| autotrust.h (256281) | autotrust.h (269257) |
|---|---|
| 1/* 2 * validator/autotrust.h - RFC5011 trust anchor management for unbound. 3 * 4 * Copyright (c) 2009, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without --- 7 unchanged lines hidden (view full) --- 16 * this list of conditions and the following disclaimer in the documentation 17 * and/or other materials provided with the distribution. 18 * 19 * Neither the name of the NLNET LABS nor the names of its contributors may 20 * be used to endorse or promote products derived from this software without 21 * specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | 1/* 2 * validator/autotrust.h - RFC5011 trust anchor management for unbound. 3 * 4 * Copyright (c) 2009, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without --- 7 unchanged lines hidden (view full) --- 16 * this list of conditions and the following disclaimer in the documentation 17 * and/or other materials provided with the distribution. 18 * 19 * Neither the name of the NLNET LABS nor the names of its contributors may 20 * be used to endorse or promote products derived from this software without 21 * specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| 24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 25 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 26 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE 27 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 28 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 30 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 31 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 32 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 33 * POSSIBILITY OF SUCH DAMAGE. | 24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 34 */ 35 36/** 37 * \file 38 * 39 * Contains autotrust definitions. 40 */ 41 42#ifndef VALIDATOR_AUTOTRUST_H 43#define VALIDATOR_AUTOTRUST_H 44#include "util/rbtree.h" 45#include "util/data/packed_rrset.h" 46struct val_anchors; 47struct trust_anchor; 48struct ub_packed_rrset_key; 49struct module_env; 50struct val_env; | 34 */ 35 36/** 37 * \file 38 * 39 * Contains autotrust definitions. 40 */ 41 42#ifndef VALIDATOR_AUTOTRUST_H 43#define VALIDATOR_AUTOTRUST_H 44#include "util/rbtree.h" 45#include "util/data/packed_rrset.h" 46struct val_anchors; 47struct trust_anchor; 48struct ub_packed_rrset_key; 49struct module_env; 50struct val_env; |
| 51struct sldns_buffer; |
|
| 51 52/** Autotrust anchor states */ 53typedef enum { 54 AUTR_STATE_START = 0, 55 AUTR_STATE_ADDPEND = 1, 56 AUTR_STATE_VALID = 2, 57 AUTR_STATE_MISSING = 3, 58 AUTR_STATE_REVOKED = 4, 59 AUTR_STATE_REMOVED = 5 60} autr_state_t; 61 62/** 63 * Autotrust metadata for one trust anchor key. 64 */ 65struct autr_ta { 66 /** next key */ 67 struct autr_ta* next; 68 /** the RR */ | 52 53/** Autotrust anchor states */ 54typedef enum { 55 AUTR_STATE_START = 0, 56 AUTR_STATE_ADDPEND = 1, 57 AUTR_STATE_VALID = 2, 58 AUTR_STATE_MISSING = 3, 59 AUTR_STATE_REVOKED = 4, 60 AUTR_STATE_REMOVED = 5 61} autr_state_t; 62 63/** 64 * Autotrust metadata for one trust anchor key. 65 */ 66struct autr_ta { 67 /** next key */ 68 struct autr_ta* next; 69 /** the RR */ |
| 69 ldns_rr* rr; | 70 uint8_t* rr; 71 /** length of rr */ 72 size_t rr_len, dname_len; |
| 70 /** last update of key state (new pending count keeps date the same) */ 71 time_t last_change; 72 /** 5011 state */ 73 autr_state_t s; 74 /** pending count */ 75 uint8_t pending_count; 76 /** fresh TA was seen */ 77 uint8_t fetched; --- 21 unchanged lines hidden (view full) --- 99 */ 100 time_t last_queried; 101 /** last successful DNSKEY set */ 102 time_t last_success; 103 /** next probe time */ 104 time_t next_probe_time; 105 106 /** when to query if !failed */ | 73 /** last update of key state (new pending count keeps date the same) */ 74 time_t last_change; 75 /** 5011 state */ 76 autr_state_t s; 77 /** pending count */ 78 uint8_t pending_count; 79 /** fresh TA was seen */ 80 uint8_t fetched; --- 21 unchanged lines hidden (view full) --- 102 */ 103 time_t last_queried; 104 /** last successful DNSKEY set */ 105 time_t last_success; 106 /** next probe time */ 107 time_t next_probe_time; 108 109 /** when to query if !failed */ |
| 107 uint32_t query_interval; | 110 time_t query_interval; |
| 108 /** when to retry if failed */ | 111 /** when to retry if failed */ |
| 109 uint32_t retry_time; | 112 time_t retry_time; |
| 110 111 /** 112 * How many times did it fail. diagnostic only (has no effect). 113 * Only updated if there was a dnskey rrset that failed to verify. 114 */ 115 uint8_t query_failed; 116 /** true if the trust point has been revoked */ 117 uint8_t revoked; --- 28 unchanged lines hidden (view full) --- 146size_t autr_get_num_anchors(struct val_anchors* anchors); 147 148/** 149 * Process probe timer. Add new probes if needed. 150 * @param env: module environment with time, with anchors and with the mesh. 151 * @return time of next probe (in seconds from now). 152 * If 0, then there is no next probe anymore (trust points deleted). 153 */ | 113 114 /** 115 * How many times did it fail. diagnostic only (has no effect). 116 * Only updated if there was a dnskey rrset that failed to verify. 117 */ 118 uint8_t query_failed; 119 /** true if the trust point has been revoked */ 120 uint8_t revoked; --- 28 unchanged lines hidden (view full) --- 149size_t autr_get_num_anchors(struct val_anchors* anchors); 150 151/** 152 * Process probe timer. Add new probes if needed. 153 * @param env: module environment with time, with anchors and with the mesh. 154 * @return time of next probe (in seconds from now). 155 * If 0, then there is no next probe anymore (trust points deleted). 156 */ |
| 154uint32_t autr_probe_timer(struct module_env* env); | 157time_t autr_probe_timer(struct module_env* env); |
| 155 156/** probe tree compare function */ 157int probetree_cmp(const void* x, const void* y); 158 159/** 160 * Read autotrust file. 161 * @param anchors: the anchors structure. 162 * @param nm: name of the file (copied). --- 31 unchanged lines hidden (view full) --- 194 195/** 196 * Debug printout of rfc5011 tracked anchors 197 * @param anchors: all the anchors. 198 */ 199void autr_debug_print(struct val_anchors* anchors); 200 201/** callback for query answer to 5011 probe */ | 158 159/** probe tree compare function */ 160int probetree_cmp(const void* x, const void* y); 161 162/** 163 * Read autotrust file. 164 * @param anchors: the anchors structure. 165 * @param nm: name of the file (copied). --- 31 unchanged lines hidden (view full) --- 197 198/** 199 * Debug printout of rfc5011 tracked anchors 200 * @param anchors: all the anchors. 201 */ 202void autr_debug_print(struct val_anchors* anchors); 203 204/** callback for query answer to 5011 probe */ |
| 202void probe_answer_cb(void* arg, int rcode, ldns_buffer* buf, | 205void probe_answer_cb(void* arg, int rcode, struct sldns_buffer* buf, |
| 203 enum sec_status sec, char* errinf); 204 205#endif /* VALIDATOR_AUTOTRUST_H */ | 206 enum sec_status sec, char* errinf); 207 208#endif /* VALIDATOR_AUTOTRUST_H */ |