
[out] | curbm | if denial bitmap changed |
Recover domain from backup.
Definition at line 89 of file domain.c.
References backup_read_int(), backup_read_size_t(), backup_read_str(), backup_read_uint32_t(), domain_struct::denial, domain_struct::domain_status, DOMAIN_STATUS_NONE, domain_struct::initialized, domain_struct::internal_serial, domain_struct::name, domain_struct::outbound_serial, domain_struct::parent, domain_struct::rrsets, se_free(), se_log_assert, se_log_deeebug(), se_log_error(), se_malloc(), domain_struct::subdomain_auth, and domain_struct::subdomain_count.
Referenced by zonedata_recover_from_backup().
int domain_recover_rr_from_backup | ( | domain_type * | domain, |
ldns_rr * | rr | ||
) |
Recover RR from backup.
[in] | domain | domain |
[in] | rr | RR |
Recover RR from backup.
Definition at line 696 of file domain.c.
References domain_add_rrset(), domain_lookup_rrset(), domain_struct::name, rrset_create(), rrset_recover_rr_from_backup(), domain_struct::rrsets, se_log_assert, and se_log_error().
Referenced by zonedata_recover_rr_from_backup().
int domain_recover_rrsig_from_backup | ( | domain_type * | domain, |
ldns_rr * | rrsig, | ||
ldns_rr_type | type_covered, | ||
const char * | locator, | ||
uint32_t | flags | ||
) |
Recover RRSIG from backup.
[in] | domain | domain |
[in] | rrsig | RRSIG |
[in] | type_covered | RRtype that is covered by rrsig |
[in] | locator | key locator |
[in] | flags | key flags |
Recover RRSIG from backup.
Definition at line 726 of file domain.c.
References domain_struct::denial, domain_lookup_rrset(), domain_struct::name, denial_struct::rrset, rrset_recover_rrsig_from_backup(), domain_struct::rrsets, se_log_assert, and se_log_error().
Referenced by zonedata_recover_rrsig_from_backup().
int domain_sign | ( | hsm_ctx_t * | ctx, |
domain_type * | domain, | ||
ldns_rdf * | owner, | ||
signconf_type * | sc, | ||
time_t | signtime, | ||
uint32_t | serial, | ||
stats_type * | stats | ||
) |
Sign domain.
[in] | ctx | HSM context |
[in] | domain | domain |
[in] | owner | owner of the zone |
[in] | sc | sign configuration |
[in] | signtime | time zone is being signed |
[in] | serial | outbound serial |
[out] | stats | update statistics |
Sign domain.
Definition at line 584 of file domain.c.
References domain_struct::denial, domain_struct::domain_status, DOMAIN_STATUS_APEX, DOMAIN_STATUS_DS, DOMAIN_STATUS_NONE, DOMAIN_STATUS_NS, DOMAIN_STATUS_OCCLUDED, rrset_struct::drop_signatures, rrset_struct::rr_type, rrset_struct::rrs, denial_struct::rrset, rrset_sign(), domain_struct::rrsets, se_log_assert, se_log_error(), and SE_SOA_RDATA_SERIAL.
Referenced by zonedata_sign().
int domain_update | ( | domain_type * | domain, |
uint32_t | serial | ||
) |
Update domain with pending changes.
[in] | domain | domain |
[in] | serial | version to update to |
Update domain with pending changes.
Definition at line 467 of file domain.c.
References DNS_SERIAL_GT, domain_del_rrset(), rrset_struct::drop_signatures, domain_struct::initialized, domain_struct::internal_serial, rrset_struct::rr_type, rrset_struct::rrs, rrset_count_rr(), rrset_update(), domain_struct::rrsets, se_log_assert, and se_log_error().
Referenced by zonedata_update().
void domain_update_status | ( | domain_type * | domain | ) |
Update domain status.
[in] | domain | domain |
Update domain status.
Definition at line 542 of file domain.c.
References domain_count_rrset(), domain_lookup_rrset(), domain_struct::domain_status, DOMAIN_STATUS_APEX, DOMAIN_STATUS_AUTH, DOMAIN_STATUS_DS, DOMAIN_STATUS_NS, DOMAIN_STATUS_OCCLUDED, domain_struct::parent, and se_log_assert.
Referenced by zonedata_entize().